last executing test programs:

12m13.617513465s ago: executing program 2 (id=36):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

12m13.370737488s ago: executing program 2 (id=38):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x1000, 0xbe39, 0x80, 0x1032c, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x1, 0x3}, 0x50)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$int_in(r4, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, 0x0, 0x0, 0xfec00000})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000340))
r6 = dup(r5)
ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000000)={0x1, r6})

12m11.111465567s ago: executing program 2 (id=42):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8000, @multicast2}}, 0x24)
sendmmsg(r3, &(0x7f0000007840)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="100000001001000001"], 0x10, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0c00000011000000060000000c72f2c731396561ff7f00", @ANYRES16=r1, @ANYRES32=r2, @ANYRES8=r0, @ANYRESHEX=r2, @ANYRES64=r2], 0x18}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000073c0)}}], 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
gettid()
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket(0x2, 0x2, 0x1)
r6 = syz_io_uring_setup(0x7331, &(0x7f0000000480)={0x0, 0xaeb7, 0x40, 0x3, 0x2d9}, &(0x7f00000001c0), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r6, 0x1e, &(0x7f0000000500)={r5}, 0x1)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback, 0x1}, 0x1c)
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

12m8.404936719s ago: executing program 2 (id=48):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

12m3.000791388s ago: executing program 2 (id=52):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000042c0)={{0x14, 0x10, 0x1, 0x0, 0x3000000, {0x7}}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x48}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000001a00)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x50)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, 0x0, 0x90)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11m59.24143261s ago: executing program 2 (id=60):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000440)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x8, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x9)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

11m45.148451565s ago: executing program 0 (id=75):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(serpent)\x00'}, 0x58)
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x10001, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}, 0x1c)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000000)={0x3, [0x3, 0x5, 0xdd91]}, &(0x7f0000000240)=0xa)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)

11m43.596715044s ago: executing program 32 (id=60):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000440)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x8, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x9)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

11m43.104388777s ago: executing program 0 (id=81):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448d3, 0x0)

11m42.453823076s ago: executing program 0 (id=83):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0)

11m42.209301302s ago: executing program 0 (id=85):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x4)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
pipe2(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
read$char_usb(r0, 0x0, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r2, 0x0, 0x0)

11m40.383302165s ago: executing program 0 (id=87):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')

11m38.732751011s ago: executing program 0 (id=91):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))

11m23.514467015s ago: executing program 33 (id=91):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))

10m41.852037455s ago: executing program 4 (id=172):
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r3, 0x0, 0x0, 0x4000000)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x32}, 0x28)

10m33.67959623s ago: executing program 4 (id=179):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x0, @default, @bpq0, 0x6, 'syz0\x00', @default, 0x0, 0x7, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002dc0)={0x11, 0x3, &(0x7f0000002cc0)=ANY=[@ANYRESHEX], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

10m30.402332581s ago: executing program 4 (id=182):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902240001000000000904000015"], 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="000129bd7000fbdb760567d956e2df253a"], 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x24040000)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

10m25.088421418s ago: executing program 4 (id=189):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_io_uring_setup(0xbc4, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x28c}, 0x0, &(0x7f0000000280))
r3 = io_uring_setup(0x3210, &(0x7f0000000480)={0x0, 0x14c7, 0x80, 0x23, 0x86})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = dup(r4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000380)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000080)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
shutdown(r4, 0x1)
close_range(r3, 0xffffffffffffffff, 0x0)

10m20.266001583s ago: executing program 4 (id=192):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8000, @multicast2}}, 0x24)
sendmmsg(r3, &(0x7f0000007840)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="100000001001000001"], 0x10, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0c00000011000000060000000c72f2c7313965", @ANYRES16=<r4=>r1, @ANYRES32=r2, @ANYRES8=r0, @ANYRESHEX=r2, @ANYRES64=r2], 0x18}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000073c0)}}], 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r6 = gettid()
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = socket(0x2, 0x2, 0x1)
r8 = syz_io_uring_setup(0x7331, &(0x7f0000000480)={0x0, 0xaeb7, 0x40, 0x3, 0x2d9}, &(0x7f00000001c0), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r8, 0x1e, &(0x7f0000000500)={r7}, 0x1)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback, 0x1}, 0x1c)
connect$unix(r9, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000080), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)=ANY=[@ANYRES16=r4, @ANYBLOB="00000000000000001879d503eb004a28e495d6e91be6fb1d9a20ff730e5fe4621b873d6f51af", @ANYBLOB="1f15c2663936d0145be26d7ea8653335edd2c09ae5d13b36b3b2bc2aa842eff83a79fdd5ee1df58091818dbb6626a40810775e9d28a17419d6bd9352db10ad75b1f266d7981e716ed50c327f3f47b39900b4cbf7c9c986326f64e1ae288183b5f805cb2d8ad8c4a5500ecccf633d269f00c8cdfe3e0f667b511e50e4298f7884adc92b88f6a77285de48a88e0a92f57d1868982854595982fa60f18770cf39291bcf95ef86b88afee986d75ae1aebb530030166ea2a20e1133989ff904bd411675d89d9827261ed3044e5d1f0b114a6a434a92dd433ac0e84d55ff09fe13469fbfe12bb093f01635f55d4943abe6e949539a7dc64167b725e4c1b4cd8fcb52b989174ffb58e85ab2af3d46538d616af5adc3f936c5b86b2a0afec1039716c381200e26603dd9844570ab737cfc65bb147eab3863834ee8f971f1d23fde1d8586681f97b9fc715b9b81211ba0a3638565a6e389c01608080909f0b3a7ca675f52922e19cf40b1ef127bc79b0ea80671e74c326fe22e0115d3f3dff88f7ed2c313648d28c6fc8e218b528b56b1af9d2b4a898abf8f5638aedc49b9ccab69fc1d179f22d0b58093e67cddf2af12c8bc3016217ec8de0c2a191bdee789111014395b73a35000de9a4d44e974067e22773d569be4e0731f9347536dcb7a6ac924958cd9b299c67b09b9e0fb8673c596b53ff6b9714d5a86b833176b9b4c57b907a807e2505c73977a16a6f30fb3f821ed46256832c57df3b42e7cbbcf3de0fc09d6eb78d0e1d0afd002940fa0d4aa1e7e11e01b410d9a6f9dbee760f81329772033b1045649907c80d89e86adbd860a5ce55b9ca9a5fbef774be0b084746640a8ada57a684ac3f6e61d64eb766f5c0dfd9c4c2553c8fea17be7a2c438f2445198feab6149085e002482a655809b5fb523dad38bc22a506871a7f749e6dd32c25d12dd3cef6257aec8a684e87c380cf21d961dcc6a19997f07c655e0bfa1d7944b71281becac52b6d1cf6929abb6ed4f36b33a2340a18f1044159e623a592f0d9bfbea1fc66dd71a9118259b155984fdbea2aef572daed20d58cb441ed0ee395cfde5ac54e60d41210b71c9d42f52e05755aa937f8bfff15a68c493e9208b7b66203bcfd06cbeca3128832cb19ee48f246731a350aad250a70b950e90fa9d2bd641dd1c247f1a18a85d2b444a93bbe10616a864b811c8bf733a6bc603a7b4d515c156e73eba4fee34a2afa1df7d802c8ab9d5b68749f0f7c61112862ad790772d07ebd5a4cb305d826c0584e38b5eea90cac7c5799ad8bade81df39827c0797d3baa42f2227c27c2c40c29196586819547c2b9c0c6b07860b7d1af749c240273526f294be6395a4b6e19411d7cce4ade0533bd5b8bcfda54cca4c248223a35bf124a18c74c079e1d31d06729b9eb08cd39e58574de56c40fc96d62df67c0c2811ad641d1c6285b8107516aa6f0ffd69fc5e600d98d2d6dfe2c2b9603275406423fd0ce4c88f99e9962eb75be45102b2ff3b89fa0de79ea80eb65f5fd4583b86d88d34dcdced1282fc451b4d75cd43f88fd5bd74210a2785abd9d3e4f9101f5c6b8684cd7a8f4b4050dd999cc13339c3a98817da0396997b311c7e6c95ad8d40c9f96162b4a444fe07ef620c83757978584b19afe68e623a2960d215062622c0fddbdb0d2a029290b8587a4a155adcbd5629746eb981d6c9f0da4bcad8dcbc72942ec3c220b89a65f7d1bbd25e4f83100109e957c14e5dad53311de7a10c11fe2dcb1940763e9cffed673f943e382f05999e6d5dbf29d6f0fc529194d07ebae66e0172274d736058cb64d56de1774b3df1738a3acea60a763475c322a48c8932111ee01ec85e0e43ecd955541ba14a33cf67af40eee1709e2ae014eb017741ec62bddd8660eb5947c9911000b57ca81760f36c9bfa7bcf2fdbb7992a1e53f690f66582026a3e4b58812d93a8145c0066a20619f4597a70a5a9157182cd4cae9ff3e547f836b260ca93b4493ffb8a3ca1a7fb9cc21d8704fbf99cfdf2f710915fca25673e2f00a71a9754a51cb8c20738d79640932ef2c215cb142e7df1ca2ff27ead10b318f9700b7ca07c2b4858f9472c79d55b1c11a050870a67d6a9fec6b017fcdf9e1301abd00968b5f172ffe6b2c8f58092eb4ef96b71cca0c20045cff2b03dbd9f8571a5f331bee427ed38980f52899d8e8254f96bc5e65c2f2021ae7054f418489e645ab167c897aaef892a69955ce498cbc6035b0e38fdd777bf0d3b6860e4240168c343bb3152a079c204158acb052b7bcd2c55deafbf068cc194b9c4d51078fe7033df94e262082a0bbdf2ff56731ae5311e2e1b4a8dd62d54b02463befae273e35406d4607155d3cfffaddb8ddf55dfc56a6f80e3042d882711052edcd869af2019f13104ea63c04b19112577a98848468642e46b49ae3cc81e72bf5c63cb126a3312f364b0efa12b9dd97a96871459a274a127eb0d11d8c599b3309dec99ff510fb84ff916eb4c23671efb21acb61c853bc540db8dcc17a5b0e48e9402baa58ddfa1c3fc06b61cecf3162c349c77215c3b96dd8d89bd04a9bb2c3e265bbe372ccae14d81b8ba6ea331bf7a4e4bd986ec01adf275b048a6f1874834ae9d6ad768b5f0b24ddd3c1f96b496c9c5ce935de869cf964cd6331f34a86226fcf2529eec25f7baa40da08dd7ff963d4f0fdf2ef8f6685568150684b34ddf01df753b78e3750b07709e998767887f8c02ffd9d3f4817ef6e94b72cd25bc625bb9143031290d23f090f3c99a204e82089b78c2e56e5fe5b8da2ef8b7c6ec1f86b78a03c683af177088135dfa3d3ec078d950bd35930fec3864e77e2c5fcb91beb28ecdd6ba7d0855612af8ac057741becd5ffa10f44d09453dec0e0bed733144526fcbc6c39fc329f5f8368e2ede988adf2721bd67a3aac5e269f8804cdf61c33cf7b5709167b84749b8c215fdf0d7a6137167dfd78d41eba56862b9256359ac59dc6eeb22cc1b16a87733389db4404db53188a9c0d437bd530fed71df9974c487554404f3ebab7e8a64c37bb743fafbb47b74a79847ebde16c32dc22c48549a45879e4379ba5e30fd12f49faf1cd32bf67830f18c3e8334054816588492f0e070370142a7383cb05989c534d14b372d50d4900d5d7eebc3bf97808b3eea035729046743294de4d81ad2590475b9db75f9d26f34e4b1ba61fe6e30a2ba61927f63cbd4a089a9d44ca9cabb4e2bfd971f9e085e933129fdfb698ea32fbd1a962e97370f2a2ae58e0e2fa1bc59250ea8a8edeaa8125d16742e6394350eac919df4ee9a498bf08a970f76d20b241e1659f85a414167e5329fa3445b8197bfb1217582ad60c8ef8fcd4af290b48610445e8b491fe8e416f80cf6a4749ee8f98232e4407fd70689629823c4191cca64f5b5b960fe86a0409ab928f847796d26e372115772b2a16279957d96c131d103dbc292e62f1e8a5527acd3f135b9f616f74181c9514f99b77cf0c1113157ad1d2b6cb6af0384f9ac66de79868ca8f9dd4362342fa3737c2355398fd15015588ac51752670833603991a35ced11671c5254bbbaeb355b52b9efb92af097e5983b29fda57f4d9fc9220890cd982c97d0fa8e595033de3987a0652a9eef2318d36e3f2321976a2c7d7a10ae583d2859733544955032e1b13bb164870c41c19e723d7d1a6745abcfdc9becb30bf6e4fe5affbfd50c8718280bd4ed9800ce3d07870ef17ffed58cbe5505e8d50b27009c91f95188b0eb14d6bc73ea2202feeb02cdb7920d021b623d4eaa34388a8dbc9969a9d6c8e2b1166f1817f8d1f2e1ca5d675e0e898582bf429a2eb4653ad5f97a67346d881c6f450a4146604e555b247e57aa673506c3520b006dff3a53c0fea3373691ffe41bf31888d557e568ee49f8503dd83f16bf945b1bb41f234052ff2241a0df6f5ce9f54bbd2a97c2906fe1a106292580b2332c36d7813d23be7306f07a3b3c1a6ddc809047015eb8ea575d61691c31bbba34c3db97068c38da267fae47bd61964c360ead45cb6ee8b93a963cdf3d10ba9f22922695ed6bc6756a727448e3dffc8e331a4c497670296cc6a2331a5896df6314d5ab6925d2e8f18f615cb4a1a5200735d4a6e94a93f704ace359c1a0920a76ab932723c2f80895a733e9bf6f4586fbac54fe2dc94133bf5c98e0b78ff3df1323f28e545aa79c265e63521d288f741c32f3882229fbff67db8a7f9aab82e8d13c582911395366e2d9ea1d67d9ed4b75869a5894730612fe6cedc9182cec5b50e2929369138e70dda057b71f33bff986997245bd85498cba0184c0262d7372457bf88f90d4d77bc3c619e7c80d7ab75a0372b5ee54820e34efdab41d9597f2c971617a3cadefd84f7700574eac7e75db6da8300efc300c0a2a4bd8291cc4b3fd44797ee6d76ebbd5da91a28f33f8cba5d47de4d0859696c71d400abf72d1857bdbd2e36e52173dc1996e832da8a1e703315e5d4bce4061d824a844caf3c4c6b761525210f9f8fc343d06569f0645f23d586cced89849f44a5735a6272c79bccc977c319a0a7c4d3aa45af3d0675500562b5c0e5341e2a86a6355fa510e987e5998f1589e1b0f071678682c68fc3443d3e60304acfb6b5665cddcb7c4f9e6ff56e7b3e902c8bb80a0bb064762eef5df0c7751baab61f57152a80dcf151dcd458c45dc0c7461fa8462b38bebf483a58fd18a8639d601232cc6f83471822f32817aac1e8323dd8ed5cf339301faaf858c0ebc89ea5f948348b6997f509526eb95257fb8b3f42e2f705ef94c9d79087c219df28026998ea9ff1bb78ba7dbb4b4aafec20b55760da94509de0dba45eb8d4f51fc6c19f4cd1b01852efad7af6f546c1bc71cf553d7f72a9847c2fff23c9a110cb61e981d8fe2b236da79d593afc0e524cf7ef2bc446ecf5ecccb7e8a071907ffe6e3c5b80a33e913dcd7754c7736c8253bd6b524362ae437cbb01a9c063e9fb42e4fda93221203a409d239dd0af6aaff671d36c79503f0fd99b78c171a80d29bbbe5d1a2440c6add499bbdc766ce09030ef5a615430e1bdfc60a1ae7a491e9787fce0e266051525fed232697877c76cc39b3a77329780606b105ac5b7f7ab81814f4a2f629f07d42bcfcab3ee6fae67ea15ff30dde0560e91e509e944510722e97b566494daad981e3c972baec7ab1ad9672210b60fa7db5359f53a5567c0ebe7187f9a9f81bee34e4821b5fedde56b0c376a8c7d4955a88857639842dd53fc9c3f71be193e40144d41ffc1cc6f087558634f57f7c3bb89cc87d09098c7b66b992b44f8842db25ecaed77af16b8c84e3c2da5217cf47f5728260051dfe5e4a09739922737497f308e0108b1e60dce601068060d49c1e4640ba506140130d23f35c35f5cf11895e58334fdeb890d74d7a07ed7fec2e91370f283d7c252c7724345f0d58e7f7fb688f35b05b298022eb7269c85c29256777dac8199c12cbdb406ccf4e50a2de8fddd3d378daa6326ed1afcbfe077ba1aaa12848f46f9a24b6076dd06bfb54f35f6818e6dd75ac618a9cb80aa429c843c21d8d0dcfbe06507c5c4c23c048222e9dc165f9b72182e7d7e6aadcf4abd728dddb11c7e67ccad569dd034aadc63d5b2d5bf3f7e60b506fb30aaf7287eb3a0104430a9161990498e89e79e5acce74296b5770187058cdce277a38c4f82a5d3197e4f3ea691d668ebaee814fdccf1f22d0cd246d5a0f64725a7a012668f", @ANYRESDEC=r1], 0x50)
ioprio_set$pid(0x3, r6, 0x4003)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB="90000000", @ANYRES16=0x0, @ANYBLOB="000425bd7000fedbdf25060000000800040000800000240001800800060010000000060001000000000008000300ffffffff050002000700000008000400080000003000068014000400fe80000000000000000000000000002208000700", @ANYRES32=0x0, @ANYBLOB="0500020051000000080007", @ANYRES32=0x0, @ANYBLOB="0800020002000000050005007f0000000800040005000000"], 0x90}, 0x1, 0x0, 0x0, 0x40000}, 0x2010)
write$UHID_INPUT(r10, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e804003e005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

