last executing test programs:

5m44.406421391s ago: executing program 2 (id=1656):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000008095"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

5m43.039568572s ago: executing program 2 (id=1661):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000ff0100000000000000000000000000010000000e000000000200000000000000", @ANYRES32, @ANYRES8=r0, @ANYBLOB="000000000000000007000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000200000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

5m42.854321915s ago: executing program 2 (id=1664):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x8040)
ioctl$SG_BLKTRACESTOP(r4, 0x1275, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r6, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r7 = syz_io_uring_setup(0x497, &(0x7f0000000a40)={0x0, 0x4661, 0x800, 0x3, 0x20e}, &(0x7f0000000540)=<r8=>0x0, &(0x7f0000000680)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r6, 0x0, 0x0})
io_uring_enter(r7, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
close_range(r0, r6, 0x0)

5m41.915096482s ago: executing program 2 (id=1668):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
close(r0)

5m40.55610023s ago: executing program 2 (id=1672):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = dup(0xffffffffffffffff)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtaction={0x98, 0x30, 0x301, 0x70bd2c, 0x0, {0x0, 0x0, 0x1300}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x0, 0x0, 0xffffffe4}, 0x1, r4}}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x98}}, 0x0)

5m40.35746509s ago: executing program 2 (id=1675):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, &(0x7f00000002c0), &(0x7f0000000500)='%pK    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x370, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x13, r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x30, 0x5, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x18000, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}]}, &(0x7f0000000780)='GPL\x00', 0x3, 0xaa, &(0x7f0000000900)=""/170, 0x41100, 0x8, '\x00', 0x0, @fallback=0x13, r2, 0x8, &(0x7f00000007c0)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000800)={0x4, 0x5, 0x3ff, 0xa}, 0x10, 0x0, r1, 0x2, &(0x7f0000000a40)=[r2, r2, 0xffffffffffffffff, r0, r0, r4, r2, r2], &(0x7f0000000a80)=[{0x3, 0x2, 0x3, 0xb}, {0x4, 0x4, 0xc, 0xb}], 0x10, 0xa2c}, 0x94)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x101a02, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x800)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

5m24.640754324s ago: executing program 32 (id=1675):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, &(0x7f00000002c0), &(0x7f0000000500)='%pK    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x370, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x13, r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x30, 0x5, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x18000, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}]}, &(0x7f0000000780)='GPL\x00', 0x3, 0xaa, &(0x7f0000000900)=""/170, 0x41100, 0x8, '\x00', 0x0, @fallback=0x13, r2, 0x8, &(0x7f00000007c0)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000800)={0x4, 0x5, 0x3ff, 0xa}, 0x10, 0x0, r1, 0x2, &(0x7f0000000a40)=[r2, r2, 0xffffffffffffffff, r0, r0, r4, r2, r2], &(0x7f0000000a80)=[{0x3, 0x2, 0x3, 0xb}, {0x4, 0x4, 0xc, 0xb}], 0x10, 0xa2c}, 0x94)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x101a02, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x800)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2m16.656748571s ago: executing program 0 (id=2974):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)

2m16.429353698s ago: executing program 0 (id=2977):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, 0x0, 0x0, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0, 0x300}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/44, @ANYRES32=0x0], 0x30}], 0x1, 0x0)

2m16.389593859s ago: executing program 5 (id=2978):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f00000009c0)={0x105104000, 0x0, 0x0, 0x0, {0x36}, 0x0, 0x0, 0x0, &(0x7f0000000980)=[0x0], 0x1}, 0x58)

2m15.312585532s ago: executing program 5 (id=2980):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x2a0, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x8, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_route={{0xa}, {0x270, 0x2, [@TCA_ROUTE4_ACT={0xfffffffffffffdc8, 0x6, [@m_simple={0x1ac, 0x1c, 0x0, 0x0, {{0xb}, {0xbc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xb, 0x3, 'multiq\x00'}, @TCA_DEF_DATA={0xf, 0x3, 'syzkaller0\x00'}, @TCA_DEF_DATA={0x5, 0x3, '\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0xfffffffc, 0xdd9, 0xffffffffffffffff, 0x40, 0x1}}, @TCA_DEF_DATA={0x9, 0x3, '\b--{\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x4d, 0x5, 0x20000000, 0x7, 0x2}}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0xc, 0x1, 0x1e, 0x7f}}, @TCA_DEF_DATA={0xf, 0x3, 'syzkaller0\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x2, 0xffff, 0x1, 0xd, 0x1000}}, @TCA_DEF_PARMS={0x18, 0x2, {0xede7, 0x5, 0xffffffffdfffffff, 0x7b2e, 0x1}}]}, {0xc6, 0x6, "a5eb9f4145b402502e4c514c39694d69ab11d09266a973bd8e85a8c5b1fe18a71ae4cbdfe5ab0da07d0e39d4619472d84ecbc423fae14107765ec849cb8f940953249f0b0e9d6c325f48db6b3d32cd6ba65f2e5734c5ba1c9c60fc33a137f863af4a1ccda130f05370418ac00adb121c057dd65b1378248508cb49f868768ee7633e3e042f2e630f723d471f82572e3a31f2019a08836ac2ba6e14cebe9dfc31205c8ecb4bd6d8f036ffa2ae3c9e0801d46489ef122bc170e02ceb79818bffe0f9fe"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_sample={0xbc, 0x1c, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x40}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x6c2c, 0x7, 0x4, 0xb, 0x5}}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x5}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x4}]}, {0x60, 0x6, "59cc3f053d2756acf416f0c51731be9d87e9f8f9fd7ebf28f189f7591f623d534a911239882a51032ea28c90380d160eb4444bcb5a08db49aad47c65945aca32b4f10cfcd458eecbbe1849237e51b7f8c15830bc0de557243e405187"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x2a0}, 0x1, 0x0, 0x0, 0x10}, 0x34000014)

2m15.276436905s ago: executing program 0 (id=2981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0x6a}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000"], 0x44}}, 0x0)

2m14.90443938s ago: executing program 0 (id=2985):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7fff}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
umount2(&(0x7f0000000140)='./file0\x00', 0x0)

2m14.627332386s ago: executing program 0 (id=2988):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x42002)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000002680), 0x0, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0)

2m14.575353921s ago: executing program 5 (id=2989):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)

2m14.384287268s ago: executing program 5 (id=2992):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
lsm_get_self_attr(0x69, &(0x7f0000000580)={0x0, 0x0, 0xad, 0x8d, ""/141}, &(0x7f0000000080)=0xad, 0x0)

2m14.110370048s ago: executing program 5 (id=2995):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x4}, 0x1c)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth0_to_hsr\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f00000000c0)="040088", 0x3, 0x10004894, &(0x7f0000000200)={0x11, 0x8100, r2, 0x1, 0xe0, 0x6, @remote}, 0x14)

2m14.016123475s ago: executing program 5 (id=2997):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
unshare(0x62040200)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f00000001c0)={0x11, 0xd, 0x2, 0x9, 0x5, 0x1, 0x2, 0xa6, 0x1})

2m13.393249276s ago: executing program 0 (id=3001):
pivot_root(0x0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
unshare(0x64000600)

1m58.722477893s ago: executing program 33 (id=2997):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
unshare(0x62040200)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f00000001c0)={0x11, 0xd, 0x2, 0x9, 0x5, 0x1, 0x2, 0xa6, 0x1})

1m58.111470332s ago: executing program 34 (id=3001):
pivot_root(0x0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
unshare(0x64000600)

40.444953883s ago: executing program 3 (id=3455):
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7fffffff, &(0x7f0000000500)=[{&(0x7f0000000580)="96", 0x1}], 0x1, 0x10, 0x1, {0x2}})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

40.064413439s ago: executing program 3 (id=3458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="19000000040000000800000003"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

39.547456789s ago: executing program 3 (id=3462):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, &(0x7f0000001080), 0x0, 0x0)

39.537635146s ago: executing program 6 (id=3463):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x7, 0x30}, 0xc)
sendto$inet6(r0, &(0x7f0000000480)="aa", 0x1, 0x20000000, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x1, 0x20}, 0xc)
writev(r0, &(0x7f00000003c0), 0x0)

39.359369025s ago: executing program 3 (id=3465):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000001f)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), &(0x7f0000000440)='%-010d \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', 0xffffffffffffffff, 0x0, 0xb}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

39.282829235s ago: executing program 6 (id=3466):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x5c233}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}, @IFLA_BOND_AD_ACTOR_SYS_PRIO={0x6, 0x18, 0x3}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x24040040)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x40}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')

39.145396951s ago: executing program 3 (id=3470):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02"], 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

38.431312669s ago: executing program 3 (id=3472):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
futex(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x82)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
close(0xffffffffffffffff)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)

37.399103235s ago: executing program 6 (id=3478):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000ec0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

37.19165913s ago: executing program 6 (id=3482):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02"], 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

37.172270414s ago: executing program 1 (id=3483):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)="d0", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)="7567aa95d5f9ec9ba8fdf524e16821dd4126b0cd706ce18aefa4e9107508ae5bc12c7abd6849044a4f6a8bffaa7295a986e669513e889dd7093de6b43a62809e95bccd974baa55b20b0b59898902ea133e2f16a71b1ff8e06f8a052166ed834187363a8625c15092fdd96ef9ce5ff738d9cee05118723176f86db663a3aee99bbe01af037981d9af0d30604295e3e0942894700799ccbd77940c14ffe9254dc39fd0a56220c3993c237abb44c47d74bf8ea6cc0be8eda34aa62ce7d564c88c63b2899a313f", 0xc5}], 0x1, &(0x7f0000000440)}}], 0x2, 0x0)

36.79098654s ago: executing program 6 (id=3485):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

36.52770733s ago: executing program 1 (id=3487):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = timerfd_create(0x0, 0x800)
timerfd_settime(r0, 0x3, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0xe000001a})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

35.508022669s ago: executing program 6 (id=3489):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1ad8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)

31.26820969s ago: executing program 7 (id=3490):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
openat$binfmt(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)

30.941015979s ago: executing program 1 (id=3491):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)

30.778435898s ago: executing program 7 (id=3492):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000ec0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

30.658072148s ago: executing program 4 (id=3493):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12)

28.000560084s ago: executing program 1 (id=3494):
unshare(0x24060400)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
connect$unix(r0, &(0x7f0000000100)=@abs={0x1}, 0x6e)

28.000318328s ago: executing program 4 (id=3495):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02"], 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

27.999599697s ago: executing program 7 (id=3496):
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000080)={{}, 0x2, 0x1, 0x4})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001200000008000800000000000800090000000100180001801400020076657468305f746f5f626f6e640000000800090000000000080006"], 0x4c}}, 0x0)

20.030090728s ago: executing program 35 (id=3472):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
futex(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x82)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
close(0xffffffffffffffff)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)

19.432227594s ago: executing program 36 (id=3489):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1ad8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)

19.37688107s ago: executing program 4 (id=3499):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2004}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000ae000000b703000007000000850000000e000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x10)

19.368179224s ago: executing program 7 (id=3500):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sock_addr=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = socket(0x11, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r5=>0x0})
bind$packet(r3, &(0x7f0000000180)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r3, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="020114000129184ad4a08058195c60140000002f0600ac141414e0ecff02808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e46691e233da4d163f53ab1b3f65c3042e749c2d4c8303a0f7fbda34fb"], 0xdd12}], 0x1, 0x0, 0x0, 0x4008084}, 0x10)

19.039890355s ago: executing program 4 (id=3501):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = timerfd_create(0x0, 0x800)
timerfd_settime(r0, 0x3, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0xe000001a})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

18.944173366s ago: executing program 1 (id=3502):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
openat$binfmt(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)

18.656703737s ago: executing program 7 (id=3503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="19000000040000000800000003"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

18.407101499s ago: executing program 1 (id=3504):
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000840)={0x1, 0x0, @pic={0x1, 0xfb, 0xc, 0x3, 0x6, 0x3, 0x4, 0x6, 0xfd, 0x0, 0x4, 0xe4, 0x80, 0x3, 0x83, 0x3}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01e6290451348fb64700000000000000b98000"], 0x5e})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0191e6d595bab8c4b500006490321db49c531a00000f01d967460f"], 0x54})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x4000003, 0xfc, 0x2, 0xc, 0xff, 0x8, 0x6, 0x1, 0x0, 0x7, 0x5, 0x4, 0x72, 0x7, 0xfa, '\x00', 0x3, 0x3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x240, 0x0)

