last executing test programs:

29.321110012s ago: executing program 2 (id=1978):
sched_setscheduler(0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20efff00000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

29.210405128s ago: executing program 2 (id=1979):
syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x48)
syz_open_dev$video(&(0x7f00000001c0), 0x6, 0x0)
pipe(&(0x7f00000001c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="340000001000000000000021b100000000000000c59f2ecc39afaf4019a5e69024b0762b", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e640000000004000280"], 0x34}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000000c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6, &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x38, &(0x7f0000000180), 0x0, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x7c, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000000)={{0x1}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "77746a315690a576", "07f217bd2e511e465bbbd5de32b495b2f9044677d4d588360663af84db44be59", "9bbf8c07", "e0e0ffffff000024"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", "5d362ced", "bc3a20b10f4ad11e"}, 0x38)
close(r2)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f00000022c0))
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
r3 = dup(0xffffffffffffffff)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000040)=0x2)
r4 = syz_io_uring_setup(0x7acd, &(0x7f0000000080)={0x0, 0x0, 0x8}, 0x0, &(0x7f0000000440))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)}, 0x3)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(r4, 0x7f5f, 0x0, 0x0, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@cgroup, 0xffffffffffffffff, 0x2e, 0x0, 0x0, @prog_fd}, 0x20)
socket$inet_udp(0x2, 0x2, 0x0)

27.632834529s ago: executing program 2 (id=1985):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000001340)=""/102399, 0x18fff}], 0x1, 0x0, 0x0) (async)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0xc0, 0x0, 0x0) (async)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1f, 0x5, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) (async)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, 0x0, 0x0) (async)
r3 = accept$alg(r2, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000b80), 0x0, 0x8004) (async)
sendmmsg$alg(r3, &(0x7f0000000480)=[{0x0, 0x0, 0x0}], 0x1, 0x0) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @match={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x8, 0x1, 'cmp\x00'}]}}}, {0x28, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CMP_OP={0x8}, @NFTA_CMP_DATA={0x8, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}, @NFTA_CMP_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xe4}}, 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffea}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r5}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
symlinkat(&(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
lsetxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='system.posix_acl_access\x00', 0x0, 0x0, 0x0) (async)
write$nbd(r6, &(0x7f0000000240)={0x1000000, 0x0, 0x0, 0x0, 0x200000, "82b0cfc4337965941538be02000000000000000000007400a391793ba7f40000000000fdf700"/48}, 0x40) (async)
socket$netlink(0x10, 0x3, 0x4) (async)
io_setup(0x7f, &(0x7f0000000100))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

27.416519559s ago: executing program 2 (id=1986):
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, 0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r2, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r2, &(0x7f0000006380)="c66dd220cbdeb68f27c1f98bf43fd861bcf841572658a3308737983b31a434673f1003eeeb6d9b934bcd19cf754f4882114d61e15354449f763f772e86c9e2252731f7a098faad2accca3e470845b32918bcf530f9474d3cd610d9028cb7b247d3a73d887719f70554d8976c10784c8073e521a80b5ebe7501d6c3b6b5cf9a498a1e97b8201ac756e5f35d71bdd4d196e73cae0cc34c7140cde8380de823e8c76662f0844f549818b5ef6c732b8f412b79273508b69f2e6a653709b4d9bded080b6c15ca5c5b8ff23309e05d460dfb40403f60a3e5a0e1d4e1aa59d53823a047427673267e79d40fdd6f12ef696fe22887d24087373f64987e48ba20e7f47d1f08871e0c22a02593156648fc106c4529d8cf17c71d473f4ad43992b1cdbf5cfaaf1ce401d5ad8b9c6bdc3c60a88a91c52f5aae74a5d25e0cd738fd80169a98b84d4d24a7e86c9d8e4c3e3ff1a9fc44a87558aeb7acbfec13a26a4b121b2cb9ae628c682aa4c44311c45a673bab25880665d6cdf589e5c5415794c4fd6b940e7a44df93a34a684183581c850fbe97ef8c1de852ea836e0db1a104b498d6dd8fdf65c606e772de2e9dfe46a418fac3c0bdd72916c951e3df04f2ae85839305be2a86aebcf4898b6e49c27df6033ad2b8651279ceb20c779716240d3d0fef3bb6c417a8c6f75398a91942d8ab11f21f5795767650a96e246c7244f8e4935e9c01349616a098ae810487d657fd095beee05a36812f39f4266f25f4508e80f19a4aec7116f1d8bc48bc2c1f0f96ff34b66a965d428852766b78f1e7eb0260bbb355cc0859af6988ff7efa0b3fede3d5f2f2147ffae4a5eb58a7585b596270334c360a1547787a95634e13d59bf53f51f48e75a6a3e48f8348f4cb495d9699dfdf8cc71668c5b9622578100f7163394cb3171fc8a6c1e7f88f08b8c3cf4b0cd9a1bc16bd1488ebe43199d97cdf4bbcde8a06a79c5af6ff2ebf1a04add74830cfac0b946514b18de249e934dd8a1a96fce085320fa857c853480170208533acd3d41c4384a932eeccd4ce7d09827efae4c0d19d00c5b48943c4d877017be59434dae6bef767fb9ffd073c2261b06c0f23a0c77a5bcb1f5738dceb6abee00bd7c649f6ebc64b4b8b948319a22ed4add48eedda8a2cd1bad6799e1d9ed778e5ce22d5fead0cd06806cb4b7b5661f9db6bcf9ddcdc9e49e0e6a8ec98fc42c660d5d75311fb9c9d06074611ebbdbea45672dd78760ed92d0e95c1d5ae234d674dc3ffaeef3d928aa4b93c0fe55fa886bd3f2371a5bb22c4dd6b8bc13250490cf279d4e56b646dec4eaa53951d55f602c1f4081d49316f6bcb35aad0453b44c7f266e99838683404859bc372d1df5f1512f35558b3706b32093b72a78a40c8a188852a0b5aca11a34ba23195cb598ca595f243c260392cd793b65dda856f81be1b54d873a0366407ac26687262d6bda693e058f598bde80e304c83dd0c2fd0e634ff15e1ca4e2918bfa8e3a626aee7b5e445aa7fae096595fe58032c993eb06ce49c1045b1f132f2c90d6e23b76076838ad7ed7a6a74245d7ad72b38bdc04e458d3908d1d272f23fe18f68ad746e5440cfbcc3b7ad477dccd6fb2db536df0e4d24480d2765e724ca06cbde7e01cd32e36681796a454c801adc1b25b501cc4aaae778f3783dad15d12e656b09bb3d8f37efc86cc7faea5e51913902faed79ae5973f4413e275f78e7e66099f9e41bd73a07445a780dde0b189308e3b83d1a3cf5aef2d3e11fcad930eb6c60ebb899b22cdbd539412b2371d28a4331394d8f29d8b16f94ffd91d4eb5c278e7f6b4024fcc7af9dfde1b3c915b06dae683760fad05d6638c6389fdd19a9b12956c11e9b9ea7d30e09b13d9f681e012f1e41746341a61b71ac6c333b29883ca2cd1aaa3c02e66c85de1e3b2b7e77b0dd1469ab9db5c17beb2d33862db20fd77de685a1e70ba55b0d9cf4b2d3d1196196b5317324e5f189605baa37493c9586b7e475865b4bb21b335e8b291b9dea17f6afc1cd84618b189567817511de821a866a00b62c62516b716cf55dcf7f5b7d7520306fe03f00cc61b7dc297886459d74bedb8ac1d05cc506db74d018c877da735481c318224fd06f349b59f69b0d2d017c817e5a1f934d263789d418eb69c772d923b01a6a4a6afbba4a6980fbf7cddd84f8e4392eaccb98cdd30488919ea6d492d32f9ca4233649117474f4116f6ca4cb762d524c0f92bbb40d3f430dbd50dba20adda8b4170a73c3b66257c412311a7bd3ea3ecca0da47a7a00ef0a464ee0a4b2402b61db833f3cfe1847b9630de47f331d575f6e3c6fb44a9021700c6d8055ea982a05a5ba6a91a41e7445fdba7ac09202fee733a5c216b3c3090991225b98178508d1985832f8e7dae58482ec0fa2215c935bd0ef9f03c0ed3caf97bf4de023605aa8535f1e88e841471bd8842084c6715a3fd3acd07ec9c43f635e5f868d82cdc6f9424ed978d39e72cc92535c2637164f15e9a67770389535ba46cbf786189562908872274ba126b313bd1c0780e9d0ca38956d1277b58f04eaa1f97ed8c6c83d9c05df0df8b43da930707a84662e480a33d1868edc9ff65368d51fda828ad29ecbd3b2cc0ddb0aad251b4736f872ba5f066617a9e9675ed7f80685544af44c677b9d39a1a353984ea4ccbf36d759b490f8dcd5621e573baaa2c03ef367f543ca5d36d1c9d33d4762bb0b1e02ec67d3511582d69b06a57d15f5260fab5ed8d9361948eabf88d9e776a18c5c4f2d42bb46373861b613db9a91ccff8fbd563ddb37f0738fa1723c23c85cac0f9eb53a41d115fe0339eed3167f59b2f2f0739cf9c0ba5769b18a213d5809bccadecee6e781811bf584c22a6557516d12bd58420f5c67c673fdf0888ab31edcee3198927b5b87a63f89f7a07d1da8cb946f0a87e7d3bb455c888f394d17694378446c9073e54368564dc546b6c930ae17afcc8360cb2e31d87ad8923f60033aa637a399707398ffa51645ab1d9963c29375c834746004ac16d24d8f006e9674e45da3d938de524857c57fd39b22678f39096309527ed22c41677a65a67dc0998a8babc9cb688a56628d09a732773d9019d92399415e93852a12d66ccbfa571837b7689c7cc50026ed643a89c8f1bdef6d01016e6e1c21bb779db52c2254f5dae40ff173943ba62ce343ec035d93d5c92c64884d654777cf6995dd0c485c7c132db383769ae1f35f1980654d2b47e92b1862f653eeb81ada4eed6c9d0fe9da3d7db5dfb4d66b2d576676beddc4394ade2acf55f9ec24aee7c4c77138e799f62deb19367ce226a66715da515479b176c9ca06c739566d279142ce2163b8835c840a3de6e2d275b5d5a948b26ec8faa6cf322c5038fc00fb0a27f0b76b5e305780c9145e99feadf571bf8d87dc93ea0f8ff3bc246b16d4e43256507abc7ccc92e113a037ab13855058ba1e0770b90f52e0740c157d68963b3d236f681454589385c6124bddf948c5aa2e147a3543c301dc6d82acb504f76239c890b7d3d76dbd7c26445ab6fe66f9f71d95f4f0d6c51533ce4b05353ef27178f6b6813366189ff4cc19cc5c9f7aca4d6b6f3b5b213e828cbf8b8b5cacb42ade1fa2594cc4ccd3457a45a5b19926f17b9061c9072fdce96afbd3f2bbecc6dfbdf9d9b3e1a621e65a7cdf0a97cb0223b220b39a88b7414ce91e5fb52f3c9c7e10199ffc8fad826d40a798ecaebbd8881c1605f986bb0af06f416280f63f3a3c28d399d13c21e6d79501cbbfcc9483a73a931e91358807fbebefd39b466cb9f251fa4fc7d5f4fd2d87d4604c9750593d3a801b963085ad7aaa91e023977742b728d292b046d0bd49f81717a686f10096e154681b85aeb81a26fa8f46bf3dfdf5dc7c7ca37aa3da37e53a105be5935640baff476453f53ffcf786894eac35d1933a5e97fb9b6d975f9fbe7914d09dc948d305005eb4aba3a9b8cdefb30dbb3300f46041db06567956ba4327280721addb17425a2b223e81bc41467cb413cebbe16818468eeb5b24b6cd79ec4787f693f3c301e5dd10747bea13bf042d6fde42d18c48fec0e3e43454799da1d5501130fc98917fed27d696ae85a39debdb67d5b3d70a82a2097095476e24211757626c91a29e917796766bc4016456c4acf0436b6c02055778ce7f34e605264f7d6d1321072c4ba341866ac6f78e9b99a30478eb7f09a17f4fb3e23184e878c2f60d2c18617185007841778c7c256750a287ec0bbdd20bd37ab50538e43a5929456d336fb46a04593765b2692ba15e7b71b97788970a7903e12088211098bd356132862a4d586508b4aac077d3acd4f77c67d9066b436d14b20d3e2870cb19cdad5581de2e08da761fc95755c43cf0dc2cff84e6a3a8fa2d0390fcfee285a133b37ac7b2fefd0d3665b1705784187e228579680be97982194329136fb72d8b61cdeaa88f3dfc835ae22167c0130529fe81043b0e1c3aebccb1f4aadc28cb484f850158504439d389d1e559ff424217dc031d422a8b7b51731db75dc541e16fed8fae14f58c1f9c8d0fb91a685245ba558c1aeb243aa728db51c3f3aa6d8f7a4a547b8d95018402283a59a45173e7696f02304954ebfb43c2215f180c8e47e433e5262e279fdb63405c81b0f128b7d6a095ff5f85690331d94d34923a3e8beef5cccbf7b208b2a0aa898f9a32b2f1bb55aca4eaaefcdf09acd871f4b88feb535be87dfdbb5ad45ff3c26a2765230011d90baa4b5d5baaac5519f9013c8fd497d57083403ee6eb0c4e23428cf3846bd34d69840d021196f9a9a4fc101016fe2d4fbf4ec23c11e9d737c5e6d2cc3da7e0981c00ea9df07ed88ab05b7821033b2d311f2fe0525176660d0a33b0eb23a57f5b1d41e2c1698ac7bfe5f59c27792f899fd39610052b705862e798a27084450edfccd180a13d8adf8072430e9305f41b0a67bd1784b6ba9450b1e872794e0b7b55b22a2f649f83270b98d0a0137694fec0d16ec2ebf37c72d9398d231a71e40c912428929a29a433dc0fdcb697f64e07540da92067b1b5a7735fb7fb8ac8da2591fa44b676bbaa32ef5e6cc11f1b2ab3b262d9bc4b2082e081ee50fe71def63cf6e2d588bb8d66a8daa8c8a30ca07d2956463e1affc76003e4bacc632cdeee50098fe80cd7485fefed6eab639d8c42a1357fefae5a5a779fad536474e3bdebf6aab699552e807ffd8a44030f439756748dee9ddf19a6cbf5f75307b03c5ef4185a31a41583fb4ca3699e06319371c5d932d6e5f4e1bf77c02c70564d2140f7510e183ba2fa7ead8a9b8cfb085a9d0fa7dbca7561bd9dc1e5c1a1da0322982ff29c0fa2cc33bea18646445cc59b44965a01570b7b739d730df8f1f2cfe3558e7102de13994d6745ef8f91965265fbe0d29c3f381e1eb9c63242962a4409ddb0a4946ef9ce5b0eda90f8365362681943247a0d87d9b7fbbdd26d4902be34068499b6e2ab2ea746634402e1065c8cb9c32a211d10fc2796f1a7045c59b9cbc4771dbf56a5c38303f93951194d06a1b8cce31dd4869a148ae90a797d09de168e47974ed9699eab3a6424781f481d03cf1046df28b454af02df72c0f56c693343a82f7f383afb3ac452200ff155444010f6c988de71e3fb6f079bc6ac2bfab6ff451242b7e3e70578b8206529816764206d47115cda77b3e356e54f825ec745017ea8c3dcb412523b754b951d19fc075ec66012cceff51da925af9079f547e840c3f2774239cce5fd6533f3ee8d194812de2d4499ef18c4bebfa8d7273307d7aa0ac09e6ebfd95ba99946a585a4bd4afef8bb0b52857e8415a32b42e0a9ccb0749599d7a43cec793b22c96b3de91534c905456b25a5972124b83c7d8f0520cd71c5544e49afab26cccacdb7e112f0af1acbcb2b68760c7538aa6c990814d7cf7bde5ddd618bfd55bfbdd968e53e28f94042fafa2796b5bf2d1be612c81dbafbf90b0728b4b06fe216aab91b8898780ab06cff75be5239c39ac836dbdb5482222e61ff5971ea492c5b5ef509720fc886f8a07a9232653d427d176574c99d65244f1618fdaab109f732e1e1295391a25f9b750c9761bbceb81d316d9f9dcd555afb762191b7e173f06a4d8f4d97ab88b9ae19f6c85c361b8b5cbe91a3493cae594063ed457f3be99772485b34d3308da4e751e58a14cf7c771d8e5be77f88c7567af095caae1eb83d259cea709ea5441047ce96f0e21faf89ed491bba5d0dcc6bc33a07237fbef2fe671447ce14e16a1cae4361938767ce65ecfe0c63e1261cce5fbf603a2537d21b50c9a3a3ed6a7cf112a0586a653b43f813912a226aa4722f7edaf8dda5553efb22721dc71924aa73bf232c2439b1d806d3beaf157442643c81ce2b551b82d63cbcd4195029e2f63aef127ed4df0bffd41665d87213512557ce90ee54fcd01078a6a19085bde6a0343595f540b1ff610bd7a5a2d695bdc5e508cbf544d15cf5920b3e405ef4e10e6651c5ffff039adde2f805143b78916188fec05cadac443c93447d23bb25b0a0cfc787754a20f7efcdee5798de939b758f238f15c23f2622b8ed682378017c8f251dda0261baa33c6262d42d6365e68e85d43a46d92aaf04acee203c09487755df49f07ea1129782b1be0feb6f011bb914266fe2cf5361c377fe33a491089f701ac61bcab2bfa3bbe8bf7b0b834dba1bf187ab78fca751b57f1bddfc670c80d83c34c3461d823d7762b45ff0accc3af21b38137276d4e4d7a5d0a075902865f17f084cfa94cc28f70ee7296e216401b172184df0e060dd61be91efcdbeb03b4a6699c88a16ebb18f3e938cb458a377e29a3f3cbdaaf121e278b691c02b6f0dc775510840b3970b1f905b421a1cb376043cc7511e70e94cc63941ed0f864b4118592878538e12e986b9abaaf2ed588ad5f0e5e0851ffc29ef21aed080eb6f35fa10052f27767d0ddf3fea5a08c14657d68a9c3e6cba422d93a6aff222c40eee9f3c9fcb03a310453b616a80c48646f7d196433736fedcfc2ff4fa1a43bf9f8fc0a0660cf9f79fd0d8e106591a2319cff5eb0a5be578d178e0e184a9eca92991ca63bf1e9c5b1c56dba3c836975a74d9eb9b763ce7c5dc753cde77fb2d048e3656a15f9aa7f9dea249c4a3dc0456b64533513e69861fcb9f4348d78acd5b8ce1f3c41271b8551ba4d5754fbb123862236bc94192a5306c29adb2b0b053cd7d4deaa1be6c61f75bca27b53765a7356dd34a48437d5e5b356d48db64749243fea9b1f44e4625fe7ce820dc9f1a6022d77198e6e917cd4f5e23622d5b3b2fafd4f9be0b85db21371f5d35c7c651a616a8351a02dbfa74f9d273a0eb7d2ab9fca254bd28509b3d6f5420108cabc42d9a5670779dfdfb78afe74cd87fdf8e3be937e6c6981eb88156f5cbc91e4b92f8d65a151ee3307cce381dc189c54a29d21c9fa9f512c50dbc9f1c0ddb43b6b10d5190b8169f9e06f7c60a2103c9c30540e0d1cab8358cf4ddf95d5e26fbed636b2f1f474b7d10426afb5aa21948f7486e0df5275ffa6c091c46c3868703c4e30e1a15a8d27a708b6d5fa7d123f1524c221fb93b5f9f8d87b0286de38c6112a05d1f07706923b531e335db326ff756acf6cf9a5e5352953d112a842d7b2f05d296f644b01bca413f2686dbdea6b2cc6dd8115e22d832af742eb801ee61f6b90f93d227b694fe474385125801d6eb58867c15246faa6c0a1cae0b05f104fb2e97476c73a79185796e0c26bb1b59527aba4b79db6ec99f1650898b996e068329d17b94730cd6ab79a3d77d80e5ed78eecc7d680b5425231357f24c46fd01732052eb18737634915131c7ffcdb0b48a35d8761c402ff5b56aa1a9080b46836e4a888c86d7a260fb6cc2f3b9f68d52201531220bbfe0e7b2890a390acb33831fa1126b88dceb126a555181edbfa4680cadb08d38abe00c91980ce68ab58274ec28eaa697f8a4d7d6db744d8c9daac2035d40a5eb565e12c8be5c2bc1d725f713d45a03ac14ceaf91bb1c5dddcac87553b9d22e23d738742e3bf994412ab153f66ddea53a35c9ec19c555a49ae1aea112a70ddc10201258536ba93ae0dc7fb60d51ffbbe9e96eb8eeea6878e3784dcd686fc0db4516249cdfcb9f6d880fdcf8f86cdadd23ea7455b3b7e3a0e8affc9b61be59814f8e32175c869adaf7dbb5acb4c994e2269d2657011e8751c5c0e6e97e9eda4e8e6c309e842c8ea01c20de3c5f4f6372cc8cb7cdf2b0e3519155e4c662fc8572c36d9d3b7eb3ee19e985bfab9eb20e077c20dec4172e584357cc54f9cd49742e0b31d1fed87812f19efa9ae81ebebb021df0c280aa9790d2f1acb94b38f268ca7861b1da63cbb86daaeac3a5b067c86fc532a1db230a29578563f16dee5b4267f9d474c81c9ad762216452cb3a37c8ed44cbaab2e4b9a9583b134da3a64390fe5f76946879a1757d127e6e10b3b3042de48189350d844ede16134c770dba47cf56483cc14e2cfc93fc11f47cd33b06b720f531efdd1ff1254966b68fc46645ec3b45c2a60427e69ba1d710f25571522ba90622315f9f0cad33f8b1a1053a45aa07964892621ecc9256b7c4e21716e546c235fdb618f339b55c377a30b61a9add4e3b5657e3433a6feaff5b67ef34771ae6d04449b5228b6b99ce7237996b307613d14602d76f21a58a55cdc71a1f348ca18265634f094012bf4eae241df634d7424de578eb4c4199de382f2795c17eefa11ac2ad4625be7263373de4bbe189d42fa51953652d433323b9e6110f00c7cb44e4e7df1e6e1cc421c5cc5e78eac4009824d73b4bf0a0340ebd883acb90e928f6034d6a44edee021abc40726df358ef83429351f46aaf10b63b0a5f4c68bdf4e425f8ce7c6a8ad95dc4874836a56a298f586a602ad7b33350fabaacfda30b80210432dc6b59cb807d50782399624d624bbb5e759c09daec8ab3afbff204f62f94754e377cca96b00ba4842d52d8f12a5ce7d1dd81b760c1c5392f739d91f8bdc8c290090fc6e3221ee69abd2648b6c7a818e8a0d04ffd83464f7b26002e4d5614392848205fc0e766713e4c65f46ec2f9d221e98fdeaa5c329d8a0e7481690164fa1ad829ce9dd2eec2fe92231b33415c3f564161353ea7f823e3dc97c9e905f40d693082be719aff77b3b35a832ed3fc16e3bf57305fbabfbbadea1d33ece1f05ba482d3dcc391e0c709c02c335a6289a8deb035fd5b99edde61f0d936631e21251eb65c1dc23574a7a8f9ba8fd0b6c958ee146954cdab3daf90c17ffe92aef5390b4e19d32fef469e9e60ef8ea16af6b66dab7de1d6ddfeeb602cd69d8f32e4d5f06bfaebe7f000d62abc793ad34d77d1369c63785e93c2ff205769589011208ed6affc73dda9287bc8f4d9e27d33038b699431f56285f92fd9f02e78745fcdca4a4840dcfc307bf8f1806146d954ed5ccc8a66edf2179e2a5356624b3b30f8f78839ddc9940794acce40290e5eb73dbb52fe1c633e88d1492aedc69b351912a0890b63eda0d8756a5b7c47c740fcd73a0f419fa363fbf0cd3fcdd38f0fd055627932c998421f086ee0cbe0520b2f2fd6d38fce1575a2c90fef9f81aa23fc7c4c5625d6f46fbfd02ac31cd1620a92c43b7884e4a050e5ef5bb9b8f9825a159bb0370c828519ef71090e09ab43ff2bd2cc75563fb9073eadcfd869f0d9b6986e4320b1986ce3f19a3f5dce202f8c13757726e5d6a9fc9e2b0b357625362fb873709fb307ee51bc58494857fdd3811f6a8aee0086b0a62da4e327c698e5639e373567d5eefc76e0d6725272527cdbc01a2b40e7511ac986e32bb7e48558756dca3b944855fd9dfdbb2358a52e53769817cad50af13d8a5941c41f6bd121cb267acdc461c500855c6f6c0750367c62dd32fa41595a6070e728f1915bab951e5536ff8230a0608ac96c2e19a5c1415209a3774c091174f575bc937d544d495370294aaffc5e6be76364c7a212bbb4ec7f3bd38db75a159b68e2b3075ae6bb68ffa02e6bfb42553b505da20f133b2855572b7e6f8f3de240d9ab1ff32b3d9825f087774f4932024be806b78f059d4b3b40414df456aef405d1cffb2f3604834dae38932d830298df7045d404f005f5edf81061850808d4998f6ce80bc7569081765875d908d4b6a0edcb434317543a4f5954a5e0e5b7c4da75cb369e2810e2aebf950b973ad3380bca5d0de8311e59a6ed3f01d8f7c1b39060fddc7ac1febe659626ed7ad27dcee7b3d409b9f84e4f55ceb2e462f55627857f8c485c35c9abdc2fa87c4281365790ecdf1971f3a285ea0bb2038ae91d927729f4bf847bf0fc724b002cb029d2a57b89218bd4a763ab01902b7b48cb609cf3b9ad8fb568aef0ceff20c5def1a4faee11d33d304e2227b83f3ab06f0b9fa5502b1d9c6fe2a34bf9abb9a5b13928800149488cead47e48c754c75a061d5ea8a515f7f55611b0c048b88c9772ca4b1eb3d6fc931801990f1611e9b1171223527dceccfe8cfd72600a88a8486e088e21c30b997af1b60b55bc5443cecb18c2dcf54dbca3ac34f10ad2be9d755679519bb674b42904be579df62436bcf06de4cfd636d592840d674d11195edeb4dfe61370e9a9453378957fdecf2115ee008224fb8c97fcd051ddb1ed8d0419b950f2cd085bf1debaafb2a46cf65be863939cffde741797fdf64c17f3b447464be0e6bb90324c4c65b3cf66958a15d537a1675dffbc4e41f7a6c92ed27c5ef0dd0dcce6f96225b4e0ece510ce00f9611e395215e116026499dce3417cee3fbde0106b2a6fbd5937423124f6549c2206afc2ad1df5bedcc5e1371ed2b9f09f76576589450b09dd990811c59c3f848c1a4fccdfe686968903edffbc010eb73f55ac5a675fa3db70db12c826c8b7360617d8abeacefa6e2a8da62e4f304543cc9217fe1b0ec4fb044ca849802c4a140b91cc056d566c8670e4600941a54b2eb8643ff206c3401c0bd9838a025545227ae3e6bcb47fa3dcd1b40d8a0917f63744fb1ec2b72211c6cfda13248b2d0b4232e4fe7015cc42d4928f07ca9161640102f22236cca7ca3b81ffc81c4ff20532b5203e0d94771b8d0ec70e637135fdbb788fa8b4704e11d3c6083a45f51efd8560c0e63435516586aa82eaa998c140767d3ce35491e301c12f74583c61cd4d2ef1caa6fea3e353637cdeb3332d964155c9d32f826829a7174ab06c44e32063e46ce742b7027cffb8999302b602949c60496a0bf3c7cdf859d4ba51102674414867af614cffb88ac177dfbdb6131f7370dcb851002cec1742fb1561257716850c9ed3b075a6c023bcf05b5d580ac8e5d7ab7e5b1723212c681989e5f91958b635e0d076634584920c1b98d7f6ea0ddded6be9eb74de778b3c57c36b18e0c56c3a051014e09fac70ce6a7b0f042f5eeca8b8885e500bcb41f6fd974e5f6888859abdf3600706a3de9fce060c3069600c63106aff24210461c5d3423fa4e350041fd166902ad86bdba8cf965917f7e3ab019e1911d8013dad576465319c4e04b89b5ee1d07f54705718592d6aa453558294743daa8dba33159fb0e291829ac220562b007597e067e5f65841563673b69cc1d549f50e9efbdf256d797fe8c7d09596c167a45d", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
close(r2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r6, &(0x7f0000000040)={0x18, 0x0, {0x1, @local, 'veth1_to_bond\x00'}}, 0x1e)
sendmmsg(r6, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
epoll_create(0x2)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x80489439, &(0x7f00000002c0))
kcmp$KCMP_EPOLL_TFD(r4, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)={0xffffffffffffffff, r1, 0x2})