10m17.744493823s ago: executing program 4 (id=194):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r1 = getpid()
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a00", @ANYRES32, @ANYBLOB="06003800d8510000040049800400e0801a165c80f928efeadc95a00c88d81d8d36eb021f05e357ce0cc80496d946a14b733a0b75dc0e0fe7ec451e3304efabb148cf7740d92633549fc799efeffbb500bf6a3db52cb6551af05b9d13a338392b5a8a8a21422903ac79280ba0651419590f6126813018282ea112a8c697e421a55ef2aac7340a5736e3d51504d8c7f023ee72b55ab9a1a1195cf9edf01e30447d1e000ce0ec914a9a6ae232498e74bcd19c01b7086e3fec56b754ab12185fda15b9525dec81f973a9c4bc9e3346f077651b64733a62e0536a41b5d896c07d71bb8b256ff30493694ca27c654b9cdfd0721dcef4726d97a2974dc7d8e373b0a60174bb0800ee00", @ANYRES32=0x0, @ANYBLOB="0c0043001700000000000000fd11358084a64c4852ce59bc40427a1582ec7e9547999b7be18d57542e2971a2513a2b81d76f6ad9a7ceda50a48bcd2786f06ffd040009808cb297f99a3664c1952c24e42f729fc43262610d3652cef336adc19ee56c82ca3e707eb78d0148b668305d97f7ec33db8e3e9dc65e7c274e7bc24ed3a1184621df12504c07b14a737fcc8ef9009b890c6caeba9729fbfeca6b12211869a2716ea36f7399a7bd7c0f2377c94cfe62f2bcbff380ee256a7c3ec69110da7f9a6d89254f4ec5b539cbc7303ccdc6a8619996b6263165fa024adff951d4d8d2d6587b80d1c30440b0817f52c341360dc5df31f0b5639a5b96e26938d5bc55ea7bef35a4cf126c9183ac38fb34b319abe5f06082c1e8ce526cdb3066d523d12deb8697d8299c1f5edf46514913c4648f2fd1816a58beffaab5040d72e67ac75075da4c92fb2c60d17ee03c6cc004ceb9ef5abe60fe300faa63e19f5eefa54eaed41a4fa62c6a56be9ee7f691162545a8fd930f45517df0436b69efc7d5ac19e930a92ef86472205f87a61dd95dc35a6f258c8c7958a8175e8cd8dbf01f82cca2359aef93e3eb117014c231d67bc6da5248aeac9543ff47663c01581b945dd8507adb1689ac8244b010e66087ffd4c0b930f8ffc7408402d8ce7db0cfd9830cdd85aab9711919563d56d245801c371f040af5b8169de3c6fea317612f4c2317cc526e8ea8c8c1e953c791b20a1aaf4c62f6c906efa621b14e7d3e285aa55b7ef96e4feb652df2cf36e76132f396cedb9db9cf15eeaea7b13e1027ea5d1f5490e6688884e1f1df2a9853024e581c9ae87c12991f4f89aabc4020df65ac4683de032022e2d805273b2d6a62e841a74be316f2152002b87680d37f6b7faf2b24be1ebc0d7a95fc330a592d044fd05ed37465086402a1335ce622bc8526afbc6aad8bb1bc0b63bf46ff0496a8861f0ee2c990adaf568144fb15eb4492e049f762fe735ddf5d283433a9d2fb9faff70364046ed11752282c816611250cc1e14272470c12fbd96a06bd3b873da306810ed786bcdb8983bcc7acf941b819c4f59b132e6c81639b46b8ba630ae11e4751458aeaa9dc2cee291652e638a28d47ecd5e2df8830bc7267883dd7d77fe2392aa484b6dec167a1bf3e00c927b26832f5f8d67f5d1c0c935624bc6c917001dd4df77aea734fa05d4037db5b19cef7d161c5ad1e95b40dcdd369358fada0a2a04d7a99f0b93386f706aa3213c1c4428b8461062b29683b29e56748a65154e9c33eafd6dac22c2ef4f55c4ca8e4a6c0007b31305254a27425066fec4b41e11c8357bf67ce8e2a0facb1b26e1b19543cd5f075cc81b0873ec57bc7edf9a9fb8ae35d3a3ace676225b40a421e645301f304221763ecab8baa7515839ca7f29e9e646af9a1ff1fe8031b5b36a8f2d6d70ae3f514f1c2972df04bb4924373d39301c8708bdf1376d3be64f3614c183c5b5cf95edaf20d2e59ec124eb11526a7f2d28546b31566e161ff39233762c0e4b505f246454f3e27f8dbbedf1610464944ea873600ed8e95fa00d291fa3b1d9cb257ca29710f473ce1de492602202f23ab8102ec101110145fbafc73f41a830decc8fc46a9f8925e091fec25f87a69fa23f63621533da3e4f97d2ad78c1886b6783e46e2923fbc424bb010e5d586e5fce6f5191c161aac64eec1c3afb12b2c6b2047c9c9db9d6beeb10de8b1d8ed9b857c3c7e7c3b59e374c6a7407ef247c178147b3a0f82f8588b74ddbab03d4c78915750c463f68bc8f40f8e4ba87169bf6377c54d21d5a62cb0dcf466daa235ad887f5d2af2d8dd827047847190afa82fb866744bbfd38952705530e699270b1f13dc0b53fdc2de61de45ab153fd017274bb3b4b4c8b9fa2279dc3a6940e072e9fe87bc86011dcc0c1ab07b97868b0f51ff6208df234a2f5a10f896478a4c5d46ffbafaa810b45bb82368d0085f78e959d1b0f26dd7cff09a40d0d12285b1ccf203ef25f3a1cb5fd753c6aadf2a26c1a21b6355ec2ef8d29ac0f08cd44e94f9a9f6b8558c3e5d7db20ce3a8f147c0309fb3f4b856dec934af6072bc942de440d8cd0ec1944362cb579f75a91393e3ebaf5fc807c0df8367834bb0f08ca7c698991662d8b9e9e55dba84b968d316fce6311e5257ccf69348e06a693595bb94bdaba080fb1c0c88a33557c088a51948bd4f01c5544e9fbf5a8e09ae0dff397ea8522a4349d185f9a2f0b595093b29b88b5e2007e12e6b60ae8aed88bbc198dc7709c5e9181ead6ab91a0b7df795a0e9d349c1096bb29bf2e0643a0afc2f2ac9ffe3e5002a796b025da52dce5d89a8d76499a25bb4588202c18a12107b1fb9759f904ca3363921ed36d1fb3f0af559e771b0a708e26b39f00a87cf2e8489f53a6c0ae606ea8ced1b876895c1c21ece89b1955c4d827ffd4da4b994eb2dcff368ef534b34f6a566efd9480f1b6e308947684dc4960a083d3cf52960be62cf0c0d4ce6d256ff28141c274b7dc8dac819c04d4f1155a8bb4c29a2a00535ca4ea89ce1e218146b73e2103fadcf2c2de446e6c128cbe749c5f7aaf392e764a9397e06e443cb3e44d08af9a2ce55b0ef8cf1803f2167a67d59547d522d65934fba7875301db570cc4424f629a39a7bd36333029bdb818a3739f454966af6ffe4d237d6965cc81f335d8a787450abbe7c8ddfd2f8b749594cea4df455cdfb5eb5f7b0b4f67875adafb11b61639fd0be25bbf0d19cea430058fff31b0fb0ae36a84ad6ccd17038638fe38905fc24384bc60a15058c6b6defe60ed71c7697612b084d6a2cd0b15056f593335906c82265f38c47dcc1c1043da1ce74578a1919e03df4e155396b3dea89acd39d1449f00a9e8cf5ceb0684928432d21e6b7e83c099d285c126a430767e1e718c9dcaf83ae26120ed83c95d7d16a493d16c0a01f8bc05ac987bf8e378d7c8d28c201930890773c1d6ab6440cd3ff2454f17ced7e463d9753891a56833f5f673eb138d7e7ce6666b65ea74f6f0d3cc2d86dd7940ccf108ef7f0ad3c5c7da744c1988aee2a7fa5fd1bf52698221c6ed21de5077effb9bdb50b882523fa932bd1e3efe50b630599dfaf3b13167f57db1a12caeb51278b7fbd9768da62d45b1f056aac361b2da6cc4933a9159379a4152ad66a69362e347af0d414e8716c9869511034c2a366bfb5b125cfc5720c05af7895f4e318d89e85ad02e76c0d643b77c3bbab28865823d696dc5306e1731f56c29ddd25e378749493c762d9966e34b53049a84f4da9ff286bb20ea8c6918ae6df35bd82719ab07d197afe2c87cace76d139175fcfbb8ebc49a131d484244295baca1dec61526a5f844a6950899a0bfc13417b3df9b6580e5657a0d92bab2cfaab91e1513e0cb11c0f029841bf63da801ed3171aa7c039b45675b9197924a5429feeb52a7152d4b82304ff39f2d666edf8ccbfb35d2eee45af364ba98cc978ec7f4f361c4a9fb2bf1155e059c9874c9b00113b6d85ccfbeeb3bf33435ced0c94135a00162d1a1279041fca05ddb2ac02a0a34bbb15f5aac25ac3cdcc32cbb882b6456602bd011cb665661b483b20bcb6cadaf993b3d6fe59757e9fd2b00ebc3b6adfca5bd7bc016eac63adc33f450303dfc89a025d2e3e7fa99854cd468654428c4dbf40b078b24c939882bff81d871d19383b86a5d78e3dc5f53bbf31c56c9ceb28c43179b0f9829d9fdb9c126eaeee6858de67dc6cf0f75552fad19ab1dd381dfaf963790353816b68c1e4e0938d1312746e90d5ed32c32be83f2e1890ce24bd3594b8393280937ddd35475106a0336a61ef483202ca11d58dbb4345c5d68b41e949ad32a36b86983950a12dcb29e02b31880d041805197670fc30c8d6c30f736de8cf7955dd8ae6a46d6fa0d9955056abe5ef41acc00f94f9466327fa207f1f85aac9baceb25fcde2e8f1c6c5f68a66a62a7165c29afb66a17932c892fcd6c894c54abb3f56bbf1dd5901a60b2dc2a51615e6897e894aa15678403ce35a2dd94a31d03092a92e54be81c53adfefa653c00f63a76f2d6471625df5ccfdccffb30e1c545e435c3b3fad6249246d3c2f5796514a899d87905ef0a5bd1032c4718b467dc2df510183beb72b9140cf670e82c649460d782cbf33791088756a796c48d0f7df2b856a4b3e2914c7f8e707a05ed5956473c8eeca35aeb2b96c939b5bfd874e519b9d624e5b3fde44de50c1e9ccbd2642638ab2c1de38127c4c59c5d5710d82c619b634151b0fb1bb94a357e2e38b888f8fb30934009fbee693451b343f0cd656411565e4149433383a8ee7194bdf3907f8a9136296188c74bb3fb276da9cc275101882ac5046fa42b9142efce704014b17b72d0a7b2421b5efb3a0411da62d42019bf78d6a6c5c56f3e8e5fbd0240547c6db5404f1218ab391f361a5ecb9c2cd64c32693ca8dab991688b496daada1d02b5d9cd1b9df7f1258e1a9a70e22f229078b0b33f30cb3e4021335a4392548dbf11dd0ab1c138571179412f35b4106f9bfc0c5bf57b63909a5fd8892a584569cb7b9c330417ae9468d6583f2c923060e156d4a8c69114ac5281b8104b3dcee2abe8b94b7a0551079f6bc89dfe3c521a046b70b1d2a9f1df20fda6dd84adf9e57b34b795ffd5b3dca4c62c815177744c2c21046861135e70fed347985962f5409580c263a72cfd878fe10192902948c6bab642fab9be6b9b93fe41fdea762a9c78d1631f81c4d76c3187d23a26ad0d37ba1f44114afe994c18f8404f7ed02956eeec1ab8c87b0cf8450146705817beec015783b22e6d9125179887dc74b162b2890ffbf8c3443bf732c125f7d2ba0f75d0f81198eaf12e1251e85a34ebd23087ba790d6ad8a6c4cf0c85d410fef6bf6796e9a4c25699dd8bf51063b65b46aa5ad69ed243722b5ac050672fd3ba0c2d8b5e013f403dda3c30db4ca94da891a6d90ac9cfda97c0fce5bf7ed8c0d4b309ece7bbf0f536fcce750495dca0ba52c0c2e1972763f973a28925d8846b6a941bfc9dd1e96b889112336b1530327eaaddcb78ab1db7c35c4ef54a2888f770de481f0a6ba5b827a5013b6c9c0f9e6e629d7f0f65d260ee4ad62061305ba91ec2a29c27dc22b4d07cd090a66705f062ef25f632eaa2842b36dcf2807abb94403c458d78453a5bf20bae90912372db3e4ba83e66928dad13a734ecd912cff58640e8c3b4012ab0fd32f8679875b0f46812deb0f143d8c94b2d0c8d0d9bfc7c1f5eb6609179e1e4119e6c240d8ad581233f4b2bc55c39f3e46f4516ab2b2ac271f773809718f80efc4cd4fc28ebb09d7e8429203127de4aee25cb61bef5d71a3fd7b43741bb8d0f0b530f4d06e2c92c632930c8fec4c6a2b66f43efee55b50254dac26cbefde31cef6d044ce90e61bec3affde7682a14fd8327358b09b3445cc4af0bcf125d43d458d8089176f238d4253fc0e3f7b3b72fbd88bca0973539fdcab07ca1da7027a50ae01a071e080dd04718a82dc0ef72228a84598556d2f85777e72b4227475313a779b7cbc5c80314f7358cdb1e4ab8e178ef933e7192c60304770262e4b99d476b8f42c8eb2b10ba6ba0dd51a52710ac75d49f29ff6abfd791755a88c0456513b7e47915855ddb6b5c38b5955cac22aa6f2e96a135540b2da8d22b4c83590e585185946caf2307af83e4a9fc809301cb53284407cd5ed383477e0a0a1852b0b94c1c382d5a192ac2fc705f7eb05f2655a5c0220bc2eb03b8132290d7a2a3871d4c93fb48f0521c10590f35a90b813155483a2d64a408d21bcae12b5bf8977a42c7cf6810d7b300fcfe7b780688d227dba545cdb8104fc31d873f2ca8afe8a8ee1c8bfdc13663d5f4509b836e3901e41128bd694fef92737864630545ffba4afac3acc7b49a870566f245a2a3ed34ff266ff66ef1f45ecf83f33f548746c3f2d0868a2b0fda71312475a1e601c8b71a7b9231afa40936c42f7d1e3d053dc7dbf12956654590f55b12c6c77b9d7372d9805a84d6f99040e21b9791c62dda870814a60dbf27c4a82f3979410091ef1106220f96627d8f7f189de07ca85e0dab440efe5b8fdc8d7e434ba6162f0b5df11c0bd6489945c946953a21a2d0f0e8924337f401f42f96a87c26f76e4e6623eca76b8c81aa96741b248e07cc8fccb203903da21d364640549640aff4016c83c6e2586893212706aedd30c4b2b2c9c205d1332ea492d4aad97c2646c8082b6d769b5f5d606bec26fb762adf1308325c1c2ec38e2cfa424e41513718625a7d7004a7de11f937d177eee3da060e04b4f1311957fe7897e5f43d32f4c3b4234c3afdf3b069432ac235046efbe4e243c071f06c155bbc48cdac07171b38253c0de4afea667572ebbc28894cd2f9e21992d4d696710a0250acc1a355d951146cd46883787104494c20ca9abb33b07bb3e54b8c5861a1425f4d989029844ecdde4d851e57c9d39d757f473d55e4b0f0aeff40b304d3e04f6e2e9394b1e172d7482dad0b3ca2568aa3297391d614f912a08003300f50000000400238000000008004f00", @ANYRES32, @ANYBLOB="0b055bfae918f58d7afbadef493d7e358a95c4e330bcf2a04bc03c39d71670dab91ae5b106d1c2843ce4304ea577f9d8a1a0f848d602b9800600d00023000000f9768407cc2561184d2c4fc38602f7f8b7e4d6b3bb83f9abe034d3786433df04f18ac95f6d7d3fd067778f4450b81274918a59ba3a86b640f0b2f491691fbbf30d5968d8cac55f7faa350f658846cbf96a27bd30c15510f812038d31664a2401cbc2c9e12721a435f68c7490e6f85b04973390512b4a52fe2b005b277d1a2cb4f6609b499d2b554549f538e79bb251b0fb6cba3c2bd4ee5c2a261e87f8df3edb54c1acb4056770de689c1d57b90400e280e2bc598ed974dc397766010698def2d7772b1038bb9c17e0763cb138433f1e202f1611d0039a04209f742c012cea110be51c9b094f857d693685c3b632090db81a1ed81922c1bca49c033497098432b5cac25c7d29faaac98f1299fb1dd174a79b15697edc8badb40500dbca74b1ebf60400c1808723e75eb0d3bf1d6a19c1bcd4235f17e1b00f7a41329670f7d087b53a6ec1ea26f9b87f7bbde89b7abffc784f40bf50bafb1754a0ec5cf72e9089b5d61b9740aa1c56f016dd00d7da62d26242bfc367d029cd67bcb19fef0163b26f5a6fea1270de2665889035884d5137da65ac46509dfb7cd208e92dcf60f2faf30a5e53c8a2e83b6ee7ab4bfc225320e76ea3c10f3d8d440cebb9868fcf5dc7f513157d7b8a9322b23b544ca2131d65720f9a9279715eadf1fc70e535f868a25b760d349e142202b7ad4b65b80befeef4f8c1386507a2321365931e6facedda8269229e48", @ANYRES32, @ANYRES32, @ANYBLOB="08001b"], 0x18c0}}, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x200003, 0x0)
read(r3, &(0x7f0000000080)=""/1, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000300)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x24bc]}, 0x8)
write$cgroup_pid(r3, &(0x7f0000000480)=r1, 0x12)
close(r3)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x1f49f7a5610fd212, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r5, 0x4068aea3, &(0x7f0000000280)={0xdb, 0x0, 0x1})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000740)=0xe)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000340)=0xff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xcd39, r7}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)