18.013638343s ago: executing program 7 (id=3505):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000015c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0904000000000000000c537a044fe25d7d431b580567290002000003240004800c000180080001006c6f6700140001800c000100636f756e74657200040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x78}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = memfd_secret(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x3, 0x16, &(0x7f0000000940)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x36}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r3, r2, 0x2f, 0x4608, @void}, 0x10)
syz_io_uring_setup(0x27c, &(0x7f0000001440)={0x0, 0x4673, 0x40, 0x1, 0x297, 0x0, r2}, &(0x7f00000000c0), 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={r3, r2, 0x2f, 0x4608, @val=@iter={0x0, 0x2}}, 0x40)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)={0x14, 0x4, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r7, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0x0, 0x5, {0x8001, 0x6, 0x0, 0x4, 0x0, 0x0, 0xfffc, 0xfffd, 0x2004, 0x3, 0x0, 0x0, 0x7fffffff, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}})
syz_usb_connect(0x0, 0x911, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0xab, 0xf0, 0xdf, 0x20, 0x419, 0xaaf6, 0x100, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8ff, 0x3, 0x2, 0xfb, 0xa0, 0x8, [{{0x9, 0x4, 0xfc, 0xdb, 0x7, 0xf5, 0x2a, 0x86, 0x40, [@uac_control={{0xa, 0x24, 0x1, 0x7, 0x1}, [@extension_unit={0x7, 0x24, 0x8, 0x6, 0xe25b, 0x4}, @feature_unit={0xf, 0x24, 0x6, 0x6, 0x5, 0x4, [0x4, 0x1, 0x3, 0x6]}, @mixer_unit={0x8, 0x24, 0x4, 0x3, 0x3, "822a16"}, @processing_unit={0x7, 0x24, 0x7, 0x5, 0x0, 0xfe}, @extension_unit={0x9, 0x24, 0x8, 0x1, 0x400, 0x1, "40cd"}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x283, 0x2, 0x6, 0x7}]}, @generic={0xb7, 0x22, "c7c8bd384b0532a6a68f439f94f9b60952668efef0565afde2a9127741915599a50d6ad5aa36d8afc7d61fb87873d94076690b577ca4f166a02dd419cd34dd25907cc358faea34b9346758a3286c7b7652e6bca9a2003e17da1ee92e60be8039048b4f5d5d8b4c5f6c0f22827676c25bf14d726b8e9fd2fb4577cd9907165834d1f3e02ebe34a11dc7708013c0502f177e83335bb4e0a4c5928f315569556602000936545cbe4195ab70a9d41f28469e551baeeb87"}], [{{0x9, 0x5, 0xa, 0x4, 0x20, 0x6, 0x5, 0x2}}, {{0x9, 0x5, 0xb, 0x0, 0x8, 0x7f, 0xc0, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0x4}]}}, {{0x9, 0x5, 0xe, 0x0, 0x8, 0x8, 0xa6, 0x2, [@generic={0x22, 0x21, "2c84bb97ee0ec7262d93f7671c02db0d5977cc9635f5b01efbc7a294da23906b"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x1}]}}, {{0x9, 0x5, 0x7, 0x3, 0x8, 0x7, 0x7, 0x42, [@generic={0x5, 0x2c, "a41354"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0xdb, 0x7}]}}, {{0x9, 0x5, 0xc, 0x0, 0x10, 0x6, 0x4, 0x3, [@generic={0xce, 0xc, "30b8ff49522586340d861d992bd41bb11e51b538d32979a58c01ff85cd447c31c3d3b0a624cf6a469d597347ec317ec69548d50565977887f2f8ea9c1b1b7c31ba6dc277b116498fcd72502d2f5cab469a1878c571341291ed658a483751379b05f7ce89df10aec58007ff724feac32298c2ede000a3ee7c04977d5e493948cac15e5b5d75f98c938af6a54b738a406e7f1c709b9e735d525675ae49d1a1e6611155bf514a632b5992a1973489d737617ff3ee1eb58fd429e80e5a4bf55d298cd3bee189f1a0bb46624bfe78"}, @generic={0x4a, 0x0, "c7610540887445a19821968a0b72e9b1ce29bec3a90d21f5d0bbb93087e6a956af55370e97223140c5be9ecd8118717c8b28c5856a619756c4606f33e5a39343794f7969a4096768"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x8, 0x80, 0xf7, 0xe7, [@generic={0xb7, 0xc, "89ede3c0e637d4c3774f12a7861000129d0840b4de7061372ecefdb75cff66d4fc75cdf3083c00ba647a0917f99cd9fec980055791344749c84604e30e287111f76b672202103a403db66b4d7cd7658898be1b520398353c4e9d88353829bcb38a04bf945d85fac4140ba961c88dcd6a1da944ce187190be51fabd9a0f9730af2e1629e4ced38b9bcc7ce97edc6023b8240fca464ebc6c79a0a78ce212e547417c4db9316cf108ff3238173d254e8ae9f1a9a799af"}, @generic={0x62, 0x5, "4491c35c5332feb3f8eb4e00d944bb46fdcb262bc69007538f245e64252816f1a985134288cc438607f39cff88c1ae2e91f0ea194eb245af20a8c1f60c4e2fd99ee9c425b90ea57ec282fabc1254b1c16ec18fa49b5a355a53eefdcaa31d28c5"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0xfb, 0x80, 0x4}}]}}, {{0x9, 0x4, 0xd8, 0x93, 0x2, 0xbc, 0x24, 0x29, 0x2, [@cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "0759cc71"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x96, 0x2, 0x3ff, 0x1}, {0x6, 0x24, 0x1a, 0xd5, 0x4}, [@acm={0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x4}]}, @hid_hid={0x9, 0x21, 0x1, 0x8, 0x1, {0x22, 0xe69}}], [{{0x9, 0x5, 0x4, 0xc, 0x200, 0x8, 0x10, 0x2}}, {{0x9, 0x5, 0xa, 0x8, 0x20, 0x9d, 0x2, 0x7f, [@generic={0x8e, 0x6, "a9629e2f21b54a30e509ead2840f7c383e98aa58383a04d99be8787008592dc9b6c6c808606185931ad40f46b315e5b43a81d0f27e4386330c30c320bbc5b586538e038d5caa5eb87444ecccfc7e6d0cd8f74aa518f22395f9e1bc4c774705be6d1922c6394c63a936c35314ed4b816e6d82c15b0ec1ac78f53d8d57048e3e0e7d4bcfd997690ca728360f14"}]}}]}}, {{0x9, 0x4, 0x41, 0x9, 0xc, 0x47, 0x9, 0x15, 0x8, [@cdc_ncm={{0x7, 0x24, 0x6, 0x0, 0x1, "c92b"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x373, 0x9, 0xb432, 0x6}, {0x6, 0x24, 0x1a, 0x5, 0x14}, [@mbim={0xc, 0x24, 0x1b, 0x3f2, 0x8000, 0x5, 0x9, 0x7, 0x78}, @network_terminal={0x7, 0x24, 0xa, 0x4, 0x16, 0x0, 0x7}, @mdlm_detail={0x93, 0x24, 0x13, 0x6, "9f3e1488762e3644b01568f7c77d9f3b57c48d0faf7156d5cfa6c323f5824281277af4ce27e75cbef44cf124e1e64cd3c33e9e64e58d7f3d17ef4a69b2fa9c3717afe02319ab7ca5f436e1bea041418773d4ef1b6d9499a5783709dc3ce3ab276c6d1f09fbcbbc49fb65231088624469d1d770463e80c13482c9d05150144f72e8abf28b09b19a739493bc99d7447b"}, @obex={0x5, 0x24, 0x15, 0x938e}]}], [{{0x9, 0x5, 0xa, 0x10, 0x400, 0x5, 0x3, 0x2, [@generic={0x53, 0x21, "f487b9f7befff64a9f7fd7b978a75ed99b9e6005e6e0b13480c986ef1e08b7fc0aa857362c799025c421402d1bed927a8f0af8bc2135b103683055b467f8e02108ec848ff33fb4da565f62a77d347d03de"}]}}, {{0x9, 0x5, 0x3, 0x3, 0x3ff, 0x90, 0xc, 0x10, [@generic={0xc7, 0xa, "0b82502859053ff1deb33be278255b1b2fc59ae8bfc194c4a95ceab62b5d718a1ce7bd2480c051b4b3c650035d80d8702dad6078df97b527cf3ef1740e1b3147c668e6ee1238ecdeedd4c3fd76c1dac7b15b590ec4010128455e26f46193c0907eb641407935fd42ca0ab59df37a0bfdaa87b3de6d808371bd685dbb65d82ded3e053f56487293856704c8034d6bd668bd16e270e9edae0b7d834891d33ffc3bfe85ea9bf62b396215a81830fd602e17417af997eef5cd8483aed288c373fe8cc507912e9e"}, @generic={0x6f, 0xa94a764ca2706424, "fb7337aed681b06157a4d23eb5615024a5e62690980b9d93ecb8e69b528e6cc629ba5d98ee7a6f4dc40819b35293b02797fb12e95df3aefc9503c1fac02fa1478f43e583d79991ff99afdb0e98a2d63165bba683962493c2d01c8089109b81cc9d773035c8bb4ba3b200fd68a3"}]}}, {{0x9, 0x5, 0x1, 0xc, 0x8, 0x5b, 0x7, 0x9, [@generic={0x2, 0x3}]}}, {{0x9, 0x5, 0x5, 0x0, 0x0, 0x8, 0x7, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xfa, 0x3}]}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x9, 0x5, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xfb}]}}, {{0x9, 0x5, 0xc, 0x3, 0x400, 0x6, 0x10, 0x9f, [@generic={0x4a, 0x5, "fae8ae195343c429a96af6b2164d01a68ea315b5a851473e19bed2453d552b4be9268addbcac4b4dc1fb81e0a2e7fc5236695331f0ebf0d37f0814471174a6d8cbcd1c73ede8b68c"}]}}, {{0x9, 0x5, 0xd, 0x3, 0x20, 0x40, 0x7, 0x1}}, {{0x9, 0x5, 0x8, 0x4, 0x10, 0x9, 0x75, 0x3}}, {{0x9, 0x5, 0x5, 0x10, 0x200, 0x7f, 0x5d}}, {{0x9, 0x5, 0x7, 0x2, 0x10, 0x6, 0x9, 0x44, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x65, 0x5}, @generic={0xc5, 0x2, "a6da592c373db2bdcf7f2102d1ab2b36936baf03f321e3cdd48e7a9d107aa95695456e38f5c485c3a4fdb0fddffb569d5363c505240deb566c4f93e3cd8165f70aa779c529afdee5c1cb6c5297fee4345b9c88e9a4ac1491d74d5563b44fc710653ef34047bb855a586a3de3d2c0f9a646bd8ea5c2381803442ecca837dedab28ee7e3a70a96a5e2875e936da5c47b9dc1e1c0c1820e6b9b09ba2a07d36caa90b0537ff0946f1b9f8bcc0f8ff117861b40808588552896e7ac5053194317a3127f7625"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x3ff, 0xfd, 0x2, 0x0, [@generic={0x2, 0x6}, @generic={0x77, 0x21, "5cc82b60259c8443ec705bf4f971fbdb4d69a43843be092bd07bf9854fd705be398526ff234dfada850efa117e20fa9de9872418875629cdf7de7319f88ff3af136cafb23869a303270266e80c2890d97d503564189f8eb5ce6ea9a7e6bc796b8c5c77105a2ab9d6faccf419bb85187be6f6e2f913"}]}}, {{0x9, 0x5, 0xb, 0x4, 0x50, 0x81, 0x5e, 0xd5, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x3, 0x1}]}}]}}]}}]}}, &(0x7f0000001300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x7, 0xf7, 0x5, 0x40, 0x6}, 0x15c, &(0x7f0000000dc0)={0x5, 0xf, 0x15c, 0x4, [@generic={0x93, 0x10, 0xe, "1850d2272e977c26df9333250bbdc731fed4e373488210c52efb55776610754b06acd7331cc6fdfd3be961c5d752a13bda0360cbba078f765198cc988f4888888c4bd76bfe71007c6a1e6ffc46828659793e39a39e61245467410e6beab80df6425cfb29bbe55fec5ca19a7ebeb3d2612f9951eb7ddc2378849652ca32238c83e6d57f3a7ac87eee57a3261658345708"}, @wireless={0xb, 0x10, 0x1, 0xc, 0xe6, 0x25, 0x7, 0x0, 0x6}, @generic={0xaf, 0x10, 0x1, "2a76d26d097608c64ca6ac8581ec37f901460d6e9e8d2b5aba9420b97b19859c9250ff2b418c115f6bb5b3cf439f09b1d16f59be9723ff60c796c8d568373065eccfab09c6e877cef9fa8a052bea44d8519391315967f72065e30b2acaf64c57fdf8306d23081fbf4079757204f9fd6f1f342d5deabddb7054e1f0b986660deb8d3cc96ebe2e92dc3aa5f42868c6d8bdf06477fab33f6e2511052c75b10fe2d08a99645c745cf14881fd9383"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x9, 0xa, 0x9}]}, 0x9, [{0xe8, &(0x7f0000000f40)=@string={0xe8, 0x3, "a08fcd057362ea3b90e2a97d0ea52c888760d88adc574c4d511c0fc2ee192b5a85593a74172468a169dfe4232d6af0a767d945e9ae20e565cdfb196e0306d622d5476107794418b138bf469d28fcb3f9575c883dec505f8ae80de7bfc94d44f84d78955c95e2ebff2904ae6867cb65af81fc55db510d7756f9a6dda154f6c768aa96e901fc7b6cbf5624c33f297b25fab5a47052038571a7ffe53a7e0c6c3bad10b461fbb917424e51d6ee4815f853cb21c1f1b6f911bfc576313393f644f492049cdf299018920e77da1f02593611e93de30db7b3fde2e76d398bec9df963a4f9b1a6b0b06f"}}, {0xbc, &(0x7f0000001040)=@string={0xbc, 0x3, "124294f7f651fb8495f9a31b1175282877a11dbefd32fefaa726c84ff5445f585d7b338779f0f9080b3f16004b5fe44aea8c7990e5957ea33586051332ac3e78b15c6cd7de2ce689d4c502a244c4e1637a76f89c1334ebbf1a68e99baee4bb52bc951a5f0b79ddacb169756b90055e7e767cd6b6a427385769adb56249a2ffa1af456bcebc32f361bf2500b025e38a9bff49bf0f1f98fe597f51237a80cc016c2948007b4955e190eb4709ea0b4c827f7ed34a35a0133b4002a3"}}, {0x29, &(0x7f0000000040)=@string={0x29, 0x3, "45a534c03b7f4d1a65336b12d6d9725137b5dedecebb035126dd85a41a85aeeeff2d8d81491f7c"}}, {0x4, &(0x7f0000000080)=@lang_id={0x4, 0x3, 0x1809}}, {0x4, &(0x7f0000001100)=@lang_id={0x4, 0x3, 0x812}}, {0x54, &(0x7f0000001140)=@string={0x54, 0x3, "3b0bafe46b05ef8cf9cb66136b679df620c5e5decd76fda59052f4324e7e5c5ee711d2c311d9400705631c964627c30bbceb0b9ec20335b3856a63a7a93988d3c993a5a47375a8512dcbe820fdf6849958e0"}}, {0x86, &(0x7f00000011c0)=@string={0x86, 0x3, "d51e47d2001c9888be806134d0e8541ba4b6e8a92ba21281903a1c6bed2e7e9c23c689fd8c84ff9a46e3201354b0fb72afdc8c1ba85e3e0500c334c1fa02b465b1c28fc870c553156d6879e48ea21904c8aec869396776f9dee808a03689477be67070301e235091b6e9092f5fbb23ca921fa77b86438cfc9c782d53028d99c01bcf0ef3"}}, {0x6, &(0x7f0000001280)=@string={0x6, 0x3, "76fb1656"}}, {0x10, &(0x7f00000012c0)=@string={0x10, 0x3, "9e81438e4fb7582c77ebfdfa142b"}}]})

15.80963855s ago: executing program 4 (id=3506):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12)

15.639279561s ago: executing program 4 (id=3507):
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000001c0))
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000280)={0x7, 0x100, "77c638b05041a0115f44304807e55536b7fc5ae52727d800", 0x1ff, 0x5, 0x79, 0xdf4})
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BEACON(r7, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f00000003c0)={0x34, r8, 0x1, 0x4, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0xfffffffd}}}}, [@NL80211_ATTR_IE_ASSOC_RESP={0xa, 0xe, [@ext_channel_switch={0x1c, 0x4, {0xfc, 0x0, 0x38}}]}]}, 0x34}}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

997.362891ms ago: executing program 37 (id=3504):
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000840)={0x1, 0x0, @pic={0x1, 0xfb, 0xc, 0x3, 0x6, 0x3, 0x4, 0x6, 0xfd, 0x0, 0x4, 0xe4, 0x80, 0x3, 0x83, 0x3}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01e6290451348fb64700000000000000b98000"], 0x5e})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0191e6d595bab8c4b500006490321db49c531a00000f01d967460f"], 0x54})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x4000003, 0xfc, 0x2, 0xc, 0xff, 0x8, 0x6, 0x1, 0x0, 0x7, 0x5, 0x4, 0x72, 0x7, 0xfa, '\x00', 0x3, 0x3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x240, 0x0)

