last executing test programs:

5m1.136668963s ago: executing program 3 (id=493):
r0 = syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a680000)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000180)='-,])\\\x00', &(0x7f00000001c0)='#+\xe3[}{]7)-}$\x00', 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r5, 0x29, 0x1, &(0x7f0000000040), 0x4)
write$sndseq(r0, &(0x7f0000001a80)=[{0x9, 0xc8, 0xd, 0xd2, @time={0x7, 0x1}, {0x9, 0xe}, {0x10, 0x8}, @raw32={[0xbcf, 0x5bd, 0xfffffffb]}}], 0x1c)

4m59.837227s ago: executing program 3 (id=497):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x109001, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0xee00)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = semget$private(0x0, 0x4, 0x29b)
move_mount(0xffffffffffffff9c, &(0x7f0000002f80)='./file0\x00', 0xffffffffffffffff, &(0x7f0000003040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x252)
semop(r6, &(0x7f0000000180)=[{}], 0x1)
socket$netlink(0x10, 0x3, 0x0)
semctl$SETALL(r6, 0x0, 0x11, &(0x7f0000000000))
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r7}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r5, &(0x7f0000000180)={0x1, 0x10, 0xfa00, {&(0x7f0000000140), r7}}, 0x18)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002", 0x29}], 0x1}, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8c, 0x240, 0x1, 0x2, 0xd59f82, 0x19f5, 0xacc, 0xb, 0x0, 0x3, 0x27fd, 0x2800, 0x440, 0x3, 0xd, 0x0, {0x45, 0x80}, 0xcd, 0x3}})

4m54.985313515s ago: executing program 3 (id=504):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="05000000040000000900000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
removexattr(0x0, 0x0)

4m53.584326835s ago: executing program 3 (id=506):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'macvlan1\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000010025bd7100fddbdf2500000000", @ANYRES32=r1], 0x48}, 0x1, 0x0, 0x0, 0x4004855}, 0x4840)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3404c045}, 0x10)

4m52.493570735s ago: executing program 3 (id=511):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x4, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x4, 0xb9, &(0x7f0000000440)=""/185, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x1, 0x5, 0x7}, 0x10, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000740)=[{0x2, 0x5, 0xe, 0x1}, {0x5, 0x3}, {0x5, 0x3, 0x0, 0xa}, {0x3, 0x2, 0x10, 0x3d0fad6d7b6fcb7a}, {0x4, 0x2, 0x1}, {0x3, 0x2, 0x0, 0xa}, {0x3, 0x4, 0x4, 0x6}, {0x1, 0x3, 0xc, 0x7}, {0x2, 0x5, 0x7, 0x4}], 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='f2fs_filemap_fault\x00', r0, 0x0, 0x3e3f}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000000180)="1000000000000000010000000c000000", 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000800)=ANY=[@ANYBLOB="9feb0100180000000000000002"], 0x0, 0x1a, 0x0, 0x6, 0x5}, 0x28)
r5 = syz_open_procfs(0x0, 0x0)
getdents(r5, &(0x7f0000000000)=""/42, 0x2a)
getdents64(r5, &(0x7f0000000080)=""/147, 0x93)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
renameat2(0xffffffffffffffff, &(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x5)
lseek(0xffffffffffffffff, 0x2004, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000"], 0xac}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a24000000020a0108000000000000000005000006080002400000000308000240"], 0x4c}}, 0xc050)

4m48.924357607s ago: executing program 3 (id=513):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
write$USERIO_CMD_REGISTER(r2, &(0x7f0000000100), 0x2)

4m33.442195656s ago: executing program 32 (id=513):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
write$USERIO_CMD_REGISTER(r2, &(0x7f0000000100), 0x2)

3m54.580678487s ago: executing program 4 (id=591):
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_clone3(0x0, 0x0)
getrlimit(0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000001b40)={'bond0\x00', {0x2, 0x4e20, @empty}})
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xcac2d78a}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r2, 0x5421, &(0x7f0000000140)=0x1)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
close(r2)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1461d, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ES={0x5, 0xa, 0x9}]}}}]}, 0x3c}}, 0x4000)

3m52.52733148s ago: executing program 4 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
read$rfkill(r2, &(0x7f0000000080), 0x8)

3m52.131090756s ago: executing program 4 (id=598):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001340)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', 0x0, r0, 0x1, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x58, &(0x7f0000000240)}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setitimer(0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4, 0x0, &(0x7f0000000640)=[@register_looper={0x40086315}], 0x0, 0x0, 0x0})

3m48.984302887s ago: executing program 0 (id=610):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0x5, 0x0, 0x0)
shmget(0x2, 0x3000, 0x1000, &(0x7f0000ffc000/0x3000)=nil)
r1 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r1, 0x0, 0x0, 0x1, 0x3000)
msgrcv(r1, &(0x7f0000000140)={0x0, ""/140}, 0x94, 0x2, 0x1000)
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./mnt\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000680)={{0x3, 0x0, r2, 0x0, 0x0, 0xa2, 0x8000}, 0x0, 0x0, 0x0, 0x1, 0x5, 0x200000002bde, 0xffffffffffffff27, 0x9, 0x5, 0x9})
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180))

3m48.530380831s ago: executing program 4 (id=612):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

3m47.987985995s ago: executing program 4 (id=614):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010e7010000000000000000000000000a20000000000a03000000000000000000070000000c00044000000000000000021c000000090a"], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

3m47.981415974s ago: executing program 0 (id=615):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r1 = socket$inet6(0xa, 0x803, 0x6)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000180)={r1, r0})
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)="2585fe1f3ca36efaa3eda8d76adc8100", 0x10}], 0x1}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="d4b233d447b6fa2559917e863ee6a92f68828e9becdb1b3040508274b979054f70cfbd45448209063127ae71cd4095ab86a63cc823c0bb4a54f99bb2731715d333761a1865575c5444475e5a4a80d7d121fa102a4f9713f8b04150b312e8fa7a82d711c7635111282cc7566d398cdf2f3dd35e211704a6200cfdbbcb449a0f4aca2c1619b1ccd8c6eef53383a12789a8a1579654c0dd5a72cf723a8c8e208d73e783fe400b81e871245f91056ea15f158540082d7e660eab9d24e474441817fb0de4634c4603a733d5f50b905827a45555214e0a84071caa6dea2f9d60378578e554e1cbaadb9ecf746b6238d3403f9d1aa5231030fcd049", 0xf8}, {&(0x7f00000001c0)="c7ea96ff9040b928af7c99bce1be754ea5cc0f84dffed21deb25f7083394bd390ada603b3dc5d8029cd5", 0x2a}, {&(0x7f0000000480)="101ecdc398db30ab3623a18394c13b2d0a7c7300f52895abc7589b3fd478dc05bf7d63d8ecfb4cbb64a28a47bfa26632cbcb597ad291", 0x36}, {&(0x7f0000000540)="27941c2e5a0c7409dc8c3e58fa9deb0eb48d677fd224cc6991b82b94a29804548e9afc0b04ae3106232bf91c3a7f34e28b532b58277904737631249ffdbc1398dcfff5a494a536", 0x47}], 0x4}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000680)="23c78ee885a304bccaec2fb39d9274128f7996bae464b6fcb3db689ee53d40d9701bb9f18e3703e7f4206d9877d1feb9c7bfc34a5197617cc0e595d6c380f74a8a4dc48c5146b75e490dbbccf9d1e988d855f31702856b2a4d1eab9157bdbdc64e022aa2d69e10310db3abfda4b982b47bbe4bd2d07ba576cfdd0ea8074f8cb88d5677616757f6e876e242c66638c447df62540b3f12c154b50f46bcaf8865c558a2c5ca64b17953beb714a278e104c49518f840a2e8f55d8b35210baaf7c3b7677f6fbdfd7253b125993d51857c9f5ba920641ae717c8c75f9c", 0xda}, {&(0x7f0000000780)="7ccbb0966a955467bf905f3eb4105403e7b8461ea6d8f24dedb2ec90515c2c48476aa326a2cee8b32e2b0a94fb92f09026a79ba99833f12058e34359e49252c3cd8f445bc62fc082cefbb68cf494914e61d7fdba2f9107965a", 0x59}, {&(0x7f0000005180)="f3f38b849dc806ec5c7dfd542bf89cb986bd977298a337819a6b924fea21e7097f315c508e9325b6e2d26618f8ae01d6147746d02c369acc0e808d7bc29a5ded72553545635be8e64789a44ca30d22891704a2c436a9992c9732039fc05194d48596cf2ee50be81348f40d36d3b55a590a9ee0b8bb8c13f65fc5f0c480ebf987a04368ced0097dc8098f296441e6b271241221014f8c68ee7733b4cbeb6eb31bdb3812c4bb33d6e85ef13d505b9e9a3bbd2a8a7f78b46177a5030134ab337c47ca13408beeb6e2492ac51ec021d046b705a79311a53c1a9fa913b21bd7e0ddc3e741030f035ea39f3379dc1889a2fa1c6f1090b866b85cb5ccb8aa38ca11a1e17dab3547ec4ba9dfa1ec2692de9542c3a330b6ee0b1afdeaa5724af2d8470edac84b39636f72c7ff1083f13554a6ebd43833ceefc4a0239e4d9db6cacef462dc3fb35c841105a6b585ff0fc57ea98e7d5a0bcd06431d23a8aa91da3cad1fce071eedc723bc8133e6f024844a561f9ba28f528fa1186ee33e0760f692a2fe0279049cf59e7681da1621019b8fd5b2f9ac339ee7225085853b14db60a409b8b58f7fcc1a718e071abf65d99b0bc2d4e5955da29e4b890212383d6a305012b053a98179da12e53d0c033d7067b3aefef2345c6c8c228fb24bfb416b6707b67e5c7cd911518bd45da3990f6710256f8806770139c77fae5f08c3044e60f4e0510296368e690c83164fc74a211f6ac8294f56f1d1ae1cff32694fb7933a1345cb259420d078fd58ae40a0b88d25781ee3dc096cb8db5f0b0a1c5f3202a44a199800d0668bf69b7e09fbe9ce0d1f84c684815671d101bd5c0ec0d5478d95690d06708271e58f6ace490a8025a7e605344ad855c5b65f5fc7f403ce5282746e6b3e281bd3eca21d353d25c6116d78ef41a3d517f14b6c22d5104ee897ae7c5d2a329f6b0268e34b7e396bccc5b92703b22c41cc942291501a2733b1f269795b5d56a96b2b2dd0845672165b2d4aa004056d095e476232959ff9336bc82d35e89ea7869377c53b5c2b0d7b558b6acfa9ed68f0808efa12a0173d4b1bcdc333fc9422a4e1af13fd82b2854766b5419ebc927b8cbfc1c10de1c1e58ef4ca4c56cb9e45711a6a325c9dd2e27b9415d6545be48c822a3bb4e21d39724eeab36ba9fd59fca7c34a6fc7dfbeaeaa50d80f1b2ded13b570e1f6435d54dbbec8a27846ea956766fe01a618ee0905ed62c16d2074ff50c914b227d39a85cc33aff26f9abf4d4324a1a0fe1acfd28ef3135143b7c9155712614ea1db66bd59db7263c73847e4a48014ca4ecf7e287bc6d4e8a674fa07b9b0f976d06e2668a1e2165e9ff6d523803360b95c454dd24e0d23d576b3cf7bf9f839bdbbcfe8f23ab11ebc23dd420308e60efa3d01a817790f546d63bd0a9a9754b9315ee78ce1b0499030eb0fd962a2f8704da96ba0a831fdb0f468cef5d179b802834d5e8785c5be85d0e592b16ce6240e399bd3f21fcee8cb6531ff04c99079cd87f654ec501edebdff7ddd0ada40085b3c8d40b67bdc0c5d52c49019865f73a8fc11ef763ec672ae9e3903fb7eefa9ecfe4a03c773a3a208eac2e30e13e5be58cfb0c218207255a5f6fb80653f24e4eae42a242b49c66dec3d18e8b8a2294c91597c5e25d9eeee2616f68ed062152878ed453d596fb942a980834cfecc65faf1e6cc0c2c8ce8510d617d0f8201783b21df063a3d70722107be45a52b1ffcd5f81719bb0c41d51c60a64ae51f0ea314cc2560d805261800c28b34131fe6d820d859675fd6b96562a703eac1e83d3a03562114aa65c54d7d0e4a58efc205a36f8c92def986c7dbe3ef196dc42c4c7ae5e43054d1b5f99c20ebd071ea981e76446c706b3072eb5239b1f99a1a9dac4f23f093c25380facc736a28ce26ca72cac197564e2e57f4c6f8d92085c0243c2a4122bbfa94a1fb862d27f03cf595770aaf6aad0b2cc5ad02986c54408d81538500298a2c4d95fb9c066a7b4a5764f1c24f1f9ec6485e9d97b02157e71541b449ec9601215b1dd4843ec63531237be41785096f31a292342e82e522c66de2663264fc97feba15317a4b137b82f10fd2ca8cee48b2a1c00aa32214775804f26e449d76f731e88e9b35e96ea35e13fa762005636e01c6965e028a648ac47cf8c366edeb2629e58752803a4a4d78e5c9a1ed347a27903b1207a864dbad412d1343380429e8d82cccd4d5ffb966cd3d3f2544b3a39fff3dc4efaabadc0fadb4eda104843fa9721348ecfba7a715b7a5b4350108544f7a4e3530435ca35538a8886d6a3b0e40c2eed689f176ec42ef7a919ef42dc5701a811966b90bfe0c82ed617b9c18e80681fe4b9395cdfd9e54455611cd538720de199db3da5a06e7595431a5fa1e8badde7dc33baaf503e5e8019ba127f1e9a8f09799e34632dd00382da26a8d04835473f91635d7366ca706d581c8258a33ac5a17db88861f410ffbe83133b6b570186dddea867790602c5f10a71bbad6f7f35657c27c895bff65322e750f9f99f3a8ab5b364fa1ac0be8d6c3485dbd57d3b832567270a38e9bc85dfae641dd0f138061ceab8529af2221536c4d0f19311b43a4e46ea1f136a5034bec4be33911d903780463dcf06d461122cc9ac6c1dddea70948ccae4fa2ab91d6a0e2ef39582a69f9e01483ae52a7fc45faad2cddf7cded3a49b6b16de1905a061cc60c84d95d1941d07ab587a4db6ff71a0bd7c008895337f4ea9ecd47c798b8f1f2a634bee64a745f136a274482d40d24c7fc669175dadb36728a33831688a60c3dc6e249ade43c929320116d2319f5cea4ad1af8b18f8138a618cd438bac35872906c84e1460f9ef12788ff09b8b6660d9f383d6533761cb7b823698e84842a1c4f00851d7184e732b46bb50913188ad138d95a809244b3d9064d286cfd256b92a7ac1b9efd2724887ecbbb7091eb96ccdb1cdcb57c52122d84fa83d277a2545db91ad8f284c2b327fa38b60da031745626ce99c7fdbca0e62666755f70a8d1a9001b3ad03088d909a4ce899f023779f41d023b37fbba40ce8bce78a00e829583de63006dfa519061e8cb027475d9845410bc027785c5706c0257064b38924e4bb105c00b2fb677fe0e646745c7f3d6d27f3ae890d6198a99057c6ca99ba7d9692313875d238c9b1c0630120c5060338ab32f3a8b9c86555f94c2b0f7aa507574940c502fe328ecccc3ce6cbe1dff28b99f65a506ef37997a3ecd295d8f4e09806d4120e8332b4250625783a7ed049de42ebe2f2f9c8b0e85771799850ca5e2b17a09119fd7c1e6173679b3e2ed5a7d7814f05f56649e94ed00e0cfcc60506eaa083663ee4c4a30ca850df086a868acc619668a4827fa3eeaf09ff8ac50c328c550105dc452a36015e0412723dceced6784d588765365eff013eda84624d1e5de11fe03633e1894f91116c09ab5354766857174c4a848a87a810c2562b9249e3297b1c992af061bae2b092b676d656beaa7ded3aa7bb44342d2f89f106321f205c604cd9f20742ad2d3ea96ec7dfb52ac36f2805620c8180632e44917acc22c9442f0b50c2fb98e00b80f1077f71c0132f09494f563526786b9983ae639ad1e431ceb4409ae2538d01ca30546ae618a7956c6587e95f6927af3aa98ec224dc86a5253590d6355b430968df9cb2459802d8329842a97eb5c47a41ab26eb635cd0de499e1a566039fcc660ffa7882d66e0de235aba7546901f8fdee9c751ac284fbd6ae740bdd1f3cf356b5991bc4eb94519ebaa0e019168c766308ae1449387f8503a074759d77fe6ecbcf5e4a21bbaeb0eaeea38fb5503629e3a4f9384d0982f0815e6409875b60a2b33719d5942d7ac5012189b74f5ffc42049058ac104f0e6bf5e2af143344cdf8116c979157dd261f17f14cb9496142a6a15c8a956f037f311f47608ab7c12a00c13558bef121263d5045683ad190159067ce5a591a3567c248b09fb4bbeb5075fb10ddf2da107f8d8e057c2a1338ce3e4c895ca0fe77cabd9cde238bfb2102a8ab05a6f94c55c88b999cdef593c8b549034785942ba9de1439e359775374b8101600d8d06ddeff5c638990c0dd0f7dde898f5d79c69c66cb4f032deec2a6b9745071967979a8b6a3ba05ce1086dba4a41ae04a95b1a79d1e6aa04a88b1ff2dc2e016fb9b6ec6b0847562f6e91432550f5f8b8bce9a8065a6f74edcffd9f62abb37e43b91a0e9dfac670ba69bf3c6466132abe36a98bce2dae55ee5dc6abf65ec833bc43588fda693418e58f28a2344d1d5c9a2bc633dbb480d1b647ad1de6a53cd61e74fdab67a04a2840c08c3604bbb0cf69811e39f63bdef29e81740fd4e40998325b7ce76201f912c6b1b68ff2e337e8a213124cc1645924b94acae4e0ba218e365ca9c512401a02d3454441327358cf42d53bb68fa1b7c4e98feaf11c97d5823cf7cb03cecceb8ced8bcd9cb0b71a840f7027d7c221c37b7934ef605df9a819ec5fbdb5105cd91a781b3d56511ad1ee96db8b742130907030321764b1c3b3204bb7eff31d51037fedae2741e46d1dd9285a1c13bc4952e67086ceca3febb0f5a041ea4f88e57dca2e62158dbef28a9c469466425e5b64adb1773bb20b99d16dbc7a8562d1e8185964f0ee2f725c8f531401d6e0882ba33c603f67a788200913403c47811fe9636b09b29db08085e08b6aa24596db70b53169d93643402fee216cc3c3f6e5464df68e137674d3f42d0f23f45f6cce225f24030a", 0xd1f}], 0x3}}], 0x3, 0x800)