10m1.913394515s ago: executing program 34 (id=194):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r1 = getpid()
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a00", @ANYRES32, @ANYBLOB="06003800d8510000040049800400e0801a165c80f928efeadc95a00c88d81d8d36eb021f05e357ce0cc80496d946a14b733a0b75dc0e0fe7ec451e3304efabb148cf7740d92633549fc799efeffbb500bf6a3db52cb6551af05b9d13a338392b5a8a8a21422903ac79280ba0651419590f6126813018282ea112a8c697e421a55ef2aac7340a5736e3d51504d8c7f023ee72b55ab9a1a1195cf9edf01e30447d1e000ce0ec914a9a6ae232498e74bcd19c01b7086e3fec56b754ab12185fda15b9525dec81f973a9c4bc9e3346f077651b64733a62e0536a41b5d896c07d71bb8b256ff30493694ca27c654b9cdfd0721dcef4726d97a2974dc7d8e373b0a60174bb0800ee00", @ANYRES32=0x0, @ANYBLOB="0c0043001700000000000000fd11358084a64c4852ce59bc40427a1582ec7e9547999b7be18d57542e2971a2513a2b81d76f6ad9a7ceda50a48bcd2786f06ffd040009808cb297f99a3664c1952c24e42f729fc43262610d3652cef336adc19ee56c82ca3e707eb78d0148b668305d97f7ec33db8e3e9dc65e7c274e7bc24ed3a1184621df12504c07b14a737fcc8ef9009b890c6caeba9729fbfeca6b12211869a2716ea36f7399a7bd7c0f2377c94cfe62f2bcbff380ee256a7c3ec69110da7f9a6d89254f4ec5b539cbc7303ccdc6a8619996b6263165fa024adff951d4d8d2d6587b80d1c30440b0817f52c341360dc5df31f0b5639a5b96e26938d5bc55ea7bef35a4cf126c9183ac38fb34b319abe5f06082c1e8ce526cdb3066d523d12deb8697d8299c1f5edf46514913c4648f2fd1816a58beffaab5040d72e67ac75075da4c92fb2c60d17ee03c6cc004ceb9ef5abe60fe300faa63e19f5eefa54eaed41a4fa62c6a56be9ee7f691162545a8fd930f45517df0436b69efc7d5ac19e930a92ef86472205f87a61dd95dc35a6f258c8c7958a8175e8cd8dbf01f82cca2359aef93e3eb117014c231d67bc6da5248aeac9543ff47663c01581b945dd8507adb1689ac8244b010e66087ffd4c0b930f8ffc7408402d8ce7db0cfd9830cdd85aab9711919563d56d245801c371f040af5b8169de3c6fea317612f4c2317cc526e8ea8c8c1e953c791b20a1aaf4c62f6c906efa621b14e7d3e285aa55b7ef96e4feb652df2cf36e76132f396cedb9db9cf15eeaea7b13e1027ea5d1f5490e6688884e1f1df2a9853024e581c9ae87c12991f4f89aabc4020df65ac4683de032022e2d805273b2d6a62e841a74be316f2152002b87680d37f6b7faf2b24be1ebc0d7a95fc330a592d044fd05ed37465086402a1335ce622bc8526afbc6aad8bb1bc0b63bf46ff0496a8861f0ee2c990adaf568144fb15eb4492e049f762fe735ddf5d283433a9d2fb9faff70364046ed11752282c816611250cc1e14272470c12fbd96a06bd3b873da306810ed786bcdb8983bcc7acf941b819c4f59b132e6c81639b46b8ba630ae11e4751458aeaa9dc2cee291652e638a28d47ecd5e2df8830bc7267883dd7d77fe2392aa484b6dec167a1bf3e00c927b26832f5f8d67f5d1c0c935624bc6c917001dd4df77aea734fa05d4037db5b19cef7d161c5ad1e95b40dcdd369358fada0a2a04d7a99f0b93386f706aa3213c1c4428b8461062b29683b29e56748a65154e9c33eafd6dac22c2ef4f55c4ca8e4a6c0007b31305254a27425066fec4b41e11c8357bf67ce8e2a0facb1b26e1b19543cd5f075cc81b0873ec57bc7edf9a9fb8ae35d3a3ace676225b40a421e645301f304221763ecab8baa7515839ca7f29e9e646af9a1ff1fe8031b5b36a8f2d6d70ae3f514f1c2972df04bb4924373d39301c8708bdf1376d3be64f3614c183c5b5cf95edaf20d2e59ec124eb11526a7f2d28546b31566e161ff39233762c0e4b505f246454f3e27f8dbbedf1610464944ea873600ed8e95fa00d291fa3b1d9cb257ca29710f473ce1de492602202f23ab8102ec101110145fbafc73f41a830decc8fc46a9f8925e091fec25f87a69fa23f63621533da3e4f97d2ad78c1886b6783e46e2923fbc424bb010e5d586e5fce6f5191c161aac64eec1c3afb12b2c6b2047c9c9db9d6beeb10de8b1d8ed9b857c3c7e7c3b59e374c6a7407ef247c178147b3a0f82f8588b74ddbab03d4c78915750c463f68bc8f40f8e4ba87169bf6377c54d21d5a62cb0dcf466daa235ad887f5d2af2d8dd827047847190afa82fb866744bbfd38952705530e699270b1f13dc0b53fdc2de61de45ab153fd017274bb3b4b4c8b9fa2279dc3a6940e072e9fe87bc86011dcc0c1ab07b97868b0f51ff6208df234a2f5a10f896478a4c5d46ffbafaa810b45bb82368d0085f78e959d1b0f26dd7cff09a40d0d12285b1ccf203ef25f3a1cb5fd753c6aadf2a26c1a21b6355ec2ef8d29ac0f08cd44e94f9a9f6b8558c3e5d7db20ce3a8f147c0309fb3f4b856dec934af6072bc942de440d8cd0ec1944362cb579f75a91393e3ebaf5fc807c0df8367834bb0f08ca7c698991662d8b9e9e55dba84b968d316fce6311e5257ccf69348e06a693595bb94bdaba080fb1c0c88a33557c088a51948bd4f01c5544e9fbf5a8e09ae0dff397ea8522a4349d185f9a2f0b595093b29b88b5e2007e12e6b60ae8aed88bbc198dc7709c5e9181ead6ab91a0b7df795a0e9d349c1096bb29bf2e0643a0afc2f2ac9ffe3e5002a796b025da52dce5d89a8d76499a25bb4588202c18a12107b1fb9759f904ca3363921ed36d1fb3f0af559e771b0a708e26b39f00a87cf2e8489f53a6c0ae606ea8ced1b876895c1c21ece89b1955c4d827ffd4da4b994eb2dcff368ef534b34f6a566efd9480f1b6e308947684dc4960a083d3cf52960be62cf0c0d4ce6d256ff28141c274b7dc8dac819c04d4f1155a8bb4c29a2a00535ca4ea89ce1e218146b73e2103fadcf2c2de446e6c128cbe749c5f7aaf392e764a9397e06e443cb3e44d08af9a2ce55b0ef8cf1803f2167a67d59547d522d65934fba7875301db570cc4424f629a39a7bd36333029bdb818a3739f454966af6ffe4d237d6965cc81f335d8a787450abbe7c8ddfd2f8b749594cea4df455cdfb5eb5f7b0b4f67875adafb11b61639fd0be25bbf0d19cea430058fff31b0fb0ae36a84ad6ccd17038638fe38905fc24384bc60a15058c6b6defe60ed71c7697612b084d6a2cd0b15056f593335906c82265f38c47dcc1c1043da1ce74578a1919e03df4e155396b3dea89acd39d1449f00a9e8cf5ceb0684928432d21e6b7e83c099d285c126a430767e1e718c9dcaf83ae26120ed83c95d7d16a493d16c0a01f8bc05ac987bf8e378d7c8d28c201930890773c1d6ab6440cd3ff2454f17ced7e463d9753891a56833f5f673eb138d7e7ce6666b65ea74f6f0d3cc2d86dd7940ccf108ef7f0ad3c5c7da744c1988aee2a7fa5fd1bf52698221c6ed21de5077effb9bdb50b882523fa932bd1e3efe50b630599dfaf3b13167f57db1a12caeb51278b7fbd9768da62d45b1f056aac361b2da6cc4933a9159379a4152ad66a69362e347af0d414e8716c9869511034c2a366bfb5b125cfc5720c05af7895f4e318d89e85ad02e76c0d643b77c3bbab28865823d696dc5306e1731f56c29ddd25e378749493c762d9966e34b53049a84f4da9ff286bb20ea8c6918ae6df35bd82719ab07d197afe2c87cace76d139175fcfbb8ebc49a131d484244295baca1dec61526a5f844a6950899a0bfc13417b3df9b6580e5657a0d92bab2cfaab91e1513e0cb11c0f029841bf63da801ed3171aa7c039b45675b9197924a5429feeb52a7152d4b82304ff39f2d666edf8ccbfb35d2eee45af364ba98cc978ec7f4f361c4a9fb2bf1155e059c9874c9b00113b6d85ccfbeeb3bf33435ced0c94135a00162d1a1279041fca05ddb2ac02a0a34bbb15f5aac25ac3cdcc32cbb882b6456602bd011cb665661b483b20bcb6cadaf993b3d6fe59757e9fd2b00ebc3b6adfca5bd7bc016eac63adc33f450303dfc89a025d2e3e7fa99854cd468654428c4dbf40b078b24c939882bff81d871d19383b86a5d78e3dc5f53bbf31c56c9ceb28c43179b0f9829d9fdb9c126eaeee6858de67dc6cf0f75552fad19ab1dd381dfaf963790353816b68c1e4e0938d1312746e90d5ed32c32be83f2e1890ce24bd3594b8393280937ddd35475106a0336a61ef483202ca11d58dbb4345c5d68b41e949ad32a36b86983950a12dcb29e02b31880d041805197670fc30c8d6c30f736de8cf7955dd8ae6a46d6fa0d9955056abe5ef41acc00f94f9466327fa207f1f85aac9baceb25fcde2e8f1c6c5f68a66a62a7165c29afb66a17932c892fcd6c894c54abb3f56bbf1dd5901a60b2dc2a51615e6897e894aa15678403ce35a2dd94a31d03092a92e54be81c53adfefa653c00f63a76f2d6471625df5ccfdccffb30e1c545e435c3b3fad6249246d3c2f5796514a899d87905ef0a5bd1032c4718b467dc2df510183beb72b9140cf670e82c649460d782cbf33791088756a796c48d0f7df2b856a4b3e2914c7f8e707a05ed5956473c8eeca35aeb2b96c939b5bfd874e519b9d624e5b3fde44de50c1e9ccbd2642638ab2c1de38127c4c59c5d5710d82c619b634151b0fb1bb94a357e2e38b888f8fb30934009fbee693451b343f0cd656411565e4149433383a8ee7194bdf3907f8a9136296188c74bb3fb276da9cc275101882ac5046fa42b9142efce704014b17b72d0a7b2421b5efb3a0411da62d42019bf78d6a6c5c56f3e8e5fbd0240547c6db5404f1218ab391f361a5ecb9c2cd64c32693ca8dab991688b496daada1d02b5d9cd1b9df7f1258e1a9a70e22f229078b0b33f30cb3e4021335a4392548dbf11dd0ab1c138571179412f35b4106f9bfc0c5bf57b63909a5fd8892a584569cb7b9c330417ae9468d6583f2c923060e156d4a8c69114ac5281b8104b3dcee2abe8b94b7a0551079f6bc89dfe3c521a046b70b1d2a9f1df20fda6dd84adf9e57b34b795ffd5b3dca4c62c815177744c2c21046861135e70fed347985962f5409580c263a72cfd878fe10192902948c6bab642fab9be6b9b93fe41fdea762a9c78d1631f81c4d76c3187d23a26ad0d37ba1f44114afe994c18f8404f7ed02956eeec1ab8c87b0cf8450146705817beec015783b22e6d9125179887dc74b162b2890ffbf8c3443bf732c125f7d2ba0f75d0f81198eaf12e1251e85a34ebd23087ba790d6ad8a6c4cf0c85d410fef6bf6796e9a4c25699dd8bf51063b65b46aa5ad69ed243722b5ac050672fd3ba0c2d8b5e013f403dda3c30db4ca94da891a6d90ac9cfda97c0fce5bf7ed8c0d4b309ece7bbf0f536fcce750495dca0ba52c0c2e1972763f973a28925d8846b6a941bfc9dd1e96b889112336b1530327eaaddcb78ab1db7c35c4ef54a2888f770de481f0a6ba5b827a5013b6c9c0f9e6e629d7f0f65d260ee4ad62061305ba91ec2a29c27dc22b4d07cd090a66705f062ef25f632eaa2842b36dcf2807abb94403c458d78453a5bf20bae90912372db3e4ba83e66928dad13a734ecd912cff58640e8c3b4012ab0fd32f8679875b0f46812deb0f143d8c94b2d0c8d0d9bfc7c1f5eb6609179e1e4119e6c240d8ad581233f4b2bc55c39f3e46f4516ab2b2ac271f773809718f80efc4cd4fc28ebb09d7e8429203127de4aee25cb61bef5d71a3fd7b43741bb8d0f0b530f4d06e2c92c632930c8fec4c6a2b66f43efee55b50254dac26cbefde31cef6d044ce90e61bec3affde7682a14fd8327358b09b3445cc4af0bcf125d43d458d8089176f238d4253fc0e3f7b3b72fbd88bca0973539fdcab07ca1da7027a50ae01a071e080dd04718a82dc0ef72228a84598556d2f85777e72b4227475313a779b7cbc5c80314f7358cdb1e4ab8e178ef933e7192c60304770262e4b99d476b8f42c8eb2b10ba6ba0dd51a52710ac75d49f29ff6abfd791755a88c0456513b7e47915855ddb6b5c38b5955cac22aa6f2e96a135540b2da8d22b4c83590e585185946caf2307af83e4a9fc809301cb53284407cd5ed383477e0a0a1852b0b94c1c382d5a192ac2fc705f7eb05f2655a5c0220bc2eb03b8132290d7a2a3871d4c93fb48f0521c10590f35a90b813155483a2d64a408d21bcae12b5bf8977a42c7cf6810d7b300fcfe7b780688d227dba545cdb8104fc31d873f2ca8afe8a8ee1c8bfdc13663d5f4509b836e3901e41128bd694fef92737864630545ffba4afac3acc7b49a870566f245a2a3ed34ff266ff66ef1f45ecf83f33f548746c3f2d0868a2b0fda71312475a1e601c8b71a7b9231afa40936c42f7d1e3d053dc7dbf12956654590f55b12c6c77b9d7372d9805a84d6f99040e21b9791c62dda870814a60dbf27c4a82f3979410091ef1106220f96627d8f7f189de07ca85e0dab440efe5b8fdc8d7e434ba6162f0b5df11c0bd6489945c946953a21a2d0f0e8924337f401f42f96a87c26f76e4e6623eca76b8c81aa96741b248e07cc8fccb203903da21d364640549640aff4016c83c6e2586893212706aedd30c4b2b2c9c205d1332ea492d4aad97c2646c8082b6d769b5f5d606bec26fb762adf1308325c1c2ec38e2cfa424e41513718625a7d7004a7de11f937d177eee3da060e04b4f1311957fe7897e5f43d32f4c3b4234c3afdf3b069432ac235046efbe4e243c071f06c155bbc48cdac07171b38253c0de4afea667572ebbc28894cd2f9e21992d4d696710a0250acc1a355d951146cd46883787104494c20ca9abb33b07bb3e54b8c5861a1425f4d989029844ecdde4d851e57c9d39d757f473d55e4b0f0aeff40b304d3e04f6e2e9394b1e172d7482dad0b3ca2568aa3297391d614f912a08003300f50000000400238000000008004f00", @ANYRES32, @ANYBLOB="0b055bfae918f58d7afbadef493d7e358a95c4e330bcf2a04bc03c39d71670dab91ae5b106d1c2843ce4304ea577f9d8a1a0f848d602b9800600d00023000000f9768407cc2561184d2c4fc38602f7f8b7e4d6b3bb83f9abe034d3786433df04f18ac95f6d7d3fd067778f4450b81274918a59ba3a86b640f0b2f491691fbbf30d5968d8cac55f7faa350f658846cbf96a27bd30c15510f812038d31664a2401cbc2c9e12721a435f68c7490e6f85b04973390512b4a52fe2b005b277d1a2cb4f6609b499d2b554549f538e79bb251b0fb6cba3c2bd4ee5c2a261e87f8df3edb54c1acb4056770de689c1d57b90400e280e2bc598ed974dc397766010698def2d7772b1038bb9c17e0763cb138433f1e202f1611d0039a04209f742c012cea110be51c9b094f857d693685c3b632090db81a1ed81922c1bca49c033497098432b5cac25c7d29faaac98f1299fb1dd174a79b15697edc8badb40500dbca74b1ebf60400c1808723e75eb0d3bf1d6a19c1bcd4235f17e1b00f7a41329670f7d087b53a6ec1ea26f9b87f7bbde89b7abffc784f40bf50bafb1754a0ec5cf72e9089b5d61b9740aa1c56f016dd00d7da62d26242bfc367d029cd67bcb19fef0163b26f5a6fea1270de2665889035884d5137da65ac46509dfb7cd208e92dcf60f2faf30a5e53c8a2e83b6ee7ab4bfc225320e76ea3c10f3d8d440cebb9868fcf5dc7f513157d7b8a9322b23b544ca2131d65720f9a9279715eadf1fc70e535f868a25b760d349e142202b7ad4b65b80befeef4f8c1386507a2321365931e6facedda8269229e48", @ANYRES32, @ANYRES32, @ANYBLOB="08001b"], 0x18c0}}, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x200003, 0x0)
read(r3, &(0x7f0000000080)=""/1, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000300)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x24bc]}, 0x8)
write$cgroup_pid(r3, &(0x7f0000000480)=r1, 0x12)
close(r3)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x1f49f7a5610fd212, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r5, 0x4068aea3, &(0x7f0000000280)={0xdb, 0x0, 0x1})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000740)=0xe)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000340)=0xff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xcd39, r7}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)

16.341266226s ago: executing program 3 (id=704):
socket$packet(0x11, 0x3, 0x300)
symlink(&(0x7f0000000040)='.\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r2, 0x1)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
gettid()
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000041}, 0x55fdb4595c3d8036)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031, 0x60}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)

14.611406714s ago: executing program 1 (id=705):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_io_uring_setup(0xbc4, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x28c}, 0x0, &(0x7f0000000280))
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup(r3)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}, @in6={0xa, 0x4e21, 0xe, @empty, 0x7f7}], 0x38)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000380)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000080)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)

14.421754913s ago: executing program 3 (id=706):
socket$packet(0x11, 0x3, 0x300)
symlink(&(0x7f0000000040)='.\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r2, 0x1)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r7 = gettid()
tkill(r7, 0xb)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000041}, 0x55fdb4595c3d8036)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031, 0x60}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)

12.859703714s ago: executing program 3 (id=707):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x0, @default, @bpq0, 0x6, 'syz0\x00', @default, 0x0, 0x7, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002dc0)={0x11, 0x3, &(0x7f0000002cc0)=ANY=[@ANYRESHEX], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x6f6)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000007000000140001800500020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8)

8.908228242s ago: executing program 1 (id=708):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x0, @default, @bpq0, 0x6, 'syz0\x00', @default, 0x0, 0x7, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002dc0)={0x11, 0x3, &(0x7f0000002cc0)=ANY=[@ANYRESHEX], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x6f6)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000007000000140001800500020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8)

8.884633683s ago: executing program 3 (id=709):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r2, 0x0)
openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi2\x00', 0x14a300, 0x0)
preadv2(r1, &(0x7f00000001c0)=[{&(0x7f00000003c0)=""/254, 0xfe}, {&(0x7f00000004c0)=""/173, 0xad}, {&(0x7f0000000d00)=""/4096, 0x1000}, {&(0x7f0000000580)=""/205, 0xcd}, {&(0x7f0000000800)=""/151, 0x97}], 0x5, 0x65900000, 0x80, 0x9)
socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pipe2$watch_queue(&(0x7f0000001100), 0x80)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
bind$netrom(r4, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
listen(r4, 0x80)
pipe2$9p(&(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="2c0266646e6f3d", @ANYRESHEX=r6, @ANYBLOB=',version=9p2000,\x00'])

6.27534294s ago: executing program 1 (id=710):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x2005}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

4.162988026s ago: executing program 1 (id=711):
r0 = socket$inet6(0xa, 0x3, 0x6)
socket$unix(0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x21c0, 0x103)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
getsockname$netrom(0xffffffffffffffff, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000014980)=[{{&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)}}, {{&(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x64010101}, 0x10, &(0x7f0000010700)=[{0x0}], 0x1}}], 0x2, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x1d, r3, 0x3, {0x0, 0x0, 0x3}, 0x2}, 0x18, &(0x7f0000000280)={&(0x7f00000003c0)="9ca453e090fd08b0774e6e0fc2243f2d82578fab3f5261b277ed10d6a0fe19f2bb6ec6a1178a73a7bbf6cba80db27033f7e19383bdfc9931ab427b5f2ba8a48b64ff8263ca", 0x45}, 0x1, 0x0, 0x0, 0x20000080}, 0x20001000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0xc0041, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x200100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000140)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

2.484134364s ago: executing program 1 (id=712):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902240001000000000904000015"], 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="000129bd7000fbdb760567d956e2df253a"], 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x24040000)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc540900", 0x2c}], 0x1}, 0x0)

