last executing test programs:

18m0.127671435s ago: executing program 2 (id=401):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
unshare(0x62040200)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x54, 0x12, 0x1, 0x800, 0x0, {0xa, 0x0, 0x0, 0x0, {0x0, 0x4e22, [], [], 0x0, [0x1]}}, [@INET_DIAG_REQ_BYTECODE={0x8, 0x3, "11000000"}]}, 0x54}}, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')

17m59.812655155s ago: executing program 4 (id=402):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000015c0)=@raw={'raw\x00', 0x8, 0x3, 0x2d8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @dev={0xfe, 0x80, '\x00', 0x30}, [0x0, 0x0, 0x0, 0xff000000], [], 'ipvlan0\x00', 'wg1\x00', {}, {}, 0x6, 0x0, 0x6}, 0x0, 0xf8, 0x118, 0x0, {0x0, 0x4c00}, [@common=@inet=@multiport={{0x50}, {0xfe, 0x6, [0x4e23, 0x4e21, 0x4e22, 0x4e24, 0x4e23, 0x4e20, 0x4e22, 0x4e20, 0x4e23, 0x4e22, 0x4e24, 0x4e23, 0x4e21, 0x4e23, 0x4e22], [0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1], 0x1}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xc, 0x2, 0xfe, 'netbios-ns\x00', {0x9}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x6, &(0x7f0000000000))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000bd3b0a10443980c2aed259e9126fce5fd676a99a2f9baac99e9809aa9174675edbe35579cec2cb10398cff831d9949068ca10f33d507efebb3511109358ba2"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffa)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000002ec0)={0x1, @vbi={0xfffffffc, 0x6, 0x33524742, 0x32314742, [0xa, 0x8], [0x5, 0x7], 0x108}})
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100))
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f00000000c0)=0x20)
write$binfmt_elf32(r1, 0x0, 0x4cd)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100)=0x1)
accept(r0, 0x0, 0x0)

17m58.358648938s ago: executing program 2 (id=406):
creat(0x0, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x1, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000100)=0xfffffffb, 0x4)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0)
close(r0)

17m55.684758791s ago: executing program 2 (id=412):
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000087}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
r1 = openat$drirender128(0xffffffffffffff9c, 0x0, 0x3b5280, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000100)={0x2, 0xfff7ffc0, {}, {0xee00}, 0xffffffffffffffff, 0x104})
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@delneigh={0x44, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@NDA_DST_IPV6={0x14, 0x1, @dev}, @NDA_CACHEINFO={0x14, 0x3, {0x7}}]}, 0x44}}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x4003}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x6)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000040)="39000000120003474cbb65e1c3e4ffff07000d0001000000070000002500000004003d000c0014000000001f000006060400180000008cdb25", 0x39}], 0x1)
r5 = open$dir(&(0x7f0000000240)='./file0\x00', 0x28dc0, 0x21)
utimensat(r5, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={{0x77359400}}, 0x100)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000004200817a00"], 0x14}}, 0x0)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

17m54.944926052s ago: executing program 4 (id=417):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$IOMMU_DESTROY$hwpt(0xffffffffffffffff, 0x3b80, 0x0)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000002280)={0x0, 0x1, 0x40})
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000040)='ro\x00', &(0x7f0000000140)='\x00', 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540))

17m52.6865583s ago: executing program 4 (id=421):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00', {0x0, 0x10, 0x0, 0x7ff}, 0xffffffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x200000, 0x0, 0x3, 0x0, 0x0, 0x5, 0x0, 0x2abe, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4], [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x2c6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x4, 0x401], [0x0, 0xfffffffe, 0xc00000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102, 0x3, 0x0, 0x0, 0x9, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xa64e, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7], [0x8000, 0x10000, 0x0, 0x4, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x200, 0x3, 0xfffffffc, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x69]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)

17m52.319245485s ago: executing program 4 (id=423):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r2 = syz_open_dev$radio(0x0, 0x2, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000002280)={0x0, 0x1, 0x40})
readv(r2, &(0x7f0000000100)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000040)='ro\x00', &(0x7f0000000140)='\x00', 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540))

17m52.257628886s ago: executing program 2 (id=424):
setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, 0x0, 0x48)
mknodat$null(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x103)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = io_uring_setup(0x7fc0, &(0x7f0000000000)={0x0, 0x3, 0x40, 0x0, 0xfffffffc})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b60000009500000000000000819e0ee1d6e6d4287e9ed0defc7a58d7e8aa2c649a95543f8ce8e8631430c7299f028d28a6aae179659813382a"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
io_uring_setup(0x168e, &(0x7f0000000000)={0x0, 0x0, 0x2})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0x0)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000240)=0x800, 0xb4)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='comm\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

17m50.709373122s ago: executing program 2 (id=427):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582020002"], 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0xbc, &(0x7f0000000480)={[{0xb5, 0x4e00, "3669922f00b4b44357371eaab48719ad2fcbf9e654c74af6a3e54eaddb2f000ccb016599038128310e94cc0000000001000000999c8ce2acc2d35c9da910d31a2337f51a2f4f0d0550968c01702ce6da0c14fa63f150fa8462d05fc6b42026c11cbba8fda41f8c240b92c381e73293aede3708ccb95a19387804343547012f425b2ab74bd6f8e6cad60face10034e76f425fbc6eeb5b2f72541fb95c9bac9e07c3d79b587978d1c7ce002b14182512e9041f104b6e"}]})
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000100)={0x0, 0xfffffffffffffe61, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r4, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84001fff", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)

17m50.583080559s ago: executing program 4 (id=430):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r1=>0x0})
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0xb7d, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40}], 0x1c)
listen(r2, 0xfff)
getpeername(r2, 0x0, &(0x7f00000000c0))
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=within_size'])
chdir(&(0x7f0000000140)='./file0\x00')
socket$inet(0x2, 0x3, 0x2)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}}}}, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x400448cb, 0x0)
connect$ax25(r3, &(0x7f00000001c0)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default]}, 0x48)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000000d00000000000000000000000500010007ed760005000500026e11906bfa5ebdeb69746d61703a0400000000dd3467ac8377826cc0fdac3ed57d16dc527b3536f57716d39a9d6d7336edfacffe81b0d42a4f302a793f1dc3db"], 0x34}}, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x7}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0xc7, '\x00', 0x86dc, 0x3, 0x6, 0xc}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x801}, 0x4000010)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f0000000280)={0xc}, 0x1)

17m46.452313732s ago: executing program 4 (id=440):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x57)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r2, 0x0, 0xa0028000}, 0x38)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@loopback, @loopback, @local}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffc6e)
openat$pfkey(0xffffff9c, 0x0, 0x60100, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r4, 0x8912, &(0x7f0000000100)=@req={0x28, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_names='batadv0\x00'}})
r6 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2800f8ff076cf02e6052a6c42e6df40084a35e6ba8206305adb6f8796f1a", @ANYRES32=r7, @ANYBLOB="80008f000a000200aaaaaaaaaa1c0000"], 0x28}}, 0x0)
fchdir(0xffffffffffffffff)
rmdir(&(0x7f0000000040)='./control\x00')

17m45.463073249s ago: executing program 2 (id=441):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r2 = syz_open_dev$radio(0x0, 0x2, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000002280)={0x0, 0x1, 0x40})
readv(r2, &(0x7f0000000100)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000040)='ro\x00', &(0x7f0000000140)='\x00', 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540))

17m31.00480835s ago: executing program 32 (id=440):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x57)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r2, 0x0, 0xa0028000}, 0x38)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@loopback, @loopback, @local}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffc6e)
openat$pfkey(0xffffff9c, 0x0, 0x60100, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r4, 0x8912, &(0x7f0000000100)=@req={0x28, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_names='batadv0\x00'}})
r6 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2800f8ff076cf02e6052a6c42e6df40084a35e6ba8206305adb6f8796f1a", @ANYRES32=r7, @ANYBLOB="80008f000a000200aaaaaaaaaa1c0000"], 0x28}}, 0x0)
fchdir(0xffffffffffffffff)
rmdir(&(0x7f0000000040)='./control\x00')

17m29.65379378s ago: executing program 33 (id=441):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r2 = syz_open_dev$radio(0x0, 0x2, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000002280)={0x0, 0x1, 0x40})
readv(r2, &(0x7f0000000100)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000040)='ro\x00', &(0x7f0000000140)='\x00', 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540))

2m49.630759219s ago: executing program 0 (id=2922):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001480)={0x10, 0x1401, 0x105, 0x70bd27, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0xfffffffe, 0x0, 0x0, 0xa, "df3f040100010f0000000000f2150609000040"})
r2 = syz_open_pts(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='mm_compaction_try_to_compact_pages\x00', r6}, 0x18)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r7, 0xc0505350, &(0x7f0000000480)={{}, {}, 0x4, 0x5})
close(r2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x58, 0x10, 0x40d, 0x0, 0x200000, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x2}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x58}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, &(0x7f0000000040))
socket(0x15, 0x5, 0x0)
unshare(0x20040600)

2m48.733482969s ago: executing program 0 (id=2925):
r0 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, @l2={0x1f, 0x100, @none, 0xa3}, @generic={0x23, "69b9e4ea901ad845d246e178b41e"}, @can={0x1d, r1}, 0x1000, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000040)='geneve0\x00', 0x7fff, 0xba7, 0x1})
r2 = dup3(r0, r0, 0x80000)
connect$can_bcm(r2, &(0x7f0000000100), 0x10)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x8, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000001)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f0000000280))
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), r2)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r2, &(0x7f0000000580)={&(0x7f00000002c0), 0xc, &(0x7f0000000540)={&(0x7f0000000340)={0x1c4, r3, 0x2, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x5}, {0x8, 0x13, 0x5}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x4}, {0x8, 0x13, 0x7f}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xc71}, {0x6, 0x11, 0x800}, {0x8, 0x13, 0xf2e}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xffff}, {0x6, 0x11, 0x6}, {0x8, 0x13, 0x1}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0xc}, {0x8, 0x13, 0x9}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}, {0x6}, {0x8, 0x13, 0x1}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x6}, {0x8, 0x13, 0x9}, {0x5}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x20000010}, 0x8000)
ioctl$BLKPG(r2, 0x1269, &(0x7f0000000680)={0x3, 0x0, 0x98, &(0x7f00000005c0)={0x18000000, 0x0, 0x9}})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r4, 0x0, 0x82, &(0x7f00000006c0)={'filter\x00', 0x0, 0x0, 0x0, [0x1, 0x80000000, 0x5, 0x5, 0x7, 0x200]}, &(0x7f0000000740)=0x78)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000780)={0xdddd1000, 0x100000})
setsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f00000007c0)=0xa5, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000800))
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', 0x20400, 0x10)
mknodat$null(r6, &(0x7f0000000880)='./file0\x00', 0x0, 0x103)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000008c0), 0x220840, 0x0)
r7 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000a80), 0x8000, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000b40)={0x9, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1e, 0x12, &(0x7f0000000900)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x6}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x3}, @cb_func={0x18, 0x2, 0x4, 0x0, 0xfffffffffffffffa}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x2800}], &(0x7f00000009c0)='GPL\x00', 0x9, 0x7c, &(0x7f0000000a00)=""/124, 0x41100, 0x10, '\x00', r1, @fallback=0x36, r7, 0x8, &(0x7f0000000ac0)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000b00)={0x0, 0xb, 0xcad, 0xfffffffa}, 0x10, r8, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000b80)=[{0x4, 0x1, 0xf, 0x7}, {0x5, 0x1, 0xa, 0x1}, {0x3, 0x1, 0xe, 0x3}, {0x1, 0x1, 0x1, 0x2}, {0x1, 0x1, 0xd, 0x5}, {0x0, 0x5, 0xb, 0x5}], 0x10, 0x2, @void, @value}, 0x94)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = syz_open_dev$radio(&(0x7f0000000cc0), 0x1, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r9, 0x40305652, &(0x7f0000000d00)={0x5, 0x2, 0x8, 0x5, 0xfee8, 0x7, 0x800})
socket$nl_generic(0x10, 0x3, 0x10)
socket$isdn(0x22, 0x3, 0x4)
mkdir(&(0x7f0000000d40)='./file0\x00', 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)

2m48.520305039s ago: executing program 0 (id=2927):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6}, 0x20)
bind$unix(0xffffffffffffffff, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r6, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r5, 0x0, <r7=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32315d})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000380)={0x48, 0x7, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x146ead})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000300)={0x48, 0x7, r7, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x615ba})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48, 0x7, r7, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x2ca83})
close_range(r2, 0xffffffffffffffff, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000000206017ba17d51d3d8ac3600000000000900020073797a30000000000c000780080012400006000805000500000000000d000300686173683a6d6163000000000500040000000000050001"], 0x54}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)

2m48.061225362s ago: executing program 0 (id=2931):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ppoll(&(0x7f00000010c0)=[{r3}, {r3, 0xad0}], 0x2, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x40186f40, 0x20000502)
sendmsg$AUDIT_GET(0xffffffffffffffff, 0x0, 0x20)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x25, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e21, @multicast1}}, 0x0, 0xffff}, 0xc4)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f0000000200), 0xc, 0x0}, 0x0)
symlinkat(&(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
unshare(0x2c060000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x5}}, './file0\x00'})

2m46.954676085s ago: executing program 0 (id=2934):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xa0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x2, 0x3)
close_range(r1, 0xffffffffffffffff, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000003140), 0x2, 0x0)
splice(r1, 0x0, r0, 0x0, 0x10020, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x420100, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f0000000080)=r3)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000077c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x24a2401}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl(r6, 0x7fffffff, 0x0)
socket$inet(0x2, 0x80000, 0xd28e)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r8=>0x0})
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f00000002c0)={r8, 0x1, 0x6, @multicast}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r9=>r3}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, r9}, './file0/file0\x00'})

2m46.623609052s ago: executing program 0 (id=2937):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f00000002c0)='rxrpc\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = syz_open_procfs(0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
syz_open_pts(r4, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x7c}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x18)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f0000000040)="05000000010000", 0x7) (fail_nth: 4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[], 0x154}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000a00)=@security={'security\x00', 0xe, 0x4, 0x328, 0xffffffff, 0x1c0, 0xa0, 0x0, 0xffffffff, 0xffffffff, 0x290, 0x290, 0x290, 0xffffffff, 0x4, &(0x7f0000000040), {[{{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x800, 0x1, 0xa69c, 0x1}}}, {{@ip={@local, @broadcast, 0xffffff00, 0xff0000ff, 'veth1_macvtap\x00', 'batadv_slave_0\x00', {0xff}, {}, 0x2e, 0x0, 0x20}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x1, 0x2}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x0, 0x7, 0x1, 0x1, 0x0, 0x6], 0x5}, {0x1, [0x3, 0x0, 0x4, 0x3, 0x1, 0x2], 0x3, 0x5}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x6, 0x6, 0x2, 0x1, 0x4, 0x2], 0x2, 0x7}, {0x3, [0x2, 0x0, 0x4, 0x7, 0x5, 0x7], 0x4, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x0, 0xfd, 0x5, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @loopback={0x0, 0x460c6}, 0x7801, 0x0, 0x1}})

2m31.542762558s ago: executing program 34 (id=2937):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f00000002c0)='rxrpc\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = syz_open_procfs(0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
syz_open_pts(r4, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x7c}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x18)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f0000000040)="05000000010000", 0x7) (fail_nth: 4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[], 0x154}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000a00)=@security={'security\x00', 0xe, 0x4, 0x328, 0xffffffff, 0x1c0, 0xa0, 0x0, 0xffffffff, 0xffffffff, 0x290, 0x290, 0x290, 0xffffffff, 0x4, &(0x7f0000000040), {[{{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x800, 0x1, 0xa69c, 0x1}}}, {{@ip={@local, @broadcast, 0xffffff00, 0xff0000ff, 'veth1_macvtap\x00', 'batadv_slave_0\x00', {0xff}, {}, 0x2e, 0x0, 0x20}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x1, 0x2}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x0, 0x7, 0x1, 0x1, 0x0, 0x6], 0x5}, {0x1, [0x3, 0x0, 0x4, 0x3, 0x1, 0x2], 0x3, 0x5}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x6, 0x6, 0x2, 0x1, 0x4, 0x2], 0x2, 0x7}, {0x3, [0x2, 0x0, 0x4, 0x7, 0x5, 0x7], 0x4, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x0, 0xfd, 0x5, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @loopback={0x0, 0x460c6}, 0x7801, 0x0, 0x1}})

2m12.370936215s ago: executing program 3 (id=2246):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1820b4e18e244d80f8010000f1ffffff00100000850040007b050000003ed31ddbc663525d0e278f9f79ea82c239f661c7226d1237621725a2be781e85ee413585d0e45efef62eea0c14a183a8b216373a5ead6334da7e1831917145c6f9372e59c907120272960b83783f3e77445419f48c5792dfe8811b11d4af"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

1m47.33676989s ago: executing program 3 (id=2246):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1820b4e18e244d80f8010000f1ffffff00100000850040007b050000003ed31ddbc663525d0e278f9f79ea82c239f661c7226d1237621725a2be781e85ee413585d0e45efef62eea0c14a183a8b216373a5ead6334da7e1831917145c6f9372e59c907120272960b83783f3e77445419f48c5792dfe8811b11d4af"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

1m19.912332185s ago: executing program 3 (id=2246):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1820b4e18e244d80f8010000f1ffffff00100000850040007b050000003ed31ddbc663525d0e278f9f79ea82c239f661c7226d1237621725a2be781e85ee413585d0e45efef62eea0c14a183a8b216373a5ead6334da7e1831917145c6f9372e59c907120272960b83783f3e77445419f48c5792dfe8811b11d4af"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

57.093973411s ago: executing program 3 (id=2246):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1820b4e18e244d80f8010000f1ffffff00100000850040007b050000003ed31ddbc663525d0e278f9f79ea82c239f661c7226d1237621725a2be781e85ee413585d0e45efef62eea0c14a183a8b216373a5ead6334da7e1831917145c6f9372e59c907120272960b83783f3e77445419f48c5792dfe8811b11d4af"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

33.512995456s ago: executing program 3 (id=2246):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1820b4e18e244d80f8010000f1ffffff00100000850040007b050000003ed31ddbc663525d0e278f9f79ea82c239f661c7226d1237621725a2be781e85ee413585d0e45efef62eea0c14a183a8b216373a5ead6334da7e1831917145c6f9372e59c907120272960b83783f3e77445419f48c5792dfe8811b11d4af"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

