last executing test programs:

6m19.93743613s ago: executing program 4 (id=230):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ba}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0x3}, 0x18)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r1)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)
write$bt_hci(r4, &(0x7f0000000380)=ANY=[], 0x20000)

6m18.345497136s ago: executing program 4 (id=236):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETA(r0, 0x89f1, 0x0)
mkdir(0x0, 0x3)
mount$cgroup(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={[{@nofavordynmods}]})
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYRES32=r0], 0x0, 0x26}, 0x28)
r2 = socket$phonet(0x23, 0x2, 0x1)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000300)="77bde92591e64a72273f57de078e95b64e7b697e813b27d40b372241ea90ebeb1fd31af91fe4fb3e18c15f1ea0c689729960a3bdf355fa8302ae099e4231b9a652b03bcdebc431e844af9af5f146b79ba480a591cf0c986c62404fc9102322a24a256ca1c182f86d1c12b403aeb9632380f51746e1d52435120cec3653cb0c4560f06bfdbf49f19048405e2eb100e44311714f5ca2ef8b4547")
sendto$phonet(r2, &(0x7f0000000040), 0x0, 0x4000, &(0x7f0000000100), 0x10)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(r3, 0xc0045401, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="080002920000000500000000000000e10867140000000000d2f636b4e8ce5a95860c99470159b79220d2922b2fa45d032b391d06f3cf42b8480be22f67da18dafb411d53dbcf4b9a5dc2"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x2}, 0x10}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)

6m17.776266557s ago: executing program 4 (id=241):
r0 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r1=>0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, 0x0, &(0x7f0000000600)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r3, 0x0, &(0x7f0000000000)="bda8", 0x2, 0x100, 0x1})
io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0)
write(r2, &(0x7f0000000200)='~', 0x1)

6m17.560875708s ago: executing program 4 (id=244):
syz_open_dev$tty1(0xc, 0x4, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r0, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)})
socket$nl_route(0x10, 0x3, 0x0)
pipe(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
setpgid(r1, 0x0)
setpgid(0x0, r1)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={0x0, 0x0, 0x8}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
ioctl$AUTOFS_IOC_READY(r3, 0x9360, 0x800000000000001)

6m16.721758782s ago: executing program 4 (id=252):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x4aa3, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000500)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f08000000000003003e00ecffffff9a030000000000004000000000000000560000000000000000000000000038000100000002000000030000000500000004000000000000000d20000000400000c801000000000000e20000000000000004000000000040000200000000000000000000000000000000000000dd000000f600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000000000002300"/376], 0x178)
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x6}, 0x51, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)

6m14.99580359s ago: executing program 4 (id=261):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x0)

6m14.111749633s ago: executing program 32 (id=261):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x0)

6m11.073796047s ago: executing program 2 (id=288):
r0 = memfd_create(&(0x7f00000008c0)='+\x88\xc7s\x00\x00\x942nodev\x00\x00\x8cZ_Pv\x03\xa7\xc1\b\xec\x90Q\x85\x83\xcd\x16\xdcw\'\x8a\xe5N\x8c\x17\xfd\xc5\xad\xd5y\x15\x1fx\x17\f\xbc\xd1.\x8cA\x17\x86\xb7-j!Y\x92\xd9\xc4\r8\xd0\xc9X\xa7\x11\xa3\xf0\x8a*\xbc\x87\xcd\x1fl\xfc\xf3]\xb8\xbd\x02\v<\fl\xa6]\xa5\xfb\x05\xcb\x9c\xe2\xc8\x05\xa5\xa5\xeb\xa9\xef\xe3\xf1b\x81\xec\xac\xb6\x80\xd5\xf5S\x85\x06O\x05\xb8\xa1\x15\xcc\x17\xe8s\x95\x95B\xee_\x98\x91)%\x89\xbd[~\xac\xcd\x8e\v%(T^\xc8\xa8\xa9`i\x01m\xef$\x8f5<\xcfA3n\xfd\n>\x03\xae\f \xdbH\'\x05\x82\xdbLE\x14\xcdq\x1abcf\xdb8\xe9a\xa8\x00\x00\x00\x00\x00\x00\x00@\x00'/215, 0x1)
fcntl$addseals(r0, 0x409, 0x1e)

6m10.721723402s ago: executing program 2 (id=292):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)

6m10.281463361s ago: executing program 2 (id=299):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x423}, 0x94)
pipe2(&(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
getresgid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000340))
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @remote, 0x15, 0x3, 'dh\x00', 0x0, 0x4, 0x76}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)

6m9.000106134s ago: executing program 2 (id=303):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x3})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)

6m8.600138313s ago: executing program 2 (id=307):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0xfffc, @multicast2}, 0x2}}, 0x2e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000040000000500b600080009000200000008000c00a60a0000060001000500004008000b"], 0x40}, 0x1, 0x0, 0x0, 0x94ced4add106a01f}, 0x4040)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x94ced4add106a01f}, 0x4040)

6m8.548467185s ago: executing program 2 (id=308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

5m53.360300191s ago: executing program 33 (id=308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

5m28.021450305s ago: executing program 3 (id=437):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x40010)

5m24.481367696s ago: executing program 3 (id=444):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000c80)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0xa000, {0x0, 0x0, 0x0, r3, {0x6, 0x7}, {0x0, 0xfff1}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x8, 0x2, [@TCA_FW_ACT={0x4}]}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x0)

5m21.395022055s ago: executing program 3 (id=457):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x18)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[], 0x30}}, 0x44)

5m21.257083041s ago: executing program 3 (id=459):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=@base={0xa, 0x4, 0x4, 0xc}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080), 0x106, 0x9}}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, &(0x7f0000000000), &(0x7f0000000140)=r2}, 0x20)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x1, 0x8, 0x1c, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})

5m20.950576429s ago: executing program 3 (id=460):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010328bd7000fedbdf251c0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x10)

5m20.106903895s ago: executing program 3 (id=461):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x10001}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x3, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r6 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r7=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r6, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r7}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5m4.98596597s ago: executing program 34 (id=461):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x10001}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x3, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r6 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r7=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r6, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r7}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3m6.867843549s ago: executing program 0 (id=754):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x5, &(0x7f0000000040)={0x300, 0x1, 0x42, 0xfffffffffffffffc})

3m6.622052068s ago: executing program 0 (id=756):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x19, 0x17, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x57, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000c80)={0x1, 0x0, 0x1}, 0x10, 0xffffffffffffffff, r0, 0x0, 0x0, 0x0, 0x10, 0x83a}, 0x94)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x53)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='tlb_flush\x00', r1}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x7c)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

3m6.456671092s ago: executing program 0 (id=757):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$inet_udp(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x2, 0x0, &(0x7f0000000200)=<r3=>0x0)
timer_getoverrun(r3)

3m4.918079978s ago: executing program 0 (id=761):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = creat(0x0, 0x10)
ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x2903097, 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x206d0d1, 0x0)
umount2(&(0x7f0000000080)='./file0/file0\x00', 0x1)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x0)

3m4.575568049s ago: executing program 0 (id=762):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010328bd7000fedbdf251c0000000c00018008000100", @ANYRES32=r4], 0x20}}, 0x10)

3m2.789681873s ago: executing program 0 (id=763):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x5, &(0x7f0000000040)={0x300, 0x1, 0x42, 0xfffffffffffffffc})

3m2.47764538s ago: executing program 35 (id=763):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x5, &(0x7f0000000040)={0x300, 0x1, 0x42, 0xfffffffffffffffc})

39.714992372s ago: executing program 5 (id=1184):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000000a3c0)=@newtaction={0x488, 0x30, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x10000, 0x325, 0x81, 0x5, 0x7, 0x5, 0x6, 0x599ff518, 0x5, 0x6, 0x4000002, 0x8, 0x400, 0xff, 0x1, 0x1, 0xff, 0xbd, 0x7, 0xffff, 0x200, 0x0, 0x7fff, 0x5, 0x0, 0xd, 0x3, 0x3, 0x5, 0x80000041, 0x3477, 0x800, 0x0, 0x8, 0x3db, 0x0, 0x1, 0x7f, 0x56, 0x40, 0x4, 0x1000, 0x5, 0x5, 0xcc5, 0x400, 0x1, 0x64f3, 0x7999, 0x401, 0xe, 0x1, 0xfffffffb, 0x428a0562, 0xd7, 0xd, 0xb1, 0xa23, 0x2768, 0x200, 0x1, 0x7fffffff, 0x1, 0x81, 0x3, 0x5, 0x8, 0x9, 0x4, 0x3, 0x5, 0xffff0001, 0x9, 0x6, 0x8, 0x7, 0x9, 0x5, 0x3, 0x4, 0xff, 0x8000, 0x3c, 0x1ff, 0xffff, 0x6, 0xffff8001, 0x1, 0x6, 0x1, 0x48275caf, 0x7, 0x5, 0x100, 0x3ff, 0x9, 0x9, 0xffffffff, 0x4, 0x1a, 0x101, 0x8000, 0xff, 0xef6f, 0x1, 0x7, 0xccd, 0x7, 0xc6, 0x3, 0x3, 0x401, 0xfffffffb, 0x4, 0x612, 0x2, 0x5, 0x2, 0x1, 0x0, 0x5, 0x3, 0x4956198f, 0x401, 0x3c, 0x7, 0x6, 0x8, 0x101, 0x1, 0x3, 0x6, 0x3320, 0x5, 0x4, 0x6, 0x2, 0xa, 0xffffffff, 0xec6e, 0x1, 0x4, 0xff, 0x1876, 0x4, 0xfe, 0x8, 0x100, 0x5, 0x6, 0x2e80, 0x6, 0x4, 0x9, 0x0, 0xffffffab, 0x3, 0x1000, 0x3ff, 0x1, 0x3, 0x2e70, 0x8, 0xf3d6, 0xb3f, 0xfffffc00, 0x7, 0x0, 0xff, 0x0, 0x8000, 0x12d00, 0x9, 0xd, 0x8, 0x7f, 0x7, 0x2, 0x4, 0x4, 0xf26, 0x3, 0x1, 0xffffffff, 0x6, 0x1, 0x7, 0x3, 0x3, 0x5, 0x3, 0x64a, 0x1000, 0x100, 0x2, 0x1, 0x0, 0x470121f0, 0x93d0, 0x9, 0x3, 0xfffffff9, 0x3, 0x8, 0xf935, 0x7, 0x8, 0x8000, 0x40, 0x4, 0x4, 0x400004, 0x80, 0x8, 0x3, 0x2, 0x5, 0x1, 0x3b05, 0x6, 0x6, 0x3, 0xfffffffd, 0x7fffffff, 0x1, 0x0, 0x38, 0x4, 0x30a6, 0x7fffffff, 0x3, 0x9, 0x3, 0x1, 0x8, 0xfffffff9, 0x6, 0x47d, 0x5, 0x0, 0x80000001, 0x1, 0x0, 0x8, 0x2, 0x1, 0x5, 0x10, 0x4, 0x10, 0x2, 0x2, 0x38000, 0x2, 0x460, 0xffff5824]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xb, 0x10000000, 0xc6d, 0x101, 0x6, {0x4, 0x0, 0x2, 0x6, 0x9, 0x10001}, {0x3, 0x0, 0x703, 0x2, 0x1, 0xbd4b}, 0x0, 0x2a6, 0x4}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x488}, 0x1, 0x0, 0x0, 0x40014}, 0x2400c800)
setreuid(0xee00, 0x0)
keyctl$join(0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES64=0x0, @ANYRES16=r1, @ANYRESOCT=0x0], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000003c0)='ext4_evict_inode\x00', r2, 0x0, 0x20000000}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0xa47, @loopback}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000b40)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000000380)=<r5=>0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, 0x0, 0x0, 0x7a, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, 0x0, 0x0)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r4, &(0x7f0000000140)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1b, 0x6, &(0x7f0000000540)=ANY=[@ANYBLOB="180000005a1b0000000000000300000027360600f0ffffff180000000c000000000000000600000095000000000000005922d748cda5ac4eb0c776a96d9e8fc2c6e3e6"], &(0x7f0000000400)='syzkaller\x00', 0x2, 0x55, &(0x7f00000004c0)=""/85, 0x40f00, 0x44, '\x00', 0x0, @fallback=0x5, r6, 0x8, &(0x7f0000000640)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x0, 0x8, 0x4, 0xedd}, 0x10, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f"], 0x0)

36.126210366s ago: executing program 5 (id=1202):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)

35.357460487s ago: executing program 5 (id=1209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000", @ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYRESOCT], 0x5c}}, 0x0)

34.663479778s ago: executing program 5 (id=1214):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000440)="d800000018007b7be00212ba0d0505040a003f00000f040b067c55a1bc000900b80006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b3162700e06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5005ccca262f3d40fad95667e04adcdf63cc1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f0000", 0xc7}, {&(0x7f0000000100)="d8bcf4de", 0x4}], 0x2, 0x0, 0x0, 0x2663}, 0x0)

34.487917627s ago: executing program 5 (id=1215):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="100000000400000008000000ef"], 0x48)

34.38151907s ago: executing program 5 (id=1216):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x5400, 0x0)

33.30639892s ago: executing program 1 (id=1227):
faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040001000800b30001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000000000000701", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0), 0x300, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000980), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r1, 0x0, 0x5cfcc175}, 0x18)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = io_uring_setup(0x1690, &(0x7f0000000640)={0x0, 0xaa95, 0x20000, 0x200, 0x277})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x9)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x24048046)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x20000000)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x6}, 0x18)
lsetxattr$system_posix_acl(0x0, &(0x7f00000003c0)='system.posix_acl_access\x00', 0x0, 0x24, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0x3, 0x6}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

31.838047395s ago: executing program 1 (id=1231):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

31.678815587s ago: executing program 1 (id=1232):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x4a, &(0x7f0000000940)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6000a81300142c00fe80000000000000000000bbfe80001000000000000000000000b0a2d9ea00aa3a000033"], 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)

31.333484807s ago: executing program 1 (id=1235):
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0xffffffffffffffff, 0x0})
io_uring_enter(r0, 0x847ba, 0x2000, 0xe, 0x0, 0x0)

30.692896573s ago: executing program 1 (id=1239):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
preadv(r1, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)

29.481579691s ago: executing program 6 (id=1243):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

28.939401233s ago: executing program 6 (id=1244):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fbdb0cf81c00000018000180140002007475"], 0x2c}}, 0x0)

28.672991655s ago: executing program 1 (id=1246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
sendmsg$can_bcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0104000001"], 0x48}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r2, 0x0, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
readv(r6, &(0x7f0000002540)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f0000000040)={0x1000, 0x7fff, 0x3, 0x2}, 0x10)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000021c0)=ANY=[@ANYBLOB="181600002400e5ff25bd7000fedbdf25051600800c00"], 0x1618}], 0x1}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r4, 0x10e, 0x8, &(0x7f0000000080)=0x6, 0x4)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x41)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x14, 0x36, 0x107, 0xfffffffc, 0x65dfdbfd, {0x4, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x488c0}, 0xc050)
socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r8, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x8010)

28.658901846s ago: executing program 6 (id=1247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

28.233037902s ago: executing program 6 (id=1252):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x0)
r1 = openat$sysfs(0xffffff9c, 0x0, 0x1c9a82, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$can_raw(0x1d, 0x3, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xdb5be383a3bd68e1, 0x12, r1, 0x8000000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x14, 0x0, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000900)={{r4}, &(0x7f0000000880), &(0x7f00000008c0)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r3, 0x40107446, &(0x7f0000000080)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