3m47.757906016s ago: executing program 4 (id=617):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_freezer_state(r2, &(0x7f0000000340), 0x2, 0x0)
close(r3)

3m47.640291765s ago: executing program 0 (id=618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x18)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)

3m47.54017013s ago: executing program 0 (id=620):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x3a, 0x42}})
socket(0x28, 0x5, 0x0)
socket(0x28, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), 0x0}, 0x20)
r2 = syz_io_uring_setup(0x88e, 0x0, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

3m46.531932587s ago: executing program 0 (id=622):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffe4ffff01"], 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000600)=ANY=[@ANYRES16=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000))

3m46.287859174s ago: executing program 0 (id=625):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
close(r2)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000340)=ANY=[@ANYRES16=r0, @ANYRES32=r0])
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
socket(0x10, 0x803, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3m31.839394132s ago: executing program 33 (id=617):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_freezer_state(r2, &(0x7f0000000340), 0x2, 0x0)
close(r3)

3m30.995754571s ago: executing program 34 (id=625):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
close(r2)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000340)=ANY=[@ANYRES16=r0, @ANYRES32=r0])
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
socket(0x10, 0x803, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1m2.81276905s ago: executing program 2 (id=852):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="0e030e00c4e8120006001e00", 0xc, 0x28000000, 0x0, 0x0)
ptrace(0x10, r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000340)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@rights={{0x1c, 0x1, 0x1, [r4, r4, 0xffffffffffffffff]}}], 0x20}}], 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10015, 0x7fa962bfffff, 0x13012, r6, 0x0)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0xffffffffdf001fff)

1m2.458269816s ago: executing program 2 (id=855):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
brk(0x8e1b)

1m1.149625828s ago: executing program 2 (id=858):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
dup(0xffffffffffffffff)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r4, 0x40000000af01, 0x0)

59.546355783s ago: executing program 2 (id=860):
r0 = syz_pidfd_open(0x0, 0x0)
setns(r0, 0x24020000)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

59.408777218s ago: executing program 2 (id=861):
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
r2 = syz_open_pts(r1, 0x0)
r3 = dup(r2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3)
dup3(r1, r0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r4, &(0x7f0000000300)=[{&(0x7f0000000600)="8414", 0x2}, {&(0x7f0000000640)='hQ', 0x2}], 0x2, 0xffffffff, 0x4)

59.208339564s ago: executing program 2 (id=862):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x14, 0x2, 0x6, 0x3}, 0x14}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

44.063979676s ago: executing program 35 (id=862):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x14, 0x2, 0x6, 0x3}, 0x14}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

2.263768096s ago: executing program 1 (id=943):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0207e80702"], 0x10}}, 0x40044)
r1 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in=@rand_addr=0x64010101, @in6=@empty, 0x0, 0x56, 0x2, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x2, 0xfffffffffffffff6, 0x2000000, 0x1}, {0x4, 0x0, 0x4}, 0x1, 0x0, 0x1}, {{@in=@empty, 0x0, 0x2b}, 0xa, @in=@loopback, 0x3507, 0x4, 0x0, 0x0, 0xffffffff, 0x8, 0x4}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c)

994.717034ms ago: executing program 1 (id=944):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000006300)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000777a078afbd825c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000023000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000db2100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cc2351270000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r5, r3)
writev(r1, &(0x7f0000001400)=[{&(0x7f0000001280)="18", 0x1}], 0x1)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

835.81905ms ago: executing program 1 (id=945):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x3c, &(0x7f0000311ffc)=0x9, 0x4)
setsockopt$inet6_buf(r2, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r2, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ec3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dfff01a9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea093680ffffff802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e2cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97107339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd500"/1453, 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x3, @mcast2}, 0x1c)
sendto$inet6(r2, &(0x7f0000001380)="f26f01dee642b0491c8f905a4e6910b785d5a4ad508bf8ba13307092fb923bebcc12f52d8f084291e519cd1ee4e39ac22206da3e6dbc3d59b54db781f51fa7e4f31329f930b6f90d648c576822df0f95e2c1b9d225c7d79e24850ae3410257ca5cf9c56d59196e2e8c4b62009fb425683284e163747b28f01790afe36f206b4d2dd95006dba1a466f7b2ea72bd147fd9b01c6a73d63514dcf86ea5a1fd7cc9ab0fdce4d6529369b6ef20daa08f66cd52d46f824ae8d1f3bd4a4effed8fb291c6737d67221677551aa531e2eda3b6b84a7c7af18e964b6dcd7d39b1246d6a575913d48b18b03de48e0b2ae6a455461328b979dd2051eacd6963f30fb1bc9575f5a5e7d6e9f8c4131130ab1702139ce0167fa4e232562ca02b6550e4451d41d0fb563b67a83448466155c03170d9b5746bd0d2d6c349b3f28dc266a5d08fc9d7fd816e3c6422edc059ea902f4029b4b3c2f117dfe5c2daf5e8357b1003ca9d85b589174bb49d8a8b1b06ff8cc17eb0d41be3e7bcd9d660d5953b1c00ad963f185e9ec1b9de53a17590680fdff44d946092d1ac857baf24bc00b291fc9b00cb35dae98eff33476c0d1578f060aa995400f183927f6185341ae220b3f1b1ac3c1a6c307355dd11f96ca67b879ae7fd62af75005fb7ba5080c30987c99bbdb18170e398a1c071f6728043342d8c41454abb1d7d8e223236c3709382dca89f8b5bb01672bb594bc09de72934fc392df68fd23d927bac15dda81b03f7b78cdcf82ec5ec4c2c5bd68508fb3026019027424486bdb1d5fb150ac9fb3970fbe3c6612fcb15b531eda9561c608cae4dfb754d45af6bc4dd1bde0b04bf03d0e8c7117930bfa532f3f6c52773231178c6d65e6ddb550a8a2dc49c4096459e4b77918853ba9ba12dd8154ce119f2bbae093ae59131013b657900279a91fb2bde2090d513f47953a5faa6b531a931208c0afa1e7a1061189ca26025fb1f0b329b82d3a1adf01f5deb49ffd97bf363a72d83b39065d1a44cf112d6c95939e983372b6b090768b0dd4e5065935bf5e7bbbb723b59d1315b21ff031496a70a4e79b1d9ce89be0ff6cbfa616474c6a07960b35c7d370559ae8486f405411db45a317834eac8e0875545baf99ec38c33c3c034d9a42f93b07942673dbaf222f2d5796ad826fd92999e99913dedac52ee57066456a0380d7558848e92523f942485c47fbeffb70ac33a55529bc613a31f15f0afe7ebdbad5a473f4914254df2c89e89615c0cf49f3dd7ab46f2d5f8e487f79a5e7de76b3dc7256b73049b5effd4a6b42253dacaaf682f83a9a1de23145beae5bb0e61ba89c6b66a6b85e069902791669c9c0dc4bc00c6ea2fe757feb0863a123127435252820b0245a722d53a51889ec32e314ad07e30430eabf0296bceca5292161fb89e68fa818ad4cc15b717f59a4cb80d3c24070c44afff375c03b520c669118468debf007a5d7ac3eaa9e0829a13a40e297320c6dff7dbd2173b895bd6b9121be72b90fc56a471b4ef43503c4a8ad09656b1039311e327afb064a33509a6f61a6c484db71b28b46f246fc382dae30cf52b94bd8cca40e8de13dc7b4dbac1b9ebf547dd00cdd1ffb0a3bcbe220ca73bc4e3097346936ba5ebab55edf9c58bf2844e3826fb89814207e0c2e0c167964244499a09dddb9d60adf27a606055021dc9270f5fd4f460c580e927d35ebace821fdaea496ce85e624a07dcb3390a2d72fb7ba0110a5117f3839794f5258689c2b0960cee2339da5af304ef2c0d37a8fe14c27bd2b995bd0fd28bba66f9a97223ec33ad18bca07c308afebee83882a446d7874d851fa8e61025337c0fe7bb483cb33258fd1cecc35c533fdd0c87b01dc63574fb186db8f1cda52b50240d9202241c234fdb6d4ba70a050fe52b0bf7bdc62967870c249315f8bd57bbb21ce6e37580d87b3f18b17d8c2935c4e82335366044fb85434212bf4629fbc737adc6efab82", 0x57b, 0x1, &(0x7f0000000400)={0xa, 0x4e23, 0xb, @remote, 0x5}, 0x1c)

592.407548ms ago: executing program 1 (id=946):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x9}, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0xc0280, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4088}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x20, 0x15, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x24040808)
mkdir(0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x56}, 0x28)

422.439832ms ago: executing program 1 (id=947):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004045}, 0x20000000)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)

0s ago: executing program 1 (id=948):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r4 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x0, 0xfffffffe}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x21, 0x0)

kernel console output (not intermixed with test programs):