18.266470454s ago: executing program 6 (id=3282):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x3a)
r1 = dup(r0)
bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000007300)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003180), 0x0, 0x0, 0x50}}], 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000001580)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000024c0)=[{0x10, 0xff, 0x4}, {0xd20, 0x109, 0x0, "dd078366773ba447ce7546d4e5b4358a3af257256c53aa7de6cf2b8b36250c26265b7456d82f280f6d143d12f575efa7bfb7d10d15d2a09c4cf2f8936c06726803fb1837e21db2c6c735bbe223592591341ce5fcd800416f704cdf1f395a652b2136d3290f409bc17221ec859cbf664f334d399836bee857cd8cf0fa2dbe4c136b46f7ac354a2bfceffe10989f9022777f7b0b6bde78ee799c29a29310a4b16343d63074670e131185933c351d7f613c42feda7d9abed3980c7bc2f53024f27f55c0aa674e4f3a0845d7c9a137fae4884cf235ef67d1a2da61bab8b6cd3b2078ea60af9931e1c17c97f76e5be5d97004ad1f55e1b762b2309d57eab8afb05168cf82fa1a9ec0f4a1c3b80315baf61b2fdce9e41d6a66bc24835361cd72f52cc9f7bb02a3b4dd5586e4ea59d2d5d3f503502d0ec706523401302b30aa384a1597f809afec7c0890e7e19a117892ad35f32307ba8b04511179f5c6bca7ad7471ea0440ef9ad98aaf9bee8d1c3b972488b0c7c17203d89d89f438b52c472a9cbc66846d4a79aa760338ee49f142a357c9890069d80143cc85f93b69d7338a376436d3a83352787a771f13e7aa2c3bbe79a72f8248a456c0f9fa63418ad889fd052db3f33062a2c78e1bf1ff7332feb89717e0a0a49bbd6fd36b1d55ab95a10937c1c5d0160454afa0738e37b848b721e54737f800dd759fe13fc435748691a6d6a18cae5e5bb13d927add9cfab866dd13cf646eb8b691c9814ee1b9028fd8f99b0b4249508efccb7766e120cffeac4cdf61d42c53664fe0ac6fccf7e2e8fd6be83af563f0de0c9eaf69c6d25636355cb2fc47f1d6690dbb3e407bb239dca0ded613faa76d32c7a998e0ef3b9ba25be3ffabdc5b655bed8308966b19185360a34baf0b3c184a3301acf70875c822bd1a437b1e557b5f4c4a124f2ae7dd5e4815c0cc8518a1bb1ff5924c2ef64cfa8cb0c99852b8a40c53b9eae86cf206e386a0e99bde03ab58e4f1816b1b4fc62698ef4c397aed8b67208a1f5ba7e2f9a0f04acc035dd84cdae6e96bc2692dee4a25c480b73dd03cf57d43283d9c31cac9ec6985281e676c67ec89b067d2016b9105f3e3189f672bf81a84d59ff59f922bdd585c68900fd60606cbd2c726ab5a3989bc82e8fe7738b8609fa6d8209ad69d3acdc5c9c283c58448105c44663a52c7c16d7095594a45a741becf4dc0b08a06e786c5827e410b742a015d01f87fc8f3d2bb0db3fddec4d79983cd1b3351090e9788acf766dfff19394309ed80c5ebee2656a79cdc1a031e9c6702dd223820006cd2b23c85cd41f767dc31f4ea3b5f700c7e09e3d340a4a50d316e8813eb9ef96efd9bcdd842527d960254d875882d9e080f51b15c500684f56ee5ba214896f1c35455d1a7c56735dd24c30ea599249df8b9d4cd6d36da8fa66be2a62c406079828afa535f7023b46ff4633b24465d06886610b5aa660cc227e58313a85dd9f48f0b20960ccfcacec0a8a0c79e68d290e3756f3d0834aa9476d936ef1dd140fc43c07e48b9147c8d6701123410d9e28ebf1f15fdc2c2613b232950217adbc1e36e980efc44b8a6f6e5d338ace9bb69f1e3fa562af137f89d3eab503ebbfa0ea0ed6ec750fd4d6dc0a310eaaf3b024fb55a76e98123ba464efae6b2d6e462ade95a0f919cffccf80fbd4cd1c8af796f555d1fcef92d5b374fb3a61dada62318ff4ee292038a41736b4fa5115ec4ae8dfadd6ea877293e9d40009f98c0f18ddc8e4254be5cee759a3985a266ed2fe96a530b07d074262224b380f074edf582f86cb2b8865ae50ef1f98438b8119d783bec294c234d0c037c766d5adccf2e2b2ae3a67202eeb855bef1b4a9519e626e8472e3dc449b849737ea59e00447a99809c3dbb079cd15540e907de19ca01d0b1c66c0c377bb19f609f9d18f3eae65dba3cff7454733642f294dc4d4912322e56dc6d751b0ad646fb0c07bba732e4c7be647494062e639c73dfe68107377ea1634975c7056c5c73605ce5f49e90b4912a089822040ac04e83e8e5f572a1911362a6f57caa5ebe745743ace8c9991793a8056dc22a24d3b39d0615110a8152c6e17eabb5c968fe14f190cef1cc144afcdbd24828a650f572958d6830a8c1986dd7c02e4e9f09a77f19337a1887f89264fe9d726bd435642681a8c8fb2e45e2954f304ebbb9c5a9a8ab4fe2af3c0cbfc3b72aaeac41afc8f5e801379c23252585cc933f2f7245f3fbedab460996372e7f96047c739adeb60ebcd140f1ceea9e1cd35027caf7de603efe4b5fc6087c9e17d849ef0bb17d62c3cab79ed34cb62f5c3e12c3608faf19a71f1513347e73980fcd9fcd2f7e8bc7d2e3d71691b8112971e0ccabcb97d6b1ae45bb4d79fff90482a127758dab810da43c46dcf717efae42ca060a8971d036e662462b8af78a5f4d21a980766c7e9a38d3c590e0738834de32b6350324d938433d60e0da14f63103b0e045882ac93dd4f10bc1dd9ccfd47fe82179b6c0b88c99d7852bd36e0707b34c7d6127685f0677001508372512f0395a547f7f5b771b179b7cd32ad5f8a81415441e77dbf279b0df503a43c52847a89355018923c443a2d9f81b2128324e034ea0b88b05412d4d9f86056c687935b524d6b4f98add30e859f4e048309e32cd93ae8bb030963f5f5e969eeb47124411d6aaeeb130824daa8b319d4ca03f98e1fa7879e38f6b2475962a6fb84e64aa8046ebdd816926c54b41997516d632baaa0e1e77a358793c02975d89574401c9b6590d23bcf96d106e43d95fc0d20e4d588fc98a5efcb823298b4e83649d29a8a6199f1e9b8142b58544eb714813685fe332a75a4b318865ac2313f1e8018397945d26b74af4773c9e21d6f0607e4160fe8880538db181071082bd7a9e750f1a7a6a41ea1b7616d35dbaad0dd1d04ca6983ec826a9a42f2ab82db08dedac28cf8982b0f9d7d0ca176b41ae5206580015237adb8da7da1936d9204238b3f2b09025c37cff5794bcb04671199e8d650aee34529732993eeef3b28112e00e8e133381fde25a4575da4eda9f3145daf806d60b4c75473050f98835bbc2cdc071c5b5557539a7fc3973671220dc23f5ef6cd44084c35f68502f35822c928b3401745f8e0a25e96f81c8a83a4df71391d3d219a1f03818e53a6c20eb25e2acac87015a7b7b432a0a0e165f324eae82f1e825396645e6be9d175915a96c5b8d39693cda30afde62f211e336bb67609de1e1061648bbd2b452dc021b78e50ece18401c942af48319d55de8776956ae387218c44c3c13eab8468a004fb7235b8d816a051ad94e73db4b72dc7258290e8aa2d3ed3c7079d84914911eaf0877137bfec62c800d44f4824e5066b30e5e4c1596bafa73ec93349457b69b23c06b8950c39065344888c2168e104a069f3f644dc5f7362748c61c5a3637ef8b1e3ad9850af34faf69604dfe7af494ac522dc6f3f5f2cfc904063db4bd3d56c0f6a826489c7f2521f91749bcda4591078f770cdabbd24431e32c85d61a05b117f6c0ecd25aa427f3f05ceee959677806ac1cb32f5cec2fe354f3f536b975229be55cae56c16692b57052137827c3ec946732e172537c13e6d85f2781cb6b5de5de08f0c7e1e3babc6f55ef8fadcfec606f4234cfa0169d7513f48ee2168d8101f2b7da12c59bc17a65cb328649894f9594929493a0e9b9f85d7098bf0cd3e888957c1af68c367b7189a721134d9bddbcd0df6773ea30272b088d987243df677735cbd8ea9a95d564de2e7d401a7e89f8de6d696b211046fd6300af6bbabd3b02244fcd41f9eec6cfba09cfe42b004f5adcbc9cdfed1b18631a44ede5d8943b6dcca4568ae6b692e59c7105855969fd9d320046a3bd975d59849049e2ebb9495388a2670b68cf05c63fc586cb5be4449bb73816b7da517a233065a41f4a52ffadc27eea739112a175688e9be1603cdc44ccc180a4463e3ad33a33b18bd846f97ec0f9ce1573c7cb91e10e38970394038833c51c829bb40d5cbca76ed4ca19e0d79641fee156a17108e0671e88e02cdcb340a13adbfafad537b05c89cf9d92aee901e02fddfcddb3faa82be38ad0f01a93e0061a0ce7925cc43d5c5b83ff4fb75691dfad8fc406d4522f9b976dd03c46c0dde3f44af35ee20188c8d6c3ca1ace311c39fafac5362b104be6dbfade972f932b32da6015d72b37498252e48549af57c1f0388ba6199b15a81ed72c463f4739cc18b9fd45e12a7f88c1155d3be48dbe08cb510a4412db95d246b6c7f335bfd892fce02d02aef65e9c4c2fbd034b7f62d680cd11bb1a00e3837e641f03deff51db8962d07650eba58b9643492ec6fdd2ece30a2d136b6023ea73e08bd1695e88f5cdd479f7b809bece66e4429cc4ac0a5910a77726b3a7fdb99b90c84c42208ce449614bcd7684c60cd5adc7fe12c8c21fff07fc329da04589d3c4a1838a37162be362734a00c49c49cfbdbee62ee5e89ce0cdfbf0925ecc1a2cec0943ebb01698d6af4da6517bf846ae8dbdfb514e4978a7f6c9e6c4d957dcbb4f205d09b052d3b0dd9bd48f3e7890e495e8dec72fc51f362966969158b4ee7aa5907052f67037396422bbcd34a3a340811b0badb68d0594f344931b46089e06012fdbb5ed6c2b6226821a8b003ea681b261853e37e428503eda1bc96ea0686c205abd52a65c2f6350aa2cc37d2b2871644cb33f3ccbf62214499709468826812b9ca"}], 0xd30}}], 0x1, 0x4000004)
recvmmsg(r0, &(0x7f0000002c40)=[{{&(0x7f0000000080)=@phonet, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)=""/72, 0x48}, {&(0x7f0000000240)=""/157, 0x9d}], 0x2, &(0x7f0000000300)=""/38, 0x26}}, {{&(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000016c0)=[{&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/142, 0x8e}, {&(0x7f0000001500)=""/159, 0x9f}, {&(0x7f00000015c0)}, {&(0x7f0000001600)=""/25, 0x19}, {&(0x7f0000001640)=""/93, 0x5d}], 0x7}, 0x20}, {{&(0x7f0000001740)=@caif=@dbg, 0x80, &(0x7f0000002b40)=[{&(0x7f00000017c0)=""/110, 0x6e}, {&(0x7f0000001840)=""/174, 0xae}, {&(0x7f0000001900)=""/238, 0xee}, {&(0x7f0000001a00)=""/45, 0x2d}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000002a40)=""/94, 0x5e}, {&(0x7f0000002ac0)=""/107, 0x6b}], 0x7, &(0x7f0000002bc0)=""/113, 0x71}, 0x100}], 0x3, 0x0, &(0x7f0000002d00)={0x77359400})

15.678734528s ago: executing program 6 (id=3290):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x18, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x20800}, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r3, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x48094)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
sendfile(r3, r4, 0x0, 0xffffffff000)
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f0000001340)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x3c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_PMSR_ATTR_PEERS={0x28, 0xe, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b={0x8, 0x2, 0x11, 0x0, 0x0, 0x7}}]}]}]}, 0x3c}}, 0x0)
syz_clone(0x4000000, &(0x7f00000001c0)="48a2c37a781e84659be4ae689aa3d8a1a23810680ba430dae9e0368a142559603e1bb651896465b73da4a52d89c6fc036325bf13a6456c3eb4a5cc48b20e899f73298dbf65ca8575cae12c46fe3e1d19700484ec4d13c07b59d626bc7deb6b464f2d38af9e9c5c8e9674ed17062607909492378e0c6317f3e01202e4eb2dc2575e8d66ccc64492ed0fcfb33f5ae27a98196e", 0x92, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000280)="a1fd0420c2e3687e267d525c9644d8e8c5bd07aaeb5bf0a8dee733696ff6bd9f5852b7a0f7dd20dbfd376601dfac29dfa204c5954483a9cd7c10370e3518d0b4e7a46975d651e2c4a1b1f30fcbdafddc26afd0a65422ff3bffcce1e493c114ab78f275c52b622cf969a1172fef37892b1391150d904dfc024ea786b34c0cd99babdb525c9f0b35214ef4391defe53f26b54cfc17fc633f8315f10c3cfbeaa01aa541a9e47f64af3be4f04e08cd80ec24f27d57c6848f73ecbcb384e69734148ff7ff70418637f535c3648d945b7760d689b3fe112e9c57764c929ae4dc7d2df903d1c757bd6e3b04e442f281100a6ccb6947ddcd851325fb32646eafaf5059754ab0be97b2fe2ee4e0964d0f26f865d3ccd4a291f48e7e7408bbcce0e49f36fe1c5dfadcaea812d987ebc46ed992fac25065e45f95681bc492239e3c918730fefbf9fe8412b48d0adcb5594656b4dfbc1dd2ee0edfc183231dcb5680a4190327baa5573c3196a87d199c65ffdd9ea8575af84ae5d35e3ce6f3e6102afe3c4fb89c5d86ce2522b940cca9d24fb775f173348902725e950d4ae6bc079df873ed7e9a3a7eab495d787f80284f53919c59e78da74f8379ae83dd62e1c573326ec53db0e0a5591c080a95e96e45cc885aaf8cae7c640b2534a08fd99b062fcc6be06b7bb98ee7f164266c9ba6f2d90092ceb65e688804fb639cc4cbe04555a7d01e1211d6859172515cd809bc03e1d93c10bf40d0268979de442d22fdafbe13aae5b3e78c50fc681b4afb6074011b0d1c4fd59a79ec91519bc019ff8f7b5900102106266759c471984d07f1547bfcc9f753f6438ee60d53c5f4e8ec564d72b4897480b922f3b1f14740aaa16f27ecc57d01c9e4c14f4298213e86654d05d5f59b3d01a9119942c2f439391e5ae7f0d6281bf1bd62f3ca51ceef365003b707688829d9179dfed8c3415aaffbdaccd277f650132e6ae0d3cd4899774b620ce214a548d1d9026d7be5a6a8ec7e7911b4aabc99d9cfc6ed35a7180b593c6f2292d862f65a6800d803165a55ef8413b9f6140b9296b778d18b4a30e83c5da7e2edc4a0ad74f8084d0869ab9e80b51ae913d593f41190689c0a21e53e198b8ea29b16edcb07beb011acc16e140891af920b3674816e67e59e7e98bf92978efa58de993b1652a662d0a9008ca0a45bf1108c646ddc8a4e0335dfd897937f6b60042a4d236d9ea70126980c82a9d57e3a66736b1a5c41555cb4e83f70bb49656e4f0b8cfc7c1e26df9efeeaaafbc67129bcde68ef5e8d668e702eaadeb8cc5cbc967977062717eabbe6057fdfd9ccebaa4a0ebc474547ac06abde9a4765777a525a70eb7b1d0ab985a7116975c5b214b162ea80bcfda2ca23e841d9228d9bd28fa30ff1fa753637559513586058d8020ebfd907cad52ae36a72369924a53cac8bb0b169028a2cd036241ae8c3b06964acfb738a1e873a1c488bc6b6ec8800617a8d1c819ad1a5f135c1b8132c7b2787d15a2bf6c57a7a8322bb37e161feeda498de5e7617dffc27f6cc8fe3bf2b2e3d80d4597168f275bb2e66cc0c9c506b85a146b75c8380ed60d495a730346f9d3b6f42dd665de3ad6ecd8b9f7751afccd22ef97a1e50ce44cda5581c038a6c1bbd678a5d28dcd117981270ef99abc4fa55ed83bdef8af684f5c053e2c7f7e6aa20d7b96071cbfd6aa5d0c93acb74c7c523391dfe9731c8fe699fb79d25dbf107e6a23f20eeed4402cc08c74033a8fc2a0019875785bebea6b46465aa35135babf5ba7f7a380ceb33982a20e7e24797a9dbba16276230a3edc8e2433677f3d4a016785e27a8ba15b897b00af262813afbcb718f0f18d2f0603d89c3716c5ed9077a732f38d81b74a06cdf6a68d11e86b897a963338dec20e27b5c26d292375183005d8ef36a09ad9775f98117c0cbfb89d51f6e99f91edcea7d0836d078ab1c05856eb41c4a50941055fddeb78d6f4efa2bde0b58cb3265a15d80794c0e8b59407b64392fee9fbf36296c24f0db9621fa16164523983e2f777968bc707b3a5020ec6679e72acb1444882b9f2b795a77510a24020684de69a46ccc69d5bc7549460089ac8819f4721e5a1e87f70ee124577535adcc1c6a0c6be16a07b2ea2e6f6d54bdf8ef47e34c253524931089eee0b8678b33f7805f24d6ee7f30a0c6bb14835325c8d36fa77850f474c0dd7ddc6a4ff371e84aa2c5c4ce3d3fc2746728344eac2e5b0fcc1574ba8425ca9d93f9faab971d8320324e51abf601f2c3c92af688c757836afd6317044dee92c0f73773fd0eb00ff8f5f5357dce99136ada70346036d192f8b78158f83208cfedbd01ac7e80138a36b61cf6864617b5f1e40997d5cb850a021e45ace9c419b75aad0c78fdd95ac3af47ce9ce72cf6fc07af07c45f7beb6fb78b8ab3eaa6e035c90dcca5d5c1331dd56babb975181ed2d060e8f7b3c14c026863678cd871f76be1266b411c74f903cad9e83840c3b23a8b827afde1beff93d6a8ed81a47e5159a05dae29c55ad77ae8793e6842e588075a076f98009020eca5c27ecacaa7b8b9fc148e8137bc70245f0438a6e1efac11e6b86ee351f13292d737e7c890d7057ff51c645335683485e1ce8abc281ee9d000b1efa4f0651798bb2d1e81ead617e8d50b61d3d242dd7fe59ba151dfe791240ab3cbd78a756dd7b7b20baecd2dd88b76eb156c00d1c5e0abcaa7e19582f6793c4c960926f1af4c63512abc6265b18087106ac12f7e2fb898ef3e282845eaec4992fe8f795b674e2eb8f46511e0ad0dbcd2ab91997eea8469d5687531f3ddb0ae742ad22b44764f6826ffbc0e72f7d5603faee32392cca5cd9ac808e958eb44796c80acbd81ad29f16a991e62ace8a31621a37514f804232b14d765fa0c3ac2d5daadce152bd4bfa5b48e82f16d84b380b47ec1a325922670832b223796108d75715ed581c069f93e54765600ff77a31fc7ddc559879fffae414353a9fbdeb76a248cd1a7f26123cdc51baff14db2f959ee91a70c7c990e191b51f56f6906b7af911fe427f80ab0ef8c13f14553a76fa1e71e1acbfc5eb77a7d77daec0cf04cf39e2064192e2dd5adc13f6165bb4c940d354641a04474cf7eb1a3d6b363587449b107f28886019ab6fb06437616d7aae48006fc9e296a604324ee7133aaf317e82d070bc76b11e23cea2e61a739c2ca6eaf21a8523eceac06851d85022628e8ba69d683afa89ccfc31247b1cc030f46f286e57d8518455d70bf06804b58a8ef531ee503f0ff68bbafb6c8c20cdb4204cfa18083904949aa2a506d049b0f40551369ac3282f027fb8ad70f04942f01f1b4e0b27a497bc433d2268db71ab33a03259ac4bf84581a75a79cc2e7d1fb547f15194e512c7f6c499d0b2e5d9579550c01c98792382c683ed197e51c9c282202cc3d1256a1981c6ab52733f5e1f1658d2810cb6f0cfe8e35ee624508b1f18ce66957f256cd4db40fa3387d68804f8b4d46fcda37a7b8dc30fd9d328dacca4c2d7faa85da356605e735574ce62a073ae15eb05890720b0022134fd2bc9f0c366a03fd9907dd8c4cbcade3ccc3e39db3fe1604b9479a018a32fe31417feab3a6aff9242a0502de6134be023b6ff6b7f059d8f1155ed9ed66731665251760f86665c2feaf7f81db84d191172bfab5e98cf079f974abc70699b1d0290c7c7792e5a094c24ccfc44f95f59652e0f95c7f737a5e348c70fbf7a5b59e6b45ef6302575024c90fd8b7897c468a7f02bdf40cbe2a5ac3e8647c003e11fd2c8e1fcb1a2dd5c07f8a2ab8cb53d8c2fdb91db2adb697742a1394170a915abf2c7d33f55895855505d524f6abfd3d7732b5ef0390a9f60bf52899482e7081d4bfe86fb63248e53bd7a4e7b340c7f54b4f92a2f6b382fbbe9e8facd24017f47449499239d176dbc87cca238dd0c27ba08a29bec9905829082462b2350a62f97ded45317f3032c1345d465a8c0fd109e4a107f5e24327f0610017b38c0479172fc445b185ce62d4d9deedb487444daa9705d759c154104e92ca0a76ea92bdc0bbbf79d33378b4faa09aa2c6ea96b39f36edaf0ea29f7b9f0a6b45fc78601e5908dd04acfd6cc5650044b2128840551675a4ec90480cf2aa6e0acc00d81f452bfc53420e9837108eccda4678adc5ab69626b302a2e0c6f413f6db20c1ae0c6ddb0d1014d4cb49f6a7827a55d0fdb3e64814ce398e72f5cbb1f19c45a7d1121a5d93a1a86ea5810be1059465519b5780e8d021d7de80b3f4aaec26adc141b7f988c316b2fcb18b64f39d1f43044eeabcc1ca73f2a839e5f9feb93ecd7211b06b1dde592dbaf5576c180fa7a2fffe9190632fa55c6800a7d78bd0f94ed126840cea7172eb4bf2f70a69ae6da4d1a91ebaf6f7caa6fb9c0afc084316f5fc0886660f96ac17665f7bf134c2bd1e703364e6ba487835c71e777cafe59e23dc875c8b1d1786d9ac2494f74c4347048dbd994dc5b434dfb64edc59d5616a28bffeeb46b7b9bbb4d89ae71b5a91d8a4edb5df1d642284df7f82527898840860d7f46777b936ee7a8bc13ac04038c3c765cb0d55c3090cb5ecdc02ffe9f0597a054b591dcd0c63c469a3e8080852ff27ce3f957ab24dcf70e92a9826a82f8bdc35658c7763b1c22e89716e1ffca39ed22a767f44195464f1edc81b02a794c650b3ad6496af899db34831923b4a4c1b8e3821f587de393d5956b594c81b6a994c25e706beec51a6a0cf9c9f0b95061f7482ed95e8c1e39b92467422a2f452a93ad8d31865ff8b90ee441309b783d4f55fc30820406eb22288a07be21c738aedd07f26530cc58e9b9028da3a8ac2845b36e4d997fad52d96e50dde939b075dbe8fc4c54f1c4a1a0f4d3c9c6c19e7c44cb2acf4d984c7052f57da299fd037fb39475e0991ead96bcfb8170ac1fc8232b0771a433e6ae69427d8a4738b3b66f4988b4d67b09dd3a343dc9ca9225304251171fe1a9cb0680bc5784528de9ef8b522fcb9c282454fe66ea9046a3374e45c8716b8801c129e16c4650f40757206d7c4507036d45a41397949bd27beb29511fa975e7783acbb7dc31c264dfd443ce691b35f4a3c432b7fd19c0ed7c185cdafdffae78d67ff8f1e297521738139f7bba3e0b64ae72ebbe8968843d1d916300395ad89c38fea20738e49283a0cf870c292677183634e2ec7dfdd8e07d80a2c2b2deddf00c6b62c7aeaf3a0d0b1b66bcbd32c6d78e6826c4818d2e7f4e90d3975028028e380361414c10ae93798746d0eba38bb336ae91b632c95b7561ad4a2f519b98ac2f05c23419186c68e8771e210668cfe76de5b727d7dc40d397ad77ebe091638e6b5864218830a1b68f307c47e5dd170e951546a23b0ae033c442920c16a00b298dfe677c4b5ee2b56e2cbf8fcbd6f1b2007d5498c9140264a10b5baca9f2a2b7d8ca7634dff5615c017a8a2ee8bffe2a78550b92f322cc01e4605a72c1e6ff2f4c4fe90eaf0cac696fe69a5598c055063f4dba1513ca2f69f938ded868dde57358ef08310da74505ed470bb0664595afe6a3f73ce26c68aca7557349c50da99670b41875c11369312dfe374b57743c4d5cfa307c31baa804fec46bc7b305619f351a86607da6f470a97dd5fe2bfeb6341598fc1a503051de2ff2c49526e7d40eb83c99b4dfbdd0199629e5f90c588dfddcfb5eacee1ca60f11949f63d574b668661a37909527b92a0c472253d4dddeb77f30f905155bf968782eacc01210ac65a6e2869997b9ac7a31c7c246a18b81a5473a952377cccf8fd53650ea963d7b2498aee79716535c3b")
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000001280))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SWAP(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x6, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x8080)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='contention_end\x00', r6}, 0x10)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='cramfs\x00', 0x2008000, 0x0)

12.592858393s ago: executing program 5 (id=3295):
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x10d, &(0x7f00000001c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0xffff, 0x4e20, 0xeb, 0x0, @gue={{0x2, 0x1, 0x1, 0x7, 0x0, @val=0x80}, "bb8d23b383610abbfc0a8927ac7ee319e89296d14da2e34376836cca244b455c4355bc7cb4f72ed518d9d457ad7ca0ad4363b628771b689711f037e21d10aef63a2dfeb4a395512e15c5a3cc88a2a3547daaa6b7fbae4646db8407c90c5b858a68ac0c3795d4415bd7e4cd65ee44cc95b04d1a5b23cf027ebc7fa2fa3cc7c27e0473279ac8bf71dbae95e63fb242b7a55560e1e8980df1dbdefe3d70acb9ea085680c2637417d5d1135e09cd1976f077768edc49ee6fe98d364fec68f2d00d376df19b970e938884929ee50b7769899fdb598ed7e86c54535260f3"}}}}}}, 0x0)

12.39577471s ago: executing program 7 (id=3296):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={r2, 0x7, 0x800, 0x4, 0xd9c, 0x3}, 0x14)

11.72030354s ago: executing program 5 (id=3297):
write(0xffffffffffffffff, &(0x7f0000000000)="3c00000058001f00030300f9002304000a04d65f080001", 0x17)
socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01d1666223e52e1dbfc48b749d8beee71b3e7d23e3"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x42)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000740)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
r5 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000002c0)={r6, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x304}, 0x9c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000001580)={r6, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000540)=0x9c)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000001fc0)=""/184, 0x20002078)

10.630212789s ago: executing program 5 (id=3300):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
ioperm(0x5, 0x9, 0x2)
prctl$PR_SET_TIMERSLACK(0x1d, 0x3)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/kcm\x00')
lseek(r6, 0x9, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009700f2a9c50000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ca00050002000000120000000300000001000080f200210cf65a6085f275e8f4f3c58ad0f7d1cd3b8d2fe7fa9716692e47a2d27991be5744435a1716fe5b487484843409c7f509145037d0b583b96df08e61abd2b19951592860a1afa20671b0efb3a096346aea680073051036d4babfe52b90ca8567e1abd727c0eb2e644555deef9c7b0823d57f51bb49b27d6cc0e5af89259cdc911284a7f7ca28465814483f0e9e7cfde7a7f23ed9db4ccd19cdf888710f851d9971cc82f22dae9fb8615d947d7341ca52bcfe075ab159621942c4a1fedf411de463c2726bcf5418345f989f82868136343278a18f21172c88d01f6d9cf3eeecedca76fa28672abec4f0a648db18af1955c3b6d6382f65926d7d45ea5925"], 0x1e2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x3}, &(0x7f0000000000)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000700)='./file0\x00'})
io_uring_enter(r7, 0x2def, 0x0, 0x700000000000000, 0x0, 0x0)
r10 = syz_open_procfs(0x0, 0x0)
pread64(r10, &(0x7f000001a240)=""/102395, 0x18ffb, 0x0)
utimensat(r10, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)={{0x0, 0x2710}, {0x77359400}}, 0x0)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$bt_hci(r11, 0x0, 0x1, 0x0, &(0x7f0000000000))
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x9590f6cc3aa711f2)