840.870307ms ago: executing program 38 (id=3505):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000015c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0904000000000000000c537a044fe25d7d431b580567290002000003240004800c000180080001006c6f6700140001800c000100636f756e74657200040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x78}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = memfd_secret(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x3, 0x16, &(0x7f0000000940)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x36}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r3, r2, 0x2f, 0x4608, @void}, 0x10)
syz_io_uring_setup(0x27c, &(0x7f0000001440)={0x0, 0x4673, 0x40, 0x1, 0x297, 0x0, r2}, &(0x7f00000000c0), 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={r3, r2, 0x2f, 0x4608, @val=@iter={0x0, 0x2}}, 0x40)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)={0x14, 0x4, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r7, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0x0, 0x5, {0x8001, 0x6, 0x0, 0x4, 0x0, 0x0, 0xfffc, 0xfffd, 0x2004, 0x3, 0x0, 0x0, 0x7fffffff, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}})
syz_usb_connect(0x0, 0x911, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0xab, 0xf0, 0xdf, 0x20, 0x419, 0xaaf6, 0x100, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8ff, 0x3, 0x2, 0xfb, 0xa0, 0x8, [{{0x9, 0x4, 0xfc, 0xdb, 0x7, 0xf5, 0x2a, 0x86, 0x40, [@uac_control={{0xa, 0x24, 0x1, 0x7, 0x1}, [@extension_unit={0x7, 0x24, 0x8, 0x6, 0xe25b, 0x4}, @feature_unit={0xf, 0x24, 0x6, 0x6, 0x5, 0x4, [0x4, 0x1, 0x3, 0x6]}, @mixer_unit={0x8, 0x24, 0x4, 0x3, 0x3, "822a16"}, @processing_unit={0x7, 0x24, 0x7, 0x5, 0x0, 0xfe}, @extension_unit={0x9, 0x24, 0x8, 0x1, 0x400, 0x1, "40cd"}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x283, 0x2, 0x6, 0x7}]}, @generic={0xb7, 0x22, "c7c8bd384b0532a6a68f439f94f9b60952668efef0565afde2a9127741915599a50d6ad5aa36d8afc7d61fb87873d94076690b577ca4f166a02dd419cd34dd25907cc358faea34b9346758a3286c7b7652e6bca9a2003e17da1ee92e60be8039048b4f5d5d8b4c5f6c0f22827676c25bf14d726b8e9fd2fb4577cd9907165834d1f3e02ebe34a11dc7708013c0502f177e83335bb4e0a4c5928f315569556602000936545cbe4195ab70a9d41f28469e551baeeb87"}], [{{0x9, 0x5, 0xa, 0x4, 0x20, 0x6, 0x5, 0x2}}, {{0x9, 0x5, 0xb, 0x0, 0x8, 0x7f, 0xc0, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0x4}]}}, {{0x9, 0x5, 0xe, 0x0, 0x8, 0x8, 0xa6, 0x2, [@generic={0x22, 0x21, "2c84bb97ee0ec7262d93f7671c02db0d5977cc9635f5b01efbc7a294da23906b"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x1}]}}, {{0x9, 0x5, 0x7, 0x3, 0x8, 0x7, 0x7, 0x42, [@generic={0x5, 0x2c, "a41354"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0xdb, 0x7}]}}, {{0x9, 0x5, 0xc, 0x0, 0x10, 0x6, 0x4, 0x3, [@generic={0xce, 0xc, "30b8ff49522586340d861d992bd41bb11e51b538d32979a58c01ff85cd447c31c3d3b0a624cf6a469d597347ec317ec69548d50565977887f2f8ea9c1b1b7c31ba6dc277b116498fcd72502d2f5cab469a1878c571341291ed658a483751379b05f7ce89df10aec58007ff724feac32298c2ede000a3ee7c04977d5e493948cac15e5b5d75f98c938af6a54b738a406e7f1c709b9e735d525675ae49d1a1e6611155bf514a632b5992a1973489d737617ff3ee1eb58fd429e80e5a4bf55d298cd3bee189f1a0bb46624bfe78"}, @generic={0x4a, 0x0, "c7610540887445a19821968a0b72e9b1ce29bec3a90d21f5d0bbb93087e6a956af55370e97223140c5be9ecd8118717c8b28c5856a619756c4606f33e5a39343794f7969a4096768"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x8, 0x80, 0xf7, 0xe7, [@generic={0xb7, 0xc, "89ede3c0e637d4c3774f12a7861000129d0840b4de7061372ecefdb75cff66d4fc75cdf3083c00ba647a0917f99cd9fec980055791344749c84604e30e287111f76b672202103a403db66b4d7cd7658898be1b520398353c4e9d88353829bcb38a04bf945d85fac4140ba961c88dcd6a1da944ce187190be51fabd9a0f9730af2e1629e4ced38b9bcc7ce97edc6023b8240fca464ebc6c79a0a78ce212e547417c4db9316cf108ff3238173d254e8ae9f1a9a799af"}, @generic={0x62, 0x5, "4491c35c5332feb3f8eb4e00d944bb46fdcb262bc69007538f245e64252816f1a985134288cc438607f39cff88c1ae2e91f0ea194eb245af20a8c1f60c4e2fd99ee9c425b90ea57ec282fabc1254b1c16ec18fa49b5a355a53eefdcaa31d28c5"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0xfb, 0x80, 0x4}}]}}, {{0x9, 0x4, 0xd8, 0x93, 0x2, 0xbc, 0x24, 0x29, 0x2, [@cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "0759cc71"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x96, 0x2, 0x3ff, 0x1}, {0x6, 0x24, 0x1a, 0xd5, 0x4}, [@acm={0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x4}]}, @hid_hid={0x9, 0x21, 0x1, 0x8, 0x1, {0x22, 0xe69}}], [{{0x9, 0x5, 0x4, 0xc, 0x200, 0x8, 0x10, 0x2}}, {{0x9, 0x5, 0xa, 0x8, 0x20, 0x9d, 0x2, 0x7f, [@generic={0x8e, 0x6, "a9629e2f21b54a30e509ead2840f7c383e98aa58383a04d99be8787008592dc9b6c6c808606185931ad40f46b315e5b43a81d0f27e4386330c30c320bbc5b586538e038d5caa5eb87444ecccfc7e6d0cd8f74aa518f22395f9e1bc4c774705be6d1922c6394c63a936c35314ed4b816e6d82c15b0ec1ac78f53d8d57048e3e0e7d4bcfd997690ca728360f14"}]}}]}}, {{0x9, 0x4, 0x41, 0x9, 0xc, 0x47, 0x9, 0x15, 0x8, [@cdc_ncm={{0x7, 0x24, 0x6, 0x0, 0x1, "c92b"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x373, 0x9, 0xb432, 0x6}, {0x6, 0x24, 0x1a, 0x5, 0x14}, [@mbim={0xc, 0x24, 0x1b, 0x3f2, 0x8000, 0x5, 0x9, 0x7, 0x78}, @network_terminal={0x7, 0x24, 0xa, 0x4, 0x16, 0x0, 0x7}, @mdlm_detail={0x93, 0x24, 0x13, 0x6, "9f3e1488762e3644b01568f7c77d9f3b57c48d0faf7156d5cfa6c323f5824281277af4ce27e75cbef44cf124e1e64cd3c33e9e64e58d7f3d17ef4a69b2fa9c3717afe02319ab7ca5f436e1bea041418773d4ef1b6d9499a5783709dc3ce3ab276c6d1f09fbcbbc49fb65231088624469d1d770463e80c13482c9d05150144f72e8abf28b09b19a739493bc99d7447b"}, @obex={0x5, 0x24, 0x15, 0x938e}]}], [{{0x9, 0x5, 0xa, 0x10, 0x400, 0x5, 0x3, 0x2, [@generic={0x53, 0x21, "f487b9f7befff64a9f7fd7b978a75ed99b9e6005e6e0b13480c986ef1e08b7fc0aa857362c799025c421402d1bed927a8f0af8bc2135b103683055b467f8e02108ec848ff33fb4da565f62a77d347d03de"}]}}, {{0x9, 0x5, 0x3, 0x3, 0x3ff, 0x90, 0xc, 0x10, [@generic={0xc7, 0xa, "0b82502859053ff1deb33be278255b1b2fc59ae8bfc194c4a95ceab62b5d718a1ce7bd2480c051b4b3c650035d80d8702dad6078df97b527cf3ef1740e1b3147c668e6ee1238ecdeedd4c3fd76c1dac7b15b590ec4010128455e26f46193c0907eb641407935fd42ca0ab59df37a0bfdaa87b3de6d808371bd685dbb65d82ded3e053f56487293856704c8034d6bd668bd16e270e9edae0b7d834891d33ffc3bfe85ea9bf62b396215a81830fd602e17417af997eef5cd8483aed288c373fe8cc507912e9e"}, @generic={0x6f, 0xa94a764ca2706424, "fb7337aed681b06157a4d23eb5615024a5e62690980b9d93ecb8e69b528e6cc629ba5d98ee7a6f4dc40819b35293b02797fb12e95df3aefc9503c1fac02fa1478f43e583d79991ff99afdb0e98a2d63165bba683962493c2d01c8089109b81cc9d773035c8bb4ba3b200fd68a3"}]}}, {{0x9, 0x5, 0x1, 0xc, 0x8, 0x5b, 0x7, 0x9, [@generic={0x2, 0x3}]}}, {{0x9, 0x5, 0x5, 0x0, 0x0, 0x8, 0x7, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xfa, 0x3}]}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x9, 0x5, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xfb}]}}, {{0x9, 0x5, 0xc, 0x3, 0x400, 0x6, 0x10, 0x9f, [@generic={0x4a, 0x5, "fae8ae195343c429a96af6b2164d01a68ea315b5a851473e19bed2453d552b4be9268addbcac4b4dc1fb81e0a2e7fc5236695331f0ebf0d37f0814471174a6d8cbcd1c73ede8b68c"}]}}, {{0x9, 0x5, 0xd, 0x3, 0x20, 0x40, 0x7, 0x1}}, {{0x9, 0x5, 0x8, 0x4, 0x10, 0x9, 0x75, 0x3}}, {{0x9, 0x5, 0x5, 0x10, 0x200, 0x7f, 0x5d}}, {{0x9, 0x5, 0x7, 0x2, 0x10, 0x6, 0x9, 0x44, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x65, 0x5}, @generic={0xc5, 0x2, "a6da592c373db2bdcf7f2102d1ab2b36936baf03f321e3cdd48e7a9d107aa95695456e38f5c485c3a4fdb0fddffb569d5363c505240deb566c4f93e3cd8165f70aa779c529afdee5c1cb6c5297fee4345b9c88e9a4ac1491d74d5563b44fc710653ef34047bb855a586a3de3d2c0f9a646bd8ea5c2381803442ecca837dedab28ee7e3a70a96a5e2875e936da5c47b9dc1e1c0c1820e6b9b09ba2a07d36caa90b0537ff0946f1b9f8bcc0f8ff117861b40808588552896e7ac5053194317a3127f7625"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x3ff, 0xfd, 0x2, 0x0, [@generic={0x2, 0x6}, @generic={0x77, 0x21, "5cc82b60259c8443ec705bf4f971fbdb4d69a43843be092bd07bf9854fd705be398526ff234dfada850efa117e20fa9de9872418875629cdf7de7319f88ff3af136cafb23869a303270266e80c2890d97d503564189f8eb5ce6ea9a7e6bc796b8c5c77105a2ab9d6faccf419bb85187be6f6e2f913"}]}}, {{0x9, 0x5, 0xb, 0x4, 0x50, 0x81, 0x5e, 0xd5, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x3, 0x1}]}}]}}]}}]}}, &(0x7f0000001300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x7, 0xf7, 0x5, 0x40, 0x6}, 0x15c, &(0x7f0000000dc0)={0x5, 0xf, 0x15c, 0x4, [@generic={0x93, 0x10, 0xe, "1850d2272e977c26df9333250bbdc731fed4e373488210c52efb55776610754b06acd7331cc6fdfd3be961c5d752a13bda0360cbba078f765198cc988f4888888c4bd76bfe71007c6a1e6ffc46828659793e39a39e61245467410e6beab80df6425cfb29bbe55fec5ca19a7ebeb3d2612f9951eb7ddc2378849652ca32238c83e6d57f3a7ac87eee57a3261658345708"}, @wireless={0xb, 0x10, 0x1, 0xc, 0xe6, 0x25, 0x7, 0x0, 0x6}, @generic={0xaf, 0x10, 0x1, "2a76d26d097608c64ca6ac8581ec37f901460d6e9e8d2b5aba9420b97b19859c9250ff2b418c115f6bb5b3cf439f09b1d16f59be9723ff60c796c8d568373065eccfab09c6e877cef9fa8a052bea44d8519391315967f72065e30b2acaf64c57fdf8306d23081fbf4079757204f9fd6f1f342d5deabddb7054e1f0b986660deb8d3cc96ebe2e92dc3aa5f42868c6d8bdf06477fab33f6e2511052c75b10fe2d08a99645c745cf14881fd9383"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x9, 0xa, 0x9}]}, 0x9, [{0xe8, &(0x7f0000000f40)=@string={0xe8, 0x3, "a08fcd057362ea3b90e2a97d0ea52c888760d88adc574c4d511c0fc2ee192b5a85593a74172468a169dfe4232d6af0a767d945e9ae20e565cdfb196e0306d622d5476107794418b138bf469d28fcb3f9575c883dec505f8ae80de7bfc94d44f84d78955c95e2ebff2904ae6867cb65af81fc55db510d7756f9a6dda154f6c768aa96e901fc7b6cbf5624c33f297b25fab5a47052038571a7ffe53a7e0c6c3bad10b461fbb917424e51d6ee4815f853cb21c1f1b6f911bfc576313393f644f492049cdf299018920e77da1f02593611e93de30db7b3fde2e76d398bec9df963a4f9b1a6b0b06f"}}, {0xbc, &(0x7f0000001040)=@string={0xbc, 0x3, "124294f7f651fb8495f9a31b1175282877a11dbefd32fefaa726c84ff5445f585d7b338779f0f9080b3f16004b5fe44aea8c7990e5957ea33586051332ac3e78b15c6cd7de2ce689d4c502a244c4e1637a76f89c1334ebbf1a68e99baee4bb52bc951a5f0b79ddacb169756b90055e7e767cd6b6a427385769adb56249a2ffa1af456bcebc32f361bf2500b025e38a9bff49bf0f1f98fe597f51237a80cc016c2948007b4955e190eb4709ea0b4c827f7ed34a35a0133b4002a3"}}, {0x29, &(0x7f0000000040)=@string={0x29, 0x3, "45a534c03b7f4d1a65336b12d6d9725137b5dedecebb035126dd85a41a85aeeeff2d8d81491f7c"}}, {0x4, &(0x7f0000000080)=@lang_id={0x4, 0x3, 0x1809}}, {0x4, &(0x7f0000001100)=@lang_id={0x4, 0x3, 0x812}}, {0x54, &(0x7f0000001140)=@string={0x54, 0x3, "3b0bafe46b05ef8cf9cb66136b679df620c5e5decd76fda59052f4324e7e5c5ee711d2c311d9400705631c964627c30bbceb0b9ec20335b3856a63a7a93988d3c993a5a47375a8512dcbe820fdf6849958e0"}}, {0x86, &(0x7f00000011c0)=@string={0x86, 0x3, "d51e47d2001c9888be806134d0e8541ba4b6e8a92ba21281903a1c6bed2e7e9c23c689fd8c84ff9a46e3201354b0fb72afdc8c1ba85e3e0500c334c1fa02b465b1c28fc870c553156d6879e48ea21904c8aec869396776f9dee808a03689477be67070301e235091b6e9092f5fbb23ca921fa77b86438cfc9c782d53028d99c01bcf0ef3"}}, {0x6, &(0x7f0000001280)=@string={0x6, 0x3, "76fb1656"}}, {0x10, &(0x7f00000012c0)=@string={0x10, 0x3, "9e81438e4fb7582c77ebfdfa142b"}}]})

0s ago: executing program 39 (id=3507):
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000001c0))
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000280)={0x7, 0x100, "77c638b05041a0115f44304807e55536b7fc5ae52727d800", 0x1ff, 0x5, 0x79, 0xdf4})
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BEACON(r7, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f00000003c0)={0x34, r8, 0x1, 0x4, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0xfffffffd}}}}, [@NL80211_ATTR_IE_ASSOC_RESP={0xa, 0xe, [@ext_channel_switch={0x1c, 0x4, {0xfc, 0x0, 0x38}}]}]}, 0x34}}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

kernel console output (not intermixed with test programs):