="syz.4.236" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0691bcebe9 code=0x0
[  204.180637][ T5944] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  204.540761][ T5944] usb 5-1: Using ep0 maxpacket: 32
[  205.045299][ T5944] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  205.045333][ T5944] usb 5-1: config 0 has no interface number 0
[  205.050813][ T5944] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  205.050843][ T5944] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.050864][ T5944] usb 5-1: Product: syz
[  205.050879][ T5944] usb 5-1: Manufacturer: syz
[  205.050893][ T5944] usb 5-1: SerialNumber: syz
[  205.280129][ T5944] usb 5-1: config 0 descriptor??
[  205.322516][ T5944] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  205.322544][ T5944] usb 5-1: selecting invalid altsetting 1
[  205.322561][ T5944] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  205.371801][ T5944] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  205.372193][ T5944] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  205.372245][ T5944] usb 5-1: media controller created
[  205.471781][ T5944] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  207.500624][ T6750] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  207.610974][ T5944] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  207.611031][ T5944] zl10353_read_register: readreg error (reg=127, ret==-71)
[  207.615119][ T5944] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  208.710553][ T5944] usb 5-1: USB disconnect, device number 2
[  210.569221][ T6807] binder: 6797:6807 ioctl c0306201 200000000100 returned -22
[  212.052899][ T5156] Bluetooth: hci0: command 0x0406 tx timeout
[  212.091379][ T5156] Bluetooth: hci1: command 0x0406 tx timeout
[  212.109646][ T5156] Bluetooth: hci3: command 0x0406 tx timeout
[  212.243543][ T5156] Bluetooth: hci2: command 0x0406 tx timeout
[  217.837493][ T6864] Bluetooth: MGMT ver 1.23
[  219.289388][    C0] vkms_vblank_simulate: vblank timer overrun
[  220.054408][ T6888] 9pnet_virtio: no channels available for device syz
[  220.260623][ T5906] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  220.437126][ T5906] usb 3-1: Using ep0 maxpacket: 32
[  220.443945][ T5906] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  220.443973][ T5906] usb 3-1: config 0 has no interface number 0
[  220.448551][ T5906] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  220.448589][ T5906] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.448610][ T5906] usb 3-1: Product: syz
[  220.448624][ T5906] usb 3-1: Manufacturer: syz
[  220.448639][ T5906] usb 3-1: SerialNumber: syz
[  220.594217][ T5906] usb 3-1: config 0 descriptor??
[  220.775216][ T5906] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  220.775244][ T5906] usb 3-1: selecting invalid altsetting 1
[  220.775260][ T5906] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  221.016488][ T5906] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  221.016850][ T5906] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  221.016903][ T5906] usb 3-1: media controller created
[  221.162987][ T5906] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  221.233392][ T5906] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  221.233450][ T5906] zl10353_read_register: readreg error (reg=127, ret==-71)
[  221.233910][ T5906] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  221.325701][ T5906] usb 3-1: USB disconnect, device number 2
[  223.621531][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.081325][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.226536][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.367962][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.670547][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.298'.
[  225.733749][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  225.817586][    C0] vkms_vblank_simulate: vblank timer overrun
[  226.350485][    C0] raw-gadget.0 gadget.2: ignoring, device is not running
[  226.580555][    T9] usb 3-1: device descriptor read/64, error -32
[  226.870557][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  227.020560][    T9] usb 3-1: Using ep0 maxpacket: 32
[  227.023513][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  227.023547][    T9] usb 3-1: config 0 has no interface number 0
[  227.054975][    T9] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  227.055005][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.055034][    T9] usb 3-1: Product: syz
[  227.055045][    T9] usb 3-1: Manufacturer: syz
[  227.055053][    T9] usb 3-1: SerialNumber: syz
[  227.104328][    T9] usb 3-1: config 0 descriptor??
[  227.134167][    T9] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  227.134194][    T9] usb 3-1: selecting invalid altsetting 1
[  227.134209][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  227.185341][    T9] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  227.185784][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  227.185847][    T9] usb 3-1: media controller created
[  227.236934][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  228.352375][    T9] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  228.352427][    T9] zl10353_read_register: readreg error (reg=127, ret==-110)
[  228.370924][ T6931] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  228.480642][    T9] usb 3-1: USB disconnect, device number 4
[  229.300117][    C1] vkms_vblank_simulate: vblank timer overrun
[  230.211486][    C1] vkms_vblank_simulate: vblank timer overrun
[  230.288705][    C1] vkms_vblank_simulate: vblank timer overrun
[  230.544809][ T6962] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.545348][ T6962] I/O error, dev loop4, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.545445][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  230.545894][ T6962] I/O error, dev loop4, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.545983][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  230.546001][ T6962] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  230.546015][ T6962] UDF-fs: Scanning with blocksize 512 failed
[  230.612163][ T6962] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.612560][ T6962] I/O error, dev loop4, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.612649][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  230.615247][ T6962] I/O error, dev loop4, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.615348][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  230.615368][ T6962] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  230.615380][ T6962] UDF-fs: Scanning with blocksize 1024 failed
[  230.616115][ T6962] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.630053][ T6962] I/O error, dev loop4, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.630169][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  230.652932][ T6964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.309'.
[  230.656764][ T6962] I/O error, dev loop4, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.656878][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  230.656899][ T6962] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  230.656912][ T6962] UDF-fs: Scanning with blocksize 2048 failed
[  230.661414][ T6962] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  230.661878][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  230.662098][ T6962] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  230.662117][ T6962] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  230.662129][ T6962] UDF-fs: Scanning with blocksize 4096 failed
[  230.662139][ T6962] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  231.286132][    C1] vkms_vblank_simulate: vblank timer overrun
[  232.332159][    C1] vkms_vblank_simulate: vblank timer overrun
[  232.540834][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.460089][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.632792][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.740085][ T6973] uprobe: syz.2.313:6973 failed to unregister, leaking uprobe
[  233.993396][ T6984] bridge_slave_0: left allmulticast mode
[  233.993440][ T6984] bridge_slave_0: left promiscuous mode
[  233.995709][ T6984] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.100210][ T6984] bridge_slave_1: left allmulticast mode
[  234.100242][ T6984] bridge_slave_1: left promiscuous mode
[  234.128326][ T6984] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.365018][ T6984] bond0: (slave bond_slave_0): Releasing backup interface
[  234.532054][ T6984] bond0: (slave bond_slave_1): Releasing backup interface
[  234.803628][ T6984] team0: Port device team_slave_0 removed
[  234.984074][ T6984] team0: Port device team_slave_1 removed
[  234.985183][ T6984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.985210][ T6984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.035187][ T6984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.035219][ T6984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  236.058931][ T6987] vlan0: entered promiscuous mode
[  236.192562][ T6987] team0: Port device vlan0 added
[  236.273606][ T6989] tipc: Started in network mode
[  236.273636][ T6989] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  236.273830][ T6989] tipc: Enabled bearer <eth:team0>, priority 0
[  236.383063][ T7005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.322'.
[  237.390536][    T9] tipc: Node number set to 11578026
[  238.280971][    C0] vkms_vblank_simulate: vblank timer overrun
[  238.512386][    C0] vkms_vblank_simulate: vblank timer overrun
[  239.130546][    C0] vkms_vblank_simulate: vblank timer overrun
[  239.280581][    C0] vkms_vblank_simulate: vblank timer overrun
[  239.510796][    C0] vkms_vblank_simulate: vblank timer overrun
[  239.551164][    C0] vkms_vblank_simulate: vblank timer overrun
[  239.605794][    C0] vkms_vblank_simulate: vblank timer overrun
[  240.108800][ T7039] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  240.922758][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.212285][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.273747][ T7052] netlink: 4 bytes leftover after parsing attributes in process `syz.1.338'.
[  241.519355][    C0] vkms_vblank_simulate: vblank timer overrun
[  246.220474][    C1] vkms_vblank_simulate: vblank timer overrun
[  246.532795][    C1] vkms_vblank_simulate: vblank timer overrun
[  249.869185][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.581622][ T1231] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  250.747211][ T1231] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  250.747250][ T1231] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  250.758653][ T1231] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  250.758683][ T1231] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.758702][ T1231] usb 2-1: Product: syz
[  250.758716][ T1231] usb 2-1: Manufacturer: syz
[  250.758730][ T1231] usb 2-1: SerialNumber: syz
[  252.079696][ T7133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.359'.
[  252.103696][ T7130] vlan2: entered promiscuous mode
[  252.107737][ T7130] vlan2: entered allmulticast mode
[  252.107758][ T7130] hsr_slave_1: entered allmulticast mode
[  253.383300][ T7152] binder: 7147:7152 ioctl c0306201 200000000100 returned -22
[  256.030325][ T1231] cdc_ncm 2-1:1.0: bind() failure
[  256.133510][ T1231] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  256.133558][ T1231] cdc_ncm 2-1:1.1: bind() failure
[  259.505311][    C1] vkms_vblank_simulate: vblank timer overrun
[  260.427209][    C1] vkms_vblank_simulate: vblank timer overrun
[  260.572949][ T1231] usb 2-1: USB disconnect, device number 2
[  260.906949][    C1] vkms_vblank_simulate: vblank timer overrun
[  261.076093][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  261.076173][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  261.208788][    C1] vkms_vblank_simulate: vblank timer overrun
[  262.031242][    C1] vkms_vblank_simulate: vblank timer overrun
[  262.063664][    C1] vkms_vblank_simulate: vblank timer overrun
[  262.445773][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.044615][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.186711][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.299949][    C1] vkms_vblank_simulate: vblank timer overrun
[  272.222727][ T7315] blk_print_req_error: 2 callbacks suppressed
[  272.222747][ T7315] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.223118][ T7315] I/O error, dev loop1, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.223215][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  272.223551][ T7315] I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.223639][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  272.223658][ T7315] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  272.223671][ T7315] UDF-fs: Scanning with blocksize 512 failed
[  272.224752][ T7315] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.225069][ T7315] I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.225164][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  272.225432][ T7315] I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.225519][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  272.225538][ T7315] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  272.225551][ T7315] UDF-fs: Scanning with blocksize 1024 failed
[  272.227756][ T7315] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.228088][ T7315] I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.228184][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  272.228358][ T7315] I/O error, dev loop1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.228453][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  272.228471][ T7315] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  272.228484][ T7315] UDF-fs: Scanning with blocksize 2048 failed
[  272.229057][ T7315] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  272.229381][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  272.229598][ T7315] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  272.229617][ T7315] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  272.229631][ T7315] UDF-fs: Scanning with blocksize 4096 failed
[  272.229641][ T7315] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  273.290753][ T5927] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  273.678843][ T5927] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  273.681927][ T5927] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  273.682071][ T5927] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  273.682280][ T5927] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  273.682691][ T5927] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  273.801367][ T5927] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  273.801398][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  273.801419][ T5927] usb 2-1: Product: syz
[  273.801433][ T5927] usb 2-1: Manufacturer: syz
[  273.867631][ T5927] cdc_wdm 2-1:1.0: skipping garbage
[  273.867653][ T5927] cdc_wdm 2-1:1.0: skipping garbage
[  273.941380][ T5927] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  273.941418][ T5927] cdc_wdm 2-1:1.0: Unknown control protocol
[  274.290550][ T5943] usb 2-1: USB disconnect, device number 3
[  277.155435][ T7350] tipc: Started in network mode
[  277.155464][ T7350] tipc: Node identity 864def564f2b, cluster identity 4711
[  277.990539][ T7350] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  278.031145][ T7350] syzkaller0: entered promiscuous mode
[  278.031173][ T7350] syzkaller0: entered allmulticast mode
[  278.170783][   T10] tipc: Node number set to 3378966358
[  278.175012][ T7349] tipc: Resetting bearer <eth:syzkaller0>
[  279.374095][ T7349] tipc: Disabling bearer <eth:syzkaller0>
[  279.880654][ T7372] blk_print_req_error: 2 callbacks suppressed
[  279.880672][ T7372] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.881028][ T7372] I/O error, dev loop1, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.881116][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  279.881682][ T7372] I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.881787][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  279.881806][ T7372] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  279.881820][ T7372] UDF-fs: Scanning with blocksize 512 failed
[  279.883140][ T7372] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.883606][ T7372] I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.883704][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  279.883923][ T7372] I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.884010][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  279.884029][ T7372] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  279.884042][ T7372] UDF-fs: Scanning with blocksize 1024 failed
[  279.884804][ T7372] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.885074][ T7372] I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.885162][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  279.885352][ T7372] I/O error, dev loop1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.885438][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  279.885456][ T7372] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  279.885468][ T7372] UDF-fs: Scanning with blocksize 2048 failed
[  279.886049][ T7372] I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  279.886393][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  279.886655][ T7372] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  279.886674][ T7372] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  279.886687][ T7372] UDF-fs: Scanning with blocksize 4096 failed
[  279.886697][ T7372] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  286.232525][ T7399] Invalid logical block size (8192)
[  288.515334][ T7436] netlink: 28 bytes leftover after parsing attributes in process `syz.4.443'.
[  291.255757][ T7432] syz.0.442 (7432): drop_caches: 2
[  294.505732][    C0] vkms_vblank_simulate: vblank timer overrun
[  295.498937][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.067037][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.691187][ T7542] syz.2.470 uses obsolete (PF_INET,SOCK_PACKET)
[  299.126466][ T7545] binder: 7543:7545 ioctl c0306201 200000000100 returned -22
[  299.162763][ T7542] netdevsim netdevsim2: Direct firmware load for lookup_extent_enter failed with error -2
[  299.162792][ T7542] netdevsim netdevsim2: Falling back to sysfs fallback for: lookup_extent_enter
[  304.175700][ T7583] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  304.186125][ T7583] tipc: Resetting bearer <eth:syzkaller0>
[  305.193363][ T7578] tipc: Disabling bearer <eth:syzkaller0>
[  306.880578][ T7600] netlink: 28 bytes leftover after parsing attributes in process `syz.0.490'.
[  311.395105][ T7628] netlink: 'syz.3.497': attribute type 10 has an invalid length.
[  311.408100][ T7628] 8021q: adding VLAN 0 to HW filter on device team0
[  311.412673][ T7628] bond0: (slave team0): Enslaving as an active interface with an up link
[  315.492853][ T7664] netlink: 40 bytes leftover after parsing attributes in process `syz.3.506'.
[  315.866224][ T7671] blk_print_req_error: 2 callbacks suppressed
[  315.866243][ T7671] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.866601][ T7671] I/O error, dev loop4, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.867248][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  315.867632][ T7671] I/O error, dev loop4, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.867723][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  315.867742][ T7671] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  315.867756][ T7671] UDF-fs: Scanning with blocksize 512 failed