10.627889274s ago: executing program 6 (id=3301):
socket$netlink(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xe08, 0x0, 0x5, 0x1, 0x80000000}, 0x2}}]}, {0x3}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x68}}, 0x8000)
r3 = gettid()
kcmp(r3, 0x0, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
accept4(0xffffffffffffffff, &(0x7f0000000080)=@rc={0x1f, @fixed}, &(0x7f0000000100)=0x80, 0x800)
socket(0xa, 0x1, 0x0)
openat$smackfs_access(0xffffff9c, &(0x7f0000001140)='/sys/fs/smackfs/access2\x00', 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
gettid()
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000300)={'wlan1\x00', &(0x7f00000000c0)=@ethtool_stats={0x1d, 0x7, [0xb, 0xfffffffffffffff7, 0xfa, 0x7f, 0x100000001, 0x9, 0x1]}})
ioctl$VIDIOC_S_CROP(r6, 0x4014563c, &(0x7f000001f9c0)={0x5, {0x8000, 0x300, 0x7}})

9.372059341s ago: executing program 7 (id=3302):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000080), r0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r0)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f00000000c0)={'veth0_to_batadv\x00', 0x40})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x20)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0xf87, 0x1, 0x0, 0x0, 0x0, 0x3], 0x6000})
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="30010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000800010001000000040004800800020001000000080108802c0007800800ffeac3bc0000080006001c000000040006"], 0x130}}, 0x0)