26.223602835s ago: executing program 2 (id=1992):
r0 = syz_usb_connect$hid(0x0, 0x3b, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000404355220500000000000109022400010000000009040100010300000009210000000122050009058103"], 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TOS={0x5}, @IFLA_IPTUN_PMTUDISC={0x5, 0xa, 0x1}]}}}]}, 0x44}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40000002)
sendmsg$inet(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x1)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
syz_emit_ethernet(0x0, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x1c0, 0x0, 0xb, 0x148, 0x98, 0x148, 0x98, 0x242, 0x240, 0x128, 0x215, 0x3, 0x0, {[{{@ip={@broadcast, @empty, 0x0, 0x0, 'geneve1\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0x98, 0x0, {0xff0f000000000000}}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0xec010000, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x220)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000440)={0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="000005"], 0x0, 0x0, 0x0}, 0x0)
r6 = syz_clone(0x0, &(0x7f0000000000)="8e2b94df919cb2a9bc31d911e1a1b03df36da15cbdbb6ba2ecd6e653175dfabe9450922b45acca79fdb01aadca852b0f86afb9e63c93e9c68308aca0726a862b743c5ebed13bc32f626339cf4e4d50a4acb673035b1c0157ed035a69fb05b22a533ef9805df3b19b75f4329475704f35b5b6f1c3ce46e921eccd2b817dc8356e67d8802111a69fbd8c3638e8d305355da16d00b0c9af6facb9afa66c6c64a84e858438d5422823c355ee5db1be3debf0351708ac37602d1f68cb0875dc05a98370462a5192c4f5ff6f7907d1c56bfa284673fbf7072f665693db5a39a329778136e672e717917b2517263a8eb6c30df96fbe2893a51fadc0653c8d7c6d40fca176fc45f136dce70e6e785df247eb997af7512c17cd49fd30d4f110f4a4e9e219675e92e0925d736ba16ad496352e7f7a9a3847f7c48d22f59f9c505f3792c2b8002603aee0178f0b95fd6bfa3b9715dcb474a9d9e8af494c8d7368e2765885335586763eedf9932dea7b124663e6df3b2f8f9aa7b2f34ac108c3090039bf31e3bd79f461fcdb87427a79deddfd44034c69e0fd0a23a7dfa2ffebce0a6433654946f1f847cafe61c1650717271d16a58141ccd467209eb66e25e37d9d354a6e8cb49ec992e4164166b20c4f70c0cc55831aacb769d27540e05bf89ad2b1bcb4d2ca47408db60b373f2394c9ae56c844c4dcb95125ce2025962d8f079cd1b9445de9139d32c8c070782a995cdd2869d33a2e628ccf3bb1624f74132db4a3c9f5f4b7bfdffab047db191984f54d9b28fb01793c7b82abebcb3bb06c38e52643a0272d00ec368497dbaed3c566727ed073953f06c03f9257f626f8d9fd9e82b2caa40748533a769a58067e66844983269679a0f7e333fa599c8003d0cf29a45da4748bc1bae0537d6d47722270d38564cfb892776031f4e6a10b4b271a5147846f7788c89ecf46e6d7410539bb1c58b5d811ffb9f45363cb564ec5c071132dcf41f8c03b4d315ad13a2c635778f30d85802443a56298d9cd382d34de8dcc39f53bbd5c9acdc90f7133cd1693e16ed7e7195540caf7093d26b8f0efca013612ff16c949148e934df1e47a858b41c5d9bdaa7a74f2bfd493f6e0d844330f39e2d2ec438058b31e9330b0d2c87be5f2209df13b68b3b6e62a169d6ef474bd987612a932e8eb2493132611e361eafaeea9333d0fe556949255315841ea6141d4b37b72e99284f7f61c7a65649e56cc44891b2dc1f53460218373cb2df78f5b29326640fdd732d875906ec53dead866055823d73eadd3b97e6e76720ce4c282a765481dcfde9626404984f13708b62155e85d6024ec31a2867e8f3364b46e1b3175dde82e9875f8e24df7f840cad706d4f90c0a70875be20024a59242ef6d57b2b23f683d9e37065e736110b3a713bc8a113c42a49e59a4f071ee1433b9e49e46a23c3060463811c1089ee81df807f11e4cb78058961d7caf3104600a5e02287710484a5e193e85a3ebd45c93e593a3cf05385506f038c28594d4110cca634e96afd470bb82a8406df26156c102be221361bad786eb3911f2b438bd3f736986cca8ed90262383895c52c5aa82da473e6a3d86b5a04b1e5432a87fc9d977cc0b6f0d7e10e480d42e10685e8de4b1ecdcf6522e68b93953b483615caa75aa22be8d48f94a053f99093d164a2446d14a350178d8de5cd59ed6b8983faaea110654a408b201676d406c1821d796b1ca39b79f570b5788267ba9f23cea77fc109a01ab319d819632423b367d91ec04646041dd1781f7fbb4fe69fb45156c5bdac264030e81b4ca6d3c29ead748301a6d7401f6fb7a4e30193b8c758d5eecaddd691a1fee8db04193e34ed7816b31c361d7f536fc906d8d047bd65e71240191727260dcc541f6b1a1be01d2f7c8a127a0acd2257dc929b0857ab27d93aa51458b04f435127884209a7acc5ee399b342cab42f608a52680518e3581c53339eeeb5e980213c2aca36f8fe3de863585192555cbe2b0dfeba789737ba592706cc82586e855209fc6150a45ee6c8aa733f0b60a51167c08509305bd42c5f6f6e8b0fa7131fe87debc270", 0x5c0, 0x0, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r7 = accept4$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000600)=0x14, 0x80000)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000640)={0x1, 0x8000}, 0x4)
ioprio_set$pid(0x1, r6, 0x0)
close(0xffffffffffffffff)

25.895291019s ago: executing program 2 (id=1994):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000004c0)=ANY=[@ANYBLOB="04000000000000000208"])

24.302753583s ago: executing program 0 (id=2007):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000040))
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r4 = getpgid(0x0)
r5 = syz_pidfd_open(r4, 0x0)
pidfd_send_signal(r5, 0x0, &(0x7f00000002c0)={0x4, 0x0, 0x3ff}, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000004c0)=ANY=[@ANYRES8=r3])
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x58, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)

23.950826386s ago: executing program 0 (id=2011):
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x9c)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x8800, &(0x7f0000000080)={0x0, 0x0, 0x20000}, 0x20)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x205)
io_uring_setup(0x396b, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x400000000c0201, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r1)

22.543485301s ago: executing program 0 (id=2013):
r0 = socket(0x22, 0x2, 0x1)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000001000))
r1 = epoll_create(0x8)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001900010000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000002"], 0xb8}}, 0x0)

22.064499897s ago: executing program 0 (id=2016):
r0 = io_uring_setup(0x66a, &(0x7f00000002c0)={0x0, 0x0, 0x40})
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004700001c00822d275701907864010100ac1414aa1000907800000000"], 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x2, &(0x7f00000000c0)=""/205, &(0x7f00000001c0)=0xcd)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000280)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000002a83c53c655728c13e000000000000040000000000000000000000000000000000000000000000000000000000000f1120a1909a4b000000000000000000000000000000000000000000000000f7ffffffffffffff"], 0x68)
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000000240), &(0x7f0000000080)=0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x262c2, 0x0)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x801, 0x84)
write$binfmt_misc(r4, &(0x7f0000000040)=ANY=[], 0xc8)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$l2tp(0x2, 0x2, 0x73)
close(r5)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, 0x0)
connect$can_bcm(r7, &(0x7f0000000140), 0x10)
splice(r3, 0x0, r5, 0x0, 0x8003, 0x0)
close(r2)
mq_open(0x0, 0x40, 0x0, &(0x7f0000000340)={0xe7, 0x709, 0x200})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
getpid()

5.575893824s ago: executing program 1 (id=2073):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="440000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000e023fa11800b00010067656e6576650000140002800500040000000000000000807f6a2564eab6163855d7c4a7d11a6d14d9ca03cd76b686e1db46d3a55d838bf18744"], 0x44}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x4, &(0x7f0000000040)=@framed={{0x46, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x88}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, 0x0}, 0x90)
r1 = socket$inet6(0xa, 0x3, 0xff)
socket$rds(0x15, 0x5, 0x0)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000000c0)={0x2, 0x2, {<r2=>0xffffffffffffffff}, {0xee00}, 0x0, 0x8935})
sched_setattr(r2, &(0x7f0000000100)={0x38, 0x0, 0x4f, 0x8, 0xfffffffb, 0x1000000000000003, 0x201, 0xa19, 0x7f, 0x9}, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, 0x0, 0x0)
r3 = dup2(r1, r1)
setsockopt$inet6_int(r3, 0x29, 0x4a, &(0x7f0000000580)=0x7ff, 0x4)
syz_80211_inject_frame(&(0x7f0000000080), &(0x7f00000005c0)=ANY=[@ANYBLOB="88bd0100080211000001080211000000080211000000650058481c004e41080211000001080211000001fa0059ef9734e930fcc97d16580ca2fc23195f9143f7e6e84044a22657ca3310e3c22182e676b5a7958a5929163244d7aa262aa518644bec26ea9de1b8e807a1493c16c1c33e77dd2954de93a26bbb617491400499a00658da48a6de271f743b0447b5c97d7a39450d2003bcd49b1e1dec5b53144c6bb847af062f83f333736edb0b184a622214c47f61616eb003e41653f54619b8f0ef95183355d5885b3cd76556b93aa8683c0689e20e5ae0c4bd5c68da14ad47e14cecd1223cb45e6ba8fe03ea11b78f27bccf4f9cff9a4a10584c65ac758e727181a27189a0e36ee840767e7337db27655a8138f19417a05fdcb08f18835ff9a172cecaadb1060802110000010802110000000400540234db00000802110000000802110000018a00e9c797ae0fa52fed5f736337f4aee2ffc4b9fd3ce0a11bad19f531603311e67a06c17d62ef9e27de91bdfdb1d35a41fbc9f7b445385b50ac7b76621e36f0888618f7dd43d634b9c647233f511fa93a3fc07da774bdc9a1bbf79411aae9f52a1c6b036f4255a27b1de7c59836ae1e206c72317f9ddecbc00006e2ecad080211000000080211000001bc00b9b0a6b854c162651c8fbbc417a036551cc6b7981f80c64b670aecd64ed2253c72012442d34ca4722920435664cad68ffdb36b87e76c70154c52e90e7801d1f61b908965a18965dd58bbfc79a231dff163b3caf5fdf8a07ad444a0eaa7240f03a112351917991aa24c4f9f974f50b9891c92e9a602072565a60dec42ccd5ba061568ae32109d3a984e5bee786fd01c1794b30625a866f087d61565ce92ac18fa0665e1f44e152d7e274e1565c43739f888aec137517cb5ece8c2b6740000080211000001080211000000e70055b4d99a971df4fbe39971bc0dce2472b714c15b592e415cc36b3d9fe362a0212700c24a9b1493d5ccdb56322dcf6be0c4018ec96c6bd5bff492ebc2dbc7826b59991c1d7e96b4c8a14f1f036f8b277d9ae304844cf72d1dc79121fbc8b0403daef70f5d76469f3b866b51a2a0cb4d5e81802228ffa7e7c38f167b976bb1368ed6adb99b0bdba0e484275d0158da23e5ba9bf2ebd4528c49f3abb043935b21cf877be61fca8553dd52399a5924508d4b0a2bf44373f85dd8ffb529b44497310675eeb5255b6173cd63aaf8fefa5cfd76d56405aecc5aad92e4b3076306e1419db9053da609174e000000080211000000ffffffffffff9d00a9ba11737b3f57760cef750a2eb76698c5bed9abc6525b723dd7336ff13dc5ea508a8d15723f7b7049a7c323e9420cd4f3027c06717ccebe9839cf5c09dd616eff1774869b2dc23fad8ab3bbb35d9954e30129addb05ce28ef6d87f15429dac1b83c6d4b620ddf5478ce432f3e046e56f3f7123f757726dbb805be744106e240a503f000ba556ccc27180297d097153b98cae8b862f0c277cb7ac4cf8800ffffffffffff0802110000018b001da9c0564a9766cbdba6c770d525ea5e97dd96605346ac37b8a9d9af6fc7e3c9b13e953e14059f91d1bbe73e10e82c498cff4d2f6dc890186a87f8420b8d7f1b262eb9e0759c91cc76bf204cb871ffcc5219075ecaa7383138054de02daa94e5d3a45083fa3a9fa99123759e3f30c2b8beb285b1586f0f2791c259ce4eb6e87f47f63daff95e79623dd97d000000ffffffffffff080211000001c0000a91a27e20718c0d833f117fd7ba7ca40f1a10ba77a1772488c0a6726fabf31b18117bec7d221055da08db09c8c35d8b1cf9b25b9c3c1fa4a55970b40b9d9a197224c3003ba777716dca27c9b0c17c24186ac95436d38009f96182df7ea5c6a3452417017ca007e1bbedce7326ca430a04abacb9f0b92fe3a139b86174ea28f138f67742dc73c82e1a947df6e67444b011db31c19be5a03ed9557f3afaab387824065f36a49c8b4c3fcc572639e1b0b479a80d7f6f576c6f77dbfa9d74d9763f00"/1454], 0x5ae)
write$tun(r3, &(0x7f0000000040)=ANY=[], 0x46)
syz_open_dev$loop(0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r4, &(0x7f00000010c0)=ANY=[], 0x1a3)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000001040)=@security={'security\x00', 0xe, 0x4, 0x380, 0xffffffff, 0x2c0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x388, 0x388, 0x388, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x158, 0x180, 0x0, {}, [@common=@icmp={{0x28}, {0x0, "1cc7"}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "1d690bc5b89a75de27d97d34b5191cf75d2a081a89c67c594960698b3d6d96168df60228b01004b07d9aaa6b8c47fdc12745df74202f53dbfefbb9e7da97c56bc5499063b3f69a1371dd7251d5c79e0a7a0407be532c464ee4e021738a54b2b02adb701042be73c45b203ee36a1b8d5d0d0a5911b50f9814fe82fa46b7afdac2"}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e0)
r6 = socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000001440)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, &(0x7f00000003c0)=[{0x0, 0x1, {0x0, 0xf0, 0x4}, {0x0, 0xff}, 0x2, 0xff}, {0x2, 0x2, {0x3, 0xff}, {0x3, 0xf0, 0x3}, 0xfe, 0x1}, {0x0, 0x1, {0x1, 0xe}, {0x2, 0x1, 0x7}, 0x1, 0x2}, {0x3, 0x2, {0x0, 0xf0, 0x3}, {0x0, 0x0, 0x1}, 0x0, 0x76f7ecbf1ecf9058}, {0x2, 0x2, {0x2}, {0x1, 0xf0, 0x4}, 0xff, 0xfd}], 0xa0)
r8 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='iocharset', &(0x7f0000000180)='iocharset', 0x0)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a37", 0x1c)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, 0x0)

4.55014249s ago: executing program 4 (id=2075):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400120000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

4.299912556s ago: executing program 3 (id=2077):
sched_setscheduler(0x0, 0x6, &(0x7f0000000280)=0x2)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0x8, @private0, 0x8}]}, &(0x7f0000000240)=0x10)
r3 = socket(0x0, 0x803, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0x8, &(0x7f0000007180)=0xffffffff, 0x4)
syz_emit_vhci(&(0x7f0000003040)=ANY=[], 0xb)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$inet(0x2, 0x3, 0x2)
r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000300)={0x90000010})
timer_create(0x0, 0x0, 0xffffffffffffffff)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST(r6, 0x40043d14, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x4)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000340)="e03f03003f000bfbb4ad18008c6fc9e0e47ec3b61639040000f994f96324fc60100002007199370dbe561c5591153e3700080980fc0b10000300f4dc74b31073963b7ef65b38372f3190b012f3c7ed25", 0x3a}], 0x100000a9}, 0xc0)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="1400000023000b02d22b836f8c6394f91f24fc60", 0x14}], 0x1}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x439c)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040200ca52a65c8576dd"], 0xa)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa)