 leftover after parsing attributes in process `syz.5.2285'.
[  744.019703][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  744.019722][   T30] audit: type=1326 audit(1752774247.916:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12803 comm="syz.3.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  744.130014][T12806] netlink: 40107 bytes leftover after parsing attributes in process `syz.0.2297'.
[  744.157453][   T30] audit: type=1326 audit(1752774247.916:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12803 comm="syz.3.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  744.181575][   T30] audit: type=1326 audit(1752774247.916:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12803 comm="syz.3.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  744.203533][   T30] audit: type=1326 audit(1752774247.916:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12803 comm="syz.3.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  744.287762][   T30] audit: type=1326 audit(1752774247.946:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12803 comm="syz.3.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  744.354860][T12810] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  744.539457][   T30] audit: type=1326 audit(1752774248.416:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12815 comm="syz.0.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  744.668146][   T30] audit: type=1326 audit(1752774248.416:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12815 comm="syz.0.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  745.135625][   T30] audit: type=1326 audit(1752774249.026:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12826 comm="syz.0.2308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  745.178681][   T30] audit: type=1326 audit(1752774249.026:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12826 comm="syz.0.2308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  745.259521][   T30] audit: type=1326 audit(1752774249.026:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12826 comm="syz.0.2308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  745.336508][T12835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2312'.
[  749.266482][T12881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2328'.
[  749.549613][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2331'.
[  749.638901][T12892] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  749.659351][T12889] macvtap1: entered promiscuous mode
[  749.673535][T12889] macvtap1: entered allmulticast mode
[  749.705241][T12889] bond0: entered allmulticast mode
[  749.739801][T12889] bond_slave_0: entered allmulticast mode
[  749.754277][T12889] bond_slave_1: entered allmulticast mode
[  749.778289][T12889] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  750.629007][T12907] serio: Serial port ptm0
[  751.143250][T12932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2349'.
[  751.186561][T12933] bridge0: entered promiscuous mode
[  751.213395][T12933] macsec1: entered promiscuous mode
[  751.235888][T12933] bridge0: port 3(macsec1) entered blocking state
[  751.253068][T12933] bridge0: port 3(macsec1) entered disabled state
[  751.271910][T12933] macsec1: entered allmulticast mode
[  751.277397][T12933] bridge0: entered allmulticast mode
[  751.301727][T12933] macsec1: left allmulticast mode
[  751.320664][T12933] bridge0: left allmulticast mode
[  751.342303][T12933] bridge0: left promiscuous mode
[  751.378824][T12941] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2353'.
[  751.775017][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  751.775037][   T30] audit: type=1326 audit(1752774255.666:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12960 comm="syz.5.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  751.809708][   T30] audit: type=1326 audit(1752774255.666:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12960 comm="syz.5.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  751.874832][   T30] audit: type=1326 audit(1752774255.666:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12960 comm="syz.5.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  751.931461][   T30] audit: type=1326 audit(1752774255.706:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12960 comm="syz.5.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  752.262639][T12980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2371'.
[  752.801533][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  752.808185][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  753.262528][T12996] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2374'.
[  753.424139][T13002] gre1: entered promiscuous mode
[  753.445447][T13006] usb usb8: usbfs: process 13006 (syz.3.2377) did not claim interface 0 before use
[  753.607850][T13010] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2381'.
[  756.611491][   T30] audit: type=1326 audit(1752774260.506:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.657131][   T30] audit: type=1326 audit(1752774260.506:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.682834][   T30] audit: type=1326 audit(1752774260.506:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.713688][   T30] audit: type=1326 audit(1752774260.506:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.821870][   T30] audit: type=1326 audit(1752774260.506:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.863210][   T30] audit: type=1326 audit(1752774260.506:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.898426][   T30] audit: type=1326 audit(1752774260.506:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.924438][   T30] audit: type=1326 audit(1752774260.506:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="syz.4.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.953483][   T30] audit: type=1326 audit(1752774260.596:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="\" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  756.980915][   T30] audit: type=1326 audit(1752774260.596:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="\" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  757.009135][   T30] audit: type=1326 audit(1752774260.596:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="\" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  757.034770][   T30] audit: type=1326 audit(1752774260.596:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="\" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  757.057499][   T30] audit: type=1326 audit(1752774260.596:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="\" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  757.079190][   T30] audit: type=1326 audit(1752774260.596:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13076 comm="\" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  757.724015][T13102] netem: change failed
[  759.631312][T13129] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2427'.
[  759.665592][T13129] ksmbd: Unknown IPC event: 4, ignore.
[  760.288438][T13130] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2426'.
[  760.309090][T13132] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2428'.
[  761.585303][T13164] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2440'.
[  761.902226][T13178] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2442'.
[  762.860587][T13193] netlink: 620 bytes leftover after parsing attributes in process `syz.4.2451'.
[  762.958898][T13198] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2453'.
[  763.312339][T13220] bridge0: entered promiscuous mode
[  763.325568][T13220] macsec1: entered promiscuous mode
[  763.337717][T13220] bridge0: port 1(macsec1) entered blocking state
[  763.383127][T13220] bridge0: port 1(macsec1) entered disabled state
[  763.394533][T13220] macsec1: entered allmulticast mode
[  763.402292][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  763.402310][   T30] audit: type=1326 audit(1752774267.296:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13226 comm="syz.5.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  763.405551][T13220] bridge0: entered allmulticast mode
[  763.408869][   T30] audit: type=1326 audit(1752774267.306:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13226 comm="syz.5.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  763.466256][   T30] audit: type=1326 audit(1752774267.356:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13226 comm="syz.5.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  763.495132][T13220] macsec1: left allmulticast mode
[  763.501507][   T30] audit: type=1326 audit(1752774267.356:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13226 comm="syz.5.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  763.523713][T13220] bridge0: left allmulticast mode
[  763.535081][   T30] audit: type=1326 audit(1752774267.356:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13226 comm="syz.5.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  763.562296][T13220] bridge0: left promiscuous mode
[  765.025363][T13258] netlink: 'syz.0.2478': attribute type 1 has an invalid length.
[  765.099836][T13265] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2478'.
[  765.123481][T13258] 8021q: adding VLAN 0 to HW filter on device bond3
[  765.469415][T13274] netlink: 'syz.0.2483': attribute type 1 has an invalid length.
[  765.477336][T13274] netlink: 16134 bytes leftover after parsing attributes in process `syz.0.2483'.
[  766.493722][T13293] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2493'.
[  775.274180][ T5844] Bluetooth: hci5: command 0x0406 tx timeout
[  775.559547][T13334] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2508'.
[  779.854796][T13359] serio: Serial port ptm0
[  780.017848][T13369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2521'.
[  780.033742][T13369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2521'.
[  780.044615][T13369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2521'.
[  780.067749][T13369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2521'.
[  780.112400][T13369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2521'.
[  780.138436][T13376] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2524'.
[  780.167078][T13379] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  780.167078][T13379] The task syz.5.2522 (13379) triggered the difference, watch for misbehavior.
[  781.409594][   T30] audit: type=1326 audit(1752774285.196:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.458171][   T30] audit: type=1326 audit(1752774285.196:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.480166][   T30] audit: type=1326 audit(1752774285.196:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.506559][   T30] audit: type=1326 audit(1752774285.196:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.542793][   T30] audit: type=1326 audit(1752774285.206:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.578470][   T30] audit: type=1326 audit(1752774285.206:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.601296][   T30] audit: type=1326 audit(1752774285.206:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.639783][   T30] audit: type=1326 audit(1752774285.206:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.698417][   T30] audit: type=1326 audit(1752774285.206:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13388 comm="syz.3.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  781.993607][   T30] audit: type=1326 audit(1752774285.886:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13406 comm="syz.3.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88ad98e929 code=0x7ffc0000
[  782.147948][T13408] serio: Serial port ptm1
[  785.186151][T13507] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  785.635482][T13521] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.866145][T13521] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.042219][T13521] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.155686][T13521] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.166697][T13545] netlink: 'syz.0.2599': attribute type 1 has an invalid length.
[  786.239642][T13547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2599'.
[  786.241477][T13545] 8021q: adding VLAN 0 to HW filter on device bond4
[  786.280668][T13547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2599'.
[  786.421801][T13521] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  786.456218][T13521] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  786.507666][T13521] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  786.556629][T13521] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  786.828200][T13566] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  787.238047][T13577] netlink: 'syz.0.2613': attribute type 1 has an invalid length.
[  787.273572][T13577] 8021q: adding VLAN 0 to HW filter on device bond5
[  787.285500][T13577] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2613'.
[  791.591014][T13638] program syz.5.2634 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  791.729702][T13646] 9pnet_fd: Insufficient options for proto=fd
[  795.099991][T13677] xt_CT: You must specify a L4 protocol and not use inversions on it
[  796.567253][T13695] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  796.596107][T13695] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  796.669153][T13695] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  796.697000][T13695] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  796.756491][T13695] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  796.842382][T13695] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  797.921421][T10078] Bluetooth: hci1: command 0x0406 tx timeout
[  798.635504][T10078] Bluetooth: hci3: command 0x0406 tx timeout
[  798.709898][T10078] Bluetooth: hci0: command 0x0401 tx timeout
[  798.715999][T10078] Bluetooth: hci4: command 0x0406 tx timeout
[  798.790044][T10078] Bluetooth: hci5: command 0x0406 tx timeout
[  799.931654][T13738] 9pnet_fd: Insufficient options for proto=fd
[  800.869480][ T5844] Bluetooth: hci5: command 0x0406 tx timeout
[  801.214499][T13770] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2682'.
[  801.225876][T13770] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2682'.
[  801.361180][   T30] kauditd_printk_skb: 55 callbacks suppressed
[  801.361195][   T30] audit: type=1326 audit(1752774305.256:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.404333][   T30] audit: type=1326 audit(1752774305.286:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.445666][   T30] audit: type=1326 audit(1752774305.296:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.467583][   T30] audit: type=1326 audit(1752774305.296:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.565427][   T30] audit: type=1326 audit(1752774305.296:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.641630][   T30] audit: type=1326 audit(1752774305.296:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.641687][   T30] audit: type=1326 audit(1752774305.296:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.641735][   T30] audit: type=1326 audit(1752774305.296:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.5.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  801.641787][   T30] audit: type=1326 audit(1752774305.456:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13780 comm="syz.1.2687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a198e929 code=0x7ffc0000
[  801.641836][   T30] audit: type=1326 audit(1752774305.456:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13780 comm="syz.1.2687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a198e929 code=0x7ffc0000
[  803.049896][T13798] netlink: 'syz.4.2690': attribute type 1 has an invalid length.
[  803.049961][T13798] netlink: 'syz.4.2690': attribute type 4 has an invalid length.
[  803.049997][T13798] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.2690'.
[  803.637742][T13806] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2696'.
[  803.951640][T13817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2701'.
[  803.985624][T13817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2701'.
[  804.567370][T13832] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.2705'.
[  805.253652][T13841] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2712'.
[  805.493679][T13852] netlink: 'syz.0.2716': attribute type 3 has an invalid length.
[  806.118215][T13861] bond_slave_0: entered promiscuous mode
[  806.124285][T13861] bond_slave_1: entered promiscuous mode
[  806.190928][T13861] macsec1: entered allmulticast mode
[  806.197186][T13861] bond0: entered allmulticast mode
[  806.205218][T13861] bond_slave_0: entered allmulticast mode
[  806.211615][T13861] bond_slave_1: entered allmulticast mode
[  806.431592][T13861] bond0: left allmulticast mode
[  806.447036][T13861] bond_slave_0: left allmulticast mode
[  806.456347][T13861] bond_slave_1: left allmulticast mode
[  806.479924][T13861] bond_slave_0: left promiscuous mode
[  806.485599][T13861] bond_slave_1: left promiscuous mode
[  806.737596][T13892] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  806.744335][T13892] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  807.091646][T13902] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2740'.
[  807.404569][T13916] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  807.767963][T13938] netlink: 209572 bytes leftover after parsing attributes in process `syz.0.2756'.
[  807.882375][T13941] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  807.894710][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  807.894728][   T30] audit: type=1326 audit(1752774311.786:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  807.928259][   T30] audit: type=1326 audit(1752774311.816:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  807.952037][   T30] audit: type=1326 audit(1752774311.816:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  807.974212][   T30] audit: type=1326 audit(1752774311.816:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.052531][   T30] audit: type=1326 audit(1752774311.816:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.105180][T13949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2759'.
[  808.120639][   T30] audit: type=1326 audit(1752774311.816:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.197775][T13952] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.2758'.
[  808.248988][   T30] audit: type=1326 audit(1752774311.816:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.588202][   T30] audit: type=1326 audit(1752774311.816:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.797816][   T30] audit: type=1326 audit(1752774311.816:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.925516][   T30] audit: type=1326 audit(1752774311.816:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13934 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f844818e929 code=0x7ffc0000
[  808.947482][T13960] bridge0: entered promiscuous mode
[  808.982189][T13960] macsec1: entered promiscuous mode
[  809.009294][T13960] bridge0: port 3(macsec1) entered blocking state
[  809.036524][T13960] bridge0: port 3(macsec1) entered disabled state
[  809.056942][T13960] macsec1: entered allmulticast mode
[  809.068545][T13960] bridge0: entered allmulticast mode
[  809.093286][T13960] macsec1: left allmulticast mode
[  809.111731][T13960] bridge0: left allmulticast mode
[  809.140302][T13960] bridge0: left promiscuous mode
[  809.372529][T13989] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2776'.
[  810.460175][T14014] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  810.539628][T14018] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2787'.
[  811.270830][T14037] tipc: Started in network mode
[  811.360625][T14037] tipc: Node identity type_len, cluster identity 4711
[  811.460020][T14037] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  811.859487][T14051] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  811.944257][T14054] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.740074][T14064] syzkaller1: entered promiscuous mode
[  812.746333][T14064] syzkaller1: entered allmulticast mode
[  812.867644][T14054] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.251137][T14054] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.692337][T14054] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.142860][T14087] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2812'.
[  814.159170][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  814.171953][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  815.113826][T14054] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  815.134117][T14054] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  815.233261][T14054] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  815.304010][T14054] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  816.647283][T14120] netlink: 'syz.5.2827': attribute type 1 has an invalid length.
[  816.742055][T14124] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2827'.
[  816.816134][T14120] bond1: entered promiscuous mode
[  816.861285][T14120] 8021q: adding VLAN 0 to HW filter on device bond1
[  816.942597][T14124] batadv1: entered promiscuous mode
[  816.959817][T14124] batadv1: entered allmulticast mode
[  816.975640][T10078] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  816.986296][T10078] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  816.995595][T10078] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  817.004704][T10078] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  817.013761][T14124] 8021q: adding VLAN 0 to HW filter on device batadv1
[  817.021542][T10078] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  817.036726][T14124] bond1: (slave batadv1): making interface the new active one
[  817.077187][T14124] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  818.446943][T10407] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  818.686067][T10407] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  818.739121][T14079] syz.1.2809: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  818.806810][T14079] CPU: 1 UID: 0 PID: 14079 Comm: syz.1.2809 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(full) 
[  818.806845][T14079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  818.806871][T14079] Call Trace:
[  818.806884][T14079]  <TASK>
[  818.806894][T14079]  dump_stack_lvl+0x189/0x250
[  818.806930][T14079]  ? __pfx_dump_stack_lvl+0x10/0x10
[  818.806971][T14079]  ? __pfx__printk+0x10/0x10
[  818.807000][T14079]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  818.807029][T14079]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  818.807057][T14079]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  818.807087][T14079]  warn_alloc+0x214/0x310
[  818.807121][T14079]  ? __pfx_warn_alloc+0x10/0x10
[  818.807157][T14079]  ? __get_vm_area_node+0x28f/0x300
[  818.807180][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807207][T14079]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  818.807272][T14079]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  818.807295][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807319][T14079]  ? __get_vm_area_node+0x28f/0x300