9.371637929s ago: executing program 5 (id=3303):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000000c0)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000002140)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ed10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000889049938edebcd600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$P9_RVERSION(r1, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x5, 0x8, '9P2000.u'}, 0x15)
syz_fuse_handle_req(r0, &(0x7f0000004140)="02f00c1d0dda83190c8b2969e5d107b997d557314c4da896298ff72343456d7ad8d0a3c9d50de42ef139d0d06f47aefa86d39e623e4983730bc4acd2a3453e9ce8ab83ca57bba44ef9418053978935925402ab801b6979708a525ed019908b34e02f859ad4fe7ea4a350535a413c192c59200cfe1146cfce7eecb4623aeba4b78d98a60a06859f115f185f5849bc4bf657cc34fdbd22e7093ab80cc806d17ca48f8eece4181c9ac3c9683567bd26348a00f13b4227b52da5dbbff4d3903749eb428bb6a464379db2f0332abbfe4d5a1d8f3175def20fd81e00e99af5cd23e1fe1a02affae45d2fcca7311570b269f073fc727285b6eeaacd862f40f1e5b84abec8f63212c89e4458c61ab5c32f7347d7d537d267708129701bdc744d35218ce52988699adf1e34f61493fd397296b4ca0aefbeeea873eff80fe26c0bf3c058ab0ae570ac08e3c53079d31669f34bee6d68b92398fe21c1d76a24d858af557d7723d27c0435f70fe46b18d17f3c207ad809bf3cf81c3074be87ba9d2beb513903109a9dae4a56576ae7bd3ecd4917a2f22c756f100eb0f3b48f3c506aa5d717b9683762e8d268ecddcf5121ab06300b1cf3586c910bf23de3defeedfcc1e899c899eb483c9b30cc56181f34937c70e9a2482ce13531bb80293f85fe080e722bb628b67a1cc9a9e7607313f0ce60a8f79fb0807139f503622c7cdfbdef26fc004897ca200a9b4328e0961a79e46ea7734a51d3c8930ff903d4779a48b338f43ba5d6b50f27f69802ffeb5473b15e66835035b7bf41489804e99eab0fc7579f569b1ba37151913454be46c6cb12b4e5f8c7a0a64c992fe18e07088d4ae91fbe6ef05d74d63173823bcd63948ebd29b70f144c7a03c951de8e3873623c14c4a99b52a9ad881206005e66f8588b0d73994cbfd6aefddbf8cec9622f948fe21287b38b9daf40c6ccb3feedf50f90e8f4da6a6bbc14b87e514cd976302e223a3c9165ec4b79f341908a97e13331582f39da15f2e9a6ea5a836bff4a42cd816f7f2028763bee37e7bbd0ccdf419edd48c55a6883825cb3373eb0b222187fdbf7a0dd4c862e9c658a5590c62b95b2467b155a87013ad20d47bfc8e8049f8bee091cb893b5d507772ccaadabf407a25647019312cad64b940137ceb603e9854a41d540649d52e5b2a39e7865ac1ab41cc1304712520e8e2827403b01dbee87b8b0caffa3c1bdd3b81538743a5422be517a5c679543282fdb46b29cf256a9d7e1c3dfb69c399db615e2e785d5a3cc719cafaa7973a542679b3185f5f86e4864637ececc4557a5465b05bfbdfe433546fe822d00f41b45c1473fe88d8a6911cd673f3d71518d3d3918ed766030448f01ad5e5ab66a6eac88720f7205491f9bd15d448172de258c865534b0dad6e607819aca86211254ecaafe4597af845c1c92098320dc14d1bae44486a02b8e81733a2be227acf940df9a2e717d9373a52a82ae0863af2320ec820fa8778b1e0123d41e6a79055adbe1b63da8e84ad6eb7906ab65b92c493a8150685dab1e2f2a16da54abe9cddf141dc41ea8a600a5e28bd8a342be318fa91d2e98c36a681c98f5676b27583d49f4948666c80f3b49b2ef6b71896e980c6cf93856d2dfb59cdeab1d8940296207d1f15cf75d7beb6f744fdb38f34e00148f48b3b92d65dab43f3514761864c693e6fdf1e08be74ec507d180301d419cf151901bf2bbc1245bedfe9f8b91f64c869d0741026acb0499a4a7cb167107f609141c349a7810d16b417727ded0decd32b4d48a624d027a3d057a9763ac5139adb0042d70caf9969c7a6bad7afe5d8a48d0e5726396d379a2bfaf957468748c9944bad2dcbefb1474a7d782b2e8e278a10dc6d6dc921476d661cea4439d8ba17c95c9189ef879b52a1889574f70c022b0cb973587a70e5d4147aaf1d1f58836540eb0824e73386d2c3a94d253b99d4532c97c2a75588c536cbc24e47088dfebf31ffc0cb23076bb2f515546b3721d8063e3b88d3a8ea196b88564f65e5f808eff5ab6a30095d6e0978a286b9d693a6053231d71dbf96967b5a2c6eec44117078851bab60718ff22a3e8c522fa8d85d6df1a816b62a557b47b05c5df626a47928523541c23e9f0a0a86515437bc0eb7b9b4b7bb866206e093fb4a5dba6ad9d2424d7fb2f8f220b00be734c781a91ad4555f2714c6c59588300ad47d3ecb86fae178609fe60d9f604be31c05cf3cf1edffb45cc2ce24ec44434107834c6335ac09e2e931b0a8c6cea5ddee3686ec9bf9ef6693fc85e36a7fe1146aa93da6f4dd5f36ab0dcbc28d29ddeb481d5d4f8a2817733a8dff3cb07ac1256bd43dab768c1661e4c8bd3ede3aa548f90424fea8e39c6d5d639b49b7b4da6a95700ac6d9f66bae43320ebe5add0c0cf5fb8a1482c60a21d1ed54ca7967bc22362ccad5c9aca0a7151b53546618500ab0a32151c7e61fc1cd7207f165449d4935337ac69259142d952d83e415bf39227224f208ccd4f6476804b7a9ed45f14f7414e36c9c1000ae4ff34e5ccfa224875c81bf30a73300a22c9dbba7770d0078ff37c965b2d9f97e50e64072d7db371fe4cd364e305f64c1fc70b682cde8fa865fdd7cefbc528f3177a67a4f31f3085ab385705a5008d7572b8f6690c07a9f0d8754614bf036d4efa96b09258cc43787df3259138f995a6d9dd13728fa1745c8e4af63e48853bc63106859defe07c53ead96f2bbd300ace2df4281ee764ba0c2234d4e0da8c0bce90ee74322d50a5653001a6706c8f4f315219bbc7fa42ee186ac031ae2a7f806e539f6d498514c3b657f6b6864ba1cc94879bc70ec199ce4124907bbaf5087280f9288a51f6d2849a2ad906aac9e98874fa678c66e0d71479f71d81aea11acca91b1a80e1517f6ce93d63deb7712a15232856db2e4e33b0c50f638c5c0b11fb81c4d9d1f4ba9914b8cdb1ee091b320db91850700a5ee1f8b837deaf3eac758b1aa03ceaf559cd87f5bea97897b97661746fd0e08713fd5fe42a87de04a2c9256571a14818750dc51d3c5190d8c2055860c0470309ebdbcdf1c050e0de01e6111bafd83eed68935fa61dea3dc55c278080935ee9d36233148dcc1ea0a3867ece386248ffb58ad2c198ef8ba29ea07983740e584daad92c62ec10c3dc16be4283bae22ed5e39a9821a29a40952950abf6b41732933950312719749ad06eee0c08eae0136eb4f16cee5ed167df66482ece475632dd25cc43782df12a8573492fa46da81b527213b098e3d9b0bfc9da02bde9c8f0672778cc418f4c0a113a513b358674de8b218fd3345ccf4179a9db6c0e1858e558e749036ea70c045d572ead75e60cf08fb26551741fdb86ff3c0bfcda029aecb789c9b8e27f360ce04159b9814674a3b5ac823546d4ac467ae878d2d4482e4d5bbf8945155410b8e7ec05619c3d6e254e30879f4dcc3d93b5c3e3f73230e2bb406accf83cc5a3f4b8388b851a98fafa03ddf392b9c0c5232445a313f440f158b20cbc34c29a0e36a062a10ec77d0bbeeba5771da4dfdf3654140f53e85d98f6a065850ff5afec907eddae8b7128ba9dd0821acc8511f3e3c68e9ef9da35df09315619ab781192a648baf254fd5f35cb650b7672a9a82f989bf2039961f68763e34db401c903a40a5ee9495b7011893639ed3c3b83998503905cdc1dcfbc223bec4cbb5e1459ec4bfc6eb14dec0741e2364eb9cd9d988013ae2740b722704d99576f897aca6b3d5c34a057d8a5f51c1bce080936a21fe214c3516c6edda99c4fd104e033fb553839a386fa74549921ff4216589dfee205fec1031e121bb58ede2fad12805785abedd162396e11d36dcdb1993853eefb6e1c8c72afecf98969db8216da5276e347a327c60ec97865e2397127198151feeb9e0e6268fa6e88c50ec8d681450e642fc01455fa216f9835d6e309f9e4b5129a2a56db042f0c0486a47033b52f59513094864c0c6c313c7edebebc28db44679c3544e93375c80cb782763f37d85eba6c0bae5934875444245d467de5d6a463443933ae95400f88441d70891e6455f73356717f68e408b0cf91f0deb9aabce6c1cbb1459d8095433a1e08039132fb8ec30687f856e524ca8ba00b6a20225da41bfd260fa214c26de5844246d44ac5ee2af44f158da1f55188277161d7158fcb97b1e37ff3088cad7e79e78b19c7440ae76356f0b094f928a61e9195fe87a0330baa29dc5e1370abc024577a521ad224074f5ee52c30326e2d1e87044b2027232ac28ba099e211a7b33df9fb6d2fd662b7d38a14c40538dcad133f4f75ce114cf8e583f74d2d5251547541af0236aa59075263e2611fc807ff898163c56ef01e7454da2a6000ac229530ea7bf1eb75529d3c98e6f7fbf3d4cba327ed5cdcb83df0c11fbead1de4ec3ac5c2cb8dda8591f4c316e23a0668ca25149f8a55a47649daf9e40f784319e8b901e70a8a31bb4f8c0a86a4999bdfcb0e9f297e753bdb2a275ef98a92b8dbab2d6eedc06ce92502ae7ae76f6b13264ba41e717f8257e34bf1ba512b335d5d178d74742cc0ec6e7b16942095cde010cd90b5c8a158b65fc51d958a96a7d20446c1fd8d1b0fc9f2de8f404a80b504098dc68e2c60b0f43ab538cba0ca5409dacfbdff2267374775605dce498514ee7b32a7f55452986b12dc6178d6a926dfbac6bbdcc051d0cd54bc3aca47bd665e01bf1f050f7903f031197594c513ce5ba931e2819f5bb63c5238c19c1be9f4d9668e5c075804fd43ea60f0ab9f00e06683b8e29379a9326b40e8fe05161adf1cb519c31ecebcb042ed1fbb4b9f1b12470bef6e964855baaff5a7dd6146f07caa8097c778bd10e5ce995884d1f3b91962a7974d84de6157d3f54735d5b82e11e6fc000874ecd396114c693ce2297caf7a9c6a6814a890e4d74e17a16339ba103c0d2da87e522ed67cd23047c7d9bd1562234aec98b85ad4534522cca58ee17ccb9c8fe7cd68ad3d6d6e0edbb550ec957772ee1109d501ab76e364a988e02e6b4a5b62f72e61fa7cc6120d12414d3c8ea09bfaac8e806d19dd76f940b769863d200861e44c72bfd870005f6663a7a6d1d60ac1e376806293d5143968d37af14301c9d6506985eb7bdd607dfa4d3cb5cb058019cc5502c534d3a5a1337bbf6306184230cc21e3ef7744b839cd82fc6347316e098e05ced0f25b9cf5721f2d003bdb4e0a79eff90ec4aacd6afbb78ca6f129cd16c8b2f3aefb5a2036951db7ebb40d36723a75723b3d1011e6085493664bf5d336c5cb4079ae1ca2412c53c464831844c27f089ffe345a2029118672b2fd2a24c72f9088dc5f92cc5f3bcd6c7359f52d32ea15172e95af7e6c81c52f20995877cafed48dd49762701c88c225bbffbbc3160d838957588fc2d41efab4148bc961e8d66b5b21e7eb4228a132d61a1c9f6e2baf7430d92478a3948fca4e10594167ca5e72678189cb4e90a0b0e45caada64d15010d73157cd8b4d04099ecefb1ed187d673d1bd33f13dbe4b44d351a34738280f21a79b3146b0071a0924e643c1dffe0d8c72b3bdcc00f203153f63c249f18e0e9e7ed1c0237411893832fc5be40d308b194bb04a17e38f0717a0808058b7291d20b6f0f1e5ba11e2351d985138c61806b41ea5a77ef80feb1f6f7383000e97549487f1bc9c3b5e8ccb6ed7ab8e08b258c75d5aad2a01fe8b5777ef5c7ec1eb3feca16dabf8eb50312f8786d5018d7bb7c9776f028af7b3423af3410696587f3feba823e5e3ccacfeb23fd4359c252b2ab5136d2fa7a6633758b5c45099f70a672999329eba1c89f07af0eb7c3fea5ac468ce042d699b6f391eaccadcf6d14e97c620a5eff7d92946f09d79d31cc876da261182a73a3234d5e53709185680c8b5376e4d8445fe4fff988062f23e42e4b7908ec079a840f0be839062074c22c44b7f4c4b23be2b6656abbb103acc0bd5058e0112a7d55cdce5042a76fe24ba5e9a1105c68dab94dddd44cc6c860172847f20e6ebc49787ed8ca19824b09468933ae9a496e960b7c592e783b6a5f10a9d9c2265794c5891ae7eb9cca9b3f99981a252d522047b95fdb518fe681829948a9d329b9cc7cb2f806ee81a3c930c73c8f12a05b47f1470ff08d5a03f37dacc1e4a7f65563f8825f9ffc316c2ed7a5ea434cab348c850d1b8eaaa0ab2ef7460269aef06f9c46a1957575cee49e1aa72d470dc9763b4abd61d34693e462353c1d023249bb7085f1362ec6bab9d349633d5f9637e6a12690e502f8af9c2d37a3f573411595539c66e9f82d5b39c01606af258e769b2391c3cd0bb0d93eaa36e168136b301d516724ecb173a0766ea9e9d5be5dcbf58e0322261e584d22594cfac91d16bcf38b8cb69e022b0956fb4be2981a526bb1832749ea1f7b188dce590927620ad9d6162ea52bbdbd14b45ff967f183c1af4269dc16a1be7b0b5278ec02a259aed022039e70a9c1456997fc1d053b1ab54238d8282dd11b68b806c745a257a7c0fcfad3277245b1f7749243f457121b3d17122f27be6b1c56e9bc151f52db66c92246072ca4e5d10619a6730b1609f133b5db1f2b0bb4a86dee2c44a6e25299ee74b99eeab5f195728aa45dc7bd300bccb48819bd40b12152b40e1395ac25d8b0cd1ae12b9cd46a8e54f495cca85a680cd43f70f55505f1a72c030dcebbb2e5b26ec971cd58c76ee67d86fe075bcad475658f1cdf09c94bcb5b4db83b3147882f65f67921267f8471d8deb7b159761c83fb9547db71b6878a21287aef6a2e01134e735c073645d2488138f280754ddf66cf8c0208e51a96696e185120a6b84a73d2c9bfbfa9e501f1126b44c491ec437a0b490cbcec5e8e0e0c21f803354d2d1923fe82509706ab34eb03101dded5f6421a6b90dea3db643a22eee1549e30d44184bbe7b842a656b91184ebbea76d00942b429dc07c704750fcab290c43bfdd2aed8257c21312933a11a76d0be361753a49ccbad5fab68eef867e11fa99a1d8021218809c0ce0bd52bed2d5c97fff7283e549afee371b7f1b3973ebebcf11f9687c7086129ada7bc09bca2da4fc02c0af28aa043f3f2c1e02dadfbc3a245dfd2e30e6050e05388006852e871b6890ddc006072d1a062978240df6166ba6ccb732195f21bec579d3d2b3f13e818e9fac77be72152fd441f6ab772b7fd3f888a91f8420f336e5a69e36dfdcc23b066506167960dcd1e5c84d4f236bb83f8daf03007d86d5b34aee798755077dea9b4faf98daa725cc3ab671b3b2b95c193530e0d018309a460a518878ee82e8495622028383ee97fe6a0111521b9a60fe51011bd0c62ee11e7a3dc5a0e8e8b82e476e752f63c5ba75a32e7b5b40d8ed1f539b3262351ce42d1bbcae0371ca72790ca4deff1441404f072947970ed3f23894e6c894c9fc7644c4082188b1ac8ef1e5c045bf438b9b81c7333859fcd071100785e14568c784ca30c4aea8a728a7796a201aa1b65a9355cf368b440498c433414141aaeaf722b9ee70b7cd28a3c2beb61ed99b619a4486b4b7210fe5b1cffa4474421b41303f6de7432874327532cbaecd0e1e9e90f00cf03161e9748807f3728e947c1ce281f3417a3a162deb2d01a5aa330e95b5624769d278aabfdfe6e8089c62ee1c26be5c121cfef2fcb549c1671497a05c2a397f5090caf6913fb39f01a095d55d33ae31d36bf223cd506ef2eaa48b1729c2dbdd7cf84bd1c2d0ebed7b6487991de616517c4e53665e60e6bbf559dd5cddd5eb88087fe6d0e2632f10b9e0f653bafbf992f55dd2592bea82a9a5958ae3e767bcf2c50b691e33dab8d2b1b2fb33419b5dae945a7d4a0169ec64817cc02b02139d7f70bfb42516c913311b42323cca46e690467c894a26ea624432b3c536f48ad569d56d8bf131048f81c0bf77460bf7acdf513087bcca1366bbfd05136ab5456f7e99f545f343eebf57299bfb4ef4a3af05357037e7080ba36084505eaa7339fc981cb99e381c3456d3de6cec5c5dc76427b13db53c9bfe516577b51411602146929e08c8762e6c99325a00242bd15f511f25eed7aac3537aca0407c70f362a0583fa10bb259f758feca1edb4f8adff7626bbf67fa0d940bb773d1afd523033b25107fe02161faa7a2bfcd629e58d681be5e980f8d563daac8532bc747a4242fa539416bfedf38cd8e3aab1764102c87627308abc41f6ebf8f03126d26ef90c10f0dd0fb5be22ee794fffb3ef0537f640b92c2ec335ff99422fe5fa41467e1a95fdc98e13881e1912f73afb489f237acfa971f6f64d9dc0066552167ebad1a7797412998a748d3b236e41ee5a8c223a1fa033389dfd2beb582987344db19988096e3bc0c44c8fcc4ef4a1d60b3991a5e3eb08d476c6dbdef30ce2b7f84de6925e28eed23daafe6be895d9b9c055519f9f3dd5c67cfafb5138380f581ec2bcd15c415087c85c32db56fd589883d3f1c81d56fe2436e910bc873596d4fc5abe0046e00934912f70c028c41390091988fe9fc46df6f10edb697bd1408486860fb6e77c76b4778a151769be25d891c1bde084ddcf964a7d3e528fb39835d8a003ee95e31f7c6c8f22e2d97454b8bff0450f6d9d3f3066041f19aa7e99cd00bcdb238e493912ffa5992eaa0c10dc4e0c4277ad8b5b9be74f72a0b2b89cb5df3ff6e06d84b4db052a1846a2b8284d49c0562f561dde8fe38bde79afa4eb12095c9fcfb9805ff76db4c63f2c737bb97117f880284feac51aeb26e21071a8770cffb4670fb94894c5b7cb6b60c3cc6a0e04458371bf59669f07be5517d5aafd2485aac11e29332bc9c0d9aab851d40aa713665be691c1887ed057e63bdb4da732f70dfe503a009c6c431d6780559273215a222228082dbe613d2dc235908927b1693adf812ddd267d1f7b64abc5e174b057e550c60d5b4e5f4aed8fe16dc5ecd7d7fbc3647efe8abbd9f2ce4f21a14d2e76af8a0551d99f1d35cfee6a068f521af0340750658b415685ae99459744c3b29e24f70977ca21e8638045a3dcb88556904f4cdb31920b89dadc5b846d7a1306d1f86d179e1f611d0c061146e3df0aac42cc6710231d844e167a57b99f68ca174152d088d5af232d5d4e186f026dbd0fff228e7de1ce0e5d28f439e94b6cf106306a740071a03ee25387d1c0b2da3b24dfbbbf078458e3db1c42d1c369b3f57946cfba615151c118e5bc31d43f9621bc30ab6fca226285c50eaca6daedb148d0c4acf1d9691e875338221074630d9ac117fc704b06da6b595f9906681f5a598d0308da0d56e45a216860a3acbb2e00376d2931a21695239a8216347d39f649c0d990191a62a32563cc967a03e606ada7dc76e67a1e867ace9e05e8a27d96987b93eec3cbce6c8c4021ef2a7a862bcb49b2450c63802c41bbfd8ae9f3c9a55a570470c41a9ac7ec88c83d5c1f2c9342b30ab09e50271a7be04feedf85abac9efaf1422a045f6383886d3014c6436c7986f264d119b1f8aec8c67be8147feebbb94266c009d98db54dcfd9b6f275f13c210d10d808b55cb558faaa2a89f90023fb7aff01dcd6143c7fb985e286ae7bcd521916794ac148bf85ef14d8a54fe91739a4b0c3bfa4e77d70ebe0bd187364be48953bbcbb220dd43f2e9382d430dd0baf069b6e3fa46d696317b4b0dc030c7edf27c416f33082ae1b0b13290580b5c513adb90fd373af0403f268521fcad12940dec7f0532aff0f78813416cf965937f7ca0eaeee97dcf7a7ec603b892ba55801a6637ff1a8e4d99bbb969ae06bfadc232f131b19cece7b8c998d6c57b9b68d2252d7e543091583b67b868c8dc079c1c95294c5e039c637b1a02e58d614fdb79f3f08a29f9f90ba09370675ac1b071f07bbf97e48d3e3d102590c2fc4ccf5354c088f41f1abe507901a1b5e246c88f81e297a2876182669b16f1be10e68f3bc66c7e20f34ea5a5252ea013f71ef78931ea4e99f5ee9e4761cc3f773eb02fce9065c333eb58da334a67525d9f885747aeeb3193c3e6b60e037b7006435be7bf1eb5ac592e288984885b5f9781a900885c59ee235785501ab93d73ce758aba261f5cf1d732246096412a0a9334fc113b1fdedd0a15961a252479a91a889dd312a4fe44a49a5c8f3364740e2c84ad375226b0a8070d6e5f316320c6f33461e7c32395c60b531aef2690da2ce0a965df38756c26be257f62e89404ce58a62846e11ae30490ed476a484c5b798d0c67cbd795b7e02d460fc1be0dbf85180fbc7d650c14cc86cfe65259fde8d330ff96a175c49ccdca9dcc9886dcfdd763a8ac7bf4c02cec7ca5f808406a9a04ea18cab07febdb8f1f65e987de2cf830ed782ee590f857385f3514798bd3c98bc0bf3c9ceb63b7d2c4d084332f0f4702c185fe9b1a5780f8b11f18b10c9eae1d18a5d45d2677cda5c927906c507f21b987026965d5a9edc182cf6b104878aa8afe22731b2ec16b692cd2819b37a50036db1b6a47f6c47299a8bd35735d180eb1d75d956e8d020db4279fe1332664dfc01cedb5742545a3f2173a159841e11552564c3fbd39fdff26c4438d0b2f66b65f4ddd5778734562eb2bf1d56f5970a8463b520cbbc55dbacdf37a6a16e5c7135f3120c7bd4bf2fcefdf47d55d5a7ac628341ecf694098fd457d23bcce0b2296bf99ab9aff749af11b22fa2f24d4ee95659f3faf48978aea794a80415c845a6d7f924c68a62972db65b9185ff527719c5f8bae299fd50bb7ee1ced73528ab0648b870d8e8ff0acecabf2de8fd4ad30b1fce4084d8e1cfcee237f13a27e4d238f6d2eff350f2393f5ed9918cc35917f2035b1a5faf297bff886b6716db37215b822c8af5142ac94849e5484adb4e59ef85dd56473b1f6e1f6065c8e744377d98815f53244558c42af67e3502865bc81c37741c5ed3ed07e33c64a9d8b2f527e54e3c7e10666dd95eed759e8a3244c5a704a9349ee929752226d01c10bfa94d31ac2ced8261e5fc3a15f68500a9e7b5ad53fe3de581ae3fc9a03fc4da706c17b40ba5d9505938dd55f09989812e25ee54f7668fe8bd274e0c0b040a15c18b9d8bcee0cc88590637a8e7b6792ea8aa8dfd4fa8cfa183f3ce15308acc9d91d02e7f7b46f472c8fabead73ebe033fcc507384948a1eaf03548d79b649be7715b1aa0814a59183424e49e86bc9781ce2e9e8277a85f9b0b4faff231453829faa628ab00daedf8b8aeaeef758bbcbeaf8863ba179e1054b3da56466486fd9b8dcc42ca1bae2d4ff8e0877d9a726744080e125f7a1bbca906bcc59e8798e73bd79e5de3b4a79aa2bc2e8be40b695b5add3a8fc0952053bfc352849fe1ba9da83daca4c904c66fe91e55709ebca2a36356912a285f2206446b3216d78c9fe498431025b1af22d99537d5f86efb23e11e6e8e7d6cd97069c533e908cfb234c26a3424915459c53bf76ff18d7cceca11511b689611ff74118844aed1d4882f5d2a9d051bc3e051a53b7633138d0325082263497c9102cd33fb16c27a93055617ad14befe6321d40251d239d45a89bb079e24b04470fa75454d91bcc39c233eb0ad4a03d5667b9c7eea0d927d665dc2db377c71cfee93bbcd77f6096a2dd14452f1d74a9ebc7288670943ce9910f", 0x2000, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x18, 