3.881350832s ago: executing program 3 (id=2078):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x7, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000013007b990000000000000000fc0000"], 0xb8}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99eb, 0x0, 0x0, {{@in6=@private0={0xfc, 0x0, '\x00', 0xfc}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x89}, {}, {0x0, 0x0, 0x0, 0x80ffffffffffffff}}}, 0xb8}}, 0x0)

3.863119904s ago: executing program 1 (id=2079):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000004c0)=ANY=[@ANYBLOB="04000000000000009102"])

3.530991963s ago: executing program 4 (id=2080):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_DREG={0x8}, @NFTA_BITWISE_OP={0x8}, @NFTA_BITWISE_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd4}, 0x1, 0x1300000000000000}, 0x0)

3.494816966s ago: executing program 3 (id=2081):
bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
mremap(&(0x7f0000c6a000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00002a0000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = socket(0x10, 0x80803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="0500000000000000711071000000000006000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000080)={{@my=0x0, 0xfffffffd}, @host, 0x0, 0x100000, 0x5, 0x6})
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000005e000102"], 0x1c}}, 0x0)
getpeername$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
recvfrom$packet(r0, &(0x7f0000000340)=""/28, 0x1c, 0x0, &(0x7f00000003c0)={0x11, 0x1a, r3, 0x1, 0x4b, 0x6, @local}, 0x14)
r5 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r6 = syz_open_dev$sndpcmp(&(0x7f00000002c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r6, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8], [0x10000], [0x1]], '\x00', [{}, {}, {}, {}, {0xfffffffe, 0x0, 0x0, 0x1, 0x1}, {0x0, 0x5f, 0x1}], '\x00', 0x1000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0x8}, {0x6}]})

3.392472901s ago: executing program 4 (id=2082):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f00000012c0)=ANY=[@ANYBLOB], 0x878)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000200)='./file1\x00', 0x454)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

3.134578978s ago: executing program 1 (id=2083):
socket$nl_netfilter(0x10, 0x3, 0xc)
vmsplice(0xffffffffffffffff, 0x0, 0x3e, 0xf)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xfffffc}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f4070009010081000000000000030000000004001e0001000000", 0x24)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x43c140, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000040)={0x0, 0x1, 0x0, "093d4a3b5b7bc69a21cfb7f5eaac460300000000000000a667693addcb249341"})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
syz_open_dev$dri(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r2, 0x5000940e, &(0x7f0000000540)={{r1}, "9380e0c36369de79453b224125507a6e143e3cceb0c2aefeb91e2e09d5999ca86a56fa9c15aeba479fdadb82a4855e696261aced06c42bcf8b746a6d01acc7afea26ae901b8d298fbe1af8fe30846e574372ded55a3ba445d57cb83fad9cf4ad8eded0423669c8a662a9bb72fbd7d13fc3e57aa27c0efa07b2a67b643d201d979ab88871435f804fd13533bb703c4acf0174b47de558cd60796cdc1f76e5f7404cd3d3d211f446c05d944d4aec2198ba702a74c1cb7fb0bf53ba5b97a48e9f62117835a78e8c1a053d8f58bd77d20df86e2caea492603ddfe8e0f7c8651fc6390fc0cb24a9588d93c995d93814563dd78fa2e063f89557d1f1d2901649a27f3dc7ce99049985c135e1bda6d214799015af82067d300072b2440b07bf618be246289112de9af5e23ff0e568c29085f69b2a6e41ac81d3d2511168ec7e9f0ac9b2e1d0c645ae84cb652d4c93374de3e1ab329fd16a1b9231fa5220d31d2a0119a3737facadf8ada4104874fe3f3761e4c2dc1a70a99033917f37ee7e2fb3c65778bdc27414374a79c8144da458524878159da933a149e850b4d3ebc6ce2eaafbf08c97111eccbacda3554675eb7cedbcce710aeb2b2a113d728236d5dd94d16b317ce2a18e8e82377b2fde65d8f9772f95c3c7647e0b821de65b53d67afb96bbe20f14bf6742305f2f4f72dee3f4a699b0882e26f55d596552a3770a0f0f89e36fe68845ea5f21577281b01c197fc60cb277e4fb11e9005c8e45aac0371dfd47db10accc864c7b0cdd084d23b7d05f937ce3b9539ac32549c84b04e04e8c205ac4bbe8b5d6640c824fb9418eaae85fcc61d2e328590516b51b9e52a15f5bb850752c136234d3fa0b77367461f96da46f2de2af4d5c70a7ab5e2f777ed4d8d4094e18d6b685584b7a3059137022b51230bada69b07bd8621a053c7ebba6051af7623c4b394e2e73770ecfcbeaf7529d013e626a6d6b5a7000a21f0e852388719b4bac424c2295f2b7a01b3ea8d1b466102e17f7841d9c8989e921aa43a3f9170ec94e4c39a7dd8bd1ee1c8e0f47b64666bc57c492a4bf1091d99b2b9154c9ebe6e5835b0138eaa319c2e7f1c2f731a844549a5a49106a10e0ab2cdc48c1a71f281e2aac8c8a9e04069a1d9e68370a2af5b508be505fe78a5af5be001589d79798a33daedefcf251b8125e243cf5a5c9f8e9679b4cad6cbbdd73214957d74d689d942f6be7c2dec64b96d84425b5d9ebcefff73290933445ad50823d34c38550eb98bff58ee85252e79b43973a0f59cf6f33bd598238592a9d8c9945920f2d7ec4118aa1ae5effa4c74752d0b60889e7c62a020db555e1606dca2ea3e814f86c4074bd0f186619ff8148171e4dbd846c3377661debdd552772ef8e9a6e5c970cdfcdf08c0cbc6716519e36c60395eb712dab7381ed83902d40a4dae25c3ef1b136f25368e35e5f8cb4e61f11170e4285ba58ef6f872b4927159cf9bdce57c89ddac0373be8d893a18b108992b44238d6b4ece58e2a970cbbea61eef41863cdc60c05cac726938f47baaa679ce30a2f704721d264a43b5658a35c8a68344c7e8839de72ac86accfc32e5f243e63d79e591b14782b7dd1c23a549141997c42b221c7dfacc3b9dc0e4023b59da6f5052219cccf52128f510d9b1b32a024e5c730b4932b1c7230e644db7a56cd28ef7a6ffae096f4b3fab474b5bf669af33011c1da5df23d64418950edd7a33e909d56b9689a23240b6b890dc55db0c096f326928ebb4b4d1ca34329d057cb03febc236ec7c6ba37a107e41e811b8e1df16d09afe2d469f7accf1cf6083c0f70c4daafdbf2f0995dc1d43dcf5f2fd4f5a5349f7fddd1669a3c911d1e01c731daa18e82bed9cbf1b8bc5885611d8badbbcd35ae5946a002381e360723dea906effd3bcea9338263ca5d6be5a4202056d5f8f1adf51656cb7dd39c8edf701a8b4d4d6066f5c2ddd339bcbdf1bcb06e5a3b6cff0bf6c67745c005b51bd5c8d4722fa9d0876ca8d7cf9dfd22a0676936e1b5b32fcc9cbbbd097e300f82a2c6ae7957dc198a91299efbc769209ca2224f9ca025ff3de30c8e0f02dc75d97bc04b98aabfa809fd90da5525cdf876cefd3d59e0725423a6a4005918b3f3bedcf561a148faa64cf502c278a5d054fd6ec65cf111950eeaa233d9515be5ff0789e6c96d5ed3faf7f1750dd677ad02b17c64d26ab359d8d21b1c67ada87527ed3d50a847f34262b90bb25537838619e74490f156cb49fe258e9da7bc7dc478bf9bb3bbc173bf62201f86f2138426a1c635638384e94c3c2d80e026d6ccadbcca7158073f67ed073332af6f453a04ffe6b5f40c13481ba42904cf83140e2194509248c0f8edf0ae38e1abb35dd3eb9cc1d7bf2ac367480d9e4d79ada196c390b2e721139d7d99bd5e3de3dc8f6d226b65da462239e28c299813ca0710a74d15ef5fd08173da03fd9e96fe20073a80ad3814d0518c3227025b2bc56f8619deaa06b7f1b2dbffd678763c7374526ca804015af72801c52dc1d701892ddfebd5b699d9e81d2a19010f7de482cacd04569a73bc494c64608ee5bcd14f684a3ab936529e540811fb51af923bb5408cb914ff35b29a0168dde669f448c6fea35426ca43b79c5cf454886c6ded5557de5d85a89741b741d8b3e1c91203f3f0eac0544398cf7173f348c3fb181f70798398a0eb8b2aa12cfce59c8c861104160a82cb211de77d25e7b5d79e6202cfc03bd166a7f56d1ef57cc5229e077e82aeec7c09f2bf9f81c519c1a217b6d1d0dd78ff02a935d20877e9966f46b37493ae59620ab04ad5f5d26f8643f31f5bf19d40cc643fd19fcd2bbde0da0ef3640e44e10cf09c8200e942813602af6f0302940d833c7f1270edd3688e2fa21432fa7cf2837b2ba7c7097180dedfb852009f84f4480b7159bc2884bd50193ef38a7291cca97a30153408e1f7230998e34caba48d18322f0550dcade9844f7456373c0e583fadd3db2b133b496284335ef60b3fa373a9233809148d6d8963720ea0c6a6b3c45d8c327e0a24a0acaed8ba8810c96798c205c0fda1dc264c21961735861e21f9bf8e28dcd2e8203f47559839663b9a909cb265add9d3f130b3fd2d00a98c3eff4a2642a829df693b2743bd8e719632121ed028232305af66fdd09796f8a6a925bbcd1b8dda48ded79da27963e3d9e85e61f0663fe2091b8b2a6cf7eede06ac6260b4d21960c618ad8e12f09f176b17cca9b273422aaca9c943a0fce8b0a42bd114ee6733848b51014c8ddff70f89ea15efe105eee942530d0777cc1d07af2b425efad1293e9c5fc14db7d5f2aa7acc4d57b244e58594131f2664c3a8bb32bd6bc339e7f703b7adbffcc6b0c9ab8f7a0044ae2dd253140177245b34e824ea2a782942fd20263fa76f99e157906a94ab0a5ed1487bcb6e852f916aa909f05b0420ce15a31405b3d877fcb3d1cc7513d736f8f540c3dd3ac606a83c9e5e380990c15adf6a010acd28799d20ea825887eac3a8e167f9ea02934a053a47b07e5c568656b69f9996164d726216ef070f7b3e4a1147f7bcbad72d7b6323b47d7aed5bb4807fd8e465cabef22a8d6ec7ae1ad7130a5622f00fdc8b3b4b9691734d04e721bf6951f508446d4ce0f972ccc528a32e7a49c16faa6e21c048000273a669ecf4c53ab6fbc059c8960126d3bdba487c8f812f9a9f55fb7c39d0411ce3368c86bceadab22d2806cb16ce9567c63dc9b5faebd5aad5ca6b46dc6110f8aa469d12f62ceb753643d4f2e030775bd36c183336ea82ff25a4e48fc1ad8d6bca22373e253a7305505dc2928fc874b755ae7d743750d4657fc1ee3727ec52ea0ddbcd528409d32154ff269d4a3a0733a99ddb7c39e592e87e8f77578cebabc1b1290b4b474fda5f721e8aae4122bfc2577ae6f4198b16b34176bd636f08794b76263175fed83a24c9a4da1675d1fb5d1ab9147ef767e62db1b856fa72ef578d1854ec1a21394cff4bcf7818b27f092403097f1605f2e78c75fab7ab6b1d78906b736f4e5efc95d79cb78945be63c163e64c8ec74ee52c7a9904dbe4f203f915b2c367abdc445349fa656ea90b4cc1e0344f4e582f6e5e1cdddad2d00eb7ca7d186a699acae852082e601b6d936a4108073430b301d731d95f7897e1fa58fc946383985b9130bcac3dc204a6dc79827f1644ee8495d77e598ae571e1b9f38b1d72876ce9377038cb68376fad33ee9c1b969c55ce963336a67568009dc1a66eef5794c854a67ce2b30fbd37e6f16d423b2b46d415aa1898562ae1a4b940abccc9b2b37e07c22e2f2ab9f44e355f23da45c089fe676ef418fd01046ae1bfb26f5a952449d5d8d6d1e8377fe1d09793dadae5a03fb0c303a146e94e63c31decc6baa35f5f066dbc9281228b482a0d810c7fa0e7b2b960a6f3529273e505a8e2173eddd4a84348cdbd10df63c3cd0e7f72c0c3cc9b7ab533674459d7f0aaf5a1dd342d3836701798c0532522471eb1082a9743410d971413aac1b39c82dbb5936cb4ae702025783b8e2d9ab8402ee2212bba4facff28dcc1cb5b02393f3d771e9666b6a2caab6f708aac8191b187af4e5b525a3b3d66d40d1b0d96d47d4c0e44e6476134af4cfa82a96dea495be1cd3801425c70c7fe3f297b0858f44df8947ed90c5e6384fa501e1ee9b3ed743381b56221773027b5579794afeca72c7621b20de8208edc827141156cfd28a1b51bc6e519f771a182ba6bbf5077afd76dbb43548b04f1ec86ff9e62146574fca4e5ddaf1e34895379918370d3f7e0efb73386cc83a6d25cb1919acabdf66d8a5ad6a44031f8f2529faa2efa6fc8365e35bd660d8a15b0e7bcb40232b314d1f0a329fec5e03ead4f3c62fe25354dddcdb23b2999950bb2906c93aaeb46793de1413e76f752013d386f0ba5b62731759d3331db36dd7eb657dc6d300ac6c170e24a8938fecab504fafa1acd8c68875362bf3f7acb74bcc3d6074e2615496db14110b6504cee7c92e7b0232c5b08e5812b5639cacd64c5f4cb582ffbd5b9ca5c9a2a7217feef514ce81ad2cf77a9cf24cf2d270dd2d5a9e31a5f268f62fde65b545f64becea384765d72b6a7e88bd5fdc6625b89b63dadc0c548ff9d1ecf0eae96c8dbfe7f80d1d907969f98f48df6092d3c50b2a661d1b39016a8c1ad29c846154fda0dcc8c0da43acaa5aa98ccc1614e490d45fed65641c72a767c1632eeaa06f6c89740f22b5461aac056481c0177950d90efb9693f9eb3bcf8f48048c19507da3348a9397cbe6bf01287fc7dba5e428a2355b5d526a980803dc8b5958bf443acb3a39cfaaa19310d0fd474639db21ad7ec676d2c03ec741193db20b28ace7213c869120fb5ca5bea1bf9e8c9e6f08df6a42304fa5f9db85fecb15af5c126b00e7765851c10c41da819fa57d8f20a991148087db4911bf8578a5d7bf83a80ac7f7b825f2d11e649ee6c429df8d164a863a44b0530d733c258f45f15d2d431df949b5ccc12ae74be05717aa576c35ba72a46b40bdde356d357b4be81a87b6a3caff2b3d31e92f969e8ad3d719ad0f4bd3601e8f5ed1bea27ab0cbb1795f462176910f35ff647f7c4829536cc8de1c617c2391d2345e317db6049226bad90fd1b7beb3f0dedf29217454069c87828b04d3b6100cc4f0cd96ffd8bdd44f3ea44b9192f6487adc778492bae38377ecce92a0013c02eb2ab91d6e50f428788358e5543d5b147abda5228d610b8106d8f5781ae3c61ff1ec14636ef9506406107c831cc6d9b750638980cc304a2d98c6b5e59e1"})
eventfd2(0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
r6 = socket$inet6(0xa, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="0503000000000000000007000000080003007d4e6f16609a2fa244a8b85c6f0a1e882c61db3357bed725d9f08b44c5bd487ca035a7ec993899eaa2a54e89cf11cad52fea0bb83e55e5a8dd4a78a64540fc1f047a339d9c14fe30f407d25e9ef1c21520c439fb0e4fd38d7098b1fb06b21ef0b45a816881afa126cf3b7b8588435cf9ec6d1cafc2f6d5f83397f534b5d30d4f8987903e45950f7cad482e1abc7a0f7f46597b42baa2447b1af0163830979f013cf21364c103cfc5e18ffa17050a5df28372acf61ef12c1ad63b5a7ece284d5b2a97b7f045113d9ead71c99d29b921ce033e1d9ed4c6a8a1113baf", @ANYRES32=r7, @ANYBLOB], 0x1c}}, 0x0)
msgget$private(0x0, 0x0)
msgget$private(0x0, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x5450, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000400), &(0x7f0000000180))
openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0)

3.045757267s ago: executing program 4 (id=2084):
syz_emit_vhci(0x0, 0x22)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f6306644f6f08bbd3ca3229d272acd3483bf3ae4228f7a2b839594856918b10ca47ad4dc249d99c244aba277d101b5ac305"], 0xd)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES8=r0], 0x14)
write$binfmt_script(r0, &(0x7f0000000780), 0x208e24b)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f0000000340)=""/121, 0x79})
r1 = signalfd4(r0, 0x0, 0x0, 0x0)
io_setup(0x4, &(0x7f0000000b80))
io_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000140), 0x0)
r2 = gettid()
rt_sigqueueinfo(r2, 0x21, &(0x7f0000001500))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x0, 0xcc, 0x0, 0xe729, 0x1, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffc, 0x5, 0x0, 0x0, 0x67, 0xfffffffffffff924]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
listen(0xffffffffffffffff, 0x80080401)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4c20, @broadcast}, 0x10)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xac, &(0x7f0000000000), &(0x7f0000000200)=0x4)
r5 = socket(0x1, 0x2, 0x0)
syz_io_uring_setup(0x27f3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0xfffffffc, 0x1ef, 0x0, r1}, 0x0, 0x0)
r6 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
readv(r6, &(0x7f0000000100), 0xfffffffffffffec3)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x33}})
socket$xdp(0x2c, 0x3, 0x0)

2.458823784s ago: executing program 3 (id=2085):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="70010000030105"], 0x170}, 0x1, 0x0, 0x0, 0x4000}, 0x24000010)
syz_emit_ethernet(0x4a, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaafc86dd6000000000140600fe8000000000000000000000000000aafe8000000000000000000000000000aa200000001aa857fabf8f1ddf7fe93fee80044093de42579a0df50f173b3ed8e321fa0b8ae9dfc127ca6653fa1d6fbe137a8bcb14c751830105e2faec39a8c42dde820fc697cd20914a0f34e61ab98259a170d5d08dfe109ac3b14d0d74a199b42238de8e8a7a63ab68423f09da0422365974858fb46473e23081d063ccd6b16e3627ddc4c489927ecca82fd01422907b6ca6c0b173204962a6581d107624e7a8eaae97c57773899cfe99a79dfc46985dc753503b09152f912f51dbac17940877f8da3d13f2a0b81b49b23440adfec6fd39863228645a352d7669d3d1af9cfdfa8f5123c1c655b3ac6d45f325856f35f19b5481dbf898fe4483e0", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000"], 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe80000000000000000000000000003a0c000280050001000000000008000740000000001800068014000400ff010000000000000000000000000001"], 0xac}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
r2 = fsopen(&(0x7f0000005880)='zonefs\x00', 0x0)
r3 = landlock_create_ruleset(&(0x7f00000004c0)={0x0, 0x1}, 0x10, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00'}, 0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DBG_G_CHIP_INFO(0xffffffffffffffff, 0xc0c85666, &(0x7f0000000300)={{0x0, @name="55d8e9c9b46efb8b981ee48b3a76616483968d736afcd9fabaf3a6cfa26e922a"}, "48803535031b4a4767fbc58909d6d54554410e1e0417d17102573c9af90515f5"})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x34}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7c})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f0000000500)={0x1}, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f0000000000)={0x1, 0x7}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

2.077755299s ago: executing program 1 (id=2086):
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
r0 = socket(0x10, 0x3, 0x0)
setsockopt$RDS_GET_MR(r0, 0x10e, 0x8, 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904002c11018b75000905", @ANYRES64], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000002}, [@jmp={0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x20000}]}, &(0x7f0000000040)='GPL\x00'}, 0x90)
r1 = socket$inet6(0xa, 0x3, 0x3a)
readv(r1, &(0x7f00000006c0)=[{&(0x7f0000000440)=""/129, 0x81}], 0x1)
connect$inet6(r1, &(0x7f0000000040), 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f00000000c0)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, 0x0, &(0x7f0000000100)=0xfa)