[  818.807341][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807365][T14079]  __vmalloc_node_range_noprof+0x56a/0x12f0
[  818.807390][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807409][T14079]  ? do_syscall_64+0xfa/0x3b0
[  818.807445][T14079]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  818.807487][T14079]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  818.807518][T14079]  ? rcu_is_watching+0x15/0xb0
[  818.807544][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807564][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807583][T14079]  __kvmalloc_node_noprof+0x3b8/0x5f0
[  818.807607][T14079]  ? hash_netiface_create+0x358/0xfe0
[  818.807629][T14079]  ? hash_netiface_create+0x2fe/0xfe0
[  818.807655][T14079]  hash_netiface_create+0x358/0xfe0
[  818.807686][T14079]  ? __nla_parse+0x40/0x60
[  818.807712][T14079]  ? __pfx_hash_netiface_create+0x10/0x10
[  818.807736][T14079]  ip_set_create+0xa94/0x1940
[  818.807759][T14079]  ? ip_set_create+0x4a2/0x1940
[  818.807801][T14079]  ? __pfx_ip_set_create+0x10/0x10
[  818.807870][T14079]  nfnetlink_rcv_msg+0xb4d/0x1130
[  818.807895][T14079]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  818.807938][T14079]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  818.807958][T14079]  ? kasan_save_free_info+0x46/0x50
[  818.808040][T14079]  netlink_rcv_skb+0x205/0x470
[  818.808070][T14079]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  818.808095][T14079]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  818.808136][T14079]  ? bpf_lsm_capable+0x9/0x20
[  818.808163][T14079]  ? security_capable+0x7e/0x2e0
[  818.808199][T14079]  nfnetlink_rcv+0x26a/0x2520
[  818.808225][T14079]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  818.808263][T14079]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  818.808300][T14079]  ? lockdep_hardirqs_on+0x9c/0x150
[  818.808320][T14079]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  818.808350][T14079]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  818.808382][T14079]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  818.808409][T14079]  ? rcu_preempt_deferred_qs_irqrestore+0x851/0xc40
[  818.808456][T14079]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  818.808496][T14079]  ? rcu_is_watching+0x15/0xb0
[  818.808521][T14079]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  818.808551][T14079]  ? skb_clone+0x246/0x3a0
[  818.808577][T14079]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  818.808608][T14079]  ? netlink_deliver_tap+0x2e/0x1b0
[  818.808645][T14079]  ? netlink_deliver_tap+0x2e/0x1b0
[  818.808684][T14079]  netlink_unicast+0x75c/0x8e0
[  818.808724][T14079]  netlink_sendmsg+0x805/0xb30
[  818.808772][T14079]  ? __pfx_netlink_sendmsg+0x10/0x10
[  818.808804][T14079]  ? rcu_is_watching+0x15/0xb0
[  818.808832][T14079]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  818.808876][T14079]  ? __pfx_netlink_sendmsg+0x10/0x10
[  818.808908][T14079]  __sock_sendmsg+0x219/0x270
[  818.808938][T14079]  ____sys_sendmsg+0x505/0x830
[  818.808979][T14079]  ? __pfx_____sys_sendmsg+0x10/0x10
[  818.809022][T14079]  ? import_iovec+0x74/0xa0
[  818.809057][T14079]  ___sys_sendmsg+0x21f/0x2a0
[  818.809093][T14079]  ? __pfx____sys_sendmsg+0x10/0x10
[  818.809168][T14079]  ? __fget_files+0x2a/0x420
[  818.809192][T14079]  ? __fget_files+0x3a0/0x420
[  818.809230][T14079]  __x64_sys_sendmsg+0x19b/0x260
[  818.809266][T14079]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  818.809312][T14079]  ? rcu_is_watching+0x15/0xb0
[  818.809342][T14079]  ? do_syscall_64+0xbe/0x3b0
[  818.809370][T14079]  do_syscall_64+0xfa/0x3b0
[  818.809394][T14079]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.809415][T14079]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  818.809437][T14079]  ? clear_bhb_loop+0x60/0xb0
[  818.809464][T14079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.809486][T14079] RIP: 0033:0x7f49a198e929
[  818.809516][T14079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  818.809535][T14079] RSP: 002b:00007f49a28c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  818.809559][T14079] RAX: ffffffffffffffda RBX: 00007f49a1bb5fa0 RCX: 00007f49a198e929
[  818.809574][T14079] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  818.809589][T14079] RBP: 00007f49a1a10ca1 R08: 0000000000000000 R09: 0000000000000000
[  818.809603][T14079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  818.809616][T14079] R13: 0000000000000000 R14: 00007f49a1bb5fa0 R15: 00007ffd3f849788
[  818.809650][T14079]  </TASK>
[  819.391109][T10407] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.401685][T10078] Bluetooth: hci2: command tx timeout
[  819.417382][T14079] Mem-Info:
[  819.420926][T14079] active_anon:252 inactive_anon:5187 isolated_anon:0
[  819.420926][T14079]  active_file:6222 inactive_file:45256 isolated_file:0
[  819.420926][T14079]  unevictable:768 dirty:145 writeback:0
[  819.420926][T14079]  slab_reclaimable:10904 slab_unreclaimable:100955
[  819.420926][T14079]  mapped:30566 shmem:2550 pagetables:1184
[  819.420926][T14079]  sec_pagetables:0 bounce:0
[  819.420926][T14079]  kernel_misc_reclaimable:0
[  819.420926][T14079]  free:1283427 free_pcp:18102 free_cma:0
[  819.757799][T14079] Node 0 active_anon:1008kB inactive_anon:21348kB active_file:24688kB inactive_file:181024kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122864kB dirty:580kB writeback:0kB shmem:9264kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12808kB pagetables:4568kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  819.791709][T14079] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  819.816735][T10407] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.824209][T14079] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  819.862359][T14079] lowmem_reserve[]: 0 2500 2502 2502 2502
[  819.868133][T14079] Node 0 DMA32 free:1221624kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1004kB inactive_anon:21304kB active_file:22928kB inactive_file:180956kB unevictable:1536kB writepending:580kB present:3129332kB managed:2561004kB mlocked:0kB bounce:0kB free_pcp:48288kB local_pcp:25812kB free_cma:0kB
[  819.908717][T14079] lowmem_reserve[]: 0 0 1 1 1
[  819.913539][T14079] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1760kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  820.063187][T14079] lowmem_reserve[]: 0 0 0 0 0
[  820.068026][T14079] Node 1 Normal free:3896704kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:23320kB local_pcp:18856kB free_cma:0kB
[  820.203682][T14079] lowmem_reserve[]: 0 0 0 0 0
[  820.214843][T14079] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  820.230118][T14079] Node 0 DMA32: 1*4kB (U) 1*8kB (E) 28*16kB (UME) 236*32kB (ME) 238*64kB (UM) 343*128kB (UME) 422*256kB (UME) 291*512kB (UM) 156*1024kB (UME) 16*2048kB (UME) 171*4096kB (UM) = 1217100kB
[  820.250469][T14079] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  820.263087][T14079] Node 1 Normal: 193*4kB (UME) 54*8kB (UME) 48*16kB (UME) 178*32kB (UME) 53*64kB (UME) 11*128kB (UME) 5*256kB (UM) 4*512kB (UM) 0*1024kB 1*2048kB (M) 947*4096kB (ME) = 3896756kB
[  820.283709][T14079] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  820.353183][T14079] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  820.421255][T14079] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  820.522661][T14079] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  820.559819][T14127] chnl_net:caif_netlink_parms(): no params data found
[  820.578373][T14079] 54498 total pagecache pages
[  820.583161][T14079] 0 pages in swap cache
[  820.587353][T14079] Free swap  = 124996kB
[  820.618485][T14079] Total swap = 124996kB
[  820.622755][T14079] 2097051 pages RAM
[  820.633443][T14079] 0 pages HighMem/MovableOnly
[  820.638202][T14079] 424693 pages reserved
[  820.678665][T14079] 0 pages cma reserved
[  820.868428][T14159] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  820.994801][T10407] bridge_slave_1: left allmulticast mode
[  821.013069][T10407] bridge_slave_1: left promiscuous mode
[  821.032485][T10407] bridge0: port 2(bridge_slave_1) entered disabled state
[  821.082566][T10407] bridge_slave_0: left allmulticast mode
[  821.099162][T10407] bridge_slave_0: left promiscuous mode
[  821.117637][T10407] bridge0: port 1(bridge_slave_0) entered disabled state
[  821.428439][ T5844] Bluetooth: hci2: command tx timeout
[  821.675542][T10407] dvmrp8 (unregistering): left allmulticast mode
[  822.059892][T10407] bond0 (unregistering): left allmulticast mode
[  822.072357][T10407] bond_slave_0: left allmulticast mode
[  822.083621][T10407] bond_slave_1: left allmulticast mode
[  822.169908][T10407] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  822.186526][T10407] bond_slave_0: left promiscuous mode
[  822.216648][T10407] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  822.239066][T10407] bond_slave_1: left promiscuous mode
[  822.247292][T10407] bond0 (unregistering): Released all slaves
[  822.286778][T14127] bridge0: port 1(bridge_slave_0) entered blocking state
[  822.314245][T14127] bridge0: port 1(bridge_slave_0) entered disabled state
[  822.328868][T14127] bridge_slave_0: entered allmulticast mode
[  822.340482][T14127] bridge_slave_0: entered promiscuous mode
[  822.359649][T14127] bridge0: port 2(bridge_slave_1) entered blocking state
[  822.379026][T14127] bridge0: port 2(bridge_slave_1) entered disabled state
[  822.400785][T14127] bridge_slave_1: entered allmulticast mode
[  822.432054][T14127] bridge_slave_1: entered promiscuous mode
[  822.785920][T14127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  822.931296][T14127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  822.973547][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  822.973565][   T30] audit: type=1326 audit(1752774326.866:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.054589][   T30] audit: type=1326 audit(1752774326.866:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.114719][T14127] team0: Port device team_slave_0 added
[  823.128113][   T30] audit: type=1326 audit(1752774326.906:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.150193][   T30] audit: type=1326 audit(1752774326.906:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.172234][   T30] audit: type=1326 audit(1752774326.906:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.210951][T14127] team0: Port device team_slave_1 added
[  823.264751][   T30] audit: type=1326 audit(1752774326.906:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.339728][   T30] audit: type=1326 audit(1752774326.906:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.394467][   T30] audit: type=1326 audit(1752774326.906:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.436638][T14127] batman_adv: batadv0: Adding interface: batadv_slave_0
[  823.452678][T14127] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  823.525599][ T5844] Bluetooth: hci2: command tx timeout
[  823.608445][   T30] audit: type=1326 audit(1752774326.906:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.641358][T14127] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  823.677277][T14127] batman_adv: batadv0: Adding interface: batadv_slave_1
[  823.684567][T14127] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  823.734095][   T30] audit: type=1326 audit(1752774326.906:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.0.2848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c94d8e929 code=0x7ffc0000
[  823.736338][T14127] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  823.916085][T14193] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2851'.
[  823.934674][T14193] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2851'.
[  823.955168][T10407] hsr_slave_0: left promiscuous mode
[  823.963489][T10407] hsr_slave_1: left promiscuous mode
[  823.976006][T10407] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  823.985378][T10407] batman_adv: batadv0: Removing interface: batadv_slave_0
[  824.000172][T10407] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  824.007869][T10407] batman_adv: batadv0: Removing interface: batadv_slave_1
[  824.111808][T10407] veth1_macvtap: left promiscuous mode
[  824.123090][T10407] veth0_macvtap: left promiscuous mode
[  824.130792][T10407] veth1_vlan: left promiscuous mode
[  824.136356][T10407] veth0_vlan: left promiscuous mode
[  824.580350][T14187] delete_channel: no stack
[  825.590997][ T5844] Bluetooth: hci2: command tx timeout
[  825.615980][T14221] netlink: 4324 bytes leftover after parsing attributes in process `syz.3.2863'.
[  825.735960][T10407] team0 (unregistering): Port device team_slave_1 removed
[  825.769858][T14223] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2864'.
[  825.785457][T14223] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2864'.
[  825.796366][T10407] team0 (unregistering): Port device team_slave_0 removed
[  826.347430][T14211] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  826.490130][T14127] hsr_slave_0: entered promiscuous mode
[  826.506667][T14127] hsr_slave_1: entered promiscuous mode
[  826.519776][T14127] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  826.536250][T14127] Cannot create hsr debugfs directory
[  826.896947][T14243] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2873'.
[  826.996700][T14248] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2876'.
[  827.054303][T14248] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2876'.
[  827.278018][T14261] netlink: 'syz.5.2879': attribute type 1 has an invalid length.
[  827.339058][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2879'.
[  827.392295][T14261] 8021q: adding VLAN 0 to HW filter on device bond2
[  827.656989][T14127] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  827.695233][T14278] tipc: Started in network mode
[  827.718780][T14278] tipc: Node identity , cluster identity 4711
[  827.725024][T14278] tipc: Failed to set node id, please configure manually
[  827.737061][T14278] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  827.745973][T14127] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  827.787075][T14127] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  827.820890][T14127] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  828.086225][T14127] 8021q: adding VLAN 0 to HW filter on device bond0
[  828.187367][T14127] 8021q: adding VLAN 0 to HW filter on device team0
[  828.227670][T10439] bridge0: port 1(bridge_slave_0) entered blocking state
[  828.234918][T10439] bridge0: port 1(bridge_slave_0) entered forwarding state
[  828.274778][T14306] netlink: 'syz.1.2895': attribute type 1 has an invalid length.
[  828.326684][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2895'.
[  828.603768][T14306] 8021q: adding VLAN 0 to HW filter on device bond3
[  828.678042][T10407] bridge0: port 2(bridge_slave_1) entered blocking state
[  828.685343][T10407] bridge0: port 2(bridge_slave_1) entered forwarding state
[  829.441654][T14127] 8021q: adding VLAN 0 to HW filter on device batadv0
[  830.390264][T14127] veth0_vlan: entered promiscuous mode
[  830.439222][T14127] veth1_vlan: entered promiscuous mode
[  830.598862][T14127] veth0_macvtap: entered promiscuous mode
[  830.721204][T14127] veth1_macvtap: entered promiscuous mode
[  830.787031][T14127] batman_adv: batadv0: Interface activated: batadv_slave_0
[  830.870407][T14127] batman_adv: batadv0: Interface activated: batadv_slave_1
[  830.910888][T14127] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  830.937654][T14127] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  830.976407][T14127] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  831.013157][T14127] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  831.313793][T10407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  831.333240][T10407] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  831.448898][T10462] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  831.462639][T10462] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  831.762981][T14374] serio: Serial port ptm0
[  833.079524][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  833.079543][   T30] audit: type=1326 audit(1752774336.976:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14384 comm="syz.5.2920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  833.192672][   T30] audit: type=1326 audit(1752774337.006:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14384 comm="syz.5.2920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  833.253940][   T30] audit: type=1326 audit(1752774337.006:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14384 comm="syz.5.2920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  833.323236][   T30] audit: type=1326 audit(1752774337.006:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14384 comm="syz.5.2920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  833.368724][T14391] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  833.375560][T14391] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  833.402984][   T30] audit: type=1326 audit(1752774337.006:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14384 comm="syz.5.2920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  833.478528][T14391] vhci_hcd vhci_hcd.0: Device attached
[  833.513086][T14392] vhci_hcd: connection closed
[  833.526126][T10462] vhci_hcd: stop threads
[  833.569678][T10462] vhci_hcd: release socket
[  833.574202][T10462] vhci_hcd: disconnect device
[  834.049942][T10078] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  834.059966][T10078] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  834.069490][T10078] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  834.082949][T10078] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  834.093125][T10078] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  834.250919][T14423] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  834.312557][T10462] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.338582][   T30] audit: type=1326 audit(1752774338.226:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14428 comm="syz.4.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  834.380156][   T30] audit: type=1326 audit(1752774338.226:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14428 comm="syz.4.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  834.403368][   T30] audit: type=1326 audit(1752774338.226:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14428 comm="syz.4.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  834.425667][   T30] audit: type=1326 audit(1752774338.226:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14428 comm="syz.4.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  834.469772][   T30] audit: type=1326 audit(1752774338.236:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14428 comm="syz.4.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  834.505405][T10462] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.847749][T10462] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.052977][T10462] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.449260][T10462] bridge_slave_1: left allmulticast mode
[  835.455061][T10462] bridge_slave_1: left promiscuous mode
[  835.466606][T10462] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.490631][T10462] bridge_slave_0: left allmulticast mode
[  835.496432][T10462] bridge_slave_0: left promiscuous mode
[  835.505495][T10462] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.804294][T14465] random: crng reseeded on system resumption
[  836.112247][T10462] batman_adv: batadv0: Removing interface: vxlan0
[  836.158650][ T5844] Bluetooth: hci3: command tx timeout
[  836.366865][T10462] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  836.380657][T10462] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  836.395131][T10462] bond0 (unregistering): Released all slaves
[  836.577521][T10462] bond1 (unregistering): Released all slaves
[  836.603894][ T5923] srz1: Port: 1 Link DOWN
[  836.609506][T14416] chnl_net:caif_netlink_parms(): no params data found
[  836.820368][T14490] __nla_validate_parse: 1 callbacks suppressed
[  836.820391][T14490] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2960'.
[  836.923678][T14496] atomic_op ffff88807ae08998 conn xmit_atomic 0000000000000000
[  836.969783][T14416] bridge0: port 1(bridge_slave_0) entered blocking state
[  836.987255][T14416] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.005346][T14416] bridge_slave_0: entered allmulticast mode
[  837.023805][T14416] bridge_slave_0: entered promiscuous mode
[  837.044400][T14416] bridge0: port 2(bridge_slave_1) entered blocking state
[  837.068713][T14416] bridge0: port 2(bridge_slave_1) entered disabled state
[  837.082447][T14416] bridge_slave_1: entered allmulticast mode
[  837.102052][T14416] bridge_slave_1: entered promiscuous mode
[  837.429424][T14508] netlink: 'syz.0.2965': attribute type 10 has an invalid length.
[  837.598358][T14505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2965'.
[  837.638955][T14416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  837.671955][T14416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  837.745197][T14517] bridge0: entered promiscuous mode
[  837.772781][T14517] macsec1: entered promiscuous mode
[  837.795916][T14517] bridge0: port 3(macsec1) entered blocking state
[  837.811991][T14517] bridge0: port 3(macsec1) entered disabled state
[  837.825515][T14517] macsec1: entered allmulticast mode
[  837.853606][T14517] bridge0: entered allmulticast mode
[  837.869655][T14517] macsec1: left allmulticast mode
[  837.879647][T14517] bridge0: left allmulticast mode
[  837.895073][T14517] bridge0: left promiscuous mode
[  838.193650][T14416] team0: Port device team_slave_0 added
[  838.228552][ T5844] Bluetooth: hci3: command tx timeout
[  838.242476][T14416] team0: Port device team_slave_1 added
[  838.543189][T14416] batman_adv: batadv0: Adding interface: batadv_slave_0
[  838.576351][T14416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.632398][T14416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  838.645350][T14416] batman_adv: batadv0: Adding interface: batadv_slave_1
[  838.653502][T14416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  839.442731][T14416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  839.746693][T14416] hsr_slave_0: entered promiscuous mode
[  839.807173][T14416] hsr_slave_1: entered promiscuous mode
[  839.843749][T14416] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  839.869830][T14416] Cannot create hsr debugfs directory
[  840.138837][T14559] tipc: Started in network mode
[  840.151919][T14559] tipc: Node identity , cluster identity 4711
[  840.158209][T14559] tipc: Failed to set node id, please configure manually
[  840.165489][T14559] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  840.262019][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  840.262037][   T30] audit: type=1326 audit(1752774344.156:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.298780][   T30] audit: type=1326 audit(1752774344.156:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.333332][ T5844] Bluetooth: hci3: command tx timeout