27.986967555s ago: executing program 6 (id=1254):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

27.841917055s ago: executing program 6 (id=1255):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
bind$qrtr(r2, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)
r3 = dup2(r0, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x3}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xeb4, 0x30, 0xb, 0x0, 0x0, {}, [{0xea0, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb, 0x0, 0x0, 0x0, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0xffffffff}, {}, {}, {}, {0xae8}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x40}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffff951}, {0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {0x6}, {0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffc}, {0x0, 0x0, 0x8001}, {}, {0x0, 0x0, 0xff}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x1, 0x0, 0x0, 0x401}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x1d4ce113}, {}, {0x400}, {}, {}, {0x0, 0xffffffff, 0x0, 0x0, 0x9}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {0x1}, {0x2}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x400000}, {}, {}, {}, {0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x4000}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x40}], [{}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x6}, {}, {}, {}, {0x0, 0x2}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {0x3}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x721119ea02b29831}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb4}}, 0x4000)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r7, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f00000001c0)='\x00\x00\x00\x00\x00\x00\x00', 0x7}], 0x2)
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000080)={<r8=>0x0, 0x4}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000340)={r8, 0x69, "9bb8a7b05bbffd064d1dc5e0871de02e838966bb6f5ce547630534db39898e35a80531bce4216c64fca7e7565cad6951506a26490223edf9830680dd025593e0111698e28a1fe1447c3db87ed13bce89557fafe44d59554e418bb26462e70372dca15b0abfc2c634b8"}, &(0x7f00000001c0)=0x71)

24.721582988s ago: executing program 7 (id=1271):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001", @ANYRESOCT=0x0], 0xc4}}, 0x20010890)

23.426091733s ago: executing program 7 (id=1273):
r0 = semget$private(0x0, 0x20000000102, 0x208)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000680))
semctl$GETPID(r0, 0x4, 0xb, 0x0)
r1 = gettid()
wait4(r1, &(0x7f0000000200), 0x0, &(0x7f0000000480))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000e40)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0209000907000000000000000000000005000700320000000a"], 0x38}}, 0x0)

23.069504938s ago: executing program 7 (id=1275):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000", @ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e00000020000280", @ANYRESOCT], 0x5c}}, 0x0)

22.931283374s ago: executing program 7 (id=1277):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket(0x840000000002, 0x3, 0x100)
setsockopt$sock_int(r1, 0x1, 0x1b, &(0x7f0000000200)=0x2, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000001800f3d202000000fddbdf25020000040c00c807000000008e0016800800060400000000f5ed4fa22b703073b1"], 0x28}}, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, 0x0, 0x0)
sendmsg$key(r0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB="23001f069e0613ee7f2eff000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x66, 0x0, 0x0, 0x2}, @initr0, @exit, @alu={0x4, 0x0, 0x3, 0x3, 0x0, 0xff00, 0x4}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x6b, &(0x7f000000cf3d)=""/195, 0x41100, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1400000}, 0x94)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400000004", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e6ffffff21c55be32e4069a800"/27], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x22020600)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r10, r9, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, 0x0, &(0x7f0000000080)=r6}, 0x20)
recvmsg$unix(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001780)=""/4071, 0xfe7}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000400)=""/133, 0xe8b}], 0x9}, 0x40020000)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0xfffe}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00'})

22.670823411s ago: executing program 7 (id=1280):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_usbip_server_init(0x5)

21.335920208s ago: executing program 7 (id=1283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

19.320189508s ago: executing program 36 (id=1216):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x5400, 0x0)

16.04023306s ago: executing program 8 (id=1298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000", @ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000", @ANYRESOCT], 0x5c}}, 0x0)

15.904633299s ago: executing program 8 (id=1299):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x0)
r1 = openat$sysfs(0xffffff9c, 0x0, 0x1c9a82, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$can_raw(0x1d, 0x3, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xdb5be383a3bd68e1, 0x12, r1, 0x8000000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x14, &(0x7f0000000180)=0x8, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000900)={{r4}, &(0x7f0000000880), &(0x7f00000008c0)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r3, 0x40107446, &(0x7f0000000080)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

15.751695428s ago: executing program 8 (id=1300):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000300)={0x11, 0x1b, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

15.523053721s ago: executing program 8 (id=1301):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket(0x840000000002, 0x3, 0x100)
setsockopt$sock_int(r1, 0x1, 0x1b, &(0x7f0000000200)=0x2, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000001800f3d202000000fddbdf25020000040c00c807000000008e0016800800060400000000f5ed4fa22b703073b1"], 0x28}}, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, 0x0, 0x0)
sendmsg$key(r0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB="23001f069e0613ee7f2eff000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x66, 0x0, 0x0, 0x2}, @initr0, @exit, @alu={0x4, 0x0, 0x3, 0x3, 0x0, 0xff00, 0x4}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x6b, &(0x7f000000cf3d)=""/195, 0x41100, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1400000}, 0x94)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400000004", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e6ffffff21c55be32e4069a800"/27], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x22020600)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r10, r9, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, 0x0, &(0x7f0000000080)=r6}, 0x20)
recvmsg$unix(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001780)=""/4071, 0xfe7}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000400)=""/133, 0xe8b}], 0x9}, 0x40020000)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0xfffe}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00'})

15.255750945s ago: executing program 8 (id=1302):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r3 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f00000005c0)="9f", 0x1}], 0x1}, 0x3e8)

15.105593407s ago: executing program 8 (id=1303):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0x65, 0x66, 0x0, 0x40, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x1e, 0x0, 0x6}]}}, {0x4e20, 0x4e21, 0x4d, 0x0, @wg=@data={0x4, 0x202, 0x4, "e8771ac366586e56f446dcd22ec94c672f1cd650516a2fbeddd0cb5cffc4ef63a1c2be9551171e48bb8559ac9077c099289048d76d"}}}}, 0x73)

12.99000366s ago: executing program 37 (id=1246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
sendmsg$can_bcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0104000001"], 0x48}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r2, 0x0, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
readv(r6, &(0x7f0000002540)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f0000000040)={0x1000, 0x7fff, 0x3, 0x2}, 0x10)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000021c0)=ANY=[@ANYBLOB="181600002400e5ff25bd7000fedbdf25051600800c00"], 0x1618}], 0x1}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r4, 0x10e, 0x8, &(0x7f0000000080)=0x6, 0x4)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x41)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x14, 0x36, 0x107, 0xfffffffc, 0x65dfdbfd, {0x4, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x488c0}, 0xc050)
socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r8, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x8010)

12.020090857s ago: executing program 38 (id=1255):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
bind$qrtr(r2, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)
r3 = dup2(r0, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x3}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xeb4, 0x30, 0xb, 0x0, 0x0, {}, [{0xea0, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb, 0x0, 0x0, 0x0, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0xffffffff}, {}, {}, {}, {0xae8}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x40}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffff951}, {0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {0x6}, {0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffc}, {0x0, 0x0, 0x8001}, {}, {0x0, 0x0, 0xff}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x1, 0x0, 0x0, 0x401}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x1d4ce113}, {}, {0x400}, {}, {}, {0x0, 0xffffffff, 0x0, 0x0, 0x9}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {0x1}, {0x2}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x400000}, {}, {}, {}, {0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x4000}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x40}], [{}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x6}, {}, {}, {}, {0x0, 0x2}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {0x3}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x721119ea02b29831}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb4}}, 0x4000)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r7, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f00000001c0)='\x00\x00\x00\x00\x00\x00\x00', 0x7}], 0x2)
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000080)={<r8=>0x0, 0x4}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000340)={r8, 0x69, "9bb8a7b05bbffd064d1dc5e0871de02e838966bb6f5ce547630534db39898e35a80531bce4216c64fca7e7565cad6951506a26490223edf9830680dd025593e0111698e28a1fe1447c3db87ed13bce89557fafe44d59554e418bb26462e70372dca15b0abfc2c634b8"}, &(0x7f00000001c0)=0x71)

5.989282074s ago: executing program 39 (id=1283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

0s ago: executing program 40 (id=1303):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0x65, 0x66, 0x0, 0x40, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x1e, 0x0, 0x6}]}}, {0x4e20, 0x4e21, 0x4d, 0x0, @wg=@data={0x4, 0x202, 0x4, "e8771ac366586e56f446dcd22ec94c672f1cd650516a2fbeddd0cb5cffc4ef63a1c2be9551171e48bb8559ac9077c099289048d76d"}}}}, 0x73)

kernel console output (not intermixed with test programs):