1.93212822s ago: executing program 3 (id=713):
io_uring_setup(0x2255, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x50, 0xffffffffffffffff, 0x80000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x41)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1fd, 0x0, 0xdddd1000, 0x1000, &(0x7f0000394000/0x1000)=nil})
userfaultfd(0x80001)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

368.704085ms ago: executing program 1 (id=714):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000022c0)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(ghash-generic)\x00'}, 0x58)
r2 = socket$inet6(0xa, 0x3, 0xfffffffc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x8, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
close(0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0xf)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
truncate(0x0, 0x7ff)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000380)={0xf0f004, 0x2})
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$uhid(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
fcntl$addseals(r3, 0x409, 0x9)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1)

0s ago: executing program 3 (id=715):
io_uring_setup(0x2255, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x50, 0xffffffffffffffff, 0x80000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x41)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x1fd, 0x0, 0xdddd1000, 0x1000, &(0x7f0000394000/0x1000)=nil})
userfaultfd(0x80001)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r2, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

terface batadv_slave_0 (retrying later): interface not active
[  330.683172][ T6824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.683191][ T6824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  330.683221][ T6824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.239990][ T6824] hsr_slave_0: entered promiscuous mode
[  332.278921][ T6824] hsr_slave_1: entered promiscuous mode
[  332.326214][ T6824] debugfs: 'hsr0' already exists in 'hsr'
[  332.326246][ T6824] Cannot create hsr debugfs directory
[  332.327977][ T6744] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  332.823474][ T7008] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  332.823495][ T7008] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  332.842813][ T7008] vhci_hcd vhci_hcd.0: Device attached
[  332.860861][ T6744] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  332.890537][ T7010] vhci_hcd: connection closed
[  332.896800][ T5998] vhci_hcd vhci_hcd.3: stop threads
[  332.896827][ T5998] vhci_hcd vhci_hcd.3: release socket
[  332.896867][ T5998] vhci_hcd vhci_hcd.3: disconnect device
[  332.998141][ T6744] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  333.823153][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  333.840586][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  333.849050][ T5806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  333.869348][ T5806] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  333.872908][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  334.097700][ T6744] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  336.025095][ T5817] Bluetooth: hci4: command tx timeout
[  336.901504][   T39] hsr_slave_0: left promiscuous mode
[  336.996712][   T39] hsr_slave_1: left promiscuous mode
[  336.997719][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.997745][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.101730][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  337.101765][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.037408][ T5817] Bluetooth: hci4: command tx timeout
[  342.045852][   T39] hsr_slave_0: left promiscuous mode
[  342.340852][   T39] hsr_slave_1: left promiscuous mode
[  342.341926][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  342.903225][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.984238][ T7064] netlink: 356 bytes leftover after parsing attributes in process `syz.3.265'.
[  343.036293][   T37] kauditd_printk_skb: 275 callbacks suppressed
[  343.036313][   T37] audit: type=1326 audit(1768752279.576:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.036911][   T37] audit: type=1326 audit(1768752279.576:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.037068][   T37] audit: type=1326 audit(1768752279.576:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.037258][   T37] audit: type=1326 audit(1768752279.576:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.038724][   T37] audit: type=1326 audit(1768752279.576:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.039431][   T37] audit: type=1326 audit(1768752279.576:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.039630][   T37] audit: type=1326 audit(1768752279.576:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.039838][   T37] audit: type=1326 audit(1768752279.576:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.040543][   T37] audit: type=1326 audit(1768752279.576:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.040875][   T37] audit: type=1326 audit(1768752279.576:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7063 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  343.964400][   T39] hsr_slave_0: left promiscuous mode
[  343.984573][   T39] hsr_slave_1: left promiscuous mode
[  343.985598][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.985624][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  344.030510][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  344.030534][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.144676][ T5817] Bluetooth: hci4: command tx timeout
[  344.163593][   T39] veth1_macvtap: left promiscuous mode
[  344.163670][   T39] veth0_macvtap: left promiscuous mode
[  344.163848][   T39] veth1_vlan: left promiscuous mode
[  344.163964][   T39] veth0_vlan: left promiscuous mode
[  344.264459][   T39] veth1_macvtap: left promiscuous mode
[  344.264534][   T39] veth0_macvtap: left promiscuous mode
[  344.264714][   T39] veth1_vlan: left promiscuous mode
[  344.264830][   T39] veth0_vlan: left promiscuous mode
[  346.224601][ T5817] Bluetooth: hci4: command tx timeout
[  346.689634][   T39] team0 (unregistering): Port device team_slave_1 removed
[  346.914874][   T39] team0 (unregistering): Port device team_slave_0 removed
[  349.595212][   T39] team0 (unregistering): Port device team_slave_1 removed
[  349.746463][   T39] team0 (unregistering): Port device team_slave_0 removed
[  352.365113][   T39] team0 (unregistering): Port device team_slave_1 removed
[  352.615269][   T39] team0 (unregistering): Port device team_slave_0 removed
[  353.453313][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  353.472727][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  353.485357][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  353.488936][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  353.489867][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  355.584600][ T5817] Bluetooth: hci5: command tx timeout
[  355.672193][ T6930] chnl_net:caif_netlink_parms(): no params data found
[  356.383374][ T7091] netlink: 24 bytes leftover after parsing attributes in process `syz.1.267'.
[  358.435802][ T5817] Bluetooth: hci5: command tx timeout
[  360.466607][ T5817] Bluetooth: hci5: command tx timeout
[  362.665290][ T5817] Bluetooth: hci5: command tx timeout
[  362.756108][ T6930] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.756333][ T6930] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.756541][ T6930] bridge_slave_0: entered allmulticast mode
[  362.770927][ T6930] bridge_slave_0: entered promiscuous mode
[  362.822579][ T6930] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.822785][ T6930] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.822988][ T6930] bridge_slave_1: entered allmulticast mode
[  362.849960][ T6930] bridge_slave_1: entered promiscuous mode
[  363.280842][ T6930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.323274][ T6930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.677461][ T7141] netlink: 24 bytes leftover after parsing attributes in process `syz.3.275'.
[  365.784360][ T7145] syz.3.277 uses obsolete (PF_INET,SOCK_PACKET)
[  365.811182][ T6930] team0: Port device team_slave_0 added
[  365.875744][ T6930] team0: Port device team_slave_1 added
[  366.169156][ T6930] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.169175][ T6930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  366.169206][ T6930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  366.170093][ T7016] chnl_net:caif_netlink_parms(): no params data found
[  366.524805][ T6930] batman_adv: batadv0: Adding interface: batadv_slave_1
[  366.524824][ T6930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  366.524853][ T6930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  369.902472][ T7153] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  369.948067][ T7153] serio: Serial port ptm0
[  369.965147][ T7159] hub 9-0:1.0: USB hub found
[  369.965557][ T7159] hub 9-0:1.0: 1 port detected
[  371.189480][ T6930] hsr_slave_0: entered promiscuous mode
[  371.190483][ T6930] hsr_slave_1: entered promiscuous mode
[  371.196355][ T6930] debugfs: 'hsr0' already exists in 'hsr'
[  371.196375][ T6930] Cannot create hsr debugfs directory
[  372.935001][ T7075] chnl_net:caif_netlink_parms(): no params data found
[  375.024675][ T7016] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.024823][ T7016] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.025093][ T7016] bridge_slave_0: entered allmulticast mode
[  375.265695][ T7016] bridge_slave_0: entered promiscuous mode
[  376.446073][ T7016] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.446248][ T7016] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.446548][ T7016] bridge_slave_1: entered allmulticast mode
[  376.451677][ T7016] bridge_slave_1: entered promiscuous mode
[  376.616239][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  376.622678][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  376.640953][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  376.651981][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  376.653572][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  376.695781][ T7187] netlink: 24 bytes leftover after parsing attributes in process `syz.1.284'.
[  377.496437][ T7016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  377.878121][ T7016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.708001][ T5817] Bluetooth: hci2: command tx timeout
[  380.784340][ T5817] Bluetooth: hci2: command tx timeout
[  382.874522][ T5817] Bluetooth: hci2: command tx timeout
[  383.275668][ T7075] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.275838][ T7075] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.276056][ T7075] bridge_slave_0: entered allmulticast mode
[  383.278058][ T7075] bridge_slave_0: entered promiscuous mode
[  383.290266][ T7016] team0: Port device team_slave_0 added
[  383.300122][ T7075] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.300232][ T7075] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.300393][ T7075] bridge_slave_1: entered allmulticast mode
[  383.303532][ T7075] bridge_slave_1: entered promiscuous mode
[  383.485281][ T7016] team0: Port device team_slave_1 added
[  383.847329][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  383.847400][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  384.944254][ T5817] Bluetooth: hci2: command tx timeout
[  386.271338][   T37] kauditd_printk_skb: 224 callbacks suppressed
[  386.271406][   T37] audit: type=1326 audit(1768752322.806:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.272944][   T37] audit: type=1326 audit(1768752322.806:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.300079][   T37] audit: type=1326 audit(1768752322.816:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.302019][   T37] audit: type=1326 audit(1768752322.836:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.302156][   T37] audit: type=1326 audit(1768752322.836:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.334788][   T37] audit: type=1326 audit(1768752322.866:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.336889][   T37] audit: type=1326 audit(1768752322.876:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.342957][   T37] audit: type=1326 audit(1768752322.876:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.345877][   T37] audit: type=1326 audit(1768752322.876:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.346054][   T37] audit: type=1326 audit(1768752322.876:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7238 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  386.785888][ T7075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.787037][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.787054][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.787082][ T7016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.001330][ T7075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.002184][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.002200][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  387.002230][ T7016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.769040][ T7075] team0: Port device team_slave_0 added
[  389.875749][ T7255] hub 9-0:1.0: USB hub found
[  389.877523][ T7255] hub 9-0:1.0: 1 port detected
[  390.727822][ T7261] netlink: 356 bytes leftover after parsing attributes in process `syz.3.300'.
[  390.753832][ T7075] team0: Port device team_slave_1 added
[  391.289821][ T7270] hub 9-0:1.0: USB hub found
[  391.294877][ T7270] hub 9-0:1.0: 1 port detected
[  392.411572][ T7016] hsr_slave_0: entered promiscuous mode
[  392.412605][ T7016] hsr_slave_1: entered promiscuous mode
[  392.427347][ T7016] debugfs: 'hsr0' already exists in 'hsr'
[  392.427370][ T7016] Cannot create hsr debugfs directory
[  392.565670][ T7075] batman_adv: batadv0: Adding interface: batadv_slave_0
[  392.565684][ T7075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  392.565705][ T7075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  392.836094][ T7075] batman_adv: batadv0: Adding interface: batadv_slave_1
[  392.836114][ T7075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  392.836142][ T7075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  392.871653][ T7276] hub 9-0:1.0: USB hub found
[  392.885789][ T7276] hub 9-0:1.0: 1 port detected
[  395.535402][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  395.539414][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  395.563113][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  395.591456][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  395.613309][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  397.810549][ T5817] Bluetooth: hci3: command tx timeout
[  398.215451][ T7296] ceph: No mds server is up or the cluster is laggy
[  399.971808][ T5817] Bluetooth: hci3: command tx timeout
[  400.883495][ T7075] hsr_slave_0: entered promiscuous mode
[  400.894884][ T7075] hsr_slave_1: entered promiscuous mode
[  400.896248][ T7075] debugfs: 'hsr0' already exists in 'hsr'
[  400.896284][ T7075] Cannot create hsr debugfs directory
[  401.988042][ T5817] Bluetooth: hci3: command tx timeout
[  403.386165][ T7183] chnl_net:caif_netlink_parms(): no params data found
[  404.945431][ T7340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  405.001983][ T7340] serio: Serial port ptm0
[  405.084255][ T5817] Bluetooth: hci3: command tx timeout
[  407.890813][   T39] bridge_slave_1: left allmulticast mode
[  407.890836][   T39] bridge_slave_1: left promiscuous mode
[  407.891301][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.967426][   T39] bridge_slave_0: left allmulticast mode
[  407.967458][   T39] bridge_slave_0: left promiscuous mode
[  407.969668][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.037656][   T39] bridge_slave_1: left allmulticast mode
[  408.037680][   T39] bridge_slave_1: left promiscuous mode
[  408.037941][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.125334][   T39] bridge_slave_0: left allmulticast mode
[  408.125359][   T39] bridge_slave_0: left promiscuous mode
[  408.125581][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.153408][ T7358] netlink: 356 bytes leftover after parsing attributes in process `syz.3.317'.
[  408.197261][   T39] bridge_slave_1: left allmulticast mode
[  408.197285][   T39] bridge_slave_1: left promiscuous mode
[  408.197462][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.223989][   T37] kauditd_printk_skb: 278 callbacks suppressed
[  408.235959][   T37] audit: type=1326 audit(1768752344.756:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.236007][   T37] audit: type=1326 audit(1768752344.766:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.255049][   T37] audit: type=1326 audit(1768752344.786:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.263783][   T37] audit: type=1326 audit(1768752344.796:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.263945][   T37] audit: type=1326 audit(1768752344.796:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.264275][   T37] audit: type=1326 audit(1768752344.796:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.305431][   T37] audit: type=1326 audit(1768752344.846:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.306200][   T37] audit: type=1326 audit(1768752344.846:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.310078][   T37] audit: type=1326 audit(1768752344.846:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.311826][   T37] audit: type=1326 audit(1768752344.846:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7357 comm="syz.3.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  408.495679][   T39] bridge_slave_0: left allmulticast mode
[  408.495708][   T39] bridge_slave_0: left promiscuous mode
[  408.495989][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.622543][   T39] bridge_slave_1: left allmulticast mode
[  408.622575][   T39] bridge_slave_1: left promiscuous mode
[  408.622834][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.696866][   T39] bridge_slave_0: left allmulticast mode
[  408.696889][   T39] bridge_slave_0: left promiscuous mode
[  408.697073][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.095243][ T7368] ceph: No mds server is up or the cluster is laggy
[  411.301163][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  411.434860][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  411.621549][   T39] bond0 (unregistering): Released all slaves
[  412.444781][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  412.450801][ T7377] netlink: 356 bytes leftover after parsing attributes in process `syz.1.321'.
[  412.547285][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  412.606528][   T39] bond0 (unregistering): Released all slaves
[  412.855147][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  412.934916][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  412.996540][   T39] bond0 (unregistering): Released all slaves
[  413.218140][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  413.233880][   T37] kauditd_printk_skb: 633 callbacks suppressed
[  413.233899][   T37] audit: type=1326 audit(1768752349.766:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.1.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  413.259627][   T37] audit: type=1326 audit(1768752349.766:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.1.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  413.374878][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  413.436504][   T39] bond0 (unregistering): Released all slaves
[  413.581920][   T39] bond0 (unregistering): Released all slaves
[  414.030812][ T7384] netlink: 356 bytes leftover after parsing attributes in process `syz.3.323'.
[  414.083243][   T37] audit: type=1326 audit(1768752350.616:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.083391][   T37] audit: type=1326 audit(1768752350.616:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.083598][   T37] audit: type=1326 audit(1768752350.616:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.087545][   T37] audit: type=1326 audit(1768752350.626:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.101462][   T37] audit: type=1326 audit(1768752350.626:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.101634][   T37] audit: type=1326 audit(1768752350.626:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.101785][   T37] audit: type=1326 audit(1768752350.626:2777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.101909][   T37] audit: type=1326 audit(1768752350.636:2778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7382 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  414.352632][ T7183] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.364149][ T7183] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.364404][ T7183] bridge_slave_0: entered allmulticast mode
[  414.366334][ T7183] bridge_slave_0: entered promiscuous mode
[  414.421362][ T7183] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.434380][ T7183] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.434583][ T7183] bridge_slave_1: entered allmulticast mode
[  414.489645][ T7183] bridge_slave_1: entered promiscuous mode
[  414.525475][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  414.553304][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  414.558850][ T5806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  414.571040][ T5806] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  414.571896][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  416.704257][ T5806] Bluetooth: hci4: command tx timeout
[  418.775465][ T7183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.005738][ T5806] Bluetooth: hci4: command tx timeout
[  421.068495][ T7183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  422.547163][ T5806] Bluetooth: hci4: command tx timeout
[  422.589514][ T7410] ceph: No mds server is up or the cluster is laggy
[  423.072320][ T7183] team0: Port device team_slave_0 added
[  423.961885][ T7279] chnl_net:caif_netlink_parms(): no params data found
[  424.004518][ T7420] ceph: No mds server is up or the cluster is laggy
[  424.038132][ T7183] team0: Port device team_slave_1 added
[  424.751612][ T5806] Bluetooth: hci4: command tx timeout
[  428.484623][ T7439] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'.
[  428.484737][ T7439] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'.
[  431.094613][   T39] hsr_slave_0: left promiscuous mode
[  431.157342][   T39] hsr_slave_1: left promiscuous mode
[  431.158494][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.225145][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.304144][   T39] hsr_slave_0: left promiscuous mode
[  431.326438][   T39] hsr_slave_1: left promiscuous mode
[  431.327447][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.355157][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.454249][   T39] hsr_slave_0: left promiscuous mode
[  431.474294][   T39] hsr_slave_1: left promiscuous mode