0xfffffffffffffffe, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x4080, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006380)="f7709f77945ec10b4eecea480cce6641402373da5e6d7f24014f7acee96be0135b59ce90b463223252169e036a4daf3dae250a1e6de526211d43d9512ae526730f553268794994fd54868ec480d09862b687b463a8fc5058903593b9bb4d50879635cbf67a9e7d1110fa0e8ef89dbd2abdae33183737b8c0b907f5cc74ad6ab0383f8240e091417d2816317f40abb64224f616136f93d932f2223ef42fa3c3155d53075d3eb1db73beb32bc364e3fc246d3dcaca2dc91a634815412bae915cdb1a6da7884559403b545235541ddac97d7b1ea8135539ebcfac1edfa2fee8cf78bb46da7644a8f9e42ae06ca7a188b83fa537b0962a10411b67fc4d7dfe9e95cce2aef82e75f4680b8ff9976b6569523b72a86bd3a8c96f30e85812fe33a610c2be0a3c1063e2ee864c6e8bbf331f2768accfea78700a7321e4af2db46fd162457e439369da2217992b77502b9b958df27bc086369963793854d7f8b00c537de3216898b8f2c1dd925049eef1ab57bb6f63b2d88850b49b3c54d71f545afafa16bd2d06ae501344987623890fdf9ac04b179d2131070a34cf143697b6642bf5da67437aaf5e78e7e6be85e44ad7b265d78d2baf92ee5ccb0a452eb32fb3fdd1a41abf3a68086acd20458af55c086f77c30bbbce4c19542f92ab1e68393ffa58b140586b49761aacdf6aeb7682561f01e0869f503c4a161fd405046d3e6523bd4071c09b7516e4e784f4d11706f1c2eb170e735e563c43317a5a9afad28511163cdb63660beb699f7b8a7eaf57d48517974ffa766fe8deab0cfb11562b9c281bce2493d08c40a259e0325c52124e303064c6fbae2826355e531543863030fef484621a381a945b6ec7253e20047e7294bd069442f72672e6dfe1ca17d75d8c6b16c931438cec72e6ee53f3db89a10a38a93cc84c7393773461db5074b4f5060dd0a04a069a7a9b078856a3fa1786fc8dab621ba622acafd0781b523ea097283afb0c59222a316c6ddc0554bcaccc70288e524ed7719fc02a86283b57690a7320af028efbaedd5bd158a9dc9ea8e4f53c7da7566cdbdd4f4d9f01a9dfa6251a355e338efc8eee258add8731c7d22161482b7e3c8bc83f30482f9935fcc5974d9d0685b5fba3b07d7f85cc8fef18ac4e8e915b8476bb44d7384c996921ae40a4fdd2dd2a70ba17e1c2d6ec67b8f7b45568c105d52afa9c82bdc1dc7fd951b1e4fc1212bf29231d8e41ed4dacafec9a823a672dceeee0e4048b5620373c53ab8f3553c842a5a6d914f8334d6d8a4af785f418e6b4aab3965f94ca9d80a74a5a034fb6edd0322696aa1060d82c7b104983f8889026819ffdf3d45c604e53066b03dfae13fad499e3894120c10944eaf752989daee4e172decca9c2b324a817a7c787e6bc59fc2884e358a1a9b14b3704cabe374d23c002b8112be68f409302d3dad0a4c02105cb54c4350c24e6f3b7588bf1c28ae321eaebb930cf0c3b607acff20663eab8a593320c518eba8f9205350f11a9c1530115f7e00f2aa335c92e1305ffcfeac7cdecd6f1b6a33710ec77ce428484712d66bad137b6c8da5aa51d1b7196d981a14a40df8406b292f385cb149cfc0a86701566674e089b88487f34fdb0bf16ca94d9da4a837f15d5cf8f11d9c226844d3eb18d848420f344a3992772125319abb641ea56f03fc626f092f67a8b6716b29cf8585cf5fe25a35f5dab0e3e075ba3c84116fb6cbbf99a8153d179ffc1e64356f1fa0bca6823ebd8e1a176636962cff271cee5c5bafcb68fad4921e070c4ae08cd8fa0b94534f11e66403d129a5e8253bd3a9dc09a8189895819ff618532bf6743b17a243d515e63868bdf9287fd1bad0d525759953624c8e82debf88159b2c22945535d9379c911f89c7856be1438bd02df70c939b80741ddad245082a72556a2ab3c2390b84c17b6119103a0b8126dbc55e05b153ef9a12cc67f649c14160c698a7127b39fe88fb91d19b2a381c08114c6e3e6d3d42b77602c838c421a9a414f1eb182d0197ff67dcfb5d79404afbdf9c96f475a0d5afc9a4d7cdad458eed6b1de6c13b11c46004243db779e7ad6dbbf15e69ee34bd2524cf72e49a5352992a9251a86c3dc30d7d5fe61ae538928e8fdca0e04fdb5917523d8266b7b4f1679a5082e798f587c5ed9084c70965e94e12f643ab0191e606c2eb0c3359a2b8504f3bb2e721cfbcfdd90c31cde10992c9400273bbc45fe5ba34d7ede773036e2fd1fec1f001c495accdf8ff572de3eb2aeebad29acfe3d2b1448fd67368d0c37f8bfbbf09bafc8f99a44b187f4f443c82b21f66f722fb59f40ce0f9d83c52b9b3358a80e102b21795a1cfcb986c787ccbb9f9c96c2b66d2f7a94ef2c2a5b65d5c2970ba6f3107609f4a67432835c2ce1682d260f6826072a6b6d4b113a5b06311677ca01260f3567ff1ab6be13b455f93916906273c5430fcccb57e0d78224ebec422763ee3a6b94528749a7ee5f70c9036cf3a99a9c98abc0e8aec18733a0c7da76814f2ff741582a9d96eb798426065764fcf86e40b6490f545494b48749fa8d398c5938d6bc7dbe183deecb913ef4c61aef27ea6bb77c23af09c3dec453f01d8e0cf1a3df30d73d44c4e147d9ff2853cb05b1d9fcd2d80815016f65368c477f3e8b676ee1ef5b9154850f02951060f5335d7b8b1c395151b443130d27b4aa0cdd9c1badc38e1825cbaea22480e1d8a986b001a4464fea618707f43bdf7949f500f3f9293b7f7f28170d45eb3e9422d7a107d5dfab18b8e7a2cbc4b42a818384136a49a021721fe07dff4fb2f26e74ee6b5725166409d794c69a1a5b27cb6263c387b81612add3c9e9e509845843a6ffb2250d37c365e3f57f0ad6e908fab119211e7679b41c8e298f9e85558be25ec0a4e6c9aa3d523ef3771971bfd272fcb736d10fa98a87b78c532fcc322f5e24baa21f2a3c84a90ec9b546869400bad19dec3575ebc69c8e512210b81667ed3cede89d10ee5871a6fb166b2f5c96f079cd5bf97f41327930b210627106c4cb6d77e3793b808c425b8a4118bbaa2d1a1454b162cf9886ec17e215d12223a65348ab33185861ab1f3166a4a925d25a63def895a5b01deea11bcaf17c79d27a922834a32aa0f8676793c7257e44d3f7768de19292a385a7a4b3fc992abfb9f8f3ada57b83dc7955c0b2edef1a8214dd8ea2cc9679685137dd63f3918020e2e2f38602005a4a6e84422867b9160f65e92e053d0b58191eadcd5a8a69b18e3216ea63df3f31869c81de88fc75a1d9e15cbdf8d68ba50cd8dfa55259aa362c2615ccab13489844d5ed995383e334074f561a4a67e1060e64a818fc96135d34e604cabe3d9195cf1283725c7700e397ecb72fc8b36f38cd0830b19b439101e4b3839c48ddc95367bff87b888407a517f94fbe58a7033db1123c0a0074c730e34ce821e12f43d84d3b4f0310c6ecd8afe7779671d7b825bb3892825c762b86f0ffd182b6aafd477fadf0c7a931cb61e2b05fc11267bf0a9882e7c2f8e84d3480d9e4576cc03f0e1dbfbef9f66840ad37e76da3ff8a419730a0076de67e9b913f03f5b637287d981eafa1223feafb86bcff5b2ce987f6fa8386ee036a3f75fe014ef90b05a744e038c43766b5fd552e66b9b4996f774988d2a70fa0bf05fbc453cc4fd0ab642db1bc71e1b63919f3c49254f177306f9b00af5782c0633d68ecb85f93fc1afd8dee3dd1ca8b0d7ba0ea463de0b6e3e05c080f832e129cec16853923cf15f06d9a38e20a5a6fa5125d03c1b72680547eafd9fdf246af08dcb4d4d746577478fbc72d7a36bb4bd3b5ba4dc5e407babfcd64b8c413d7dd5433d6a4ee17d5b4835a74c81414a9397d73e15ae387f04a5012a37c88b226207aba933d68a67bcd38f5e0fb8b24c4434c3a0109deaef4f9ab1d230ea6a4acd6db0c3962d0de3bb64e33a29af8dcbf39d48a27c1649a66d4aecdce2db60c50bcec31677559369184608db197f2ebed81ca8fbeb9d2f8c486ec9839e765df69ea634f2815e75eac613febfa26012767c28eae207ed9315bf19c42de9602f44f45a9cb9913a67548787a30c9e56f3399ab281c537751a28d98392655a60ceb9f2515772d2f1d5d2843952312e2a59061b60f128def6795e0c8eb7b12a710c1afacc84f498a29d683d1949c17f3aeeb8b9a32eb10bb242d61a2db5902d592224fb8e1e713ef33caaec6f8516333ca4886345555166e91a6469d67f39241d144c6457c0f74c60e662439281a660b3c802eafa5825fab36b764d4753b33920dc72ec4b7136be556c7d0d528eef67049f5a7bd9cc7e4e94a4874ad8d06595ed38a5f1cafff1018c1351d1d7eab144edba6d4f9eeb7924a25b9f7a3eb20984919d9ade66a18c33f92b65031472ca657a724d86053a3fc60fc5502acec81822bc609954e402a406081cfe7931a1adbfc45a3168e30a451561302a131ff702b4d6c5d3603ea9d1b54c64aad93407e078d6b435154236ba594e8d2f798bbdface489b43120bc0bd7e1bcb6658c2c192ccf18f278e9c5bb14dbdf1a4eb3412f9dc64a31abefd79bd7c91bb7297c9f694840a75cae5d3482d15a2d148092a6545972b7f95a23206bda509260bb370a012b744c2bb46b57da12367d35e778b7d7f463fd8230368b5a5636f28e2cddd03c69adc9c913027a726130c95d818fa38ca7ba8421d3fcf0736cd3001ffcf80701cf6d737cc3dd8f905af39fb2806d2f22289d0001c74eb482f4faf0a1863099cc1b236edd1cfa206b21a2ed86affb4e6a3a4dfb54fab46c8c06cd3e370b50e08e1b7a08864269d867eba5fae8a49560e9479209966002c09719ab8ca58702bfb0071d3859df0193a956ed4d8ad19a2c79656c6dd42eb5a44b808df394333683b605ad0cf176bfcfdc89b01317a802cf0ab02fc3673822b55fcfba512792c9e40a150cfae4dcd40b2b12296ba95063a2f50f552b4682c4d461b1efb7555816b5b836ff0319af6935ae5b41e67329a7b21da93c36fcd87cbba1653c0d00077b14cfcba24f891d62219c157b6354300837d211fbcf1881f5e98d6195fb782479e106c072020b56285107e2fd7947bc64ec9a43a0b239c140ec0456685ac3eba988952e641d2eb16cd0132d2bb25576fc6bcd5e29eb9da2d40e8b50776abe5cd7ea45da8442a311977c51755015b3e4995739edef0567a3f169e980addb1705224175372339de904eb952e13f648449722258fa21f7e53f4a1956e8e9a39dbb18c6d2d10d9146358158a0ab7ce3f54120b705e1ccb7a13fb7e9103d0b80faaac31cab07f6d2d9f668c707b5e3bdf259923a1057816a31e8c771267fd974193d90e1a9000001009ba52f7af599c1aeed13f6619cc0b334396b750c9017f84cff56c0dfecc12faee59e37cf7d44575bb448abb19616d4fa79f4fdf96631328dd0d0717f12b9587d76b577bbe78eaa7b0acace3b79776b5d2e77942c57745e347ec766170e90cc66a5191bff3ad49d423ba2817cf92be74e653cc6274a20bade324638d57a27f2fea01d4670bc1ad5ec4d006492ff5fa616a0010be824766f12acec9b26a7606cc8453382c3dd1f5f5c85354569123824002c44d0ae4cd2e1ebb4e33e3d7b69fe14e05fb53af9d66f53990a830120cd618cfaa10e5f6deab4ef4522afd380ea52f90b181fd5b538f424900aac643d118c33dbb6ffe0b2428844f51943412d8fda4a327b71c814cd6345b3690a4716f04fc7323ff1af08e82ef5e571c9fb0fa9b22af40948febda32ea14ecf61700eb02967d09bfd078ace6cea259952c0be90fab1ce841f1022d2da82f173c580d43effdb424b1729aa9fe40292c082043a7c901bc76426ef6e3de788db31e50f54458ca4e360bb803b48d5a4be50724c1f48b504b086d9dca3ae74eae76a1849d14a4074f389aba805b793f9662f072405026afc3ef108ede69dbd2c769886dfc75a9a2e093137d92b38e34a050eca73cd3067d56dfd58fedaff2857e720b09d676607a1e8eeeb06b26494cc2b844f5e856271732477f384af839e98889d5c9cc28651f6eb74029f839150f947d180e48776ef1c829509e12016c6d1b717713e6325751a944cd259b1b86b1f5e793cdb55a73784498be09c2cebdd70159c77abc7c64af2e2de1a860a3e9dd8646b7a6866e1891fcf97a2b3ea47c0c57c5fa9a94129c2e27940ab9fe996eb1813d21d48fb6dbc9b8071c50dc26b4ed21588211fc5edb1ca873c70b606678ae7de9c10d2d083f372421a3038c592a38aec69020862f4432ef9ae7f400ed53b44bb58e92b022ac8b62a6b459337af339dc3346a809b715f9974d21e606244d23cf4dcb0956f93c14047243172adc97a1fed868bc49fb57ecc123425a21e94dd5b9d1ff52bc45965a7be2f5ea8218750e2cc8f174fbd2c7811742f5f17fa1f954b8423c403fd2e4e96296e37e0bfe2edd52e8c3b921dac771c61524455b401017ab5f655eca76139557a4a87cc30210b052ae17a5ca8b634322657ea4d87e0da2392c470f8951ac0560a01b4d0befe632ee311d0b87af31465d6cf7854f5738cb5debfa1d7381c74f45eea08c06d4ddc9e811d1a33394a35efdb7121cdf5f1603343df8431c87718a5d4cf3b2e593508d8b63f0d1e82f9ebc40d4022ba06327cc8233f29c0995da512b318bfa212e9582cb880d9bd6a02050a014294ef321bb2c65e4638a4fd2c8c27fd9ac28c9e49cdae6dd9eb05dafb38a4a003a56dba826e386f5fd3ab0d54b92f53ec11c850927fc4c5b669c67505ce59306ad86460b480b711d4b31c512829b7037d1c45b5b84c0be40a038b5e975c57c860476318a22df2e4f90009c38481e519b9511e54dc59e89a6593bc53ae03224466513930c5ed3689793f00be192a58a919db9ad1267962c0ee60327ee710accb0da037610ef8aaff63f6582f691096fbdfb1996abc4443cd4ffe04fcad3608413044b978d86d3a18bdf86fdb70cf7e7bbb0e4db9d36176d0ba8a4cf81369fa84ee55466df70e6d4431a873000c19bb5caff30c01c7f7f928cde86bea5c401e525fb8a938fd016bffd5c9d52b279e867bc64f575b80eec74e7f66fe92aef613636e50c8f32831ab4b7eabbc89ce6d7bbfd03b6b005e0c5ba27268369f5083b2ded32c1f9e8cd73a1daee26cf03dbbf9c476fd0f14935244eb7b544f8db1c19d8a21de7e8a88f540e8949f721f20d7a47cfad3f52d93c11a796fbe9fbe415194193e5c70b33237f70790905816b856c252a30e72c081a8bac6a1c9fd2c372b9f870831d6ba6671fd8684f25e60cc7e3a1a02ed5f1a4fe426373bf61404a68571e93f35659b6c37f939233ca6663603b053c8fc74da84dd971b9319a1260fa2f5d66609962e93f7f33a40b22066b86a74fb38bf1444d025f27f14e922661471ef8ad503e97f8e7dd6b9c9a420885e519e085a1f26f7149b82881908021f601679f79c944549bcb431a7d2b12f75aa54cae39f9caafefc01e7eb589d2eb574937abbe18b419d7d27309acb330293456337cb9d753e08f7b890bbf76c4d6ef548bc3b5965302bc65ab08a2420527c1ad8be374cae7cc858376219d39a7a6d58c478a721678e789bcc317a4d1acbf47870a4802a07ac0332f7fdad7156065de511862c2a076e264138b98e7abd1a2555ef2e1ca44ee68f06725508891051f6bd24479a616606024841c8203744b999868b9f2b3b5e8a42f454d25fcddf8f5569594716a4022c3ac8ba67115b93d8bb50684b0fb100dabca7f6b7e29b723007776435829c6f21223d7a2556766d198c76ab6cce3b6e6da5c4d14a26b7cda1cebe6792ce4c1498fe644fb4408189e472efde923506ea4d18aa3284ec311fa942dfa5d8b939e509a10c69461993cc9d3ace2fef29afee8d0894764ffd82371d5ed363b5968447ad3c0962b86584cc97740d7bc3838ab1c1b0198ea830f122b200722d3c2c8815a2a5f90382e1c58f2348dbd38449e28c67ed85f66ea3e383b91c782a4e77ad4aa538db6d15ab90dd464318ded6fd293a1b0279852335e3c94bcce6f37950fb23d96f84465aeaa8fc2f71ce61a1416e579399c363bb37ded602fbea1ba5de87ab12bc7aeb5c62f026f648ab2babea2517c3ade2828109da58c010e6efef544088ba412ea57d3cd4fad3fd85b17e386ffc8a700664b2604c8a71c011e894ac03a109d9ddbe0b6d625d33d7d16fba5bcbc1ee1cdcfc6a475a23aff414e5b4f83e9d18e10f9e6dc49e518561ad53a110794d2ad9c7fee95a03b632b2acbebac42c996e1b856b2f18a2a3bf7cb0726c10b6aa3ec2d78bebd26e86ecf78b87736017cffa7d654b357be120985c553d11dbc932139ea6e1efdb7ef34598db568e66d42429e414b5903ad6e616ff7faff6ecedec529cf16b280c18dd4c3c8cd5192f625965e15c29104855364565a4a52ac5ff78eb31a6e7602e84226a87364708c2a9fdcf2f66f5dd0951aacb7b6c8f9bd0e534ae44b47799cdb8f683db5a3258d6f1943e04e59b11fbc6f57d16ff150c94a22717c1b483ad064c25f09022cc4ce09e76fed2b2ce84e9a50623f84cb013d00b8ee3fd2eaf1ed84df2b29d3119865f5df8fbb6d7440ec6da33deff5c60f466f91959c0d7c7800937cf59fdc6e2d53e809a6f6754ed545fc71c42a95d198df6329a3f32ecd091e7e643727ee34241b9244ea9a2118ccc6d5b52f8dbd61dbc7a4b65e8a4b0e937669a8a6377022df74ac0d2d42008edfa83a71c2e14c8cb7f3e54612cbe5b64b31371f445ea6235467b339b285bffaad0acd9af5159b84f58a3e0230a7e6f055a016a0737b893e0d1b2dba11de53529c825bea86a455bba90eb4f10ea5425d498c18c0bc643a5bb07491a8b6d89b1c92329aaff3a9cb9302f81100d97b78a09d1f5c512c26409796608b77c969c070f6e55037c97bef2c30ebb373110c2356e0663c0a7010d13f18f9b7b1d4a5de88b110efe433a5dc9dd03ac7621a6de39584de91e9b43c5ef4cb435eeb45b8865540355030acddeaf451a453a0b0a76cb064ea1e939dc5491f2c591973c741cf1f73ef4451a1b43ed9d9e0c7b126b869e7cd326900a470dc08a15fb176346f7431dadd6b820ec10cba33d7097ebac9c1ff147fe39d9cedad2828facd8c37cb22a8b7d55b63170f55ccf45fc25715d00e7eb7c3f32c5a7dce02bb07073daa170caa4813b2102648cf6a5bc9ae5ef3fc4c6240447190340469cea21650f79f5ff0ab60e6fa8a30a45f29ca7f4356c275ef4dad63b07f73cc672d26091db75eff3e19b51272b0b786609333f6580a3ad3c83673df3776d04cd05fa86b7b8066076b71377580d8b226d9daec174cf2a62ffd48259ca04821e949021b3f540b5268c794a5314de9cb143dafce0575c06750f0c125b507bf39bf0abfc25b9bc39ddbc4450f0f3a70c312905a5c2d11f7b39a3cb0fd08be6f8b74c5d74fdfb0477c942caac42ae596e0aa36db5f10e1571231ebfc327e5a6111eb2f2a0e1be0b0752018973500f1b7c832cf36078c24717f66983bb72649829af53389e89694bce146f8cb358d7922ba07dfa9da6fbd65b7f5159010b1bc6847967b9eeef7c6db90f48b1c1a7ab63481809111b2876c73c375064bdca8064ee8d6d7b3817db8f5dc82709c586afea5850f415ca7641b5e6f45ff93b9dbc2f62c40c47dbe61a069d88e3664c8dfc9be2b35f8896e6d5c8a35b864b50d50364d3cec828a4f7dcff3cb314c9f7ab03c93e1fd8c5bfa2c303d76cb0954b401927a000babc400497d3f3a37c1f7a685ecc12b28db4b9b75debccfb132a4bb3b19ba91a441a94403eef6ad8222edd1dcecf215580296020731cab55029a189561499d34faef21eadfc370f98872c2192aef73f0cdf80de61cc9157d1e08d7153a49f7d1151fb9f110febc34e760c1afb87eb36c9df1d6aa047cb655b3ec5fdae8e2d93861070f98bd5f1c53c26f07d7c43cb295440af75e87671a552e39f9bfe1853222eb8ba0c8013944ee61dbe21281b1d4e3ea3dc0353d4ded5db0128504b97491353120c63bea1c5656be047a77bebe93efbab10375cb0946624e076a93a6ffdc284f4aa9fcf54ebda3653d5abf7da76f19c165d0982d48279ba8ee9f33b2fb060491aa26517e39f2cb4d4ce7726b249f070aeefca6843a813026e45c6ddfccd1e0b8883a7170644c43b227a2a3c03cbd17b8f3dc0910685169ada487a72251eeb6e6a1dd5661294337cf4cee2d74fdfbe00ff6d07847e63880059bcd12951e8b649cca1dc6a355a7d2c26ef8cabd467b21d6bbe28b108b385ffff7304d96b03500c912efd2af7c45f81f5f2f0e3357ec7da616f81ead2f823a128696ec7dd65a6587e5ecb56a8fba1bdea28909da5e085e164b046310182fad711d4e46abaa61281c88c729810c615ce9636b5c96e4150e2fcec6c111469ba8b0c010963d4338fba8a8a080e384198e1410af15f7ee18e5396b721fc331860e072207da236b35dd94fa7dab288a114ea46e754f1d0b4bfa1a5b216706652e52c489e9a3a1cee8ab4fe5d416ac22c2649673715909c27f31684f6e103913bfd28e02fca507940b86405cebb8084d1c6532a5508b716070c67ba544a1593895f4cc1a8d075415feb69d50fb674c3a89b59f80032cdfa8d1181856817bb16f50bafd0e21aa656661bf3b6bfc207a7a645a8edc15ff1cb706b6292a3263ef5ad1479338f59058d08ce76dc801d8e11e280badd5a0c0dcf1c6285d95cc087e7f0dd823b6b7c353d22f1e7ed03c1461cc4c170e33cd06c45f17fe1af233cca638611449493d533f701d77163f6784202d995e17b797d4d2f0d87d05a00728e8fdda47c70ecf919a2a110371da3474580720e8eae934888cf84f1f1a5530baf815e7c16129732ec4af417c1be0970b845dbced563f00a86135bda35c525aa020f285116b00071858e6eacf7b124b635ff7b62410e8c27a4c76adcdec10f5180130e8c554d2d8038677650171a2f6c3da4c04e340b48df92cf41d08a499f680a2cd6ab099fcede2f8b1888aa052c7f2dffdb203e19fb1e2e6237e19b218740c89cce311ff168437500a6eec570780938c3291a19482656a8d53b19bde3d4148bf1a9f2ea67ae835df675662f27b5b6f5e2652d0471c81740acef306d9605b4ca09a2c4c0f3f8063b6fa5fe01109c5e348eb318074785771ab2cedc48d0f5e15b3a368ace5aea415aa2d566063f25571b7a218b9e95117aaf0a389284e763e448c88b49205392fe032ed206ca8e27fb1c65a72d125cc860913dabe714be1a2a85120066cad66d53dec9a30664bfdd33e25398199211b15fe0770cb243bee320e95e506be4617c3e5e6825342c769bc1da3127f8d34c922f60ed2727f5d9209fc28099ec86c29572fc7159f6ced79b0a2a2653100230a55f7a578e2f1d90f6301069ed04106de45b976f2aabe769ed17d59a53116b74fa2f598c0d1e9919ca8d9cc21265ebc218ab9808b094eebd9a48d8349cf3faeaaa7c8ddb07f6eb874f70cdfafe050de69c6e7da6c8d2f71d581d6c604f4bb29243e9d1bbcb0890b436cb43d1a33c4b96a08af4137135a8c8fe74034dcaf1581856f800771", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES16, @ANYRES32=r5], 0x4c}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r8)
sendto$unix(r4, &(0x7f0000000400)="30ae44c94ce845f5b1cf2de29e102104fca7e0a690e2b25b02106decb9935e044f34c596750d755c9b52ba81443b4d2f771bc6bab4143b7aea811cc3bb7103b1ee37d2287e7ffb13fa1a4bdba9037e13cf669780231f10db78aa1810052fb9dd18e919f8fa49c1447d0122f37740029ec53dc7642f7f9cb263048a27cb22ad8e8a10a2b48b550b9378281df4d7644bd757a2ad1b3c88f8e67bbdc0ce71eb951eb83ff37ba6204af4291424f9583625bcac3137a8e4eabdb7ff9499bddb0493", 0xbf, 0x4000000, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r9 = gettid()
r10 = syz_open_procfs(r9, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r10, &(0x7f0000000180)={0x30}, 0x30)
sched_setaffinity(r3, 0x8, &(0x7f00000002c0)=0x81)