507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.116919][ T7507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.516995][ T7507] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.517012][ T7507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.517039][ T7507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.911337][ T7726] blktrace: Concurrent blktraces are not allowed on sg0
[  274.297916][ T7729] syzkaller1: entered promiscuous mode
[  274.297952][ T7729] syzkaller1: entered allmulticast mode
[  274.864699][ T7507] hsr_slave_0: entered promiscuous mode
[  274.868634][ T7507] hsr_slave_1: entered promiscuous mode
[  274.869693][ T7507] debugfs: 'hsr0' already exists in 'hsr'
[  274.869721][ T7507] Cannot create hsr debugfs directory
[  276.726098][ T7635] chnl_net:caif_netlink_parms(): no params data found
[  279.644547][ T7635] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.648288][ T7635] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.648584][ T7635] bridge_slave_0: entered allmulticast mode
[  279.657546][ T7635] bridge_slave_0: entered promiscuous mode
[  279.670206][ T7635] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.670395][ T7635] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.670651][ T7635] bridge_slave_1: entered allmulticast mode
[  279.682961][ T7635] bridge_slave_1: entered promiscuous mode
[  281.106344][ T7635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.170239][ T7635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.241640][ T3033] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.722515][ T7833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.584'.
[  282.779538][ T3033] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.834429][ T7635] team0: Port device team_slave_0 added
[  282.848861][ T7635] team0: Port device team_slave_1 added
[  284.137446][ T7844] lo speed is unknown, defaulting to 1000
[  284.137933][ T7844] lo speed is unknown, defaulting to 1000
[  284.142699][ T7844] lo speed is unknown, defaulting to 1000
[  284.151739][ T7844] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  284.166547][ T7844] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  284.211145][ T7844] lo speed is unknown, defaulting to 1000
[  284.214381][ T7844] lo speed is unknown, defaulting to 1000
[  284.217581][ T7844] lo speed is unknown, defaulting to 1000
[  284.220574][ T7844] lo speed is unknown, defaulting to 1000
[  284.225365][ T7844] lo speed is unknown, defaulting to 1000
[  284.228108][ T7844] lo speed is unknown, defaulting to 1000
[  284.332936][ T3033] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.377933][ T7844] lo speed is unknown, defaulting to 1000
[  284.408918][ T7635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.408937][ T7635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.408966][ T7635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.412078][ T7424] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  285.625786][ T7635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.625804][ T7635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.625835][ T7635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.630234][ T7424] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  285.826326][ T7424] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  285.932123][ T3033] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.013069][ T7865] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  286.013097][ T7865] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  286.013432][ T7865] vhci_hcd vhci_hcd.0: Device attached
[  286.014076][ T7866] vhci_hcd: connection closed
[  286.026935][ T1183] vhci_hcd: stop threads
[  286.026954][ T1183] vhci_hcd: release socket
[  286.026989][ T1183] vhci_hcd: disconnect device
[  286.114641][ T7424] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  286.272646][ T7873] netlink: 8 bytes leftover after parsing attributes in process `syz.1.592'.
[  286.383670][ T7873] vlan2: entered allmulticast mode
[  286.537311][ T7635] hsr_slave_0: entered promiscuous mode
[  286.538847][ T7635] hsr_slave_1: entered promiscuous mode
[  286.541607][ T7635] debugfs: 'hsr0' already exists in 'hsr'
[  286.541634][ T7635] Cannot create hsr debugfs directory
[  288.657330][ T7507] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  288.898412][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  288.905077][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  288.912010][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  288.917307][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  288.918252][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  289.098215][ T7507] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  289.464713][ T7507] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  289.569392][ T7507] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  289.868826][ T3033] bridge_slave_1: left allmulticast mode
[  289.868863][ T3033] bridge_slave_1: left promiscuous mode
[  289.869148][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.957993][ T3033] bridge_slave_0: left allmulticast mode
[  289.958029][ T3033] bridge_slave_0: left promiscuous mode
[  289.958318][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.073388][ T3033] bridge_slave_1: left allmulticast mode
[  290.073425][ T3033] bridge_slave_1: left promiscuous mode
[  290.073703][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.163105][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.602'.
[  290.199096][ T3033] bridge_slave_0: left allmulticast mode
[  290.199131][ T3033] bridge_slave_0: left promiscuous mode
[  290.199935][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.422850][ T7918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.603'.
[  290.985840][ T5849] Bluetooth: hci5: command tx timeout
[  291.110059][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.206410][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.278227][ T3033] bond0 (unregistering): Released all slaves
[  292.757625][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  292.816556][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  292.860996][ T3033] bond0 (unregistering): Released all slaves
[  292.884386][ T3033] bond1 (unregistering): Released all slaves
[  293.076733][ T5849] Bluetooth: hci5: command tx timeout
[  293.343702][ T7922] netlink: 'syz.0.605': attribute type 4 has an invalid length.
[  293.343725][ T7922] netlink: 152 bytes leftover after parsing attributes in process `syz.0.605'.
[  293.427696][ T7899] lo speed is unknown, defaulting to 1000
[  293.430333][ T7922] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  295.145636][ T5849] Bluetooth: hci5: command tx timeout
[  295.840201][ T7948] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.843343][ T7948] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.856021][ T7948] bridge0: entered allmulticast mode
[  295.876915][ T7951] bridge_slave_1: left allmulticast mode
[  295.877420][ T7951] bridge_slave_1: left promiscuous mode
[  295.907338][ T7951] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.933818][ T7953] netlink: 'syz.1.618': attribute type 4 has an invalid length.
[  295.933841][ T7953] netlink: 152 bytes leftover after parsing attributes in process `syz.1.618'.
[  295.999957][ T7951] bridge_slave_0: left promiscuous mode
[  296.000243][ T7951] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.556116][ T7953] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  297.208819][ T3033] hsr_slave_0: left promiscuous mode
[  297.225892][ T5849] Bluetooth: hci5: command tx timeout
[  297.265598][ T3033] hsr_slave_1: left promiscuous mode
[  297.266623][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.326845][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.411917][   T59] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  297.428812][   T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  297.432106][   T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  297.433734][   T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  297.434953][   T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  297.532762][   T38] kauditd_printk_skb: 97 callbacks suppressed
[  297.532782][   T38] audit: type=1326 audit(1757212200.040:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7971 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  297.533064][   T38] audit: type=1326 audit(1757212200.040:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7971 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  297.533912][   T38] audit: type=1326 audit(1757212200.040:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7971 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  297.533961][   T38] audit: type=1326 audit(1757212200.040:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7971 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  297.534014][   T38] audit: type=1326 audit(1757212200.040:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7971 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  297.741607][ T3033] hsr_slave_0: left promiscuous mode
[  297.780859][ T3033] hsr_slave_1: left promiscuous mode
[  297.894092][ T3033] veth1_macvtap: left promiscuous mode
[  297.894223][ T3033] veth0_macvtap: left promiscuous mode
[  297.894570][ T3033] veth1_vlan: left promiscuous mode
[  297.894791][ T3033] veth0_vlan: left promiscuous mode
[  299.056302][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  299.189256][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  299.549810][ T5849] Bluetooth: hci3: command tx timeout
[  301.625801][ T5849] Bluetooth: hci3: command tx timeout
[  301.838198][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  302.058633][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  303.705782][ T5849] Bluetooth: hci3: command tx timeout
[  305.248090][ T7969] lo speed is unknown, defaulting to 1000
[  305.805700][ T5849] Bluetooth: hci3: command tx timeout
[  305.875923][ T7899] chnl_net:caif_netlink_parms(): no params data found
[  306.188286][ T7635] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  306.402601][ T7635] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  306.504813][ T7635] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  306.665783][ T7635] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  307.651948][ T8019] bond1 (unregistering): Released all slaves
[  307.825809][ T7899] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.825963][ T7899] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.826216][ T7899] bridge_slave_0: entered allmulticast mode
[  307.829356][ T7899] bridge_slave_0: entered promiscuous mode
[  307.905644][ T7899] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.905809][ T7899] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.906074][ T7899] bridge_slave_1: entered allmulticast mode
[  307.946684][ T7899] bridge_slave_1: entered promiscuous mode
[  308.869820][ T7899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.964113][ T7899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.941299][ T7899] team0: Port device team_slave_0 added
[  309.969874][ T7969] chnl_net:caif_netlink_parms(): no params data found
[  310.212784][ T3033] IPVS: stop unused estimator thread 0...
[  310.220782][ T7899] team0: Port device team_slave_1 added
[  310.975208][ T7899] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.975225][ T7899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.975249][ T7899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.014390][ T7899] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.014415][ T7899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.014454][ T7899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.134282][   T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  311.158729][   T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  311.166271][   T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  311.172096][   T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  311.172972][   T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  311.962768][ T7969] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.962911][ T7969] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.963115][ T7969] bridge_slave_0: entered allmulticast mode
[  311.990491][ T7969] bridge_slave_0: entered promiscuous mode
[  312.174039][ T7969] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.174157][ T7969] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.174353][ T7969] bridge_slave_1: entered allmulticast mode
[  312.203892][ T7969] bridge_slave_1: entered promiscuous mode
[  312.228754][ T7899] hsr_slave_0: entered promiscuous mode
[  312.237730][ T7899] hsr_slave_1: entered promiscuous mode
[  312.245938][ T7899] debugfs: 'hsr0' already exists in 'hsr'
[  312.245974][ T7899] Cannot create hsr debugfs directory
[  312.504676][ T8080] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  313.305720][ T5849] Bluetooth: hci4: command tx timeout
[  313.730093][ T7969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.004691][ T7969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  314.021847][ T8064] lo speed is unknown, defaulting to 1000
[  314.981416][ T7969] team0: Port device team_slave_0 added
[  315.288347][ T7969] team0: Port device team_slave_1 added
[  315.386171][ T5849] Bluetooth: hci4: command tx timeout
[  316.184083][ T7969] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.184103][ T7969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.184133][ T7969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.226615][ T7969] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.226638][ T7969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.226670][ T7969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.729093][ T8129] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  317.465630][ T5849] Bluetooth: hci4: command tx timeout
[  317.907398][ T7969] hsr_slave_0: entered promiscuous mode
[  317.915227][ T7969] hsr_slave_1: entered promiscuous mode
[  317.977924][ T7969] debugfs: 'hsr0' already exists in 'hsr'
[  317.977957][ T7969] Cannot create hsr debugfs directory
[  318.967171][ T8136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.660'.
[  318.967199][ T8136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.660'.
[  318.967247][ T8136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.660'.
[  320.370841][ T5849] Bluetooth: hci4: command tx timeout
[  320.558137][   T38] audit: type=1326 audit(1757212223.070:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.558718][   T38] audit: type=1326 audit(1757212223.070:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.559714][   T38] audit: type=1326 audit(1757212223.070:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.559976][   T38] audit: type=1326 audit(1757212223.070:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.561390][   T38] audit: type=1326 audit(1757212223.070:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8519ed550 code=0x7ffc0000
[  320.561441][   T38] audit: type=1326 audit(1757212223.070:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.561488][   T38] audit: type=1326 audit(1757212223.070:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.562360][   T38] audit: type=1326 audit(1757212223.070:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.564260][   T38] audit: type=1326 audit(1757212223.070:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.564747][   T38] audit: type=1326 audit(1757212223.070:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8147 comm="syz.0.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  320.594195][ T8148] blktrace: Concurrent blktraces are not allowed on sg0
[  320.874626][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.665'.
[  321.519714][ T8162] netlink: 8 bytes leftover after parsing attributes in process `syz.0.669'.
[  321.519740][ T8162] netlink: 8 bytes leftover after parsing attributes in process `syz.0.669'.
[  321.519781][ T8162] netlink: 8 bytes leftover after parsing attributes in process `syz.0.669'.
[  321.921241][ T8165] siw: device registration error -23
[  322.593826][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  322.593948][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  323.121712][ T8174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.674'.
[  323.226191][ T8064] chnl_net:caif_netlink_parms(): no params data found
[  323.511410][ T3033] bridge_slave_1: left allmulticast mode
[  323.511448][ T3033] bridge_slave_1: left promiscuous mode
[  323.511756][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.631781][ T3033] bridge_slave_0: left allmulticast mode
[  323.631819][ T3033] bridge_slave_0: left promiscuous mode
[  323.632103][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.730468][ T3033] bridge_slave_1: left allmulticast mode
[  323.730508][ T3033] bridge_slave_1: left promiscuous mode
[  323.730776][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.838667][ T3033] bridge_slave_0: left allmulticast mode
[  323.838702][ T3033] bridge_slave_0: left promiscuous mode
[  323.838973][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.286052][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.0.682'.
[  325.586992][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  325.666959][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  325.740326][ T3033] bond0 (unregistering): Released all slaves
[  326.036507][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  326.165746][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  326.218698][ T3033] bond0 (unregistering): Released all slaves
[  327.423598][ T8230] netlink: 148 bytes leftover after parsing attributes in process `syz.1.691'.
[  328.495725][ T3033] hsr_slave_0: left promiscuous mode
[  328.555903][ T3033] hsr_slave_1: left promiscuous mode
[  328.564197][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.598199][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.775743][ T3033] hsr_slave_0: left promiscuous mode
[  328.831063][ T3033] hsr_slave_1: left promiscuous mode
[  328.836455][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.853918][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  329.719767][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  329.846231][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  331.198108][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  331.346881][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  332.267986][ T8064] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.268155][ T8064] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.268395][ T8064] bridge_slave_0: entered allmulticast mode
[  332.271259][ T8064] bridge_slave_0: entered promiscuous mode
[  332.437327][ T8064] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.437477][ T8064] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.437711][ T8064] bridge_slave_1: entered allmulticast mode
[  332.440271][ T8064] bridge_slave_1: entered promiscuous mode
[  332.602372][ T7899] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  333.155020][ T7899] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  333.227728][ T8064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.229388][ T7899] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  333.685990][ T8064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.715838][ T7899] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  334.252811][ T8277] siw: device registration error -23
[  335.266810][ T8281] netlink: 148 bytes leftover after parsing attributes in process `syz.1.700'.
[  335.614189][ T8064] team0: Port device team_slave_0 added
[  335.651189][ T8064] team0: Port device team_slave_1 added
[  335.652439][ T8288] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  335.652466][ T8288] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  335.652806][ T8288] vhci_hcd vhci_hcd.0: Device attached
[  335.657602][ T8290] vhci_hcd: connection closed
[  335.668340][ T1183] vhci_hcd: stop threads
[  335.668364][ T1183] vhci_hcd: release socket
[  335.668404][ T1183] vhci_hcd: disconnect device
[  336.427244][ T8064] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.427258][ T8064] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.427279][ T8064] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.496610][ T8064] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.496630][ T8064] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.496663][ T8064] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  337.341804][ T8064] hsr_slave_0: entered promiscuous mode
[  337.356755][ T8064] hsr_slave_1: entered promiscuous mode