[  840.371526][   T30] audit: type=1326 audit(1752774344.156:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.402785][   T30] audit: type=1326 audit(1752774344.156:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.429656][   T30] audit: type=1326 audit(1752774344.156:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.455911][   T30] audit: type=1326 audit(1752774344.156:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.500150][   T30] audit: type=1326 audit(1752774344.156:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.527249][   T30] audit: type=1326 audit(1752774344.156:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.571180][   T30] audit: type=1326 audit(1752774344.156:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  840.598596][   T30] audit: type=1326 audit(1752774344.156:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14562 comm="syz.5.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a718e929 code=0x7ffc0000
[  841.033033][T14561] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  841.050738][T14561] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  841.070013][T14416] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  841.079387][T14561] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  841.087721][T14561] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  841.097056][T14416] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  841.098862][T14561] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  841.122569][T14561] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  841.126560][T14416] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  841.143549][T14416] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  841.156018][T14561] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  841.172561][T14561] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  841.197848][T14561] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  841.364770][T14416] 8021q: adding VLAN 0 to HW filter on device bond0
[  841.431205][T14416] 8021q: adding VLAN 0 to HW filter on device team0
[  841.464534][T10461] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.471770][T10461] bridge0: port 1(bridge_slave_0) entered forwarding state
[  841.580731][T10461] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.587951][T10461] bridge0: port 2(bridge_slave_1) entered forwarding state
[  842.392682][T14416] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  842.438706][T14416] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  842.468609][ T5844] Bluetooth: hci1: command 0x0406 tx timeout
[  843.093272][T14622] team0: No ports can be present during mode change
[  843.108678][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  843.109736][T10078] Bluetooth: hci5: command 0x0406 tx timeout
[  843.114758][ T5844] Bluetooth: hci0: command 0x0401 tx timeout
[  843.138683][T14626] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3009'.
[  843.189514][T10078] Bluetooth: hci3: command 0x0c1a tx timeout
[  843.350720][T14626] team0 (unregistering): Port device team_slave_0 removed
[  843.382970][T14626] team0 (unregistering): Port device team_slave_1 removed
[  843.502941][T14416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  843.709911][T14416] veth0_vlan: entered promiscuous mode
[  843.724102][T14416] veth1_vlan: entered promiscuous mode
[  843.785978][T14416] veth0_macvtap: entered promiscuous mode
[  843.807133][T14416] veth1_macvtap: entered promiscuous mode
[  843.855242][T14416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  843.888222][T14416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  843.925325][T14416] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  843.941869][T14416] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  843.952460][T14416] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  843.961240][T14416] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  844.089392][T10435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  844.107939][T10435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  844.175566][T10466] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  844.188421][T10466] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  844.303581][T14652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3022'.
[  845.052904][T14669] netlink: 'syz.3.3029': attribute type 1 has an invalid length.
[  845.082071][T14669] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3029'.
[  845.166202][T10077] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  845.184443][T10077] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  845.193571][T10077] Bluetooth: hci2: command 0x0c1a tx timeout
[  845.201240][T10077] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  845.214393][T10077] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  845.229480][T10077] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  845.270162][T10078] Bluetooth: hci3: command 0x0c1a tx timeout
[  845.488528][T14677] IPv6: Can't replace route, no match found
[  845.933250][T14670] chnl_net:caif_netlink_parms(): no params data found
[  846.047311][T14694] tipc: Started in network mode
[  846.052580][T14694] tipc: Node identity , cluster identity 4711
[  846.058749][T14694] tipc: Failed to set node id, please configure manually
[  846.065850][T14694] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  846.078251][T14695] serio: Serial port ptm0
[  846.181857][T14670] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.190137][T14670] bridge0: port 1(bridge_slave_0) entered disabled state
[  846.197546][T14670] bridge_slave_0: entered allmulticast mode
[  846.205774][T14670] bridge_slave_0: entered promiscuous mode
[  846.215304][T14670] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.226007][T14670] bridge0: port 2(bridge_slave_1) entered disabled state
[  846.234914][T14670] bridge_slave_1: entered allmulticast mode
[  846.243301][T14670] bridge_slave_1: entered promiscuous mode
[  846.288232][T14670] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  846.301248][T14670] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  846.352965][T14670] team0: Port device team_slave_0 added
[  846.362940][T14670] team0: Port device team_slave_1 added
[  846.404929][T14670] batman_adv: batadv0: Adding interface: batadv_slave_0
[  846.412033][T14670] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  846.439718][T14670] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  846.452803][T14670] batman_adv: batadv0: Adding interface: batadv_slave_1
[  846.460462][T14670] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  846.486810][T14670] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  846.554103][T14670] hsr_slave_0: entered promiscuous mode
[  846.561006][T14670] hsr_slave_1: entered promiscuous mode
[  846.567387][T14670] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  846.575532][T14670] Cannot create hsr debugfs directory
[  846.881178][T14670] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.906950][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  846.906968][   T30] audit: type=1326 audit(1752774350.796:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14708 comm="syz.4.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  846.947437][   T30] audit: type=1326 audit(1752774350.796:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14708 comm="syz.4.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  846.982243][   T30] audit: type=1326 audit(1752774350.796:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14708 comm="syz.4.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  847.010129][   T30] audit: type=1326 audit(1752774350.796:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14708 comm="syz.4.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  847.040139][   T30] audit: type=1326 audit(1752774350.796:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14708 comm="syz.4.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  847.065199][T14670] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.101784][T14713] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  847.150941][T14670] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.221388][T14670] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.268723][T10078] Bluetooth: hci2: command 0x0c1a tx timeout
[  847.274866][T10078] Bluetooth: hci1: command tx timeout
[  847.349442][T10078] Bluetooth: hci3: command 0x0c1a tx timeout
[  848.258454][ T5971] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  848.269666][T14670] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  848.284822][T14670] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  848.312422][T14670] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  848.327387][T14670] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  848.409815][ T5971] usb 4-1: Using ep0 maxpacket: 16
[  848.446998][ T5971] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  848.463161][ T5971] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.464186][T14670] 8021q: adding VLAN 0 to HW filter on device bond0
[  848.488008][ T5971] usb 4-1: Product: syz
[  848.493923][ T5971] usb 4-1: Manufacturer: syz
[  848.504445][T14670] 8021q: adding VLAN 0 to HW filter on device team0
[  848.511716][ T5971] usb 4-1: SerialNumber: syz
[  848.519610][ T5971] usb 4-1: config 0 descriptor??
[  848.527405][ T5971] appledisplay 4-1:0.0: Could not find int-in endpoint
[  848.527929][T10463] bridge0: port 1(bridge_slave_0) entered blocking state
[  848.535907][ T5971] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  848.541556][T10463] bridge0: port 1(bridge_slave_0) entered forwarding state
[  848.570856][T10435] bridge0: port 2(bridge_slave_1) entered blocking state
[  848.577997][T10435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  848.973045][T14670] 8021q: adding VLAN 0 to HW filter on device batadv0
[  849.123697][T14670] veth0_vlan: entered promiscuous mode
[  849.176693][T14670] veth1_vlan: entered promiscuous mode
[  849.285330][T14670] veth0_macvtap: entered promiscuous mode
[  849.328881][T14670] veth1_macvtap: entered promiscuous mode
[  849.348726][T10078] Bluetooth: hci1: command tx timeout
[  849.407476][T14670] batman_adv: batadv0: Interface activated: batadv_slave_0
[  849.457462][T14670] batman_adv: batadv0: Interface activated: batadv_slave_1
[  849.493532][T14670] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  849.513262][T14670] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  849.522419][T14670] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  849.531376][T14670] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  849.755507][T10461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  849.774140][T10461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  849.810882][T10463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  849.826332][T10463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  850.999964][ T5924] usb 4-1: USB disconnect, device number 16
[  851.337848][T14780] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3068'.
[  851.367239][T14780] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3068'.
[  851.448844][T10078] Bluetooth: hci1: command tx timeout
[  851.492223][T14784] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3069'.
[  851.782009][T14789] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3071'.
[  851.796261][T14789] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3071'.
[  851.903798][T14793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3073'.
[  851.965845][T14795] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3074'.
[  851.980467][T14795] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3074'.
[  852.082055][T14798] netlink: 'syz.4.3075': attribute type 1 has an invalid length.
[  852.116266][T14798] 8021q: adding VLAN 0 to HW filter on device bond1
[  852.135197][T14798] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3075'.
[  852.367761][T14804] xt_hashlimit: size too large, truncated to 1048576
[  852.422084][T14807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3077'.
[  852.688938][T14813] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  853.508779][T10078] Bluetooth: hci1: command tx timeout
[  853.513982][T14838] netlink: 'syz.4.3091': attribute type 10 has an invalid length.
[  853.579009][T14840] warning: `syz.1.3092' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  853.651630][T14842] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  853.823626][   T30] audit: type=1326 audit(1752774357.716:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  853.854515][   T30] audit: type=1326 audit(1752774357.736:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  853.877240][   T30] audit: type=1326 audit(1752774357.766:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  853.905906][   T30] audit: type=1326 audit(1752774357.766:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  853.951206][   T30] audit: type=1326 audit(1752774357.766:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  853.974444][   T30] audit: type=1326 audit(1752774357.796:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  854.043555][   T30] audit: type=1326 audit(1752774357.796:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  854.110834][   T30] audit: type=1326 audit(1752774357.796:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  854.146280][   T30] audit: type=1326 audit(1752774357.796:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  854.183233][   T30] audit: type=1326 audit(1752774357.796:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14850 comm="syz.4.3097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  854.538430][T10718] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  854.692197][T10718] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  854.718478][T10718] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  854.745413][T10718] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  854.764556][T10718] usb 4-1: New USB device strings: Mfr=0, Product=13, SerialNumber=0
[  854.776538][T10718] usb 4-1: Product: syz
[  854.792200][T14861] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  854.804378][T10718] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  856.751941][T11724] usb 4-1: USB disconnect, device number 17
[  857.139929][ T5923] IPVS: starting estimator thread 0...
[  857.238362][T10077] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  857.239951][T14886] IPVS: using max 30 ests per chain, 72000 per kthread
[  857.254994][T10077] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  857.263963][T10077] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  857.273888][T10077] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  857.282676][T10077] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  857.308791][T14890] binder: 14889:14890 ioctl c0306201 0 returned -14
[  857.378268][T10078] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  857.388164][T10078] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  857.399104][T10078] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  857.407303][T10078] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  857.415316][T10078] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  857.719913][T14899] __nla_validate_parse: 3 callbacks suppressed
[  857.719932][T14899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3114'.
[  857.786146][T14899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3114'.
[  858.434793][T14887] chnl_net:caif_netlink_parms(): no params data found
[  858.631744][T14887] bridge0: port 1(bridge_slave_0) entered blocking state
[  858.639217][T14887] bridge0: port 1(bridge_slave_0) entered disabled state
[  858.646696][T14887] bridge_slave_0: entered allmulticast mode
[  858.660332][T14887] bridge_slave_0: entered promiscuous mode
[  858.675170][T14887] bridge0: port 2(bridge_slave_1) entered blocking state
[  858.683321][T14887] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.695359][T14887] bridge_slave_1: entered allmulticast mode
[  858.705990][T14887] bridge_slave_1: entered promiscuous mode
[  858.753351][T14891] chnl_net:caif_netlink_parms(): no params data found
[  858.799833][T14887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  858.842593][T14887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  858.882298][T14925] xt_hashlimit: size too large, truncated to 1048576
[  858.985705][T14929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3122'.
[  859.020971][T14887] team0: Port device team_slave_0 added
[  859.138766][T14887] team0: Port device team_slave_1 added
[  859.342221][T14887] batman_adv: batadv0: Adding interface: batadv_slave_0
[  859.349986][T10077] Bluetooth: hci4: command tx timeout
[  859.350224][T14887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  859.388224][T14887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  859.409997][T14887] batman_adv: batadv0: Adding interface: batadv_slave_1
[  859.417098][T14887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  859.448900][T14887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  859.509408][T10077] Bluetooth: hci6: command tx timeout
[  859.541141][ T5923] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  859.626750][T14891] bridge0: port 1(bridge_slave_0) entered blocking state
[  859.637252][T14891] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.644599][T14891] bridge_slave_0: entered allmulticast mode
[  859.654753][T14891] bridge_slave_0: entered promiscuous mode
[  859.664090][T14891] bridge0: port 2(bridge_slave_1) entered blocking state
[  859.671931][T14891] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.679435][T14891] bridge_slave_1: entered allmulticast mode
[  859.687024][T14891] bridge_slave_1: entered promiscuous mode
[  859.710578][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  859.722660][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  859.735308][ T5923] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  859.748424][ T5923] usb 5-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  859.772773][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.789659][ T5923] usb 5-1: config 0 descriptor??
[  859.798207][T14937] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  859.843740][T14887] hsr_slave_0: entered promiscuous mode
[  859.853849][T14887] hsr_slave_1: entered promiscuous mode
[  859.861365][T14887] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  859.869114][T14887] Cannot create hsr debugfs directory
[  859.881792][T14891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.895986][T14891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  859.984914][T14891] team0: Port device team_slave_0 added
[  860.009322][T14891] team0: Port device team_slave_1 added
[  860.096001][T14891] batman_adv: batadv0: Adding interface: batadv_slave_0
[  860.103618][T14891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.129992][T14891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  860.144033][T14891] batman_adv: batadv0: Adding interface: batadv_slave_1
[  860.162008][T14891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.198129][T14891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  860.235734][ T5923] aureal 0003:0755:2626.0004: unknown main item tag 0x6
[  860.260275][ T5923] aureal 0003:0755:2626.0004: report_id 29495 is invalid
[  860.277950][ T5923] aureal 0003:0755:2626.0004: item 0 2 1 8 parsing failed
[  860.287100][ T5923] aureal 0003:0755:2626.0004: probe with driver aureal failed with error -22
[  860.532883][ T5924] usb 5-1: USB disconnect, device number 8
[  860.626805][T14891] hsr_slave_0: entered promiscuous mode
[  860.641759][T14891] hsr_slave_1: entered promiscuous mode
[  860.648060][T14891] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  860.657065][T14891] Cannot create hsr debugfs directory
[  860.731130][T14951] netlink: 16162 bytes leftover after parsing attributes in process `syz.1.3127'.
[  861.428562][T10077] Bluetooth: hci4: command tx timeout
[  861.588752][T10077] Bluetooth: hci6: command tx timeout
[  862.662427][T14955] delete_channel: no stack
[  862.945412][T14887] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  863.009704][T14887] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  863.093173][T14887] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  863.138481][T14887] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  863.185995][T14977] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3136'.
[  863.509621][T10077] Bluetooth: hci4: command tx timeout
[  863.658016][T14891] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  863.670255][T10077] Bluetooth: hci6: command tx timeout
[  863.713340][T14891] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  863.770032][T14891] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  863.807884][T14891] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  863.925337][T14887] 8021q: adding VLAN 0 to HW filter on device bond0
[  864.517591][T14887] 8021q: adding VLAN 0 to HW filter on device team0
[  864.560293][T10454] bridge0: port 1(bridge_slave_0) entered blocking state
[  864.567497][T10454] bridge0: port 1(bridge_slave_0) entered forwarding state
[  864.621881][T15009] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  864.643600][T10461] Bluetooth: hci7: Frame reassembly failed (-84)
[  864.771402][T10454] bridge0: port 2(bridge_slave_1) entered blocking state
[  864.778689][T10454] bridge0: port 2(bridge_slave_1) entered forwarding state
[  865.490153][T14887] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  865.505234][T14887] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  865.588720][T10078] Bluetooth: hci4: command tx timeout
[  865.751303][T14891] 8021q: adding VLAN 0 to HW filter on device bond0
[  865.753056][T10078] Bluetooth: hci6: command tx timeout
[  866.628921][T10077] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  866.636703][T10078] Bluetooth: hci7: command 0x1003 tx timeout
[  866.750862][T14891] 8021q: adding VLAN 0 to HW filter on device team0
[  866.816016][T10466] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.823284][T10466] bridge0: port 1(bridge_slave_0) entered forwarding state
[  866.835533][T10466] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.842814][T10466] bridge0: port 2(bridge_slave_1) entered forwarding state
[  867.416677][T14887] 8021q: adding VLAN 0 to HW filter on device batadv0
[  868.787406][T14891] 8021q: adding VLAN 0 to HW filter on device batadv0
[  871.258555][ T1208] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  871.489596][ T1208] usb 5-1: Using ep0 maxpacket: 32
[  871.533799][ T1208] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  871.593755][ T1208] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  871.786590][ T1208] usb 5-1: config 0 descriptor??
[  872.280176][ T1208] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  872.294912][T14887] veth0_vlan: entered promiscuous mode