1.852252814s ago: executing program 4 (id=2087):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x20010, &(0x7f0000000b80)=ANY=[@ANYBLOB="736434eb81a7e80f0e2cb838c03d0000a98e119bc5a42dcd72ab760f0aeea5b4680cfce72e682d20c683e88f223071bd6a1db9e771fc34d78606306bcee183e6bbfde585a66f56648acdb3cb3842922fb2c85e2d08581c8957bf1b1465ff0500f4735e03e59c5d30298a96221c54a190e5fc3185d3c1f6d1f094f39fb5630c83d3808761117b2818d42e4b8fee7ce483deda40295d18f316f6238379d71fae89f9fd5faaee900737c0f2050cd3ed41d1e816bf0c529b9033471e3fe86b14c61dda079b6de99e37fc9655b58433f7f3414992aa40f0014c50e04c1cf2679a20b38d8b807a703f7181bcf8b29910a37f56b9710222b83bc3240e7fa53a582451b7bdd14f482224de222f8c4553947f2ea3afc3a1850a55925fe210c1ff3eba8c473d4f728c9069a43d8e0542e360f6e4a5c97f8bb72da4ad94a075a763eca02aa3f0b1d849d523", @ANYRES32, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB="054808881d72cf85b3f3ce84979634bcef16075adc490e462be481865a23fe3995549b46000a422b8a46a914f9c6633c7ec8ca702ae8628750e8d76a3355afffbd82796065ddbb00871e0e934932c8d18e26d0c915c6ee473c9b82b8bf1fd9e8", @ANYBLOB="2c67726aff705769643d", @ANYRES32=r1, @ANYRES64=r0]) (async)
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x90, 0xffffffffffffffda, 0x0, {0x20000000000003, 0x0, 0x0, 0x0, 0x2, 0x3, {0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6000, 0xd, 0x0, 0x0, 0x5}}}, 0x0, 0x0, 0x0, 0x0}) (async)
write$FUSE_INIT(r1, &(0x7f0000000e00)={0x50, 0xfffffffffffffff5, r2}, 0x50)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000f80)={'ipvlan1\x00', &(0x7f0000000f40)=@ethtool_pauseparam={0x16}})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000000c0)=@raw={'raw\x00', 0x8, 0x3, 0x2a8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x272902, 0x0) (async)
pipe(&(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000400)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) (async)
r6 = socket$netlink(0x10, 0x3, 0x4)
writev(r6, &(0x7f0000000880)=[{&(0x7f00000001c0)="4800000015001d0d09074beafd0d8c560284606080ffe0064e204e20590000a2bc5603ca00000f7f8907000020008d42188fedc22e47ad8f75edc6d100000101ff0000000309ff5b", 0x48}, {&(0x7f0000000740)="1a171751c80677496c650744f5c623edc23177878b62351bef0ef6eabf6275564c7c2a7a19a26482e079a51d9f8d18459be36cb0c4e7f78a88625391d16e9d4e67c0e3377bd876e8db85a44901aebfa868e48734400b545d0b715ff395388b4f39f4eb54536b6ef0b4093e058a217904ba47158ca176deace0b3637c1bc2ed14b65a660a09b949498c086c2567221a26fa9ab57f85a3a58968502f8735d37f794b51fad05f71da1d906ffc66d7627c7e9d5442ea1943193cfa324c9a9efb3c05", 0xc0}, {&(0x7f0000000800)="a9fc5f855591ada6daf29e1352c9b22ec3c30ebeef3b5b5bb6d5ab743875ae147e97149f266b9c75eace14802280d7b9c01bd818", 0x34}, {&(0x7f0000000840)="851421", 0x3}], 0xa) (async)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDDELIO(r7, 0x4b35, 0x3c7)
socket$alg(0x26, 0x5, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90b24fc60", 0x14}], 0x1}, 0x0) (async)
recvmsg$kcm(r8, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) (async)
recvmsg$kcm(r8, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000100)=""/204, 0xcc}, {&(0x7f0000002440)=""/231, 0xe7}, {&(0x7f0000000500)=""/125, 0x7d}, {&(0x7f0000000440)=""/181, 0xb5}, {&(0x7f0000003cc0)=""/4066, 0xfe2}, {&(0x7f00000002c0)=""/190, 0xbe}, {&(0x7f0000002ec0)=""/119, 0x77}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f00000070c0)=""/4096, 0x1000}, {&(0x7f0000000580)=""/239, 0xef}], 0xa}, 0x0) (async)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r10 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000140)=""/53) (async)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000000, 0x11, r9, 0x3a3ed000)
fsconfig$FSCONFIG_SET_STRING(r10, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)

1.28305371s ago: executing program 0 (id=2017):
syz_clone3(&(0x7f00000023c0)={0x20020800, &(0x7f0000000200), &(0x7f0000001280), &(0x7f00000012c0)=<r0=>0x0, {0x3f}, &(0x7f0000001300)=""/4096, 0x1000, &(0x7f0000002300)=""/84, &(0x7f0000002380)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x8}, 0x58)
prctl$PR_SET_PTRACER(0x59616d61, r0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0xb421, 0x200, 0x0, 0x1}, &(0x7f0000000000), &(0x7f0000000000))
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x15)
timer_delete(0x0)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='io.pressure\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {}, {0x46}})
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000040)=@security={'security\x00', 0x44, 0x4, 0x440, 0xffffffff, 0xd0, 0x2a0, 0x2a0, 0xffffffff, 0xffffffff, 0x370, 0x370, 0x370, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private0, @mcast1, [], [], 'nr0\x00', 'nr0\x00'}, 0x203, 0xa8, 0xd0, 0x8502}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:modem_device_t:s0\x00'}}}, {{@ipv6={@private2, @mcast2, [], [0x40000], 'hsr0\x00', 'bond0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@AUDIT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4a0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/stat\x00')
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r3, 0x29, 0x37, &(0x7f0000000080)={0x87, 0x11, '\x00', [@calipso={0x7, 0x30, {0x2, 0xa, 0x0, 0x1, [0x3, 0x10000, 0x5, 0x1, 0x1]}}, @ra={0x5, 0x2, 0x2}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x20, {0x3, 0x6, 0x7, 0x3ff, [0x400, 0x3, 0x7]}}, @jumbo={0xc2, 0x4, 0x10000}, @enc_lim={0x4, 0x1, 0x9}, @enc_lim={0x4, 0x1, 0x1a}, @generic={0x2, 0x23, "6d7bb14b4e28d616719447327884d7504098f86bbcb175a0a6c938025df79c7b559074"}]}, 0x98)
write$hidraw(r3, 0x0, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x4002, 0x0)

927.148473ms ago: executing program 1 (id=2088):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000014000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009140000001100010000000000000000000000000aac24dcfc92bab1bcb1b9cd29e18436947411c215014f9d83f4a7bee35a"], 0x64}, 0x1, 0x0, 0x0, 0x20048800}, 0x0)

755.417444ms ago: executing program 4 (id=2089):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2, 0xfffffffe}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="b745fe0e56752a9cf593eba15e308ce813342025da0b3a510ba5abbd3aa0017998f7b1f63ae00e9b7f", 0x29)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r6 = accept$alg(r5, 0x0, 0x0)
write$binfmt_elf64(r6, &(0x7f00000003c0)=ANY=[], 0x100000530)
recvmmsg(r6, &(0x7f00000005c0)=[{{0x0, 0xf07, &(0x7f0000000500)=[{&(0x7f0000001800)=""/4096, 0x7ffff000}], 0x1, 0x0, 0xf, 0x7000000}}], 0x1, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000100)={0x0, 0x8, 0x9cc7502, 0x6, 0x3, 0x5})

583.896359ms ago: executing program 3 (id=2090):
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x9c)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x8800, &(0x7f0000000080)={0x0, 0x0, 0x20000}, 0x20)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x205)
io_uring_setup(0x396b, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x400000000c0201, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r1)

234.851656ms ago: executing program 1 (id=2091):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r1)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="580000001400192340834b", 0xb}, {&(0x7f00000002c0)="db6dfa07d8098bd2ced64ad5edc54382ee45da9203efd5732acfcc727b53d3079ed06ecae1342e4ec9c8283311dceddf89948d3ef84ff58ffb015760e03187c365999492cb07f544c5f8e72917b4af1e3e47b4655360c078947e62afae62d2ec31a3e0043a888d2096a4fe21b43cef30a6299fda9e752ea4ac9bd768a5a01356f8f5d1dae5c092d7f0fba15747b05104819751a787c6202cca9911ddff6f00ddc9997b", 0xa3}], 0x100000e0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_VALIDATION={0x5, 0xd, 0x3}]}}}]}, 0x3c}}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r4 = io_uring_setup(0x4011, &(0x7f0000000180)={0x0, 0x6e42, 0x2000, 0x3, 0x3d7})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r5, 0x4b3d, 0x0)
syz_io_uring_setup(0x8a5, &(0x7f0000000080)={0x0, 0xc524, 0x4, 0x0, 0x0, 0x0, r4}, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000280)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index})
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001880), 0x400000, 0x0)
dup(r8)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r9, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r9, 0x6, 0x1f, &(0x7f00000001c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x1, &(0x7f0000000140)=@gcm_256={{0x304}, "85406704bbcd6043", "898e9d750bfd000000000400", "a22300", "8ce3a39e3181899b"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x2, &(0x7f0000000280)=@ccm_128={{0x304}, "3a997aae6644173f", "b9c0a8cd2707555d2fd4cc373ac51cf2", "1784fe44", "d3e69d47722a0439"}, 0x28)
ioctl$IOCTL_VMCI_VERSION2(r8, 0x7a7, &(0x7f0000000240)=0x10000)
r10 = socket$rxrpc(0x21, 0x2, 0xa)
sendmmsg(r10, &(0x7f0000000900)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x20}}], 0x1, 0x0)
setsockopt$RXRPC_SECURITY_KEY(r10, 0x110, 0x1, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041706fffffff7fffff40bfe338d969126b404301be4c9b597f365383707df02fa5d0e66b4e30717d764239253f8725c409a121146f72b25c9ff4947fb882d03e96bde4bdfafcef129385084ba6ba28954e526850310472c7bb936746d496efbb24da5bd8260aca749fca60ae19072d0de9ede84b9d616b56e61d5c4ca2d4ce6ec8b8542007f28cc035edac010c318d68f3a7f7eb1f33ac59018433e449b69c6ae81fae87873e447d536f86248ea1f9efc1689096f33835824831e249fc0b89a2d84baae8ce8ec727feace714980e07fed34422372a429ed49ce1c929b73ae96a8906485183e8886665f2e3e252fdfb3cef2"], 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

234.227922ms ago: executing program 0 (id=2092):
socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
getpid()
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r1, 0x0, 0x0, 0x20, &(0x7f0000004ff0)={0x2, 0x4e21, @multicast1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x0, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000002100000000000000e3ff17110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901"], 0x0}, 0x90)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='veth0\x00', 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x72, &(0x7f00000000c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x14, 0x4, 0x0, 0x0, 0x0, {[@mptcp=@capable={0x1e, 0xc}, @mptcp=@syn={0x1e, 0xc}, @sack={0x5, 0x12, [0x0, 0x0, 0x0, 0x0]}, @md5sig={0x13, 0x12, "a4bcbcee95c6179191d2675112a6689b"}]}}}}}}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x4c, 0x0, "01deaba05ccc4fa00711be66bd584ecd190428efc9e569f4b222158b227692cebc00924f2deea371bafa061b8f2959b4b696b22e4881f40a0d8f4c2fdea78893bc2c160df3e41db4153cfd9221d01c79"}, 0xd8)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, "d9b0db7b77b7ea4df776f6b4061440d6ef44477d5b183973aa0ec402b72eed48529a44fe36e91a79344b777fd81334346ff64025e77fcfbc91e29ed9895d69d06e4dc56bbc6a4879d0b34d9b0f0069f9"}, 0xd8)
listen(0xffffffffffffffff, 0xda90)
accept4(r1, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000340)='autofs\x00', 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="c21504239e1dc595f0766418b856f0", 0xf}], 0x2, &(0x7f0000001a00)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmmsg(r4, &(0x7f0000005d80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/127, 0x7f}, {&(0x7f0000000340)=""/184, 0xb8}], 0x2}}], 0x1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000040)='rw\x00', 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

0s ago: executing program 3 (id=2093):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') (async, rerun: 64)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1}) (async, rerun: 64)
r6 = gettid()
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000040)) (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) (async, rerun: 32)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async, rerun: 32)
ioctl$F2FS_IOC_DEFRAGMENT(r5, 0x40045612, &(0x7f0000000200)) (async)
ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r3, 0x4068aea3, 0x0) (async)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f0000000380)={'syztnl2\x00', <r9=>0x0, 0x4, 0x3, 0x0, 0x3, 0x32, @local, @loopback, 0x20, 0x80, 0x7fffffff, 0xd5c}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r8, 0x89f8, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'erspan0\x00', r9, 0x8, 0x7, 0x200, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x67, 0x0, 0x6, 0x0, 0x0, @remote, @loopback, {[@timestamp_addr={0x44, 0x4, 0x7d, 0x1, 0x8}]}}}}}) (async)
sendmsg$IPCTNL_MSG_EXP_GET(r8, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x1, 0x2, 0x201, 0x0, 0x0, {0x5, 0x0, 0x4}, [@CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x800}, @CTA_EXPECT_HELP_NAME={0xb, 0x6, 'amanda\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0xc051)

kernel console output (not intermixed with test programs):