[  337.364104][ T8064] debugfs: 'hsr0' already exists in 'hsr'
[  337.364134][ T8064] Cannot create hsr debugfs directory
[  337.808439][ T8309] netlink: 148 bytes leftover after parsing attributes in process `syz.0.708'.
[  338.190497][   T38] kauditd_printk_skb: 68 callbacks suppressed
[  338.190517][   T38] audit: type=1326 audit(1757212240.700:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.190828][   T38] audit: type=1326 audit(1757212240.700:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.191109][   T38] audit: type=1326 audit(1757212240.700:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.191694][   T38] audit: type=1326 audit(1757212240.700:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.192868][   T38] audit: type=1326 audit(1757212240.700:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.193347][   T38] audit: type=1326 audit(1757212240.700:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.193670][   T38] audit: type=1326 audit(1757212240.700:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.194032][   T38] audit: type=1326 audit(1757212240.700:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.194522][   T38] audit: type=1326 audit(1757212240.700:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.194974][   T38] audit: type=1326 audit(1757212240.700:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8310 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  338.983580][ T7969] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  339.099102][ T7969] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  339.239891][ T7969] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  339.535352][ T8328] netlink: 44 bytes leftover after parsing attributes in process `syz.1.715'.
[  339.647145][ T7969] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  339.728398][ T8328] netlink: 68 bytes leftover after parsing attributes in process `syz.1.715'.
[  340.009417][ T8337] netlink: 148 bytes leftover after parsing attributes in process `syz.1.717'.
[  341.996797][ T7899] 8021q: adding VLAN 0 to HW filter on device bond0
[  342.472579][ T7899] 8021q: adding VLAN 0 to HW filter on device team0
[  342.547413][ T7076] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.547668][ T7076] bridge0: port 1(bridge_slave_0) entered forwarding state
[  343.667588][ T3033] bridge_slave_1: left allmulticast mode
[  343.667623][ T3033] bridge_slave_1: left promiscuous mode
[  343.667902][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.797582][ T3033] bridge_slave_0: left allmulticast mode
[  343.797619][ T3033] bridge_slave_0: left promiscuous mode
[  343.797900][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.941909][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.1.724'.
[  343.941938][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.1.724'.
[  343.941983][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.1.724'.
[  344.083477][ T8375] netlink: 148 bytes leftover after parsing attributes in process `syz.1.725'.
[  344.378863][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  344.456851][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  344.523208][ T3033] bond0 (unregistering): Released all slaves
[  344.603338][ T7076] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.603600][ T7076] bridge0: port 2(bridge_slave_1) entered forwarding state
[  344.975292][ T7969] 8021q: adding VLAN 0 to HW filter on device bond0
[  345.305869][ T3033] hsr_slave_0: left promiscuous mode
[  345.334388][ T3033] hsr_slave_1: left promiscuous mode
[  345.335261][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  345.376964][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  346.493805][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  346.715350][   T38] kauditd_printk_skb: 76 callbacks suppressed
[  346.715378][   T38] audit: type=1326 audit(1757212249.220:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.744811][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  346.767478][   T38] audit: type=1326 audit(1757212249.280:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.767535][   T38] audit: type=1326 audit(1757212249.280:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.767581][   T38] audit: type=1326 audit(1757212249.280:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.767638][   T38] audit: type=1326 audit(1757212249.280:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.771804][   T38] audit: type=1326 audit(1757212249.280:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.780621][   T38] audit: type=1326 audit(1757212249.290:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.781519][   T38] audit: type=1326 audit(1757212249.290:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a5d68d550 code=0x7ffc0000
[  346.782285][   T38] audit: type=1326 audit(1757212249.290:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.783202][   T38] audit: type=1326 audit(1757212249.290:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8396 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  346.832091][ T8397] blktrace: Concurrent blktraces are not allowed on sg0
[  346.881382][ T8399] netlink: 148 bytes leftover after parsing attributes in process `syz.0.733'.
[  347.857169][ T7969] 8021q: adding VLAN 0 to HW filter on device team0
[  347.899224][ T8403] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  347.900073][ T8404] syzkaller0: entered promiscuous mode
[  347.900104][ T8404] syzkaller0: entered allmulticast mode
[  348.607669][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.610654][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.707981][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.708142][ T7828] bridge0: port 2(bridge_slave_1) entered forwarding state
[  350.192347][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  350.211558][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  350.235333][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  350.250503][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  350.254890][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  350.714528][ T8459] netlink: 16 bytes leftover after parsing attributes in process `syz.1.742'.
[  350.714583][ T8459] netlink: 52 bytes leftover after parsing attributes in process `syz.1.742'.
[  350.714602][ T8459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.742'.
[  350.792745][ T8457] blktrace: Concurrent blktraces are not allowed on sg0
[  350.878106][ T8064] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  350.955280][ T8064] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  351.062812][ T8064] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  351.236983][ T8447] lo speed is unknown, defaulting to 1000
[  351.252162][ T8064] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  351.304079][ T8469] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  351.337621][ T8470] syzkaller0: entered promiscuous mode
[  351.337653][ T8470] syzkaller0: entered allmulticast mode
[  352.345766][   T59] Bluetooth: hci1: command tx timeout
[  353.463051][ T8495] lo speed is unknown, defaulting to 1000
[  353.796095][   T38] kauditd_printk_skb: 94 callbacks suppressed
[  353.796113][   T38] audit: type=1326 audit(1757212256.310:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.796408][   T38] audit: type=1326 audit(1757212256.310:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.798847][   T38] audit: type=1326 audit(1757212256.310:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.798900][   T38] audit: type=1326 audit(1757212256.310:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.798957][   T38] audit: type=1326 audit(1757212256.310:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.799824][   T38] audit: type=1326 audit(1757212256.310:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.800565][   T38] audit: type=1326 audit(1757212256.310:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.801081][   T38] audit: type=1326 audit(1757212256.310:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.808674][   T38] audit: type=1326 audit(1757212256.320:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8497 comm="syz.0.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  353.921549][   T38] audit: type=1326 audit(1757212256.430:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.0.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8519eebe9 code=0x7ffc0000
[  354.099746][ T8500] blktrace: Concurrent blktraces are not allowed on sg0
[  354.183203][ T8502] netlink: 16 bytes leftover after parsing attributes in process `syz.0.751'.
[  354.183238][ T8502] netlink: 52 bytes leftover after parsing attributes in process `syz.0.751'.
[  354.183256][ T8502] netlink: 4 bytes leftover after parsing attributes in process `syz.0.751'.
[  354.425956][   T59] Bluetooth: hci1: command tx timeout
[  354.581524][ T8507] netlink: 228 bytes leftover after parsing attributes in process `syz.1.753'.
[  354.624198][ T3744] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  354.624744][ T3744] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  354.624771][ T3744] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  354.645791][ T3744] hid-generic 0003:0004:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  354.713857][ T7969] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.854821][ T8508] fido_id[8508]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  355.880359][ T8528] blktrace: Concurrent blktraces are not allowed on sg0
[  355.930411][ T8447] chnl_net:caif_netlink_parms(): no params data found
[  355.959246][ T3033] bridge_slave_1: left allmulticast mode
[  355.959284][ T3033] bridge_slave_1: left promiscuous mode
[  355.959569][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.058578][ T3033] bridge_slave_0: left allmulticast mode
[  356.059846][ T3033] bridge_slave_0: left promiscuous mode
[  356.060142][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.516045][   T59] Bluetooth: hci1: command tx timeout
[  357.317564][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  357.373193][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  357.382091][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  357.408298][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  357.409562][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  358.238055][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.299544][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.321335][ T3033] bond0 (unregistering): Released all slaves
[  358.590835][   T59] Bluetooth: hci1: command tx timeout
[  359.465603][   T59] Bluetooth: hci2: command tx timeout
[  359.561251][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  359.582314][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  359.583420][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  359.584668][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  359.585878][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  359.647767][ T3033] hsr_slave_0: left promiscuous mode
[  359.692839][ T3033] hsr_slave_1: left promiscuous mode
[  359.693730][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  359.726786][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  360.836612][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  361.061128][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  361.555553][   T59] Bluetooth: hci2: command tx timeout
[  361.706138][   T59] Bluetooth: hci3: command tx timeout
[  363.160884][ T8554] 9pnet_fd: Insufficient options for proto=fd
[  363.260599][ T8556] netlink: 24 bytes leftover after parsing attributes in process `syz.1.767'.
[  363.436792][ T8542] lo speed is unknown, defaulting to 1000
[  363.438567][ T8447] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.438795][ T8447] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.439005][ T8447] bridge_slave_0: entered allmulticast mode
[  363.444563][ T8447] bridge_slave_0: entered promiscuous mode
[  363.530154][ T8447] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.530305][ T8447] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.530533][ T8447] bridge_slave_1: entered allmulticast mode
[  363.538209][ T8447] bridge_slave_1: entered promiscuous mode
[  363.635687][   T59] Bluetooth: hci2: command tx timeout
[  363.788745][   T59] Bluetooth: hci3: command tx timeout
[  363.956662][ T8447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.963200][ T8064] 8021q: adding VLAN 0 to HW filter on device bond0
[  363.967984][ T8548] lo speed is unknown, defaulting to 1000
[  363.996630][ T8447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  364.434809][ T8447] team0: Port device team_slave_0 added
[  364.542687][ T8447] team0: Port device team_slave_1 added
[  364.816406][   T38] kauditd_printk_skb: 100 callbacks suppressed
[  364.816425][   T38] audit: type=1326 audit(1757212267.330:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.817040][   T38] audit: type=1326 audit(1757212267.330:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.817331][   T38] audit: type=1326 audit(1757212267.330:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.817841][   T38] audit: type=1326 audit(1757212267.330:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.818433][   T38] audit: type=1326 audit(1757212267.330:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.818745][   T38] audit: type=1326 audit(1757212267.330:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.819120][   T38] audit: type=1326 audit(1757212267.330:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.819731][   T38] audit: type=1326 audit(1757212267.330:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.964597][ T8447] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.964621][ T8447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.964658][ T8447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.965359][   T38] audit: type=1326 audit(1757212267.460:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  364.965584][   T38] audit: type=1326 audit(1757212267.460:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  365.002545][ T8064] 8021q: adding VLAN 0 to HW filter on device team0
[  365.021108][ T8447] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.021128][ T8447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.021166][ T8447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.369601][ T1166] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.369791][ T1166] bridge0: port 1(bridge_slave_0) entered forwarding state
[  365.597768][ T8567] pimreg: entered allmulticast mode
[  365.705648][   T59] Bluetooth: hci2: command tx timeout
[  365.865727][   T59] Bluetooth: hci3: command tx timeout
[  366.097015][ T8447] hsr_slave_0: entered promiscuous mode
[  366.098379][ T8447] hsr_slave_1: entered promiscuous mode
[  366.099291][ T8447] debugfs: 'hsr0' already exists in 'hsr'
[  366.099317][ T8447] Cannot create hsr debugfs directory
[  366.174329][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.174567][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  367.892532][ T8599] netlink: 24 bytes leftover after parsing attributes in process `syz.1.774'.
[  367.946201][   T59] Bluetooth: hci3: command tx timeout
[  368.398300][ T8604] siw: device registration error -23
[  369.508115][ T8542] chnl_net:caif_netlink_parms(): no params data found
[  371.334682][ T5849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  371.355872][ T5849] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  371.362068][ T5849] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  371.370651][ T5849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  371.371504][ T5849] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  371.496768][ T8627] netlink: 24 bytes leftover after parsing attributes in process `syz.1.781'.
[  372.044645][ T8632] siw: device registration error -23
[  373.038175][ T8548] chnl_net:caif_netlink_parms(): no params data found
[  373.385911][ T5849] Bluetooth: hci5: command tx timeout
[  373.628428][ T8542] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.628647][ T8542] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.628894][ T8542] bridge_slave_0: entered allmulticast mode
[  373.631786][ T8542] bridge_slave_0: entered promiscuous mode
[  373.777646][ T8542] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.777794][ T8542] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.777997][ T8542] bridge_slave_1: entered allmulticast mode
[  373.780905][ T8542] bridge_slave_1: entered promiscuous mode
[  374.016345][ T8650] netlink: 24 bytes leftover after parsing attributes in process `syz.1.788'.
[  374.046585][ T8621] lo speed is unknown, defaulting to 1000
[  374.450721][ T8542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.471722][ T8654] pim6reg: entered allmulticast mode
[  374.472100][ T8655] pim6reg: left allmulticast mode
[  374.686335][ T8542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.704919][ T8548] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.705070][ T8548] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.705324][ T8548] bridge_slave_0: entered allmulticast mode
[  374.734362][ T8548] bridge_slave_0: entered promiscuous mode
[  375.107236][ T8548] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.108277][ T8548] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.108560][ T8548] bridge_slave_1: entered allmulticast mode
[  375.111557][ T8548] bridge_slave_1: entered promiscuous mode
[  375.429703][ T8542] team0: Port device team_slave_0 added
[  375.465814][ T5849] Bluetooth: hci5: command tx timeout
[  375.873168][ T8542] team0: Port device team_slave_1 added
[  375.888722][ T8548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  376.146599][ T3033] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.194824][ T8673] netlink: 24 bytes leftover after parsing attributes in process `syz.1.795'.
[  376.334435][ T8548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  376.859868][ T3033] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.904477][ T8542] batman_adv: batadv0: Adding interface: batadv_slave_0
[  376.904497][ T8542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  376.904528][ T8542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  377.013908][ T8680] can0: slcan on ttyS3.
[  377.173638][ T8542] batman_adv: batadv0: Adding interface: batadv_slave_1
[  377.173657][ T8542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.173697][ T8542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  377.351169][ T8548] team0: Port device team_slave_0 added
[  377.371873][ T8679] can0 (unregistered): slcan off ttyS3.
[  377.546084][ T5849] Bluetooth: hci5: command tx timeout
[  377.570766][ T3033] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.641495][ T8548] team0: Port device team_slave_1 added
[  378.238618][ T3033] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.302976][ T8548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.302995][ T8548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.303023][ T8548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.344185][ T8542] hsr_slave_0: entered promiscuous mode
[  378.356094][ T8542] hsr_slave_1: entered promiscuous mode
[  378.357057][ T8542] debugfs: 'hsr0' already exists in 'hsr'
[  378.357083][ T8542] Cannot create hsr debugfs directory
[  378.363453][ T8548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  378.363471][ T8548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.363516][ T8548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  378.660915][ T8697] netlink: 71 bytes leftover after parsing attributes in process `syz.1.805'.
[  379.278568][ T8548] hsr_slave_0: entered promiscuous mode
[  379.280120][ T8548] hsr_slave_1: entered promiscuous mode
[  379.281059][ T8548] debugfs: 'hsr0' already exists in 'hsr'
[  379.281085][ T8548] Cannot create hsr debugfs directory
[  379.412380][ T8621] chnl_net:caif_netlink_parms(): no params data found
[  379.634507][ T5849] Bluetooth: hci5: command tx timeout
[  379.739215][ T8447] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  379.855949][ T8447] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  380.150885][ T8447] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  380.448437][ T8447] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  380.961933][ T3033] bridge_slave_1: left allmulticast mode
[  380.961969][ T3033] bridge_slave_1: left promiscuous mode
[  380.962228][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.019486][ T3033] bridge_slave_0: left allmulticast mode
[  381.019522][ T3033] bridge_slave_0: left promiscuous mode