[  431.475356][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.497795][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.554798][   T39] hsr_slave_0: left promiscuous mode
[  431.574685][   T39] hsr_slave_1: left promiscuous mode
[  431.575718][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.605099][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  432.430745][ T7443] slcan: can't register candev
[  432.822073][   T39] team0 (unregistering): Port device team_slave_1 removed
[  433.215144][   T39] team0 (unregistering): Port device team_slave_0 removed
[  435.049015][ T5817] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  435.057592][ T5817] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  435.063307][ T5817] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  435.092167][ T5817] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  435.092909][ T5817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  436.105539][   T39] team0 (unregistering): Port device team_slave_1 removed
[  437.204970][   T39] team0 (unregistering): Port device team_slave_0 removed
[  437.259950][ T7471] fuse: Bad value for 'rootmode'
[  437.486514][ T5806] Bluetooth: hci5: command tx timeout
[  440.121769][ T5806] Bluetooth: hci5: command tx timeout
[  442.144122][ T5806] Bluetooth: hci5: command tx timeout
[  444.224146][ T5806] Bluetooth: hci5: command tx timeout
[  445.272138][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  445.272233][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  445.586956][   T39] team0 (unregistering): Port device team_slave_1 removed
[  445.745067][   T39] team0 (unregistering): Port device team_slave_0 removed
[  446.421854][ T7508] fuse: Bad value for 'rootmode'
[  447.915412][   T39] team0 (unregistering): Port device team_slave_1 removed
[  448.054756][   T39] team0 (unregistering): Port device team_slave_0 removed
[  448.939660][ T7183] batman_adv: batadv0: Adding interface: batadv_slave_0
[  448.939674][ T7183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  448.939695][ T7183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  449.575437][ T7516] ceph: No mds server is up or the cluster is laggy
[  451.058556][ T7279] bridge0: port 1(bridge_slave_0) entered blocking state
[  451.058747][ T7279] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.058978][ T7279] bridge_slave_0: entered allmulticast mode
[  451.064179][ T7279] bridge_slave_0: entered promiscuous mode
[  451.076285][ T7279] bridge0: port 2(bridge_slave_1) entered blocking state
[  451.076419][ T7279] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.076657][ T7279] bridge_slave_1: entered allmulticast mode
[  451.193546][ T7279] bridge_slave_1: entered promiscuous mode
[  453.124709][ T7546] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  453.124730][ T7546] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  453.124836][ T7546] vhci_hcd vhci_hcd.0: Device attached
[  453.131784][ T7554] vhci_hcd: connection closed
[  453.133376][ T7432] vhci_hcd vhci_hcd.1: stop threads
[  453.133403][ T7432] vhci_hcd vhci_hcd.1: release socket
[  453.133443][ T7432] vhci_hcd vhci_hcd.1: disconnect device
[  453.233273][ T7279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  453.276290][ T7279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.729816][ T7279] team0: Port device team_slave_0 added
[  453.762380][ T7279] team0: Port device team_slave_1 added
[  453.972035][ T7558] syzkaller0: entered promiscuous mode
[  453.972063][ T7558] syzkaller0: entered allmulticast mode
[  453.986479][ T7560] tipc: Started in network mode
[  453.986503][ T7560] tipc: Node identity 2afc5f432e37, cluster identity 4711
[  453.986831][ T7560] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  453.987249][ T7386] chnl_net:caif_netlink_parms(): no params data found
[  454.183453][ T7557] tipc: Resetting bearer <eth:syzkaller0>
[  456.754723][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  456.853146][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  456.876916][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  456.907611][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  456.927397][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  457.087008][ T7557] tipc: Disabling bearer <eth:syzkaller0>
[  457.262103][ T7279] batman_adv: batadv0: Adding interface: batadv_slave_0
[  457.262118][ T7279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  457.262138][ T7279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  457.337970][ T6081] tipc: Node number set to 80437059
[  460.127792][ T5806] Bluetooth: hci2: command tx timeout
[  461.120536][ T7586] hub 9-0:1.0: USB hub found
[  461.131910][ T7586] hub 9-0:1.0: 1 port detected
[  461.139105][ T7582] syzkaller0: entered promiscuous mode
[  461.139133][ T7582] syzkaller0: entered allmulticast mode
[  461.248868][ T7386] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.249240][ T7386] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.261352][ T7386] bridge_slave_0: entered allmulticast mode
[  461.298924][ T7386] bridge_slave_0: entered promiscuous mode
[  462.147211][ T5806] Bluetooth: hci2: command tx timeout
[  463.934828][ T7386] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.951379][ T7386] bridge0: port 2(bridge_slave_1) entered disabled state
[  463.951592][ T7386] bridge_slave_1: entered allmulticast mode
[  463.970752][ T7386] bridge_slave_1: entered promiscuous mode
[  464.226268][ T5806] Bluetooth: hci2: command tx timeout
[  466.304287][ T5806] Bluetooth: hci2: command tx timeout
[  468.267582][ T7386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  468.370295][ T7386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  473.073892][ T7386] team0: Port device team_slave_0 added
[  475.497292][ T7386] team0: Port device team_slave_1 added
[  475.497698][ T7459] chnl_net:caif_netlink_parms(): no params data found
[  476.293295][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  476.307995][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  476.311026][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  476.314451][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  476.317305][ T5817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  476.571029][ T7459] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.571244][ T7459] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.571514][ T7459] bridge_slave_0: entered allmulticast mode
[  476.604634][ T7459] bridge_slave_0: entered promiscuous mode
[  476.620458][ T7459] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.620583][ T7459] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.620811][ T7459] bridge_slave_1: entered allmulticast mode
[  476.623761][ T7459] bridge_slave_1: entered promiscuous mode
[  477.055705][ T7565] chnl_net:caif_netlink_parms(): no params data found
[  478.388276][ T5806] Bluetooth: hci3: command tx timeout
[  478.762604][ T7459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  479.167920][ T7459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.714832][ T5817] Bluetooth: hci3: command tx timeout
[  484.762785][ T7459] team0: Port device team_slave_0 added
[  485.255879][ T7708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.380'.
[  485.255954][ T7708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.380'.
[  486.240044][ T5806] Bluetooth: hci3: command tx timeout
[  487.729310][ T7459] team0: Port device team_slave_1 added
[  487.740228][ T7565] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.744787][ T7565] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.745433][ T7565] bridge_slave_0: entered allmulticast mode
[  487.752452][ T7565] bridge_slave_0: entered promiscuous mode
[  487.773364][ T7719] hub 9-0:1.0: USB hub found
[  487.773908][ T7719] hub 9-0:1.0: 1 port detected
[  487.884771][   T39] bridge_slave_1: left allmulticast mode
[  487.884801][   T39] bridge_slave_1: left promiscuous mode
[  487.885074][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.945969][   T39] bridge_slave_0: left allmulticast mode
[  487.946001][   T39] bridge_slave_0: left promiscuous mode
[  487.946260][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.018652][   T39] bridge_slave_1: left allmulticast mode
[  488.018684][   T39] bridge_slave_1: left promiscuous mode
[  488.018958][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.085254][   T39] bridge_slave_0: left allmulticast mode
[  488.085279][   T39] bridge_slave_0: left promiscuous mode
[  488.085468][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.291664][   T39] bridge_slave_1: left allmulticast mode
[  488.291698][   T39] bridge_slave_1: left promiscuous mode
[  488.292027][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.305613][ T5806] Bluetooth: hci3: command tx timeout
[  488.366468][   T39] bridge_slave_0: left allmulticast mode
[  488.366499][   T39] bridge_slave_0: left promiscuous mode
[  488.368864][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.433710][   T39] bridge_slave_1: left allmulticast mode
[  488.433742][   T39] bridge_slave_1: left promiscuous mode
[  488.445798][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.546064][   T39] bridge_slave_0: left allmulticast mode
[  488.546097][   T39] bridge_slave_0: left promiscuous mode
[  488.546339][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.626950][   T39] bridge_slave_1: left allmulticast mode
[  488.626982][   T39] bridge_slave_1: left promiscuous mode
[  488.627249][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.705855][   T39] bridge_slave_0: left allmulticast mode
[  488.705887][   T39] bridge_slave_0: left promiscuous mode
[  488.706161][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.989474][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  489.497395][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  489.613059][   T39] bond0 (unregistering): Released all slaves
[  490.066943][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  490.227011][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  490.305171][   T39] bond0 (unregistering): Released all slaves
[  490.544902][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  490.665794][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  490.735235][   T39] bond0 (unregistering): Released all slaves
[  491.157471][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.254687][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  491.311412][   T39] bond0 (unregistering): Released all slaves
[  491.559569][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.706053][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  491.774159][   T39] bond0 (unregistering): Released all slaves
[  491.845545][ T7565] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.845680][ T7565] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.845917][ T7565] bridge_slave_1: entered allmulticast mode
[  491.848717][ T7565] bridge_slave_1: entered promiscuous mode
[  492.941174][ T7459] batman_adv: batadv0: Adding interface: batadv_slave_0
[  492.941193][ T7459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  492.941224][ T7459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  493.518818][ T7741] fuse: Unknown parameter 'fd00000000000000000000005'
[  495.723958][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  495.742170][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  495.758009][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  495.776504][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  495.781531][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  497.904458][ T5806] Bluetooth: hci4: command tx timeout
[  498.041419][ T7459] batman_adv: batadv0: Adding interface: batadv_slave_1
[  498.041474][ T7459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  498.041539][ T7459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  498.225087][ T7565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  498.250602][ T7565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  499.682525][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  499.736803][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  499.976186][   T39] hsr_slave_0: left promiscuous mode
[  499.984920][ T5806] Bluetooth: hci4: command tx timeout
[  500.549842][   T39] hsr_slave_1: left promiscuous mode
[  500.615915][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  500.659727][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  500.954250][   T39] hsr_slave_0: left promiscuous mode
[  501.011322][ T7775] fuse: Unknown parameter 'fd00000000000000000000005'
[  501.862320][   T39] hsr_slave_1: left promiscuous mode
[  501.874636][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  502.091533][ T5806] Bluetooth: hci4: command tx timeout
[  502.176092][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  504.144874][ T5806] Bluetooth: hci4: command tx timeout
[  504.855439][   T39] team0 (unregistering): Port device team_slave_1 removed
[  505.139074][   T39] team0 (unregistering): Port device team_slave_0 removed
[  506.746683][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  506.746776][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  509.534973][   T39] team0 (unregistering): Port device team_slave_1 removed
[  510.092346][   T39] team0 (unregistering): Port device team_slave_0 removed
[  511.604955][   T39] team0 (unregistering): Port device team_slave_1 removed
[  511.749685][   T39] team0 (unregistering): Port device team_slave_0 removed
[  516.487889][ T5817] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  516.497401][ T5817] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  516.498671][ T5817] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  516.500359][ T5817] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  516.501258][ T5817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  516.646449][   T39] team0 (unregistering): Port device team_slave_1 removed
[  517.586644][   T39] team0 (unregistering): Port device team_slave_0 removed
[  518.552369][ T5806] Bluetooth: hci5: command tx timeout
[  520.624175][ T5806] Bluetooth: hci5: command tx timeout
[  522.736750][ T5806] Bluetooth: hci5: command tx timeout
[  522.892269][ T7860] ceph: No mds server is up or the cluster is laggy
[  522.984759][   T39] team0 (unregistering): Port device team_slave_1 removed
[  523.114828][   T39] team0 (unregistering): Port device team_slave_0 removed
[  523.641124][ T7565] team0: Port device team_slave_0 added
[  524.784378][ T5806] Bluetooth: hci5: command tx timeout
[  526.999241][ T7880] 9pnet_virtio: no channels available for device /dev/md0
[  527.049824][ T7883] udevd[7883]: failed to send result of seq 15672 to main daemon: Connection refused
[  528.786904][ T7889] ceph: No mds server is up or the cluster is laggy
[  531.539376][ T7658] chnl_net:caif_netlink_parms(): no params data found
[  532.761133][ T7944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.427'.
[  532.761151][ T7944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.427'.
[  533.939639][ T7946] ceph: No mds server is up or the cluster is laggy
[  534.217693][ T7748] chnl_net:caif_netlink_parms(): no params data found
[  537.796163][ T7958] ceph: No mds server is up or the cluster is laggy
[  538.991762][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  539.022082][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  539.023253][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  539.055472][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  539.056305][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  539.691908][ T7979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.432'.
[  539.692005][ T7979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.432'.
[  540.722830][ T7748] bridge0: port 1(bridge_slave_0) entered blocking state
[  540.723193][ T7748] bridge0: port 1(bridge_slave_0) entered disabled state
[  540.723420][ T7748] bridge_slave_0: entered allmulticast mode
[  540.756970][ T7748] bridge_slave_0: entered promiscuous mode
[  541.099759][ T7748] bridge0: port 2(bridge_slave_1) entered blocking state
[  541.100699][ T7748] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.100938][ T7748] bridge_slave_1: entered allmulticast mode
[  541.103851][ T7748] bridge_slave_1: entered promiscuous mode
[  541.487150][ T5806] Bluetooth: hci2: command tx timeout
[  543.272568][ T7748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  543.273092][ T7839] chnl_net:caif_netlink_parms(): no params data found
[  543.303844][ T7748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  543.514135][ T5806] Bluetooth: hci2: command tx timeout
[  544.880430][ T7993] ceph: No mds server is up or the cluster is laggy
[  545.326651][ T7748] team0: Port device team_slave_0 added
[  545.343075][ T8001] netlink: 356 bytes leftover after parsing attributes in process `syz.1.436'.
[  545.371910][ T7748] team0: Port device team_slave_1 added
[  545.421833][   T37] kauditd_printk_skb: 197 callbacks suppressed
[  545.421853][   T37] audit: type=1326 audit(1768752481.916:2976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.421909][   T37] audit: type=1326 audit(1768752481.916:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.421957][   T37] audit: type=1326 audit(1768752481.916:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422007][   T37] audit: type=1326 audit(1768752481.916:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422055][   T37] audit: type=1326 audit(1768752481.916:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422113][   T37] audit: type=1326 audit(1768752481.916:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422162][   T37] audit: type=1326 audit(1768752481.916:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422211][   T37] audit: type=1326 audit(1768752481.916:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422259][   T37] audit: type=1326 audit(1768752481.916:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.422307][   T37] audit: type=1326 audit(1768752481.946:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8000 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  545.584168][ T5806] Bluetooth: hci2: command tx timeout
[  546.235046][ T7748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  546.235065][ T7748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  546.235096][ T7748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  546.648300][ T7748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  546.648319][ T7748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  546.648350][ T7748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  547.675242][ T5806] Bluetooth: hci2: command tx timeout
[  548.504607][ T7839] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.504850][ T7839] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.505130][ T7839] bridge_slave_0: entered allmulticast mode
[  548.507972][ T7839] bridge_slave_0: entered promiscuous mode
[  549.658655][ T7839] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.658763][ T7839] bridge0: port 2(bridge_slave_1) entered disabled state
[  549.658955][ T7839] bridge_slave_1: entered allmulticast mode
[  549.660847][ T7839] bridge_slave_1: entered promiscuous mode
[  550.792311][ T7839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  550.896090][ T7839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  550.902409][ T7748] hsr_slave_0: entered promiscuous mode
[  550.903511][ T7748] hsr_slave_1: entered promiscuous mode
[  550.934623][ T7748] debugfs: 'hsr0' already exists in 'hsr'
[  550.934732][ T7748] Cannot create hsr debugfs directory
[  551.361101][ T7839] team0: Port device team_slave_0 added
[  551.805922][ T7839] team0: Port device team_slave_1 added
[  553.463116][ T7839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  553.463131][ T7839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  553.463152][ T7839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  553.624907][ T8047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.443'.
[  553.624990][ T8047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.443'.
[  555.094411][ T7839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  555.094433][ T7839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  555.094466][ T7839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  555.455426][ T7971] chnl_net:caif_netlink_parms(): no params data found
[  557.438757][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  557.451683][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  557.463770][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  557.481447][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  557.494641][ T5817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  557.538290][ T7839] hsr_slave_0: entered promiscuous mode
[  557.539856][ T7839] hsr_slave_1: entered promiscuous mode
[  557.541956][ T7839] debugfs: 'hsr0' already exists in 'hsr'
[  557.541985][ T7839] Cannot create hsr debugfs directory
[  557.910598][   T39] bridge_slave_1: left allmulticast mode
[  557.910629][   T39] bridge_slave_1: left promiscuous mode
[  557.926395][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.029162][   T39] bridge_slave_0: left allmulticast mode
[  558.029194][   T39] bridge_slave_0: left promiscuous mode
[  558.029478][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  558.254897][   T39] bridge_slave_1: left allmulticast mode
[  558.254964][   T39] bridge_slave_1: left promiscuous mode
[  558.255840][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.781055][   T39] bridge_slave_0: left allmulticast mode
[  558.781086][   T39] bridge_slave_0: left promiscuous mode
[  558.781348][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.491851][   T39] bond0 (unregistering): Released all slaves
[  559.506233][ T5806] Bluetooth: hci3: command tx timeout
[  560.322718][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  560.953433][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  561.374506][   T39] bond0 (unregistering): Released all slaves
[  561.584372][ T5806] Bluetooth: hci3: command tx timeout
[  561.624882][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  561.724959][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  561.788294][   T39] bond0 (unregistering): Released all slaves
[  562.274630][ T7971] bridge0: port 1(bridge_slave_0) entered blocking state
[  562.274828][ T7971] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.275024][ T7971] bridge_slave_0: entered allmulticast mode
[  562.323445][ T7971] bridge_slave_0: entered promiscuous mode
[  562.912247][ T7971] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.912506][ T7971] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.912709][ T7971] bridge_slave_1: entered allmulticast mode
[  562.917825][ T7971] bridge_slave_1: entered promiscuous mode
[  563.290004][ T7971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  563.449911][ T7971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  563.664201][ T5806] Bluetooth: hci3: command tx timeout
[  566.488500][ T5806] Bluetooth: hci3: command tx timeout
[  566.594479][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  566.805155][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  568.047633][ T8106] ceph: No mds server is up or the cluster is laggy