[  872.308835][T14887] veth1_vlan: entered promiscuous mode
[  872.353049][ T1208] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  872.397088][T14887] veth0_macvtap: entered promiscuous mode
[  872.417046][ T1208] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  872.436621][T14891] veth0_vlan: entered promiscuous mode
[  872.456894][T15105] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3159'.
[  872.471583][ T1208] usb 5-1: media controller created
[  872.490704][T14887] veth1_macvtap: entered promiscuous mode
[  872.512314][T14891] veth1_vlan: entered promiscuous mode
[  872.539439][ T1208] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  872.578189][T14887] batman_adv: batadv0: Interface activated: batadv_slave_0
[  872.609338][T14887] batman_adv: batadv0: Interface activated: batadv_slave_1
[  872.653278][T14887] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  872.664469][T14887] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  872.673597][T14887] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  872.683178][T14887] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  872.730562][ T1208] az6027: usb out operation failed. (-71)
[  872.829753][T14891] veth0_macvtap: entered promiscuous mode
[  872.863698][T14891] veth1_macvtap: entered promiscuous mode
[  872.916044][ T1208] az6027: usb out operation failed. (-71)
[  872.925869][ T1208] stb0899_attach: Driver disabled by Kconfig
[  872.945617][ T1208] az6027: no front-end attached
[  872.945617][ T1208] 
[  872.987376][ T1208] az6027: usb out operation failed. (-71)
[  872.998473][ T5924] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  873.021871][ T1208] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  873.034281][T14891] batman_adv: batadv0: Interface activated: batadv_slave_0
[  873.080422][ T1208] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input34
[  873.127612][ T1208] dvb-usb: schedule remote query interval to 400 msecs.
[  873.146749][ T1208] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  873.166414][ T5924] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  873.186859][ T5924] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.211512][T14891] batman_adv: batadv0: Interface activated: batadv_slave_1
[  873.223776][ T1208] usb 5-1: USB disconnect, device number 9
[  873.246547][ T5924] usb 2-1: config 0 descriptor??
[  873.289275][ T5924] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  873.520053][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  873.542522][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  873.555559][T14891] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  873.570731][ T1208] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  873.609929][T14891] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  873.622240][T14891] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  873.672621][T14891] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  873.832768][T10415] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  873.856967][T10415] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  875.536270][ T5924] usb 2-1: USB disconnect, device number 9
[  875.555910][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  875.592095][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  875.592575][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  875.601362][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  876.506156][T10406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  876.519139][T10406] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  877.104169][T15150] delete_channel: no stack
[  877.449624][T15158] sp0: Synchronizing with TNC
[  877.956558][T15145] [U] è
[  879.809366][ T5971] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  879.984508][ T5971] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  880.015873][ T5971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  880.067384][ T5971] usb 5-1: config 0 descriptor??
[  880.097212][ T5971] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  880.121540][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  880.121559][   T30] audit: type=1326 audit(1752774384.016:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  880.193006][   T30] audit: type=1326 audit(1752774384.046:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  880.314859][   T30] audit: type=1326 audit(1752774384.046:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  880.529016][   T30] audit: type=1326 audit(1752774384.046:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  880.552751][   T30] audit: type=1326 audit(1752774384.046:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  880.643857][T15197] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  880.655858][T15197] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0'
[  880.714627][T15197] sp0: Synchronizing with TNC
[  881.233152][T15194] [U] è
[  881.319004][   T30] audit: type=1326 audit(1752774384.046:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  881.419702][   T30] audit: type=1326 audit(1752774384.056:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  881.448594][   T30] audit: type=1326 audit(1752774384.056:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  881.472198][   T30] audit: type=1326 audit(1752774384.056:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  881.494661][   T30] audit: type=1326 audit(1752774384.056:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15190 comm="syz.7.3188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f298c98e929 code=0x7ffc0000
[  881.862549][T15201] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3193'.
[  882.646853][T15210] loop6: detected capacity change from 0 to 63
[  882.762778][T15213] buffer_io_error: 4 callbacks suppressed
[  882.762800][T15213] Buffer I/O error on dev loop6, logical block 0, async page read
[  882.812438][T15213] Buffer I/O error on dev loop6, logical block 1, async page read
[  882.822017][T15213] Buffer I/O error on dev loop6, logical block 2, async page read
[  882.831020][T15213] Buffer I/O error on dev loop6, logical block 3, async page read
[  882.871748][T15213] Buffer I/O error on dev loop6, logical block 0, async page read
[  882.895894][T15213] Buffer I/O error on dev loop6, logical block 1, async page read
[  882.934444][T15213] Buffer I/O error on dev loop6, logical block 2, async page read
[  882.963504][T15213] Buffer I/O error on dev loop6, logical block 3, async page read
[  884.349053][ T5971] usb 5-1: USB disconnect, device number 10
[  885.683887][T15250] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  888.128600][ T5923] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  888.576708][ T5923] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  888.628654][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  888.675051][ T5923] usb 5-1: config 0 descriptor??
[  888.691766][ T5971] libceph: connect (1)[c::]:6789 error -101
[  888.698691][ T5971] libceph: mon0 (1)[c::]:6789 connect error
[  888.889782][T15276] ceph: No mds server is up or the cluster is laggy
[  889.667710][ T5923] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  891.767548][ T5923] usb 5-1: USB disconnect, device number 11
[  891.778172][T15306] block device autoloading is deprecated and will be removed.
[  893.443404][T15310] serio: Serial port ptm0
[  893.544577][T15324] xt_hashlimit: size too large, truncated to 1048576
[  893.608441][T15326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3236'.
[  894.886648][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  894.886668][   T30] audit: type=1326 audit(1752774398.776:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15340 comm="syz.1.3241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  894.955580][   T30] audit: type=1326 audit(1752774398.776:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15340 comm="syz.1.3241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  894.979308][   T30] audit: type=1326 audit(1752774398.786:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15340 comm="syz.1.3241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  895.001081][   T30] audit: type=1326 audit(1752774398.786:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15340 comm="syz.1.3241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  895.059650][   T30] audit: type=1326 audit(1752774398.786:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15340 comm="syz.1.3241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  895.134572][   T30] audit: type=1326 audit(1752774398.786:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15340 comm="syz.1.3241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  895.340978][T15116] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  895.373491][T15357] ALSA: seq fatal error: cannot create timer (-22)
[  895.749679][T15116] usb 8-1: Using ep0 maxpacket: 32
[  895.913284][T15116] usb 8-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  895.924186][T15116] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  895.945343][T15116] usb 8-1: config 0 descriptor??
[  896.169261][T15116] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  896.197097][T15116] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  896.231798][T15116] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  896.246214][T15116] usb 8-1: media controller created
[  896.401576][T15347] az6027: more than 2 i2c messages at a time is not handled yet. TODO.
[  896.426291][T15368] 9pnet_fd: Insufficient options for proto=fd
[  896.460275][T15116] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  896.516310][T15116] az6027: usb out operation failed. (-71)
[  896.558249][T15116] az6027: usb out operation failed. (-71)
[  896.588702][T15116] stb0899_attach: Driver disabled by Kconfig
[  896.608598][T15116] az6027: no front-end attached
[  896.608598][T15116] 
[  896.660250][T15116] az6027: usb out operation failed. (-71)
[  896.666060][T15116] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  896.717523][T15116] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.7/usb8/8-1/input/input38
[  896.754331][T15116] dvb-usb: schedule remote query interval to 400 msecs.
[  896.762592][T15116] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  896.777262][T15116] usb 8-1: USB disconnect, device number 2
[  897.205946][T15116] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  897.757960][   T30] audit: type=1326 audit(1752774401.626:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15380 comm="syz.6.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923558e929 code=0x7ffc0000
[  898.220692][   T30] audit: type=1326 audit(1752774401.686:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15380 comm="syz.6.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923558e929 code=0x7ffc0000
[  898.498394][   T30] audit: type=1326 audit(1752774401.686:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15380 comm="syz.6.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f923558e929 code=0x7ffc0000
[  898.623252][   T30] audit: type=1326 audit(1752774401.706:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15380 comm="syz.6.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923558e929 code=0x7ffc0000
[  899.079270][T15396] xt_hashlimit: size too large, truncated to 1048576
[  899.170744][T15393] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3259'.
[  900.712233][T15412] 9pnet_fd: Insufficient options for proto=fd
[  902.058530][ T1208] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  902.588558][ T1208] usb 4-1: Using ep0 maxpacket: 8
[  902.600886][ T1208] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  902.618310][ T1208] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  902.680903][T15450] netlink: 'syz.7.3280': attribute type 1 has an invalid length.
[  902.688950][T15450] netlink: 'syz.7.3280': attribute type 4 has an invalid length.
[  902.696755][T15450] netlink: 9462 bytes leftover after parsing attributes in process `syz.7.3280'.
[  903.234085][ T1208] usb 4-1: Product: syz
[  903.239181][ T1208] usb 4-1: Manufacturer: syz
[  903.244445][ T1208] usb 4-1: SerialNumber: syz
[  903.253333][ T1208] usb 4-1: config 0 descriptor??
[  903.597599][ T1208] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  905.425624][ T1208] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  905.448350][ T1208] usb 4-1: USB disconnect, device number 18
[  908.467161][T15551] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3320'.
[  909.868059][T15563] ALSA: seq fatal error: cannot create timer (-22)
[  912.234353][T15603] ALSA: seq fatal error: cannot create timer (-22)
[  912.639094][T15585] delete_channel: no stack
[  914.221780][T15635] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input39
[  915.938988][ T1208] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  916.029443][ T5924] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  916.219913][T15672] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input40
[  916.766920][ T5924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  916.786682][ T1208] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  916.803712][ T5924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  916.828340][ T1208] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  916.838157][ T1208] usb 8-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  916.847349][ T5924] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  916.877036][ T1208] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  916.887213][ T5924] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  917.090582][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  917.155698][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  917.870623][ T1208] usb 8-1: config 0 descriptor??
[  917.875958][ T5924] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.891977][ T5924] usb 4-1: config 0 descriptor??
[  918.344463][ T5924] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  918.373357][ T1208] hid-u2fzero 0003:10C4:8ACF.0006: hidraw1: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.7-1/input0
[  918.405742][ T1208] hid-u2fzero 0003:10C4:8ACF.0006: U2F Zero LED initialised
[  918.568580][ T1208] hid-u2fzero 0003:10C4:8ACF.0006: U2F Zero RNG initialised
[  918.591460][ T1208] usb 8-1: USB disconnect, device number 3
[  918.618634][T11724] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  918.724885][    C1] plantronics 0003:047F:FFFF.0005: hid_field_extract() called with n (132) > 32! (swapper/1)
[  918.789001][T11724] usb 5-1: device descriptor read/64, error -71
[  918.942193][ T5923] usb 4-1: USB disconnect, device number 19
[  919.175221][T11724] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  920.108461][T11724] usb 5-1: device descriptor read/64, error -71
[  920.829218][T11724] usb usb5-port1: attempt power cycle
[  921.305383][T11724] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  921.788968][T15715] loop6: detected capacity change from 0 to 63
[  921.924826][T15718] netlink: 'syz.4.3383': attribute type 1 has an invalid length.
[  921.958829][T11724] usb 5-1: device not accepting address 14, error -71
[  921.973193][T15718] netlink: 244 bytes leftover after parsing attributes in process `syz.4.3383'.
[  925.389251][T15751] loop6: detected capacity change from 0 to 63
[  930.571220][T15821] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3421'.
[  930.738436][ T5971] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  930.762360][T10077] Bluetooth: hci6: unexpected cc 0x203e length: 2 > 1
[  930.889616][ T5971] usb 4-1: Using ep0 maxpacket: 8
[  930.904489][ T5971] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  930.914079][ T5971] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  930.924400][ T5971] usb 4-1: Product: syz
[  931.005305][ T5971] usb 4-1: Manufacturer: syz
[  931.043933][ T5971] usb 4-1: SerialNumber: syz
[  931.678652][ T5971] usb 4-1: config 0 descriptor??
[  931.890371][ T5971] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  932.144935][T10077] Bluetooth: hci4: ACL packet too small
[  932.667730][T15866] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  933.211136][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  933.219253][ T5971] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  933.237828][ T5971] usb 4-1: USB disconnect, device number 20
[  933.791010][T15872] delete_channel: no stack
[  933.942222][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  933.942265][   T30] audit: type=1326 audit(1752774437.836:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15891 comm="syz.3.3450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f934618e929 code=0x7ffc0000
[  934.028634][   T30] audit: type=1326 audit(1752774437.836:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15891 comm="syz.3.3450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f934618e929 code=0x7ffc0000
[  934.162871][T10077] Bluetooth: hci2: ACL packet too small
[  934.188388][   T30] audit: type=1326 audit(1752774437.836:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15891 comm="syz.3.3450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f934618e929 code=0x7ffc0000
[  934.218785][   T30] audit: type=1326 audit(1752774437.836:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15891 comm="syz.3.3450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f934618e929 code=0x7ffc0000
[  934.247203][   T30] audit: type=1326 audit(1752774437.836:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15891 comm="syz.3.3450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f934618e929 code=0x7ffc0000
[  934.301033][T15900] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  935.358787][   T30] audit: type=1326 audit(1752774439.246:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15921 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  935.511976][   T30] audit: type=1326 audit(1752774439.256:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15921 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  935.573181][T15928] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  935.577345][   T30] audit: type=1326 audit(1752774439.256:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15921 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  935.625961][   T30] audit: type=1326 audit(1752774439.256:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15921 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  935.683657][   T30] audit: type=1326 audit(1752774439.256:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15921 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4b38e929 code=0x7ffc0000
[  935.989598][T10077] Bluetooth: hci3: ACL packet too small
[  936.268552][T15940] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input41
[  937.108884][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  937.115319][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  937.898410][T10077] Bluetooth: hci4: ACL packet too small
[  939.064493][   T30] kauditd_printk_skb: 426 callbacks suppressed
[  939.064516][   T30] audit: type=1326 audit(1752774442.916:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  939.122923][   T30] audit: type=1326 audit(1752774442.996:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  939.465446][   T30] audit: type=1326 audit(1752774442.996:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  939.762253][   T30] audit: type=1326 audit(1752774442.996:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  943.238457][T15987] 9pnet: Could not find request transport: fd0x0000000000000005
[  943.323755][   T30] audit: type=1326 audit(1752774442.996:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  943.457671][   T30] audit: type=1326 audit(1752774442.996:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  943.652303][   T30] audit: type=1326 audit(1752774442.996:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  943.787398][   T30] audit: type=1326 audit(1752774442.996:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  943.966552][   T30] audit: type=1326 audit(1752774443.006:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  944.138879][   T30] audit: type=1326 audit(1752774443.006:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  944.376651][   T30] audit: type=1326 audit(1752774443.006:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  944.628262][    C0] sched: DL replenish lagged too much
[  944.672779][   T30] audit: type=1326 audit(1752774443.006:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  944.918332][   T30] audit: type=1326 audit(1752774443.006:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  945.208390][   T30] audit: type=1326 audit(1752774443.006:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  945.498361][   T30] audit: type=1326 audit(1752774443.006:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  945.766987][   T30] audit: type=1326 audit(1752774443.006:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  946.058493][   T30] audit: type=1326 audit(1752774443.006:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  946.398493][   T30] audit: type=1326 audit(1752774443.006:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  946.563544][   T30] audit: type=1326 audit(1752774443.006:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15982 comm="syz.1.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fd671d8e929 code=0x7ffc0000
[  950.678436][   T30] audit: type=1326 audit(1752774442.126:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  954.178522][   T30] audit: type=1326 audit(1752774443.056:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  955.038416][T10077] Bluetooth: hci2: ACL packet too small
[  955.061000][   T30] audit: type=1326 audit(1752774443.056:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  955.258379][   T30] audit: type=1326 audit(1752774443.056:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  955.448408][   T30] audit: type=1326 audit(1752774443.056:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  955.615000][   T30] audit: type=1326 audit(1752774443.056:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  955.733295][   T30] audit: type=1326 audit(1752774443.056:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  955.969778][   T30] audit: type=1326 audit(1752774443.056:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  956.210302][   T30] audit: type=1326 audit(1752774443.056:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  956.395596][   T30] audit: type=1326 audit(1752774443.056:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  956.593616][   T30] audit: type=1326 audit(1752774443.056:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  956.782601][   T30] audit: type=1326 audit(1752774443.056:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  956.932799][T16028] netlink: 60 bytes leftover after parsing attributes in process `syz.7.3505'.