8.791102114s ago: executing program 6 (id=3305):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @mcast2, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x50}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="8400000010000100"/20, @ANYRESHEX, @ANYRES16], 0x84}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000000)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback, 0x8fb}, 0x1c)
r2 = syz_usb_connect$hid(0x3, 0x36, 0x0, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000006040)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000001a40)='!', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f00000007c0)="c1", 0x1}], 0x1}}], 0x2, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSL2CALL(r4, 0x89e2, &(0x7f0000000000)=@netrom={0xbb, 0xbb, 0x2, 0xbb, 0xbb, 0x0, 0x0})
close(r3)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r5, &(0x7f0000000380)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5ff7700"})
r6 = syz_open_pts(r5, 0x0)
ioctl$TCSETAW(r6, 0x5407, 0x0)
r7 = dup3(r6, r5, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000d02000000000000000200000d"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
io_submit(0x0, 0x2, &(0x7f0000000b80)=[&(0x7f0000000380)={0x503, 0x0, 0x0, 0x5, 0x0, r7, 0x0}])
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00222200000008839fea28c8470c0000007b7d1b9b9f87060000ada399963e70ced1c85b00830000000082b78c9393cb2eba"], 0x0}, 0x0)
r8 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000001c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r8, 0x82, 0x110, &(0x7f00000003c0)={[{0x38, 0x4e00, "b555f1b8ec3243c2cca812f1a27c36646f8795398045f88f113983842a07dbe25c7f14d6ea2a44ec006aa4aea0368dd494b50ea158854fa5"}, {}, {0x45, 0x4e00, "231302ce97fb054777818c7c4887497813f8ec3115af4c36d64206c2f885a8e2c8c79cbecf4da5b81c0c80aa6d399eba9b40d73543d201d2c013421668cc5f550253ae403b"}, {0x80, 0x4e00, "d07ec99ff548093c5ec01305343222169d0c2dda00ebd4c8f08ae0ab0dcb8659615b83ef4e5540877cb715737fbbeb6ff70130f3f1bd2ebe8246c65708ff914ea3f302f1efa534e47feb4cfc0085f7fee9d34334473c55936a9ae92020e626ba8fa3c1da4e48111f5a18abbb54c7a0008e69a891eab8b5044672d28cf79e373f"}]})
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x330, &(0x7f0000000500)={[{0xff, 0x4e00, "f788055f6f3defa4e766bd3486f35d5f72d12bc8e83c555bcd3ad09be3695caa83b9846ae3b80f5d198e082ebccb8633e063d89a8fae167833e587a98d356e990090ffa9857cfe37a15f05436b955bb2d9f940e3d3456293da102c460243aa926f92631f8dc4bec071e2ced5a5e3dd5a6c72b52dc6b3ab64914e2a1591e32d8c80602c3ee0a2117ba8667c41e6ef989d17a8fb51e8033cd63a2955ebbba6e7c3a97a4eb2a8f8f671e3e2c4c631976cb223a15a3c73747b1a504ac645726930592d065a685822a4ef71367429d001f49c6ef4c678866c29be521660ceec41fd8a63687560695448a9c23e4929868b4f4671cebd3fa901379425b3ac0332cee4"}, {0x7f, 0x4e00, "beeb28d18ed93c5a4d59483e0763ec0b690e202be776f8aaf55f1cb7ad4b5b22e909a7f34a3c2f4e4bab35e08f00eb1c2fca2f92efc4ece28d89dd821112d8b2ee1758719735a8d85616dae6e1d1ac9d42515f09539e6f8a8353567ffee91dbb55060a0080eff5dce00baa8e2377bf39029727b25f8f75efe3e6304172b6d4"}, {0xe0, 0x4e00, "da1586d289056c078cfe2c413eaa1d95ae2d0a51d339d65245cdbd681307761431728a570c80e6fa27ea4d519a561f9b4c4a86eceb0d352cb96720f2c6f54bb43422a431bbd317f8d75ef7d3b3919bffd7c5136e1859ea34d312fef80101920f94b832cdac5acd92791723773e28b51caba3781005d753d3c7109503581e75dc898e32157c35e3c24b31e1ffd513cf296da98110a7f2785d2efaf4a4c5abc891027ae60e0591a8f4c23a696241c5357097c53a1b15b6fa07151c21ad5a399d46f685d9faea8d19b9059b0eb110169974acf72dbd2b76e2ef764d8dcbe1c834a2"}, {0xc0, 0x4e00, "9cf8f886d647b7d949dd5e5ceee71eef4755dbbc2fad7cef14ebcdfa79bd6d7ae0c2bda803f711a3fcc8a696374c7b69c49d4bbdebf3b019349bda3f3b1d3e34aa09897598db95b062191bed00b7f805b8edebe69013412a2ef8e309e982bbd90f44ac5df004015f4afd4c336800e1fad550964c22410e6841256033f1c73db76825e9c0c06775ba02969518a98d617cbc6fa3e683237d35be0a3be7a204cf539b6e81e8b9189af9a802b67cbfcf18fc03ae2fcd7fa908bd9b115803192992c5"}]})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r9, 0x89f2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "bb40af00008000"})
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xc, &(0x7f0000001000)=ANY=[@ANYBLOB="0804004e"])

8.574491851s ago: executing program 7 (id=3307):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001480)={0x10, 0x1401, 0x105, 0x70bd27, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)={0x0, 0xfffffffe, 0x0, 0x0, 0xa, "df3f040100010f0000000000f2150609000040"})
ppoll(&(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='mm_compaction_try_to_compact_pages\x00', r5}, 0x18)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r6, 0xc0505350, &(0x7f0000000480)={{}, {}, 0x4, 0x5})
close(r1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x58, 0x10, 0x40d, 0x0, 0x200000, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x2}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x58}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, &(0x7f0000000040))
socket(0x15, 0x5, 0x0)
unshare(0x20040600)

8.292261684s ago: executing program 5 (id=3309):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0x6908, &(0x7f0000000440)={0x0, 0xfffffffe, 0x10100, 0x3, 0xb5}, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x4})
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008f02"])
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
ioctl$RTC_AIE_ON(r2, 0x7001)
ioctl$RTC_SET_TIME(r2, 0x40247007, &(0x7f0000000040)={0x2, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
r3 = socket(0xd, 0x2, 0x6)
r4 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}}}}]}, 0x88}}, 0x0)
epoll_create1(0x0)
socket$kcm(0x2, 0xa, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000180)={0xcfad, 0x7ff})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x32)

7.161270987s ago: executing program 7 (id=3311):
socket$inet6(0xa, 0x2, 0x3a)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000140)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40bd434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a904100500fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff32863e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b743d42a89449a3e1b6be8953a2765148638387ffff486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd322cd00475a56cdf3cc7158bf8c559bf1a900"})
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x98, 0xf4, 0xbf, 0x20, 0x2c42, 0x16f8, 0x7d12, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x58, 0x0, 0x0, 0x6f, 0xe4, 0x14}}]}}]}}, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x1900, @ioapic={0x6000, 0x0, 0x0, 0xeffffdff, 0x0, [{}, {0x0, 0x9, 0x0, '\x00', 0xff}, {0x0, 0x12}, {0x0, 0x6}, {}, {0x0, 0x0, 0x4}, {}, {0x4}, {}, {0x0, 0x4, 0x0, '\x00', 0x1}, {}, {0x4}, {0x0, 0x0, 0x2, '\x00', 0x68}, {0x0, 0x1, 0x7}, {}, {0x0, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x0, 0x9}, {0xe, 0x0, 0x6}, {}, {0x0, 0x80}, {0x0, 0x4}, {0x0, 0xd}, {0x0, 0x2, 0x3}]}})

6.180158112s ago: executing program 1 (id=3313):
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4003, &(0x7f0000000200)=0x40000000007d, 0x5, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x7, 0x44, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
getpeername$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000001c0)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000440)={'sit0\x00', &(0x7f00000003c0)={'sit0\x00', <r2=>0x0, 0x0, 0x8000, 0x8, 0x0, {{0x12, 0x4, 0x0, 0x36, 0x48, 0x67, 0x0, 0x6, 0x2f, 0x0, @broadcast, @empty, {[@end, @timestamp_addr={0x44, 0x1c, 0x5f, 0x1, 0x0, [{@dev={0xac, 0x14, 0x14, 0x2d}, 0x2}, {@local, 0xf61}, {@loopback, 0x1412}]}, @ssrr={0x89, 0x17, 0xb2, [@broadcast, @empty, @multicast1, @broadcast, @private=0xa010102]}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=@ipv6_newnexthop={0x38, 0x68, 0x800, 0x70bd26, 0x25dfdbfc, {0xa, 0x0, 0x4, 0x0, 0x8}, [@NHA_OIF={0x8, 0x5, r1}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x6}, @NHA_ID={0x8, 0x1, 0x1}, @NHA_OIF={0x8, 0x5, r2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x20000084)
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ffd000/0x2000)=nil})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}], 0x10)
sendto$inet6(r3, &(0x7f0000000240)="3079441211a883c2c994350acf60eee2760b71136c7bac91d75ae2ea2cd22050f805bb595a09f7708cb162eb8c3cd906c384945497187147a2bde1ea7671fa000000000000148f207b0000000000000000615726e9df89fd84f49f2495b245356253217b8f5b9f96f91e343ee1b3459973429e3cda7cb26f667d7525a863492b83d8f5e34602f8d2f86fb5b8f13ad45f6790ed6e2191fb0e1c014d10c2e63c66fce8eff25457d17af01328368937c0275c0ddabec0c6adc78055c28ceda6194739ff447ca2cfeb686b003d5f6d47afa44a61b68e837fa558ae1a7aa8cd25f06d20af67203c9d45cdf42aa7535bc56ea819b2964c166f7365447fbf450b524904684b9d8d8e35e475bc12586c75217f81970483df9cd90b35dd5c8daddfa5867076b771eeb3aec76724aad74d0d4bb65ba28877165555963331aa96a7e4b6fa2805fc3d2151ceb24f74ad96a3b2571af9a348167799efd53e5725b251b8a94d968fcc21b14cab9550acc2e9ca83dec4", 0x16f, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0xfffffffc, @ipv4={'\x00', '\xff\xff', @loopback}, 0x2d4b1b92}, 0x1c)
setsockopt(r3, 0x10000, 0x5, &(0x7f0000000040)="e3ed082bfbf76e4ea3b6ea895616c93723e3f0a4fbeb96ca8719a55c4678a495dc5f81e5e373f8d1900a762c9be5e63f512ffe3f38a4e98b526ee0782a79c444751fd2a5d90c48c2378de7c543274812312f827b737fb55a035921c516b4219a54fa2af2b0b9b8657f98286945a7b8ca22e27728083c8341317da491b5bf", 0x7e)
r4 = socket$key(0xf, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b05, &(0x7f0000000040)={'virt_wifi0\x00', @random="e8dfffdfe6f1"})
ioctl(r4, 0x8b24, &(0x7f0000000040))
recvmmsg(r3, &(0x7f0000004480)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x40000000, 0x0)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffe000/0x2000)=nil)

5.97130223s ago: executing program 1 (id=3314):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x43fab000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="6800000010000304000000000000000000000400", @ANYRES32=r4, @ANYBLOB="e0d8010004a701004800128009000100626f6e640000000038000280050015000400000005001b005400000008000f00050000000480050001000600000005001100090000"], 0x68}, 0x1, 0x0, 0x0, 0x11}, 0x4000044)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r6, 0x84, 0x79, &(0x7f0000000180)={0x0, 0x100, 0x9f7b}, 0x8)
bind$ax25(r5, 0x0, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, &(0x7f0000000000)=0x6, 0x8, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

5.575473904s ago: executing program 3 (id=2246):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1820b4e18e244d80f8010000f1ffffff00100000850040007b050000003ed31ddbc663525d0e278f9f79ea82c239f661c7226d1237621725a2be781e85ee413585d0e45efef62eea0c14a183a8b216373a5ead6334da7e1831917145c6f9372e59c907120272960b83783f3e77445419f48c5792dfe8811b11d4af"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

2.761049858s ago: executing program 7 (id=3315):
socket$netlink(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xe08, 0x0, 0x5, 0x1, 0x80000000}, 0x2}}]}, {0x3}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x68}}, 0x8000)
r3 = gettid()
kcmp(r3, 0x0, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
accept4(0xffffffffffffffff, &(0x7f0000000080)=@rc={0x1f, @fixed}, &(0x7f0000000100)=0x80, 0x800)
socket(0xa, 0x1, 0x0)
openat$smackfs_access(0xffffff9c, &(0x7f0000001140)='/sys/fs/smackfs/access2\x00', 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
gettid()
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000300)={'wlan1\x00', &(0x7f00000000c0)=@ethtool_stats={0x1d, 0x7, [0xb, 0xfffffffffffffff7, 0xfa, 0x7f, 0x100000001, 0x9, 0x1]}})
ioctl$VIDIOC_S_CROP(r6, 0x4014563c, &(0x7f000001f9c0)={0x5, {0x8000, 0x300, 0x7}})

2.760615981s ago: executing program 1 (id=3316):
syz_usb_connect(0x2, 0x3d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000393f6fe108c10590157db0102030109022b000181"], &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0})
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="00082cbd7000fedbdf2506000000060028000400000008"], 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x8)

2.760077395s ago: executing program 6 (id=3317):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
iopl(0x3)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000300)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000180)='k', 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r1, 0x1)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000440)={0x0, @in6={{0xa, 0x0, 0x0, @mcast1}}, [0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, &(0x7f0000000540)=0x100)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
unshare(0x8040480)
setns(r2, 0x20000)
unshare(0x2040400)
bind$can_raw(r0, &(0x7f00000005c0), 0x10)

2.75871864s ago: executing program 5 (id=3318):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
sendmsg$NFC_CMD_DISABLE_SE(r1, &(0x7f00000002c0)={0x0, 0x300, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fcdbdf251200000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080015"], 0x54}}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r6=>0x0})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r6], 0x90}}, 0x40000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r8 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r8, &(0x7f0000001600)='./file1\x00', 0x2000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r8, &(0x7f0000000100)='./file1\x00', r8, &(0x7f0000000240)='./file0\x00', 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r9, 0x84, 0x6b, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0xb7d, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40}], 0x1c)
listen(r9, 0xfff)
getpeername(r9, 0x0, &(0x7f00000000c0))

1.215931307s ago: executing program 1 (id=3319):
unshare(0x2060400)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x6, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xff}, 0x1c)

1.082130059s ago: executing program 1 (id=3320):
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0)
shmget(0x1, 0x1000, 0x78000000, &(0x7f0000260000/0x1000)=nil)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001940)="a702c27bf06db98cdf8d6889422019c0b20a0a589054612bc8b9aa12732b5894b3c2d33be1f984c47d286b219241aefd3c8c01f9843c6e8fb0e19e0c0743a2532975634b87c108677948f86f35b5eecd56f3b769bcfa672442f58bd4199e03bf4ea9385cd1df984d2958938330a1cd148cde179da1e2f11ca51a529ea58803884e2b6978de1a4127626ec37a290e73ca8d6d8ddfdfd53755d167ba8b2cd2fbff86ac34b7db68e9875e4307792830f899f0c75e418f58ce82039ce193097579f3aceff36ec054c4672cc8969f69efe1015860c8ffffecec6de646fb793021c2bb996dc9f7e6a72620e7cd729f1c24e8eeb58eb51a928570468e1fb23641e00fa426f6c24450abbde87f8833f0ee367758834d877babd4a80518cdcb04d6352e52d8abd6443757bd6ca779f0e57b25698598cdf11f8b45108cb1384fccab4aec1347e71eafcfafaadd4360716c11eb4d11864131df20db52730a242f45ccd6bc3dc02589c0e2a979b752986c692a4dff8ab71c5574220ae28bdb94c7e4ecf4b04e9ca4b68db1b27d0c2e8eea02487f5df0cb948cb2520694a6cb1dee45e0ef6d10925020001e0b49e1887f2c7e7dd98a4c04578e393b8bb7827868953f7587f5262aaf9f3d0803cd7e1ebc476f9407df2a9fea1349c80e14d094e3e203b18bd5bdee5453ad7817c73c974e753cdf923e9333c001cef33d89f8882adc5b5a491baecf9deb9199fd9e4740070183159818f1d527b0c369d590ec4988b7ed124eb9b34c050d426165f3ac392f2fc0dad59578c2498a755113f1e2207312e72fad25b59c0886c1242ed416e58d8fbff8e2ccf89d1aa87cde308c36e3c53c842a661df51449bd224cd967310172ad7165e6976e47cb7d191544d54170fdabdf9482e2b24d8a58376ea7cf60b347b55a259bf2eddb9e9d3aca20422dedcc9af246ead386662fdf14735a6e0deec38d23fbcebcc30349badcfb85308bd61354451d8199d9f53db36019d3d8e0db0becc5e1439c8104414d4020fa1f7298705becf897902d550862f1630a36773f585d0b122555632b7c333282b06d99a352daa20fda91c4406778dc36dcc5e73b8fa3048c53e30c762ede7be96880a1e3229a0bf88f8cc4e1c89571182e3dbdb5df2720ddf34f111314040c2f4ed3daf234a960e19d902fe68b41701c7834d9b092132f0b189cda43512319479475623598c4d1a00787f2ef605ff9289b180bbf17b62abaa1bea1429bc468f6f5df7fffcc7784a69338701a1e0fb471d3b17dba61e22705fe087b803faae47d7e338099021461a412af3ad4f94d6cea74fd858e5f39acdd93fc59c8970e00efc6cd78311d0859fab70c7de88d099c86743c8324427c7e931c0b50f54ab2d66bfc5eb474a2efd8ba91923825bacffff39d074e018373a36b55885cc1e2bbb5f8f7b001942e9e3dfb7f35e7b44b7c513ecc91f518d0d0577b9926961bcea1b468ee5f3d50d0cf188c81790dbb156be77eb6e69f5e2b922e13d8b92baef4125d802cfed1a097e3d9abb2b03e6566c17d24f78a6a29687188f22030c4f0e75935aea670bc038cee6e7827c66b772fe3bc17e5dcb66a371cda6ab8f95c199f23c8cfb98862947604c87973540ba650de26ceeaa118af2f8d51593c0bfab9a49360c862b5d2f0cd4912d42ab3a4830700ce125195190e28c20c44700b4c547d762b9d76aae14bcae36412fb8911a385ba5bda57f8cfeadf8f6e409226534866a61ee15cb5ad80cf22110176cf59db4e82207e3a5c12fb2afc1474ac7f6dd6c3f59a1f35caf41b9c75b98e3fdcee8ba0f62e0f66049ec52252990cb74339316e2878d76e5768096d16eed915721cd4cf2fbb8740ce3a483d95b15c28037e4f08568ce29e297f0fb9178ac6a3050e33", 0x541}], 0x1}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000001e80), &(0x7f0000000200)='./file0\x00', &(0x7f0000000580)='nfs\x00', 0x0, &(0x7f0000000700)='\x00')
r4 = openat$userio(0xffffffffffffff9c, 0x0, 0x40101, 0x0)
write$USERIO_CMD_REGISTER(r4, &(0x7f0000000000), 0x2)
r5 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
recvmmsg(r5, &(0x7f0000005b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r6 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
fsmount(r6, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040fea00011c04"], 0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