:50:50:50:50
[  504.708814][T12439] batman_adv: batadv0: Interface activated: batadv_slave_0
[  504.753395][T12439] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.753424][T12439] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.753438][T12439] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.753453][T12439] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.753465][T12439] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.753479][T12439] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.753492][T12439] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.753506][T12439] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.761921][T12439] batman_adv: batadv0: Interface activated: batadv_slave_1
[  504.805846][ T1001] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  504.805871][ T1001] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  504.826306][T12439] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  504.826348][T12439] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  504.826377][T12439] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  504.826405][T12439] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  505.092856][T12670] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  505.115753][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.379104][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.445312][ T2556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.445331][ T2556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.585660][ T2556] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.913874][ T2556] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.251600][ T2556] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.395213][T12717] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  507.449431][T12717] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  507.541578][ T2556] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.921985][ T5277] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  508.005252][ T4621] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  508.016994][ T4621] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  508.025620][ T4621] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  508.035460][ T4621] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  508.045077][ T4621] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  508.057951][ T4621] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  508.157276][T12744] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  508.169024][ T5277] usb 1-1: Using ep0 maxpacket: 16
[  508.289153][T12732] netlink: 'syz.0.1611': attribute type 11 has an invalid length.
[  508.447926][ T2556] bridge_slave_1: left allmulticast mode
[  508.465164][ T2556] bridge_slave_1: left promiscuous mode
[  508.506816][ T2556] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.642905][ T2556] bridge_slave_0: left allmulticast mode
[  508.652147][ T2556] bridge_slave_0: left promiscuous mode
[  508.684712][ T2556] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.162222][T12758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.218729][T12758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.734639][T12770] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1620'.
[  509.767066][T12770] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1620'.
[  510.119329][ T5229] Bluetooth: hci1: command tx timeout
[  510.326268][ T2556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  510.372982][ T2556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  510.400924][ T2556] bond0 (unregistering): Released all slaves
[  510.909499][ T5277] usb 1-1: unable to get BOS descriptor or descriptor too short
[  510.936905][ T5277] usb 1-1: unable to read config index 0 descriptor/start: -71
[  510.971405][ T5277] usb 1-1: can't read configurations, error -71
[  510.995073][T12794] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1623'.
[  511.579559][T12745] chnl_net:caif_netlink_parms(): no params data found
[  511.655228][ T2556] hsr_slave_0: left promiscuous mode
[  511.679502][ T5277] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  511.713228][ T2556] hsr_slave_1: left promiscuous mode
[  511.738358][ T2556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  511.749465][ T2556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  511.774427][ T2556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  511.798246][ T2556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  511.866469][ T2556] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  511.905072][ T2556] net veth1_virt_wifi virt_wifi0: left promiscuous mode
[  511.917204][ T2556] veth1_macvtap: left promiscuous mode
[  511.922923][ T5277] usb 1-1: Using ep0 maxpacket: 16
[  511.928503][ T2556] veth0_macvtap: left promiscuous mode
[  511.942190][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  511.959401][ T2556] veth1_vlan: left promiscuous mode
[  511.973480][ T2556] veth0_vlan: left promiscuous mode
[  511.982858][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  512.015089][ T5277] usb 1-1: New USB device found, idVendor=0458, idProduct=5017, bcdDevice= 0.00
[  512.049469][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.085527][ T5277] usb 1-1: config 0 descriptor??
[  512.199344][ T5229] Bluetooth: hci1: command tx timeout
[  512.484358][ T2556] team0 (unregistering): Port device macvlan2 removed
[  512.809109][ T5277] kye 0003:0458:5017.0010: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  512.899603][ T5277] kye 0003:0458:5017.0010: hidraw0: USB HID v0.00 Device [HID 0458:5017] on usb-dummy_hcd.0-1/input0
[  512.932421][ T5277] kye 0003:0458:5017.0010: tablet-enabling feature report not found
[  512.962539][ T5277] kye 0003:0458:5017.0010: tablet enabling failed
[  513.262353][T12855] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1634'.
[  513.408310][T12864] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1634'.
[  513.966669][ T2556] team0 (unregistering): Port device team_slave_1 removed
[  514.189222][    T8] usb 1-1: USB disconnect, device number 54
[  514.208578][ T2556] team0 (unregistering): Port device team_slave_0 removed
[  514.383773][ T5229] Bluetooth: hci1: command tx timeout
[  514.445736][T12869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1636'.
[  514.484983][T12869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1636'.
[  514.718246][T12871] io-wq is not configured for unbound workers
[  515.036306][   T58] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  515.451789][   T58] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  515.488939][   T58] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  515.552672][   T58] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  515.568232][   T58] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  515.582680][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.594480][T12871] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  515.861011][T12855] 
@ÿ: renamed from veth0_vlan (while UP)
[  516.061881][T12885] ebt_limit: overflow, try lower: 0/0
[  516.095547][T12745] bridge0: port 1(bridge_slave_0) entered blocking state
[  516.137883][T12745] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.163517][T12745] bridge_slave_0: entered allmulticast mode
[  516.181742][T12745] bridge_slave_0: entered promiscuous mode
[  516.200984][T12745] bridge0: port 2(bridge_slave_1) entered blocking state
[  516.236127][T12745] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.250358][T12745] bridge_slave_1: entered allmulticast mode
[  516.266222][T12745] bridge_slave_1: entered promiscuous mode
[  516.285134][T12891] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1642'.
[  516.334373][T12888] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1642'.
[  516.429511][T12745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  516.454659][ T5229] Bluetooth: hci1: command tx timeout
[  516.462634][T12745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  516.652213][T12745] team0: Port device team_slave_0 added
[  516.695970][T12745] team0: Port device team_slave_1 added
[  516.781007][T12911] loop0: detected capacity change from 0 to 128
[  516.793717][T12745] batman_adv: batadv0: Adding interface: batadv_slave_0
[  516.805689][T12745] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  516.856032][T12745] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  516.916881][T12745] batman_adv: batadv0: Adding interface: batadv_slave_1
[  516.939012][T12745] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  517.023114][T12745] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  517.142188][   T58] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  517.173352][   T58] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input39
[  517.281728][   T58] usb 1-1: USB disconnect, device number 55
[  517.287684][    C1] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  517.346231][T12745] hsr_slave_0: entered promiscuous mode
[  517.388345][T12745] hsr_slave_1: entered promiscuous mode
[  517.900295][T12934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1651'.
[  518.009132][ T5277] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  518.126657][T12938] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1652'.
[  518.176584][T12938] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1652'.
[  518.219678][ T5277] usb 4-1: Using ep0 maxpacket: 8
[  518.235578][ T5277] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  518.259942][ T5277] usb 4-1: config 0 has no interface number 0
[  518.267528][ T5277] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  518.289478][ T5277] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  518.331499][ T5277] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  518.369099][ T5277] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  518.437468][ T5277] usb 4-1: New USB device found, idVendor=05da, idProduct=0099, bcdDevice=d5.82
[  518.467136][ T5277] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.499317][ T5277] usb 4-1: Product: syz
[  518.503581][ T5277] usb 4-1: Manufacturer: syz
[  518.528591][ T5277] usb 4-1: SerialNumber: syz
[  518.570124][ T5277] usb 4-1: config 0 descriptor??
[  518.684258][T12956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  518.716224][T12956] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  518.860773][ T5277] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 2 is not bulk.
[  518.892346][T12963] xt_SECMARK: invalid mode: 0
[  518.899430][ T5277] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 15 is not bulk.
[  518.925573][T12745] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  518.929571][ T5277] microtek usb (rev 0.4.3): couldn't find two input bulk endpoints. Bailing out.
[  518.949215][    T9] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  518.962885][T12745] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  518.991225][T12745] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  519.023562][ T5277] usb 4-1: USB disconnect, device number 51
[  519.029772][T12745] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  519.129046][    T9] usb 1-1: device descriptor read/64, error -71
[  519.284330][T12745] 8021q: adding VLAN 0 to HW filter on device bond0
[  519.357775][T12745] 8021q: adding VLAN 0 to HW filter on device team0
[  519.394065][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.401223][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  519.556867][    T9] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  519.631217][ T2556] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.638383][ T2556] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.760859][    T9] usb 1-1: device descriptor read/64, error -71
[  519.793665][   T29] audit: type=1326 audit(1723242560.128:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12978 comm="syz.1.1659" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe80f3779f9 code=0x0
[  519.919533][    T9] usb usb1-port1: attempt power cycle
[  519.980474][T12989] input: syz0 as /devices/virtual/input/input40
[  520.055043][T12745] 8021q: adding VLAN 0 to HW filter on device batadv0
[  520.291691][T12745] veth0_vlan: entered promiscuous mode
[  520.344257][    T9] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  520.350936][T12745] veth1_vlan: entered promiscuous mode
[  520.439627][    T9] usb 1-1: device descriptor read/8, error -71
[  520.457498][T12745] veth0_macvtap: entered promiscuous mode
[  520.521642][T12745] veth1_macvtap: entered promiscuous mode
[  520.547908][T13007] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1665'.
[  520.555752][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  520.571079][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.590563][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  520.667701][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.693815][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  520.706858][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.719590][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  520.730910][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.750664][    T9] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  520.751708][T12745] batman_adv: batadv0: Interface activated: batadv_slave_0
[  520.813757][    T9] usb 1-1: device descriptor read/8, error -71
[  520.825597][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  520.872749][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.903200][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  520.934216][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.961678][    T9] usb usb1-port1: unable to enumerate USB device
[  520.971053][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  520.999750][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.031334][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.058294][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.083581][T12745] batman_adv: batadv0: Interface activated: batadv_slave_1
[  521.112099][T12745] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  521.142038][T13032] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1669'.
[  521.145342][T12745] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  521.178624][T12745] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  521.192221][T12745] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  521.201196][T13032] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1669'.
[  521.622622][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.657850][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.745902][ T2489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.762897][ T2489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  522.422818][T13055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1674'.
[  522.644498][T13058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  522.694533][T13058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  523.283397][T13069] fuse: Bad value for 'group_id'
[  523.288354][T13069] fuse: Bad value for 'group_id'
[  523.309131][ T5282] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  523.524952][ T5282] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  523.570062][ T5282] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  523.604430][ T5282] usb 5-1: config 1 has no interface number 0
[  523.617081][ T5282] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  523.670262][ T5282] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  523.699178][ T5282] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.709110][ T5282] usb 5-1: Product: syz
[  523.728926][ T5282] usb 5-1: Manufacturer: syz
[  523.733614][ T5282] usb 5-1: SerialNumber: syz
[  523.763276][T13081] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[  523.765506][ T5282] cdc_ncm 5-1:1.1: NCM or ECM functional descriptors missing
[  523.799601][ T5282] cdc_ncm 5-1:1.1: bind() failure
[  524.013472][T13058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.095115][    T9] usb 5-1: USB disconnect, device number 32
[  524.119689][T13058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  524.153084][T13097] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1686'.
[  524.439085][ T4621] Bluetooth: hci4: command 0x0406 tx timeout
[  524.602179][T13109] erspan1: entered promiscuous mode
[  524.637393][T13110] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1691'.
[  524.721865][T13115] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1694'.
[  525.210165][T13137] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  525.389085][    T9] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  525.539830][T13146] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1701'.
[  525.602107][    T9] usb 3-1: config 0 has an invalid descriptor of length 100, skipping remainder of the config
[  525.640580][    T9] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  525.672835][    T9] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  525.705369][T13150] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1702'.
[  525.724636][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.749029][T13150] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1702'.
[  525.753529][    T9] usb 3-1: Product: syz
[  525.774669][    T9] usb 3-1: Manufacturer: syz
[  525.798329][    T9] usb 3-1: SerialNumber: syz
[  525.836479][    T9] usb 3-1: config 0 descriptor??
[  525.931607][T13118] loop0: detected capacity change from 0 to 7
[  525.961546][T13118] Dev loop0: unable to read RDB block 7
[  525.989621][T13118]  loop0: unable to read partition table
[  526.004488][T13118] loop0: partition table beyond EOD, truncated
[  526.012995][T13118] loop_reread_partitions: partition scan of loop0 (₫被xüŸÑø éÚ¬§½dƤ´à–ƒƯ¡¯¨�â·û
[  526.012995][T13118] 
) failed (rc=-5)
[  526.049569][ T5277] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  526.157606][T13133] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1697'.
[  526.214031][T13155] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  526.236465][T13157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  526.237622][T13157] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  526.239503][ T5277] usb 1-1: Using ep0 maxpacket: 32
[  526.356197][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  526.356231][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  526.356272][ T5277] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  526.356296][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.357979][ T5277] usb 1-1: config 0 descriptor??
[  526.360927][ T5277] hub 1-1:0.0: USB hub found
[  526.564069][ T5277] hub 1-1:0.0: 1 port detected
[  526.719199][ T5294] usb 3-1: USB disconnect, device number 64
[  526.789885][ T5277] hub 1-1:0.0: hub_hub_status failed (err = -32)
[  526.804486][T13152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  526.816661][ T5277] hub 1-1:0.0: config failed, can't get hub status (err -32)
[  526.849441][T13152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  527.111896][T13160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1706'.
[  527.144105][ T5277] usbhid 1-1:0.0: can't add hid device: -71
[  527.162627][ T5277] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  527.251684][ T5277] usb 1-1: USB disconnect, device number 60
[  527.424862][T13168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  527.433449][T13170] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1711'.
[  527.454766][T13168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  527.822941][T13177] ebt_among: wrong size: 1048 against expected 710676, rounded to 710680
[  528.600566][T13187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  528.685167][T13187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  529.600077][T13205] netlink: 'syz.4.1723': attribute type 6 has an invalid length.
[  530.669301][T13233] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1733'.
[  530.678351][T13233] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1733'.
[  530.909168][    T9] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  531.128257][ T2535] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.141305][    T9] usb 1-1: Using ep0 maxpacket: 8
[  531.157962][    T9] usb 1-1: config 32 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  531.188545][    T9] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  531.208524][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.496649][    T9] usb 1-1: string descriptor 0 read error: -71
[  531.518035][    T9] hub 1-1:32.0: bad descriptor, ignoring hub
[  531.552690][    T9] hub 1-1:32.0: probe with driver hub failed with error -5
[  531.685624][    T9] usb 1-1: USB disconnect, device number 61
[  531.988211][T11914] udevd[11914]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  532.161217][ T4621] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  532.171838][ T4621] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  532.189319][ T4621] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  532.199444][ T4621] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  532.209955][ T4621] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  532.217301][ T4621] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  534.279191][ T4621] Bluetooth: hci1: command tx timeout
[  535.830120][ T2535] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.104099][ T2535] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.287934][   T29] audit: type=1326 audit(1723242576.618:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13251 comm="syz.3.1744" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0278f779f9 code=0x0
[  536.364637][ T4621] Bluetooth: hci1: command tx timeout
[  536.385282][   T29] audit: type=1326 audit(1723242576.618:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13251 comm="syz.3.1744" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0278f779f9 code=0x0
[  536.548778][ T2535] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  537.579709][ T2535] bridge_slave_1: left allmulticast mode
[  537.587448][ T2535] bridge_slave_1: left promiscuous mode
[  537.649152][ T2535] bridge0: port 2(bridge_slave_1) entered disabled state
[  537.724788][ T2535] bridge_slave_0: left allmulticast mode
[  537.752314][ T2535] bridge_slave_0: left promiscuous mode
[  537.799500][ T2535] bridge0: port 1(bridge_slave_0) entered disabled state
[  538.206326][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  538.217442][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  538.256263][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  538.277758][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  538.331197][T13267] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  538.347122][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  538.347475][T13267] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  538.375666][T13267] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  538.384995][T13267] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  538.412783][T13267] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  538.422359][T13267] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  538.430956][T13267] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  538.439695][ T5233] Bluetooth: hci1: command tx timeout
[  538.720545][ T4621] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  538.731482][ T4621] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  538.749993][ T4621] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  538.782308][ T4621] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  538.799078][ T4621] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  538.810688][ T4621] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  539.527217][ T2535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  539.553493][ T2535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  539.597710][ T2535] bond0 (unregistering): Released all slaves
[  539.682825][T13245] chnl_net:caif_netlink_parms(): no params data found
[  540.519551][T13267] Bluetooth: hci3: command tx timeout
[  540.519583][ T4621] Bluetooth: hci5: command tx timeout
[  540.527086][T10855] Bluetooth: hci1: command tx timeout
[  540.577415][ T5276] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  540.616579][ T2535] hsr_slave_0: left promiscuous mode
[  540.637576][ T2535] hsr_slave_1: left promiscuous mode
[  540.659303][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  540.666783][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  540.705952][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  540.730931][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  540.799888][ T2535] veth1_macvtap: left promiscuous mode
[  540.805414][ T2535] veth0_macvtap: left promiscuous mode
[  540.811866][ T2535] veth1_vlan: left promiscuous mode
[  540.819660][ T2535] veth0_vlan: left promiscuous mode
[  540.825881][ T5276] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0xC has an invalid bInterval 0, changing to 7
[  540.837249][ T5276] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0xC has invalid wMaxPacketSize 0
[  540.869054][ T5276] usb 4-1: config 0 interface 0 has no altsetting 0
[  540.877785][ T5276] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice=1c.92
[  540.887314][ T5276] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.907629][ T5276] usb 4-1: Product: syz
[  540.917782][ T5276] usb 4-1: Manufacturer: syz
[  540.923072][ T4621] Bluetooth: hci4: command tx timeout
[  540.950948][ T5276] usb 4-1: SerialNumber: syz
[  541.010591][ T5276] usb 4-1: config 0 descriptor??
[  542.389728][ T5276] usbtest 4-1:0.0: Linux user mode ISO test driver
[  542.419282][ T5276] usbtest 4-1:0.0: high-speed {control iso-out} tests (+alt)
[  542.599183][ T4621] Bluetooth: hci5: command tx timeout
[  542.609668][ T4621] Bluetooth: hci3: command tx timeout
[  542.694302][ T2535] team0 (unregistering): Port device team_slave_1 removed
[  542.791523][ T2535] team0 (unregistering): Port device team_slave_0 removed
[  542.999196][ T4621] Bluetooth: hci4: command tx timeout
[  543.537977][T13245] bridge0: port 1(bridge_slave_0) entered blocking state
[  543.578667][T13245] bridge0: port 1(bridge_slave_0) entered disabled state
[  543.622093][T13245] bridge_slave_0: entered allmulticast mode
[  543.630657][T13245] bridge_slave_0: entered promiscuous mode
[  543.651658][T13245] bridge0: port 2(bridge_slave_1) entered blocking state
[  543.659114][T13245] bridge0: port 2(bridge_slave_1) entered disabled state
[  543.668076][T13245] bridge_slave_1: entered allmulticast mode
[  543.675460][T13245] bridge_slave_1: entered promiscuous mode
[  543.879838][T13245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  543.927413][T13245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  544.337647][T13245] team0: Port device team_slave_0 added
[  544.456942][T13245] team0: Port device team_slave_1 added
[  544.516976][T13274] chnl_net:caif_netlink_parms(): no params data found
[  544.615998][T13245] batman_adv: batadv0: Adding interface: batadv_slave_0
[  544.637988][T13245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  544.679094][ T4621] Bluetooth: hci3: command tx timeout
[  544.680984][T10855] Bluetooth: hci5: command tx timeout
[  544.720465][   T58] usb 4-1: USB disconnect, device number 52
[  544.729006][T13245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  544.751246][T13270] chnl_net:caif_netlink_parms(): no params data found
[  544.856936][T13245] batman_adv: batadv0: Adding interface: batadv_slave_1
[  544.902780][T13245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  544.961635][T13245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  545.079979][T10855] Bluetooth: hci4: command tx timeout
[  545.222706][ T2535] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  545.267152][T13271] chnl_net:caif_netlink_parms(): no params data found
[  545.327806][T13331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1757'.
[  545.430418][T13332] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1757'.
[  545.711492][ T2535] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  545.814197][T13345] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1758'.
[  545.885477][T13245] hsr_slave_0: entered promiscuous mode
[  545.893154][T13245] hsr_slave_1: entered promiscuous mode
[  545.922518][T13270] bridge0: port 1(bridge_slave_0) entered blocking state
[  545.959162][T13270] bridge0: port 1(bridge_slave_0) entered disabled state
[  545.966365][T13270] bridge_slave_0: entered allmulticast mode
[  546.050155][T13270] bridge_slave_0: entered promiscuous mode
[  546.072705][T13270] bridge0: port 2(bridge_slave_1) entered blocking state
[  546.090905][T13270] bridge0: port 2(bridge_slave_1) entered disabled state
[  546.098296][T13270] bridge_slave_1: entered allmulticast mode
[  546.105979][T13270] bridge_slave_1: entered promiscuous mode
[  546.142996][ T2535] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.404287][ T2535] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.515393][T13270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  546.633800][T13270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  546.736276][T13274] bridge0: port 1(bridge_slave_0) entered blocking state
[  546.759211][T10855] Bluetooth: hci3: command tx timeout
[  546.759295][T13274] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.764638][T10855] Bluetooth: hci5: command tx timeout
[  546.773203][T13274] bridge_slave_0: entered allmulticast mode
[  546.797070][T13274] bridge_slave_0: entered promiscuous mode
[  546.980447][T13270] team0: Port device team_slave_0 added
[  546.987161][T13274] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.019007][T13274] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.026295][T13274] bridge_slave_1: entered allmulticast mode
[  547.060211][T13274] bridge_slave_1: entered promiscuous mode
[  547.123067][T13271] bridge0: port 1(bridge_slave_0) entered blocking state
[  547.149080][T13271] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.159584][T10855] Bluetooth: hci4: command tx timeout
[  547.174999][T13271] bridge_slave_0: entered allmulticast mode
[  547.195571][T13271] bridge_slave_0: entered promiscuous mode
[  547.222959][T13270] team0: Port device team_slave_1 added
[  547.450724][T13274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  547.523345][T13271] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.544042][T13271] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.564050][T13271] bridge_slave_1: entered allmulticast mode
[  547.579758][T13271] bridge_slave_1: entered promiscuous mode
[  547.679351][T13270] batman_adv: batadv0: Adding interface: batadv_slave_0
[  547.688598][T13270] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  547.731852][T13270] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  547.761659][T13274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  547.987857][T13270] batman_adv: batadv0: Adding interface: batadv_slave_1
[  548.012073][T13270] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  548.052447][T13270] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  548.216445][T13271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  548.280695][T13274] team0: Port device team_slave_0 added
[  548.376296][T13271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.522728][T13270] hsr_slave_0: entered promiscuous mode
[  548.548480][T13270] hsr_slave_1: entered promiscuous mode