[  315.868822][ T7671] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.869138][ T7671] I/O error, dev loop4, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.869231][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  315.869747][ T7671] I/O error, dev loop4, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.869858][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  315.869875][ T7671] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  315.869889][ T7671] UDF-fs: Scanning with blocksize 1024 failed
[  315.870715][ T7671] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.870993][ T7671] I/O error, dev loop4, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.871082][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  315.871359][ T7671] I/O error, dev loop4, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.871445][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  315.871463][ T7671] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  315.871476][ T7671] UDF-fs: Scanning with blocksize 2048 failed
[  315.872038][ T7671] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  315.872355][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  315.872571][ T7671] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  315.872590][ T7671] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  315.872608][ T7671] UDF-fs: Scanning with blocksize 4096 failed
[  315.872618][ T7671] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  316.457453][ T7669] netlink: 148 bytes leftover after parsing attributes in process `syz.0.508'.
[  319.561898][ T7688] netlink: 20 bytes leftover after parsing attributes in process `syz.4.512'.
[  320.892168][ T7699] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  322.508714][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  322.511384][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  323.265100][ T7717] misc userio: No port type given on /dev/userio
[  325.697642][ T7669] syz.0.508 (7669): drop_caches: 2
[  326.354166][ T7732] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8
[  333.195681][ T7745] syzkaller0: entered promiscuous mode
[  333.195710][ T7745] syzkaller0: entered allmulticast mode
[  333.792348][ T7754] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  333.991479][ T7754] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  334.000503][ T7754] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  334.823951][ T7757] netlink: 28 bytes leftover after parsing attributes in process `syz.2.532'.
[  336.494817][    C1] vkms_vblank_simulate: vblank timer overrun
[  336.706932][ T7776] overlayfs: overlapping lowerdir path
[  337.078241][    C1] vkms_vblank_simulate: vblank timer overrun
[  338.298064][ T7778] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  339.489290][    C1] vkms_vblank_simulate: vblank timer overrun
[  339.956066][    C1] vkms_vblank_simulate: vblank timer overrun
[  340.791493][    C1] vkms_vblank_simulate: vblank timer overrun
[  342.286785][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  342.298383][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  342.311221][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  342.317975][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  342.318773][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  342.929983][ T7812] netlink: 'syz.2.545': attribute type 10 has an invalid length.
[  343.945986][ T7812] 8021q: adding VLAN 0 to HW filter on device team0
[  343.948051][ T7812] bond0: (slave team0): Enslaving as an active interface with an up link
[  344.065955][ T7797] syzkaller0: entered promiscuous mode
[  344.065985][ T7797] syzkaller0: entered allmulticast mode
[  344.121577][ T7815] netlink: 28 bytes leftover after parsing attributes in process `syz.0.546'.
[  344.420552][ T5842] Bluetooth: hci5: command tx timeout
[  346.595699][ T5842] Bluetooth: hci5: command tx timeout
[  347.257075][ T7844] netlink: 20 bytes leftover after parsing attributes in process `syz.2.553'.
[  348.660573][ T5842] Bluetooth: hci5: command tx timeout
[  352.933867][   T69] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.213131][ T7857] binder: 7855:7857 ioctl c0306201 200000000100 returned -22
[  353.497177][   T69] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.191078][ T7867] syzkaller0: entered promiscuous mode
[  354.191109][ T7867] syzkaller0: entered allmulticast mode
[  354.580800][ T5842] Bluetooth: hci5: command tx timeout
[  355.294052][   T69] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.921835][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.204535][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.484936][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.627400][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.690513][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.752778][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.832253][    C0] vkms_vblank_simulate: vblank timer overrun
[  359.568459][ T7893] binder: 7892:7893 ioctl c0306201 200000000100 returned -22
[  360.375059][    C0] vkms_vblank_simulate: vblank timer overrun
[  360.762756][    C0] vkms_vblank_simulate: vblank timer overrun
[  360.880049][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.050147][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.152874][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.879616][   T69] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.279100][ T7920] netlink: 148 bytes leftover after parsing attributes in process `syz.4.572'.
[  362.377513][    C0] vkms_vblank_simulate: vblank timer overrun
[  362.528155][    C0] vkms_vblank_simulate: vblank timer overrun
[  362.762706][ T7923] netlink: 'syz.0.571': attribute type 10 has an invalid length.
[  363.500989][    C0] vkms_vblank_simulate: vblank timer overrun
[  363.536092][ T7923] 8021q: adding VLAN 0 to HW filter on device team0
[  363.537773][ T7923] bond0: (slave team0): Enslaving as an active interface with an up link
[  364.334831][    C0] vkms_vblank_simulate: vblank timer overrun
[  364.390131][    C0] vkms_vblank_simulate: vblank timer overrun
[  364.469789][    C0] vkms_vblank_simulate: vblank timer overrun
[  364.662693][    C0] vkms_vblank_simulate: vblank timer overrun
[  365.071984][   T37] audit: type=1326 audit(1757222267.221:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7931 comm="syz.2.575" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x0
[  366.068758][ T7793] chnl_net:caif_netlink_parms(): no params data found
[  366.190992][   T69] bridge_slave_1: left allmulticast mode
[  366.191492][   T69] bridge_slave_1: left promiscuous mode
[  366.196189][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.299695][ T7920] syz.4.572 (7920): drop_caches: 2
[  366.321279][ T7940] binder: 7939:7940 ioctl c0306201 200000000100 returned -22
[  367.206868][   T69] bridge_slave_0: left allmulticast mode
[  367.219739][   T69] bridge_slave_0: left promiscuous mode
[  367.692213][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.825196][ T7962] netlink: 12 bytes leftover after parsing attributes in process `syz.4.579'.
[  370.226960][   T37] audit: type=1326 audit(1757222272.371:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7992 comm="syz.2.586" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x0
[  372.087634][ T8002] binder: 7999:8002 ioctl c0306201 200000000100 returned -22
[  373.021283][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  373.123712][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  373.233604][   T69] bond0 (unregistering): (slave team0): Releasing backup interface
[  373.299130][   T69] bond0 (unregistering): Released all slaves
[  373.433137][ T8004] input: syz1 as /devices/virtual/input/input9
[  373.471131][ T7952] syzkaller0: entered promiscuous mode
[  373.471161][ T7952] syzkaller0: entered allmulticast mode
[  373.944305][    C0] vkms_vblank_simulate: vblank timer overrun
[  374.856964][    C0] vkms_vblank_simulate: vblank timer overrun
[  374.970537][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.003460][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.127987][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.265711][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.386284][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.416105][   T69] tipc: Left network mode
[  375.583347][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.806160][   T37] audit: type=1326 audit(1757222277.951:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8022 comm="syz.1.596" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x0
[  376.572563][ T8042] binder: 8036:8042 ioctl c0306201 200000000100 returned -22
[  377.376884][ T7793] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.377026][ T7793] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.377257][ T7793] bridge_slave_0: entered allmulticast mode
[  377.499153][ T7793] bridge_slave_0: entered promiscuous mode
[  377.770623][ T7793] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.770894][ T7793] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.771125][ T7793] bridge_slave_1: entered allmulticast mode
[  377.797515][ T7793] bridge_slave_1: entered promiscuous mode
[  378.661477][   T37] audit: type=1326 audit(1757222280.781:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8073 comm="syz.0.608" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff0eaa4ebe9 code=0x0
[  379.927680][ T8072] syzkaller0: entered promiscuous mode
[  379.927711][ T8072] syzkaller0: entered allmulticast mode
[  380.269885][ T7793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  380.358332][ T7793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  381.318458][   T37] audit: type=1326 audit(1757222283.461:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8107 comm="syz.1.619" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x0
[  381.364004][ T8117] binder: 8113:8117 ioctl c0306201 200000000100 returned -22
[  381.900635][   T69] hsr_slave_0: left promiscuous mode
[  381.996522][   T69] hsr_slave_1: left promiscuous mode
[  381.997866][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  381.997958][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  382.047933][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  382.047965][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  382.192776][   T69] veth1_macvtap: left promiscuous mode
[  382.196069][   T69] veth0_macvtap: left promiscuous mode
[  382.197922][   T69] veth1_vlan: left promiscuous mode
[  382.198348][   T69] veth0_vlan: left promiscuous mode
[  383.956452][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  383.956532][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  384.866502][   T37] audit: type=1326 audit(1757222287.021:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8148 comm="syz.2.632" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x0
[  385.235687][ T8155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.634'.
[  385.254072][ T8155] netlink: 32 bytes leftover after parsing attributes in process `syz.1.634'.
[  389.514980][ T8171] binder: 8164:8171 ioctl c0306201 200000000100 returned -22
[  391.121712][   T69] team0 (unregistering): Port device team_slave_1 removed
[  391.364655][   T69] team0 (unregistering): Port device team_slave_0 removed
[  392.701048][   T37] audit: type=1326 audit(1757222294.851:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.701098][   T37] audit: type=1326 audit(1757222294.851:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.701138][   T37] audit: type=1326 audit(1757222294.851:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.706706][   T37] audit: type=1326 audit(1757222294.841:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.707951][   T37] audit: type=1326 audit(1757222294.851:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.707997][   T37] audit: type=1326 audit(1757222294.851:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.708045][   T37] audit: type=1326 audit(1757222294.851:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.708085][   T37] audit: type=1326 audit(1757222294.851:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.708125][   T37] audit: type=1326 audit(1757222294.851:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  392.708375][   T37] audit: type=1326 audit(1757222294.851:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8183 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  395.583659][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  395.587401][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  395.606816][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  395.610254][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  395.636585][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  397.083769][ T5843] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  397.104721][ T5843] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  397.106322][ T5843] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  397.107526][ T5843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  397.108347][ T5843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  397.316241][ T8214] binder: 8208:8214 ioctl c0306201 200000000100 returned -22
[  397.720470][ T5842] Bluetooth: hci2: command tx timeout
[  397.873566][ T7793] team0: Port device team_slave_0 added
[  397.940523][ T8178] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  398.195914][ T5843] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  398.230818][ T5843] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  398.233124][ T5843] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  398.250707][ T5843] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  398.258063][ T5843] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  399.228750][ T5842] Bluetooth: hci6: command tx timeout
[  399.782256][ T5842] Bluetooth: hci2: command tx timeout
[  400.237642][   T37] kauditd_printk_skb: 119 callbacks suppressed
[  400.237659][   T37] audit: type=1326 audit(1757222302.381:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.237932][   T37] audit: type=1326 audit(1757222302.381:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.273710][   T37] audit: type=1326 audit(1757222302.421:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280518][   T37] audit: type=1326 audit(1757222302.421:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280571][   T37] audit: type=1326 audit(1757222302.421:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280613][   T37] audit: type=1326 audit(1757222302.421:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280652][   T37] audit: type=1326 audit(1757222302.421:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280692][   T37] audit: type=1326 audit(1757222302.421:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280732][   T37] audit: type=1326 audit(1757222302.421:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.280772][   T37] audit: type=1326 audit(1757222302.421:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8238 comm="syz.1.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  400.341132][ T5842] Bluetooth: hci7: command tx timeout
[  401.300469][ T5842] Bluetooth: hci6: command tx timeout
[  401.860795][ T5842] Bluetooth: hci2: command tx timeout
[  402.420650][ T5842] Bluetooth: hci7: command tx timeout
[  402.737092][ T8201] chnl_net:caif_netlink_parms(): no params data found
[  403.358971][ T8261] syz.1.656 (8261): drop_caches: 2
[  403.376473][ T8261] syz.1.656 (8261): drop_caches: 2
[  403.380633][ T5842] Bluetooth: hci6: command tx timeout
[  404.033728][ T5842] Bluetooth: hci2: command tx timeout
[  404.509566][ T5842] Bluetooth: hci7: command tx timeout
[  404.708433][ T8277] binder: 8273:8277 ioctl c0306201 200000000100 returned -22
[  404.717312][ T8210] chnl_net:caif_netlink_parms(): no params data found
[  405.188191][   T69] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.351552][ T8217] chnl_net:caif_netlink_parms(): no params data found
[  405.460580][ T5842] Bluetooth: hci6: command tx timeout
[  406.189587][   T69] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.566597][ T8287] netlink: 296 bytes leftover after parsing attributes in process `syz.1.662'.
[  406.581005][ T5842] Bluetooth: hci7: command tx timeout
[  406.860076][ T8201] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.860923][ T8201] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.861144][ T8201] bridge_slave_0: entered allmulticast mode
[  406.868995][ T8201] bridge_slave_0: entered promiscuous mode
[  406.903100][   T37] kauditd_printk_skb: 260 callbacks suppressed
[  406.903118][   T37] audit: type=1326 audit(1757222309.051:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8289 comm="syz.1.663" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x0
[  407.366380][   T69] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.443271][ T8201] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.443424][ T8201] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.443657][ T8201] bridge_slave_1: entered allmulticast mode
[  407.462805][ T8201] bridge_slave_1: entered promiscuous mode
[  407.906287][ T8304] syz.2.666 (8304): drop_caches: 2
[  407.906687][ T8304] syz.2.666 (8304): drop_caches: 2
[  409.287978][   T69] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.477997][ T8201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.487861][ T8210] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.488001][ T8210] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.488240][ T8210] bridge_slave_0: entered allmulticast mode
[  409.529192][ T8210] bridge_slave_0: entered promiscuous mode
[  409.771473][ T8201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.773745][ T8210] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.773970][ T8210] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.774165][ T8210] bridge_slave_1: entered allmulticast mode
[  409.810635][ T8210] bridge_slave_1: entered promiscuous mode
[  409.824623][ T8217] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.824770][ T8217] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.825010][ T8217] bridge_slave_0: entered allmulticast mode
[  409.838262][ T8217] bridge_slave_0: entered promiscuous mode
[  410.200816][   T37] audit: type=1326 audit(1757222312.341:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8330 comm="syz.2.671" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x0
[  410.523284][ T8217] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.523423][ T8217] bridge0: port 2(bridge_slave_1) entered disabled state
[  410.523645][ T8217] bridge_slave_1: entered allmulticast mode
[  410.526413][ T8217] bridge_slave_1: entered promiscuous mode
[  410.795067][ T8341] binder: 8325:8341 ioctl c0306201 200000000100 returned -22
[  411.442300][ T8350] syz.1.674 (8350): drop_caches: 2
[  411.473901][ T8350] syz.1.674 (8350): drop_caches: 2
[  411.500579][ T8340] tipc: Started in network mode
[  411.500608][ T8340] tipc: Node identity 6e7bfc4d7e2, cluster identity 4711
[  411.500844][ T8340] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  411.513670][ T8201] team0: Port device team_slave_0 added
[  411.550166][ T8210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  411.719614][ T8201] team0: Port device team_slave_1 added
[  411.781953][ T8210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  411.785139][ T8339] tipc: Resetting bearer <eth:syzkaller0>
[  411.821645][ T8217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.818004][ T5920] tipc: Node number set to 274463821
[  413.085211][ T8217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  413.493320][   T37] audit: type=1326 audit(1757222315.641:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8366 comm="syz.1.679" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x0
[  413.541666][ T8337] tipc: Disabling bearer <eth:syzkaller0>
[  413.917335][ T8201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  413.917352][ T8201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.917377][ T8201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  414.016567][ T8210] team0: Port device team_slave_0 added