130.20115ms ago: executing program 7 (id=3321):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001480)={0x10, 0x1401, 0x105, 0x70bd27, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)={0x0, 0xfffffffe, 0x0, 0x0, 0xa, "df3f040100010f0000000000f2150609000040"})
ppoll(&(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='mm_compaction_try_to_compact_pages\x00', r5}, 0x18)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r6, 0xc0505350, &(0x7f0000000480)={{}, {}, 0x4, 0x5})
close(r1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x58, 0x10, 0x40d, 0x0, 0x200000, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x2}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x58}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, &(0x7f0000000040))
socket(0x15, 0x5, 0x0)
unshare(0x20040600)

100.684094ms ago: executing program 1 (id=3322):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05640, &(0x7f0000000340)={0x2, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfeedcafe, 0x0, 0x0, 0x0, 0x5}})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0xf}, {0x0, 0x0, 0x8}], 0x8})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 6 (id=3323):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r3)
sendmsg$NFC_CMD_FW_DOWNLOAD(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000fedbdf2515000000e8ff1300287d0000"], 0x1c}}, 0x0)

kernel console output (not intermixed with test programs):

SR network
[ 1099.128906][ T6037] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1099.136108][ T6037] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1099.148246][ T6037] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1099.155440][ T6037] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1099.313980][T17753] veth0_macvtap: entered promiscuous mode
[ 1099.343394][T17753] veth1_macvtap: entered promiscuous mode
[ 1099.374149][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1099.384712][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.394596][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1099.405206][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.415442][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1099.425942][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.435824][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1099.446344][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.457651][T17753] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1099.515942][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1099.526566][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.536476][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1099.547133][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.557059][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1099.568098][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1099.581021][T17753] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1099.591893][T17753] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.600771][T17753] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.609854][T17753] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.618802][T17753] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.468703][T16314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1100.546143][T16314] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1100.649260][T17822] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1100.734616][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1100.803060][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1100.804180][T18018] autofs4:pid:18018:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.1000000), cmd(0xc0189379)
[ 1100.953255][T18018] autofs4:pid:18018:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189379)
[ 1101.539703][T18024] fuse: Bad value for 'fd'
[ 1101.658275][ T1165] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1101.765388][T17822] veth0_vlan: entered promiscuous mode
[ 1101.792723][T17822] veth1_vlan: entered promiscuous mode
[ 1101.852631][T17822] veth0_macvtap: entered promiscuous mode
[ 1101.872554][T17822] veth1_macvtap: entered promiscuous mode
[ 1101.902333][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1101.929419][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1101.948739][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1101.962514][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1101.987407][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1102.003378][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.027213][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1102.047571][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.067213][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1102.087954][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.109772][T17822] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1102.204744][ T1165] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1102.226076][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1102.238495][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.249064][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1102.273234][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.283316][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1102.303140][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.323208][T17822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1102.343168][T17822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1102.354377][T17822] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1102.447879][ T1165] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1102.478795][T17822] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.512323][T17822] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.540049][T17822] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.568696][T17822] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.615316][ T1165] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1102.820407][ T6985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1102.851394][ T6985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1103.005049][T16314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1103.012889][T16314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1103.073244][ T1165] bridge_slave_1: left allmulticast mode
[ 1103.083798][ T1165] bridge_slave_1: left promiscuous mode
[ 1103.089587][ T1165] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1103.114424][ T1165] bridge_slave_0: left allmulticast mode
[ 1103.120178][ T1165] bridge_slave_0: left promiscuous mode
[ 1103.138422][ T1165] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1104.432568][T18038] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1105.441713][T18045] vivid-007: kernel_thread() failed
[ 1105.668699][ T5859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1105.711598][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1105.737548][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1105.792763][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1105.823404][ T5859] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1105.833931][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1106.003460][ T1165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1106.022073][ T1165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1106.036450][ T1165] bond0 (unregistering): Released all slaves
[ 1107.378077][T18076] fuse: Bad value for 'fd'
[ 1108.190870][T11865] Bluetooth: hci0: command tx timeout
[ 1108.738417][T18064] pim6reg527: entered allmulticast mode
[ 1108.769896][T18080] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1108.820202][T18049] chnl_net:caif_netlink_parms(): no params data found
[ 1109.342727][T18099] syz.1.3033 (18099): drop_caches: 2
[ 1109.351192][T18099] syz.1.3033 (18099): drop_caches: 2
[ 1110.163187][T11095] usb 7-1: new high-speed USB device number 80 using dummy_hcd
[ 1110.610891][T11865] Bluetooth: hci0: command tx timeout
[ 1110.720466][T18103] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3035'.
[ 1110.737937][T18103] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3035'.
[ 1110.764821][T11095] usb 7-1: config index 0 descriptor too short (expected 3133, got 61)
[ 1110.773939][T11095] usb 7-1: config 0 has an invalid interface number: 156 but max is 1
[ 1110.782102][T11095] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1110.863440][T11095] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1110.882785][T11095] usb 7-1: config 0 has no interface number 0
[ 1110.889579][T11095] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1110.903575][T11095] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1110.914712][T11095] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1110.924655][T11095] usb 7-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1110.938527][T11095] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[ 1110.948084][T11095] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.959809][ T1165] hsr_slave_0: left promiscuous mode
[ 1110.972262][ T1165] hsr_slave_1: left promiscuous mode
[ 1110.978816][ T1165] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1110.994692][T11095] usb 7-1: config 0 descriptor??
[ 1111.003738][ T1165] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1111.023510][T11095] gspca_main: spca561-2.14.0 probing abcd:cdee
[ 1111.031653][ T1165] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1111.044981][T18119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3038'.
[ 1111.062223][ T1165] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1111.094088][ T1165] veth1_macvtap: left promiscuous mode
[ 1111.099672][ T1165] veth0_macvtap: left promiscuous mode
[ 1111.105610][ T1165] veth1_vlan: left promiscuous mode
[ 1111.110924][ T1165] veth0_vlan: left promiscuous mode
[ 1111.245962][T18123] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1111.814235][T11095] spca561 7-1:0.156: probe with driver spca561 failed with error -22
[ 1111.826273][T11095] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1111.833574][T11095] usb 7-1: MIDIStreaming interface descriptor not found
[ 1111.878724][T11095] usb 7-1: USB disconnect, device number 80
[ 1112.175432][T18132] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3039'.
[ 1112.234269][T18128] udevd[18128]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1112.683121][T11865] Bluetooth: hci0: command tx timeout
[ 1113.623665][ T1165] team0 (unregistering): Port device team_slave_1 removed
[ 1113.673615][T10466] usb 7-1: new high-speed USB device number 81 using dummy_hcd
[ 1113.700974][ T1165] team0 (unregistering): Port device team_slave_0 removed
[ 1113.843247][T10466] usb 7-1: Using ep0 maxpacket: 16
[ 1113.854794][T10466] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1113.873336][T10466] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1113.898814][T10466] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1113.922573][T10466] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 1113.934556][T10466] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1113.964604][T10466] usb 7-1: config 0 descriptor??
[ 1114.450498][T10466] shield 0003:0955:7214.0039: unknown main item tag 0x0
[ 1114.469558][T10466] shield 0003:0955:7214.0039: unknown main item tag 0x0
[ 1114.483358][T10466] input: HID 0955:7214 Haptics as /devices/virtual/input/input41
[ 1114.551077][T10466] shield 0003:0955:7214.0039: Registered Thunderstrike controller
[ 1114.560061][T10466] shield 0003:0955:7214.0039: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.6-1/input0
[ 1114.652615][T18141] random: crng reseeded on system resumption
[ 1114.712562][T18119] erspan0: entered promiscuous mode
[ 1114.719448][T18119] macvtap1: entered promiscuous mode
[ 1114.725651][T18119] macvtap1: entered allmulticast mode
[ 1114.731224][T18119] erspan0: entered allmulticast mode
[ 1114.737059][T11865] Bluetooth: hci0: command tx timeout
[ 1114.754801][T18049] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1114.773205][T18049] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1114.780767][T18049] bridge_slave_0: entered allmulticast mode
[ 1114.816621][T18049] bridge_slave_0: entered promiscuous mode
[ 1114.826557][T18049] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1114.834017][T18049] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1114.860402][T18049] bridge_slave_1: entered allmulticast mode
[ 1114.890759][T18049] bridge_slave_1: entered promiscuous mode
[ 1114.923591][T18143] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3043'.
[ 1115.307283][T18049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1115.337071][   T25] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[ 1115.349255][T10466] usb 7-1: USB disconnect, device number 81
[ 1115.367317][   T25] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[ 1115.378938][   T25] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[ 1115.390204][   T25] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[ 1115.514018][T18049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1115.579655][T18151] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1115.679768][T18049] team0: Port device team_slave_0 added
[ 1115.708368][T18049] team0: Port device team_slave_1 added
[ 1115.772101][T18049] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1115.780299][T18049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1115.880387][T18049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1116.045811][T18049] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1116.077734][T18049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1116.153424][T18049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1116.236602][T18159] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3046'.
[ 1116.262431][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.273046][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.166801][T18049] hsr_slave_0: entered promiscuous mode
[ 1117.234214][T18171] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3049'.
[ 1117.261351][T18049] hsr_slave_1: entered promiscuous mode
[ 1117.280412][T18049] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1117.310986][T18049] Cannot create hsr debugfs directory
[ 1117.482389][T18174] tap0: tun_chr_ioctl cmd 2147767519
[ 1118.123211][T10466] usb 2-1: new full-speed USB device number 91 using dummy_hcd
[ 1118.277544][T10466] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1118.303528][T10466] usb 2-1: not running at top speed; connect to a high speed hub
[ 1118.337165][T10466] usb 2-1: config 129 has an invalid interface number: 28 but max is 0
[ 1118.364478][T10466] usb 2-1: config 129 has an invalid descriptor of length 0, skipping remainder of the config
[ 1118.403297][T10466] usb 2-1: config 129 has no interface number 0
[ 1118.410084][T10466] usb 2-1: config 129 interface 28 altsetting 250 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1118.473319][T10466] usb 2-1: config 129 interface 28 has no altsetting 0
[ 1118.495799][T10466] usb 2-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=db.57
[ 1118.506715][T10466] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1118.522759][T18049] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1118.529894][T10466] usb 2-1: Product: syz
[ 1118.535025][T10466] usb 2-1: Manufacturer: syz
[ 1118.539718][T10466] usb 2-1: SerialNumber: syz
[ 1118.601142][T18049] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1118.622050][T18049] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1118.668621][T18049] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1118.788219][T10466] etas_es58x 2-1:129.28: Starting syz syz (Serial Number syz)
[ 1118.843832][T10466] usb 2-1: USB disconnect, device number 91
[ 1118.928298][T18049] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1118.984367][T18049] 8021q: adding VLAN 0 to HW filter on device team0
[ 1119.018140][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1119.025773][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1119.288141][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1119.295347][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1119.373460][T18180] FAULT_INJECTION: forcing a failure.
[ 1119.373460][T18180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1119.386751][T18180] CPU: 1 UID: 0 PID: 18180 Comm: syz.5.3052 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1119.397199][T18180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1119.407463][T18180] Call Trace:
[ 1119.410771][T18180]  <TASK>
[ 1119.413820][T18180]  dump_stack_lvl+0x241/0x360
[ 1119.418574][T18180]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1119.423945][T18180]  ? __pfx__printk+0x10/0x10
[ 1119.428660][T18180]  ? snprintf+0xda/0x120
[ 1119.432940][T18180]  should_fail_ex+0x3b0/0x4e0
[ 1119.437651][T18180]  _copy_to_user+0x31/0xb0
[ 1119.442098][T18180]  simple_read_from_buffer+0xca/0x150
[ 1119.447510][T18180]  proc_fail_nth_read+0x1e9/0x250
[ 1119.453443][T18180]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1119.459469][T18180]  ? rw_verify_area+0x55e/0x6f0
[ 1119.464360][T18180]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1119.469939][T18180]  vfs_read+0x1fc/0xb70
[ 1119.474134][T18180]  ? __pfx___mutex_lock+0x10/0x10
[ 1119.479193][T18180]  ? __pfx_vfs_read+0x10/0x10
[ 1119.483914][T18180]  ? __fget_files+0x2a/0x410
[ 1119.488534][T18180]  ? __fget_files+0x395/0x410
[ 1119.493241][T18180]  ? __fget_files+0x2a/0x410
[ 1119.497867][T18180]  ksys_read+0x18f/0x2b0
[ 1119.502419][T18180]  ? __pfx_ksys_read+0x10/0x10
[ 1119.507232][T18180]  ? do_syscall_64+0x100/0x230
[ 1119.512034][T18180]  ? do_syscall_64+0xb6/0x230
[ 1119.516745][T18180]  do_syscall_64+0xf3/0x230
[ 1119.521282][T18180]  ? clear_bhb_loop+0x35/0x90
[ 1119.525995][T18180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1119.531953][T18180] RIP: 0033:0x7fb766f7f21c
[ 1119.536404][T18180] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[ 1119.556045][T18180] RSP: 002b:00007fb767e63050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1119.564501][T18180] RAX: ffffffffffffffda RBX: 00007fb767145fa0 RCX: 00007fb766f7f21c
[ 1119.572596][T18180] RDX: 000000000000000f RSI: 00007fb767e630b0 RDI: 0000000000000008
[ 1119.580776][T18180] RBP: 00007fb767e630a0 R08: 0000000000000000 R09: 0000000000000000
[ 1119.589139][T18180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1119.597142][T18180] R13: 0000000000000000 R14: 00007fb767145fa0 R15: 00007ffe47987f58
[ 1119.605340][T18180]  </TASK>
[ 1119.615074][T18049] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1119.643029][T18049] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1119.753258][T18191] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3055'.
[ 1120.002946][T18049] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1120.084051][T18049] veth0_vlan: entered promiscuous mode
[ 1120.179748][T18202] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3058'.
[ 1120.202492][T18049] veth1_vlan: entered promiscuous mode
[ 1120.971458][T18210] netlink: 'syz.7.3059': attribute type 2 has an invalid length.
[ 1121.153686][T18209] vivid-000: kernel_thread() failed
[ 1121.188020][T18049] veth0_macvtap: entered promiscuous mode
[ 1121.550354][T18049] veth1_macvtap: entered promiscuous mode
[ 1121.569409][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1121.580584][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1121.593274][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1121.603911][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1121.614069][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1121.624578][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1121.634525][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1121.645272][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1121.655400][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1121.666434][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1121.724468][T18049] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1121.803924][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1121.906188][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1121.953315][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1121.983578][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1122.005940][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1122.032688][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1122.050147][T18049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1122.069673][T18049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1122.082007][T18220] fuse: Bad value for 'fd'
[ 1122.106317][T18049] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1122.166033][T18223] tap0: tun_chr_ioctl cmd 2147767519
[ 1122.184862][T18049] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.206712][T18049] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.239419][T18049] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.265063][T18049] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.665664][T18225] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1124.005594][T14340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1124.014127][T14340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1124.184938][ T6037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1124.223208][ T6037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1124.933097][    T9] usb 2-1: new full-speed USB device number 92 using dummy_hcd
[ 1125.101566][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1125.117049][    T9] usb 2-1: not running at top speed; connect to a high speed hub
[ 1125.144316][    T9] usb 2-1: config 129 has an invalid interface number: 28 but max is 0
[ 1125.153687][    T9] usb 2-1: config 129 has an invalid descriptor of length 0, skipping remainder of the config
[ 1125.193177][    T9] usb 2-1: config 129 has no interface number 0
[ 1125.213816][    T9] usb 2-1: config 129 interface 28 altsetting 250 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1125.256057][    T9] usb 2-1: config 129 interface 28 has no altsetting 0
[ 1125.275336][    T9] usb 2-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=db.57
[ 1125.284797][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1125.301059][    T9] usb 2-1: Product: syz
[ 1125.306827][    T9] usb 2-1: Manufacturer: syz
[ 1125.323089][    T9] usb 2-1: SerialNumber: syz
[ 1125.802703][    T9] etas_es58x 2-1:129.28: Starting syz syz (Serial Number syz)
[ 1125.845438][    T9] usb 2-1: USB disconnect, device number 92
[ 1126.800181][ T1107] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.024319][ T1107] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.138200][ T1107] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.270745][ T1107] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.498434][ T1107] bridge_slave_1: left allmulticast mode
[ 1127.511746][ T1107] bridge_slave_1: left promiscuous mode
[ 1127.524642][ T1107] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1127.545897][ T1107] bridge_slave_0: left allmulticast mode
[ 1127.557572][ T1107] bridge_slave_0: left promiscuous mode
[ 1127.570411][ T1107] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1128.355199][ T1107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1128.366824][ T1107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1128.380136][ T1107] bond0 (unregistering): Released all slaves
[ 1128.757135][ T5859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1128.770736][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1128.782495][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1128.790901][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1128.800756][ T5859] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1128.808348][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1129.975538][   T25] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 1130.204341][   T25] usb 6-1: device descriptor read/64, error -71
[ 1130.299046][T10466] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1130.503833][   T25] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 1130.663792][T10466] usb 2-1: Using ep0 maxpacket: 32
[ 1130.752042][T10466] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1130.805209][ T1107] hsr_slave_0: left promiscuous mode
[ 1130.814898][T10466] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1130.824882][ T1107] hsr_slave_1: left promiscuous mode
[ 1130.830889][T10466] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1130.840037][T10466] usb 2-1: Product: syz
[ 1130.843183][ T5232] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1130.844679][T10466] usb 2-1: Manufacturer: syz
[ 1130.857360][   T25] usb 6-1: device descriptor read/64, error -71
[ 1130.857721][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1130.872462][T10466] usb 2-1: SerialNumber: syz
[ 1130.881586][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1130.884085][T10466] usb 2-1: config 0 descriptor??
[ 1130.894916][T18291] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1130.953849][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1130.961434][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1130.974658][   T25] usb usb6-port1: attempt power cycle
[ 1131.023193][ T5232] usb 8-1: Using ep0 maxpacket: 8
[ 1131.229674][ T1107] veth1_macvtap: left promiscuous mode
[ 1131.235344][ T1107] veth0_macvtap: left promiscuous mode
[ 1131.240887][ T1107] veth1_vlan: left promiscuous mode
[ 1131.443181][ T1107] veth0_vlan: left promiscuous mode
[ 1131.473510][   T25] usb 6-1: new high-speed USB device number 72 using dummy_hcd
[ 1131.506361][   T25] usb 6-1: device descriptor read/8, error -71
[ 1131.957514][ T5232] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1131.968624][ T5232] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 26056, setting to 1024
[ 1131.979837][ T5232] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1131.989557][ T5232] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1131.999325][ T5232] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 241
[ 1132.010125][ T5232] usb 8-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58
[ 1132.019565][ T5232] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1132.042542][T11865] Bluetooth: hci0: command tx timeout
[ 1132.054555][ T5232] usb 8-1: config 0 descriptor??
[ 1132.108208][ T5232] usb 8-1: can't set config #0, error -71
[ 1132.117003][ T5232] usb 8-1: USB disconnect, device number 2
[ 1134.137554][   T29] audit: type=1326 audit(1732712374.111:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18314 comm="syz.5.3084" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb766f80809 code=0x0
[ 1134.207591][T11865] Bluetooth: hci0: command tx timeout
[ 1135.093141][    T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1135.268131][    T9] usb 8-1: Using ep0 maxpacket: 32
[ 1135.292786][    T9] usb 8-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[ 1135.333158][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1135.351550][    T9] usb 8-1: Product: syz
[ 1135.359007][    T9] usb 8-1: Manufacturer: syz
[ 1135.397413][    T9] usb 8-1: SerialNumber: syz
[ 1135.416394][    T9] usb 8-1: config 0 descriptor??
[ 1135.463981][    T9] usb 8-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1135.658843][    T9] usb 8-1: USB disconnect, device number 3
[ 1135.668839][T16314] usb 8-1: Failed to submit usb control message: -71
[ 1135.683818][T16314] usb 8-1: unable to send the bmi data to the device: -71
[ 1135.701450][T16314] usb 8-1: unable to get target info from device
[ 1135.711596][T16314] usb 8-1: could not get target info (-71)
[ 1135.728395][T16314] usb 8-1: could not probe fw (-71)
[ 1136.002157][ T1107] team0 (unregistering): Port device team_slave_1 removed
[ 1136.091916][ T1107] team0 (unregistering): Port device team_slave_0 removed
[ 1136.263659][T11865] Bluetooth: hci0: command tx timeout
[ 1137.164834][ T5232] usb 2-1: USB disconnect, device number 93
[ 1137.238213][T18303] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3082'.
[ 1137.250830][T18303] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3082'.
[ 1137.289731][T18338] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3087'.
[ 1137.310040][T18338] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3087'.
[ 1137.333449][T18278] chnl_net:caif_netlink_parms(): no params data found
[ 1137.512015][T18344] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1137.784673][T18278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1137.797829][T18278] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1137.839101][T18278] bridge_slave_0: entered allmulticast mode
[ 1137.872888][T18278] bridge_slave_0: entered promiscuous mode
[ 1137.890167][T18278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1137.905873][T10466] usb 6-1: new high-speed USB device number 74 using dummy_hcd
[ 1137.931099][T18278] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1137.945867][T18278] bridge_slave_1: entered allmulticast mode
[ 1137.954254][T18278] bridge_slave_1: entered promiscuous mode
[ 1138.083450][T10466] usb 6-1: Using ep0 maxpacket: 32
[ 1138.091473][T10466] usb 6-1: config 0 has an invalid interface number: 132 but max is 0
[ 1138.118069][T10466] usb 6-1: config 0 has no interface number 0
[ 1138.136418][T10466] usb 6-1: config 0 interface 132 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1138.145437][T18278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1138.162327][T18278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1138.222164][T10466] usb 6-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 1138.231702][T10466] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1138.250737][T10466] usb 6-1: Product: syz
[ 1138.262710][T10466] usb 6-1: Manufacturer: syz
[ 1138.275876][T10466] usb 6-1: SerialNumber: syz
[ 1138.329015][T10466] usb 6-1: config 0 descriptor??
[ 1138.452801][T18364] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3094'.
[ 1138.463948][T11865] Bluetooth: hci0: command tx timeout
[ 1138.648610][T18278] team0: Port device team_slave_0 added
[ 1139.044625][T18344] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1139.105634][T18278] team0: Port device team_slave_1 added
[ 1139.118054][T10466] em28xx 6-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 1139.138681][T10466] em28xx 6-1:0.132: Video interface 132 found: bulk
[ 1139.226674][T18364] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1139.236376][T18364] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1139.245289][T18364] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1139.252929][T18364] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1139.584789][T18278] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1139.591793][T18278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1139.714129][T18278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1139.832771][   T29] audit: type=1804 audit(1732712379.761:512): pid=18370 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.6.3095" name="/newroot/550/file0" dev="fuse" ino=1 res=1 errno=0
[ 1140.113131][ T5962] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1140.137315][T10466] em28xx 6-1:0.132: unknown em28xx chip ID (0)
[ 1140.170600][T18278] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1140.219444][T18278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1140.245459][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1140.280255][T18278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1140.384019][T18373] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3098'.
[ 1140.393209][T18373] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3098'.
[ 1140.425345][ T5962] usb 8-1: Using ep0 maxpacket: 8
[ 1140.435188][ T5962] usb 8-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1140.453067][ T5962] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1140.454458][T18278] hsr_slave_0: entered promiscuous mode
[ 1140.518288][ T5962] usb 8-1: Product: syz
[ 1140.536604][T18278] hsr_slave_1: entered promiscuous mode
[ 1140.548710][T18278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1140.556867][T18278] Cannot create hsr debugfs directory
[ 1141.131647][ T5962] usb 8-1: Manufacturer: syz
[ 1141.136485][ T5962] usb 8-1: SerialNumber: syz
[ 1141.142487][T10466] em28xx 6-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=0)
[ 1141.155239][T10466] em28xx 6-1:0.132: board has no eeprom
[ 1141.162447][ T5962] usb 8-1: config 0 descriptor??
[ 1141.171343][ T5962] gspca_main: se401-2.14.0 probing 047d:5003
[ 1141.443095][T10466] em28xx 6-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 1141.453254][T10466] em28xx 6-1:0.132: analog set to bulk mode.
[ 1141.461491][ T5893] em28xx 6-1:0.132: Registering V4L2 extension
[ 1141.488586][T10466] usb 6-1: USB disconnect, device number 74
[ 1141.514753][T10466] em28xx 6-1:0.132: Disconnecting em28xx
[ 1141.593275][ T5232] usb 7-1: new high-speed USB device number 82 using dummy_hcd
[ 1141.661659][ T5893] em28xx 6-1:0.132: Config register raw data: 0xffffffed
[ 1141.682662][ T5893] em28xx 6-1:0.132: AC97 chip type couldn't be determined
[ 1141.703553][ T5893] em28xx 6-1:0.132: No AC97 audio processor
[ 1141.742258][ T5893] usb 6-1: Decoder not found
[ 1141.747260][ T5893] em28xx 6-1:0.132: failed to create media graph
[ 1141.753633][ T5232] usb 7-1: Using ep0 maxpacket: 8
[ 1141.759148][ T5232] usb 7-1: config 150 has an invalid interface number: 204 but max is 1
[ 1141.767799][ T5893] em28xx 6-1:0.132: V4L2 device video103 deregistered
[ 1141.776558][ T5962] input: se401 as /devices/platform/dummy_hcd.7/usb8/8-1/input/input43
[ 1141.785577][ T5232] usb 7-1: config 150 has an invalid descriptor of length 248, skipping remainder of the config
[ 1141.823048][ T5232] usb 7-1: config 150 has 1 interface, different from the descriptor's value: 2
[ 1141.860532][ T5232] usb 7-1: config 150 has no interface number 0
[ 1141.903575][ T5232] usb 7-1: config 150 interface 204 has no altsetting 0
[ 1141.925474][ T5232] usb 7-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[ 1141.953581][ T5232] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1141.987872][ T5962] videodev: could not get a free minor
[ 1141.993921][ T5962] gspca_main: video_register_device err -23
[ 1142.001889][ T5893] em28xx 6-1:0.132: Remote control support is not available for this card.
[ 1142.010705][T10466] em28xx 6-1:0.132: Closing input extension
[ 1142.027588][ T5232] usb 7-1: Product: syz
[ 1142.032238][ T5232] usb 7-1: Manufacturer: syz
[ 1142.037103][ T5232] usb 7-1: SerialNumber: syz
[ 1142.054188][T10466] em28xx 6-1:0.132: Freeing device
[ 1142.083375][T18278] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1142.104907][ T5962] se401 8-1:0.0: probe with driver se401 failed with error -23
[ 1142.146339][T18278] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1142.216043][T18278] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1142.365979][T18278] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1142.464526][T18278] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1142.485625][T18278] 8021q: adding VLAN 0 to HW filter on device team0
[ 1142.501563][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1142.508725][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1142.518771][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1142.525929][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1142.825893][T18278] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1142.939077][T18278] veth0_vlan: entered promiscuous mode
[ 1143.023386][T18278] veth1_vlan: entered promiscuous mode
[ 1143.056265][T18278] veth0_macvtap: entered promiscuous mode
[ 1143.075870][T18278] veth1_macvtap: entered promiscuous mode
[ 1143.099623][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.110591][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.121358][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.132314][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.143078][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.163968][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.174289][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.189810][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.212841][T18278] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1143.239749][T18414] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode
[ 1143.269344][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.288877][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.310108][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.332446][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.352853][T18278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.365867][T18278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.386855][T18278] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1143.445149][T18278] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.465941][T18278] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.491044][T18278] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.519757][T18278] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.538136][T11095] usb 8-1: USB disconnect, device number 4
[ 1144.564242][T18424] FAULT_INJECTION: forcing a failure.
[ 1144.564242][T18424] name failslab, interval 1, probability 0, space 0, times 0
[ 1144.611725][ T5893] usb 7-1: USB disconnect, device number 82
[ 1144.659704][T18424] CPU: 0 UID: 0 PID: 18424 Comm: syz.1.3110 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1144.670172][T18424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1144.680253][T18424] Call Trace:
[ 1144.683642][T18424]  <TASK>
[ 1144.686594][T18424]  dump_stack_lvl+0x241/0x360
[ 1144.691307][T18424]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1144.696545][T18424]  ? __pfx__printk+0x10/0x10
[ 1144.701446][T18424]  ? fs_reclaim_acquire+0x93/0x130
[ 1144.706594][T18424]  ? __pfx___might_resched+0x10/0x10
[ 1144.711904][T18424]  should_fail_ex+0x3b0/0x4e0
[ 1144.716600][T18424]  should_failslab+0xac/0x100
[ 1144.721327][T18424]  __kmalloc_noprof+0xdd/0x4c0
[ 1144.726124][T18424]  ? tomoyo_encode+0x26f/0x540
[ 1144.730920][T18424]  tomoyo_encode+0x26f/0x540
[ 1144.735549][T18424]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1144.741224][T18424]  tomoyo_path_number_perm+0x236/0x860
[ 1144.746710][T18424]  ? __lock_acquire+0x1397/0x2100
[ 1144.751771][T18424]  ? tomoyo_path_number_perm+0x206/0x860
[ 1144.757422][T18424]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1144.763452][T18424]  ? __fget_files+0x2a/0x410
[ 1144.768074][T18424]  ? __fget_files+0x2a/0x410
[ 1144.772699][T18424]  security_file_ioctl+0xc6/0x2a0
[ 1144.777760][T18424]  __se_sys_ioctl+0x46/0x170
[ 1144.782369][T18424]  do_syscall_64+0xf3/0x230
[ 1144.786871][T18424]  ? clear_bhb_loop+0x35/0x90
[ 1144.791559][T18424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1144.797486][T18424] RIP: 0033:0x7ff7d2380809
[ 1144.801894][T18424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1144.821779][T18424] RSP: 002b:00007ff7d320b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1144.830217][T18424] RAX: ffffffffffffffda RBX: 00007ff7d2545fa0 RCX: 00007ff7d2380809
[ 1144.838195][T18424] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[ 1144.846164][T18424] RBP: 00007ff7d320b0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1144.854130][T18424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1144.862361][T18424] R13: 0000000000000000 R14: 00007ff7d2545fa0 R15: 00007ffd8f9ca048
[ 1144.870363][T18424]  </TASK>
[ 1144.878078][T18424] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1144.885165][T18424] input input44: cannot allocate more than FF_MAX_EFFECTS effects
[ 1144.959103][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1144.987707][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1145.013259][ T5891] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1145.016532][T18432] FAULT_INJECTION: forcing a failure.
[ 1145.016532][T18432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1145.035852][T18432] CPU: 0 UID: 0 PID: 18432 Comm: syz.1.3114 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1145.037792][ T6037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1145.046288][T18432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1145.046304][T18432] Call Trace:
[ 1145.046313][T18432]  <TASK>
[ 1145.046327][T18432]  dump_stack_lvl+0x241/0x360
[ 1145.046359][T18432]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1145.046381][T18432]  ? __pfx__printk+0x10/0x10
[ 1145.046405][T18432]  ? __pfx_lock_release+0x10/0x10
[ 1145.046427][T18432]  ? validate_chain+0x11e/0x5920
[ 1145.046453][T18432]  should_fail_ex+0x3b0/0x4e0
[ 1145.046481][T18432]  _copy_from_user+0x2f/0xc0
[ 1145.058883][ T6037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1145.064510][T18432]  do_sys_poll+0x248/0x15d0
[ 1145.064540][T18432]  ? __pfx_validate_chain+0x10/0x10
[ 1145.064578][T18432]  ? _parse_integer_limit+0x1b5/0x200
[ 1145.064606][T18432]  ? __pfx_do_sys_poll+0x10/0x10
[ 1145.093959][ T5893] usb 7-1: new full-speed USB device number 83 using dummy_hcd
[ 1145.095827][T18432]  ? mark_lock+0x9a/0x360
[ 1145.145168][T18432]  ? __lock_acquire+0x1397/0x2100
[ 1145.150669][T18432]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1145.156999][T18432]  ? ktime_get_ts64+0x9f/0x430
[ 1145.161761][T18432]  ? seqcount_lockdep_reader_access+0x157/0x220
[ 1145.168108][T18432]  ? __pfx_timespec64_add_safe+0x10/0x10
[ 1145.173745][T18432]  ? __fget_files+0x2a/0x410
[ 1145.178353][T18432]  __se_sys_poll+0x1c5/0x400
[ 1145.182946][T18432]  ? __pfx___se_sys_poll+0x10/0x10
[ 1145.188078][T18432]  do_syscall_64+0xf3/0x230
[ 1145.192577][T18432]  ? clear_bhb_loop+0x35/0x90
[ 1145.197253][T18432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.203231][T18432] RIP: 0033:0x7ff7d2380809