[  381.019911][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.038022][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.099515][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.122683][ T3033] bond0 (unregistering): Released all slaves
[  383.951227][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  383.951322][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  384.736443][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  384.776455][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  384.830786][ T3033] bond0 (unregistering): Released all slaves
[  385.156692][ T8621] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.156864][ T8621] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.157133][ T8621] bridge_slave_0: entered allmulticast mode
[  385.160708][ T8621] bridge_slave_0: entered promiscuous mode
[  385.207914][ T8621] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.208063][ T8621] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.208341][ T8621] bridge_slave_1: entered allmulticast mode
[  385.211295][ T8621] bridge_slave_1: entered promiscuous mode
[  385.237748][ T3033] tipc: Left network mode
[  385.394269][ T3033] IPVS: stopping backup sync thread 7607 ...
[  385.794372][ T8749] netlink: 24 bytes leftover after parsing attributes in process `syz.1.823'.
[  386.173717][ T8621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.238569][ T8621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.588088][ T8755] netlink: 'syz.1.825': attribute type 13 has an invalid length.
[  386.986964][ T8755] gretap0: refused to change device tx_queue_len
[  386.987695][ T8755] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  387.149030][ T8621] team0: Port device team_slave_0 added
[  387.162119][ T8621] team0: Port device team_slave_1 added
[  387.534401][ T8621] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.534420][ T8621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.534451][ T8621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.553484][ T8621] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.553506][ T8621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.553542][ T8621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.579260][   T38] kauditd_printk_skb: 1 callbacks suppressed
[  387.579282][   T38] audit: type=1326 audit(1757212290.090:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.579859][   T38] audit: type=1326 audit(1757212290.090:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.580187][   T38] audit: type=1326 audit(1757212290.090:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.581259][   T38] audit: type=1326 audit(1757212290.090:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.582219][   T38] audit: type=1326 audit(1757212290.090:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.582555][   T38] audit: type=1326 audit(1757212290.090:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.590995][   T38] audit: type=1326 audit(1757212290.100:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.591660][   T38] audit: type=1326 audit(1757212290.100:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.593849][   T38] audit: type=1326 audit(1757212290.100:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a5d68d550 code=0x7ffc0000
[  387.594585][   T38] audit: type=1326 audit(1757212290.100:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8762 comm="syz.1.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  387.620222][ T8763] blktrace: Concurrent blktraces are not allowed on sg0
[  387.908850][ T8767] netlink: 24 bytes leftover after parsing attributes in process `syz.1.830'.
[  387.925691][ T3033] hsr_slave_0: left promiscuous mode
[  387.971501][ T3033] hsr_slave_1: left promiscuous mode
[  387.972662][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  388.016860][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.155872][ T3033] hsr_slave_0: left promiscuous mode
[  388.185679][ T3033] hsr_slave_1: left promiscuous mode
[  388.186810][ T3033] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  388.186842][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  388.246782][ T3033] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  388.246819][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.386047][ T3033] veth1_macvtap: left promiscuous mode
[  388.386172][ T3033] veth0_macvtap: left promiscuous mode
[  388.386465][ T3033] veth1_vlan: left promiscuous mode
[  388.386685][ T3033] veth0_vlan: left promiscuous mode
[  389.736335][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  389.977691][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  394.316795][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  394.657575][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  397.109964][ T5919] lo speed is unknown, defaulting to 1000
[  397.110119][ T5919] syz0: Port: 1 Link DOWN
[  397.332905][ T8772] netlink: 'syz.1.831': attribute type 4 has an invalid length.
[  397.478428][ T8621] hsr_slave_0: entered promiscuous mode
[  397.479910][ T8621] hsr_slave_1: entered promiscuous mode
[  397.541368][ T8548] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  397.756118][ T8548] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  397.803006][ T8548] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  397.979454][ T8548] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  398.182612][ T8780] netem: change failed
[  398.647417][ T8792] netlink: 24 bytes leftover after parsing attributes in process `syz.1.837'.
[  398.762332][ T8542] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  398.854502][ T8794] netlink: 'syz.1.838': attribute type 4 has an invalid length.
[  398.855263][ T8542] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  398.975699][ T8542] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  399.042527][ T8542] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  399.471196][ T8803] IPv6: Can't replace route, no match found
[  399.484618][ T8447] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.192693][ T8815] netlink: 'syz.1.845': attribute type 4 has an invalid length.
[  400.242738][ T8447] 8021q: adding VLAN 0 to HW filter on device team0
[  400.608079][ T3011] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.608320][ T3011] bridge0: port 1(bridge_slave_0) entered forwarding state
[  400.678763][ T3632] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.678923][ T3632] bridge0: port 2(bridge_slave_1) entered forwarding state
[  400.841812][ T8548] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.860585][ T3033] bridge_slave_1: left allmulticast mode
[  400.860615][ T3033] bridge_slave_1: left promiscuous mode
[  400.860869][ T3033] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.937497][ T3033] bridge_slave_0: left allmulticast mode
[  400.937539][ T3033] bridge_slave_0: left promiscuous mode
[  400.937833][ T3033] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.667422][ T8830] netlink: 'syz.1.852': attribute type 4 has an invalid length.
[  402.716465][ T3033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  402.779304][ T3033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  402.800778][ T3033] bond0 (unregistering): Released all slaves
[  403.333549][ T3033] hsr_slave_0: left promiscuous mode
[  403.367310][ T3033] hsr_slave_1: left promiscuous mode
[  403.369663][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  403.407455][ T3033] batman_adv: batadv0: Removing interface: batadv_slave_1
[  403.784902][ T8849] netlink: 'syz.1.859': attribute type 4 has an invalid length.
[  404.318687][ T3033] team0 (unregistering): Port device team_slave_1 removed
[  404.479922][ T3033] team0 (unregistering): Port device team_slave_0 removed
[  406.373899][ T8548] 8021q: adding VLAN 0 to HW filter on device team0
[  406.385004][ T8621] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  406.450570][ T8621] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  406.501356][ T8621] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  406.554193][ T8621] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  406.594373][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.594833][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  406.658666][ T3201] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.659663][ T3201] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.716523][ T8542] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.899803][ T8542] 8021q: adding VLAN 0 to HW filter on device team0
[  406.962730][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.965666][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.067929][ T3011] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.068083][ T3011] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.537198][ T8447] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.673384][ T8621] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.830849][ T8621] 8021q: adding VLAN 0 to HW filter on device team0
[  407.865561][ T3011] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.865716][ T3011] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.944203][ T8881] netlink: 'syz.1.864': attribute type 13 has an invalid length.
[  408.017758][ T8881] gretap0: refused to change device tx_queue_len
[  408.018294][ T8881] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  408.050150][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.050376][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  408.288346][ T8548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  408.441897][ T8542] 8021q: adding VLAN 0 to HW filter on device batadv0
[  409.170702][ T8907] 9pnet_fd: Insufficient options for proto=fd
[  409.646456][ T8548] veth0_vlan: entered promiscuous mode
[  409.716110][ T8621] 8021q: adding VLAN 0 to HW filter on device batadv0
[  409.799022][ T8548] veth1_vlan: entered promiscuous mode
[  410.064499][ T8542] veth0_vlan: entered promiscuous mode
[  410.110099][ T8548] veth0_macvtap: entered promiscuous mode
[  410.167344][ T8542] veth1_vlan: entered promiscuous mode
[  410.193130][ T8548] veth1_macvtap: entered promiscuous mode
[  410.673652][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  410.694032][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  410.695766][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  410.713342][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  410.716681][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  411.006765][ T8929] syz.1.871 (8929) used greatest stack depth: 16760 bytes left
[  411.070566][ T8548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  411.374955][ T8548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  411.615469][   T67] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  411.619485][ T8542] veth0_macvtap: entered promiscuous mode
[  411.629686][   T67] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  411.648453][   T67] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.679480][   T67] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  411.704577][ T8542] veth1_macvtap: entered promiscuous mode
[  412.341169][ T8542] batman_adv: batadv0: Interface activated: batadv_slave_0
[  412.485068][ T8542] batman_adv: batadv0: Interface activated: batadv_slave_1
[  412.488924][ T8621] veth0_vlan: entered promiscuous mode
[  412.622236][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.622262][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  412.728204][ T3033] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  412.747618][ T3033] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  412.792258][ T8621] veth1_vlan: entered promiscuous mode
[  412.793940][ T3033] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  412.825031][ T8928] chnl_net:caif_netlink_parms(): no params data found
[  412.826029][ T5849] Bluetooth: hci1: command tx timeout
[  412.855531][ T3033] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  412.951271][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.951294][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  413.223520][ T1103] bridge_slave_1: left allmulticast mode
[  413.223552][ T1103] bridge_slave_1: left promiscuous mode
[  413.223782][ T1103] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.290163][ T1103] bridge_slave_0: left allmulticast mode
[  413.290197][ T1103] bridge_slave_0: left promiscuous mode
[  413.290446][ T1103] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.915611][ T5849] Bluetooth: hci1: command tx timeout
[  414.976594][ T1103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  415.043089][ T1103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  415.060466][ T1103] bond0 (unregistering): Released all slaves
[  415.293148][ T8949] 9pnet_fd: Insufficient options for proto=fd
[  415.535941][ T8928] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.536062][ T8928] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.536288][ T8928] bridge_slave_0: entered allmulticast mode
[  415.538874][ T8928] bridge_slave_0: entered promiscuous mode
[  415.697032][ T8957] netlink: 'syz.8.876': attribute type 4 has an invalid length.
[  415.737379][ T1103] hsr_slave_0: left promiscuous mode
[  415.775776][ T1103] hsr_slave_1: left promiscuous mode
[  415.776870][ T1103] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.804942][ T1103] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.985593][ T5849] Bluetooth: hci1: command tx timeout
[  417.383678][   T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  417.394199][   T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  417.395383][   T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  417.420327][   T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  417.421168][   T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  417.626444][ T1103] team0 (unregistering): Port device team_slave_1 removed
[  417.879196][ T1103] team0 (unregistering): Port device team_slave_0 removed
[  419.066707][ T5849] Bluetooth: hci1: command tx timeout
[  419.552947][ T5849] Bluetooth: hci4: command tx timeout
[  420.103401][ T8928] bridge0: port 2(bridge_slave_1) entered blocking state
[  420.103652][ T8928] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.103867][ T8928] bridge_slave_1: entered allmulticast mode
[  420.107148][ T8928] bridge_slave_1: entered promiscuous mode
[  420.492776][ T8928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  420.544550][ T8928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  420.557746][ T8621] veth0_macvtap: entered promiscuous mode
[  420.801571][ T8968] netlink: 8 bytes leftover after parsing attributes in process `syz.8.878'.
[  420.950771][ T8928] team0: Port device team_slave_0 added
[  420.951859][ T8621] veth1_macvtap: entered promiscuous mode
[  420.983049][ T8928] team0: Port device team_slave_1 added
[  421.626745][ T5849] Bluetooth: hci4: command tx timeout
[  421.764503][ T8928] batman_adv: batadv0: Adding interface: batadv_slave_0
[  421.764523][ T8928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  421.764561][ T8928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  421.903082][ T8928] batman_adv: batadv0: Adding interface: batadv_slave_1
[  421.903102][ T8928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  421.903134][ T8928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  422.034265][ T8621] batman_adv: batadv0: Interface activated: batadv_slave_0
[  422.272915][ T8621] batman_adv: batadv0: Interface activated: batadv_slave_1
[  422.482420][ T8928] hsr_slave_0: entered promiscuous mode
[  422.483922][ T8928] hsr_slave_1: entered promiscuous mode
[  422.484913][ T8928] debugfs: 'hsr0' already exists in 'hsr'
[  422.484939][ T8928] Cannot create hsr debugfs directory
[  422.545651][ T1166] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  422.648544][ T8989] netlink: 44 bytes leftover after parsing attributes in process `syz.1.881'.
[  422.701533][ T1166] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.179678][ T1166] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.232764][ T1166] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.248240][ T8996] netlink: 'syz.1.884': attribute type 4 has an invalid length.
[  423.391956][ T9002] netlink: 4 bytes leftover after parsing attributes in process `syz.8.885'.
[  423.391980][ T9002] netlink: 8 bytes leftover after parsing attributes in process `syz.8.885'.
[  423.523404][ T9005] netlink: 8 bytes leftover after parsing attributes in process `syz.8.886'.
[  423.598114][   T37] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.705668][ T5849] Bluetooth: hci4: command tx timeout
[  423.856470][   T38] kauditd_printk_skb: 37 callbacks suppressed
[  423.856490][   T38] audit: type=1326 audit(1757212326.370:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.856791][   T38] audit: type=1326 audit(1757212326.370:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.857309][   T38] audit: type=1326 audit(1757212326.370:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.858330][   T38] audit: type=1326 audit(1757212326.370:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.860208][   T38] audit: type=1326 audit(1757212326.370:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.860497][   T38] audit: type=1326 audit(1757212326.370:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.917821][   T38] audit: type=1326 audit(1757212326.430:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.917891][   T38] audit: type=1326 audit(1757212326.430:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  423.937448][   T38] audit: type=1326 audit(1757212326.450:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f99f3f7d550 code=0x7ffc0000
[  423.937518][   T38] audit: type=1326 audit(1757212326.450:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9007 comm="syz.8.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  424.016555][ T9008] blktrace: Concurrent blktraces are not allowed on sg0
[  424.291984][ T9014] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  424.348954][   T37] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.792174][   T37] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.927254][ T9017] netlink: 12 bytes leftover after parsing attributes in process `syz.1.890'.
[  424.927283][ T9017] netlink: 28 bytes leftover after parsing attributes in process `syz.1.890'.
[  424.927302][ T9017] netlink: 12 bytes leftover after parsing attributes in process `syz.1.890'.
[  424.937715][ T9017] netlink: 28 bytes leftover after parsing attributes in process `syz.1.890'.
[  424.937756][ T9017] netlink: 'syz.1.890': attribute type 6 has an invalid length.
[  425.166280][ T9020] netlink: 44 bytes leftover after parsing attributes in process `syz.1.891'.
[  425.216009][ T9022] hub 9-0:1.0: USB hub found
[  425.217731][ T9022] hub 9-0:1.0: 1 port detected
[  425.280777][   T37] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.424709][ T8963] chnl_net:caif_netlink_parms(): no params data found
[  425.785608][ T5849] Bluetooth: hci4: command tx timeout
[  425.931768][ T9030] netlink: 'syz.8.895': attribute type 4 has an invalid length.
[  426.080247][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.080281][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.587787][ T9037] blktrace: Concurrent blktraces are not allowed on sg0
[  427.010940][ T8963] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.011090][ T8963] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.011349][ T8963] bridge_slave_0: entered allmulticast mode
[  427.014250][ T8963] bridge_slave_0: entered promiscuous mode
[  427.216399][ T9046] netlink: 8 bytes leftover after parsing attributes in process `syz.8.899'.
[  427.326701][ T8963] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.326849][ T8963] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.327235][ T8963] bridge_slave_1: entered allmulticast mode
[  427.334904][ T8963] bridge_slave_1: entered promiscuous mode
[  427.345026][ T9048] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  427.345058][ T9048] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  427.350636][ T9048] vhci_hcd vhci_hcd.0: Device attached
[  427.352163][ T9049] vhci_hcd: connection closed
[  427.354235][   T12] vhci_hcd: stop threads
[  427.354256][   T12] vhci_hcd: release socket
[  427.354298][   T12] vhci_hcd: disconnect device
[  427.506579][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  427.506603][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  427.613972][ T9054] netlink: 44 bytes leftover after parsing attributes in process `syz.8.902'.
[  427.797171][ T8963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  427.799707][   T37] bridge_slave_1: left allmulticast mode
[  427.799742][   T37] bridge_slave_1: left promiscuous mode