[  548.575961][T13270] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  548.594945][T13270] Cannot create hsr debugfs directory
[  548.615079][T13274] team0: Port device team_slave_1 added
[  548.991545][T13271] team0: Port device team_slave_0 added
[  549.123759][ T2535] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.240512][T13274] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.247613][T13274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.280637][T13274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.316568][T13271] team0: Port device team_slave_1 added
[  549.323979][T13382] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1766'.
[  549.390613][ T2535] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.407511][T13274] batman_adv: batadv0: Adding interface: batadv_slave_1
[  549.416258][T13274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.450892][T13274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  549.538779][T13271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.545989][T13271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.614247][T13271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.655763][ T2535] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.743383][T13271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  549.759174][T13271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.788538][T13271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  549.835780][ T2535] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.013949][T13274] hsr_slave_0: entered promiscuous mode
[  550.034722][T13274] hsr_slave_1: entered promiscuous mode
[  550.052002][T13274] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  550.063884][T13274] Cannot create hsr debugfs directory
[  550.428510][T13271] hsr_slave_0: entered promiscuous mode
[  550.456462][T13271] hsr_slave_1: entered promiscuous mode
[  550.499199][T13271] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  550.529751][T13271] Cannot create hsr debugfs directory
[  551.334122][ T2535] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.417870][T13245] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  551.438336][T13245] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  551.714942][T13410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1771'.
[  551.726973][ T2535] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.774297][T13245] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  551.807893][T13245] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  551.924046][ T2535] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.125484][T13414] x_tables: duplicate entry at hook 3
[  552.163559][ T2535] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.768113][ T2535] bridge_slave_1: left allmulticast mode
[  552.787835][ T2535] bridge_slave_1: left promiscuous mode
[  552.808602][ T2535] bridge0: port 2(bridge_slave_1) entered disabled state
[  552.856171][ T2535] bridge_slave_0: left allmulticast mode
[  552.868752][ T2535] bridge_slave_0: left promiscuous mode
[  552.888361][ T2535] bridge0: port 1(bridge_slave_0) entered disabled state
[  552.912817][ T2535] bridge_slave_1: left allmulticast mode
[  552.918480][ T2535] bridge_slave_1: left promiscuous mode
[  553.019427][ T2535] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.060921][ T2535] bridge_slave_0: left allmulticast mode
[  553.074472][ T2535] bridge_slave_0: left promiscuous mode
[  553.091880][ T2535] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.114327][ T2535] bridge_slave_1: left allmulticast mode
[  553.131352][ T2535] bridge_slave_1: left promiscuous mode
[  553.155453][ T2535] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.182473][ T2535] bridge_slave_0: left allmulticast mode
[  553.196934][ T2535] bridge_slave_0: left promiscuous mode
[  553.208977][ T2535] bridge0: port 1(bridge_slave_0) entered disabled state
[  554.933202][ T2535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  554.952737][ T2535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  554.972162][ T2535] bond0 (unregistering): Released all slaves
[  555.359190][ T2535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  555.372899][ T2535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  555.391188][ T2535] bond0 (unregistering): Released all slaves
[  555.639208][ T2535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  555.681653][ T2535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  555.702853][ T2535] bond0 (unregistering): Released all slaves
[  555.741621][T13427] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1776'.
[  555.784597][T13245] 8021q: adding VLAN 0 to HW filter on device bond0
[  555.833994][T13270] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  555.890443][T13270] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  556.137463][T13270] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  556.183294][T13270] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  556.258468][T13245] 8021q: adding VLAN 0 to HW filter on device team0
[  556.431245][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  556.438435][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  556.562214][T13436] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  556.657373][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.664518][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  557.512857][T13245] 8021q: adding VLAN 0 to HW filter on device batadv0
[  557.801495][T13453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1780'.
[  558.067778][T13455] xt_cluster: node mask cannot exceed total number of nodes
[  558.182661][T13270] 8021q: adding VLAN 0 to HW filter on device bond0
[  558.471719][T13270] 8021q: adding VLAN 0 to HW filter on device team0
[  558.549010][ T2535] hsr_slave_0: left promiscuous mode
[  558.639694][ T2535] hsr_slave_1: left promiscuous mode
[  558.666511][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  558.677552][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  558.704417][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  558.727299][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  558.772646][ T2535] hsr_slave_0: left promiscuous mode
[  558.805950][ T2535] hsr_slave_1: left promiscuous mode
[  558.821986][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  558.831945][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  558.849198][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  558.869448][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  558.968678][ T2535] hsr_slave_0: left promiscuous mode
[  558.978335][ T2535] hsr_slave_1: left promiscuous mode
[  558.989389][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  558.999778][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  559.009568][ T2535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  559.019051][ T2535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  559.117907][ T2535] veth1_macvtap: left promiscuous mode
[  559.123530][ T2535] veth0_macvtap: left promiscuous mode
[  559.129334][ T2535] veth1_vlan: left promiscuous mode
[  559.139067][ T2535] veth0_vlan: left promiscuous mode
[  559.151889][ T2535] veth1_macvtap: left promiscuous mode
[  559.174158][ T2535] veth0_macvtap: left promiscuous mode
[  559.186509][ T2535] veth1_vlan: left promiscuous mode
[  559.193026][ T2535] veth0_vlan: left promiscuous mode
[  559.202011][ T2535] veth1_macvtap: left promiscuous mode
[  559.209230][ T2535] veth0_macvtap: left promiscuous mode
[  559.219484][ T2535] veth1_vlan: left promiscuous mode
[  559.229346][ T2535] veth0_vlan: left promiscuous mode
[  560.827208][ T2535] team0 (unregistering): Port device team_slave_1 removed
[  560.989643][ T2535] team0 (unregistering): Port device team_slave_0 removed
[  562.881059][ T2535] team0 (unregistering): Port device team_slave_1 removed
[  562.950469][ T2535] team0 (unregistering): Port device team_slave_0 removed
[  563.339712][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  563.346056][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  564.651250][ T2535] team0 (unregistering): Port device team_slave_0 removed
[  565.760156][T13245] veth0_vlan: entered promiscuous mode
[  565.876356][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[  565.883564][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[  565.934357][T13271] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  565.984275][T13271] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  566.061630][T13245] veth1_vlan: entered promiscuous mode
[  566.194521][T13271] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  566.223295][T13271] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  566.260435][T13462] fuse: Bad value for 'group_id'
[  566.265424][T13462] fuse: Bad value for 'group_id'
[  566.362452][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  566.369698][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  566.670126][T13274] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  566.710251][T13274] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  566.740621][T13274] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  566.859831][T13477] openvswitch: netlink: Flow key attr not present in new flow.
[  566.861292][T13274] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  566.930341][T13477] netlink: 'syz.3.1784': attribute type 4 has an invalid length.
[  567.191747][T13482] netlink: 'syz.3.1784': attribute type 17 has an invalid length.
[  567.367778][T13245] veth0_macvtap: entered promiscuous mode
[  567.511563][T13245] veth1_macvtap: entered promiscuous mode
[  567.694679][T13245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  567.725906][T13245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  567.781327][T13245] batman_adv: batadv0: Interface activated: batadv_slave_0
[  567.830675][T13271] 8021q: adding VLAN 0 to HW filter on device bond0
[  567.885393][T13245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  567.902947][T13245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  567.934569][T13245] batman_adv: batadv0: Interface activated: batadv_slave_1
[  568.002001][T13270] 8021q: adding VLAN 0 to HW filter on device batadv0
[  568.124331][T13245] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  568.168907][T13245] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  568.198188][T13245] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  568.219153][T13245] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  568.383957][T13271] 8021q: adding VLAN 0 to HW filter on device team0
[  568.490847][T13501] xt_CT: No such helper "netbios-ns"
[  568.510831][ T1001] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.518031][ T1001] bridge0: port 1(bridge_slave_0) entered forwarding state
[  568.575292][T13274] 8021q: adding VLAN 0 to HW filter on device bond0
[  568.612064][ T1001] bridge0: port 2(bridge_slave_1) entered blocking state
[  568.619397][ T1001] bridge0: port 2(bridge_slave_1) entered forwarding state
[  568.695044][ T2489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  568.723367][T13274] 8021q: adding VLAN 0 to HW filter on device team0
[  568.808979][ T2489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  568.901595][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.908715][ T2489] bridge0: port 1(bridge_slave_0) entered forwarding state
[  568.968024][T13270] veth0_vlan: entered promiscuous mode
[  568.993828][ T2535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  569.025935][ T2489] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.033137][ T2489] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.055208][ T2535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  569.141325][T13270] veth1_vlan: entered promiscuous mode
[  569.194226][T13271] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  569.245344][T13274] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  569.318721][T13274] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  569.373260][T13520] x_tables: ip6_tables: l2tp.0 match: invalid size 16 (kernel) != (user) 56
[  569.480626][T13271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  569.605631][T13523] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1738'.
[  569.638239][T13270] veth0_macvtap: entered promiscuous mode
[  569.666795][T13274] 8021q: adding VLAN 0 to HW filter on device batadv0
[  569.693481][T13270] veth1_macvtap: entered promiscuous mode
[  569.730381][T13270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.757276][T13270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.784160][T13270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.821715][T13270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.886164][T13270] batman_adv: batadv0: Interface activated: batadv_slave_0
[  569.980882][T13270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.041379][T13270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.158993][T13270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.206083][T13270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.238196][T13270] batman_adv: batadv0: Interface activated: batadv_slave_1
[  570.540417][T13270] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  570.623025][T13270] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  570.666637][T13270] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  570.738987][T13270] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  570.809511][T13549] netlink: 'syz.4.1791': attribute type 4 has an invalid length.
[  570.959343][ T5276] IPVS: starting estimator thread 0...
[  571.008262][T13271] veth0_vlan: entered promiscuous mode
[  571.069143][T13551] IPVS: using max 19 ests per chain, 45600 per kthread
[  571.106597][T13271] veth1_vlan: entered promiscuous mode
[  571.227966][T13274] veth0_vlan: entered promiscuous mode
[  571.276362][T13271] veth0_macvtap: entered promiscuous mode
[  571.397781][T13274] veth1_vlan: entered promiscuous mode
[  571.451933][T13271] veth1_macvtap: entered promiscuous mode
[  571.564608][T13566] batadv_slave_1: entered promiscuous mode
[  571.638618][ T2535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.688384][ T2535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.702693][T13271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  571.720905][T13271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.737362][T13271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  571.748768][T13271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.765955][T13271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  571.777847][T13271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.797581][T13271] batman_adv: batadv0: Interface activated: batadv_slave_0
[  571.866982][T13271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.878713][T13271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.906744][T13271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.934993][T13271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.958715][T13271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.993049][T13271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.025668][T13271] batman_adv: batadv0: Interface activated: batadv_slave_1
[  572.068402][T13274] veth0_macvtap: entered promiscuous mode
[  572.068470][ T2556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  572.086856][T13271] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  572.113118][T13271] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  572.141045][T13271] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  572.171803][T13271] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  572.207880][ T2556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  572.223305][T13558] batadv_slave_1: left promiscuous mode
[  572.248451][T13274] veth1_macvtap: entered promiscuous mode
[  572.469920][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  572.527860][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.590632][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  572.637939][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.637964][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  572.637983][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.637999][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  572.638014][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.657672][T13274] batman_adv: batadv0: Interface activated: batadv_slave_0
[  572.668508][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  572.668533][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.668546][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  572.668560][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.668578][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  572.668591][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.668605][T13274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  572.668619][T13274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  572.674684][T13274] batman_adv: batadv0: Interface activated: batadv_slave_1
[  572.683324][T13588] netlink: 'syz.0.1746': attribute type 6 has an invalid length.
[  572.788027][T13274] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  572.788068][T13274] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  572.788096][T13274] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  572.788124][T13274] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  572.920585][ T2535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  572.920612][ T2535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  573.277095][ T2489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  573.277119][ T2489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  573.373546][T13594] xt_CT: No such helper "netbios-ns"
[  573.581223][ T2556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  573.640874][ T2556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  573.850524][ T2535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  573.886144][ T2535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  574.429739][T13622] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1799'.
[  575.125090][T13649] netlink: 'syz.4.1807': attribute type 6 has an invalid length.
[  575.448557][T13655] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  575.970756][ T5294] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  576.199199][ T5294] usb 3-1: Using ep0 maxpacket: 32
[  576.212971][T13680] xt_CT: No such helper "netbios-ns"
[  576.242145][ T5294] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  576.272097][ T5294] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  576.283202][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  576.293360][ T5294] usb 3-1: Product: syz
[  576.297619][ T5294] usb 3-1: Manufacturer: syz
[  576.302668][ T5294] usb 3-1: SerialNumber: syz
[  576.316026][ T5294] usb 3-1: config 0 descriptor??
[  576.326281][T13662] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  576.631690][T13660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  576.650887][T13660] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  576.780720][ T5294] usb 3-1: USB disconnect, device number 65
[  577.839764][   T29] audit: type=1326 audit(1723242618.178:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13713 comm="syz.2.1820" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f6c1779f9 code=0x0
[  578.840354][ T5294] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  579.045584][ T5294] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  579.106011][ T5294] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.179254][ T5294] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.211791][ T5294] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  579.249088][ T5294] usb 4-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00
[  579.276361][ T5294] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.301408][ T5294] usb 4-1: config 0 descriptor??
[  579.880942][T13756] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1834'.
[  579.924316][T13754] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  579.948004][T13754] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  580.052196][ T4621] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  580.063195][ T4621] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  580.072032][ T4621] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  580.105429][ T4621] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  580.119503][ T4621] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  580.126911][ T4621] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  580.159651][T13737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  580.169421][T13737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  580.235985][ T5294] usbhid 4-1:0.0: can't add hid device: -71
[  580.248948][ T5294] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  580.266696][ T5294] usb 4-1: USB disconnect, device number 53
[  580.381877][T13765] skbuff: bad partial csum: csum=65504/2 headroom=176 headlen=65534
[  580.674301][T13763] chnl_net:caif_netlink_parms(): no params data found
[  580.779173][    T8] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  580.780700][T13772] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1836'.
[  580.990125][    T8] usb 3-1: config 0 has an invalid interface number: 27 but max is 0
[  581.068944][    T8] usb 3-1: config 0 has no interface number 0
[  581.106372][    T8] usb 3-1: config 0 interface 27 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.119243][ T5294] usb 1-1: new full-speed USB device number 62 using dummy_hcd
[  581.126746][T13763] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.144554][    T8] usb 3-1: config 0 interface 27 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.154789][T13763] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.169953][    T8] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  581.187575][T13763] bridge_slave_0: entered allmulticast mode
[  581.197575][T13763] bridge_slave_0: entered promiscuous mode
[  581.205485][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.226780][    T8] usb 3-1: config 0 descriptor??
[  581.235938][T13763] bridge0: port 2(bridge_slave_1) entered blocking state
[  581.255727][T13763] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.263979][T13763] bridge_slave_1: entered allmulticast mode
[  581.272103][T13763] bridge_slave_1: entered promiscuous mode
[  581.330988][ T5294] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  581.351565][ T5294] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  581.367202][ T5294] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.391303][ T5294] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  581.406676][T13763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  581.434312][T13763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  581.443178][ T5294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.476262][ T5294] hub 1-1:1.0: bad descriptor, ignoring hub
[  581.492470][ T5294] hub 1-1:1.0: probe with driver hub failed with error -5
[  581.520447][ T5294] cdc_wdm 1-1:1.0: skipping garbage
[  581.530414][ T5294] cdc_wdm 1-1:1.0: skipping garbage
[  581.539326][ T5294] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22
[  581.575558][T13763] team0: Port device team_slave_0 added
[  581.646074][ T4621] Bluetooth: hci5: command tx timeout
[  581.662139][    T8] uclogic 0003:256C:006D.0011: interface is invalid, ignoring
[  581.711013][T13763] team0: Port device team_slave_1 added
[  581.810188][ T5294] usb 1-1: USB disconnect, device number 62
[  581.831869][T13763] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.842984][T13763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.907806][T13763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  581.927729][T13763] batman_adv: batadv0: Adding interface: batadv_slave_1
[  581.945933][T13763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.976350][T13763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  581.988215][T11051] usb 3-1: USB disconnect, device number 66
[  582.106244][T13763] hsr_slave_0: entered promiscuous mode
[  582.128109][T13763] hsr_slave_1: entered promiscuous mode
[  582.146438][T13763] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  582.156405][T13763] Cannot create hsr debugfs directory
[  582.189006][   T58] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  582.206285][ T4621] Bluetooth: hci1: command tx timeout
[  582.439078][   T58] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  582.447639][   T58] usb 4-1: config 0 has no interface number 0
[  582.514043][   T58] usb 4-1: New USB device found, idVendor=15ba, idProduct=002b, bcdDevice=f9.45
[  582.558967][   T58] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.577129][   T58] usb 4-1: Product: syz
[  582.589345][T13806] ebt_among: wrong size: 1048 against expected 710676, rounded to 710680
[  582.597881][   T58] usb 4-1: Manufacturer: syz
[  582.604359][   T58] usb 4-1: SerialNumber: syz
[  582.610650][   T58] usb 4-1: config 0 descriptor??
[  582.624004][   T58] ftdi_sio 4-1:0.1: FTDI USB Serial Device converter detected
[  582.658040][   T58] ftdi_sio ttyUSB0: unknown device type: 0xf945
[  582.812721][T13763] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.836514][   T58] usb 4-1: USB disconnect, device number 54
[  582.876006][   T58] ftdi_sio 4-1:0.1: device disconnected
[  583.106923][T13763] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.143603][T13818] IPv6: sit1: Disabled Multicast RS
[  583.325689][T13763] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.527800][T13834] FAULT_INJECTION: forcing a failure.
[  583.527800][T13834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.535774][T13763] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.578295][T13836] ªªªªª: renamed from bond_slave_0 (while UP)
[  583.599026][T13834] CPU: 1 UID: 0 PID: 13834 Comm: syz.0.1856 Not tainted 6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  583.609841][T13834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  583.619920][T13834] Call Trace:
[  583.620722][T13836] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1857'.
[  583.623199][T13834]  <TASK>
[  583.623213][T13834]  dump_stack_lvl+0x241/0x360
[  583.639519][T13836] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1857'.
[  583.639740][T13834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  583.653894][T13834]  ? __pfx__printk+0x10/0x10
[  583.658507][T13834]  ? __pfx_lock_release+0x10/0x10
[  583.663547][T13834]  ? __lock_acquire+0x137a/0x2040
[  583.668592][T13834]  should_fail_ex+0x3b0/0x4e0
[  583.673295][T13834]  _copy_from_iter+0x1f6/0x1960
[  583.678183][T13834]  ? __pfx__copy_from_iter+0x10/0x10
[  583.683483][T13834]  ? tun_get_user+0x871/0x4720
[  583.688263][T13834]  ? __pfx_lock_release+0x10/0x10
[  583.693325][T13834]  ? page_copy_sane+0x46/0x260
[  583.698111][T13834]  copy_page_from_iter+0x7a/0x100
[  583.703178][T13834]  tun_get_user+0x1f7d/0x4720
[  583.707873][T13834]  ? tun_get_user+0x871/0x4720
[  583.712668][T13834]  ? __lock_acquire+0x137a/0x2040
[  583.717719][T13834]  ? __pfx_tun_get_user+0x10/0x10
[  583.722776][T13834]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  583.728249][T13834]  ? tun_get+0x1e/0x2f0
[  583.732419][T13834]  ? __pfx_lock_release+0x10/0x10
[  583.737477][T13834]  ? tun_get+0x1e/0x2f0
[  583.741646][T13834]  ? tun_get+0x27d/0x2f0
[  583.745915][T13834]  tun_chr_write_iter+0x113/0x1f0
[  583.750976][T13834]  vfs_write+0xa72/0xc90
[  583.755346][T13834]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  583.760915][T13834]  ? __pfx_vfs_write+0x10/0x10
[  583.765722][T13834]  ksys_write+0x1a0/0x2c0
[  583.770080][T13834]  ? __pfx_ksys_write+0x10/0x10
[  583.774967][T13834]  ? do_syscall_64+0x100/0x230
[  583.779756][T13834]  ? do_syscall_64+0xb6/0x230
[  583.784457][T13834]  do_syscall_64+0xf3/0x230
[  583.788978][T13834]  ? clear_bhb_loop+0x35/0x90
[  583.793670][T13834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.799579][T13834] RIP: 0033:0x7f4d6e1764df
[  583.804017][T13834] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  583.823650][T13834] RSP: 002b:00007f4d6eef2000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  583.832087][T13834] RAX: ffffffffffffffda RBX: 00007f4d6e305f80 RCX: 00007f4d6e1764df
[  583.840074][T13834] RDX: 0000000000000036 RSI: 0000000020000180 RDI: 00000000000000c8
[  583.848153][T13834] RBP: 00007f4d6eef2090 R08: 0000000000000000 R09: 0000000000000000
[  583.856172][T13834] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  583.864176][T13834] R13: 0000000000000000 R14: 00007f4d6e305f80 R15: 00007f4d6e42fa38
[  583.872203][T13834]  </TASK>
[  584.260805][T13763] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  584.279217][ T4621] Bluetooth: hci1: command tx timeout
[  584.311897][T13763] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  584.366499][T13851] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  584.389112][ T5294] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  584.415620][T13763] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  584.433603][T13763] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  584.579700][ T5294] usb 3-1: Using ep0 maxpacket: 32
[  584.627015][ T5294] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  584.647015][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.681815][ T5294] usb 3-1: Product: syz
[  584.687409][ T5294] usb 3-1: Manufacturer: syz
[  584.725898][ T5294] usb 3-1: SerialNumber: syz
[  584.730732][T13763] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.752089][T13865] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  584.773534][T13763] 8021q: adding VLAN 0 to HW filter on device team0
[  584.802723][ T5294] usb 3-1: config 0 descriptor??
[  584.806427][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  584.811442][ T5294] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  584.814865][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  584.873007][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.880212][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  585.105845][T13763] 8021q: adding VLAN 0 to HW filter on device batadv0
[  585.175406][T13873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  585.214894][T13874] xt_SECMARK: invalid mode: 0
[  585.225632][T13873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  585.229120][T13870] –eth0_vlan: renamed from bridge_slave_1 (while UP)
[  585.357568][T13763] veth0_vlan: entered promiscuous mode
[  585.364520][ T5294] gspca_ov534_9: reg_w failed -110
[  585.386603][T13763] veth1_vlan: entered promiscuous mode
[  585.551434][T13763] veth0_macvtap: entered promiscuous mode
[  585.564961][T13763] veth1_macvtap: entered promiscuous mode
[  585.583947][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.595726][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.618248][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.642367][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.662641][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.675062][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.675081][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.675097][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.675110][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.675124][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.678023][T13763] batman_adv: batadv0: Interface activated: batadv_slave_0