[  568.275194][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  568.275265][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  568.497789][   T39] team0 (unregistering): Port device team_slave_0 removed
[  569.296854][   T39] team0 (unregistering): Port device team_slave_1 removed
[  569.564905][   T39] team0 (unregistering): Port device team_slave_0 removed
[  570.770014][ T7971] team0: Port device team_slave_0 added
[  571.130442][ T7971] team0: Port device team_slave_1 added
[  571.983032][ T8134] netlink: 356 bytes leftover after parsing attributes in process `syz.3.459'.
[  572.084606][   T37] kauditd_printk_skb: 167 callbacks suppressed
[  572.084628][   T37] audit: type=1326 audit(1768752508.616:3153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.084681][   T37] audit: type=1326 audit(1768752508.616:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.084728][   T37] audit: type=1326 audit(1768752508.616:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.084776][   T37] audit: type=1326 audit(1768752508.616:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.084826][   T37] audit: type=1326 audit(1768752508.616:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.085488][   T37] audit: type=1326 audit(1768752508.626:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.088762][   T37] audit: type=1326 audit(1768752508.626:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.088819][   T37] audit: type=1326 audit(1768752508.626:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.088870][   T37] audit: type=1326 audit(1768752508.626:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.088919][   T37] audit: type=1326 audit(1768752508.626:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8131 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  572.450188][ T7971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  572.450204][ T7971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  572.450226][ T7971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  572.625037][ T7971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  572.625063][ T7971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  572.625093][ T7971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  573.441896][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.461'.
[  573.441917][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.461'.
[  577.283852][ T8159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.463'.
[  577.284006][ T8159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.463'.
[  579.538608][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  579.694522][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  579.702686][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  579.726728][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  579.727969][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  580.076118][ T7971] hsr_slave_0: entered promiscuous mode
[  580.950027][ T7971] hsr_slave_1: entered promiscuous mode
[  580.970079][ T7971] debugfs: 'hsr0' already exists in 'hsr'
[  580.971022][ T7971] Cannot create hsr debugfs directory
[  581.439177][ T8175] ceph: No mds server is up or the cluster is laggy
[  581.848034][ T5806] Bluetooth: hci4: command tx timeout
[  581.940312][ T8172] 9pnet_fd: Insufficient options for proto=fd
[  583.904194][ T5806] Bluetooth: hci4: command tx timeout
[  584.192695][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'.
[  584.192811][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'.
[  586.363037][ T5806] Bluetooth: hci4: command tx timeout
[  591.199138][ T5817] Bluetooth: hci4: command tx timeout
[  591.640469][ T8218] autofs: Bad value for 'fd'
[  593.954410][ T8064] chnl_net:caif_netlink_parms(): no params data found
[  599.812585][ T8064] bridge0: port 1(bridge_slave_0) entered blocking state
[  599.814423][ T8064] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.814673][ T8064] bridge_slave_0: entered allmulticast mode
[  599.841928][ T8064] bridge_slave_0: entered promiscuous mode
[  599.996500][ T8064] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.996634][ T8064] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.996853][ T8064] bridge_slave_1: entered allmulticast mode
[  599.999650][ T8064] bridge_slave_1: entered promiscuous mode
[  601.338438][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  601.346679][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  601.362164][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  601.363904][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  601.369626][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  602.844575][ T8292] autofs: Bad value for 'fd'
[  603.020632][ T8299] netlink: 356 bytes leftover after parsing attributes in process `syz.1.483'.
[  603.078609][   T37] kauditd_printk_skb: 107 callbacks suppressed
[  603.078669][   T37] audit: type=1326 audit(1768752539.616:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.078816][   T37] audit: type=1326 audit(1768752539.616:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.078969][   T37] audit: type=1326 audit(1768752539.616:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.079019][   T37] audit: type=1326 audit(1768752539.616:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.079140][   T37] audit: type=1326 audit(1768752539.616:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.089217][   T37] audit: type=1326 audit(1768752539.626:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.100581][   T37] audit: type=1326 audit(1768752539.636:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.101852][   T37] audit: type=1326 audit(1768752539.636:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.130496][   T37] audit: type=1326 audit(1768752539.666:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.131485][   T37] audit: type=1326 audit(1768752539.666:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8296 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  603.424460][ T5806] Bluetooth: hci5: command tx timeout
[  605.514948][ T5806] Bluetooth: hci5: command tx timeout
[  605.968834][ T8064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  606.123420][ T8064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  606.819631][ T8318] 9pnet_fd: Insufficient options for proto=fd
[  607.079474][   T39] bridge_slave_1: left allmulticast mode
[  607.079506][   T39] bridge_slave_1: left promiscuous mode
[  607.079746][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.597489][ T5806] Bluetooth: hci5: command tx timeout
[  608.860506][   T39] bridge_slave_0: left allmulticast mode
[  608.860540][   T39] bridge_slave_0: left promiscuous mode
[  608.860848][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.677391][ T5806] Bluetooth: hci5: command tx timeout
[  610.140972][   T39] bridge_slave_1: left allmulticast mode
[  610.141014][   T39] bridge_slave_1: left promiscuous mode
[  610.141266][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.219388][   T39] bridge_slave_0: left allmulticast mode
[  610.219468][   T39] bridge_slave_0: left promiscuous mode
[  610.220423][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  612.927008][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  613.237274][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  613.299262][   T39] bond0 (unregistering): Released all slaves
[  613.526644][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  613.634861][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  613.697526][   T39] bond0 (unregistering): Released all slaves
[  613.734989][ T8165] chnl_net:caif_netlink_parms(): no params data found
[  613.956277][ T8064] team0: Port device team_slave_0 added
[  614.038376][ T8064] team0: Port device team_slave_1 added
[  615.393226][ T8346] autofs: Bad value for 'fd'
[  615.655543][ T8064] batman_adv: batadv0: Adding interface: batadv_slave_0
[  615.655558][ T8064] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  615.655580][ T8064] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  615.757712][ T8064] batman_adv: batadv0: Adding interface: batadv_slave_1
[  615.757732][ T8064] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  615.757763][ T8064] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  616.923294][   T39] hsr_slave_0: left promiscuous mode
[  616.964271][   T39] hsr_slave_1: left promiscuous mode
[  616.965120][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  617.016431][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  617.114313][   T39] hsr_slave_0: left promiscuous mode
[  617.154212][   T39] hsr_slave_1: left promiscuous mode
[  617.156252][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  617.194968][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  617.858824][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  617.863204][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  617.884501][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  617.886517][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  617.887827][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  618.278424][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[  618.278525][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[  620.617587][ T5806] Bluetooth: hci2: command tx timeout
[  620.627496][ T8368] 9pnet_fd: Insufficient options for proto=fd
[  622.244363][ T8377] ceph: No mds server is up or the cluster is laggy
[  622.337889][   T39] team0 (unregistering): Port device team_slave_1 removed
[  622.454740][   T39] team0 (unregistering): Port device team_slave_0 removed
[  622.714207][ T5817] Bluetooth: hci2: command tx timeout
[  623.334771][   T39] team0 (unregistering): Port device team_slave_1 removed
[  623.427399][   T39] team0 (unregistering): Port device team_slave_0 removed
[  624.446927][ T8165] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.447029][ T8165] bridge0: port 1(bridge_slave_0) entered disabled state
[  624.447200][ T8165] bridge_slave_0: entered allmulticast mode
[  624.449305][ T8165] bridge_slave_0: entered promiscuous mode
[  624.690896][ T8165] bridge0: port 2(bridge_slave_1) entered blocking state
[  624.691140][ T8165] bridge0: port 2(bridge_slave_1) entered disabled state
[  624.691368][ T8165] bridge_slave_1: entered allmulticast mode
[  624.708897][ T8165] bridge_slave_1: entered promiscuous mode
[  624.794675][ T5817] Bluetooth: hci2: command tx timeout
[  625.542323][ T8398] autofs: Unknown parameter '00000000000000000000'
[  625.542823][ T8165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  625.628943][ T8165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  626.880488][ T5817] Bluetooth: hci2: command tx timeout
[  627.667105][ T8165] team0: Port device team_slave_0 added
[  627.906239][ T8165] team0: Port device team_slave_1 added
[  628.522814][ T8429] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  628.758189][ T8165] batman_adv: batadv0: Adding interface: batadv_slave_0
[  628.758204][ T8165] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  628.758226][ T8165] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  629.054260][ T8165] batman_adv: batadv0: Adding interface: batadv_slave_1
[  629.054279][ T8165] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  629.054313][ T8165] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  629.094641][ T8433] ceph: No mds server is up or the cluster is laggy
[  629.605043][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  629.609979][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  629.824940][ T8276] chnl_net:caif_netlink_parms(): no params data found
[  630.322185][ T8451] netlink: 8 bytes leftover after parsing attributes in process `syz.1.505'.
[  630.322263][ T8451] netlink: 8 bytes leftover after parsing attributes in process `syz.1.505'.
[  633.328105][ T8165] hsr_slave_0: entered promiscuous mode
[  633.351356][ T8165] hsr_slave_1: entered promiscuous mode
[  633.353887][ T8165] debugfs: 'hsr0' already exists in 'hsr'
[  633.374398][ T8165] Cannot create hsr debugfs directory
[  633.901089][ T8467] 9pnet_fd: Insufficient options for proto=fd
[  636.985653][ T8370] chnl_net:caif_netlink_parms(): no params data found
[  637.525837][ T8496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'.
[  637.525975][ T8496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'.
[  638.517693][ T8497] netlink: 8 bytes leftover after parsing attributes in process `syz.1.511'.
[  638.517831][ T8497] netlink: 8 bytes leftover after parsing attributes in process `syz.1.511'.
[  641.472373][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  641.486601][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  641.488145][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  641.489560][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  641.490659][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  641.901267][ T8507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.512'.
[  641.901344][ T8507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.512'.
[  643.504059][ T5806] Bluetooth: hci3: command tx timeout
[  644.142777][ T8276] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.146985][ T8276] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.147191][ T8276] bridge_slave_0: entered allmulticast mode
[  644.149259][ T8276] bridge_slave_0: entered promiscuous mode
[  644.306370][   T39] bridge_slave_1: left allmulticast mode
[  644.306401][   T39] bridge_slave_1: left promiscuous mode
[  644.306635][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.479757][   T39] bridge_slave_0: left allmulticast mode
[  644.479851][   T39] bridge_slave_0: left promiscuous mode
[  644.481706][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.627297][   T39] bridge_slave_1: left allmulticast mode
[  644.627321][   T39] bridge_slave_1: left promiscuous mode
[  644.627496][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.790530][   T39] bridge_slave_0: left allmulticast mode
[  644.790565][   T39] bridge_slave_0: left promiscuous mode
[  644.827804][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  645.584130][ T5806] Bluetooth: hci3: command tx timeout
[  645.822000][ T8532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'.
[  645.822109][ T8532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'.
[  647.664269][ T5806] Bluetooth: hci3: command tx timeout
[  648.880659][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  649.744293][ T5806] Bluetooth: hci3: command tx timeout
[  649.750263][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  649.899896][   T39] bond0 (unregistering): Released all slaves
[  651.376904][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  651.584420][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.521'.
[  651.584495][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.521'.
[  653.493341][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  653.989593][   T39] bond0 (unregistering): Released all slaves
[  654.059153][ T8276] bridge0: port 2(bridge_slave_1) entered blocking state
[  654.059295][ T8276] bridge0: port 2(bridge_slave_1) entered disabled state
[  654.059532][ T8276] bridge_slave_1: entered allmulticast mode
[  654.062439][ T8276] bridge_slave_1: entered promiscuous mode
[  655.274219][ T8560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.524'.
[  655.274240][ T8560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.524'.
[  655.275108][ T8556] ceph: No mds server is up or the cluster is laggy
[  655.887906][ T8567] netlink: 356 bytes leftover after parsing attributes in process `syz.3.525'.
[  655.952055][   T37] kauditd_printk_skb: 100 callbacks suppressed
[  655.952076][   T37] audit: type=1326 audit(1768752592.486:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.952131][   T37] audit: type=1326 audit(1768752592.486:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.952188][   T37] audit: type=1326 audit(1768752592.486:3382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.952237][   T37] audit: type=1326 audit(1768752592.486:3383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.952287][   T37] audit: type=1326 audit(1768752592.486:3384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.952336][   T37] audit: type=1326 audit(1768752592.486:3385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.952385][   T37] audit: type=1326 audit(1768752592.486:3386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.954607][   T37] audit: type=1326 audit(1768752592.496:3387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.957391][   T37] audit: type=1326 audit(1768752592.496:3388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  655.957717][   T37] audit: type=1326 audit(1768752592.496:3389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8566 comm="syz.3.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  656.836253][ T8573] ceph: No mds server is up or the cluster is laggy
[  657.643140][ T8276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  657.682067][ T8276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.640325][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  658.705200][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  660.344082][   T39] hsr_slave_0: left promiscuous mode
[  660.404084][   T39] hsr_slave_1: left promiscuous mode
[  660.405185][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  660.444979][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  661.129368][   T39] team0 (unregistering): Port device team_slave_1 removed
[  661.417087][   T39] team0 (unregistering): Port device team_slave_0 removed
[  662.108515][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  662.280186][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  662.479144][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  662.552600][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  662.593192][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  664.397154][ T8601] ceph: No mds server is up or the cluster is laggy
[  664.715791][ T5817] Bluetooth: hci4: command tx timeout
[  665.314887][   T39] team0 (unregistering): Port device team_slave_1 removed
[  665.474736][   T39] team0 (unregistering): Port device team_slave_0 removed
[  666.340482][ T8370] bridge0: port 1(bridge_slave_0) entered blocking state
[  666.340719][ T8370] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.340941][ T8370] bridge_slave_0: entered allmulticast mode
[  666.343877][ T8370] bridge_slave_0: entered promiscuous mode
[  666.380260][ T8370] bridge0: port 2(bridge_slave_1) entered blocking state
[  666.380394][ T8370] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.382811][ T8370] bridge_slave_1: entered allmulticast mode
[  666.784747][ T5817] Bluetooth: hci4: command tx timeout
[  667.284235][ T8370] bridge_slave_1: entered promiscuous mode
[  668.865726][ T5817] Bluetooth: hci4: command tx timeout
[  670.944130][ T5817] Bluetooth: hci4: command tx timeout
[  671.163758][ T8370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  671.252682][ T8370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  671.940225][ T8370] team0: Port device team_slave_0 added
[  672.051381][ T8370] team0: Port device team_slave_1 added
[  675.425288][ T8370] batman_adv: batadv0: Adding interface: batadv_slave_0
[  675.425308][ T8370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  675.425340][ T8370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  677.656324][ T8370] batman_adv: batadv0: Adding interface: batadv_slave_1
[  677.656381][ T8370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  677.656453][ T8370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  680.176425][ T8504] chnl_net:caif_netlink_parms(): no params data found
[  680.569695][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  680.583524][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  680.588891][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  680.593216][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  680.595001][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  681.322937][   T39] bridge_slave_1: left allmulticast mode
[  681.322968][   T39] bridge_slave_1: left promiscuous mode
[  681.323231][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  681.368383][   T39] bridge_slave_0: left allmulticast mode
[  681.368409][   T39] bridge_slave_0: left promiscuous mode
[  681.368608][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  681.506250][ T8709] hub 9-0:1.0: USB hub found
[  681.508301][ T8709] hub 9-0:1.0: 1 port detected
[  682.032730][   T39] bridge_slave_1: left allmulticast mode
[  682.032995][   T39] bridge_slave_1: left promiscuous mode
[  682.067493][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.276707][   T39] bridge_slave_0: left allmulticast mode
[  682.279231][   T39] bridge_slave_0: left promiscuous mode
[  682.280174][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.624071][ T5806] Bluetooth: hci2: command tx timeout
[  683.815016][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.916516][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.967645][ T8722] netlink: 356 bytes leftover after parsing attributes in process `syz.3.549'.
[  683.989238][   T39] bond0 (unregistering): Released all slaves
[  684.019451][   T37] kauditd_printk_skb: 68 callbacks suppressed
[  684.019471][   T37] audit: type=1326 audit(1768752620.556:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.020456][   T37] audit: type=1326 audit(1768752620.556:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.020517][   T37] audit: type=1326 audit(1768752620.556:3460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.023154][   T37] audit: type=1326 audit(1768752620.556:3461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.023207][   T37] audit: type=1326 audit(1768752620.556:3462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.032599][   T37] audit: type=1326 audit(1768752620.566:3463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.032757][   T37] audit: type=1326 audit(1768752620.566:3464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.040115][   T37] audit: type=1326 audit(1768752620.576:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.040261][   T37] audit: type=1326 audit(1768752620.576:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.045729][   T37] audit: type=1326 audit(1768752620.576:3467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8720 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec609df749 code=0x7ffc0000
[  684.435985][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  684.536048][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  684.616576][   T39] bond0 (unregistering): Released all slaves
[  684.704086][ T5806] Bluetooth: hci2: command tx timeout
[  685.272059][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.550'.
[  685.272160][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.550'.
[  686.095822][ T8597] chnl_net:caif_netlink_parms(): no params data found
[  686.784104][ T5806] Bluetooth: hci2: command tx timeout
[  689.948959][ T5806] Bluetooth: hci2: command tx timeout