[  427.800009][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.879614][   T37] bridge_slave_0: left allmulticast mode
[  427.879649][   T37] bridge_slave_0: left promiscuous mode
[  427.879918][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.919261][ T9058] blktrace: Concurrent blktraces are not allowed on sg0
[  428.088287][ T9063] netlink: 'syz.8.906': attribute type 4 has an invalid length.
[  428.377628][ T9074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.908'.
[  429.950750][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  430.029676][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  430.090223][   T37] bond0 (unregistering): Released all slaves
[  430.143121][ T8963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  430.764227][ T9081] netlink: 44 bytes leftover after parsing attributes in process `syz.8.910'.
[  430.943142][ T8963] team0: Port device team_slave_0 added
[  431.008378][ T8963] team0: Port device team_slave_1 added
[  431.134510][   T38] kauditd_printk_skb: 148 callbacks suppressed
[  431.134531][   T38] audit: type=1326 audit(1757212333.640:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.134806][   T38] audit: type=1326 audit(1757212333.640:1871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.136303][   T38] audit: type=1326 audit(1757212333.640:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.146227][   T38] audit: type=1326 audit(1757212333.650:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.146293][   T38] audit: type=1326 audit(1757212333.650:1874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.146349][   T38] audit: type=1326 audit(1757212333.650:1875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.150974][   T38] audit: type=1326 audit(1757212333.660:1876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.153485][   T38] audit: type=1326 audit(1757212333.660:1877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a5d68d550 code=0x7ffc0000
[  431.154242][   T38] audit: type=1326 audit(1757212333.660:1878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.158532][   T38] audit: type=1326 audit(1757212333.670:1879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9084 comm="syz.1.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  431.199389][ T9085] blktrace: Concurrent blktraces are not allowed on sg0
[  431.229858][   T37] hsr_slave_0: left promiscuous mode
[  431.298462][   T37] hsr_slave_1: left promiscuous mode
[  431.299556][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  431.299591][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.349326][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  431.349367][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.514797][   T37] veth1_macvtap: left promiscuous mode
[  431.514887][   T37] veth0_macvtap: left promiscuous mode
[  431.515162][   T37] veth1_vlan: left promiscuous mode
[  431.516417][   T37] veth0_vlan: left promiscuous mode
[  431.581797][   T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  431.603875][   T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  431.613149][   T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  431.614420][   T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  431.625641][   T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  432.334208][ T9098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.916'.
[  433.715584][   T59] Bluetooth: hci2: command tx timeout
[  434.914760][   T37] team0 (unregistering): Port device team_slave_1 removed
[  435.116569][   T37] team0 (unregistering): Port device team_slave_0 removed
[  435.796737][   T59] Bluetooth: hci2: command tx timeout
[  437.317071][ T9098] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  437.317119][ T9098] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  437.317141][ T9098] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  437.357344][   T38] kauditd_printk_skb: 39 callbacks suppressed
[  437.357367][   T38] audit: type=1800 audit(1757212339.820:1919): pid=9098 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.916" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  437.623499][ T9103] netlink: 'syz.1.917': attribute type 4 has an invalid length.
[  437.865815][   T59] Bluetooth: hci2: command tx timeout
[  438.057441][ T9107] tipc: Started in network mode
[  438.057473][ T9107] tipc: Node identity 5608800db112, cluster identity 4711
[  438.057680][ T9107] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  438.062096][ T8963] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.062112][ T8963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.062138][ T8963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.249022][ T9113] netlink: 44 bytes leftover after parsing attributes in process `syz.1.919'.
[  438.269017][ T9105] tipc: Disabling bearer <eth:syzkaller0>
[  438.433424][ T8963] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.433443][ T8963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.433474][ T8963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.697779][   T38] audit: type=1326 audit(1757212341.210:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.698135][   T38] audit: type=1326 audit(1757212341.210:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.699157][   T38] audit: type=1326 audit(1757212341.210:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.699983][   T38] audit: type=1326 audit(1757212341.210:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.703190][   T38] audit: type=1326 audit(1757212341.210:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.703787][   T38] audit: type=1326 audit(1757212341.210:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.704206][   T38] audit: type=1326 audit(1757212341.210:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a5d68d550 code=0x7ffc0000
[  438.704901][   T38] audit: type=1326 audit(1757212341.210:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.880708][   T38] audit: type=1326 audit(1757212341.210:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9118 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  438.960342][ T9119] blktrace: Concurrent blktraces are not allowed on sg0
[  439.182861][ T8963] hsr_slave_0: entered promiscuous mode
[  439.184229][ T8963] hsr_slave_1: entered promiscuous mode
[  439.198084][ T8963] debugfs: 'hsr0' already exists in 'hsr'
[  439.198138][ T8963] Cannot create hsr debugfs directory
[  439.200202][ T8928] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  439.315553][ T8928] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  439.361385][ T9131] netlink: 'syz.1.926': attribute type 4 has an invalid length.
[  439.402538][ T8928] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  439.564092][ T8928] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  439.945715][   T59] Bluetooth: hci2: command tx timeout
[  439.958734][ T9147] blktrace: Concurrent blktraces are not allowed on sg0
[  440.140858][ T9153] netlink: 16 bytes leftover after parsing attributes in process `syz.1.932'.
[  441.037202][ T9161] wireguard0: entered promiscuous mode
[  441.037237][ T9161] wireguard0: entered allmulticast mode
[  441.754284][   T37] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.234214][   T37] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.592151][ T9186] netlink: 'syz.1.937': attribute type 4 has an invalid length.
[  443.181471][   T37] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.428851][   T38] kauditd_printk_skb: 90 callbacks suppressed
[  443.428872][   T38] audit: type=1326 audit(1757212345.940:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.429047][   T38] audit: type=1326 audit(1757212345.940:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.429641][   T38] audit: type=1326 audit(1757212345.940:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.431071][   T38] audit: type=1326 audit(1757212345.940:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.431375][   T38] audit: type=1326 audit(1757212345.940:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.434519][   T38] audit: type=1326 audit(1757212345.940:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.435158][   T38] audit: type=1326 audit(1757212345.940:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a5d68d550 code=0x7ffc0000
[  443.522239][ T9199] netlink: 8 bytes leftover after parsing attributes in process `syz.8.940'.
[  443.611355][   T38] audit: type=1326 audit(1757212346.120:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.611633][   T38] audit: type=1326 audit(1757212346.120:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9195 comm="syz.1.939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  443.784335][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.942'.
[  443.784376][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.942'.
[  443.879928][   T37] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.171060][ T9092] chnl_net:caif_netlink_parms(): no params data found
[  444.450650][ T9218] netlink: 8 bytes leftover after parsing attributes in process `syz.8.948'.
[  444.764491][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.8.950'.
[  444.764520][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.8.950'.
[  445.398715][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  445.398811][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  445.556634][ T9092] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.556814][ T9092] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.558772][ T9092] bridge_slave_0: entered allmulticast mode
[  445.561812][ T9092] bridge_slave_0: entered promiscuous mode
[  445.646014][ T9092] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.646167][ T9092] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.646425][ T9092] bridge_slave_1: entered allmulticast mode
[  445.659675][ T9092] bridge_slave_1: entered promiscuous mode
[  446.129936][   T37] bridge_slave_1: left allmulticast mode
[  446.129972][   T37] bridge_slave_1: left promiscuous mode
[  446.130253][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.258279][   T37] bridge_slave_0: left allmulticast mode
[  446.258316][   T37] bridge_slave_0: left promiscuous mode
[  446.258599][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.523438][ T9251] netlink: 8 bytes leftover after parsing attributes in process `syz.8.956'.
[  447.878278][ T9260] rdma_op ffff8880352eda70 conn xmit_rdma 0000000000000000
[  448.939538][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  448.996864][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  449.019509][   T37] bond0 (unregistering): Released all slaves
[  449.085823][ T9092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  449.143462][ T9092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  449.490268][ T9253] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  450.311815][ T8963] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  450.377680][ T9292] netlink: 12 bytes leftover after parsing attributes in process `syz.1.966'.
[  450.520420][ T9253] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  450.613023][ T9092] team0: Port device team_slave_0 added
[  450.613798][ T8963] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  450.681819][ T9092] team0: Port device team_slave_1 added
[  451.072674][ T8963] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  451.154489][ T8928] 8021q: adding VLAN 0 to HW filter on device bond0
[  451.515208][ T9253] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.566369][ T8963] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  451.918143][ T9092] batman_adv: batadv0: Adding interface: batadv_slave_0
[  451.918162][ T9092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  451.918194][ T9092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  452.219657][ T9253] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.285240][ T9092] batman_adv: batadv0: Adding interface: batadv_slave_1
[  452.285259][ T9092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.285290][ T9092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  452.333072][ T9333] netlink: 'syz.1.973': attribute type 3 has an invalid length.
[  452.333095][ T9333] netlink: 3 bytes leftover after parsing attributes in process `syz.1.973'.
[  452.495639][   T37] hsr_slave_0: left promiscuous mode
[  452.538704][   T37] hsr_slave_1: left promiscuous mode
[  452.539656][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  452.539685][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  452.587440][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  452.587474][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  452.777352][   T37] veth1_macvtap: left promiscuous mode
[  452.777484][   T37] veth0_macvtap: left promiscuous mode
[  452.777792][   T37] veth1_vlan: left promiscuous mode
[  452.778012][   T37] veth0_vlan: left promiscuous mode
[  455.305086][   T37] team0 (unregistering): Port device team_slave_1 removed
[  455.526891][   T37] team0 (unregistering): Port device team_slave_0 removed
[  458.770873][ T8928] 8021q: adding VLAN 0 to HW filter on device team0
[  458.814724][ T9092] hsr_slave_0: entered promiscuous mode
[  458.850791][ T9092] hsr_slave_1: entered promiscuous mode
[  459.189537][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.189780][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.337385][ T3201] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  459.584064][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.584228][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.650923][ T1124] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  459.760975][ T1103] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  459.887492][ T1103] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  462.225660][ T9403] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  462.252415][ T9403] syzkaller0: entered promiscuous mode
[  462.252448][ T9403] syzkaller0: entered allmulticast mode
[  463.115961][ T9414] tipc: Resetting bearer <eth:syzkaller0>
[  463.156130][ T9402] tipc: Resetting bearer <eth:syzkaller0>
[  463.298862][ T5956] tipc: Node number set to 3461337431
[  463.446896][ T9402] tipc: Disabling bearer <eth:syzkaller0>
[  463.739569][ T8963] 8021q: adding VLAN 0 to HW filter on device bond0
[  463.946026][ T9433] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4)
[  463.946058][ T9433] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  463.946160][ T9433] vhci_hcd vhci_hcd.0: Device attached
[  463.947449][ T9434] vhci_hcd: connection closed
[  463.948068][   T37] vhci_hcd: stop threads
[  463.948084][   T37] vhci_hcd: release socket
[  463.948119][   T37] vhci_hcd: disconnect device
[  464.101752][ T8963] 8021q: adding VLAN 0 to HW filter on device team0
[  464.169400][ T3033] bridge0: port 1(bridge_slave_0) entered blocking state
[  464.170675][ T3033] bridge0: port 1(bridge_slave_0) entered forwarding state
[  464.186420][ T8928] 8021q: adding VLAN 0 to HW filter on device batadv0
[  464.218955][ T3033] bridge0: port 2(bridge_slave_1) entered blocking state
[  464.222990][ T3033] bridge0: port 2(bridge_slave_1) entered forwarding state
[  464.528154][ T9444] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  464.715071][ T9092] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  464.808331][ T9092] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  464.904257][ T9092] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  465.012879][ T9092] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  465.750270][ T8928] veth0_vlan: entered promiscuous mode
[  465.841976][ T8928] veth1_vlan: entered promiscuous mode
[  465.939517][ T9489] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  465.969976][ T9490] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4)
[  465.970009][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  465.970279][ T9490] vhci_hcd vhci_hcd.0: Device attached
[  465.972697][ T9491] vhci_hcd: connection closed
[  465.973316][   T67] vhci_hcd: stop threads
[  465.973334][   T67] vhci_hcd: release socket
[  465.973370][   T67] vhci_hcd: disconnect device
[  466.038725][ T8963] 8021q: adding VLAN 0 to HW filter on device batadv0
[  466.090263][ T9092] 8021q: adding VLAN 0 to HW filter on device bond0
[  466.220840][ T9092] 8021q: adding VLAN 0 to HW filter on device team0
[  466.272924][ T8928] veth0_macvtap: entered promiscuous mode
[  466.301029][ T1103] bridge0: port 1(bridge_slave_0) entered blocking state
[  466.305659][ T1103] bridge0: port 1(bridge_slave_0) entered forwarding state
[  466.339212][ T8928] veth1_macvtap: entered promiscuous mode
[  466.380623][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.381223][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  466.556248][ T8928] batman_adv: batadv0: Interface activated: batadv_slave_0
[  466.678526][ T8928] batman_adv: batadv0: Interface activated: batadv_slave_1
[  466.795051][ T3033] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.825602][ T3033] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.894807][ T3033] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  466.917030][ T3033] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  468.715077][ T3033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.715101][ T3033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.996705][ T8963] veth0_vlan: entered promiscuous mode
[  469.015195][ T3011] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.015218][ T3011] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  469.136612][ T8963] veth1_vlan: entered promiscuous mode
[  469.166599][ T9092] 8021q: adding VLAN 0 to HW filter on device batadv0
[  469.234187][ T9542] rdma_op ffff888032de4270 conn xmit_rdma 0000000000000000
[  469.482582][ T8963] veth0_macvtap: entered promiscuous mode
[  469.552460][ T8963] veth1_macvtap: entered promiscuous mode
[  469.638856][ T8963] batman_adv: batadv0: Interface activated: batadv_slave_0
[  469.692946][ T8963] batman_adv: batadv0: Interface activated: batadv_slave_1
[  469.738794][ T1124] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  469.740902][ T1124] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  469.743464][ T1124] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  469.826099][ T1124] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  470.217199][ T9568] netlink: 'syz.5.1010': attribute type 13 has an invalid length.
[  470.234544][ T9564] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.243554][ T9564] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.714929][ T9568] gretap0: refused to change device tx_queue_len
[  470.714955][ T9568] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  471.197670][ T3011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  471.197694][ T3011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  471.369236][ T9580] IPv6: Can't replace route, no match found
[  471.545729][ T9092] veth0_vlan: entered promiscuous mode
[  471.564427][ T3201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  471.564451][ T3201] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  471.594700][ T9586] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1017'.
[  471.599085][ T9586] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1017'.
[  471.618872][ T9588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1016'.
[  471.728225][ T9092] veth1_vlan: entered promiscuous mode
[  472.066327][ T9092] veth0_macvtap: entered promiscuous mode
[  472.118957][ T9092] veth1_macvtap: entered promiscuous mode
[  472.340889][ T9092] batman_adv: batadv0: Interface activated: batadv_slave_0
[  472.370289][ T9092] batman_adv: batadv0: Interface activated: batadv_slave_1
[  472.538416][ T3201] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  472.545897][   T67] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  472.546509][   T67] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  472.547064][   T67] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  473.528808][   T38] audit: type=1326 audit(1757212376.040:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9619 comm="syz.1.1026" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x0
[  473.728205][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.728228][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.736417][ T9638] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1031'.
[  474.763848][ T3201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  474.763876][ T3201] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.522325][ T9658] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1038'.
[  475.700006][   T38] audit: type=1326 audit(1757212378.210:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9661 comm="syz.8.1041" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x0