[  414.247035][ T8201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  414.247051][ T8201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  414.247076][ T8201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  414.319025][ T8210] team0: Port device team_slave_1 added
[  414.365789][ T8217] team0: Port device team_slave_0 added
[  414.425901][ T8376] syz.1.682 (8376): drop_caches: 2
[  414.426309][ T8376] syz.1.682 (8376): drop_caches: 2
[  414.578600][ T8379] binder: 8370:8379 ioctl c0306201 200000000100 returned -22
[  415.167773][ T8217] team0: Port device team_slave_1 added
[  416.489367][   T37] audit: type=1326 audit(1757222318.631:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.489644][   T37] audit: type=1326 audit(1757222318.631:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.534590][   T37] audit: type=1326 audit(1757222318.681:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.534846][   T37] audit: type=1326 audit(1757222318.681:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.535091][   T37] audit: type=1326 audit(1757222318.681:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.536724][   T37] audit: type=1326 audit(1757222318.681:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.536989][   T37] audit: type=1326 audit(1757222318.681:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.537311][   T37] audit: type=1326 audit(1757222318.681:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.537784][   T37] audit: type=1326 audit(1757222318.681:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8390 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  416.975415][ T8210] batman_adv: batadv0: Adding interface: batadv_slave_0
[  416.975426][ T8210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  416.975440][ T8210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  417.099901][ T8217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  417.099918][ T8217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.099943][ T8217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  417.157062][ T8210] batman_adv: batadv0: Adding interface: batadv_slave_1
[  417.157077][ T8210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.157102][ T8210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  417.163351][ T8399] syz.2.690 (8399): drop_caches: 2
[  417.179469][ T8399] syz.2.690 (8399): drop_caches: 2
[  417.351020][ T8217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  417.351036][ T8217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.351062][ T8217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  417.427877][ T8201] hsr_slave_0: entered promiscuous mode
[  417.431374][ T8201] hsr_slave_1: entered promiscuous mode
[  417.434245][ T8201] debugfs: 'hsr0' already exists in 'hsr'
[  417.434271][ T8201] Cannot create hsr debugfs directory
[  417.725538][   T69] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.831632][ T8401] tipc: New replicast peer: 255.255.255.255
[  417.844025][ T8401] tipc: Enabled bearer <udp:syz2>, priority 10
[  418.300962][ T8412] binder: 8406:8412 ioctl c0306201 200000000100 returned -22
[  419.246775][ T8416] loop7: detected capacity change from 0 to 16384
[  419.498982][   T69] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.521182][ T8417] loop7: detected capacity change from 16384 to 16383
[  420.376500][ T8210] hsr_slave_0: entered promiscuous mode
[  420.377870][ T8210] hsr_slave_1: entered promiscuous mode
[  420.378738][ T8210] debugfs: 'hsr0' already exists in 'hsr'
[  420.378762][ T8210] Cannot create hsr debugfs directory
[  420.379328][ T8420] netlink: 'syz.1.695': attribute type 10 has an invalid length.
[  420.379344][ T8420] netlink: 40 bytes leftover after parsing attributes in process `syz.1.695'.
[  420.615078][   T69] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.690940][ T8217] hsr_slave_0: entered promiscuous mode
[  420.692343][ T8217] hsr_slave_1: entered promiscuous mode
[  420.693227][ T8217] debugfs: 'hsr0' already exists in 'hsr'
[  420.693258][ T8217] Cannot create hsr debugfs directory
[  420.727751][ T8420] dummy0: entered promiscuous mode
[  420.741047][ T8420] bridge0: port 1(dummy0) entered blocking state
[  420.741192][ T8420] bridge0: port 1(dummy0) entered disabled state
[  420.741412][ T8420] dummy0: entered allmulticast mode
[  420.745678][ T8420] bridge0: port 1(dummy0) entered blocking state
[  420.745837][ T8420] bridge0: port 1(dummy0) entered forwarding state
[  420.892291][ T8426] syz.1.698 (8426): drop_caches: 2
[  420.897472][ T8426] syz.1.698 (8426): drop_caches: 2
[  423.167035][ T8444] binder: 8434:8444 ioctl c0306201 200000000100 returned -22
[  423.557496][   T69] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.520509][ T5920] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  426.660970][   T69] bridge_slave_1: left allmulticast mode
[  426.661003][   T69] bridge_slave_1: left promiscuous mode
[  426.661262][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.674492][ T5920] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  426.674526][ T5920] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  426.677612][ T5920] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  426.677639][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.677658][ T5920] usb 3-1: Product: syz
[  426.677672][ T5920] usb 3-1: Manufacturer: syz
[  426.677686][ T5920] usb 3-1: SerialNumber: syz
[  426.749992][   T69] bridge_slave_0: left allmulticast mode
[  426.750026][   T69] bridge_slave_0: left promiscuous mode
[  426.751353][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.816642][   T69] bridge_slave_1: left allmulticast mode
[  426.816677][   T69] bridge_slave_1: left promiscuous mode
[  426.819766][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.884865][   T69] bridge_slave_0: left allmulticast mode
[  426.885109][   T69] bridge_slave_0: left promiscuous mode
[  426.885628][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.960982][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.711'.
[  426.972954][   T69] bridge_slave_1: left allmulticast mode
[  426.972983][   T69] bridge_slave_1: left promiscuous mode
[  426.973721][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.013642][   T69] bridge_slave_0: left allmulticast mode
[  427.013673][   T69] bridge_slave_0: left promiscuous mode
[  427.014137][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.919465][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  430.000258][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  430.088892][   T69] bond0 (unregistering): (slave team0): Releasing backup interface
[  430.125833][   T69] bond0 (unregistering): Released all slaves
[  431.806646][ T5920] cdc_ncm 3-1:1.0: bind() failure
[  431.819129][ T5920] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  431.819177][ T5920] cdc_ncm 3-1:1.1: bind() failure
[  432.212068][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  432.274198][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  432.315145][   T69] bond0 (unregistering): Released all slaves
[  432.501433][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  432.583207][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  432.647717][   T69] bond0 (unregistering): Released all slaves
[  433.100789][ T8469] hsr_slave_1 (unregistering): left promiscuous mode
[  433.196498][   T69] tipc: Left network mode
[  433.231937][ T8201] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  433.317236][ T8201] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  433.553340][ T5913] usb 3-1: USB disconnect, device number 5
[  433.622496][ T8201] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  434.440669][ T8201] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  436.458046][ T8510] binder: 8482:8510 ioctl c0306201 200000000100 returned -22
[  436.949866][ T8210] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  437.122981][ T8210] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  437.552399][ T8210] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  437.724633][ T8210] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  438.440325][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.082849][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.403965][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.955514][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.989462][    C1] vkms_vblank_simulate: vblank timer overrun
[  440.599371][    C1] vkms_vblank_simulate: vblank timer overrun
[  441.199363][    C1] vkms_vblank_simulate: vblank timer overrun
[  441.606070][    C1] vkms_vblank_simulate: vblank timer overrun
[  442.009496][ T8217] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  442.152205][ T8217] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  442.211659][ T8555] binder: 8548:8555 ioctl c0306201 200000000100 returned -22
[  442.332743][ T8217] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  442.617293][ T8217] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  443.960594][   T69] hsr_slave_0: left promiscuous mode
[  444.010233][   T69] hsr_slave_1: left promiscuous mode
[  444.021335][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  444.021367][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  444.061625][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  444.061657][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  444.286197][   T69] hsr_slave_0: left promiscuous mode
[  444.356079][   T69] hsr_slave_1: left promiscuous mode
[  444.356983][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  444.357009][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  444.411644][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  444.411675][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  445.175615][   T69] veth1_macvtap: left promiscuous mode
[  445.179838][   T69] veth0_macvtap: left promiscuous mode
[  445.186570][   T69] veth1_vlan: left promiscuous mode
[  445.193362][   T69] veth0_vlan: left promiscuous mode
[  445.464160][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  445.464240][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  445.840753][   T69] veth1_macvtap: left promiscuous mode
[  445.840879][   T69] veth0_macvtap: left promiscuous mode
[  445.841175][   T69] veth1_vlan: left promiscuous mode
[  445.841399][   T69] veth0_vlan: left promiscuous mode
[  449.241345][   T69] team0 (unregistering): Port device team_slave_1 removed
[  449.411408][   T69] team0 (unregistering): Port device team_slave_0 removed
[  452.587355][ T5843] Bluetooth: hci4: command 0x0406 tx timeout
[  453.191489][   T69] team0 (unregistering): Port device team_slave_1 removed
[  453.411422][   T69] team0 (unregistering): Port device team_slave_0 removed
[  455.601555][   T69] team0 (unregistering): Port device team_slave_0 removed
[  456.642395][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  456.663969][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  456.676112][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  456.699658][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  456.702566][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  458.877533][ T8624] binder: 8619:8624 ioctl c0306201 200000000100 returned -22
[  459.047027][ T5842] Bluetooth: hci1: command tx timeout
[  460.986790][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  461.007126][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  461.021726][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  461.025180][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  461.030074][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  461.097521][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  461.114483][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  461.132962][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  461.137988][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  461.155698][ T5842] Bluetooth: hci1: command tx timeout
[  461.158247][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  461.351012][ T8639] syzkaller1: entered promiscuous mode
[  461.351042][ T8639] syzkaller1: entered allmulticast mode
[  463.183837][ T5839] Bluetooth: hci2: command tx timeout
[  463.230532][ T5839] Bluetooth: hci1: command tx timeout
[  464.050969][ T5839] Bluetooth: hci3: command tx timeout
[  464.879359][ T8682] binder: 8674:8682 ioctl c0306201 200000000100 returned -22
[  465.221453][ T5849] Bluetooth: hci2: command tx timeout
[  465.720806][ T8596] chnl_net:caif_netlink_parms(): no params data found
[  466.101136][ T5849] Bluetooth: hci3: command tx timeout
[  466.101180][ T5849] Bluetooth: hci1: command tx timeout
[  467.300481][ T5839] Bluetooth: hci2: command tx timeout
[  467.904707][ T8596] bridge0: port 1(bridge_slave_0) entered blocking state
[  467.904903][ T8596] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.906072][ T8596] bridge_slave_0: entered allmulticast mode
[  467.950981][ T8596] bridge_slave_0: entered promiscuous mode
[  468.011764][ T8596] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.011938][ T8596] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.012179][ T8596] bridge_slave_1: entered allmulticast mode
[  468.014856][ T8596] bridge_slave_1: entered promiscuous mode
[  468.021393][ T8717] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  468.180650][ T5839] Bluetooth: hci3: command tx timeout
[  468.413499][ T8635] chnl_net:caif_netlink_parms(): no params data found
[  468.465564][ T8596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  468.613919][ T8596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  468.823220][ T8631] chnl_net:caif_netlink_parms(): no params data found
[  469.382159][ T5839] Bluetooth: hci2: command tx timeout
[  470.281523][ T5839] Bluetooth: hci3: command tx timeout
[  471.658220][ T8596] team0: Port device team_slave_0 added
[  471.899380][ T8596] team0: Port device team_slave_1 added
[  473.763194][ T8596] batman_adv: batadv0: Adding interface: batadv_slave_0
[  473.763211][ T8596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  473.763234][ T8596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  473.822907][ T8635] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.823078][ T8635] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.823335][ T8635] bridge_slave_0: entered allmulticast mode
[  473.854425][ T8635] bridge_slave_0: entered promiscuous mode
[  473.868211][ T8596] batman_adv: batadv0: Adding interface: batadv_slave_1
[  473.868237][ T8596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  473.868262][ T8596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  474.027714][ T8635] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.027942][ T8635] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.028188][ T8635] bridge_slave_1: entered allmulticast mode
[  474.053042][ T8635] bridge_slave_1: entered promiscuous mode
[  474.294483][ T8631] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.294696][ T8631] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.294951][ T8631] bridge_slave_0: entered allmulticast mode
[  474.323002][ T8631] bridge_slave_0: entered promiscuous mode
[  474.485411][ T8631] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.486345][ T8631] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.486592][ T8631] bridge_slave_1: entered allmulticast mode
[  474.523589][ T8631] bridge_slave_1: entered promiscuous mode
[  474.544735][ T8635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  476.254221][ T8783] binder: 8777:8783 ioctl c0306201 200000000100 returned -22
[  477.095623][ T8787] netlink: 28 bytes leftover after parsing attributes in process `syz.1.768'.
[  477.099723][ T8635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.954359][ T8596] hsr_slave_0: entered promiscuous mode
[  477.955334][ T8596] hsr_slave_1: entered promiscuous mode
[  477.955911][ T8596] debugfs: 'hsr0' already exists in 'hsr'
[  477.955935][ T8596] Cannot create hsr debugfs directory
[  478.007442][ T8631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.598296][ T8631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  479.723020][ T8635] team0: Port device team_slave_0 added
[  483.197018][ T8635] team0: Port device team_slave_1 added
[  486.451402][ T8631] team0: Port device team_slave_0 added
[  486.504699][ T8856] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  486.792271][ T8631] team0: Port device team_slave_1 added
[  487.148473][ T8857] syzkaller0: entered promiscuous mode
[  487.148504][ T8857] syzkaller0: entered allmulticast mode
[  487.156202][ T8856] tipc: Resetting bearer <eth:syzkaller0>
[  487.169716][ T8635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  487.169729][ T8635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.169765][ T8635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  487.370855][ T8854] tipc: Resetting bearer <eth:syzkaller0>
[  487.545949][ T8854] tipc: Disabling bearer <eth:syzkaller0>
[  487.766875][ T8635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  487.766891][ T8635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.766916][ T8635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  489.449667][ T8631] batman_adv: batadv0: Adding interface: batadv_slave_0
[  489.449683][ T8631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  489.449708][ T8631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  489.505258][ T8631] batman_adv: batadv0: Adding interface: batadv_slave_1
[  489.505275][ T8631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  489.505300][ T8631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  493.033509][ T8635] hsr_slave_0: entered promiscuous mode
[  493.702034][ T8635] hsr_slave_1: entered promiscuous mode
[  493.703115][ T8635] debugfs: 'hsr0' already exists in 'hsr'
[  493.703143][ T8635] Cannot create hsr debugfs directory
[  496.432555][ T8936] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$���UL�vy��آ
�D��UD�w�}�z
[  496.566761][ T8631] hsr_slave_0: entered promiscuous mode
[  496.568165][ T8631] hsr_slave_1: entered promiscuous mode
[  496.569104][ T8631] debugfs: 'hsr0' already exists in 'hsr'
[  496.569128][ T8631] Cannot create hsr debugfs directory
[  501.712206][   T37] kauditd_printk_skb: 18 callbacks suppressed
[  501.712223][   T37] audit: type=1326 audit(1757222403.861:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.712492][   T37] audit: type=1326 audit(1757222403.861:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.818494][   T37] audit: type=1326 audit(1757222403.901:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.818548][   T37] audit: type=1326 audit(1757222403.961:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.818589][   T37] audit: type=1326 audit(1757222403.961:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.819973][   T37] audit: type=1326 audit(1757222403.961:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.820022][   T37] audit: type=1326 audit(1757222403.961:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.952680][   T37] audit: type=1326 audit(1757222403.961:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.952733][   T37] audit: type=1326 audit(1757222404.101:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  501.952775][   T37] audit: type=1326 audit(1757222404.101:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8963 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  504.316317][ T8980] netlink: 4 bytes leftover after parsing attributes in process `syz.1.803'.
[  506.832653][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  506.832768][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  511.149593][ T9002] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�vy��آ
�D��UD�w�}�zR3��p(@O�>���P��'
[  511.149628][ T9002] CPU: 0 UID: 0 PID: 9002 Comm: syz.2.810 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  511.149656][ T9002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.149675][ T9002] Call Trace:
[  511.149680][ T9002]  <TASK>
[  511.149685][ T9002]  dump_stack_lvl+0x189/0x250
[  511.149716][ T9002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  511.149733][ T9002]  ? __pfx__printk+0x10/0x10