[  956.978408][   T30] audit: type=1326 audit(1752774443.056:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  957.343117][   T30] audit: type=1326 audit(1752774443.056:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  957.726403][   T30] audit: type=1326 audit(1752774443.056:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  957.828780][   T30] audit: type=1326 audit(1752774443.056:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15945 comm="syz.3.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f934612ab19 code=0x7ffc0000
[  958.043665][T10078] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  958.057263][T10078] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  958.066561][T10078] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  958.079951][T10078] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  958.087786][T10078] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  959.671683][T16033] chnl_net:caif_netlink_parms(): no params data found
[  960.148673][T10077] Bluetooth: hci7: command tx timeout
[  961.885823][T10078] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  961.897054][T10078] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  961.907113][T10078] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  961.927483][T10078] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  961.946736][T10078] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  962.798463][T10078] Bluetooth: hci7: command tx timeout
[  963.663391][T16033] bridge0: port 1(bridge_slave_0) entered blocking state
[  963.723018][T16033] bridge0: port 1(bridge_slave_0) entered disabled state
[  963.768768][T16033] bridge_slave_0: entered allmulticast mode
[  963.851774][T16033] bridge_slave_0: entered promiscuous mode
[  963.900216][T16033] bridge0: port 2(bridge_slave_1) entered blocking state
[  963.915707][T16033] bridge0: port 2(bridge_slave_1) entered disabled state
[  963.942206][T16033] bridge_slave_1: entered allmulticast mode
[  963.962906][T16033] bridge_slave_1: entered promiscuous mode
[  963.988608][T10077] Bluetooth: hci8: command tx timeout
[  964.252099][T16033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  964.282941][T16033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  964.543118][T16033] team0: Port device team_slave_0 added
[  964.576793][T16033] team0: Port device team_slave_1 added
[  964.827822][T16033] batman_adv: batadv0: Adding interface: batadv_slave_0
[  964.859155][T16033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  964.898401][T10077] Bluetooth: hci7: command tx timeout
[  964.944942][T16033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  965.055558][T16033] batman_adv: batadv0: Adding interface: batadv_slave_1
[  965.067704][T16033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  965.099368][T16033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  965.401009][T16033] hsr_slave_0: entered promiscuous mode
[  965.407882][T16033] hsr_slave_1: entered promiscuous mode
[  965.433597][T16033] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  965.456635][T16033] Cannot create hsr debugfs directory
[  965.706495][ T5954] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  966.069806][T10077] Bluetooth: hci8: command tx timeout
[  966.303202][T16048] chnl_net:caif_netlink_parms(): no params data found
[  966.773208][T16048] bridge0: port 1(bridge_slave_0) entered blocking state
[  966.788917][T16048] bridge0: port 1(bridge_slave_0) entered disabled state
[  966.796308][T16048] bridge_slave_0: entered allmulticast mode
[  966.820911][T16048] bridge_slave_0: entered promiscuous mode
[  966.854327][T16048] bridge0: port 2(bridge_slave_1) entered blocking state
[  966.881977][T16048] bridge0: port 2(bridge_slave_1) entered disabled state
[  966.898589][T16048] bridge_slave_1: entered allmulticast mode
[  966.925671][T16048] bridge_slave_1: entered promiscuous mode
[  966.949122][T10077] Bluetooth: hci7: command tx timeout
[  967.047579][T16033] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  967.163949][T16033] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  967.197772][T16033] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  967.246903][T16048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  967.267685][T16033] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  967.328185][T16048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  967.492740][T16048] team0: Port device team_slave_0 added
[  967.514270][T16048] team0: Port device team_slave_1 added
[  967.682969][T16048] batman_adv: batadv0: Adding interface: batadv_slave_0
[  967.701789][T16048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  967.739823][T16048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  967.811135][T16048] batman_adv: batadv0: Adding interface: batadv_slave_1
[  967.818143][T16048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  967.866415][T16048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  968.135773][T16048] hsr_slave_0: entered promiscuous mode
[  968.145771][T16048] hsr_slave_1: entered promiscuous mode
[  968.153423][T10078] Bluetooth: hci8: command tx timeout
[  968.171589][T16048] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  968.188556][T16048] Cannot create hsr debugfs directory
[  968.526251][T16033] 8021q: adding VLAN 0 to HW filter on device bond0
[  968.638404][T16033] 8021q: adding VLAN 0 to HW filter on device team0
[  968.704741][ T8455] bridge0: port 1(bridge_slave_0) entered blocking state
[  968.711992][ T8455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  970.091071][T10078] Bluetooth: hci1: command 0x0406 tx timeout
[  970.130554][ T8455] bridge0: port 2(bridge_slave_1) entered blocking state
[  970.137810][ T8455] bridge0: port 2(bridge_slave_1) entered forwarding state
[  970.229168][T10077] Bluetooth: hci8: command tx timeout
[  970.490882][T16048] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  970.550872][T16048] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  970.584500][T16048] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  970.656432][T16048] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  971.120433][T16048] 8021q: adding VLAN 0 to HW filter on device bond0
[  971.211274][T16033] 8021q: adding VLAN 0 to HW filter on device batadv0
[  971.303982][T16048] 8021q: adding VLAN 0 to HW filter on device team0
[  971.380102][T10419] bridge0: port 1(bridge_slave_0) entered blocking state
[  971.387325][T10419] bridge0: port 1(bridge_slave_0) entered forwarding state
[  971.459816][T10419] bridge0: port 2(bridge_slave_1) entered blocking state
[  971.467183][T10419] bridge0: port 2(bridge_slave_1) entered forwarding state
[  974.470561][ T5954] usb 8-1: device descriptor read/64, error -110
[  975.128627][ T5954] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  975.329503][T16048] 8021q: adding VLAN 0 to HW filter on device batadv0
[  976.084381][T16033] veth0_vlan: entered promiscuous mode
[  976.130929][T10078] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  976.148914][T10078] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  976.158110][T10078] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  976.167130][T10078] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  976.175122][T10078] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  976.255672][T16033] veth1_vlan: entered promiscuous mode
[  976.381013][ T5954] usb 8-1: device descriptor read/64, error -32
[  976.435712][T16033] veth0_macvtap: entered promiscuous mode
[  976.652896][ T5954] usb usb8-port1: attempt power cycle
[  976.712066][T16033] veth1_macvtap: entered promiscuous mode
[  977.613012][T10078] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  977.625651][T10078] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  977.648432][T10078] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  977.686080][T10078] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  977.695325][T10078] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  978.229394][T10077] Bluetooth: hci3: command tx timeout
[  978.300493][ T5954] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  978.402183][ T5954] usb 8-1: device descriptor read/8, error -32
[  979.414556][ T5954] raw-gadget.0 gadget.7: failed to queue reset event
[  980.188425][T10077] Bluetooth: hci1: command tx timeout
[  980.219596][T10078] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  980.722704][T10078] Bluetooth: hci3: command tx timeout
[  980.730837][T16101] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  980.775105][T16101] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  980.784440][T16101] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  980.794391][T16101] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  980.834013][ T5954] raw-gadget.0 gadget.7: failed to queue resume event
[  981.830054][   T31] INFO: task kworker/u8:43:10439 blocked for more than 143 seconds.
[  981.838142][   T31]       Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0
[  982.228716][T16101] Bluetooth: hci1: command tx timeout
[  982.788432][T16101] Bluetooth: hci3: command tx timeout
[  983.008390][T16101] Bluetooth: hci4: command tx timeout
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  984.197983][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  985.208437][T16101] Bluetooth: hci1: command tx timeout
[  985.213928][T16101] Bluetooth: hci3: command tx timeout
[  985.219432][T10077] Bluetooth: hci4: command tx timeout
[  985.268149][   T31] task:kworker/u8:43   state:D stack:23816 pid:10439 tgid:10439 ppid:2      task_flags:0x4208060 flags:0x00004000
[  985.928345][   T31] Workqueue: ib-unreg-wq ib_unregister_work
[  985.934342][   T31] Call Trace:
[  985.937665][   T31]  <TASK>
[  986.179429][   T31]  __schedule+0x16a2/0x4cb0
[  986.184138][   T31]  ? ret_from_fork_asm+0x1a/0x30
[  986.210506][   T31]  ? schedule+0x165/0x360
[  986.231052][   T31]  ? __lock_acquire+0xab9/0xd20
[  986.236005][   T31]  ? __pfx___schedule+0x10/0x10
[  986.270206][   T31]  ? schedule+0x91/0x360
[  986.274555][   T31]  schedule+0x165/0x360
[  986.298633][   T31]  schedule_timeout+0x9a/0x270
[  986.303501][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  986.359185][ T5954] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  986.693185][    C0] raw-gadget.0 gadget.7: ignoring, device is not running
[  986.708327][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  986.713634][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  986.726858][   T31]  ? wait_for_completion+0x267/0x5d0
[  986.738396][   T31]  wait_for_completion+0x2bf/0x5d0
[  986.743623][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  986.758038][   T31]  ? up_write+0x1c4/0x420
[  986.762642][   T31]  ? remove_client_context+0xc0/0x1e0
[  986.768135][   T31]  disable_device+0x1c6/0x320
[  986.787023][   T31]  ? __pfx_disable_device+0x10/0x10
[  986.798385][   T31]  __ib_unregister_device+0x2cb/0x3f0
[  986.803846][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  986.819417][   T31]  ib_unregister_work+0x19/0x30
[  986.824355][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  986.838457][   T31]  process_scheduled_works+0xade/0x17b0
[  986.844141][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  986.858665][   T31]  worker_thread+0x8a0/0xda0
[  986.863397][   T31]  kthread+0x711/0x8a0
[  986.867524][   T31]  ? __pfx_worker_thread+0x10/0x10
[  986.881031][   T31]  ? __pfx_kthread+0x10/0x10
[  986.885728][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  986.909710][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  986.915001][   T31]  ? __pfx_kthread+0x10/0x10
[  986.932105][   T31]  ret_from_fork+0x3fc/0x770
[  986.936796][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  986.954412][   T31]  ? __switch_to_asm+0x39/0x70
[  986.959673][   T31]  ? __switch_to_asm+0x33/0x70
[  986.964500][   T31]  ? __pfx_kthread+0x10/0x10
[  986.978353][   T31]  ret_from_fork_asm+0x1a/0x30
[  986.983233][   T31]  </TASK>
[  987.015480][   T31] 
[  987.015480][   T31] Showing all locks held in the system:
[  987.034180][   T31] 1 lock held by pool_workqueue_/3:
[  987.045311][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  987.058522][   T31] 3 locks held by kworker/u8:0/12:
[  987.063764][   T31]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  987.136783][   T31]  #1: ffffc90000117bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  987.157171][   T31]  #2: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  987.178550][   T31] 1 lock held by khungtaskd/31:
[  987.183479][   T31]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  987.227372][   T31] 2 locks held by getty/5599:
[  987.260068][   T31]  #0: ffff88814d6900a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  987.271877][T10077] Bluetooth: hci4: command tx timeout
[  987.278563][T16101] Bluetooth: hci1: command tx timeout
[  987.308413][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  987.328711][   T31] 2 locks held by kworker/0:3/5903:
[  987.334002][   T31] 5 locks held by kworker/0:6/5954:
[  987.365771][   T31] 3 locks held by kworker/u8:42/10438:
[  987.372075][   T31]  #0: ffff888030958148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  987.394458][   T31]  #1: ffffc9000b1f7bc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  987.417845][   T31]  #2: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x112/0x14b0
[  987.427606][   T31] 3 locks held by kworker/u8:43/10439:
[  987.455424][   T31]  #0: ffff88814528f948 ((wq_completion)ib-unreg-wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  987.476105][   T31]  #1: ffffc900037a7bc0 ((work_completion)(&device->unregistration_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  987.500391][   T31]  #2: ffff8880349306d0 (&device->unregistration_lock){+.+.}-{4:4}, at: __ib_unregister_device+0x284/0x3f0
[  987.519500][   T31] 4 locks held by kworker/u8:55/10462:
[  987.525030][   T31]  #0: ffff88801b2fb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  987.547437][   T31]  #1: ffffc90003387bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  987.567699][   T31]  #2: ffffffff8f4fce50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  987.577586][   T31]  #3: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: netdev_run_todo+0x79b/0xea0
[  987.609571][   T31] 2 locks held by syz.5.2997/14581:
[  987.614856][   T31]  #0: ffffffff8f4fce50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  987.634835][   T31]  #1: ffff8880349306d0 (&device->unregistration_lock){+.+.}-{4:4}, at: rdma_dev_change_netns+0x39/0x300
[  987.657921][   T31] 2 locks held by syz.0.3001/14607:
[  987.663348][   T31]  #0: ffffffff8f4fce50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  987.682778][   T31]  #1: ffff8880349306d0 (&device->unregistration_lock){+.+.}-{4:4}, at: rdma_dev_change_netns+0x39/0x300
[  987.696242][   T31] 1 lock held by syz.7.3505/16027:
[  987.719851][   T31] 1 lock held by syz-executor/16033:
[  987.725317][   T31]  #0: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  987.745120][   T31] 1 lock held by syz.4.3507/16038:
[  987.755737][   T31]  #0: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  987.773993][   T31] 1 lock held by syz-executor/16048:
[  987.782872][   T31]  #0: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: inet6_rtm_newaddr+0x5b7/0xd20
[  987.802956][   T31] 5 locks held by kworker/0:7/16052:
[  987.814800][   T31] 2 locks held by syz-executor/16092:
[  987.830124][   T31]  #0: ffffffff8f4fce50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  987.853323][   T31]  #1: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  987.872521][   T31] 1 lock held by syz-executor/16097:
[  987.877883][   T31]  #0: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  987.888809][   T31] 1 lock held by syz-executor/16099:
[  987.894153][   T31]  #0: ffffffff8f509a48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  987.913903][   T31] 
[  987.916306][   T31] =============================================
[  987.916306][   T31] 
[  987.939831][   T31] NMI backtrace for cpu 1
[  987.939854][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(full) 
[  987.939878][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  987.939891][   T31] Call Trace:
[  987.939899][   T31]  <TASK>
[  987.939909][   T31]  dump_stack_lvl+0x189/0x250
[  987.939936][   T31]  ? __wake_up_klogd+0xd9/0x110
[  987.939966][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  987.939988][   T31]  ? __pfx__printk+0x10/0x10
[  987.940027][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  987.940060][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  987.940085][   T31]  ? _printk+0xcf/0x120
[  987.940115][   T31]  ? __pfx__printk+0x10/0x10
[  987.940144][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  987.940177][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  987.940208][   T31]  watchdog+0xfee/0x1030
[  987.940241][   T31]  ? watchdog+0x1de/0x1030
[  987.940279][   T31]  kthread+0x711/0x8a0
[  987.940316][   T31]  ? __pfx_watchdog+0x10/0x10
[  987.940344][   T31]  ? __pfx_kthread+0x10/0x10
[  987.940373][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  987.940403][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  987.940420][   T31]  ? __pfx_kthread+0x10/0x10
[  987.940448][   T31]  ret_from_fork+0x3fc/0x770
[  987.940471][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  987.940498][   T31]  ? __switch_to_asm+0x39/0x70
[  987.940521][   T31]  ? __switch_to_asm+0x33/0x70
[  987.940544][   T31]  ? __pfx_kthread+0x10/0x10
[  987.940572][   T31]  ret_from_fork_asm+0x1a/0x30
[  987.940613][   T31]  </TASK>
[  987.940621][   T31] Sending NMI from CPU 1 to CPUs 0:
[  988.103629][    C0] NMI backtrace for cpu 0
[  988.103646][    C0] CPU: 0 UID: 0 PID: 16052 Comm: kworker/0:7 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(full) 
[  988.103668][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  988.103680][    C0] Workqueue: events_power_efficient neigh_periodic_work
[  988.103708][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70
[  988.103734][    C0] Code: 89 fb e8 23 00 00 00 48 8b 3d 14 5c fa 0b 48 89 de 5b e9 b3 1f 55 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 08 60 9c 92 65 8b 15 f8 37
[  988.103749][    C0] RSP: 0018:ffffc90000007818 EFLAGS: 00000246
[  988.103763][    C0] RAX: 1ffff11008ae083b RBX: ffff8880457041d8 RCX: ffff88802f65da00
[  988.103777][    C0] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 0000000000000000
[  988.103787][    C0] RBP: ffffc90000007a88 R08: ffffc900000079ff R09: 0000000000000000
[  988.103799][    C0] R10: ffffc90000007990 R11: fffff52000000f40 R12: ffff888045704100
[  988.103811][    C0] R13: dffffc0000000000 R14: ffffffff8fa24c68 R15: ffff8880457041d8
[  988.103824][    C0] FS:  0000000000000000(0000) GS:ffff888125c5a000(0000) knlGS:0000000000000000
[  988.103838][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  988.103850][    C0] CR2: 00007ffd3fd30fec CR3: 0000000033de6000 CR4: 00000000003526f0
[  988.103865][    C0] Call Trace:
[  988.103872][    C0]  <IRQ>
[  988.103878][    C0]  __netif_receive_skb_core+0x3606/0x4180
[  988.103907][    C0]  ? NF_HOOK+0x9a/0x3a0
[  988.103928][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  988.103950][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  988.103974][    C0]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  988.104012][    C0]  ? process_backlog+0x2d5/0x14f0
[  988.104033][    C0]  ? process_backlog+0x2d5/0x14f0
[  988.104055][    C0]  __netif_receive_skb+0x72/0x380
[  988.104075][    C0]  ? process_backlog+0x2d5/0x14f0
[  988.104096][    C0]  process_backlog+0x60e/0x14f0
[  988.104116][    C0]  ? __lock_acquire+0xab9/0xd20
[  988.104138][    C0]  ? __pfx_process_backlog+0x10/0x10
[  988.104164][    C0]  __napi_poll+0xc4/0x480
[  988.104180][    C0]  ? net_rx_action+0x46d/0xe30
[  988.104202][    C0]  net_rx_action+0x707/0xe30
[  988.104222][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  988.104256][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  988.104296][    C0]  handle_softirqs+0x283/0x870
[  988.104316][    C0]  ? do_softirq+0xec/0x180
[  988.104335][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  988.104356][    C0]  ? neigh_periodic_work+0xb41/0xd60
[  988.104377][    C0]  do_softirq+0xec/0x180
[  988.104393][    C0]  </IRQ>
[  988.104398][    C0]  <TASK>
[  988.104405][    C0]  ? __pfx_do_softirq+0x10/0x10
[  988.104426][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  988.104453][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  988.104471][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  988.104488][    C0]  ? neigh_periodic_work+0xb41/0xd60
[  988.104510][    C0]  ? neigh_periodic_work+0xb41/0xd60
[  988.104538][    C0]  neigh_periodic_work+0xb41/0xd60
[  988.104562][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  988.104581][    C0]  process_scheduled_works+0xade/0x17b0
[  988.104614][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  988.104640][    C0]  worker_thread+0x8a0/0xda0
[  988.104672][    C0]  kthread+0x711/0x8a0
[  988.104695][    C0]  ? __pfx_worker_thread+0x10/0x10
[  988.104713][    C0]  ? __pfx_kthread+0x10/0x10
[  988.104735][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  988.104759][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  988.104774][    C0]  ? __pfx_kthread+0x10/0x10
[  988.104795][    C0]  ret_from_fork+0x3fc/0x770
[  988.104813][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  988.104832][    C0]  ? __switch_to_asm+0x39/0x70
[  988.104852][    C0]  ? __switch_to_asm+0x33/0x70
[  988.104872][    C0]  ? __pfx_kthread+0x10/0x10
[  988.104893][    C0]  ret_from_fork_asm+0x1a/0x30
[  988.104922][    C0]  </TASK>
[  988.131426][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  988.131461][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(full) 
[  988.131490][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  988.131506][   T31] Call Trace:
[  988.131518][   T31]  <TASK>
[  988.131529][   T31]  dump_stack_lvl+0x99/0x250
[  988.131563][   T31]  ? __asan_memcpy+0x40/0x70
[  988.131599][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  988.131626][   T31]  ? __pfx__printk+0x10/0x10
[  988.131671][   T31]  panic+0x2db/0x790
[  988.131702][   T31]  ? __pfx_panic+0x10/0x10
[  988.131727][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  988.131760][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  988.131796][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  988.131841][   T31]  watchdog+0x102d/0x1030
[  988.131881][   T31]  ? watchdog+0x1de/0x1030
[  988.131925][   T31]  kthread+0x711/0x8a0
[  988.131961][   T31]  ? __pfx_watchdog+0x10/0x10
[  988.131992][   T31]  ? __pfx_kthread+0x10/0x10
[  988.132026][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  988.132061][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  988.132081][   T31]  ? __pfx_kthread+0x10/0x10
[  988.132114][   T31]  ret_from_fork+0x3fc/0x770
[  988.132141][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  988.132170][   T31]  ? __switch_to_asm+0x39/0x70
[  988.132197][   T31]  ? __switch_to_asm+0x33/0x70
[  988.132224][   T31]  ? __pfx_kthread+0x10/0x10
[  988.132255][   T31]  ret_from_fork_asm+0x1a/0x30
[  988.132314][   T31]  </TASK>
[  988.625343][   T31] Kernel Offset: disabled
[  988.629779][   T31] Rebooting in 86400 seconds..