[  585.689064][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.689083][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.689092][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.689101][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.689108][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.689116][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.689123][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.689131][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.689138][T13763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.689146][T13763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.690233][T13763] batman_adv: batadv0: Interface activated: batadv_slave_1
[  585.692876][T13763] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  585.692900][T13763] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  585.692917][T13763] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  585.692932][T13763] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  585.908963][ T5294] gspca_ov534_9: Unknown sensor 0000
[  585.909043][ T5294] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22
[  585.911432][ T5294] usb 3-1: USB disconnect, device number 67
[  585.967325][ T1001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  585.967351][ T1001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  586.079938][ T2489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  586.079955][ T2489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  586.376128][ T4621] Bluetooth: hci1: command tx timeout
[  586.430143][T13893] ebt_among: wrong size: 1048 against expected 710676, rounded to 710680
[  586.765974][T13879] tty tty1: ldisc open failed (-12), clearing slot 0
[  586.809633][T13898] xt_bpf: check failed: parse error
[  586.911321][T13901] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(107)
[  586.918054][T13901] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  587.073418][T13901] vhci_hcd vhci_hcd.0: Device attached
[  587.165843][T13908] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  587.223294][T13904] vhci_hcd: connection closed
[  587.270437][ T2535] vhci_hcd: stop threads
[  587.308069][ T2535] vhci_hcd: release socket
[  587.327099][ T2535] vhci_hcd: disconnect device
[  587.506314][    T9] IPVS: starting estimator thread 0...
[  587.530459][T13920] fuse: Bad value for 'user_id'
[  587.539151][T13920] fuse: Bad value for 'user_id'
[  587.659896][T13924] IPVS: using max 33 ests per chain, 79200 per kthread
[  588.449100][ T4621] Bluetooth: hci1: command tx timeout
[  588.777402][T13949] xt_SECMARK: invalid mode: 0
[  588.925878][T13952] xt_CT: No such helper "netbios-ns"
[  589.509009][ T5277] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  589.729172][ T5277] usb 5-1: Using ep0 maxpacket: 8
[  589.736518][T13973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  589.752342][ T5277] usb 5-1: New USB device found, idVendor=1ae7, idProduct=0525, bcdDevice=73.af
[  589.778374][T13976] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  589.798511][ T5277] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.841882][T13976] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  589.860829][ T5277] usb 5-1: Product: syz
[  589.873148][ T5277] usb 5-1: Manufacturer: syz
[  589.877756][ T5277] usb 5-1: SerialNumber: syz
[  589.879529][T13978] FAULT_INJECTION: forcing a failure.
[  589.879529][T13978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  589.895494][T13978] CPU: 1 UID: 0 PID: 13978 Comm: syz.2.1899 Not tainted 6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  589.906278][T13978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  589.916346][T13978] Call Trace:
[  589.919651][T13978]  <TASK>
[  589.922568][T13978]  dump_stack_lvl+0x241/0x360
[  589.927241][T13978]  ? __pfx_dump_stack_lvl+0x10/0x10
[  589.932437][T13978]  ? __pfx__printk+0x10/0x10
[  589.937025][T13978]  should_fail_ex+0x3b0/0x4e0
[  589.941694][T13978]  _copy_from_user+0x2f/0xe0
[  589.946277][T13978]  memdup_user+0x64/0xc0
[  589.950520][T13978]  strndup_user+0x68/0xc0
[  589.954857][T13978]  __se_sys_fsopen+0x3f/0x2c0
[  589.959527][T13978]  do_syscall_64+0xf3/0x230
[  589.964025][T13978]  ? clear_bhb_loop+0x35/0x90
[  589.968684][T13978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.974586][T13978] RIP: 0033:0x7f6f6c1779f9
[  589.978990][T13978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.998580][T13978] RSP: 002b:00007f6f6cf28038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  590.006983][T13978] RAX: ffffffffffffffda RBX: 00007f6f6c306058 RCX: 00007f6f6c1779f9
[  590.014943][T13978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040
[  590.022905][T13978] RBP: 00007f6f6cf28090 R08: 0000000000000000 R09: 0000000000000000
[  590.030862][T13978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  590.038816][T13978] R13: 0000000000000000 R14: 00007f6f6c306058 R15: 00007f6f6c42fa38
[  590.046796][T13978]  </TASK>
[  590.080117][ T5277] usb 5-1: config 0 descriptor??
[  590.087416][ T5277] HFC-S_USB 5-1:0.0: probe with driver HFC-S_USB failed with error -5
[  590.128715][ T5294] IPVS: starting estimator thread 0...
[  590.249090][T13985] IPVS: using max 22 ests per chain, 52800 per kthread
[  590.304893][ T5277] usb 5-1: USB disconnect, device number 33
[  591.236444][T14008] erspan1: entered promiscuous mode
[  591.509100][ T5277] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  591.549597][T11051] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  591.591060][T14022] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  591.600960][T14022] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  591.709086][ T5277] usb 3-1: Using ep0 maxpacket: 32
[  591.723502][ T5277] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  591.752664][T11051] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  591.767796][T11051] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  591.780375][T11051] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.794525][ T5277] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  591.808765][ T5277] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.831344][T11051] usb 5-1: Product: syz
[  591.840326][T11051] usb 5-1: Manufacturer: syz
[  591.848500][T11051] usb 5-1: SerialNumber: syz
[  591.854251][   T25] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  591.876892][ T5277] usb 3-1: Product: syz
[  591.885494][ T5277] usb 3-1: Manufacturer: syz
[  591.888457][T11051] usb 5-1: config 0 descriptor??
[  591.901095][ T5277] usb 3-1: SerialNumber: syz
[  591.923728][T11051] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  591.928784][ T5277] usb 3-1: config 0 descriptor??
[  591.939576][T14011] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  591.961465][ T5277] hub 3-1:0.0: bad descriptor, ignoring hub
[  591.980862][ T5277] hub 3-1:0.0: probe with driver hub failed with error -5
[  592.043885][ T5277] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input42
[  592.081211][   T25] usb 1-1: config 0 has no interfaces?
[  592.088095][   T25] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  592.161372][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.218595][   T25] usb 1-1: config 0 descriptor??
[  592.231355][T11051] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -2
[  592.416053][ T5277] usb 5-1: USB disconnect, device number 34
[  592.431490][T13272] udevd[13272]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  592.500940][T14021] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  592.522636][T14021] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  592.556893][T14021] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  592.577277][T14021] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  592.613621][ T5276] usb 1-1: USB disconnect, device number 63
[  593.431830][T14053] fuse: Unknown parameter '0x0000000000000003'
[  593.465245][T14045] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1921'.
[  593.569232][ T4621] Bluetooth: hci5: command tx timeout
[  593.647927][T14053] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1922'.
[  593.679527][   T58] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  593.890858][   T58] usb 5-1: Using ep0 maxpacket: 16
[  593.922276][   T58] usb 5-1: config 1 has an invalid descriptor of length 53, skipping remainder of the config
[  593.949475][   T58] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  594.011850][   T58] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  594.065185][   T58] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  594.092488][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.125021][   T58] usb 5-1: Product: syz
[  594.134795][   T58] usb 5-1: Manufacturer: syz
[  594.158540][   T58] usb 5-1: SerialNumber: syz
[  594.191080][   T58] usb 5-1: selecting invalid altsetting 1
[  594.299166][ T5276] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  594.369972][   T25] usb 3-1: USB disconnect, device number 68
[  594.370053][    C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  594.427570][T14042] netlink: 'syz.4.1920': attribute type 10 has an invalid length.
[  594.519215][ T5276] usb 4-1: Using ep0 maxpacket: 32
[  594.541725][ T5276] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  594.543080][T14042] batman_adv: batadv0: Adding interface: team0
[  594.572637][T14042] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  594.605240][T14042] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  594.634458][T14064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  594.645327][ T5276] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  594.696213][   T58] cdc_ncm 5-1:1.0: bind() failure
[  594.698343][ T5276] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  594.712121][T14064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  594.756079][ T5276] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.761849][   T58] usb 5-1: USB disconnect, device number 35
[  594.806319][ T5276] usb 4-1: Product: syz
[  594.817963][ T5276] usb 4-1: Manufacturer: syz
[  594.836175][ T5276] usb 4-1: SerialNumber: syz
[  595.135587][ T5276] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 55 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  595.556653][T14075] netlink: 'syz.4.1930': attribute type 6 has an invalid length.
[  595.604460][T14060] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1925'.
[  595.668548][T14076] delete_channel: no stack
[  595.844728][   T29] audit: type=1326 audit(1723242636.168:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14079 comm="syz.4.1932" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f21357779f9 code=0x0
[  596.024152][   T29] audit: type=1326 audit(1723242636.178:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14059 comm="syz.3.1925" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0278f779f9 code=0x0
[  596.867989][T14098] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1936'.
[  597.255892][T14105] netlink: 'syz.2.1937': attribute type 54 has an invalid length.
[  597.277797][ T5276] usb 4-1: USB disconnect, device number 55
[  597.309621][T14105] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1937'.
[  597.324470][ T5276] usblp0: removed
[  597.845072][T14127] team0: Port device team_slave_1 removed
[  597.887830][   T58] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  598.081864][T14134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  598.104410][   T58] usb 5-1: Using ep0 maxpacket: 8
[  598.137872][   T58] usb 5-1: config 0 has an invalid interface number: 156 but max is 0
[  598.152647][T14134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  598.159049][   T58] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  598.185132][   T58] usb 5-1: config 0 has no interface number 0
[  598.198362][   T58] usb 5-1: too many endpoints for config 0 interface 156 altsetting 233: 62, using maximum allowed: 30
[  598.213706][   T58] usb 5-1: config 0 interface 156 altsetting 233 has 0 endpoint descriptors, different from the interface descriptor's value: 62
[  598.234006][   T58] usb 5-1: config 0 interface 156 has no altsetting 0
[  598.248949][   T58] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=ff.ff
[  598.266746][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.293989][   T58] usb 5-1: config 0 descriptor??
[  598.410211][T14147] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1953'.
[  598.629225][   T25] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  598.640687][T14153] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  598.780590][    T9] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  598.871129][   T25] usb 3-1: config 250 has too many interfaces: 80, using maximum allowed: 32
[  598.888063][ T4621] Bluetooth: to_multiplier 42238 > 3200
[  598.931496][   T25] usb 3-1: config 250 has an invalid descriptor of length 142, skipping remainder of the config
[  598.944599][   T25] usb 3-1: config 250 has 0 interfaces, different from the descriptor's value: 80
[  598.956136][   T25] usb 3-1: New USB device found, idVendor=056f, idProduct=4010, bcdDevice=20.1c
[  598.966046][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.989921][    T9] usb 4-1: Using ep0 maxpacket: 8
[  598.997308][    T9] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  599.027660][    T9] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  599.087895][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.204879][   T25] usb 3-1: string descriptor 0 read error: -32
[  599.310214][ T5276] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  599.558482][ T5276] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  599.636332][ T5276] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  599.649775][ T5276] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  599.724003][ T5276] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.776097][ T5276] usb 1-1: config 0 descriptor??
[  600.275482][ T5276] hid-thrustmaster 0003:044F:B65D.0012: unknown main item tag 0x0
[  600.370314][ T5276] hid-thrustmaster 0003:044F:B65D.0012: unknown main item tag 0x0
[  600.378243][ T5276] hid-thrustmaster 0003:044F:B65D.0012: unknown main item tag 0x0
[  600.402767][ T5276] hid-thrustmaster 0003:044F:B65D.0012: unknown main item tag 0x0
[  600.458796][ T5276] hid-thrustmaster 0003:044F:B65D.0012: unknown main item tag 0x0
[  600.524448][ T5276] hid-thrustmaster 0003:044F:B65D.0012: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0
[  600.568640][ T5276] hid-thrustmaster 0003:044F:B65D.0012: Wrong number of endpoints?
[  600.769589][   T58] usb 5-1: string descriptor 0 read error: -71
[  600.789930][   T58] asix 5-1:0.156: probe with driver asix failed with error -22
[  600.825468][   T58] usb 5-1: USB disconnect, device number 36
[  600.919251][ T4621] Bluetooth: hci3: command tx timeout
[  601.201981][ T5276] usb 3-1: USB disconnect, device number 69
[  601.612971][    T9] usb 4-1: string descriptor 0 read error: -71
[  601.649204][    T9] hub 4-1:32.0: bad descriptor, ignoring hub
[  601.684995][    T9] hub 4-1:32.0: probe with driver hub failed with error -5
[  601.708261][    C0] hid-thrustmaster 0003:044F:B65D.0012: URB to get model id failed with error -71
[  601.710251][   T58] usb 1-1: USB disconnect, device number 64
[  601.897657][    T9] usb 4-1: USB disconnect, device number 56
[  601.984226][T14189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  602.023960][T14189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  602.212015][T13272] udevd[13272]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  602.261435][T14199] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1966'.
[  602.269787][ T5276] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  602.320158][T14202] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  602.367213][T14203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  602.664857][T14206] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1969'.
[  602.935988][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  603.018642][T14214] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  603.086312][T14207] IPVS: stopping backup sync thread 14214 ...
[  603.208713][   T29] audit: type=1326 audit(1723242643.538:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14222 comm="syz.4.1974" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f21357779f9 code=0x0
[  603.280328][   T29] audit: type=1326 audit(1723242643.618:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14222 comm="syz.4.1974" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f21357779f9 code=0x0
[  603.302717][T14212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  603.346526][T14212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  603.369263][    T8] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  603.570119][    T8] usb 4-1: Using ep0 maxpacket: 8
[  603.584177][    T8] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  603.602668][    T8] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  603.622614][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.788943][   T58] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  603.889249][    T9] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  604.001668][   T58] usb 1-1: no configurations
[  604.006415][   T58] usb 1-1: can't read configurations, error -22
[  604.100627][    T9] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  604.116808][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.142294][    T9] usb 3-1: config 0 descriptor??
[  604.173629][T14241] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1981'.
[  604.219002][   T58] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  604.379029][T14245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  604.430610][   T58] usb 1-1: no configurations
[  604.435295][   T58] usb 1-1: can't read configurations, error -22
[  604.443371][T14245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  604.479446][   T58] usb usb1-port1: attempt power cycle
[  604.513544][    T9] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  604.530406][    T9] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  604.539413][    T9] [drm:udl_init] *ERROR* Selecting channel failed
[  604.565916][    T9] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  604.574542][    T9] [drm] Initialized udl on minor 2
[  604.590018][    T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  604.613871][    T9] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  604.622034][ T5276] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  604.643566][    T9] usb 3-1: USB disconnect, device number 71
[  604.649966][ T5276] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  604.682020][ T5276] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  604.939232][   T58] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  604.980283][   T58] usb 1-1: no configurations
[  604.989264][   T58] usb 1-1: can't read configurations, error -22
[  605.179382][   T58] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  605.245496][   T58] usb 1-1: no configurations
[  605.270468][   T58] usb 1-1: can't read configurations, error -22
[  605.300656][   T58] usb usb1-port1: unable to enumerate USB device
[  606.146213][    T8] usb 4-1: string descriptor 0 read error: -71
[  606.215344][    T8] hub 4-1:32.0: bad descriptor, ignoring hub
[  606.242001][    T8] hub 4-1:32.0: probe with driver hub failed with error -5
[  606.303359][T14274] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1989'.
[  606.358344][    T8] usb 4-1: USB disconnect, device number 57
[  606.663470][T13272] udevd[13272]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  607.186005][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.446792][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.639241][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.783593][T14292] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  607.838197][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  608.312250][   T11] –eth0_vlan: left allmulticast mode
[  608.332319][   T11] –eth0_vlan: left promiscuous mode
[  608.337771][   T11] bridge0: port 2(–eth0_vlan) entered disabled state
[  608.480556][   T11] bridge_slave_0: left allmulticast mode
[  608.486262][   T11] bridge_slave_0: left promiscuous mode
[  608.504072][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  608.589893][T14318] fuse: Unknown parameter ''
[  608.661173][T10855] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  608.671276][T10855] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  608.686265][T10855] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  608.687494][T14321] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2009'.
[  608.713997][T10855] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  608.722863][T10855] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  608.730570][T10855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  609.069460][T14338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  609.858089][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  609.881507][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  609.902524][   T11] bond0 (unregistering): Released all slaves
[  609.933709][T14315] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2006'.
[  609.949223][T14318] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2006'.
[  610.610621][T14352] xt_cluster: node mask cannot exceed total number of nodes
[  610.643868][T10855] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  610.846628][T10855] Bluetooth: hci4: command tx timeout
[  610.979545][   T11] hsr_slave_0: left promiscuous mode
[  611.013195][   T11] hsr_slave_1: left promiscuous mode
[  611.049140][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  611.077631][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  611.136368][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  611.191650][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  611.317622][   T11] veth1_macvtap: left promiscuous mode
[  611.345828][   T11] veth0_macvtap: left promiscuous mode
[  611.359669][   T11] veth1_vlan: left promiscuous mode
[  611.365117][   T11] veth0_vlan: left promiscuous mode
[  611.843046][ T4621] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  611.853894][ T4621] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  611.863470][ T4621] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  611.884525][ T4621] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  611.899538][ T4621] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  611.936776][ T4621] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  612.680205][   T11] team0 (unregistering): Port device team_slave_0 removed
[  612.919380][ T4621] Bluetooth: hci4: command tx timeout
[  613.547230][T14347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2012'.
[  613.610363][T14374] netlink: 'syz.1.2021': attribute type 6 has an invalid length.
[  613.986991][T14389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2025'.
[  614.039158][   T25] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  614.047069][ T4621] Bluetooth: hci3: command tx timeout
[  614.198804][T14367] chnl_net:caif_netlink_parms(): no params data found
[  614.230340][   T25] usb 5-1: Using ep0 maxpacket: 8
[  614.246542][   T25] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  614.262621][   T25] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  614.295475][T14328] chnl_net:caif_netlink_parms(): no params data found
[  614.302711][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.315015][T14392] xt_cluster: node mask cannot exceed total number of nodes
[  614.539895][T14380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  614.554120][T14380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  614.680531][T10855] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  614.694406][T10855] Bluetooth: hci0: Injecting HCI hardware error event
[  614.704583][T10855] Bluetooth: hci0: hardware error 0x00
[  614.999602][ T4621] Bluetooth: hci4: command tx timeout
[  615.150131][T14367] bridge0: port 1(bridge_slave_0) entered blocking state
[  615.170520][T14367] bridge0: port 1(bridge_slave_0) entered disabled state
[  615.184853][T14367] bridge_slave_0: entered allmulticast mode
[  615.209204][T14367] bridge_slave_0: entered promiscuous mode
[  615.407247][T14328] bridge0: port 1(bridge_slave_0) entered blocking state
[  615.426000][T14328] bridge0: port 1(bridge_slave_0) entered disabled state
[  615.452443][T14328] bridge_slave_0: entered allmulticast mode
[  615.487744][T14328] bridge_slave_0: entered promiscuous mode
[  615.522428][T14328] bridge0: port 2(bridge_slave_1) entered blocking state
[  615.569202][T14328] bridge0: port 2(bridge_slave_1) entered disabled state
[  615.576713][T14328] bridge_slave_1: entered allmulticast mode
[  615.639811][T14328] bridge_slave_1: entered promiscuous mode
[  615.662770][T14367] bridge0: port 2(bridge_slave_1) entered blocking state
[  615.691783][T14367] bridge0: port 2(bridge_slave_1) entered disabled state
[  615.719162][T14367] bridge_slave_1: entered allmulticast mode
[  615.755755][T14367] bridge_slave_1: entered promiscuous mode
[  615.808250][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.869067][T14421] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2028'.
[  615.980890][T14426] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  615.987803][T14426] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  616.031465][T14426] vhci_hcd vhci_hcd.0: Device attached
[  616.123429][ T4621] Bluetooth: hci3: command tx timeout
[  616.197197][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.288666][T14328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  616.297775][ T5276] usb 15-1: new high-speed USB device number 3 using vhci_hcd
[  616.420136][T14367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  616.539455][    T9] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  616.586335][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.628155][T14328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  616.699888][T14367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  616.748931][    T9] usb 4-1: Using ep0 maxpacket: 8
[  616.756113][    T9] usb 4-1: config 0 has no interfaces?
[  616.769255][T10855] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  616.775388][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  616.806748][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.890924][    T9] usb 4-1: Product: syz
[  616.906815][    T9] usb 4-1: Manufacturer: syz
[  616.933256][    T9] usb 4-1: SerialNumber: syz
[  616.970151][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.990180][    T9] usb 4-1: config 0 descriptor??
[  616.996500][T14444] xt_cluster: node mask cannot exceed total number of nodes
[  617.080455][T10855] Bluetooth: hci4: command tx timeout
[  617.132048][T14328] team0: Port device team_slave_0 added
[  617.169310][   T25] usb 5-1: string descriptor 0 read error: -71
[  617.212203][   T25] hub 5-1:32.0: bad descriptor, ignoring hub
[  617.242424][   T25] hub 5-1:32.0: probe with driver hub failed with error -5
[  617.276479][T14367] team0: Port device team_slave_0 added
[  617.340503][   T25] usb 5-1: USB disconnect, device number 37
[  617.411631][T14328] team0: Port device team_slave_1 added
[  617.440005][T14454] netlink: 'syz.4.2034': attribute type 6 has an invalid length.
[  617.502094][T14367] team0: Port device team_slave_1 added
[  617.537622][    T9] usb 4-1: USB disconnect, device number 58
[  617.629994][T13272] udevd[13272]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  617.761154][T14367] batman_adv: batadv0: Adding interface: batadv_slave_0
[  617.780588][T14462] x_tables: ip6_tables: l2tp.0 match: invalid size 16 (kernel) != (user) 56
[  617.807768][T14367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.840462][T14367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  617.866427][T14328] batman_adv: batadv0: Adding interface: batadv_slave_0
[  617.879220][T14328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.912012][T14328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  618.048372][T14427] vhci_hcd: connection reset by peer
[  618.074436][ T2535] vhci_hcd: stop threads
[  618.078698][ T2535] vhci_hcd: release socket
[  618.110994][T14367] batman_adv: batadv0: Adding interface: batadv_slave_1
[  618.148022][ T2535] vhci_hcd: disconnect device
[  618.153646][T14367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  618.199020][T10855] Bluetooth: hci3: command tx timeout
[  618.209966][T14367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  618.230643][T14328] batman_adv: batadv0: Adding interface: batadv_slave_1
[  618.237855][T14328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  618.264552][   T29] audit: type=1326 audit(1723242658.588:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz.3.2036" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0278f779f9 code=0x0
[  618.287832][T14328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  618.683950][T14328] hsr_slave_0: entered promiscuous mode
[  618.725362][T14328] hsr_slave_1: entered promiscuous mode
[  618.732037][T14328] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  618.773205][T14328] Cannot create hsr debugfs directory
[  618.816511][   T11] bridge_slave_1: left allmulticast mode
[  618.834965][   T11] bridge_slave_1: left promiscuous mode
[  618.931928][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.992612][   T11] bridge_slave_0: left allmulticast mode
[  619.028007][   T11] bridge_slave_0: left promiscuous mode
[  619.055074][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.279377][T10855] Bluetooth: hci3: command tx timeout
[  620.449844][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  620.570820][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  620.601889][   T11] bond0 (unregistering): Released all slaves
[  620.644483][T14489] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2040'.
[  620.659431][T14489] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2040'.
[  620.679201][T14489] vlan0: entered allmulticast mode
[  620.684591][T14489] veth0_vlan: entered allmulticast mode
[  620.829017][   T25] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  620.868539][T14507] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2043'.
[  620.909906][T14508] syzkaller1: entered promiscuous mode
[  620.939804][T14508] syzkaller1: entered allmulticast mode
[  621.014903][T14367] hsr_slave_0: entered promiscuous mode
[  621.030531][T14367] hsr_slave_1: entered promiscuous mode
[  621.048755][T14367] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  621.058639][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  621.067875][T14367] Cannot create hsr debugfs directory
[  621.079981][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  621.108474][   T25] usb 5-1: config 1 has no interface number 0
[  621.124683][   T25] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  621.179842][   T25] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  621.195186][T10855] Bluetooth: hci5: unexpected subevent 0x1a length: 10 > 6
[  621.217280][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.227415][   T25] usb 5-1: Product: syz
[  621.231731][   T25] usb 5-1: Manufacturer: syz
[  621.236346][   T25] usb 5-1: SerialNumber: syz
[  621.260201][   T25] usb 5-1: selecting invalid altsetting 1