[  476.363414][ T9680] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1046'.
[  477.277371][ T9704] 9pnet_fd: Insufficient options for proto=fd
[  477.702362][   T38] audit: type=1326 audit(1757212380.210:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9714 comm="syz.6.1058" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x0
[  478.076508][ T9725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1060'.
[  478.268167][ T9727] bond1: entered promiscuous mode
[  478.268207][ T9727] bond1: entered allmulticast mode
[  478.271383][ T9727] 8021q: adding VLAN 0 to HW filter on device bond1
[  480.561324][ T9727] bond1 (unregistering): Released all slaves
[  480.685773][ T9742] netlink: 5624 bytes leftover after parsing attributes in process `syz.6.1066'.
[  481.205895][ T9787] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  481.206977][ T9787] syzkaller0: entered promiscuous mode
[  481.207007][ T9787] syzkaller0: entered allmulticast mode
[  481.216902][ T9787] tipc: Resetting bearer <eth:syzkaller0>
[  481.353940][ T9786] tipc: Resetting bearer <eth:syzkaller0>
[  481.699567][ T9786] tipc: Disabling bearer <eth:syzkaller0>
[  481.950144][ T9808] netlink: 5624 bytes leftover after parsing attributes in process `syz.1.1085'.
[  482.768760][ T9829] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1088'.
[  483.315660][ T5849] Bluetooth: hci3: command 0x0406 tx timeout
[  483.553968][ T9835] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1091'.
[  486.028541][ T9873] netlink: 5624 bytes leftover after parsing attributes in process `syz.5.1099'.
[  487.084966][ T9890] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1103'.
[  487.196269][ T9892] 9pnet_fd: Insufficient options for proto=fd
[  487.637860][ T9903] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1107'.
[  487.962025][   T38] audit: type=1326 audit(1757212390.470:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9898 comm="syz.8.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  487.964819][   T38] audit: type=1326 audit(1757212390.470:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9898 comm="syz.8.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  487.964880][   T38] audit: type=1326 audit(1757212390.470:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9898 comm="syz.8.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  487.964929][   T38] audit: type=1326 audit(1757212390.470:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9898 comm="syz.8.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  487.964977][   T38] audit: type=1326 audit(1757212390.470:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9898 comm="syz.8.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99f3f7ebe9 code=0x7ffc0000
[  489.212443][ T9927] netlink: 5624 bytes leftover after parsing attributes in process `syz.8.1112'.
[  490.179132][ T9942] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1116'.
[  490.179162][ T9942] ksmbd: Unknown IPC event: 3, ignore.
[  492.029543][    C0] vkms_vblank_simulate: vblank timer overrun
[  492.137652][    C0] vkms_vblank_simulate: vblank timer overrun
[  492.682542][    C0] vkms_vblank_simulate: vblank timer overrun
[  493.315877][ T9978] netlink: 5624 bytes leftover after parsing attributes in process `syz.8.1128'.
[  493.345072][   T38] audit: type=1326 audit(1757212395.850:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.345122][   T38] audit: type=1326 audit(1757212395.850:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.345163][   T38] audit: type=1326 audit(1757212395.850:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.345205][   T38] audit: type=1326 audit(1757212395.850:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.345244][   T38] audit: type=1326 audit(1757212395.850:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.345285][   T38] audit: type=1326 audit(1757212395.850:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.345333][   T38] audit: type=1326 audit(1757212395.850:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.365784][   T38] audit: type=1326 audit(1757212395.860:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.365857][   T38] audit: type=1326 audit(1757212395.860:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.365912][   T38] audit: type=1326 audit(1757212395.870:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9977 comm="syz.1.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1a5d68ebe9 code=0x7ffc0000
[  493.405700][ T9976] serio: Serial port ptm0
[  494.703048][T10005] delete_channel: no stack
[  495.792991][T10027] netlink: 5624 bytes leftover after parsing attributes in process `syz.5.1145'.
[  497.934620][T10078] netlink: 5624 bytes leftover after parsing attributes in process `syz.5.1161'.
[  499.615759][T10102] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1168'.
[  500.319949][T10117] netlink: 5624 bytes leftover after parsing attributes in process `syz.6.1173'.
[  500.850029][T10127] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  500.851102][T10127] syzkaller0: entered promiscuous mode
[  500.851132][T10127] syzkaller0: entered allmulticast mode
[  501.156374][T10127] tipc: Resetting bearer <eth:syzkaller0>
[  501.288166][T10125] tipc: Resetting bearer <eth:syzkaller0>
[  501.671462][T10142] 9pnet_fd: Insufficient options for proto=fd
[  501.727089][T10144] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1181'.
[  501.791527][T10125] tipc: Disabling bearer <eth:syzkaller0>
[  501.845598][ T6012] tipc: Node number set to 3877273613
[  501.885448][T10147] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(4)
[  501.885474][T10147] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  501.885569][T10147] vhci_hcd vhci_hcd.0: Device attached
[  501.886801][T10148] vhci_hcd: connection closed
[  501.897845][ T1103] vhci_hcd: stop threads
[  501.897868][ T1103] vhci_hcd: release socket
[  501.897912][ T1103] vhci_hcd: disconnect device
[  502.277273][   T38] kauditd_printk_skb: 26 callbacks suppressed
[  502.277297][   T38] audit: type=1326 audit(1757212404.770:2072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.306048][   T38] audit: type=1326 audit(1757212404.810:2073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.306120][   T38] audit: type=1326 audit(1757212404.810:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.306175][   T38] audit: type=1326 audit(1757212404.810:2075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.312038][   T38] audit: type=1326 audit(1757212404.820:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.312104][   T38] audit: type=1326 audit(1757212404.820:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.312163][   T38] audit: type=1326 audit(1757212404.820:2078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.323125][   T38] audit: type=1326 audit(1757212404.830:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.323937][   T38] audit: type=1326 audit(1757212404.830:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.334233][   T38] audit: type=1326 audit(1757212404.840:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10160 comm="syz.6.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  502.825540][ T9514] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  502.920069][T10172] netlink: 5624 bytes leftover after parsing attributes in process `syz.6.1188'.
[  503.142412][ T9514] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  503.142488][ T9514] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  503.142537][ T9514] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  503.142596][ T9514] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  503.142622][ T9514] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.412211][ T9514] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  503.413993][ T9514] usb 6-1: invalid MIDI out EP 0
[  503.858961][T10193] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1194'.
[  503.937359][T10195] 9pnet_fd: Insufficient options for proto=fd
[  504.117709][ T9819] udevd[9819]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  504.398328][ T9514] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[  504.779610][T10186] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  504.779637][T10186] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  505.008008][T10208] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  505.008037][T10208] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  505.008134][T10208] vhci_hcd vhci_hcd.0: Device attached
[  505.044673][T10209] vhci_hcd: connection closed
[  505.045699][   T13] vhci_hcd: stop threads
[  505.045716][   T13] vhci_hcd: release socket
[  505.045752][   T13] vhci_hcd: disconnect device
[  505.327993][T10213] tipc: Started in network mode
[  505.328018][T10213] tipc: Node identity 4, cluster identity 4711
[  505.328033][T10213] tipc: Node number set to 4
[  505.349067][ T5919] usb 6-1: USB disconnect, device number 2
[  505.800323][T10186] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  505.800352][T10186] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  506.040278][T10186] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  506.040303][T10186] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  506.209586][T10232] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1206'.
[  506.428349][T10239] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1209'.
[  506.834455][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  506.834544][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  507.055215][T10186] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  507.055242][T10186] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  507.433263][T10186] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  507.433292][T10186] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  507.939700][T10280] netlink: 5624 bytes leftover after parsing attributes in process `syz.8.1221'.
[  508.081065][T10292] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1224'.
[  508.293663][T10296] 9pnet_fd: Insufficient options for proto=fd
[  508.378006][T10298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1227'.
[  510.117787][T10286] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -EINTR
[  510.166855][   T38] kauditd_printk_skb: 9 callbacks suppressed
[  510.166877][   T38] audit: type=1326 audit(1757212412.660:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.166933][   T38] audit: type=1326 audit(1757212412.670:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.166984][   T38] audit: type=1326 audit(1757212412.670:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.167036][   T38] audit: type=1326 audit(1757212412.670:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.167086][   T38] audit: type=1326 audit(1757212412.670:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.167136][   T38] audit: type=1326 audit(1757212412.670:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.177716][   T38] audit: type=1326 audit(1757212412.690:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.179850][   T38] audit: type=1326 audit(1757212412.690:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff11402d550 code=0x7ffc0000
[  510.179915][   T38] audit: type=1326 audit(1757212412.690:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.189752][   T38] audit: type=1326 audit(1757212412.700:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10312 comm="syz.6.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff11402ebe9 code=0x7ffc0000
[  510.256251][T10313] blktrace: Concurrent blktraces are not allowed on sg0
[  510.568615][T10319] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(4)
[  510.568646][T10319] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  510.568751][T10319] vhci_hcd vhci_hcd.0: Device attached
[  510.572923][T10320] vhci_hcd: connection closed
[  510.573991][ T3632] vhci_hcd: stop threads
[  510.574011][ T3632] vhci_hcd: release socket
[  510.574048][ T3632] vhci_hcd: disconnect device
[  510.615957][T10324] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1237'.
[  511.819674][T10333] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1241'.
[  513.014680][T10346] netlink: 5624 bytes leftover after parsing attributes in process `syz.1.1246'.
[  513.120358][T10353] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1248'.
[  513.314824][T10358] netlink: 60 bytes leftover after parsing attributes in process `syz.8.1250'.
[  513.434557][T10360] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(4)
[  513.434587][T10360] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  513.440459][T10360] vhci_hcd vhci_hcd.0: Device attached
[  513.446138][T10361] vhci_hcd: connection closed
[  513.451342][ T3632] vhci_hcd: stop threads
[  513.451368][ T3632] vhci_hcd: release socket
[  513.451408][ T3632] vhci_hcd: disconnect device
[  513.560358][T10366] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1253'.
[  513.972273][T10375] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1256'.
[  513.972303][T10375] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1256'.
[  515.075678][T10402] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1263'.
[  515.075728][T10402] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1263'.
[  515.535273][T10413] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1266'.
[  516.028250][T10421] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(4)
[  516.028281][T10421] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  516.034337][T10421] vhci_hcd vhci_hcd.0: Device attached
[  516.035202][T10422] vhci_hcd: connection closed
[  516.062204][ T1103] vhci_hcd: stop threads
[  516.062226][ T1103] vhci_hcd: release socket
[  516.062262][ T1103] vhci_hcd: disconnect device
[  516.437233][T10428] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1268'.
[  518.227388][T10446] netlink: 'syz.8.1272': attribute type 4 has an invalid length.
[  518.290718][T10450] netlink: 'syz.8.1272': attribute type 4 has an invalid length.
[  518.587389][T10458] __nla_validate_parse: 1 callbacks suppressed
[  518.587411][T10458] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1275'.
[  518.587438][T10458] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1275'.
[  518.736988][T10463] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1277'.
[  518.987409][T10470] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1279'.
[  518.987438][T10470] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1279'.
[  519.015668][T10473] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(4)
[  519.015697][T10473] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  519.015793][T10473] vhci_hcd vhci_hcd.0: Device attached
[  519.016952][T10474] vhci_hcd: connection closed
[  519.017558][   T37] vhci_hcd: stop threads
[  519.017576][   T37] vhci_hcd: release socket
[  519.017611][   T37] vhci_hcd: disconnect device
[  519.128564][T10477] capability: warning: `syz.8.1281' uses 32-bit capabilities (legacy support in use)
[  521.923490][T10529] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1287'.
[  521.923529][T10529] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1287'.
[  522.251002][T10539] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1290'.
[  523.104395][    C0] vkms_vblank_simulate: vblank timer overrun
[  523.761151][    C0] vkms_vblank_simulate: vblank timer overrun
[  524.106050][    C0] vkms_vblank_simulate: vblank timer overrun
[  524.528126][    C0] vkms_vblank_simulate: vblank timer overrun
[  525.484170][T10581] netlink: 'syz.8.1297': attribute type 21 has an invalid length.
[  525.484284][T10581] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1297'.
[  525.484326][T10581] netlink: 'syz.8.1297': attribute type 1 has an invalid length.
[  525.602134][T10585] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1298'.
[  526.156450][T10601] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1301'.
[  568.270338][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  568.270460][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  629.713358][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  629.713469][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  661.075658][   T39] INFO: task kworker/0:1:10 blocked for more than 143 seconds.
[  661.075690][   T39]       Not tainted syzkaller #0
[  661.075702][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  661.075717][   T39] task:kworker/0:1     state:D stack:20296 pid:10    tgid:10    ppid:2      task_flags:0x4208060 flags:0x00[  661.075717][   T39] task:kworker/0:1     state:D stack:20296 pid:10    tgid:10    ppid:2      task_flags:0x4208060 flags:0x00004000
[  661.075788][   T39] Workqueue: events rfkill_global_led_trigger_worker
[  661.075842][   T39] Call Trace:
[  661.075849][   T39]  <TASK>
[  661.075866][   T39]  __schedule+0x16f3/0x4c20
[  661.075912][   T39]  ? rcu_is_watching+0x15/0xb0
[  661.075949][   T39]  ? trace_pelt_se_tp+0x39/0x130
[  661.075989][   T39]  ? __pfx___schedule+0x10/0x10
[  661.076042][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[  661.076080][   T39]  rt_mutex_schedule+0x77/0xf0
[  661.076102][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  661.076130][   T39]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  661.076178][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[  661.076210][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  661.076239][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  661.076279][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  661.076330][   T39]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  661.076367][   T39]  mutex_lock_nested+0x16a/0x1d0
[  661.076394][   T39]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  661.076432][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[  661.076465][   T39]  rfkill_global_led_trigger_worker+0x27/0xd0
[  661.076503][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[  661.076541][   T39]  process_scheduled_works+0xade/0x17b0
[  661.076604][   T39]  ? __pfx_process_scheduled_works+0x10/0x10
[  661.076655][   T39]  worker_thread+0x8a0/0xda0
[  661.076717][   T39]  kthread+0x70e/0x8a0
[  661.076756][   T39]  ? __pfx_worker_thread+0x10/0x10
[  661.076786][   T39]  ? __pfx_kthread+0x10/0x10
[  661.076827][   T39]  ? __pfx_kthread+0x10/0x10
[  661.076864][   T39]  ret_from_fork+0x3f9/0x770
[  661.076904][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  661.076941][   T39]  ? __switch_to_asm+0x39/0x70
[  661.076963][   T39]  ? __switch_to_asm+0x33/0x70
[  661.076985][   T39]  ? __pfx_kthread+0x10/0x10
[  661.077020][   T39]  ret_from_fork_asm+0x1a/0x30
[  661.077062][   T39]  </TASK>
[  661.077183][   T39] INFO: task kworker/0:4:5919 blocked for more than 143 seconds.
[  661.077200][   T39]       Not tainted syzkaller #0
[  661.077211][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  661.077222][   T39] task:kworker/0:4     state:D stack:20808 pid:5919  tgid:5919  ppid:2      task_flags:0x4208060 flags:0x00004000
[  661.077285][   T39] Workqueue: events rfkill_sync_work
[  661.077317][   T39] Call Trace:
[  661.077324][   T39]  <TASK>
[  661.077338][   T39]  __schedule+0x16f3/0x4c20
[  661.077379][   T39]  ? sched_clock+0x3f/0x60
[  661.077406][   T39]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  661.077446][   T39]  ? __pfx___schedule+0x10/0x10
[  661.077506][   T39]  rt_mutex_schedule+0x77/0xf0
[  661.077533][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  661.077576][   T39]  ? rt_mutex_slowlock_block+0x351/0x6d0
[  661.077609][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[  661.077640][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  661.077669][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  661.077735][   T39]  ? reacquire_held_locks+0x127/0x1d0
[  661.077777][   T39]  ? nfc_rfkill_set_block+0x50/0x2e0
[  661.077803][   T39]  mutex_lock_nested+0x16a/0x1d0
[  661.077832][   T39]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  661.077859][   T39]  nfc_rfkill_set_block+0x50/0x2e0
[  661.077885][   T39]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  661.077912][   T39]  rfkill_set_block+0x1e2/0x450
[  661.077950][   T39]  rfkill_sync_work+0x114/0x200
[  661.077982][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[  661.078013][   T39]  process_scheduled_works+0xade/0x17b0
[  661.078076][   T39]  ? __pfx_process_scheduled_works+0x10/0x10
[  661.078125][   T39]  worker_thread+0x8a0/0xda0
[  661.078159][   T39]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  661.078204][   T39]  ? __kthread_parkme+0x7b/0x200
[  661.078248][   T39]  kthread+0x70e/0x8a0