[  511.149746][ T9002]  ? kernfs_path_from_node+0x2c/0x280
[  511.149760][ T9002]  ? kernfs_path_from_node+0x2c/0x280
[  511.149779][ T9002]  ? kernfs_path_from_node+0x243/0x280
[  511.149789][ T9002]  ? kernfs_path_from_node+0x2c/0x280
[  511.149802][ T9002]  sysfs_warn_dup+0x8e/0xa0
[  511.149820][ T9002]  sysfs_do_create_link_sd+0xc0/0x110
[  511.149832][ T9002]  device_add_class_symlinks+0x1d2/0x240
[  511.149847][ T9002]  device_add+0x475/0xb50
[  511.149860][ T9002]  wiphy_register+0x1ba6/0x28d0
[  511.149887][ T9002]  ? __pfx_wiphy_register+0x10/0x10
[  511.149902][ T9002]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  511.149921][ T9002]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  511.149935][ T9002]  ieee80211_register_hw+0x3484/0x4100
[  511.149958][ T9002]  ? ieee80211_register_hw+0x1451/0x4100
[  511.149977][ T9002]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  511.149991][ T9002]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  511.150013][ T9002]  ? __hrtimer_setup+0x18a/0x200
[  511.150028][ T9002]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  511.150046][ T9002]  mac80211_hwsim_new_radio+0x2c76/0x4e30
[  511.150069][ T9002]  ? mac80211_hwsim_new_radio+0x10b/0x4e30
[  511.150092][ T9002]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  511.150106][ T9002]  ? trace_kmalloc+0x1f/0xd0
[  511.150120][ T9002]  ? kstrndup+0xbf/0x160
[  511.150139][ T9002]  hwsim_new_radio_nl+0xea4/0x1b10
[  511.150154][ T9002]  ? __pfx___nla_validate_parse+0x10/0x10
[  511.150174][ T9002]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  511.150190][ T9002]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  511.150206][ T9002]  ? __nla_parse+0x40/0x60
[  511.150219][ T9002]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  511.150235][ T9002]  genl_family_rcv_msg_doit+0x215/0x300
[  511.150251][ T9002]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  511.150271][ T9002]  ? bpf_lsm_capable+0x9/0x20
[  511.150284][ T9002]  ? security_capable+0x7e/0x2e0
[  511.150304][ T9002]  genl_rcv_msg+0x60e/0x790
[  511.150319][ T9002]  ? __pfx_genl_rcv_msg+0x10/0x10
[  511.150329][ T9002]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  511.150344][ T9002]  ? __lock_acquire+0xab9/0xd20
[  511.150377][ T9002]  netlink_rcv_skb+0x205/0x470
[  511.150404][ T9002]  ? __pfx_genl_rcv_msg+0x10/0x10
[  511.150425][ T9002]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  511.150466][ T9002]  ? netlink_deliver_tap+0x2e/0x1b0
[  511.150491][ T9002]  ? netlink_deliver_tap+0x2e/0x1b0
[  511.150521][ T9002]  genl_rcv+0x28/0x40
[  511.150539][ T9002]  netlink_unicast+0x843/0xa10
[  511.150566][ T9002]  ? __pfx_netlink_unicast+0x10/0x10
[  511.150590][ T9002]  ? netlink_sendmsg+0x642/0xb30
[  511.150615][ T9002]  ? skb_put+0x11b/0x210
[  511.150650][ T9002]  netlink_sendmsg+0x805/0xb30
[  511.150689][ T9002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.150727][ T9002]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  511.150747][ T9002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.150784][ T9002]  __sock_sendmsg+0x219/0x270
[  511.150815][ T9002]  ____sys_sendmsg+0x508/0x820
[  511.150842][ T9002]  ? __pfx_____sys_sendmsg+0x10/0x10
[  511.150873][ T9002]  ? import_iovec+0x74/0xa0
[  511.150903][ T9002]  ___sys_sendmsg+0x21f/0x2a0
[  511.150926][ T9002]  ? __pfx____sys_sendmsg+0x10/0x10
[  511.150989][ T9002]  ? __fget_files+0x2a/0x420
[  511.151017][ T9002]  ? __fget_files+0x3a6/0x420
[  511.151058][ T9002]  __x64_sys_sendmsg+0x1a1/0x260
[  511.151082][ T9002]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  511.151115][ T9002]  ? rcu_is_watching+0x15/0xb0
[  511.151152][ T9002]  ? do_syscall_64+0xbe/0x3b0
[  511.151176][ T9002]  do_syscall_64+0xfa/0x3b0
[  511.151193][ T9002]  ? lockdep_hardirqs_on+0x9c/0x150
[  511.151222][ T9002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.151242][ T9002]  ? clear_bhb_loop+0x60/0xb0
[  511.151268][ T9002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.151295][ T9002] RIP: 0033:0x7f76faddebe9
[  511.151319][ T9002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.151336][ T9002] RSP: 002b:00007f76f9046038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  511.151366][ T9002] RAX: ffffffffffffffda RBX: 00007f76fb015fa0 RCX: 00007f76faddebe9
[  511.151381][ T9002] RDX: 0000000020004840 RSI: 0000200000000040 RDI: 0000000000000004
[  511.151395][ T9002] RBP: 00007f76fae61e19 R08: 0000000000000000 R09: 0000000000000000
[  511.151408][ T9002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  511.151420][ T9002] R13: 00007f76fb016038 R14: 00007f76fb015fa0 R15: 00007fff3e01a748
[  511.151455][ T9002]  </TASK>
[  516.418503][ T9048] netlink: 32 bytes leftover after parsing attributes in process `syz.1.816'.
[  518.328389][   T69] bridge_slave_1: left allmulticast mode
[  518.340908][   T69] bridge_slave_1: left promiscuous mode
[  518.341188][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.576752][ T5849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  518.579715][ T5849] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  518.596543][ T5849] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  518.598858][ T5849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  518.600247][ T5849] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  518.745229][   T69] bridge_slave_0: left allmulticast mode
[  518.745263][   T69] bridge_slave_0: left promiscuous mode
[  518.745623][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.377118][   T69] bridge_slave_1: left allmulticast mode
[  519.377150][   T69] bridge_slave_1: left promiscuous mode
[  519.377429][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.554584][   T69] bridge_slave_0: left allmulticast mode
[  519.554618][   T69] bridge_slave_0: left promiscuous mode
[  519.554898][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.681896][   T69] bridge_slave_1: left allmulticast mode
[  519.681930][   T69] bridge_slave_1: left promiscuous mode
[  519.682186][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.775023][   T69] bridge_slave_0: left allmulticast mode
[  519.775055][   T69] bridge_slave_0: left promiscuous mode
[  519.775334][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.908393][ T5849] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  519.919145][ T5849] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  519.928833][ T5849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  519.936684][ T5849] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  519.944952][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  520.037315][ T5839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  520.056309][ T5839] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  520.058426][ T5839] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  520.064913][ T5839] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  520.065777][ T5839] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  520.660872][ T5849] Bluetooth: hci5: command tx timeout
[  520.961503][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  521.702881][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  521.764699][   T69] bond0 (unregistering): Released all slaves
[  522.020717][ T5849] Bluetooth: hci6: command tx timeout
[  522.100782][ T5849] Bluetooth: hci7: command tx timeout
[  522.137292][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  522.231393][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  522.304503][   T69] bond0 (unregistering): Released all slaves
[  522.740720][ T5849] Bluetooth: hci5: command tx timeout
[  522.892809][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  522.971490][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  523.040939][   T69] bond0 (unregistering): Released all slaves
[  523.292126][ T9066] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�vy��آ
�D��UD�w�}�zR3��p(@O�>���P��'
[  523.292143][ T9066] CPU: 0 UID: 0 PID: 9066 Comm: syz.2.820 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  523.292157][ T9066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  523.292164][ T9066] Call Trace:
[  523.292168][ T9066]  <TASK>
[  523.292173][ T9066]  dump_stack_lvl+0x189/0x250
[  523.292197][ T9066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.292214][ T9066]  ? __pfx__printk+0x10/0x10
[  523.292226][ T9066]  ? kernfs_path_from_node+0x2c/0x280
[  523.292240][ T9066]  ? kernfs_path_from_node+0x2c/0x280
[  523.292251][ T9066]  ? kernfs_path_from_node+0x243/0x280
[  523.292261][ T9066]  ? kernfs_path_from_node+0x2c/0x280
[  523.292273][ T9066]  sysfs_warn_dup+0x8e/0xa0
[  523.292290][ T9066]  sysfs_do_create_link_sd+0xc0/0x110
[  523.292302][ T9066]  device_add_class_symlinks+0x1d2/0x240
[  523.292315][ T9066]  device_add+0x475/0xb50
[  523.292328][ T9066]  wiphy_register+0x1ba6/0x28d0
[  523.292353][ T9066]  ? __pfx_wiphy_register+0x10/0x10
[  523.292368][ T9066]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  523.292385][ T9066]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  523.292400][ T9066]  ieee80211_register_hw+0x3484/0x4100
[  523.292422][ T9066]  ? ieee80211_register_hw+0x1451/0x4100
[  523.292440][ T9066]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  523.292454][ T9066]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  523.292476][ T9066]  ? __hrtimer_setup+0x18a/0x200
[  523.292491][ T9066]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  523.292509][ T9066]  mac80211_hwsim_new_radio+0x2c76/0x4e30
[  523.292531][ T9066]  ? mac80211_hwsim_new_radio+0x10b/0x4e30
[  523.292554][ T9066]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  523.292567][ T9066]  ? trace_kmalloc+0x1f/0xd0
[  523.292580][ T9066]  ? kstrndup+0xbf/0x160
[  523.292600][ T9066]  hwsim_new_radio_nl+0xea4/0x1b10
[  523.292629][ T9066]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  523.292645][ T9066]  ? irqentry_exit+0x74/0x90
[  523.292660][ T9066]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.292680][ T9066]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  523.292699][ T9066]  genl_family_rcv_msg_doit+0x215/0x300
[  523.292716][ T9066]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  523.292727][ T9066]  ? irqentry_exit+0x74/0x90
[  523.292750][ T9066]  ? genl_rcv_msg+0x5eb/0x790
[  523.292764][ T9066]  genl_rcv_msg+0x60e/0x790
[  523.292780][ T9066]  ? __pfx_genl_rcv_msg+0x10/0x10
[  523.292790][ T9066]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  523.292805][ T9066]  ? __lock_acquire+0xab9/0xd20
[  523.292825][ T9066]  netlink_rcv_skb+0x205/0x470
[  523.292840][ T9066]  ? __pfx_genl_rcv_msg+0x10/0x10
[  523.292853][ T9066]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  523.292878][ T9066]  ? netlink_deliver_tap+0x2e/0x1b0
[  523.292892][ T9066]  ? netlink_deliver_tap+0x2e/0x1b0
[  523.292909][ T9066]  genl_rcv+0x28/0x40
[  523.292918][ T9066]  netlink_unicast+0x843/0xa10
[  523.292937][ T9066]  ? __pfx_netlink_unicast+0x10/0x10
[  523.292951][ T9066]  ? netlink_sendmsg+0x642/0xb30
[  523.292965][ T9066]  ? skb_put+0x11b/0x210
[  523.292984][ T9066]  netlink_sendmsg+0x805/0xb30
[  523.293005][ T9066]  ? __pfx_netlink_sendmsg+0x10/0x10
[  523.293026][ T9066]  ? __pfx_netlink_sendmsg+0x10/0x10
[  523.293041][ T9066]  __sock_sendmsg+0x219/0x270
[  523.293057][ T9066]  ____sys_sendmsg+0x508/0x820
[  523.293071][ T9066]  ? __pfx_____sys_sendmsg+0x10/0x10
[  523.293088][ T9066]  ? import_iovec+0x74/0xa0
[  523.293109][ T9066]  ___sys_sendmsg+0x21f/0x2a0
[  523.293121][ T9066]  ? __pfx____sys_sendmsg+0x10/0x10
[  523.293135][ T9066]  ? rcu_is_watching+0x15/0xb0
[  523.293171][ T9066]  ? __fget_files+0x2a/0x420
[  523.293186][ T9066]  ? __fget_files+0x3a6/0x420
[  523.293208][ T9066]  __x64_sys_sendmsg+0x1a1/0x260
[  523.293221][ T9066]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  523.293248][ T9066]  do_syscall_64+0xfa/0x3b0
[  523.293258][ T9066]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.293269][ T9066]  ? asm_sysvec_call_function_single+0x1a/0x20
[  523.293279][ T9066]  ? clear_bhb_loop+0x60/0xb0
[  523.293292][ T9066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.293303][ T9066] RIP: 0033:0x7f76faddebe9
[  523.293314][ T9066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.293323][ T9066] RSP: 002b:00007f76f9004038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  523.293335][ T9066] RAX: ffffffffffffffda RBX: 00007f76fb016180 RCX: 00007f76faddebe9
[  523.293342][ T9066] RDX: 0000000020004840 RSI: 0000200000000040 RDI: 0000000000000004
[  523.293349][ T9066] RBP: 00007f76fae61e19 R08: 0000000000000000 R09: 0000000000000000
[  523.293356][ T9066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  523.293362][ T9066] R13: 00007f76fb016218 R14: 00007f76fb016180 R15: 00007fff3e01a748
[  523.293380][ T9066]  </TASK>
[  524.110318][ T5849] Bluetooth: hci6: command tx timeout
[  524.192275][ T5849] Bluetooth: hci7: command tx timeout
[  525.353801][ T5849] Bluetooth: hci5: command tx timeout
[  525.508096][ T9092] binder: 9086:9092 ioctl c0306201 200000000100 returned -22
[  526.148352][ T9090] mmap: syz.1.825 (9090) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  526.279383][ T5849] Bluetooth: hci6: command tx timeout
[  526.279416][ T5849] Bluetooth: hci7: command tx timeout
[  526.596820][ T9101] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  527.433409][ T5839] Bluetooth: hci5: command tx timeout
[  527.515042][ T9101] tipc: Enabled bearer <udp:syz0>, priority 10
[  527.949120][   T69] hsr_slave_0: left promiscuous mode
[  528.050547][   T69] hsr_slave_1: left promiscuous mode
[  528.051290][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  528.081212][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  528.220602][   T69] hsr_slave_0: left promiscuous mode
[  528.240758][   T69] hsr_slave_1: left promiscuous mode
[  528.241452][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  528.271406][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  528.341118][ T5849] Bluetooth: hci7: command tx timeout
[  528.341133][ T5843] Bluetooth: hci6: command tx timeout
[  528.380647][   T69] hsr_slave_0: left promiscuous mode
[  528.400757][   T69] hsr_slave_1: left promiscuous mode
[  528.401731][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  528.441752][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  529.164745][   T69] team0 (unregistering): Port device team_slave_1 removed
[  529.301446][   T69] team0 (unregistering): Port device team_slave_0 removed
[  530.614130][ T5849] Bluetooth: hci7: command 0x0405 tx timeout
[  531.451430][   T69] team0 (unregistering): Port device team_slave_1 removed
[  531.591555][   T69] team0 (unregistering): Port device team_slave_0 removed
[  532.726659][   T69] team0 (unregistering): Port device team_slave_1 removed
[  532.841134][   T69] team0 (unregistering): Port device team_slave_0 removed
[  533.475162][ T9113] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�vy��آ
�D��UD�w�}�zR3��p(@O�>���P��'
[  533.475176][ T9113] CPU: 0 UID: 0 PID: 9113 Comm: syz.2.829 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  533.475190][ T9113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  533.475197][ T9113] Call Trace:
[  533.475202][ T9113]  <TASK>
[  533.475207][ T9113]  dump_stack_lvl+0x189/0x250
[  533.475239][ T9113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  533.475255][ T9113]  ? __pfx__printk+0x10/0x10
[  533.475269][ T9113]  ? kernfs_path_from_node+0x2c/0x280
[  533.475283][ T9113]  ? kernfs_path_from_node+0x2c/0x280
[  533.475293][ T9113]  ? kernfs_path_from_node+0x243/0x280
[  533.475302][ T9113]  ? kernfs_path_from_node+0x2c/0x280
[  533.475315][ T9113]  sysfs_warn_dup+0x8e/0xa0
[  533.475332][ T9113]  sysfs_do_create_link_sd+0xc0/0x110
[  533.475343][ T9113]  device_add_class_symlinks+0x1d2/0x240
[  533.475356][ T9113]  device_add+0x475/0xb50
[  533.475369][ T9113]  wiphy_register+0x1ba6/0x28d0
[  533.475395][ T9113]  ? __pfx_wiphy_register+0x10/0x10
[  533.475410][ T9113]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  533.475427][ T9113]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  533.475441][ T9113]  ieee80211_register_hw+0x3484/0x4100
[  533.475463][ T9113]  ? ieee80211_register_hw+0x1451/0x4100
[  533.475481][ T9113]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  533.475495][ T9113]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  533.475521][ T9113]  ? __hrtimer_setup+0x18a/0x200
[  533.475536][ T9113]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  533.475555][ T9113]  mac80211_hwsim_new_radio+0x2c76/0x4e30
[  533.475577][ T9113]  ? mac80211_hwsim_new_radio+0x10b/0x4e30
[  533.475600][ T9113]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  533.475613][ T9113]  ? trace_kmalloc+0x1f/0xd0
[  533.475627][ T9113]  ? kstrndup+0xbf/0x160
[  533.475647][ T9113]  hwsim_new_radio_nl+0xea4/0x1b10
[  533.475663][ T9113]  ? __pfx___nla_validate_parse+0x10/0x10
[  533.475683][ T9113]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  533.475698][ T9113]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  533.475715][ T9113]  ? __nla_parse+0x40/0x60
[  533.475728][ T9113]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  533.475744][ T9113]  genl_family_rcv_msg_doit+0x215/0x300
[  533.475760][ T9113]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  533.475779][ T9113]  ? bpf_lsm_capable+0x9/0x20
[  533.475793][ T9113]  ? security_capable+0x7e/0x2e0
[  533.475813][ T9113]  genl_rcv_msg+0x60e/0x790
[  533.475830][ T9113]  ? __pfx_genl_rcv_msg+0x10/0x10
[  533.475841][ T9113]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  533.475856][ T9113]  ? __lock_acquire+0xab9/0xd20
[  533.475877][ T9113]  netlink_rcv_skb+0x205/0x470
[  533.475892][ T9113]  ? __pfx_genl_rcv_msg+0x10/0x10
[  533.475904][ T9113]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  533.475928][ T9113]  ? netlink_deliver_tap+0x2e/0x1b0
[  533.475943][ T9113]  ? netlink_deliver_tap+0x2e/0x1b0
[  533.475960][ T9113]  genl_rcv+0x28/0x40
[  533.475969][ T9113]  netlink_unicast+0x843/0xa10
[  533.475988][ T9113]  ? __pfx_netlink_unicast+0x10/0x10
[  533.476003][ T9113]  ? netlink_sendmsg+0x642/0xb30
[  533.476017][ T9113]  ? skb_put+0x11b/0x210
[  533.476036][ T9113]  netlink_sendmsg+0x805/0xb30
[  533.476057][ T9113]  ? __pfx_netlink_sendmsg+0x10/0x10
[  533.476082][ T9113]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  533.476093][ T9113]  ? __pfx_netlink_sendmsg+0x10/0x10
[  533.476109][ T9113]  __sock_sendmsg+0x219/0x270
[  533.476125][ T9113]  ____sys_sendmsg+0x508/0x820
[  533.476140][ T9113]  ? __pfx_____sys_sendmsg+0x10/0x10
[  533.476158][ T9113]  ? import_iovec+0x74/0xa0
[  533.476182][ T9113]  ___sys_sendmsg+0x21f/0x2a0
[  533.476202][ T9113]  ? __pfx____sys_sendmsg+0x10/0x10
[  533.476259][ T9113]  ? __fget_files+0x2a/0x420
[  533.476284][ T9113]  ? __fget_files+0x3a6/0x420
[  533.476323][ T9113]  __x64_sys_sendmsg+0x1a1/0x260
[  533.476347][ T9113]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  533.476379][ T9113]  ? rcu_is_watching+0x15/0xb0
[  533.476416][ T9113]  ? do_syscall_64+0xbe/0x3b0
[  533.476440][ T9113]  do_syscall_64+0xfa/0x3b0
[  533.476458][ T9113]  ? lockdep_hardirqs_on+0x9c/0x150
[  533.476487][ T9113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.476509][ T9113]  ? clear_bhb_loop+0x60/0xb0
[  533.476535][ T9113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.476556][ T9113] RIP: 0033:0x7f76faddebe9
[  533.476576][ T9113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.476595][ T9113] RSP: 002b:00007f76f9046038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  533.476616][ T9113] RAX: ffffffffffffffda RBX: 00007f76fb015fa0 RCX: 00007f76faddebe9
[  533.476632][ T9113] RDX: 0000000020004840 RSI: 0000200000000040 RDI: 0000000000000004
[  533.476645][ T9113] RBP: 00007f76fae61e19 R08: 0000000000000000 R09: 0000000000000000
[  533.476658][ T9113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  533.476670][ T9113] R13: 00007f76fb016038 R14: 00007f76fb015fa0 R15: 00007fff3e01a748