[  690.237311][   T39] hsr_slave_0: left promiscuous mode
[  690.317245][   T39] hsr_slave_1: left promiscuous mode
[  690.318340][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  690.355218][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  690.857074][ T8742] 9p: Bad value for 'rfdno'
[  691.083936][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  691.087309][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  693.914843][   T39] team0 (unregistering): Port device team_slave_1 removed
[  694.055009][   T39] team0 (unregistering): Port device team_slave_0 removed
[  694.720148][ T8504] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.720308][ T8504] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.720503][ T8504] bridge_slave_0: entered allmulticast mode
[  694.723563][ T8504] bridge_slave_0: entered promiscuous mode
[  695.826187][ T8504] bridge0: port 2(bridge_slave_1) entered blocking state
[  695.826801][ T8504] bridge0: port 2(bridge_slave_1) entered disabled state
[  695.827621][ T8504] bridge_slave_1: entered allmulticast mode
[  695.892969][ T8504] bridge_slave_1: entered promiscuous mode
[  696.531653][ T8504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  697.829711][ T8766] ceph: No mds server is up or the cluster is laggy
[  698.030830][ T8504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  698.315867][ T8597] bridge0: port 1(bridge_slave_0) entered blocking state
[  698.316109][ T8597] bridge0: port 1(bridge_slave_0) entered disabled state
[  698.316326][ T8597] bridge_slave_0: entered allmulticast mode
[  698.319096][ T8597] bridge_slave_0: entered promiscuous mode
[  698.556517][ T8776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.560'.
[  698.556591][ T8776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.560'.
[  700.629582][ T8597] bridge0: port 2(bridge_slave_1) entered blocking state
[  700.629907][ T8597] bridge0: port 2(bridge_slave_1) entered disabled state
[  700.630659][ T8597] bridge_slave_1: entered allmulticast mode
[  700.657710][ T8597] bridge_slave_1: entered promiscuous mode
[  701.896249][ T8504] team0: Port device team_slave_0 added
[  702.080104][ T8597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  702.107662][ T8597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  703.292202][ T8597] team0: Port device team_slave_0 added
[  703.349602][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  703.373419][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  703.409071][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  703.412974][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  703.439425][ T5817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  703.863612][ T8597] team0: Port device team_slave_1 added
[  704.313455][ T8597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  704.313512][ T8597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  704.313588][ T8597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  704.413196][ T8699] chnl_net:caif_netlink_parms(): no params data found
[  704.518492][ T8597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  704.518514][ T8597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  704.518547][ T8597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  705.777705][ T5806] Bluetooth: hci3: command tx timeout
[  706.613443][ T8816] ceph: No mds server is up or the cluster is laggy
[  707.852056][ T5806] Bluetooth: hci3: command tx timeout
[  709.568996][ T8826] hub 9-0:1.0: USB hub found
[  709.579196][ T8826] hub 9-0:1.0: 1 port detected
[  710.144820][ T5806] Bluetooth: hci3: command tx timeout
[  710.199950][ T8831] 9p: Bad value for 'rfdno'
[  710.612234][   T39] bridge_slave_1: left allmulticast mode
[  710.612366][   T39] bridge_slave_1: left promiscuous mode
[  710.613300][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  711.082055][   T39] bridge_slave_0: left allmulticast mode
[  711.082098][   T39] bridge_slave_0: left promiscuous mode
[  711.110187][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  712.224283][ T5806] Bluetooth: hci3: command tx timeout
[  712.746905][   T39] bridge_slave_1: left allmulticast mode
[  712.746930][   T39] bridge_slave_1: left promiscuous mode
[  712.747150][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  712.835379][   T39] bridge_slave_0: left allmulticast mode
[  712.835410][   T39] bridge_slave_0: left promiscuous mode
[  712.835599][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  713.096514][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  713.205059][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  713.266514][   T39] bond0 (unregistering): Released all slaves
[  713.504837][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  713.586503][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  713.646478][   T39] bond0 (unregistering): Released all slaves
[  713.708778][ T8597] hsr_slave_0: entered promiscuous mode
[  713.709846][ T8597] hsr_slave_1: entered promiscuous mode
[  713.710885][ T8597] debugfs: 'hsr0' already exists in 'hsr'
[  713.710906][ T8597] Cannot create hsr debugfs directory
[  716.805729][ T5887] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  717.082848][ T8699] bridge0: port 1(bridge_slave_0) entered blocking state
[  717.083089][ T8699] bridge0: port 1(bridge_slave_0) entered disabled state
[  717.083326][ T8699] bridge_slave_0: entered allmulticast mode
[  717.091024][ T8699] bridge_slave_0: entered promiscuous mode
[  717.173841][ T8699] bridge0: port 2(bridge_slave_1) entered blocking state
[  717.179189][ T8699] bridge0: port 2(bridge_slave_1) entered disabled state
[  717.179835][ T8699] bridge_slave_1: entered allmulticast mode
[  717.195067][ T8699] bridge_slave_1: entered promiscuous mode
[  717.227076][ T5887] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  717.227137][ T5887] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  717.227196][ T5887] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  717.227223][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  717.286112][ T5887] usb 2-1: config 0 descriptor??
[  717.614339][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  717.616994][ T6035] usb 2-1: USB disconnect, device number 2
[  717.811711][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  721.176590][   T39] team0 (unregistering): Port device team_slave_0 removed
[  721.824127][ T8861] hub 9-0:1.0: USB hub found
[  721.832187][ T8861] hub 9-0:1.0: 1 port detected
[  725.756914][   T39] team0 (unregistering): Port device team_slave_1 removed
[  725.825388][ T5817] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  725.833587][ T5817] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  725.844625][ T5817] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  725.887077][ T5817] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  725.888622][ T5817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  725.974927][   T39] team0 (unregistering): Port device team_slave_0 removed
[  727.909484][ T5806] Bluetooth: hci5: command tx timeout
[  727.940160][ T8699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  728.073636][ T8699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  729.984148][ T5806] Bluetooth: hci5: command tx timeout
[  730.470456][ T8699] team0: Port device team_slave_0 added
[  730.505675][ T8699] team0: Port device team_slave_1 added
[  731.105284][ T8896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.588'.
[  731.105362][ T8896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.588'.
[  733.050379][ T5806] Bluetooth: hci5: command tx timeout
[  734.921470][ T8699] batman_adv: batadv0: Adding interface: batadv_slave_0
[  734.921584][ T8699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  734.921617][ T8699] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  735.104318][ T5817] Bluetooth: hci5: command tx timeout
[  735.225849][ T8699] batman_adv: batadv0: Adding interface: batadv_slave_1
[  735.225869][ T8699] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  735.225902][ T8699] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  735.868126][ T8914] netlink: 8 bytes leftover after parsing attributes in process `syz.3.591'.
[  735.868228][ T8914] netlink: 8 bytes leftover after parsing attributes in process `syz.3.591'.
[  739.643279][ T8699] hsr_slave_0: entered promiscuous mode
[  739.698354][ T8699] hsr_slave_1: entered promiscuous mode
[  739.701575][ T8699] debugfs: 'hsr0' already exists in 'hsr'
[  739.701606][ T8699] Cannot create hsr debugfs directory
[  739.713635][ T8796] chnl_net:caif_netlink_parms(): no params data found
[  740.802200][ T8796] bridge0: port 1(bridge_slave_0) entered blocking state
[  740.802412][ T8796] bridge0: port 1(bridge_slave_0) entered disabled state
[  740.802821][ T8796] bridge_slave_0: entered allmulticast mode
[  740.836536][ T8796] bridge_slave_0: entered promiscuous mode
[  740.861917][ T8796] bridge0: port 2(bridge_slave_1) entered blocking state
[  740.862054][ T8796] bridge0: port 2(bridge_slave_1) entered disabled state
[  740.862272][ T8796] bridge_slave_1: entered allmulticast mode
[  740.888362][ T8796] bridge_slave_1: entered promiscuous mode
[  741.434725][   T39] bridge_slave_1: left allmulticast mode
[  741.434750][   T39] bridge_slave_1: left promiscuous mode
[  741.434987][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  741.515318][   T39] bridge_slave_0: left allmulticast mode
[  741.515343][   T39] bridge_slave_0: left promiscuous mode
[  741.515569][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.003187][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  743.018896][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  743.027313][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  743.031335][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  743.033395][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  744.185806][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  744.508172][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  744.570651][   T39] bond0 (unregistering): Released all slaves
[  744.918689][ T8796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  744.924722][ T8866] chnl_net:caif_netlink_parms(): no params data found
[  745.133522][ T5817] Bluetooth: hci2: command tx timeout
[  745.384366][ T8796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  747.184082][ T5817] Bluetooth: hci2: command tx timeout
[  748.686110][ T8983] ceph: No mds server is up or the cluster is laggy
[  748.729912][   T39] hsr_slave_0: left promiscuous mode
[  748.755499][   T39] hsr_slave_1: left promiscuous mode
[  748.760374][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[  748.846130][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[  749.272915][ T5817] Bluetooth: hci2: command tx timeout
[  749.659160][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.608'.
[  749.659237][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.608'.
[  750.867845][   T39] team0 (unregistering): Port device team_slave_1 removed
[  751.014896][   T39] team0 (unregistering): Port device team_slave_0 removed
[  751.344055][ T5817] Bluetooth: hci2: command tx timeout
[  752.479351][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  752.479439][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  752.669436][ T8796] team0: Port device team_slave_0 added
[  752.731622][ T8796] team0: Port device team_slave_1 added
[  759.215917][ T8796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  759.216082][ T8796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  759.216116][ T8796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  761.902783][ T8796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  761.902803][ T8796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  761.902836][ T8796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  761.952497][ T8866] bridge0: port 1(bridge_slave_0) entered blocking state
[  761.954802][ T8866] bridge0: port 1(bridge_slave_0) entered disabled state
[  761.955071][ T8866] bridge_slave_0: entered allmulticast mode
[  761.973368][ T8866] bridge_slave_0: entered promiscuous mode
[  762.046648][ T8866] bridge0: port 2(bridge_slave_1) entered blocking state
[  762.046738][ T8866] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.046917][ T8866] bridge_slave_1: entered allmulticast mode
[  762.048772][ T8866] bridge_slave_1: entered promiscuous mode
[  764.758990][ T8866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  765.794498][ T8866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.708098][ T9055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[  767.708174][ T9055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[  767.812574][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  768.441529][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  768.443029][ T5806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  768.445264][ T5806] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  768.451633][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  770.493130][ T8866] team0: Port device team_slave_0 added
[  770.546911][ T8866] team0: Port device team_slave_1 added
[  770.551305][ T5806] Bluetooth: hci4: command tx timeout
[  771.003035][ T9066] hub 9-0:1.0: USB hub found
[  771.048833][ T9066] hub 9-0:1.0: 1 port detected
[  772.628195][ T5806] Bluetooth: hci4: command tx timeout
[  774.704506][ T5806] Bluetooth: hci4: command tx timeout
[  776.026034][   T72] bridge_slave_1: left allmulticast mode
[  776.026067][   T72] bridge_slave_1: left promiscuous mode
[  776.026321][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.098889][   T72] bridge_slave_0: left allmulticast mode
[  776.098920][   T72] bridge_slave_0: left promiscuous mode
[  776.099192][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[  776.783994][ T5806] Bluetooth: hci4: command tx timeout
[  780.145127][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  780.748874][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  780.830357][   T72] bond0 (unregistering): Released all slaves
[  780.952092][ T8866] batman_adv: batadv0: Adding interface: batadv_slave_0
[  780.952108][ T8866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  780.952131][ T8866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  781.070263][ T8866] batman_adv: batadv0: Adding interface: batadv_slave_1
[  781.070282][ T8866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  781.070315][ T8866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  782.373424][ T9113] netlink: 8 bytes leftover after parsing attributes in process `syz.1.635'.
[  782.373502][ T9113] netlink: 8 bytes leftover after parsing attributes in process `syz.1.635'.
[  784.855552][   T72] hsr_slave_0: left promiscuous mode
[  784.914045][   T72] hsr_slave_1: left promiscuous mode
[  784.915137][   T72] batman_adv: batadv0: Removing interface: batadv_slave_0
[  784.968028][   T72] batman_adv: batadv0: Removing interface: batadv_slave_1
[  785.565779][   T72] team0 (unregistering): Port device team_slave_1 removed
[  785.744833][   T72] team0 (unregistering): Port device team_slave_0 removed
[  786.336385][ T9121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.638'.
[  786.336472][ T9121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.638'.
[  788.915069][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  788.942654][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  788.959220][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  788.979818][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  788.995415][ T5817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  790.124534][ T9133] ceph: No mds server is up or the cluster is laggy
[  791.132851][ T5806] Bluetooth: hci3: command tx timeout
[  791.475157][ T9145] netlink: 356 bytes leftover after parsing attributes in process `syz.1.643'.
[  791.527079][   T37] kauditd_printk_skb: 320 callbacks suppressed
[  791.527093][   T37] audit: type=1326 audit(1768752728.066:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.527410][   T37] audit: type=1326 audit(1768752728.066:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.527877][   T37] audit: type=1326 audit(1768752728.066:3790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.528060][   T37] audit: type=1326 audit(1768752728.066:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.528454][   T37] audit: type=1326 audit(1768752728.066:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.529741][   T37] audit: type=1326 audit(1768752728.066:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.530713][   T37] audit: type=1326 audit(1768752728.066:3794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.530769][   T37] audit: type=1326 audit(1768752728.066:3795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.531402][   T37] audit: type=1326 audit(1768752728.066:3796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  791.531614][   T37] audit: type=1326 audit(1768752728.066:3797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba1d6f749 code=0x7ffc0000
[  792.400515][ T8953] chnl_net:caif_netlink_parms(): no params data found
[  793.184170][ T5806] Bluetooth: hci3: command tx timeout
[  794.797117][ T9169] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  795.264050][ T5806] Bluetooth: hci3: command tx timeout
[  795.958906][ T9177] ceph: No mds server is up or the cluster is laggy
[  796.540690][ T8953] bridge0: port 1(bridge_slave_0) entered blocking state
[  796.540918][ T8953] bridge0: port 1(bridge_slave_0) entered disabled state
[  796.541129][ T8953] bridge_slave_0: entered allmulticast mode
[  796.600066][ T8953] bridge_slave_0: entered promiscuous mode
[  797.048417][ T8953] bridge0: port 2(bridge_slave_1) entered blocking state
[  797.048586][ T8953] bridge0: port 2(bridge_slave_1) entered disabled state
[  797.048825][ T8953] bridge_slave_1: entered allmulticast mode
[  797.055006][ T8953] bridge_slave_1: entered promiscuous mode
[  797.344124][ T5806] Bluetooth: hci3: command tx timeout
[  798.054899][ T9193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.652'.
[  798.054979][ T9193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.652'.
[  800.351360][ T8953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  801.407187][ T8953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  802.106535][   T72] bridge_slave_1: left allmulticast mode
[  802.106559][   T72] bridge_slave_1: left promiscuous mode
[  802.106739][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[  802.212400][   T72] bridge_slave_0: left allmulticast mode
[  802.212424][   T72] bridge_slave_0: left promiscuous mode
[  802.212623][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.549202][   T72] bridge_slave_1: left allmulticast mode
[  802.549228][   T72] bridge_slave_1: left promiscuous mode
[  802.549415][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[  802.685065][   T72] bridge_slave_0: left allmulticast mode
[  802.685090][   T72] bridge_slave_0: left promiscuous mode
[  802.685273][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[  803.094761][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.184921][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.246657][   T72] bond0 (unregistering): Released all slaves
[  803.444771][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.525417][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.609832][   T72] bond0 (unregistering): Released all slaves
[  804.702465][ T8953] team0: Port device team_slave_0 added
[  804.731386][ T9053] chnl_net:caif_netlink_parms(): no params data found
[  804.837238][ T5817] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  804.859868][ T5817] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  804.861171][ T5817] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  804.863125][ T5817] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  804.875685][ T5817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  806.446221][ T9234] netlink: 356 bytes leftover after parsing attributes in process `syz.3.661'.
[  806.538203][   T72] batman_adv: batadv0: Removing interface: batadv_slave_0
[  806.594900][   T72] batman_adv: batadv0: Removing interface: batadv_slave_1
[  806.625962][   T72] batman_adv: batadv0: Removing interface: batadv_slave_0
[  806.655277][   T72] batman_adv: batadv0: Removing interface: batadv_slave_1
[  807.273360][ T5806] Bluetooth: hci5: command tx timeout
[  807.523369][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.3.663'.
[  807.523474][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.3.663'.
[  809.700580][ T5817] Bluetooth: hci5: command tx timeout
[  810.096115][   T72] team0 (unregistering): Port device team_slave_1 removed
[  810.753232][ T9256] netlink: 24 bytes leftover after parsing attributes in process `syz.1.665'.
[  810.806921][ T9253] 9p: Bad value for 'rfdno'
[  811.137035][   T72] team0 (unregistering): Port device team_slave_0 removed
[  812.627398][ T5806] Bluetooth: hci5: command tx timeout
[  813.911237][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  813.911323][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  814.527828][   T72] team0 (unregistering): Port device team_slave_1 removed
[  814.644647][   T72] team0 (unregistering): Port device team_slave_0 removed
[  814.704373][ T5806] Bluetooth: hci5: command tx timeout
[  816.059158][ T9275] ceph: No mds server is up or the cluster is laggy
[  816.405230][ T9127] chnl_net:caif_netlink_parms(): no params data found
[  819.856908][ T9296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.674'.
[  819.856938][ T9296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.674'.
[  823.193763][ T9300] ceph: No mds server is up or the cluster is laggy
[  823.238508][ T9053] bridge0: port 1(bridge_slave_0) entered blocking state
[  823.238599][ T9053] bridge0: port 1(bridge_slave_0) entered disabled state
[  823.238748][ T9053] bridge_slave_0: entered allmulticast mode
[  823.406491][ T9053] bridge_slave_0: entered promiscuous mode
[  823.962055][ T9053] bridge0: port 2(bridge_slave_1) entered blocking state
[  823.962193][ T9053] bridge0: port 2(bridge_slave_1) entered disabled state
[  823.962392][ T9053] bridge_slave_1: entered allmulticast mode
[  824.013967][ T9053] bridge_slave_1: entered promiscuous mode
[  825.396438][ T9317] hub 9-0:1.0: USB hub found
[  825.407518][ T9317] hub 9-0:1.0: 1 port detected
[  826.116915][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  826.130967][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  826.139159][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  826.156302][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  826.157311][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  828.306316][ T5806] Bluetooth: hci2: command tx timeout
[  829.489456][ T9127] bridge0: port 1(bridge_slave_0) entered blocking state
[  829.489993][ T9127] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.491055][ T9127] bridge_slave_0: entered allmulticast mode
[  829.521595][ T9127] bridge_slave_0: entered promiscuous mode
[  829.660356][ T9127] bridge0: port 2(bridge_slave_1) entered blocking state