[  661.078286][   T39]  ? __pfx_worker_thread+0x10/0x10
[  661.078316][   T39]  ? __pfx_kthread+0x10/0x10
[  661.078357][   T39]  ? __pfx_kthread+0x10/0x10
[  661.078393][   T39]  ret_from_fork+0x3f9/0x770
[  661.078425][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  661.078488][   T39]  ? __switch_to_asm+0x39/0x70
[  661.078507][   T39]  ? __switch_to_asm+0x33/0x70
[  661.078533][   T39]  ? __pfx_kthread+0x10/0x10
[  661.078569][   T39]  ret_from_fork_asm+0x1a/0x30
[  661.078609][   T39]  </TASK>
[  661.078649][   T39] INFO: task syz.5.1216:10262 blocked for more than 143 seconds.
[  661.078665][   T39]       Not tainted syzkaller #0
[  661.078676][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  661.078686][   T39] task:syz.5.1216      state:D stack:26136 pid:10262 tgid:10261 ppid:8928   task_flags:0x400040 flags:0x00004006
[  661.078752][   T39] Call Trace:
[  661.078759][   T39]  <TASK>
[  661.078771][   T39]  __schedule+0x16f3/0x4c20
[  661.078812][   T39]  ? validate_chain+0x897/0x2140
[  661.078857][   T39]  ? __lock_acquire+0xab9/0xd20
[  661.078888][   T39]  ? __pfx___schedule+0x10/0x10
[  661.078939][   T39]  ? schedule+0x91/0x360
[  661.078974][   T39]  schedule+0x165/0x360
[  661.079009][   T39]  schedule_timeout+0x9a/0x270
[  661.079039][   T39]  ? __pfx_schedule_timeout+0x10/0x10
[  661.079086][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[  661.079121][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.079152][   T39]  ? wait_for_completion+0x267/0x5d0
[  661.079189][   T39]  wait_for_completion+0x2bf/0x5d0
[  661.079238][   T39]  ? __pfx_wait_for_completion+0x10/0x10
[  661.079279][   T39]  ? __flush_work+0xd2/0xbe0
[  661.079314][   T39]  ? __flush_work+0xd2/0xbe0
[  661.079345][   T39]  __flush_work+0x9b9/0xbe0
[  661.079383][   T39]  ? __flush_work+0xd2/0xbe0
[  661.079418][   T39]  ? __pfx___flush_work+0x10/0x10
[  661.079451][   T39]  ? __pfx_wq_barrier_func+0x10/0x10
[  661.079495][   T39]  ? __pfx___cancel_work+0x10/0x10
[  661.079537][   T39]  ? nfc_genl_device_removed+0x23c/0x330
[  661.079573][   T39]  __cancel_work_sync+0xbe/0x110
[  661.079610][   T39]  rfkill_unregister+0x95/0x230
[  661.079666][   T39]  nfc_unregister_device+0x96/0x2a0
[  661.079692][   T39]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  661.079721][   T39]  virtual_ncidev_close+0x59/0x90
[  661.079747][   T39]  __fput+0x45b/0xa80
[  661.079784][   T39]  task_work_run+0x1d4/0x260
[  661.079813][   T39]  ? __pfx_task_work_run+0x10/0x10
[  661.079850][   T39]  get_signal+0x11c5/0x1310
[  661.079886][   T39]  ? kasan_quarantine_put+0xdd/0x220
[  661.079914][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.079959][   T39]  arch_do_signal_or_restart+0x9a/0x750
[  661.079996][   T39]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  661.080044][   T39]  ? exit_to_user_mode_loop+0x40/0x110
[  661.080080][   T39]  exit_to_user_mode_loop+0x75/0x110
[  661.080114][   T39]  do_syscall_64+0x2bd/0x3b0
[  661.080135][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.080169][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.080193][   T39]  ? clear_bhb_loop+0x60/0xb0
[  661.080222][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.080253][   T39] RIP: 0033:0x7fd1f60aebe9
[  661.080278][   T39] RSP: 002b:00007fd1f430e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  661.080302][   T39] RAX: ffffffffffffffea RBX: 00007fd1f62e5fa0 RCX: 00007fd1f60aebe9
[  661.080320][   T39] RDX: 0000000000005400 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  661.080353][   T39] RBP: 00007fd1f6131e19 R08: 0000000000000000 R09: 0000000000000000
[  661.080369][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.080383][   T39] R13: 00007fd1f62e6038 R14: 00007fd1f62e5fa0 R15: 00007ffffe76d378
[  661.080420][   T39]  </TASK>
[  661.080430][   T39] INFO: task syz.1.1246:10346 blocked for more than 143 seconds.
[  661.080446][   T39]       Not tainted syzkaller #0
[  661.080457][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  661.080468][   T39] task:syz.1.1246      state:D stack:25496 pid:10346 tgid:10345 ppid:5837   task_flags:0x400140 flags:0x00004004
[  661.080545][   T39] Call Trace:
[  661.080552][   T39]  <TASK>
[  661.080567][   T39]  __schedule+0x16f3/0x4c20
[  661.080628][   T39]  ? __pfx___schedule+0x10/0x10
[  661.080681][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[  661.080721][   T39]  rt_mutex_schedule+0x77/0xf0
[  661.080743][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  661.080772][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[  661.080820][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[  661.080852][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  661.080883][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  661.080940][   T39]  ? rfkill_register+0x37/0x900
[  661.080971][   T39]  mutex_lock_nested+0x16a/0x1d0
[  661.080996][   T39]  ? device_initialize+0x266/0x450
[  661.081038][   T39]  rfkill_register+0x37/0x900
[  661.081076][   T39]  nfc_register_device+0x14a/0x320
[  661.081109][   T39]  nci_register_device+0x87c/0x9b0
[  661.081146][   T39]  ? __pfx_nci_register_device+0x10/0x10
[  661.081178][   T39]  ? __rt_spin_lock_init+0x3e/0x50
[  661.081205][   T39]  ? __init_waitqueue_head+0xae/0x160
[  661.081240][   T39]  virtual_ncidev_open+0x134/0x1a0
[  661.081267][   T39]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  661.081291][   T39]  misc_open+0x2c2/0x340
[  661.081326][   T39]  chrdev_open+0x4cc/0x5e0
[  661.081363][   T39]  ? __pfx_chrdev_open+0x10/0x10
[  661.081399][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[  661.081439][   T39]  ? __pfx_chrdev_open+0x10/0x10
[  661.081472][   T39]  do_dentry_open+0x9ae/0x1350
[  661.081509][   T39]  vfs_open+0x3b/0x350
[  661.081557][   T39]  ? path_openat+0x2ed9/0x3840
[  661.081590][   T39]  path_openat+0x2ef1/0x3840
[  661.081629][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[  661.081694][   T39]  ? __pfx_path_openat+0x10/0x10
[  661.081724][   T39]  ? do_raw_spin_lock+0x121/0x290
[  661.081766][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  661.081804][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.081843][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  661.081889][   T39]  do_filp_open+0x1fa/0x410
[  661.081922][   T39]  ? __pfx_do_filp_open+0x10/0x10
[  661.081948][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[  661.082008][   T39]  ? alloc_fd+0x64f/0x6c0
[  661.082059][   T39]  do_sys_openat2+0x121/0x1c0
[  661.082084][   T39]  ? __se_sys_futex+0x36f/0x400
[  661.082115][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[  661.082149][   T39]  ? rcu_is_watching+0x15/0xb0
[  661.082193][   T39]  __x64_sys_openat+0x138/0x170
[  661.082225][   T39]  do_syscall_64+0xfa/0x3b0
[  661.082246][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.082298][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.082324][   T39]  ? clear_bhb_loop+0x60/0xb0
[  661.082356][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.082382][   T39] RIP: 0033:0x7f1a5d68ebe9
[  661.082402][   T39] RSP: 002b:00007f1a5b8f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  661.082427][   T39] RAX: ffffffffffffffda RBX: 00007f1a5d8c5fa0 RCX: 00007f1a5d68ebe9
[  661.082447][   T39] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  661.082465][   T39] RBP: 00007f1a5d711e19 R08: 0000000000000000 R09: 0000000000000000
[  661.082482][   T39] R10: 0000000000000041 R11: 0000000000000246 R12: 0000000000000000
[  661.082498][   T39] R13: 00007f1a5d8c6038 R14: 00007f1a5d8c5fa0 R15: 00007ffd0cd78298
[  661.082545][   T39]  </TASK>
[  661.082557][   T39] INFO: task syz.6.1255:10377 blocked for more than 143 seconds.
[  661.082575][   T39]       Not tainted syzkaller #0
[  661.082587][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  661.082600][   T39] task:syz.6.1255      state:D stack:26728 pid:10377 tgid:10371 ppid:9092   task_flags:0x400040 flags:0x00004004
[  661.082673][   T39] Call Trace:
[  661.082681][   T39]  <TASK>
[  661.082697][   T39]  __schedule+0x16f3/0x4c20
[  661.082749][   T39]  ? __lock_acquire+0xab9/0xd20
[  661.082799][   T39]  ? __pfx___schedule+0x10/0x10
[  661.082867][   T39]  rt_mutex_schedule+0x77/0xf0
[  661.082891][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  661.082939][   T39]  ? rt_mutex_slowlock_block+0x351/0x6d0
[  661.082976][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[  661.083010][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  661.083044][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  661.083073][   T39]  ? __lock_acquire+0xab9/0xd20
[  661.083121][   T39]  ? misc_open+0x51/0x340
[  661.083159][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[  661.083208][   T39]  ? reacquire_held_locks+0x127/0x1d0
[  661.083257][   T39]  ? misc_open+0x51/0x340
[  661.083289][   T39]  mutex_lock_nested+0x16a/0x1d0
[  661.083329][   T39]  misc_open+0x51/0x340
[  661.083369][   T39]  chrdev_open+0x4cc/0x5e0
[  661.083427][   T39]  ? __pfx_chrdev_open+0x10/0x10
[  661.083470][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[  661.083516][   T39]  ? __pfx_chrdev_open+0x10/0x10
[  661.083560][   T39]  do_dentry_open+0x9ae/0x1350
[  661.083603][   T39]  vfs_open+0x3b/0x350
[  661.083643][   T39]  ? path_openat+0x2ed9/0x3840
[  661.083679][   T39]  path_openat+0x2ef1/0x3840
[  661.083719][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[  661.083790][   T39]  ? __pfx_path_openat+0x10/0x10
[  661.083823][   T39]  ? do_raw_spin_lock+0x121/0x290
[  661.083867][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  661.083908][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.083948][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  661.083999][   T39]  do_filp_open+0x1fa/0x410
[  661.084033][   T39]  ? __pfx_do_filp_open+0x10/0x10
[  661.084062][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[  661.084128][   T39]  ? alloc_fd+0x64f/0x6c0
[  661.084181][   T39]  do_sys_openat2+0x121/0x1c0
[  661.084212][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[  661.084241][   T39]  ? exc_page_fault+0x76/0xf0
[  661.084300][   T39]  ? do_user_addr_fault+0xc8a/0x1390
[  661.084341][   T39]  __x64_sys_openat+0x138/0x170
[  661.084377][   T39]  do_syscall_64+0xfa/0x3b0
[  661.084401][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.084443][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.084472][   T39]  ? clear_bhb_loop+0x60/0xb0
[  661.084507][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.084542][   T39] RIP: 0033:0x7ff11402ebe9
[  661.084564][   T39] RSP: 002b:00007ff112275038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  661.084591][   T39] RAX: ffffffffffffffda RBX: 00007ff114266090 RCX: 00007ff11402ebe9
[  661.084613][   T39] RDX: 0000000000002642 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  661.084633][   T39] RBP: 00007ff1140b1e19 R08: 0000000000000000 R09: 0000000000000000
[  661.084657][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.084674][   T39] R13: 00007ff114266128 R14: 00007ff114266090 R15: 00007ffd46d589b8
[  661.084719][   T39]  </TASK>
[  661.084755][   T39] 
[  661.084755][   T39] Showing all locks held in the system:
[  661.084768][   T39] 3 locks held by kworker/0:1/10:
[  661.084785][   T39]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  661.084859][   T39]  #1: ffffc900000f7bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  661.084934][   T39]  #2: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  661.085023][   T39] 1 lock held by khungtaskd/39:
[  661.085038][   T39]  #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  661.085128][   T39] 3 locks held by kworker/u8:11/3201:
[  661.085148][   T39] 2 locks held by getty/5594:
[  661.085163][   T39]  #0: ffff88823bf7a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  661.085242][   T39]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  661.093917][   T39] 4 locks held by kworker/0:4/5919:
[  661.093933][   T39]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  661.093997][   T39]  #1: ffffc90004f97bc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  661.094060][   T39]  #2: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[  661.094122][   T39]  #3: ffff888031bc00f0 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[  661.094934][   T39] 1 lock held by syz.5.1216/10262:
[  661.094949][   T39]  #0: ffff888031bc00f0 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  661.095004][   T39] 3 locks held by syz.1.1246/10346:
[  661.095017][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.095079][   T39]  #1: ffff8880399940f0 (&dev->mutex){....}-{4:4}, at: nfc_register_device+0xa1/0x320
[  661.095132][   T39]  #2: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x900
[  661.095206][   T39] 1 lock held by syz.6.1255/10377:
[  661.095219][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.104790][   T39] 1 lock held by syz.7.1283/10490:
[  661.104814][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.104895][   T39] 1 lock held by syz-executor/10555:
[  661.104909][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.104981][   T39] 1 lock held by syz.8.1303/10613:
[  661.104996][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.105062][   T39] 1 lock held by syz-executor/10669:
[  661.105076][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.105144][   T39] 1 lock held by syz-executor/10686:
[  661.105158][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.105229][   T39] 1 lock held by syz-executor/10739:
[  661.105242][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.115511][   T39] 1 lock held by syz-executor/10802:
[  661.115529][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.115598][   T39] 1 lock held by syz-executor/10835:
[  661.115614][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.115681][   T39] 1 lock held by syz-executor/10838:
[  661.115705][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.115771][   T39] 1 lock held by syz-executor/10839:
[  661.115787][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.115852][   T39] 1 lock held by syz-executor/10841:
[  661.115868][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.115934][   T39] 1 lock held by syz-executor/10843:
[  661.115950][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.116016][   T39] 1 lock held by syz-executor/10849:
[  661.116030][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.116098][   T39] 1 lock held by syz-executor/10851:
[  661.116111][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.116181][   T39] 1 lock held by syz-executor/10853:
[  661.116197][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.116264][   T39] 1 lock held by syz-executor/10855:
[  661.116278][   T39]  #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340
[  661.116347][   T39] 
[  661.116354][   T39] =============================================
[  661.116354][   T39] 
[  661.116380][   T39] NMI backtrace for cpu 0
[  661.116415][   T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  661.116444][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  661.116458][   T39] Call Trace:
[  661.116468][   T39]  <TASK>
[  661.116480][   T39]  dump_stack_lvl+0x189/0x250
[  661.116526][   T39]  ? __pfx_dump_stack_lvl+0x10/0x10
[  661.116564][   T39]  ? __pfx__printk+0x10/0x10
[  661.116608][   T39]  nmi_cpu_backtrace+0x39e/0x3d0
[  661.116645][   T39]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  661.116681][   T39]  ? __pfx__printk+0x10/0x10
[  661.116720][   T39]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  661.116757][   T39]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  661.116793][   T39]  watchdog+0xf93/0xfe0
[  661.116833][   T39]  ? watchdog+0x1de/0xfe0
[  661.116874][   T39]  kthread+0x70e/0x8a0
[  661.116916][   T39]  ? __pfx_watchdog+0x10/0x10
[  661.116949][   T39]  ? __pfx_kthread+0x10/0x10
[  661.116994][   T39]  ? __pfx_kthread+0x10/0x10
[  661.117034][   T39]  ret_from_fork+0x3f9/0x770
[  661.117071][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  661.117113][   T39]  ? __switch_to_asm+0x39/0x70
[  661.117136][   T39]  ? __switch_to_asm+0x33/0x70
[  661.117159][   T39]  ? __pfx_kthread+0x10/0x10
[  661.117199][   T39]  ret_from_fork_asm+0x1a/0x30
[  661.117242][   T39]  </TASK>
[  661.117252][   T39] Sending NMI from CPU 0 to CPUs 1:
[  661.117285][    C1] NMI backtrace for cpu 1
[  661.117300][    C1] CPU: 1 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  661.117321][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  661.117333][    C1] RIP: 0010:io_serial_in+0x77/0xc0
[  661.117356][    C1] Code: e8 6e 83 7f fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 5f bd de fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f c3 cc cc cc cc cc 44 89 f9 80 e1 07
[  661.117373][    C1] RSP: 0018:ffffc90000167890 EFLAGS: 00000202
[  661.117388][    C1] RAX: 1ffffffff3275600 RBX: 00000000000003fd RCX: 0000000000000000
[  661.117402][    C1] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000
[  661.117413][    C1] RBP: ffffffff993ab850 R08: 0000000000000000 R09: 0000000000000000
[  661.117425][    C1] R10: dffffc0000000000 R11: ffffffff853edba0 R12: dffffc0000000000
[  661.117439][    C1] R13: 0000000000000000 R14: ffffffff993ab5c0 R15: 0000000000000000
[  661.117459][    C1] FS:  0000000000000000(0000) GS:ffff8881269bf000(0000) knlGS:0000000000000000
[  661.117475][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  661.117487][    C1] CR2: 00007fcd8115421a CR3: 000000003569c000 CR4: 00000000003526f0
[  661.117503][    C1] Call Trace:
[  661.117510][    C1]  <TASK>
[  661.117519][    C1]  wait_for_lsr+0x1aa/0x2f0
[  661.117547][    C1]  serial8250_console_write+0x11bd/0x1b40
[  661.117577][    C1]  ? __pfx_serial8250_console_write+0x10/0x10
[  661.117598][    C1]  ? console_flush_all+0x13a/0xcd0
[  661.117622][    C1]  ? console_flush_all+0x476/0xcd0
[  661.117645][    C1]  console_flush_all+0x695/0xcd0
[  661.117667][    C1]  ? console_flush_all+0x13a/0xcd0
[  661.117703][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  661.117725][    C1]  ? __lock_acquire+0xab9/0xd20
[  661.117756][    C1]  __console_flush_and_unlock+0xa4/0x240
[  661.117779][    C1]  ? __pfx___console_flush_and_unlock+0x10/0x10
[  661.117814][    C1]  legacy_kthread_func+0x13b/0x1a0
[  661.117838][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[  661.117861][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  661.117885][    C1]  ? __kthread_parkme+0x7b/0x200
[  661.117910][    C1]  ? __kthread_parkme+0x1a1/0x200
[  661.117938][    C1]  kthread+0x70e/0x8a0
[  661.117967][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[  661.117990][    C1]  ? __pfx_kthread+0x10/0x10
[  661.118020][    C1]  ? __pfx_kthread+0x10/0x10
[  661.118049][    C1]  ret_from_fork+0x3f9/0x770
[  661.118074][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  661.118100][    C1]  ? __switch_to_asm+0x39/0x70
[  661.118117][    C1]  ? __switch_to_asm+0x33/0x70
[  661.118133][    C1]  ? __pfx_kthread+0x10/0x10
[  661.118162][    C1]  ret_from_fork_asm+0x1a/0x30
[  661.118188][    C1]  </TASK>
[  661.118285][   T39] Kernel panic - not syncing: hung_task: blocked tasks
[  661.118304][   T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  661.118334][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  661.118349][   T39] Call Trace:
[  661.118359][   T39]  <TASK>
[  661.118369][   T39]  dump_stack_lvl+0x99/0x250
[  661.118407][   T39]  ? __asan_memcpy+0x40/0x70
[  661.118436][   T39]  ? __pfx_dump_stack_lvl+0x10/0x10
[  661.118494][   T39]  ? __pfx__printk+0x10/0x10
[  661.118537][   T39]  vpanic+0x281/0x750
[  661.118578][   T39]  ? __pfx_vpanic+0x10/0x10
[  661.118613][   T39]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  661.118640][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.118700][   T39]  panic+0xb9/0xc0
[  661.118737][   T39]  ? __pfx_panic+0x10/0x10
[  661.118778][   T39]  ? irq_work_queue+0xc3/0x140
[  661.118815][   T39]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[  661.118851][   T39]  watchdog+0xfd2/0xfe0
[  661.118891][   T39]  ? watchdog+0x1de/0xfe0
[  661.118931][   T39]  kthread+0x70e/0x8a0
[  661.118974][   T39]  ? __pfx_watchdog+0x10/0x10
[  661.119006][   T39]  ? __pfx_kthread+0x10/0x10
[  661.119051][   T39]  ? __pfx_kthread+0x10/0x10
[  661.119092][   T39]  ret_from_fork+0x3f9/0x770
[  661.119129][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  661.119170][   T39]  ? __switch_to_asm+0x39/0x70
[  661.119193][   T39]  ? __switch_to_asm+0x33/0x70
[  661.119215][   T39]  ? __pfx_kthread+0x10/0x10
[  661.119257][   T39]  ret_from_fork_asm+0x1a/0x30
[  661.119299][   T39]  </TASK>
[  661.119662][   T39] Kernel Offset: disabled