[  533.476704][ T9113]  </TASK>
[  536.934464][ T9059] chnl_net:caif_netlink_parms(): no params data found
[  537.242307][ T9069] chnl_net:caif_netlink_parms(): no params data found
[  537.947757][ T9071] chnl_net:caif_netlink_parms(): no params data found
[  538.843355][ T9166] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�vy��آ
�D��UD�w�}�zR3��p(@O�>���P��'
[  538.843369][ T9166] CPU: 1 UID: 0 PID: 9166 Comm: syz.2.838 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  538.843383][ T9166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.843390][ T9166] Call Trace:
[  538.843395][ T9166]  <TASK>
[  538.843399][ T9166]  dump_stack_lvl+0x189/0x250
[  538.843423][ T9166]  ? __pfx_dump_stack_lvl+0x10/0x10
[  538.843440][ T9166]  ? __pfx__printk+0x10/0x10
[  538.843460][ T9166]  ? kernfs_path_from_node+0x2c/0x280
[  538.843474][ T9166]  ? kernfs_path_from_node+0x2c/0x280
[  538.843485][ T9166]  ? kernfs_path_from_node+0x243/0x280
[  538.843494][ T9166]  ? kernfs_path_from_node+0x2c/0x280
[  538.843508][ T9166]  sysfs_warn_dup+0x8e/0xa0
[  538.843525][ T9166]  sysfs_do_create_link_sd+0xc0/0x110
[  538.843538][ T9166]  device_add_class_symlinks+0x1d2/0x240
[  538.843551][ T9166]  device_add+0x475/0xb50
[  538.843564][ T9166]  wiphy_register+0x1ba6/0x28d0
[  538.843589][ T9166]  ? __pfx_wiphy_register+0x10/0x10
[  538.843604][ T9166]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  538.843621][ T9166]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  538.843636][ T9166]  ieee80211_register_hw+0x3484/0x4100
[  538.843658][ T9166]  ? ieee80211_register_hw+0x1451/0x4100
[  538.843676][ T9166]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  538.843691][ T9166]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  538.843713][ T9166]  ? __hrtimer_setup+0x18a/0x200
[  538.843729][ T9166]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  538.843746][ T9166]  mac80211_hwsim_new_radio+0x2c76/0x4e30
[  538.843769][ T9166]  ? mac80211_hwsim_new_radio+0x10b/0x4e30
[  538.843791][ T9166]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  538.843804][ T9166]  ? trace_kmalloc+0x1f/0xd0
[  538.843818][ T9166]  ? kstrndup+0xbf/0x160
[  538.843838][ T9166]  hwsim_new_radio_nl+0xea4/0x1b10
[  538.843859][ T9166]  ? __pfx___nla_validate_parse+0x10/0x10
[  538.843880][ T9166]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  538.843896][ T9166]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  538.843913][ T9166]  ? __nla_parse+0x40/0x60
[  538.843927][ T9166]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  538.843945][ T9166]  genl_family_rcv_msg_doit+0x215/0x300
[  538.843961][ T9166]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  538.843980][ T9166]  ? bpf_lsm_capable+0x9/0x20
[  538.843993][ T9166]  ? security_capable+0x7e/0x2e0
[  538.844014][ T9166]  genl_rcv_msg+0x60e/0x790
[  538.844029][ T9166]  ? __pfx_genl_rcv_msg+0x10/0x10
[  538.844040][ T9166]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  538.844055][ T9166]  ? __lock_acquire+0xab9/0xd20
[  538.844075][ T9166]  netlink_rcv_skb+0x205/0x470
[  538.844091][ T9166]  ? __pfx_genl_rcv_msg+0x10/0x10
[  538.844103][ T9166]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  538.844127][ T9166]  ? netlink_deliver_tap+0x2e/0x1b0
[  538.844142][ T9166]  ? netlink_deliver_tap+0x2e/0x1b0
[  538.844159][ T9166]  genl_rcv+0x28/0x40
[  538.844169][ T9166]  netlink_unicast+0x843/0xa10
[  538.844187][ T9166]  ? __pfx_netlink_unicast+0x10/0x10
[  538.844204][ T9166]  ? netlink_sendmsg+0x642/0xb30
[  538.844219][ T9166]  ? skb_put+0x11b/0x210
[  538.844238][ T9166]  netlink_sendmsg+0x805/0xb30
[  538.844259][ T9166]  ? __pfx_netlink_sendmsg+0x10/0x10
[  538.844279][ T9166]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  538.844290][ T9166]  ? __pfx_netlink_sendmsg+0x10/0x10
[  538.844305][ T9166]  __sock_sendmsg+0x219/0x270
[  538.844321][ T9166]  ____sys_sendmsg+0x508/0x820
[  538.844336][ T9166]  ? __pfx_____sys_sendmsg+0x10/0x10
[  538.844352][ T9166]  ? import_iovec+0x74/0xa0
[  538.844368][ T9166]  ___sys_sendmsg+0x21f/0x2a0
[  538.844380][ T9166]  ? __pfx____sys_sendmsg+0x10/0x10
[  538.844421][ T9166]  ? __fget_files+0x2a/0x420
[  538.844437][ T9166]  ? __fget_files+0x3a6/0x420
[  538.844463][ T9166]  __x64_sys_sendmsg+0x1a1/0x260
[  538.844476][ T9166]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  538.844493][ T9166]  ? rcu_is_watching+0x15/0xb0
[  538.844514][ T9166]  ? do_syscall_64+0xbe/0x3b0
[  538.844527][ T9166]  do_syscall_64+0xfa/0x3b0
[  538.844536][ T9166]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.844552][ T9166]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.844563][ T9166]  ? clear_bhb_loop+0x60/0xb0
[  538.844576][ T9166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.844587][ T9166] RIP: 0033:0x7f76faddebe9
[  538.844598][ T9166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.844608][ T9166] RSP: 002b:00007f76f9046038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  538.844620][ T9166] RAX: ffffffffffffffda RBX: 00007f76fb015fa0 RCX: 00007f76faddebe9
[  538.844629][ T9166] RDX: 0000000020004840 RSI: 0000200000000040 RDI: 0000000000000004
[  538.844636][ T9166] RBP: 00007f76fae61e19 R08: 0000000000000000 R09: 0000000000000000
[  538.844644][ T9166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  538.844651][ T9166] R13: 00007f76fb016038 R14: 00007f76fb015fa0 R15: 00007fff3e01a748
[  538.844669][ T9166]  </TASK>
[  541.262097][   T37] audit: type=1326 audit(1757222443.411:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9187 comm="syz.2.841" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x0
[  542.062575][ T9059] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.062738][ T9059] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.063001][ T9059] bridge_slave_0: entered allmulticast mode
[  542.065875][ T9059] bridge_slave_0: entered promiscuous mode
[  542.800138][ T9059] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.800853][ T9059] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.801090][ T9059] bridge_slave_1: entered allmulticast mode
[  542.804086][ T9059] bridge_slave_1: entered promiscuous mode
[  544.151908][ T9069] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.152074][ T9069] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.152271][ T9069] bridge_slave_0: entered allmulticast mode
[  544.344332][   T37] audit: type=1326 audit(1757222446.491:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9221 comm="syz.2.849" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x0
[  545.192424][ T9069] bridge_slave_0: entered promiscuous mode
[  545.654078][ T9069] bridge0: port 2(bridge_slave_1) entered blocking state
[  545.654260][ T9069] bridge0: port 2(bridge_slave_1) entered disabled state
[  545.654460][ T9069] bridge_slave_1: entered allmulticast mode
[  545.701213][ T9069] bridge_slave_1: entered promiscuous mode
[  546.104080][ T9059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  546.110117][   T37] audit: type=1326 audit(1757222448.251:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.689840][   T37] audit: type=1326 audit(1757222448.251:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.689894][   T37] audit: type=1326 audit(1757222448.831:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.689938][   T37] audit: type=1326 audit(1757222448.831:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.689983][   T37] audit: type=1326 audit(1757222448.831:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.998043][   T37] audit: type=1326 audit(1757222449.141:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.998760][   T37] audit: type=1326 audit(1757222449.141:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.999290][   T37] audit: type=1326 audit(1757222449.141:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.999577][   T37] audit: type=1326 audit(1757222449.141:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  546.999982][   T37] audit: type=1326 audit(1757222449.141:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  547.001560][   T37] audit: type=1326 audit(1757222449.141:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9242 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76faddebe9 code=0x7ffc0000
[  548.470863][ T9071] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.471021][ T9071] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.471280][ T9071] bridge_slave_0: entered allmulticast mode
[  548.478677][ T9071] bridge_slave_0: entered promiscuous mode
[  548.498487][ T9059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.877115][ T9071] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.877255][ T9071] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.877509][ T9071] bridge_slave_1: entered allmulticast mode
[  548.880224][ T9071] bridge_slave_1: entered promiscuous mode
[  549.045709][ T9069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  549.307695][ T9069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  549.516659][ T9059] team0: Port device team_slave_0 added
[  549.675659][ T9071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  564.621535][ T9059] team0: Port device team_slave_1 added
[  564.673856][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  564.685198][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  564.690989][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  564.692742][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  564.693435][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  564.933348][ T9071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  565.326300][ T9069] team0: Port device team_slave_0 added
[  565.761905][ T9069] team0: Port device team_slave_1 added
[  565.762446][ T9301] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  566.519189][ T9059] batman_adv: batadv0: Adding interface: batadv_slave_0
[  566.519201][ T9059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  566.519217][ T9059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  566.665867][ T9071] team0: Port device team_slave_0 added
[  566.670311][ T9059] batman_adv: batadv0: Adding interface: batadv_slave_1
[  566.670326][ T9059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  566.670649][ T9059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  566.757389][ T5839] Bluetooth: hci1: command tx timeout
[  567.069500][ T9071] team0: Port device team_slave_1 added
[  567.092368][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_0
[  567.092386][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.092412][ T9069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  568.016924][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_1
[  568.016941][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.016968][ T9069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.215726][ T9071] batman_adv: batadv0: Adding interface: batadv_slave_0
[  568.215743][ T9071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.215771][ T9071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  568.275807][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  568.275882][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  568.388304][ T9071] batman_adv: batadv0: Adding interface: batadv_slave_1
[  568.388321][ T9071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.388348][ T9071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.744632][ T9059] hsr_slave_0: entered promiscuous mode
[  568.746141][ T9059] hsr_slave_1: entered promiscuous mode
[  568.747099][ T9059] debugfs: 'hsr0' already exists in 'hsr'
[  568.747124][ T9059] Cannot create hsr debugfs directory
[  568.820683][ T5839] Bluetooth: hci1: command tx timeout
[  570.583532][ T9069] hsr_slave_0: entered promiscuous mode
[  570.584824][ T9069] hsr_slave_1: entered promiscuous mode
[  570.585684][ T9069] debugfs: 'hsr0' already exists in 'hsr'
[  570.585708][ T9069] Cannot create hsr debugfs directory
[  570.900518][ T5839] Bluetooth: hci1: command tx timeout
[  571.003795][   T37] kauditd_printk_skb: 7 callbacks suppressed
[  571.003811][   T37] audit: type=1326 audit(1757222473.151:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9339 comm="syz.1.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  571.004067][   T37] audit: type=1326 audit(1757222473.151:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9339 comm="syz.1.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  571.004270][   T37] audit: type=1326 audit(1757222473.151:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9339 comm="syz.1.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  572.469174][ T9071] hsr_slave_0: entered promiscuous mode
[  572.479056][ T9071] hsr_slave_1: entered promiscuous mode
[  572.480037][ T9071] debugfs: 'hsr0' already exists in 'hsr'
[  572.480060][ T9071] Cannot create hsr debugfs directory
[  572.679223][ T9356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.893'.
[  572.901970][   T69] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.980633][ T5839] Bluetooth: hci1: command tx timeout
[  573.367856][   T69] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.818298][   T69] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.999096][ T9363] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  575.305549][   T69] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.755267][   T37] audit: type=1326 audit(1757222477.901:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9384 comm="syz.1.902" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fedf244ebe9 code=0x0
[  575.869342][ T9387] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  576.319453][ T9293] chnl_net:caif_netlink_parms(): no params data found
[  576.998677][ T9293] bridge0: port 1(bridge_slave_0) entered blocking state
[  576.998897][ T9293] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.999165][ T9293] bridge_slave_0: entered allmulticast mode
[  577.032899][ T9293] bridge_slave_0: entered promiscuous mode
[  577.431999][ T9293] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.432146][ T9293] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.432410][ T9293] bridge_slave_1: entered allmulticast mode
[  577.435392][ T9293] bridge_slave_1: entered promiscuous mode
[  578.564753][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  578.585617][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  578.591185][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  578.603111][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  578.605956][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  578.884525][ T9293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  579.018369][ T9293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  579.723002][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  579.733084][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  579.734344][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  579.737584][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  579.765422][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  580.059414][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  580.086305][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  580.089027][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  580.090246][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  580.091058][ T5849] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  580.341358][ T9293] team0: Port device team_slave_0 added
[  580.371540][ T9293] team0: Port device team_slave_1 added
[  580.660707][ T5849] Bluetooth: hci2: command tx timeout
[  580.709871][ T9293] batman_adv: batadv0: Adding interface: batadv_slave_0
[  580.709887][ T9293] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  580.709914][ T9293] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  580.722600][ T9293] batman_adv: batadv0: Adding interface: batadv_slave_1
[  580.722616][ T9293] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  580.722641][ T9293] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  581.319117][ T9293] hsr_slave_0: entered promiscuous mode
[  581.320030][ T9293] hsr_slave_1: entered promiscuous mode
[  581.321033][ T9293] debugfs: 'hsr0' already exists in 'hsr'
[  581.321059][ T9293] Cannot create hsr debugfs directory
[  581.385812][   T69] bridge_slave_1: left allmulticast mode
[  581.385845][   T69] bridge_slave_1: left promiscuous mode
[  581.386109][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.443144][   T69] bridge_slave_0: left allmulticast mode
[  581.443179][   T69] bridge_slave_0: left promiscuous mode
[  581.443455][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.508338][   T69] bridge_slave_1: left allmulticast mode
[  581.508378][   T69] bridge_slave_1: left promiscuous mode
[  581.508624][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.579906][   T69] bridge_slave_0: left allmulticast mode
[  581.579940][   T69] bridge_slave_0: left promiscuous mode
[  581.580202][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.655014][   T69] bridge_slave_1: left allmulticast mode
[  581.655049][   T69] bridge_slave_1: left promiscuous mode
[  581.655297][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.742295][   T69] bridge_slave_0: left allmulticast mode
[  581.742330][   T69] bridge_slave_0: left promiscuous mode
[  581.742594][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.820306][   T69] bridge_slave_1: left allmulticast mode
[  581.820330][   T69] bridge_slave_1: left promiscuous mode
[  581.821708][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.860602][ T5849] Bluetooth: hci3: command tx timeout
[  581.889885][   T69] bridge_slave_0: left allmulticast mode
[  581.889921][   T69] bridge_slave_0: left promiscuous mode
[  581.890201][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  582.181344][ T5849] Bluetooth: hci4: command tx timeout
[  582.740608][ T5849] Bluetooth: hci2: command tx timeout
[  583.761383][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  583.841321][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  583.902102][   T69] bond0 (unregistering): (slave team0): Releasing backup interface
[  583.940554][ T5849] Bluetooth: hci3: command tx timeout
[  583.944324][   T69] bond0 (unregistering): Released all slaves
[  584.231170][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  584.260587][ T5849] Bluetooth: hci4: command tx timeout
[  584.331586][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  584.394548][   T69] bond0 (unregistering): Released all slaves
[  584.661471][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  584.744807][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  584.820650][ T5849] Bluetooth: hci2: command tx timeout
[  584.826183][   T69] bond0 (unregistering): Released all slaves
[  585.141658][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  585.221724][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  585.295959][   T69] bond0 (unregistering): Released all slaves
[  585.685319][   T69] tipc: Disabling bearer <udp:syz2>
[  585.685851][   T69] tipc: Left network mode
[  586.138472][ T5849] Bluetooth: hci3: command tx timeout
[  586.605126][ T5839] Bluetooth: hci4: command tx timeout
[  586.910734][ T5839] Bluetooth: hci2: command tx timeout
[  588.180611][ T5839] Bluetooth: hci3: command tx timeout
[  588.298703][ T9404] chnl_net:caif_netlink_parms(): no params data found
[  588.660632][ T5839] Bluetooth: hci4: command tx timeout
[  589.961227][ T9417] chnl_net:caif_netlink_parms(): no params data found
[  590.043118][ T9414] chnl_net:caif_netlink_parms(): no params data found
[  590.240882][   T69] hsr_slave_0: left promiscuous mode
[  590.241995][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  590.242024][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  590.281911][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  590.281943][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  590.430734][   T69] hsr_slave_0: left promiscuous mode
[  590.470707][   T69] hsr_slave_1: left promiscuous mode