[  829.660515][ T9127] bridge0: port 2(bridge_slave_1) entered disabled state
[  829.660810][ T9127] bridge_slave_1: entered allmulticast mode
[  829.689956][ T9127] bridge_slave_1: entered promiscuous mode
[  830.384058][ T5806] Bluetooth: hci2: command tx timeout
[  830.833216][ T9127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  830.889754][ T9127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  832.474928][ T5806] Bluetooth: hci2: command tx timeout
[  833.332823][ T9343] hub 9-0:1.0: USB hub found
[  833.336477][ T9343] hub 9-0:1.0: 1 port detected
[  834.136874][ T9127] team0: Port device team_slave_0 added
[  834.168976][ T9127] team0: Port device team_slave_1 added
[  834.544195][ T5806] Bluetooth: hci2: command tx timeout
[  836.105329][ T9127] batman_adv: batadv0: Adding interface: batadv_slave_0
[  836.105351][ T9127] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  836.105383][ T9127] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  836.432851][ T9361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.687'.
[  836.432932][ T9361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.687'.
[  838.728971][ T9127] batman_adv: batadv0: Adding interface: batadv_slave_1
[  838.728991][ T9127] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  838.729037][ T9127] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  838.934323][   T72] bridge_slave_1: left allmulticast mode
[  838.934355][   T72] bridge_slave_1: left promiscuous mode
[  838.934637][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[  839.256560][   T72] bridge_slave_0: left allmulticast mode
[  839.256590][   T72] bridge_slave_0: left promiscuous mode
[  839.256823][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[  840.351269][   T72] bridge_slave_1: left allmulticast mode
[  840.351444][   T72] bridge_slave_1: left promiscuous mode
[  840.352581][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[  840.354207][ T9371] ceph: No mds server is up or the cluster is laggy
[  840.479551][   T72] bridge_slave_0: left allmulticast mode
[  840.479768][   T72] bridge_slave_0: left promiscuous mode
[  840.480931][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[  840.819016][   T72] bond0 (unregistering): Released all slaves
[  841.016167][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  841.094877][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  841.159262][   T72] bond0 (unregistering): Released all slaves
[  843.087470][ T9221] chnl_net:caif_netlink_parms(): no params data found
[  844.207585][ T9127] hsr_slave_0: entered promiscuous mode
[  844.208968][ T9127] hsr_slave_1: entered promiscuous mode
[  844.209962][ T9127] debugfs: 'hsr0' already exists in 'hsr'
[  844.209989][ T9127] Cannot create hsr debugfs directory
[  846.466792][   T72] team0 (unregistering): Port device team_slave_0 removed
[  847.294975][ T9405] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  847.312678][ T9405] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  847.314507][ T9405] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  847.317511][ T9405] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  847.325868][ T9405] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  849.402476][ T9221] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.402684][ T9221] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.402895][ T9221] bridge_slave_0: entered allmulticast mode
[  849.458309][ T9405] Bluetooth: hci4: command tx timeout
[  849.459465][ T9221] bridge_slave_0: entered promiscuous mode
[  849.492137][ T9221] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.492475][ T9221] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.500478][ T9221] bridge_slave_1: entered allmulticast mode
[  849.524546][ T9221] bridge_slave_1: entered promiscuous mode
[  849.804664][ T9322] chnl_net:caif_netlink_parms(): no params data found
[  850.805931][ T9221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  851.028862][ T9221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  851.512424][ T9405] Bluetooth: hci4: command tx timeout
[  853.457998][ T9221] team0: Port device team_slave_0 added
[  853.503644][ T9221] team0: Port device team_slave_1 added
[  853.584065][ T9405] Bluetooth: hci4: command tx timeout
[  854.144845][ T9435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.700'.
[  854.144947][ T9435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.700'.
[  856.242330][ T9405] Bluetooth: hci4: command tx timeout
[  857.213299][ T9322] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.252731][ T9322] bridge0: port 1(bridge_slave_0) entered disabled state
[  857.253555][ T9322] bridge_slave_0: entered allmulticast mode
[  857.278385][ T9322] bridge_slave_0: entered promiscuous mode
[  857.661358][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_0
[  857.661373][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  857.661396][ T9221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  857.662013][ T9322] bridge0: port 2(bridge_slave_1) entered blocking state
[  857.662101][ T9322] bridge0: port 2(bridge_slave_1) entered disabled state
[  857.662292][ T9322] bridge_slave_1: entered allmulticast mode
[  857.687551][ T9322] bridge_slave_1: entered promiscuous mode
[  857.967053][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_1
[  857.967069][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  857.967097][ T9221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  859.747745][ T9452] ceph: No mds server is up or the cluster is laggy
[  859.803453][ T9322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.834744][ T9322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  862.172029][ T9470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.707'.
[  862.172130][ T9470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.707'.
[  864.326768][   T72] bridge_slave_1: left allmulticast mode
[  864.326800][   T72] bridge_slave_1: left promiscuous mode
[  864.327048][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[  864.405064][   T72] bridge_slave_0: left allmulticast mode
[  864.405090][   T72] bridge_slave_0: left promiscuous mode
[  864.405356][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[  864.725878][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  864.804789][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  864.869221][   T72] bond0 (unregistering): Released all slaves
[  864.921343][ T9221] hsr_slave_0: entered promiscuous mode
[  864.922410][ T9221] hsr_slave_1: entered promiscuous mode
[  864.923109][ T9221] debugfs: 'hsr0' already exists in 'hsr'
[  864.923128][ T9221] Cannot create hsr debugfs directory
[  864.960657][ T9322] team0: Port device team_slave_0 added
[  865.010481][ T9322] team0: Port device team_slave_1 added
[  865.336618][ T9322] batman_adv: batadv0: Adding interface: batadv_slave_0
[  865.336639][ T9322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  865.336669][ T9322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  865.404256][   T72] hsr_slave_0: left promiscuous mode
[  865.445229][   T72] hsr_slave_1: left promiscuous mode
[  865.447437][   T72] batman_adv: batadv0: Removing interface: batadv_slave_0
[  865.524743][   T72] batman_adv: batadv0: Removing interface: batadv_slave_1
[  866.132601][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.708'.
[  866.132686][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.708'.
[  868.163125][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  868.241990][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  868.293699][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  868.326932][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  868.361644][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  868.995795][ T9484] netlink: 12 bytes leftover after parsing attributes in process `syz.1.710'.
[  870.716844][   T72] team0 (unregistering): Port device team_slave_1 removed
[  870.896532][   T72] team0 (unregistering): Port device team_slave_0 removed
[  871.584311][ T9405] Bluetooth: hci3: command tx timeout
[  872.097214][ T9322] batman_adv: batadv0: Adding interface: batadv_slave_1
[  872.097235][ T9322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  872.097269][ T9322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  872.184078][ T5866] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  872.355300][ T5866] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  872.355365][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  872.355413][ T5866] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  872.355440][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.405598][ T9403] chnl_net:caif_netlink_parms(): no params data found
[  872.462015][ T5866] usb 2-1: config 0 descriptor??
[  873.172753][ T6033] usb 2-1: USB disconnect, device number 3
[  873.664343][ T9405] Bluetooth: hci3: command tx timeout
[  873.721450][ T9322] hsr_slave_0: entered promiscuous mode
[  873.722501][ T9322] hsr_slave_1: entered promiscuous mode
[  873.723126][ T9322] debugfs: 'hsr0' already exists in 'hsr'
[  873.723144][ T9322] Cannot create hsr debugfs directory
[  874.526720][ T9505] hub 9-0:1.0: USB hub found
[  874.534639][ T9505] hub 9-0:1.0: 1 port detected
[  875.263788][ T9506] ==================================================================
[  875.263807][ T9506] BUG: KASAN: slab-use-after-free in rt_spin_lock+0x88/0x3e0
[  875.263867][ T9506] Read of size 1 at addr ffff888049d3f200 by task syz.3.715/9506
[  875.263888][ T9506] 
[  875.263916][ T9506] CPU: 0 UID: 0 PID: 9506 Comm: syz.3.715 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  875.263945][ T9506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  875.263968][ T9506] Call Trace:
[  875.263980][ T9506]  <TASK>
[  875.263990][ T9506]  dump_stack_lvl+0xe8/0x150
[  875.264023][ T9506]  print_report+0xca/0x240
[  875.264053][ T9506]  ? rt_spin_lock+0x88/0x3e0
[  875.264084][ T9506]  kasan_report+0x118/0x150
[  875.264124][ T9506]  ? rt_spin_lock+0x88/0x3e0
[  875.264162][ T9506]  ? __wake_up_common_lock+0x2f/0x1e0
[  875.264192][ T9506]  __kasan_check_byte+0x2a/0x40
[  875.264228][ T9506]  lock_acquire+0x84/0x340
[  875.264260][ T9506]  ? rt_mutex_slowunlock+0x668/0x8a0
[  875.264294][ T9506]  ? reacquire_held_locks+0x104/0x190
[  875.264336][ T9506]  rt_spin_lock+0x88/0x3e0
[  875.264370][ T9506]  ? __wake_up_common_lock+0x2f/0x1e0
[  875.264403][ T9506]  ? __pfx_rt_spin_lock+0x10/0x10
[  875.264437][ T9506]  ? rt_spin_unlock+0x161/0x200
[  875.264473][ T9506]  ? __wake_up_common_lock+0x18a/0x1e0
[  875.264507][ T9506]  __wake_up_common_lock+0x2f/0x1e0
[  875.264538][ T9506]  ? snd_pcm_post_stop+0x14a/0x1e0
[  875.264565][ T9506]  ? __pfx_snd_pcm_post_stop+0x10/0x10
[  875.264589][ T9506]  snd_pcm_action+0x1f4/0x240
[  875.264627][ T9506]  loopback_trigger+0xb82/0x1b60
[  875.264664][ T9506]  ? rcu_is_watching+0x15/0xb0
[  875.264691][ T9506]  snd_pcm_do_start+0xb7/0x180
[  875.264718][ T9506]  snd_pcm_action+0xe7/0x240
[  875.264754][ T9506]  __snd_pcm_lib_xfer+0x1762/0x1d00
[  875.264789][ T9506]  ? __pfx_interleaved_copy+0x10/0x10
[  875.264818][ T9506]  ? __pfx_default_write_copy+0x10/0x10
[  875.264848][ T9506]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  875.264878][ T9506]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[  875.264905][ T9506]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  875.264940][ T9506]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  875.264978][ T9506]  ? snd_pcm_oss_write3+0x1a2/0x350
[  875.265005][ T9506]  snd_pcm_oss_write3+0x1bc/0x350
[  875.265033][ T9506]  snd_pcm_plug_write_transfer+0x2cb/0x4c0
[  875.265069][ T9506]  ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10
[  875.265102][ T9506]  ? snd_pcm_plug_client_channels_buf+0x490/0x640
[  875.265138][ T9506]  snd_pcm_oss_write+0xa31/0xf20
[  875.265170][ T9506]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  875.265198][ T9506]  ? rw_verify_area+0x25b/0x4e0
[  875.265231][ T9506]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  875.265256][ T9506]  vfs_write+0x287/0xb40
[  875.265294][ T9506]  ? __pfx_vfs_write+0x10/0x10
[  875.265329][ T9506]  ? __fget_files+0x2a/0x420
[  875.265355][ T9506]  ? __fget_files+0x2a/0x420
[  875.265379][ T9506]  ? __fget_files+0x3a6/0x420
[  875.265404][ T9506]  ? __fget_files+0x2a/0x420
[  875.265434][ T9506]  ksys_write+0x14b/0x260
[  875.265470][ T9506]  ? __pfx_ksys_write+0x10/0x10
[  875.265510][ T9506]  do_syscall_64+0xec/0xf80
[  875.265536][ T9506]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.265561][ T9506]  ? trace_irq_disable+0x37/0x100
[  875.265587][ T9506]  ? clear_bhb_loop+0x60/0xb0
[  875.265615][ T9506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.265647][ T9506] RIP: 0033:0x7fec609df749
[  875.265676][ T9506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.265699][ T9506] RSP: 002b:00007fec5ec25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  875.265730][ T9506] RAX: ffffffffffffffda RBX: 00007fec60c36090 RCX: 00007fec609df749
[  875.265749][ T9506] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000008
[  875.265766][ T9506] RBP: 00007fec60a63f91 R08: 0000000000000000 R09: 0000000000000000
[  875.265782][ T9506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  875.265797][ T9506] R13: 00007fec60c36128 R14: 00007fec60c36090 R15: 00007ffe9a86c578
[  875.265826][ T9506]  </TASK>
[  875.265836][ T9506] 
[  875.265841][ T9506] Allocated by task 9504:
[  875.265852][ T9506]  kasan_save_track+0x3e/0x80
[  875.265885][ T9506]  __kasan_kmalloc+0x93/0xb0
[  875.265918][ T9506]  __kmalloc_cache_noprof+0x1fb/0x6d0
[  875.265952][ T9506]  snd_pcm_attach_substream+0x5b7/0xb30
[  875.265981][ T9506]  snd_pcm_open_substream+0xb6/0x2410
[  875.266016][ T9506]  snd_pcm_oss_open+0xf2a/0x1bd0
[  875.266038][ T9506]  chrdev_open+0x4cf/0x5e0
[  875.266056][ T9506]  do_dentry_open+0x7d0/0x1270
[  875.266078][ T9506]  vfs_open+0x3b/0x350
[  875.266100][ T9506]  path_openat+0x342a/0x3df0
[  875.266130][ T9506]  do_filp_open+0x1fa/0x410
[  875.266159][ T9506]  do_sys_openat2+0x121/0x200
[  875.266183][ T9506]  __x64_sys_openat+0x138/0x170
[  875.266207][ T9506]  do_syscall_64+0xec/0xf80
[  875.266230][ T9506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.266252][ T9506] 
[  875.266257][ T9506] Freed by task 9504:
[  875.266268][ T9506]  kasan_save_track+0x3e/0x80
[  875.266299][ T9506]  kasan_save_free_info+0x46/0x50
[  875.266324][ T9506]  __kasan_slab_free+0x5c/0x80
[  875.266357][ T9506]  kfree+0x1bd/0x900
[  875.266384][ T9506]  snd_pcm_detach_substream+0x1e1/0x290
[  875.266411][ T9506]  snd_pcm_oss_release+0x184/0x250
[  875.266433][ T9506]  __fput+0x45b/0xa80
[  875.266456][ T9506]  task_work_run+0x1d4/0x260
[  875.266490][ T9506]  get_signal+0x11c4/0x1310
[  875.266512][ T9506]  arch_do_signal_or_restart+0x9a/0x7a0
[  875.266548][ T9506]  exit_to_user_mode_loop+0x87/0x4e0
[  875.266579][ T9506]  do_syscall_64+0x2c1/0xf80
[  875.266602][ T9506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.266624][ T9506] 
[  875.266630][ T9506] The buggy address belongs to the object at ffff888049d3f000
[  875.266630][ T9506]  which belongs to the cache kmalloc-2k of size 2048
[  875.266659][ T9506] The buggy address is located 512 bytes inside of
[  875.266659][ T9506]  freed 2048-byte region [ffff888049d3f000, ffff888049d3f800)
[  875.266684][ T9506] 
[  875.266691][ T9506] The buggy address belongs to the physical page:
[  875.266714][ T9506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888049d3e000 pfn:0x49d38
[  875.266739][ T9506] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  875.266759][ T9506] flags: 0x80000000000240(workingset|head|node=0|zone=1)
[  875.266785][ T9506] page_type: f5(slab)
[  875.266807][ T9506] raw: 0080000000000240 ffff88813ff27000 ffffea00009c7810 ffffea0000be0010
[  875.266828][ T9506] raw: ffff888049d3e000 0000000000080007 00000000f5000000 0000000000000000
[  875.266851][ T9506] head: 0080000000000240 ffff88813ff27000 ffffea00009c7810 ffffea0000be0010
[  875.266872][ T9506] head: ffff888049d3e000 0000000000080007 00000000f5000000 0000000000000000
[  875.266895][ T9506] head: 0080000000000003 ffffea0001274e01 00000000ffffffff 00000000ffffffff
[  875.266917][ T9506] head: 00000007fd9ed77b 0000000000000000 00000000ffffffff 0000000000000008
[  875.266930][ T9506] page dumped because: kasan: bad access detected
[  875.266947][ T9506] page_owner tracks the page as allocated
[  875.266956][ T9506] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5805, tgid 5805 (syz-executor), ts 117796384001, free_ts 99203935908
[  875.266999][ T9506]  post_alloc_hook+0x234/0x290
[  875.267033][ T9506]  get_page_from_freelist+0x28c0/0x2960
[  875.267055][ T9506]  __alloc_frozen_pages_noprof+0x181/0x370
[  875.267078][ T9506]  alloc_pages_mpol+0xd1/0x380
[  875.267098][ T9506]  allocate_slab+0x86/0x3b0
[  875.267123][ T9506]  ___slab_alloc+0xb10/0x13e0
[  875.267145][ T9506]  __slab_alloc+0xc6/0x1f0
[  875.267166][ T9506]  __kmalloc_node_track_caller_noprof+0x2bf/0x810
[  875.267202][ T9506]  kmalloc_reserve+0x136/0x290
[  875.267228][ T9506]  pskb_expand_head+0x19d/0x1160
[  875.267261][ T9506]  netlink_trim+0x1b3/0x2c0
[  875.267288][ T9506]  netlink_broadcast_filtered+0xd6/0x1000
[  875.267317][ T9506]  nlmsg_notify+0xf0/0x1a0
[  875.267347][ T9506]  register_netdevice+0x1705/0x1a90
[  875.267381][ T9506]  cfg80211_register_netdevice+0x138/0x2d0
[  875.267417][ T9506]  ieee80211_if_add+0xe50/0x1370
[  875.267449][ T9506] page last free pid 5784 tgid 5784 stack trace:
[  875.267463][ T9506]  free_unref_folios+0xc28/0x1810
[  875.267497][ T9506]  folios_put_refs+0x569/0x670
[  875.267516][ T9506]  free_pages_and_swap_cache+0x277/0x520
[  875.267543][ T9506]  tlb_flush_mmu+0x3a0/0x680
[  875.267563][ T9506]  tlb_finish_mmu+0xc3/0x1d0
[  875.267583][ T9506]  vms_clear_ptes+0x42b/0x530
[  875.267610][ T9506]  vms_complete_munmap_vmas+0x206/0x8a0
[  875.267635][ T9506]  do_vmi_align_munmap+0x372/0x450
[  875.267666][ T9506]  do_vmi_munmap+0x253/0x2e0
[  875.267689][ T9506]  __vm_munmap+0x207/0x380
[  875.267715][ T9506]  __x64_sys_munmap+0x60/0x70
[  875.267747][ T9506]  do_syscall_64+0xec/0xf80
[  875.267771][ T9506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.267794][ T9506] 
[  875.267800][ T9506] Memory state around the buggy address:
[  875.267813][ T9506]  ffff888049d3f100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  875.267830][ T9506]  ffff888049d3f180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  875.267847][ T9506] >ffff888049d3f200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  875.267860][ T9506]                    ^
[  875.267871][ T9506]  ffff888049d3f280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  875.267887][ T9506]  ffff888049d3f300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  875.267900][ T9506] ==================================================================
[  875.313113][ T9506] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  875.313144][ T9506] CPU: 0 UID: 0 PID: 9506 Comm: syz.3.715 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  875.313202][ T9506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  875.313218][ T9506] Call Trace:
[  875.313229][ T9506]  <TASK>
[  875.313238][ T9506]  vpanic+0x1e0/0x670
[  875.313279][ T9506]  panic+0xb9/0xc0
[  875.313310][ T9506]  ? __pfx_panic+0x10/0x10
[  875.313342][ T9506]  ? preempt_schedule_thunk+0x16/0x30
[  875.313361][ T9506]  ? preempt_schedule_thunk+0x16/0x30
[  875.313378][ T9506]  ? rt_spin_lock+0x88/0x3e0
[  875.313401][ T9506]  check_panic_on_warn+0x89/0xb0
[  875.313426][ T9506]  ? rt_spin_lock+0x88/0x3e0
[  875.313448][ T9506]  end_report+0x6f/0x140
[  875.313472][ T9506]  kasan_report+0x129/0x150
[  875.313498][ T9506]  ? rt_spin_lock+0x88/0x3e0
[  875.313522][ T9506]  ? __wake_up_common_lock+0x2f/0x1e0
[  875.313542][ T9506]  __kasan_check_byte+0x2a/0x40
[  875.313566][ T9506]  lock_acquire+0x84/0x340
[  875.313586][ T9506]  ? rt_mutex_slowunlock+0x668/0x8a0
[  875.313609][ T9506]  ? reacquire_held_locks+0x104/0x190
[  875.313642][ T9506]  rt_spin_lock+0x88/0x3e0
[  875.313664][ T9506]  ? __wake_up_common_lock+0x2f/0x1e0
[  875.313685][ T9506]  ? __pfx_rt_spin_lock+0x10/0x10
[  875.313708][ T9506]  ? rt_spin_unlock+0x161/0x200
[  875.313732][ T9506]  ? __wake_up_common_lock+0x18a/0x1e0
[  875.313753][ T9506]  __wake_up_common_lock+0x2f/0x1e0
[  875.313773][ T9506]  ? snd_pcm_post_stop+0x14a/0x1e0
[  875.313790][ T9506]  ? __pfx_snd_pcm_post_stop+0x10/0x10
[  875.313831][ T9506]  snd_pcm_action+0x1f4/0x240
[  875.313865][ T9506]  loopback_trigger+0xb82/0x1b60
[  875.313892][ T9506]  ? rcu_is_watching+0x15/0xb0
[  875.313918][ T9506]  snd_pcm_do_start+0xb7/0x180
[  875.313942][ T9506]  snd_pcm_action+0xe7/0x240
[  875.313978][ T9506]  __snd_pcm_lib_xfer+0x1762/0x1d00
[  875.314001][ T9506]  ? __pfx_interleaved_copy+0x10/0x10
[  875.314020][ T9506]  ? __pfx_default_write_copy+0x10/0x10
[  875.314040][ T9506]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  875.314059][ T9506]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[  875.314076][ T9506]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  875.314099][ T9506]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  875.314123][ T9506]  ? snd_pcm_oss_write3+0x1a2/0x350
[  875.314140][ T9506]  snd_pcm_oss_write3+0x1bc/0x350
[  875.314178][ T9506]  snd_pcm_plug_write_transfer+0x2cb/0x4c0
[  875.314213][ T9506]  ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10
[  875.314245][ T9506]  ? snd_pcm_plug_client_channels_buf+0x490/0x640
[  875.314284][ T9506]  snd_pcm_oss_write+0xa31/0xf20
[  875.314306][ T9506]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  875.314324][ T9506]  ? rw_verify_area+0x25b/0x4e0
[  875.314346][ T9506]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  875.314362][ T9506]  vfs_write+0x287/0xb40
[  875.314387][ T9506]  ? __pfx_vfs_write+0x10/0x10
[  875.314410][ T9506]  ? __fget_files+0x2a/0x420
[  875.314427][ T9506]  ? __fget_files+0x2a/0x420
[  875.314442][ T9506]  ? __fget_files+0x3a6/0x420
[  875.314458][ T9506]  ? __fget_files+0x2a/0x420
[  875.314477][ T9506]  ksys_write+0x14b/0x260
[  875.314500][ T9506]  ? __pfx_ksys_write+0x10/0x10
[  875.314526][ T9506]  do_syscall_64+0xec/0xf80
[  875.314543][ T9506]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.314559][ T9506]  ? trace_irq_disable+0x37/0x100
[  875.314576][ T9506]  ? clear_bhb_loop+0x60/0xb0
[  875.314594][ T9506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.314610][ T9506] RIP: 0033:0x7fec609df749
[  875.314625][ T9506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.314644][ T9506] RSP: 002b:00007fec5ec25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  875.314661][ T9506] RAX: ffffffffffffffda RBX: 00007fec60c36090 RCX: 00007fec609df749
[  875.314673][ T9506] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000008
[  875.314684][ T9506] RBP: 00007fec60a63f91 R08: 0000000000000000 R09: 0000000000000000
[  875.314694][ T9506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  875.314704][ T9506] R13: 00007fec60c36128 R14: 00007fec60c36090 R15: 00007ffe9a86c578
[  875.314724][ T9506]  </TASK>
[  875.315327][ T9506] Kernel Offset: disabled