[  621.289114][ T5264] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  621.312049][T14520] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2047'.
[  621.399730][ T5276] vhci_hcd: vhci_device speed not set
[  621.469003][ T5264] usb 4-1: device descriptor read/64, error -71
[  621.749271][ T5264] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  621.765953][   T11] hsr_slave_0: left promiscuous mode
[  621.777863][   T11] hsr_slave_1: left promiscuous mode
[  621.789740][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  621.817623][   T25] cdc_ncm 5-1:1.1: bind() failure
[  621.825330][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  621.849332][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  621.858155][   T25] usb 5-1: USB disconnect, device number 38
[  621.869171][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  621.969050][ T5264] usb 4-1: device descriptor read/64, error -71
[  621.989015][   T11] veth1_macvtap: left promiscuous mode
[  621.994701][   T11] veth0_macvtap: left promiscuous mode
[  622.000730][   T11] veth1_vlan: left promiscuous mode
[  622.006254][   T11] veth0_vlan: left promiscuous mode
[  622.076818][T14532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  622.102829][T14532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  622.110409][ T5264] usb usb4-port1: attempt power cycle
[  622.167975][T14532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  622.178756][T14532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  622.292332][T14533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  622.329261][T14533] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  622.519278][ T5264] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  622.570273][ T5264] usb 4-1: device descriptor read/8, error -71
[  622.879759][ T5264] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  622.919800][ T5264] usb 4-1: device descriptor read/8, error -71
[  623.042431][ T5264] usb usb4-port1: unable to enumerate USB device
[  623.185628][   T11] team0 (unregistering): Port device team_slave_1 removed
[  623.239162][T10855] Bluetooth: hci5: command tx timeout
[  623.319472][   T11] team0 (unregistering): Port device team_slave_0 removed
[  623.880581][T14536] ebt_among: wrong size: 1048 against expected 710676, rounded to 710680
[  624.697490][T14549] netlink: 'syz.3.2055': attribute type 6 has an invalid length.
[  624.763250][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  624.770997][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  624.853976][T14548] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2054'.
[  624.984710][   T11] IPVS: stop unused estimator thread 0...
[  625.727071][T14367] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  625.769038][T14579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  625.782351][T14367] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  625.809416][T14579] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  625.835183][T14367] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  625.905697][T14367] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  625.981126][T14589] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2062'.
[  626.084701][T14592] FAULT_INJECTION: forcing a failure.
[  626.084701][T14592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  626.112428][T14592] CPU: 0 UID: 0 PID: 14592 Comm: syz.3.2066 Not tainted 6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  626.123234][T14592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  626.133279][T14592] Call Trace:
[  626.136550][T14592]  <TASK>
[  626.139468][T14592]  dump_stack_lvl+0x241/0x360
[  626.144146][T14592]  ? __pfx_dump_stack_lvl+0x10/0x10
[  626.149349][T14592]  ? __pfx__printk+0x10/0x10
[  626.153938][T14592]  ? __pfx_lock_release+0x10/0x10
[  626.158969][T14592]  ? __lock_acquire+0x137a/0x2040
[  626.164000][T14592]  should_fail_ex+0x3b0/0x4e0
[  626.168682][T14592]  _copy_from_user+0x2f/0xe0
[  626.173282][T14592]  io_submit_one+0xc1/0x18b0
[  626.177977][T14592]  ? __pfx_io_submit_one+0x10/0x10
[  626.183086][T14592]  ? __might_fault+0xaa/0x120
[  626.187766][T14592]  ? __pfx_lock_release+0x10/0x10
[  626.192793][T14592]  ? lookup_ioctx+0x94/0x6a0
[  626.197378][T14592]  ? __might_fault+0xaa/0x120
[  626.202068][T14592]  ? __might_fault+0xc6/0x120
[  626.206742][T14592]  __se_sys_io_submit+0x179/0x2f0
[  626.211764][T14592]  ? __pfx___se_sys_io_submit+0x10/0x10
[  626.217311][T14592]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  626.223298][T14592]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  626.229629][T14592]  ? do_syscall_64+0x100/0x230
[  626.234396][T14592]  ? do_syscall_64+0xb6/0x230
[  626.239075][T14592]  do_syscall_64+0xf3/0x230
[  626.243576][T14592]  ? clear_bhb_loop+0x35/0x90
[  626.248248][T14592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.254183][T14592] RIP: 0033:0x7f0278f779f9
[  626.258601][T14592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.278222][T14592] RSP: 002b:00007f0279d32038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  626.286660][T14592] RAX: ffffffffffffffda RBX: 00007f0279105f80 RCX: 00007f0278f779f9
[  626.294629][T14592] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f0279d11000
[  626.302595][T14592] RBP: 00007f0279d32090 R08: 0000000000000000 R09: 0000000000000000
[  626.310558][T14592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  626.318519][T14592] R13: 0000000000000000 R14: 00007f0279105f80 R15: 00007f027922fa38
[  626.326501][T14592]  </TASK>
[  626.594495][T14596] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2067'.
[  626.623211][T14596] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2067'.
[  626.789276][T14598] team0: Port device team_slave_1 removed
[  627.315412][T14613] netdevsim netdevsim4: Direct firmware load for ng failed with error -2
[  627.331560][T14613] netdevsim netdevsim4: Falling back to sysfs fallback for: ng
[  627.477054][T14619] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2073'.
[  627.588461][T14367] 8021q: adding VLAN 0 to HW filter on device bond0
[  627.615418][T14619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  627.626367][T14621] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2074'.
[  627.651605][T14621] (unnamed net_device) (uninitialized): option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0)
[  627.873819][T14367] 8021q: adding VLAN 0 to HW filter on device team0
[  627.915545][T14328] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  627.943542][T14328] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  627.983076][T14328] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  628.029673][ T2535] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.036855][ T2535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.086669][T14328] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  628.156242][ T2535] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.163575][ T2535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.602872][T14367] 8021q: adding VLAN 0 to HW filter on device batadv0
[  628.640796][T14328] 8021q: adding VLAN 0 to HW filter on device bond0
[  628.705366][T14328] 8021q: adding VLAN 0 to HW filter on device team0
[  628.797927][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.805159][ T2489] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.905518][ T2489] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.912765][ T2489] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.971870][T14367] veth0_vlan: entered promiscuous mode
[  629.036232][T14367] veth1_vlan: entered promiscuous mode
[  629.239883][T10855] Bluetooth: hci1: command tx timeout
[  629.310952][T14367] veth0_macvtap: entered promiscuous mode
[  629.443603][T14367] veth1_macvtap: entered promiscuous mode
[  629.512882][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  629.544487][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.585708][   T29] audit: type=1326 audit(1723242669.918:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14651 comm="syz.3.2081" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0278f779f9 code=0x0
[  629.627938][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  629.658998][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.677521][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  629.718546][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.760030][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  629.776563][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.788605][T14367] batman_adv: batadv0: Interface activated: batadv_slave_0
[  629.817148][T14659] netlink: 'syz.1.2083': attribute type 30 has an invalid length.
[  629.886091][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.913720][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.927874][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.941270][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.967709][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.982513][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.995543][T14367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  630.032297][T14367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  630.052827][T14367] batman_adv: batadv0: Interface activated: batadv_slave_1
[  630.077323][T14663] netdevsim netdevsim4: Direct firmware load for ng failed with error -2
[  630.094943][T14328] 8021q: adding VLAN 0 to HW filter on device batadv0
[  630.113923][T14663] netdevsim netdevsim4: Falling back to sysfs fallback for: ng
[  630.124726][T14367] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  630.143413][T14367] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  630.162176][T14367] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  630.173760][T14367] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  630.348851][T14328] veth0_vlan: entered promiscuous mode
[  630.476251][T14668] netlink: 348 bytes leftover after parsing attributes in process `syz.3.2085'.
[  630.521097][T14328] veth1_vlan: entered promiscuous mode
[  630.534839][T14668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2085'.
[  630.705077][ T2535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  630.733446][ T2535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  630.827354][T14328] veth0_macvtap: entered promiscuous mode
[  630.938259][T14328] veth1_macvtap: entered promiscuous mode
[  630.944493][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  630.980311][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  631.025135][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.064859][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.088387][T14683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.123180][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.134951][T14683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.159668][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.182128][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.210939][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.233939][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.265016][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.288995][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.331519][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.384355][T14328] batman_adv: batadv0: Interface activated: batadv_slave_0
[  631.433108][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.485005][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.549061][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.633129][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.651399][T14694] xt_SECMARK: invalid mode: 0
[  631.697117][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.753618][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.795584][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.829835][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.843303][T14328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.857778][T14328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.886465][T14328] batman_adv: batadv0: Interface activated: batadv_slave_1
[  631.898053][T10855] Bluetooth: hci1: command tx timeout
[  631.964080][T14328] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  632.038179][T14328] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  632.122546][T14703] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2088'.
[  632.164057][T14328] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  632.202512][T14328] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  632.757701][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.787744][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.893729][T10855] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585
[  632.904791][T10855] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 10855, name: kworker/u9:0
[  632.916761][T10855] preempt_count: 0, expected: 0
[  632.922320][T10855] RCU nest depth: 1, expected: 0
[  632.927296][T10855] 4 locks held by kworker/u9:0/10855:
[  632.934482][T10855]  #0: ffff888048cd5948 ((wq_completion)hci5#2){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  632.946127][T10855]  #1: ffffc90009647d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  632.958948][T10855]  #2: ffff88802cfb4078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0
[  632.970022][T10855]  #3: ffffffff8e9382a0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0
[  632.980779][T10855] CPU: 1 UID: 0 PID: 10855 Comm: kworker/u9:0 Not tainted 6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  632.992055][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  633.002109][T10855] Workqueue: hci5 hci_rx_work
[  633.006788][T10855] Call Trace:
[  633.010146][T10855]  <TASK>
[  633.013064][T10855]  dump_stack_lvl+0x241/0x360
[  633.017748][T10855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  633.022947][T10855]  ? __pfx__printk+0x10/0x10
[  633.027536][T10855]  __might_resched+0x5d4/0x780
[  633.032305][T10855]  ? __mutex_lock+0x112/0xd70
[  633.036977][T10855]  ? __pfx___might_resched+0x10/0x10
[  633.042277][T10855]  __mutex_lock+0xc1/0xd70
[  633.046697][T10855]  ? __pfx_lock_acquire+0x10/0x10
[  633.051717][T10855]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.057950][T10855]  ? __pfx_lock_release+0x10/0x10
[  633.062973][T10855]  ? __pfx___mutex_lock+0x10/0x10
[  633.067990][T10855]  ? trace_contention_end+0x3c/0x120
[  633.073291][T10855]  ? skb_pull_data+0x112/0x230
[  633.078046][T10855]  ? hci_conn_set_handle+0x9a/0x270
[  633.083255][T10855]  hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.089340][T10855]  ? __copy_skb_header+0x437/0x5b0
[  633.094454][T10855]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[  633.100612][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  633.107200][T10855]  ? hci_le_meta_evt+0x366/0x580
[  633.112143][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  633.118748][T10855]  hci_event_packet+0xa55/0x1540
[  633.123692][T10855]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  633.128992][T10855]  ? __pfx_hci_event_packet+0x10/0x10
[  633.134373][T10855]  ? do_raw_spin_unlock+0x13c/0x8b0
[  633.139581][T10855]  ? hci_send_to_monitor+0xd8/0x7f0
[  633.144783][T10855]  ? kcov_remote_start+0x97/0x7d0
[  633.149817][T10855]  hci_rx_work+0x3e8/0xca0
[  633.154238][T10855]  ? process_scheduled_works+0x945/0x1830
[  633.159957][T10855]  process_scheduled_works+0xa2c/0x1830
[  633.165526][T10855]  ? __pfx_process_scheduled_works+0x10/0x10
[  633.171517][T10855]  ? assign_work+0x364/0x3d0
[  633.176113][T10855]  worker_thread+0x86d/0xd40
[  633.180712][T10855]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  633.186607][T10855]  ? __kthread_parkme+0x169/0x1d0
[  633.191636][T10855]  ? __pfx_worker_thread+0x10/0x10
[  633.196746][T10855]  kthread+0x2f0/0x390
[  633.200841][T10855]  ? __pfx_worker_thread+0x10/0x10
[  633.205984][T10855]  ? __pfx_kthread+0x10/0x10
[  633.210592][T10855]  ret_from_fork+0x4b/0x80
[  633.215021][T10855]  ? __pfx_kthread+0x10/0x10
[  633.219619][T10855]  ret_from_fork_asm+0x1a/0x30
[  633.224400][T10855]  </TASK>
[  633.239409][T10855] 
[  633.241763][T10855] =============================
[  633.246590][T10855] [ BUG: Invalid wait context ]
[  633.251418][T10855] 6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0 Tainted: G        W         
[  633.259984][T10855] -----------------------------
[  633.264806][T10855] kworker/u9:0/10855 is trying to lock:
[  633.270327][T10855] ffffffff8fded568 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.280921][T10855] other info that might help us debug this:
[  633.286787][T10855] context-{4:4}
[  633.290226][T10855] 4 locks held by kworker/u9:0/10855:
[  633.295571][T10855]  #0: ffff888048cd5948 ((wq_completion)hci5#2){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  633.306519][T10855]  #1: ffffc90009647d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  633.318501][T10855]  #2: ffff88802cfb4078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0
[  633.329024][T10855]  #3: ffffffff8e9382a0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0
[  633.339719][T10855] stack backtrace:
[  633.343421][T10855] CPU: 1 UID: 0 PID: 10855 Comm: kworker/u9:0 Tainted: G        W          6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  633.355817][T10855] Tainted: [W]=WARN
[  633.359605][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  633.369644][T10855] Workqueue: hci5 hci_rx_work
[  633.374309][T10855] Call Trace:
[  633.377569][T10855]  <TASK>
[  633.380485][T10855]  dump_stack_lvl+0x241/0x360
[  633.385152][T10855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  633.390767][T10855]  ? __pfx__printk+0x10/0x10
[  633.395350][T10855]  __lock_acquire+0x153b/0x2040
[  633.400193][T10855]  lock_acquire+0x1ed/0x550
[  633.404680][T10855]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.410908][T10855]  ? __pfx_lock_acquire+0x10/0x10
[  633.415924][T10855]  ? __mutex_lock+0x112/0xd70
[  633.420589][T10855]  ? __pfx___might_resched+0x10/0x10
[  633.425858][T10855]  __mutex_lock+0x136/0xd70
[  633.430368][T10855]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.436600][T10855]  ? __pfx_lock_acquire+0x10/0x10
[  633.441610][T10855]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.447830][T10855]  ? __pfx_lock_release+0x10/0x10
[  633.452840][T10855]  ? __pfx___mutex_lock+0x10/0x10
[  633.457851][T10855]  ? trace_contention_end+0x3c/0x120
[  633.463120][T10855]  ? skb_pull_data+0x112/0x230
[  633.467867][T10855]  ? hci_conn_set_handle+0x9a/0x270
[  633.473050][T10855]  hci_le_create_big_complete_evt+0x3d9/0xae0
[  633.479103][T10855]  ? __copy_skb_header+0x437/0x5b0
[  633.484197][T10855]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[  633.490344][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  633.496913][T10855]  ? hci_le_meta_evt+0x366/0x580
[  633.501857][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  633.508428][T10855]  hci_event_packet+0xa55/0x1540
[  633.513350][T10855]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  633.518615][T10855]  ? __pfx_hci_event_packet+0x10/0x10
[  633.523966][T10855]  ? do_raw_spin_unlock+0x13c/0x8b0
[  633.529154][T10855]  ? hci_send_to_monitor+0xd8/0x7f0
[  633.534338][T10855]  ? kcov_remote_start+0x97/0x7d0
[  633.539350][T10855]  hci_rx_work+0x3e8/0xca0
[  633.543755][T10855]  ? process_scheduled_works+0x945/0x1830
[  633.549459][T10855]  process_scheduled_works+0xa2c/0x1830
[  633.555004][T10855]  ? __pfx_process_scheduled_works+0x10/0x10
[  633.560994][T10855]  ? assign_work+0x364/0x3d0
[  633.565576][T10855]  worker_thread+0x86d/0xd40
[  633.570153][T10855]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  633.576059][T10855]  ? __kthread_parkme+0x169/0x1d0
[  633.581070][T10855]  ? __pfx_worker_thread+0x10/0x10
[  633.586520][T10855]  kthread+0x2f0/0x390
[  633.590580][T10855]  ? __pfx_worker_thread+0x10/0x10
[  633.595674][T10855]  ? __pfx_kthread+0x10/0x10
[  633.600249][T10855]  ret_from_fork+0x4b/0x80
[  633.604648][T10855]  ? __pfx_kthread+0x10/0x10
[  633.609223][T10855]  ret_from_fork_asm+0x1a/0x30
[  633.614062][T10855]  </TASK>
[  633.624084][T10855] ==================================================================
[  633.632196][T10855] BUG: KASAN: slab-use-after-free in hci_le_create_big_complete_evt+0x383/0xae0
[  633.641246][T10855] Read of size 8 at addr ffff88802405c000 by task kworker/u9:0/10855
[  633.649418][T10855] 
[  633.651762][T10855] CPU: 0 UID: 0 PID: 10855 Comm: kworker/u9:0 Tainted: G        W          6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  633.664190][T10855] Tainted: [W]=WARN
[  633.667983][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  633.678027][T10855] Workqueue: hci5 hci_rx_work
[  633.682718][T10855] Call Trace:
[  633.686003][T10855]  <TASK>
[  633.688923][T10855]  dump_stack_lvl+0x241/0x360
[  633.693607][T10855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  633.698823][T10855]  ? __pfx__printk+0x10/0x10
[  633.703434][T10855]  ? _printk+0xd5/0x120
[  633.707585][T10855]  ? __virt_addr_valid+0x183/0x530
[  633.712856][T10855]  ? __virt_addr_valid+0x183/0x530
[  633.717952][T10855]  print_report+0x169/0x550
[  633.722447][T10855]  ? __virt_addr_valid+0x183/0x530
[  633.727545][T10855]  ? __virt_addr_valid+0x183/0x530
[  633.732662][T10855]  ? __virt_addr_valid+0x45f/0x530
[  633.737796][T10855]  ? __phys_addr+0xba/0x170
[  633.742296][T10855]  ? hci_le_create_big_complete_evt+0x383/0xae0
[  633.748528][T10855]  kasan_report+0x143/0x180
[  633.753052][T10855]  ? hci_le_create_big_complete_evt+0x383/0xae0
[  633.759382][T10855]  hci_le_create_big_complete_evt+0x383/0xae0
[  633.765549][T10855]  ? __copy_skb_header+0x437/0x5b0
[  633.770664][T10855]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[  633.776810][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  633.783482][T10855]  ? hci_le_meta_evt+0x366/0x580
[  633.788408][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  633.795006][T10855]  hci_event_packet+0xa55/0x1540
[  633.799961][T10855]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  633.805256][T10855]  ? __pfx_hci_event_packet+0x10/0x10
[  633.810615][T10855]  ? do_raw_spin_unlock+0x13c/0x8b0
[  633.815796][T10855]  ? hci_send_to_monitor+0xd8/0x7f0
[  633.820979][T10855]  ? kcov_remote_start+0x97/0x7d0
[  633.825988][T10855]  hci_rx_work+0x3e8/0xca0
[  633.830401][T10855]  ? process_scheduled_works+0x945/0x1830
[  633.836163][T10855]  process_scheduled_works+0xa2c/0x1830
[  633.841731][T10855]  ? __pfx_process_scheduled_works+0x10/0x10
[  633.847701][T10855]  ? assign_work+0x364/0x3d0
[  633.852277][T10855]  worker_thread+0x86d/0xd40
[  633.856853][T10855]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  633.862735][T10855]  ? __kthread_parkme+0x169/0x1d0
[  633.867831][T10855]  ? __pfx_worker_thread+0x10/0x10
[  633.872929][T10855]  kthread+0x2f0/0x390
[  633.876986][T10855]  ? __pfx_worker_thread+0x10/0x10
[  633.882095][T10855]  ? __pfx_kthread+0x10/0x10
[  633.887298][T10855]  ret_from_fork+0x4b/0x80
[  633.891792][T10855]  ? __pfx_kthread+0x10/0x10
[  633.896378][T10855]  ret_from_fork_asm+0x1a/0x30
[  633.901128][T10855]  </TASK>
[  633.904125][T10855] 
[  633.906428][T10855] Allocated by task 4621:
[  633.910731][T10855]  kasan_save_track+0x3f/0x80
[  633.915396][T10855]  __kasan_kmalloc+0x98/0xb0
[  633.919969][T10855]  __kmalloc_cache_noprof+0x19c/0x2c0
[  633.925318][T10855]  __hci_conn_add+0x2f9/0x1850
[  633.930091][T10855]  hci_le_big_sync_established_evt+0x414/0xc20
[  633.936239][T10855]  hci_event_packet+0xa55/0x1540
[  633.941167][T10855]  hci_rx_work+0x3e8/0xca0
[  633.945588][T10855]  process_scheduled_works+0xa2c/0x1830
[  633.951119][T10855]  worker_thread+0x86d/0xd40
[  633.955695][T10855]  kthread+0x2f0/0x390
[  633.959749][T10855]  ret_from_fork+0x4b/0x80
[  633.964148][T10855]  ret_from_fork_asm+0x1a/0x30
[  633.968894][T10855] 
[  633.971198][T10855] Freed by task 10855:
[  633.975238][T10855]  kasan_save_track+0x3f/0x80
[  633.979904][T10855]  kasan_save_free_info+0x40/0x50
[  633.984913][T10855]  poison_slab_object+0xe0/0x150
[  633.989834][T10855]  __kasan_slab_free+0x37/0x60
[  633.994579][T10855]  kfree+0x149/0x360
[  633.998472][T10855]  device_release+0x99/0x1c0
[  634.003045][T10855]  kobject_put+0x22f/0x480
[  634.007446][T10855]  hci_conn_del+0x8c4/0xc40
[  634.011932][T10855]  hci_le_create_big_complete_evt+0x619/0xae0
[  634.017982][T10855]  hci_event_packet+0xa55/0x1540
[  634.022896][T10855]  hci_rx_work+0x3e8/0xca0
[  634.027288][T10855]  process_scheduled_works+0xa2c/0x1830
[  634.032830][T10855]  worker_thread+0x86d/0xd40
[  634.037406][T10855]  kthread+0x2f0/0x390
[  634.041468][T10855]  ret_from_fork+0x4b/0x80
[  634.045889][T10855]  ret_from_fork_asm+0x1a/0x30
[  634.050647][T10855] 
[  634.052948][T10855] The buggy address belongs to the object at ffff88802405c000
[  634.052948][T10855]  which belongs to the cache kmalloc-8k of size 8192
[  634.066979][T10855] The buggy address is located 0 bytes inside of
[  634.066979][T10855]  freed 8192-byte region [ffff88802405c000, ffff88802405e000)
[  634.080672][T10855] 
[  634.082978][T10855] The buggy address belongs to the physical page:
[  634.089374][T10855] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24058
[  634.098121][T10855] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  634.106597][T10855] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  634.114608][T10855] page_type: 0xfdffffff(slab)
[  634.119266][T10855] raw: 00fff00000000040 ffff888015842280 0000000000000000 dead000000000001
[  634.127830][T10855] raw: 0000000000000000 0000000000020002 00000001fdffffff 0000000000000000
[  634.136405][T10855] head: 00fff00000000040 ffff888015842280 0000000000000000 dead000000000001
[  634.145063][T10855] head: 0000000000000000 0000000000020002 00000001fdffffff 0000000000000000
[  634.153717][T10855] head: 00fff00000000003 ffffea0000901601 ffffffffffffffff 0000000000000000
[  634.162381][T10855] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  634.171060][T10855] page dumped because: kasan: bad access detected
[  634.177489][T10855] page_owner tracks the page as allocated
[  634.183192][T10855] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 11822, tgid 11822 (syz-executor), ts 446974594267, free_ts 445252086451
[  634.206364][T10855]  post_alloc_hook+0x1f3/0x230
[  634.211143][T10855]  get_page_from_freelist+0x2e4c/0x2f10
[  634.216761][T10855]  __alloc_pages_noprof+0x256/0x6c0
[  634.221942][T10855]  alloc_slab_page+0x5f/0x120
[  634.226599][T10855]  allocate_slab+0x5a/0x2f0
[  634.231089][T10855]  ___slab_alloc+0xcd1/0x14b0
[  634.235839][T10855]  __slab_alloc+0x58/0xa0
[  634.240150][T10855]  __kmalloc_cache_noprof+0x1d5/0x2c0
[  634.245510][T10855]  mr_table_alloc+0x65/0x260
[  634.250116][T10855]  ip6mr_net_init+0x249/0x3c0
[  634.254793][T10855]  ops_init+0x359/0x610
[  634.258933][T10855]  setup_net+0x515/0xca0
[  634.263158][T10855]  copy_net_ns+0x4e2/0x7b0
[  634.267554][T10855]  create_new_namespaces+0x425/0x7b0
[  634.272819][T10855]  unshare_nsproxy_namespaces+0x124/0x180
[  634.278519][T10855]  ksys_unshare+0x619/0xc10
[  634.283016][T10855] page last free pid 11322 tgid 11322 stack trace:
[  634.289604][T10855]  free_unref_page+0xd22/0xea0
[  634.294353][T10855]  vfree+0x186/0x2e0
[  634.298229][T10855]  kcov_close+0x2b/0x50
[  634.302366][T10855]  __fput+0x24a/0x8a0
[  634.306347][T10855]  task_work_run+0x24f/0x310
[  634.310918][T10855]  do_exit+0xa2f/0x27f0
[  634.315051][T10855]  do_group_exit+0x207/0x2c0
[  634.319620][T10855]  __x64_sys_exit_group+0x3f/0x40
[  634.324621][T10855]  x64_sys_call+0x2634/0x2640
[  634.329282][T10855]  do_syscall_64+0xf3/0x230
[  634.333768][T10855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.339641][T10855] 
[  634.341943][T10855] Memory state around the buggy address:
[  634.347547][T10855]  ffff88802405bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  634.355606][T10855]  ffff88802405bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  634.363658][T10855] >ffff88802405c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  634.371716][T10855]                    ^
[  634.375768][T10855]  ffff88802405c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  634.383821][T10855]  ffff88802405c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  634.391895][T10855] ==================================================================
[  634.441845][T10855] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  634.449179][T10855] CPU: 0 UID: 0 PID: 10855 Comm: kworker/u9:0 Tainted: G        W          6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  634.461707][T10855] Tainted: [W]=WARN
[  634.465604][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  634.475670][T10855] Workqueue: hci5 hci_rx_work
[  634.480367][T10855] Call Trace:
[  634.483652][T10855]  <TASK>
[  634.486589][T10855]  dump_stack_lvl+0x241/0x360
[  634.491286][T10855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  634.496499][T10855]  ? __pfx__printk+0x10/0x10
[  634.501109][T10855]  ? rcu_is_watching+0x15/0xb0
[  634.505908][T10855]  ? preempt_schedule+0xe1/0xf0
[  634.510754][T10855]  ? vscnprintf+0x5d/0x90
[  634.515074][T10855]  panic+0x349/0x860
[  634.518969][T10855]  ? check_panic_on_warn+0x21/0xb0
[  634.524071][T10855]  ? __pfx_panic+0x10/0x10
[  634.528485][T10855]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  634.534517][T10855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  634.540844][T10855]  ? print_report+0x502/0x550
[  634.545672][T10855]  check_panic_on_warn+0x86/0xb0
[  634.550612][T10855]  ? hci_le_create_big_complete_evt+0x383/0xae0
[  634.556877][T10855]  end_report+0x77/0x160
[  634.561146][T10855]  kasan_report+0x154/0x180
[  634.565658][T10855]  ? hci_le_create_big_complete_evt+0x383/0xae0
[  634.571901][T10855]  hci_le_create_big_complete_evt+0x383/0xae0
[  634.577963][T10855]  ? __copy_skb_header+0x437/0x5b0
[  634.583066][T10855]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[  634.589213][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  634.595795][T10855]  ? hci_le_meta_evt+0x366/0x580
[  634.600726][T10855]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[  634.607314][T10855]  hci_event_packet+0xa55/0x1540
[  634.612262][T10855]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  634.617554][T10855]  ? __pfx_hci_event_packet+0x10/0x10
[  634.622929][T10855]  ? do_raw_spin_unlock+0x13c/0x8b0
[  634.628125][T10855]  ? hci_send_to_monitor+0xd8/0x7f0
[  634.633320][T10855]  ? kcov_remote_start+0x97/0x7d0
[  634.638340][T10855]  hci_rx_work+0x3e8/0xca0
[  634.642751][T10855]  ? process_scheduled_works+0x945/0x1830
[  634.648491][T10855]  process_scheduled_works+0xa2c/0x1830
[  634.654057][T10855]  ? __pfx_process_scheduled_works+0x10/0x10
[  634.660043][T10855]  ? assign_work+0x364/0x3d0
[  634.664630][T10855]  worker_thread+0x86d/0xd40
[  634.669215][T10855]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  634.675189][T10855]  ? __kthread_parkme+0x169/0x1d0
[  634.680205][T10855]  ? __pfx_worker_thread+0x10/0x10
[  634.685306][T10855]  kthread+0x2f0/0x390
[  634.689366][T10855]  ? __pfx_worker_thread+0x10/0x10
[  634.694467][T10855]  ? __pfx_kthread+0x10/0x10
[  634.699057][T10855]  ret_from_fork+0x4b/0x80
[  634.703480][T10855]  ? __pfx_kthread+0x10/0x10
[  634.708066][T10855]  ret_from_fork_asm+0x1a/0x30
[  634.712830][T10855]  </TASK>
[  634.716077][T10855] Kernel Offset: disabled
[  634.720388][T10855] Rebooting in 86400 seconds..