[  590.471782][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  590.507922][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  590.661111][   T69] hsr_slave_0: left promiscuous mode
[  590.680638][   T69] hsr_slave_1: left promiscuous mode
[  590.681674][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  590.721411][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  590.920508][   T69] hsr_slave_0: left promiscuous mode
[  590.960619][   T69] hsr_slave_1: left promiscuous mode
[  590.961586][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  591.013682][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  591.158351][   T69] veth1_macvtap: left promiscuous mode
[  591.158475][   T69] veth0_macvtap: left promiscuous mode
[  591.158768][   T69] veth1_vlan: left promiscuous mode
[  591.158975][   T69] veth0_vlan: left promiscuous mode
[  595.131512][   T69] team0 (unregistering): Port device team_slave_1 removed
[  595.361489][   T69] team0 (unregistering): Port device team_slave_0 removed
[  598.643715][   T69] team0 (unregistering): Port device team_slave_1 removed
[  598.783295][   T69] team0 (unregistering): Port device team_slave_0 removed
[  600.161574][   T69] team0 (unregistering): Port device team_slave_1 removed
[  600.291310][   T69] team0 (unregistering): Port device team_slave_0 removed
[  601.632680][   T69] team0 (unregistering): Port device team_slave_1 removed
[  601.781239][   T69] team0 (unregistering): Port device team_slave_0 removed
[  602.714993][ T9498] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  603.166492][ T9404] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.166645][ T9404] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.166850][ T9404] bridge_slave_0: entered allmulticast mode
[  603.169728][ T9404] bridge_slave_0: entered promiscuous mode
[  603.237740][ T9404] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.237952][ T9404] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.238197][ T9404] bridge_slave_1: entered allmulticast mode
[  603.261701][ T9404] bridge_slave_1: entered promiscuous mode
[  603.823667][ T9293] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  603.995415][ T9404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  604.033313][ T9417] bridge0: port 1(bridge_slave_0) entered blocking state
[  604.033456][ T9417] bridge0: port 1(bridge_slave_0) entered disabled state
[  604.033685][ T9417] bridge_slave_0: entered allmulticast mode
[  604.036537][ T9417] bridge_slave_0: entered promiscuous mode
[  604.038636][ T9293] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  604.208321][ T9404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  604.208770][ T9417] bridge0: port 2(bridge_slave_1) entered blocking state
[  604.208907][ T9417] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.209091][ T9417] bridge_slave_1: entered allmulticast mode
[  604.308525][ T9417] bridge_slave_1: entered promiscuous mode
[  604.389924][ T9293] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  604.856961][ T9414] bridge0: port 1(bridge_slave_0) entered blocking state
[  604.857117][ T9414] bridge0: port 1(bridge_slave_0) entered disabled state
[  604.857313][ T9414] bridge_slave_0: entered allmulticast mode
[  604.870753][ T9414] bridge_slave_0: entered promiscuous mode
[  605.101635][ T9293] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  605.150630][ T9414] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.150806][ T9414] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.151144][ T9414] bridge_slave_1: entered allmulticast mode
[  605.154153][ T9414] bridge_slave_1: entered promiscuous mode
[  605.475794][ T9404] team0: Port device team_slave_0 added
[  605.482650][ T9417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.636888][ T9417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  605.690884][ T9404] team0: Port device team_slave_1 added
[  605.702778][ T9414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.906162][ T9414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  606.251444][ T9417] team0: Port device team_slave_0 added
[  606.252847][ T9404] batman_adv: batadv0: Adding interface: batadv_slave_0
[  606.252861][ T9404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.252889][ T9404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  606.378501][ T9404] batman_adv: batadv0: Adding interface: batadv_slave_1
[  606.378647][ T9404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.378675][ T9404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  606.430165][ T9417] team0: Port device team_slave_1 added
[  606.662451][ T9414] team0: Port device team_slave_0 added
[  606.817717][ T9414] team0: Port device team_slave_1 added
[  607.409897][   T37] audit: type=1326 audit(1757222509.551:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.410123][   T37] audit: type=1326 audit(1757222509.551:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.423805][ T9417] batman_adv: batadv0: Adding interface: batadv_slave_0
[  607.423822][ T9417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  607.423847][ T9417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  607.506173][   T37] audit: type=1326 audit(1757222509.651:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.506683][   T37] audit: type=1326 audit(1757222509.651:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.507186][   T37] audit: type=1326 audit(1757222509.651:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.508816][   T37] audit: type=1326 audit(1757222509.651:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.509087][   T37] audit: type=1326 audit(1757222509.651:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.509220][   T37] audit: type=1326 audit(1757222509.651:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.509407][   T37] audit: type=1326 audit(1757222509.651:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.509559][   T37] audit: type=1326 audit(1757222509.651:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9577 comm="syz.1.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf244ebe9 code=0x7ffc0000
[  607.710762][ T9580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.946'.
[  608.241919][ T9417] batman_adv: batadv0: Adding interface: batadv_slave_1
[  608.241936][ T9417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  608.241963][ T9417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  608.243586][ T9414] batman_adv: batadv0: Adding interface: batadv_slave_0
[  608.243599][ T9414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  608.243623][ T9414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  608.645040][ T9587] ==================================================================
[  608.645058][ T9587] BUG: KFENCE: use-after-free read in xfrm_state_find+0x279a/0x53e0
[  608.645058][ T9587] 
[  608.645100][ T9587] Use-after-free read at 0xffff88823becaf70 (in kfence-#100):
[  608.645138][ T9587]  xfrm_state_find+0x279a/0x53e0
[  608.645169][ T9587]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  608.645192][ T9587]  xfrm_lookup_with_ifid+0x2a7/0x1a90
[  608.645214][ T9587]  xfrm_lookup_route+0x3c/0x1c0
[  608.645235][ T9587]  rawv6_sendmsg+0xdab/0x1820
[  608.645262][ T9587]  __sock_sendmsg+0x19c/0x270
[  608.645284][ T9587]  ____sys_sendmsg+0x534/0x820
[  608.645302][ T9587]  ___sys_sendmsg+0x21f/0x2a0
[  608.645318][ T9587]  __sys_sendmmsg+0x22d/0x430
[  608.645335][ T9587]  __x64_sys_sendmmsg+0xa0/0xc0
[  608.645353][ T9587]  do_syscall_64+0xfa/0x3b0
[  608.645369][ T9587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.645389][ T9587] 
[  608.645394][ T9587] kfence-#100: 0xffff88823becaf00-0xffff88823becafef, size=240, cache=skbuff_head_cache
[  608.645394][ T9587] 
[  608.645416][ T9587] allocated by task 57 on cpu 1 at 604.789755s (3.855660s ago):
[  608.645454][ T9587]  __alloc_skb+0x112/0x2d0
[  608.645481][ T9587]  nsim_dev_trap_report_work+0x29f/0xbc0
[  608.645511][ T9587]  process_scheduled_works+0xade/0x17b0
[  608.645535][ T9587]  worker_thread+0x8a0/0xda0
[  608.645558][ T9587]  kthread+0x70e/0x8a0
[  608.645584][ T9587]  ret_from_fork+0x3f9/0x770
[  608.645608][ T9587]  ret_from_fork_asm+0x1a/0x30
[  608.645627][ T9587] 
[  608.645631][ T9587] freed by task 57 on cpu 1 at 604.789870s (3.855760s ago):
[  608.645665][ T9587]  nsim_dev_trap_report_work+0x7fa/0xbc0
[  608.645693][ T9587]  process_scheduled_works+0xade/0x17b0
[  608.645716][ T9587]  worker_thread+0x8a0/0xda0
[  608.645739][ T9587]  kthread+0x70e/0x8a0
[  608.645766][ T9587]  ret_from_fork+0x3f9/0x770
[  608.645788][ T9587]  ret_from_fork_asm+0x1a/0x30
[  608.645806][ T9587] 
[  608.645819][ T9587] CPU: 1 UID: 0 PID: 9587 Comm: syz.1.948 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  608.645844][ T9587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  608.645858][ T9587] RIP: 0010:xfrm_state_find+0x279a/0x53e0
[  608.645890][ T9587] Code: 83 e5 0c bf 08 00 00 00 44 89 ee e8 d0 91 20 f8 4d 8d a6 70 03 00 00 4c 89 e0 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 c2 04 00 00 <45> 0f b6 24 24 41 83 e4 0c bf 08 00 00 00 44 89 e6 e8 a0 91 20 f8
[  608.645910][ T9587] RSP: 0018:ffffc9000488ef00 EFLAGS: 00010246
[  608.645930][ T9587] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffff888026259dc0
[  608.645946][ T9587] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000008
[  608.645959][ T9587] RBP: ffffc9000488f120 R08: 0000000000000000 R09: 0000000000000000
[  608.645973][ T9587] R10: 0000000000000100 R11: 000000000000000a R12: ffff88823becaf70
[  608.645988][ T9587] R13: 0000000000000000 R14: ffff88823becac00 R15: 1ffff1100cbd445a
[  608.646004][ T9587] FS:  00007fedf06746c0(0000) GS:ffff8881269bf000(0000) knlGS:0000000000000000
[  608.646024][ T9587] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  608.646039][ T9587] CR2: ffff88823becaf70 CR3: 00000000520c8000 CR4: 00000000003526f0
[  608.646058][ T9587] Call Trace:
[  608.646066][ T9587]  <TASK>
[  608.646085][ T9587]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  608.646121][ T9587]  ? xfrm_state_find+0x2bf/0x53e0
[  608.646157][ T9587]  ? __pfx_xfrm_state_find+0x10/0x10
[  608.646198][ T9587]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  608.646238][ T9587]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  608.646264][ T9587]  ? rcu_read_unlock_special+0x35b/0x470
[  608.646290][ T9587]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.646320][ T9587]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  608.646353][ T9587]  ? __rcu_read_unlock+0x84/0xe0
[  608.646384][ T9587]  ? xfrm_sk_policy_lookup+0x9d/0x750
[  608.646410][ T9587]  ? xfrm_expand_policies+0x41f/0x6a0
[  608.646436][ T9587]  xfrm_lookup_with_ifid+0x2a7/0x1a90
[  608.646460][ T9587]  ? __pfx_ip6_dst_lookup_tail+0x10/0x10
[  608.646487][ T9587]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  608.646514][ T9587]  ? bpf_lsm_sk_getsecid+0x9/0x10
[  608.646539][ T9587]  xfrm_lookup_route+0x3c/0x1c0
[  608.646562][ T9587]  rawv6_sendmsg+0xdab/0x1820
[  608.646599][ T9587]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  608.646630][ T9587]  ? rcu_is_watching+0x15/0xb0
[  608.646662][ T9587]  ? preempt_schedule_irq+0xde/0x150
[  608.646690][ T9587]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  608.646718][ T9587]  ? preempt_schedule_irq+0xde/0x150
[  608.646751][ T9587]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.646779][ T9587]  ? sock_rps_record_flow+0x19/0x410
[  608.646800][ T9587]  ? inet_sendmsg+0x2f4/0x370
[  608.646821][ T9587]  __sock_sendmsg+0x19c/0x270
[  608.646842][ T9587]  ____sys_sendmsg+0x534/0x820
[  608.646862][ T9587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  608.646885][ T9587]  ? import_iovec+0x74/0xa0
[  608.646908][ T9587]  ___sys_sendmsg+0x21f/0x2a0
[  608.646926][ T9587]  ? __pfx____sys_sendmsg+0x10/0x10
[  608.646957][ T9587]  ? __fget_files+0x2a/0x420
[  608.646980][ T9587]  ? __fget_files+0x3a6/0x420
[  608.647010][ T9587]  __sys_sendmmsg+0x22d/0x430
[  608.647031][ T9587]  ? __pfx___sys_sendmmsg+0x10/0x10
[  608.647055][ T9587]  ? preempt_schedule_irq+0xde/0x150
[  608.647091][ T9587]  __x64_sys_sendmmsg+0xa0/0xc0
[  608.647109][ T9587]  do_syscall_64+0xfa/0x3b0
[  608.647133][ T9587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.647151][ T9587]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  608.647171][ T9587]  ? clear_bhb_loop+0x60/0xb0
[  608.647191][ T9587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.647210][ T9587] RIP: 0033:0x7fedf244ebe9
[  608.647228][ T9587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.647246][ T9587] RSP: 002b:00007fedf0674038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  608.647266][ T9587] RAX: ffffffffffffffda RBX: 00007fedf2686180 RCX: 00007fedf244ebe9
[  608.647284][ T9587] RDX: 0000000000000021 RSI: 0000200000000480 RDI: 0000000000000006
[  608.647298][ T9587] RBP: 00007fedf24d1e19 R08: 0000000000000000 R09: 0000000000000000
[  608.647312][ T9587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  608.647325][ T9587] R13: 00007fedf2686218 R14: 00007fedf2686180 R15: 00007fff14a9f738
[  608.647350][ T9587]  </TASK>
[  608.647358][ T9587] ==================================================================
[  608.647385][ T9587] Kernel panic - not syncing: KFENCE: panic_on_warn set ...
[  608.647402][ T9587] CPU: 1 UID: 0 PID: 9587 Comm: syz.1.948 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  608.647428][ T9587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  608.647441][ T9587] Call Trace:
[  608.647450][ T9587]  <TASK>
[  608.647458][ T9587]  dump_stack_lvl+0x99/0x250
[  608.647491][ T9587]  ? __asan_memcpy+0x40/0x70
[  608.647515][ T9587]  ? __pfx_dump_stack_lvl+0x10/0x10
[  608.647547][ T9587]  ? __pfx__printk+0x10/0x10
[  608.647585][ T9587]  vpanic+0x281/0x750
[  608.647620][ T9587]  ? __pfx_vpanic+0x10/0x10
[  608.647666][ T9587]  panic+0xb9/0xc0
[  608.647696][ T9587]  ? __pfx_panic+0x10/0x10
[  608.647731][ T9587]  ? __pfx__printk+0x10/0x10
[  608.647764][ T9587]  check_panic_on_warn+0x89/0xb0
[  608.647789][ T9587]  kfence_report_error+0x748/0xa40
[  608.647828][ T9587]  ? __pfx_kfence_report_error+0x10/0x10
[  608.647856][ T9587]  ? xfrm_state_find+0x279a/0x53e0
[  608.647886][ T9587]  ? xfrm_resolve_and_create_bundle+0x768/0x2f80
[  608.647910][ T9587]  ? xfrm_lookup_with_ifid+0x2a7/0x1a90
[  608.647932][ T9587]  ? xfrm_lookup_route+0x3c/0x1c0
[  608.647954][ T9587]  ? rawv6_sendmsg+0xdab/0x1820
[  608.647981][ T9587]  ? __sock_sendmsg+0x19c/0x270
[  608.648005][ T9587]  ? ____sys_sendmsg+0x534/0x820
[  608.648023][ T9587]  ? ___sys_sendmsg+0x21f/0x2a0
[  608.648041][ T9587]  ? __sys_sendmmsg+0x22d/0x430
[  608.648059][ T9587]  ? __x64_sys_sendmmsg+0xa0/0xc0
[  608.648079][ T9587]  ? do_syscall_64+0xfa/0x3b0
[  608.648096][ T9587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.648171][ T9587]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  608.648203][ T9587]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  608.648234][ T9587]  ? search_bpf_extables+0x26/0x3f0
[  608.648272][ T9587]  kfence_handle_page_fault+0x358/0x4d0
[  608.648307][ T9587]  page_fault_oops+0x19f/0xa10
[  608.648342][ T9587]  ? __pfx_fixup_exception+0x10/0x10
[  608.648372][ T9587]  ? __pfx_page_fault_oops+0x10/0x10
[  608.648396][ T9587]  ? is_prefetch+0x403/0x640
[  608.648425][ T9587]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  608.648456][ T9587]  ? __pfx_is_prefetch+0x10/0x10
[  608.648487][ T9587]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.648529][ T9587]  __bad_area_nosemaphore+0x11a/0x780
[  608.648555][ T9587]  ? rcu_is_watching+0x15/0xb0
[  608.648588][ T9587]  ? trace_irq_disable+0x37/0x110
[  608.648620][ T9587]  ? __pfx___bad_area_nosemaphore+0x10/0x10
[  608.648649][ T9587]  ? spurious_kernel_fault+0x1c7/0x6b0
[  608.648673][ T9587]  ? do_kern_addr_fault+0x30/0x80
[  608.648707][ T9587]  exc_page_fault+0xc3/0xf0
[  608.648740][ T9587]  asm_exc_page_fault+0x26/0x30
[  608.648760][ T9587] RIP: 0010:xfrm_state_find+0x279a/0x53e0
[  608.648793][ T9587] Code: 83 e5 0c bf 08 00 00 00 44 89 ee e8 d0 91 20 f8 4d 8d a6 70 03 00 00 4c 89 e0 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 c2 04 00 00 <45> 0f b6 24 24 41 83 e4 0c bf 08 00 00 00 44 89 e6 e8 a0 91 20 f8
[  608.648811][ T9587] RSP: 0018:ffffc9000488ef00 EFLAGS: 00010246
[  608.648830][ T9587] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffff888026259dc0
[  608.648845][ T9587] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000008
[  608.648858][ T9587] RBP: ffffc9000488f120 R08: 0000000000000000 R09: 0000000000000000
[  608.648871][ T9587] R10: 0000000000000100 R11: 000000000000000a R12: ffff88823becaf70
[  608.648886][ T9587] R13: 0000000000000000 R14: ffff88823becac00 R15: 1ffff1100cbd445a
[  608.648943][ T9587]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  608.648973][ T9587]  ? xfrm_state_find+0x2bf/0x53e0
[  608.649014][ T9587]  ? __pfx_xfrm_state_find+0x10/0x10
[  608.649067][ T9587]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  608.649132][ T9587]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  608.649160][ T9587]  ? rcu_read_unlock_special+0x35b/0x470
[  608.649187][ T9587]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.649218][ T9587]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  608.649263][ T9587]  ? __rcu_read_unlock+0x84/0xe0
[  608.649303][ T9587]  ? xfrm_sk_policy_lookup+0x9d/0x750
[  608.649333][ T9587]  ? xfrm_expand_policies+0x41f/0x6a0
[  608.649365][ T9587]  xfrm_lookup_with_ifid+0x2a7/0x1a90
[  608.649393][ T9587]  ? __pfx_ip6_dst_lookup_tail+0x10/0x10
[  608.649424][ T9587]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  608.649457][ T9587]  ? bpf_lsm_sk_getsecid+0x9/0x10
[  608.649485][ T9587]  xfrm_lookup_route+0x3c/0x1c0
[  608.649513][ T9587]  rawv6_sendmsg+0xdab/0x1820
[  608.649561][ T9587]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  608.649596][ T9587]  ? rcu_is_watching+0x15/0xb0
[  608.649631][ T9587]  ? preempt_schedule_irq+0xde/0x150
[  608.649660][ T9587]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  608.649689][ T9587]  ? preempt_schedule_irq+0xde/0x150
[  608.649727][ T9587]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.649764][ T9587]  ? sock_rps_record_flow+0x19/0x410
[  608.649793][ T9587]  ? inet_sendmsg+0x2f4/0x370
[  608.649822][ T9587]  __sock_sendmsg+0x19c/0x270
[  608.649853][ T9587]  ____sys_sendmsg+0x534/0x820
[  608.649880][ T9587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  608.649912][ T9587]  ? import_iovec+0x74/0xa0
[  608.649943][ T9587]  ___sys_sendmsg+0x21f/0x2a0
[  608.649966][ T9587]  ? __pfx____sys_sendmsg+0x10/0x10
[  608.650028][ T9587]  ? __fget_files+0x2a/0x420
[  608.650058][ T9587]  ? __fget_files+0x3a6/0x420
[  608.650099][ T9587]  __sys_sendmmsg+0x22d/0x430
[  608.650133][ T9587]  ? __pfx___sys_sendmmsg+0x10/0x10
[  608.650166][ T9587]  ? preempt_schedule_irq+0xde/0x150
[  608.650229][ T9587]  __x64_sys_sendmmsg+0xa0/0xc0
[  608.650253][ T9587]  do_syscall_64+0xfa/0x3b0
[  608.650274][ T9587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.650294][ T9587]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  608.650315][ T9587]  ? clear_bhb_loop+0x60/0xb0
[  608.650342][ T9587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.650365][ T9587] RIP: 0033:0x7fedf244ebe9
[  608.650381][ T9587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.650397][ T9587] RSP: 002b:00007fedf0674038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  608.650418][ T9587] RAX: ffffffffffffffda RBX: 00007fedf2686180 RCX: 00007fedf244ebe9
[  608.650434][ T9587] RDX: 0000000000000021 RSI: 0000200000000480 RDI: 0000000000000006
[  608.650449][ T9587] RBP: 00007fedf24d1e19 R08: 0000000000000000 R09: 0000000000000000
[  608.650463][ T9587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  608.650476][ T9587] R13: 00007fedf2686218 R14: 00007fedf2686180 R15: 00007fff14a9f738
[  608.650512][ T9587]  </TASK>
[  608.650831][ T9587] Kernel Offset: disabled