[ 1145.207639][T18432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1145.227244][T18432] RSP: 002b:00007ff7d320b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[ 1145.235655][T18432] RAX: ffffffffffffffda RBX: 00007ff7d2545fa0 RCX: 00007ff7d2380809
[ 1145.243647][T18432] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 00000000200000c0
[ 1145.251821][T18432] RBP: 00007ff7d320b0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.259802][T18432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1145.267861][T18432] R13: 0000000000000000 R14: 00007ff7d2545fa0 R15: 00007ffd8f9ca048
[ 1145.275841][T18432]  </TASK>
[ 1145.296830][T18434] netlink: 'syz.5.3113': attribute type 2 has an invalid length.
[ 1145.328684][T18434] fþ: entered promiscuous mode
[ 1145.364475][ T5891] usb 8-1: Using ep0 maxpacket: 16
[ 1145.371949][ T5893] usb 7-1: not running at top speed; connect to a high speed hub
[ 1145.383874][ T5893] usb 7-1: config 8 has an invalid interface number: 129 but max is 2
[ 1145.396820][ T5891] usb 8-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice=80.f2
[ 1145.420253][ T5891] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1145.433411][ T5893] usb 7-1: config 8 has an invalid interface number: 5 but max is 2
[ 1145.452183][ T5891] usb 8-1: Product: syz
[ 1145.456491][ T5893] usb 7-1: config 8 has an invalid interface number: 204 but max is 2
[ 1145.467689][ T5891] usb 8-1: Manufacturer: syz
[ 1145.472343][ T5891] usb 8-1: SerialNumber: syz
[ 1145.487560][ T5893] usb 7-1: config 8 has an invalid interface number: 150 but max is 2
[ 1145.519421][ T5891] usb 8-1: config 0 descriptor??
[ 1145.528933][ T5893] usb 7-1: config 8 has 4 interfaces, different from the descriptor's value: 3
[ 1145.546162][ T5891] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[ 1145.563130][ T5893] usb 7-1: config 8 has no interface number 0
[ 1145.584171][ T5893] usb 7-1: config 8 has no interface number 1
[ 1145.592007][ T5891] snd-usb-audio 8-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1145.621306][ T5893] usb 7-1: config 8 has no interface number 2
[ 1145.633414][ T5893] usb 7-1: config 8 has no interface number 3
[ 1145.649802][ T5893] usb 7-1: config 8 interface 129 altsetting 0 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[ 1145.672234][ T5893] usb 7-1: config 8 interface 129 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1145.708534][ T5893] usb 7-1: config 8 interface 129 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1145.711964][T18129] udevd[18129]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1145.730028][ T5893] usb 7-1: config 8 interface 129 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[ 1145.780614][T11095] usb 8-1: USB disconnect, device number 5
[ 1145.936747][ T5893] usb 7-1: config 8 interface 5 altsetting 5 has a duplicate endpoint with address 0x7, skipping
[ 1145.948040][ T5893] usb 7-1: config 8 interface 204 altsetting 1 endpoint 0xF has an invalid bInterval 111, changing to 4
[ 1145.959666][ T5893] usb 7-1: config 8 interface 204 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1145.971367][ T5893] usb 7-1: config 8 interface 204 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[ 1145.982421][ T5893] usb 7-1: config 8 interface 204 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1145.993391][ T5893] usb 7-1: config 8 interface 204 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1146.004515][ T5893] usb 7-1: config 8 interface 204 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[ 1146.032856][ T5893] usb 7-1: config 8 interface 204 altsetting 1 has 9 endpoint descriptors, different from the interface descriptor's value: 11
[ 1146.078151][T18449] netlink: 'syz.1.3118': attribute type 3 has an invalid length.
[ 1146.111606][ T5893] usb 7-1: too many endpoints for config 8 interface 150 altsetting 214: 188, using maximum allowed: 30
[ 1146.171552][ T5893] usb 7-1: config 8 interface 150 altsetting 214 endpoint 0x9 has invalid maxpacket 104, setting to 64
[ 1146.253747][ T5893] usb 7-1: config 8 interface 150 altsetting 214 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[ 1146.446359][ T5893] usb 7-1: config 8 interface 150 altsetting 214 has 3 endpoint descriptors, different from the interface descriptor's value: 188
[ 1146.663021][ T5893] usb 7-1: config 8 interface 5 has no altsetting 0
[ 1146.669692][ T5893] usb 7-1: config 8 interface 204 has no altsetting 0
[ 1146.744916][ T5893] usb 7-1: config 8 interface 150 has no altsetting 0
[ 1146.852803][ T5893] usb 7-1: New USB device found, idVendor=129b, idProduct=160c, bcdDevice=c2.da
[ 1146.862451][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1146.882832][ T5893] usb 7-1: Product: syz
[ 1146.901821][ T5893] usb 7-1: Manufacturer: syz
[ 1146.933893][ T5893] usb 7-1: SerialNumber: syz
[ 1147.200380][ T5893] usb 7-1: Could not find all expected endpoints
[ 1147.227649][ T5893] usb 7-1: Could not find all expected endpoints
[ 1147.250861][ T5893] usb 7-1: Could not find all expected endpoints
[ 1147.269887][ T5893] usb 7-1: Could not find all expected endpoints
[ 1147.381387][   T29] audit: type=1326 audit(1732712387.361:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18460 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1147.429628][ T5893] usb 7-1: USB disconnect, device number 83
[ 1147.463258][   T29] audit: type=1326 audit(1732712387.361:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18460 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1148.333976][T18476] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3129'.
[ 1148.342948][T18476] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3129'.
[ 1148.352699][T18476] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3129'.
[ 1148.483196][    T9] usb 2-1: new full-speed USB device number 94 using dummy_hcd
[ 1148.501511][T18479] netlink: 'syz.7.3130': attribute type 1 has an invalid length.
[ 1148.651909][    T9] usb 2-1: not running at top speed; connect to a high speed hub
[ 1148.671603][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1148.693895][    T9] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1148.766135][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1148.800597][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1148.837491][    T9] usb 2-1: Product: й
[ 1148.851941][    T9] usb 2-1: Manufacturer: ã°�
[ 1148.875367][T18486] FAULT_INJECTION: forcing a failure.
[ 1148.875367][T18486] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.888851][    T9] usb 2-1: SerialNumber: ᖋ䪳噅ꗳ醵࢔눠欃㎹⻠ꀻ衵렼�富�Ọ뚿७韧㹓楂俩栮魼廋�⮰飊鳾뽇⨲鎹맀䚂ⱹ�훜㨯䟇ᴠ據饳쬢掷뮢漸�밙ﷹꊭ䩋䗯㰱�܊ܛ㼰螨玓列�ꉯﱙ�㴃ി鸜뻭⇌腈蹔홗�ʹꂊ褄஧䂟飯䬲�닑⋛쎮陉٠�좈䖄日沜윬滷옒탵䈨�딄
[ 1148.953222][T18486] CPU: 0 UID: 0 PID: 18486 Comm: syz.7.3133 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1148.963708][T18486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1148.973787][T18486] Call Trace:
[ 1148.977085][T18486]  <TASK>
[ 1148.980114][T18486]  dump_stack_lvl+0x241/0x360
[ 1148.984830][T18486]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1148.990053][T18486]  ? __pfx__printk+0x10/0x10
[ 1148.994668][T18486]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[ 1149.001881][T18486]  ? __pfx___might_resched+0x10/0x10
[ 1149.007210][T18486]  should_fail_ex+0x3b0/0x4e0
[ 1149.011932][T18486]  should_failslab+0xac/0x100
[ 1149.016639][T18486]  kmem_cache_alloc_node_noprof+0x77/0x380
[ 1149.022485][T18486]  ? __alloc_skb+0x1c3/0x440
[ 1149.027655][T18486]  __alloc_skb+0x1c3/0x440
[ 1149.032112][T18486]  ? __pfx___alloc_skb+0x10/0x10
[ 1149.037084][T18486]  ? netlink_autobind+0xd6/0x2f0
[ 1149.042083][T18486]  ? netlink_autobind+0x2b0/0x2f0
[ 1149.047138][T18486]  netlink_sendmsg+0x638/0xcb0
[ 1149.051945][T18486]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1149.057372][T18486]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1149.062684][T18486]  __sock_sendmsg+0x221/0x270
[ 1149.067423][T18486]  ____sys_sendmsg+0x52a/0x7e0
[ 1149.072327][T18486]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1149.077640][T18486]  ? __fget_files+0x2a/0x410
[ 1149.082267][T18486]  ? __fget_files+0x2a/0x410
[ 1149.087082][T18486]  __sys_sendmsg+0x269/0x350
[ 1149.091711][T18486]  ? __pfx_lock_release+0x10/0x10
[ 1149.096773][T18486]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1149.101935][T18486]  ? __pfx_vfs_write+0x10/0x10
[ 1149.106834][T18486]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1149.113202][T18486]  ? do_syscall_64+0x100/0x230
[ 1149.118072][T18486]  ? do_syscall_64+0xb6/0x230
[ 1149.122782][T18486]  do_syscall_64+0xf3/0x230
[ 1149.127500][T18486]  ? clear_bhb_loop+0x35/0x90
[ 1149.132217][T18486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1149.138154][T18486] RIP: 0033:0x7f84e7f80809
[ 1149.142952][T18486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1149.162708][T18486] RSP: 002b:00007f84e8cc4058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1149.171165][T18486] RAX: ffffffffffffffda RBX: 00007f84e8145fa0 RCX: 00007f84e7f80809
[ 1149.179173][T18486] RDX: 0000000000000080 RSI: 0000000020000040 RDI: 0000000000000003
[ 1149.187270][T18486] RBP: 00007f84e8cc40a0 R08: 0000000000000000 R09: 0000000000000000
[ 1149.195270][T18486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1149.203364][T18486] R13: 0000000000000000 R14: 00007f84e8145fa0 R15: 00007ffdfba89508
[ 1149.211382][T18486]  </TASK>
[ 1149.289723][T18488] netlink: 'syz.6.3132': attribute type 3 has an invalid length.
[ 1149.896721][T18474] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1150.993600][T11865] Bluetooth: hci6: unexpected event for opcode 0x041c
[ 1150.995162][   T29] audit: type=1326 audit(1732712390.341:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18491 comm="syz.6.3135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fb3380809 code=0x7ffc0000
[ 1151.026278][   T29] audit: type=1326 audit(1732712390.341:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18491 comm="syz.6.3135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fb3380809 code=0x7ffc0000
[ 1152.651059][   T29] audit: type=1800 audit(1732712392.631:517): pid=18499 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.6.3136" name="file1" dev="overlay" ino=3157 res=0 errno=0
[ 1152.671644][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1153.821984][    T9] cdc_ncm 2-1:1.0: bind() failure
[ 1153.830777][    T9] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1153.869035][T18508] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3139'.
[ 1153.912672][    T9] cdc_ncm 2-1:1.1: bind() failure
[ 1153.993356][    T9] usb 2-1: USB disconnect, device number 94
[ 1154.319834][T16314] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1154.958604][T16314] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1155.106489][T16314] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1155.204909][T16314] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1155.351202][T16314] bridge_slave_1: left allmulticast mode
[ 1155.357667][T16314] bridge_slave_1: left promiscuous mode
[ 1155.363684][T16314] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.375096][T16314] bridge_slave_0: left allmulticast mode
[ 1155.380804][T16314] bridge_slave_0: left promiscuous mode
[ 1155.387508][T16314] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1155.984919][T16314] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1156.002215][T16314] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1156.014273][T16314] bond0 (unregistering): Released all slaves
[ 1156.343925][T16314] hsr_slave_0: left promiscuous mode
[ 1156.350031][T16314] hsr_slave_1: left promiscuous mode
[ 1156.364514][T16314] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1156.372105][T16314] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1156.384345][T16314] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1156.391783][T16314] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1156.419727][T16314] veth1_macvtap: left promiscuous mode
[ 1156.425522][T16314] veth0_macvtap: left promiscuous mode
[ 1156.431119][T16314] veth1_vlan: left promiscuous mode
[ 1156.436523][T16314] veth0_vlan: left promiscuous mode
[ 1157.616582][T18526] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3142'.
[ 1158.513415][T11865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1158.645001][T11865] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1159.223530][   T29] audit: type=1326 audit(1732712398.591:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18534 comm="syz.5.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb766f80809 code=0x7ffc0000
[ 1159.300604][T11865] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1159.304698][   T29] audit: type=1326 audit(1732712398.591:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18534 comm="syz.5.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb766f80809 code=0x7ffc0000
[ 1159.490314][T11865] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1159.726144][T11865] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1159.745871][T11865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1161.253888][T18555] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[ 1161.782489][T18567] netlink: 'syz.1.3152': attribute type 3 has an invalid length.
[ 1161.866761][ T5859] Bluetooth: hci0: command tx timeout
[ 1163.744343][T16314] team0 (unregistering): Port device team_slave_1 removed
[ 1163.846138][T16314] team0 (unregistering): Port device team_slave_0 removed
[ 1164.575752][T16781] Bluetooth: hci0: command tx timeout
[ 1164.998721][T18582] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3157'.
[ 1165.170047][T18585] tipc: Started in network mode
[ 1165.175663][T18585] tipc: Node identity 101, cluster identity 4711
[ 1165.182033][T18585] tipc: Node number set to 257
[ 1165.188165][T18585] tipc: Cannot configure node identity twice
[ 1165.207747][T18532] chnl_net:caif_netlink_parms(): no params data found
[ 1165.210350][T18589] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3159'.
[ 1165.565113][T18532] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1165.585147][T18532] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1165.592475][T18532] bridge_slave_0: entered allmulticast mode
[ 1165.621773][T18532] bridge_slave_0: entered promiscuous mode
[ 1165.645839][T18532] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1165.683616][T18532] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1165.907187][T16781] Bluetooth: hci6: unexpected event for opcode 0x041c
[ 1165.926191][T18532] bridge_slave_1: entered allmulticast mode
[ 1166.012716][T18615] netlink: 'syz.5.3164': attribute type 3 has an invalid length.
[ 1166.381044][T18532] bridge_slave_1: entered promiscuous mode
[ 1166.654644][T16781] Bluetooth: hci0: command tx timeout
[ 1166.657892][T18532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1166.856155][T18532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1167.086887][T18532] team0: Port device team_slave_0 added
[ 1167.239706][T18532] team0: Port device team_slave_1 added
[ 1167.364557][T18532] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1167.381575][T18532] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.407637][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1167.451727][T18532] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1167.652731][T18532] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1167.691032][T18532] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.753499][T18532] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1167.926711][T18532] hsr_slave_0: entered promiscuous mode
[ 1167.963537][T18532] hsr_slave_1: entered promiscuous mode
[ 1167.976568][T18532] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1167.996237][T18532] Cannot create hsr debugfs directory
[ 1168.263673][T10466] usb 7-1: new high-speed USB device number 84 using dummy_hcd
[ 1168.433459][T10466] usb 7-1: Using ep0 maxpacket: 8
[ 1168.439608][T10466] usb 7-1: no configurations
[ 1168.459113][T10466] usb 7-1: can't read configurations, error -22
[ 1168.703858][T10466] usb 7-1: new high-speed USB device number 85 using dummy_hcd
[ 1168.746314][T16781] Bluetooth: hci0: command tx timeout
[ 1169.157519][T18640] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3171'.
[ 1169.188187][T18641] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3171'.
[ 1169.197748][T10466] usb 7-1: Using ep0 maxpacket: 8
[ 1169.204325][T10466] usb 7-1: no configurations
[ 1169.209060][T10466] usb 7-1: can't read configurations, error -22
[ 1169.217777][T10466] usb usb7-port1: attempt power cycle
[ 1169.367935][T18532] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1169.457028][T18532] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1169.464373][ T5962] usb 6-1: new high-speed USB device number 75 using dummy_hcd
[ 1169.478903][T18532] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1169.496895][T18532] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1170.223220][T10466] usb 7-1: new high-speed USB device number 86 using dummy_hcd
[ 1170.251951][ T5962] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1170.266451][ T5962] usb 6-1: config 0 has no interface number 0
[ 1170.300206][T10466] usb 7-1: Using ep0 maxpacket: 8
[ 1170.320374][ T5962] usb 6-1: config 0 interface 1 has no altsetting 0
[ 1170.335696][T10466] usb 7-1: no configurations
[ 1170.340353][T10466] usb 7-1: can't read configurations, error -22
[ 1170.359310][ T5962] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1170.370318][ T5962] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1170.390172][ T5962] usb 6-1: config 0 descriptor??
[ 1170.435089][T18532] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1170.466524][T18532] 8021q: adding VLAN 0 to HW filter on device team0
[ 1170.618869][T14340] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1170.626312][T14340] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1170.674318][T14340] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1170.681897][T14340] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1170.722358][T10466] usb 7-1: new high-speed USB device number 87 using dummy_hcd
[ 1170.749278][T10466] usb 7-1: Using ep0 maxpacket: 8
[ 1170.764393][T10466] usb 7-1: no configurations
[ 1170.769106][T10466] usb 7-1: can't read configurations, error -22
[ 1170.776886][T10466] usb usb7-port1: unable to enumerate USB device
[ 1170.838856][T18656] netlink: 'syz.1.3175': attribute type 3 has an invalid length.
[ 1171.389425][T18532] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1171.420490][T18532] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1172.225848][ T5962] usb 6-1: string descriptor 0 read error: -71
[ 1172.235317][ T5962] usb 6-1: selecting invalid altsetting 1
[ 1172.242951][ T5962] dvb_ttusb_budget: ttusb_init_controller: error
[ 1172.249749][ T5962] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1172.513674][T10466] usb 7-1: new high-speed USB device number 88 using dummy_hcd
[ 1172.563445][T18532] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1172.586239][ T5962] DVB: Unable to find symbol cx22700_attach()
[ 1172.662282][ T5962] DVB: Unable to find symbol tda10046_attach()
[ 1172.672304][T10466] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1172.684633][ T5962] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1172.699515][T18532] veth0_vlan: entered promiscuous mode
[ 1172.733997][T10466] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1172.750555][T18532] veth1_vlan: entered promiscuous mode
[ 1172.758646][ T5962] usb 6-1: USB disconnect, device number 75
[ 1172.767246][T10466] usb 7-1: config 0 descriptor??
[ 1172.767379][T18684] FAULT_INJECTION: forcing a failure.
[ 1172.767379][T18684] name failslab, interval 1, probability 0, space 0, times 0
[ 1172.804150][T18684] CPU: 0 UID: 0 PID: 18684 Comm: syz.1.3182 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1172.814631][T18684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1172.824718][T18684] Call Trace:
[ 1172.828027][T18684]  <TASK>
[ 1172.830994][T18684]  dump_stack_lvl+0x241/0x360
[ 1172.835705][T18684]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1172.840935][T18684]  ? __pfx__printk+0x10/0x10
[ 1172.845659][T18684]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[ 1172.851565][T18684]  ? __pfx___might_resched+0x10/0x10
[ 1172.856868][T18684]  should_fail_ex+0x3b0/0x4e0
[ 1172.861562][T18684]  should_failslab+0xac/0x100
[ 1172.866241][T18684]  ? __d_alloc+0x31/0x700
[ 1172.870599][T18684]  kmem_cache_alloc_lru_noprof+0x75/0x390
[ 1172.876336][T18684]  __d_alloc+0x31/0x700
[ 1172.880508][T18684]  d_alloc_pseudo+0x1f/0xb0
[ 1172.885015][T18684]  alloc_file_pseudo+0x123/0x290
[ 1172.889975][T18684]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1172.895453][T18684]  ? security_inode_alloc+0xd2/0x310
[ 1172.900952][T18684]  sock_alloc_file+0xb8/0x280
[ 1172.905729][T18684]  do_accept+0x36f/0x6d0
[ 1172.909983][T18684]  ? __pfx_do_accept+0x10/0x10
[ 1172.914765][T18684]  __sys_accept4+0x11f/0x1d0
[ 1172.919360][T18684]  ? __pfx___sys_accept4+0x10/0x10
[ 1172.924471][T18684]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1172.931007][T18684]  ? do_syscall_64+0x100/0x230
[ 1172.935811][T18684]  __x64_sys_accept4+0x9a/0xb0
[ 1172.940713][T18684]  do_syscall_64+0xf3/0x230
[ 1172.945226][T18684]  ? clear_bhb_loop+0x35/0x90
[ 1172.949908][T18684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.955805][T18684] RIP: 0033:0x7ff7d2380809
[ 1172.960219][T18684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1172.979836][T18684] RSP: 002b:00007ff7d320b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1172.988351][T18684] RAX: ffffffffffffffda RBX: 00007ff7d2545fa0 RCX: 00007ff7d2380809
[ 1172.996332][T18684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1173.004307][T18684] RBP: 00007ff7d320b0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1173.012365][T18684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1173.020429][T18684] R13: 0000000000000000 R14: 00007ff7d2545fa0 R15: 00007ffd8f9ca048
[ 1173.028430][T18684]  </TASK>
[ 1173.039672][T18532] veth0_macvtap: entered promiscuous mode
[ 1173.051495][T18532] veth1_macvtap: entered promiscuous mode
[ 1173.107027][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1173.135417][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.163154][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1173.173992][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.184066][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1173.195865][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.206034][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1173.217256][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.228459][T18532] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1173.239090][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1173.250346][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.273489][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1173.318916][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.515855][T18668] sctp: [Deprecated]: syz.6.3179 (pid 18668) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1173.515855][T18668] Use struct sctp_sack_info instead
[ 1173.539725][T10466] usb 7-1: Cannot set MAC address
[ 1173.545418][T10466] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1173.583269][T18532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1173.594389][T18532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1173.626192][T18532] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1174.020874][T18532] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.243531][T18532] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.286028][T18532] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.329368][T18532] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.361063][T10466] usb 7-1: USB disconnect, device number 88
[ 1174.368965][ T5962] usb 6-1: new high-speed USB device number 76 using dummy_hcd
[ 1174.440221][T18698] syz.6.3184 uses old SIOCAX25GETINFO
[ 1174.577337][    T9] hid-generic 0083:0000:0000.003A: unknown main item tag 0x0
[ 1174.605267][ T5962] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1174.672797][ T5962] usb 6-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00
[ 1174.680988][    T9] hid-generic 0083:0000:0000.003A: hidraw0: <UNKNOWN> HID vffffff.ff Device [syz0] on syz1
[ 1174.774578][ T5962] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1174.989250][ T5962] usb 6-1: config 0 descriptor??
[ 1175.024553][ T5962] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1175.298037][T18701] ax25_connect(): syz.1.3185 uses autobind, please contact jreuter@yaina.de
[ 1175.400682][ T6037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1175.440898][ T6037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1175.721997][T18704] ax25_connect(): syz.6.3186 uses autobind, please contact jreuter@yaina.de
[ 1175.732464][T18704] FAULT_INJECTION: forcing a failure.
[ 1175.732464][T18704] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.746282][T18704] CPU: 1 UID: 0 PID: 18704 Comm: syz.6.3186 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1175.756728][T18704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1175.766958][T18704] Call Trace:
[ 1175.770234][T18704]  <TASK>
[ 1175.773175][T18704]  dump_stack_lvl+0x241/0x360
[ 1175.778207][T18704]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1175.783403][T18704]  ? __pfx__printk+0x10/0x10
[ 1175.787992][T18704]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[ 1175.793879][T18704]  ? __pfx___might_resched+0x10/0x10
[ 1175.799164][T18704]  should_fail_ex+0x3b0/0x4e0
[ 1175.803875][T18704]  should_failslab+0xac/0x100
[ 1175.808553][T18704]  ? __d_alloc+0x31/0x700
[ 1175.812882][T18704]  kmem_cache_alloc_lru_noprof+0x75/0x390
[ 1175.818604][T18704]  __d_alloc+0x31/0x700
[ 1175.822756][T18704]  ? _raw_spin_unlock+0x28/0x50
[ 1175.827626][T18704]  d_make_root+0x4a/0xe0
[ 1175.831883][T18704]  mqueue_fill_super+0x249/0x340
[ 1175.836823][T18704]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 1175.842274][T18704]  get_tree_nodev+0xb7/0x140
[ 1175.846864][T18704]  vfs_get_tree+0x90/0x2b0
[ 1175.851278][T18704]  fc_mount+0x1b/0xb0
[ 1175.855260][T18704]  mq_init_ns+0x3ce/0x540
[ 1175.859599][T18704]  copy_ipcs+0x30d/0x520
[ 1175.863936][T18704]  create_new_namespaces+0x221/0x7b0
[ 1175.869225][T18704]  ? bpf_lsm_capable+0x9/0x10
[ 1175.873895][T18704]  ? security_capable+0x7e/0x2d0
[ 1175.878925][T18704]  unshare_nsproxy_namespaces+0x124/0x180
[ 1175.884649][T18704]  ksys_unshare+0x57d/0xa70
[ 1175.889150][T18704]  ? __pfx_ksys_unshare+0x10/0x10
[ 1175.894165][T18704]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1175.900512][T18704]  ? do_syscall_64+0x100/0x230
[ 1175.905317][T18704]  __x64_sys_unshare+0x38/0x40
[ 1175.910087][T18704]  do_syscall_64+0xf3/0x230
[ 1175.914705][T18704]  ? clear_bhb_loop+0x35/0x90
[ 1175.919411][T18704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1175.925307][T18704] RIP: 0033:0x7f2fb3380809
[ 1175.929722][T18704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1175.949327][T18704] RSP: 002b:00007f2fb415d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1175.957747][T18704] RAX: ffffffffffffffda RBX: 00007f2fb3546080 RCX: 00007f2fb3380809
[ 1175.965721][T18704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000a000400
[ 1175.973689][T18704] RBP: 00007f2fb415d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1175.981917][T18704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1175.990058][T18704] R13: 0000000000000000 R14: 00007f2fb3546080 R15: 00007fff3547bac8
[ 1175.998215][T18704]  </TASK>
[ 1176.119665][ T6985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1176.128404][ T6985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1176.341787][ T5923] usb 6-1: USB disconnect, device number 76
[ 1176.544928][T18713] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3191'.
[ 1176.844472][ T5923] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1177.324934][ T5923] usb 8-1: Using ep0 maxpacket: 16
[ 1177.361345][T16314] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1177.404457][ T5923] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1177.447804][ T5923] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1177.473092][ T5923] usb 8-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[ 1177.503163][ T5923] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1177.526615][ T5923] usb 8-1: config 0 descriptor??
[ 1177.656081][T16314] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1177.706264][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.712649][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.826138][T18718] netlink: 'syz.1.3188': attribute type 3 has an invalid length.
[ 1177.858262][T16781] Bluetooth: hci6: unexpected event for opcode 0x041c
[ 1177.871756][T16314] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1177.978096][ T5923] corsair 0003:1B1C:1B09.003B: item fetching failed at offset 2/5
[ 1177.993543][ T5923] corsair 0003:1B1C:1B09.003B: parse failed
[ 1178.010073][ T5923] corsair 0003:1B1C:1B09.003B: probe with driver corsair failed with error -22
[ 1178.096696][T16314] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1178.178828][ T5923] usb 8-1: USB disconnect, device number 6
[ 1178.386495][T16314] bridge_slave_1: left allmulticast mode
[ 1178.402608][T16314] bridge_slave_1: left promiscuous mode
[ 1178.419347][T16314] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1178.435243][T16314] bridge_slave_0: left allmulticast mode
[ 1178.443140][T16314] bridge_slave_0: left promiscuous mode
[ 1178.449111][T16314] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1180.311832][    T9] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1180.532016][ T5859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1180.739161][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1180.755094][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1180.766728][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1180.785349][ T5859] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1180.793429][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1180.815419][    T9] usb 8-1: too many configurations: 72, using maximum allowed: 8
[ 1180.970571][    T9] usb 8-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[ 1180.981143][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1181.025206][    T9] usb 8-1: config 0 descriptor??
[ 1181.095479][T10466] hid-generic 0083:0000:0000.003C: unknown main item tag 0x0
[ 1181.103344][T10466] hid-generic 0083:0000:0000.003C: unknown main item tag 0x0
[ 1181.125800][T10466] hid-generic 0083:0000:0000.003C: hidraw0: <UNKNOWN> HID vffffff.ff Device [syz0] on syz1
[ 1181.317992][T18743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1181.343691][T18743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1182.343630][T16314] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1182.368860][T16314] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1182.384982][T16314] bond0 (unregistering): Released all slaves
[ 1182.997715][ T5859] Bluetooth: hci0: command tx timeout
[ 1183.160742][ T5923] usb 8-1: USB disconnect, device number 7
[ 1183.241285][T18728] chnl_net:caif_netlink_parms(): no params data found
[ 1183.753107][    T9] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1183.967361][T16314] hsr_slave_0: left promiscuous mode
[ 1183.974324][T16314] hsr_slave_1: left promiscuous mode
[ 1183.980420][T16314] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1183.989469][T16314] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1183.997997][T16314] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1184.009211][T16314] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1184.039988][T16314] veth1_macvtap: left promiscuous mode
[ 1184.053495][T16314] veth0_macvtap: left promiscuous mode
[ 1184.059129][T16314] veth1_vlan: left promiscuous mode
[ 1184.068162][T16314] veth0_vlan: left promiscuous mode
[ 1185.053076][    T9] usb 8-1: Using ep0 maxpacket: 16
[ 1185.053480][ T5859] Bluetooth: hci0: command tx timeout
[ 1185.061941][    T9] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1185.074901][    T9] usb 8-1: config 2 has an invalid interface number: 22 but max is 0
[ 1185.083257][    T9] usb 8-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1185.093435][    T9] usb 8-1: config 2 has no interface number 0
[ 1185.099555][    T9] usb 8-1: config 2 interface 22 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 24
[ 1185.389866][    T9] usb 8-1: config 2 interface 22 has no altsetting 0
[ 1185.405899][    T9] usb 8-1: New USB device found, idVendor=0451, idProduct=5416, bcdDevice= 1.00
[ 1185.415524][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1185.424465][    T9] usb 8-1: Product: syz
[ 1185.428745][    T9] usb 8-1: Manufacturer: syz
[ 1185.433397][    T9] usb 8-1: SerialNumber: syz
[ 1185.603440][T18785] netlink: 'syz.5.3203': attribute type 3 has an invalid length.
[ 1187.133934][ T5859] Bluetooth: hci0: command tx timeout
[ 1187.572593][T16314] team0 (unregistering): Port device team_slave_1 removed
[ 1187.774365][T16314] team0 (unregistering): Port device team_slave_0 removed
[ 1189.275213][ T5859] Bluetooth: hci0: command tx timeout
[ 1190.199240][    T9] usb-storage 8-1:2.22: USB Mass Storage device detected
[ 1190.235700][T18728] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1190.315064][    T9] usb-storage 8-1:2.22: Quirks match for vid 0451 pid 5416: 2
[ 1190.325284][T18728] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1190.332675][T18728] bridge_slave_0: entered allmulticast mode
[ 1190.339943][T18728] bridge_slave_0: entered promiscuous mode
[ 1190.352835][T18728] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1190.360594][T18728] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1190.367907][T18728] bridge_slave_1: entered allmulticast mode
[ 1190.375188][T18728] bridge_slave_1: entered promiscuous mode
[ 1190.542640][T18728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1190.576904][T18728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1190.604876][    T9] usb 8-1: USB disconnect, device number 8
[ 1190.755296][T18728] team0: Port device team_slave_0 added
[ 1190.784021][T18728] team0: Port device team_slave_1 added
[ 1190.790072][T18823] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3212'.
[ 1191.025403][T18728] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1191.032413][T18728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1191.082922][T18828] 9pnet_fd: Insufficient options for proto=fd
[ 1191.204359][T18728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1191.235389][T18728] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1191.252832][T18728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1191.360193][T18728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1192.312774][T18841] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3218'.
[ 1192.366571][T18844] Unknown options in mask 5
[ 1192.385280][T18847] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3219'.
[ 1192.566848][T18728] hsr_slave_0: entered promiscuous mode
[ 1192.634700][T18728] hsr_slave_1: entered promiscuous mode
[ 1192.658015][T18728] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1192.675983][T18728] Cannot create hsr debugfs directory
[ 1192.828176][ T5859] Bluetooth: hci3: sending frame failed (-49)
[ 1192.830160][T16781] Bluetooth: hci3: Opcode 0x1003 failed: -49
[ 1193.539639][ T5923] usb 6-1: new high-speed USB device number 77 using dummy_hcd
[ 1193.713722][ T5923] usb 6-1: Using ep0 maxpacket: 16
[ 1193.741712][ T5923] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1193.778080][ T5923] usb 6-1: config 127 has an invalid interface number: 116 but max is 0
[ 1193.814400][ T5923] usb 6-1: config 127 has no interface number 0
[ 1193.823146][ T5923] usb 6-1: too many endpoints for config 127 interface 116 altsetting 105: 111, using maximum allowed: 30
[ 1193.848125][ T5923] usb 6-1: config 127 interface 116 altsetting 105 has 0 endpoint descriptors, different from the interface descriptor's value: 111
[ 1193.880271][ T5923] usb 6-1: config 127 interface 116 has no altsetting 0
[ 1193.888958][ T5923] usb 6-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=10.66
[ 1193.900074][ T5923] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1194.172265][ T5923] usb 6-1: string descriptor 0 read error: -71
[ 1194.231992][ T5923] usb_8dev 6-1:127.116 can0: sending command message failed
[ 1194.256451][ T5923] usb_8dev 6-1:127.116 can0: can't get firmware version
[ 1194.748977][ T5923] usb_8dev 6-1:127.116: probe with driver usb_8dev failed with error -22
[ 1194.766613][ T5923] usb 6-1: USB disconnect, device number 77
[ 1195.847028][T18728] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1195.893935][T18728] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1196.075916][T18728] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1196.111110][T18728] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1196.270732][T18728] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1196.315614][T18728] 8021q: adding VLAN 0 to HW filter on device team0
[ 1196.371346][T18728] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1196.381992][T18728] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1196.412477][ T6037] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1196.419669][ T6037] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1196.428882][ T6037] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1196.436060][ T6037] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1196.453291][T11095] usb 6-1: new high-speed USB device number 78 using dummy_hcd
[ 1196.743111][T18900] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1196.882489][    T9] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1196.913800][T11095] usb 6-1: config 0 has an invalid interface number: 128 but max is 0
[ 1197.002245][T11095] usb 6-1: config 0 has no interface number 0
[ 1197.061461][T11095] usb 6-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1197.173316][    T9] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1197.265219][T11095] usb 6-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1197.322336][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1197.466133][T11095] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1197.483822][    T9] usb 8-1: config 0 descriptor??
[ 1197.491535][T11095] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1197.504884][    T9] cp210x 8-1:0.0: cp210x converter detected
[ 1197.528312][T11095] usb 6-1: config 0 descriptor??
[ 1197.587683][T18728] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1197.653656][T18728] veth0_vlan: entered promiscuous mode
[ 1197.668751][T18728] veth1_vlan: entered promiscuous mode
[ 1197.735900][T18728] veth0_macvtap: entered promiscuous mode
[ 1197.766764][T18728] veth1_macvtap: entered promiscuous mode
[ 1197.788634][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1197.799561][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1197.810375][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1197.821310][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1197.831212][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1197.842699][ T5891] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[ 1197.863499][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1197.893545][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1197.929895][    T9] usb 8-1: cp210x converter now attached to ttyUSB0
[ 1197.939891][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1197.961300][T11095] uclogic 0003:256C:006D.003D: interface is invalid, ignoring
[ 1197.981709][T18728] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1198.021516][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1198.053483][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1198.064863][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1198.076579][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1198.087408][T18728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1198.098932][T18728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1198.112029][T18728] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1198.123913][T18890] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3232'.
[ 1198.125442][T18728] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.177120][T18728] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.201366][T18728] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.217738][T18728] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.252058][T11095] usb 8-1: USB disconnect, device number 9
[ 1198.282256][T11095] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1198.296117][    T9] usb 6-1: USB disconnect, device number 78
[ 1198.327029][T11095] cp210x 8-1:0.0: device disconnected
[ 1198.458593][ T6062] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.471896][ T6062] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.667399][T18914] netlink: 'syz.6.3237': attribute type 1 has an invalid length.
[ 1198.691334][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.700315][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1199.485134][T18932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3244'.
[ 1199.519307][T18932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3244'.
[ 1200.278440][ T5891] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[ 1201.134066][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1201.135647][ T5891] usb 8-1: not running at top speed; connect to a high speed hub
[ 1201.159906][ T5891] usb 8-1: config 8 has an invalid interface number: 129 but max is 2
[ 1201.168443][ T5891] usb 8-1: config 8 has an invalid interface number: 5 but max is 2
[ 1201.291892][ T5891] usb 8-1: config 8 has an invalid interface number: 204 but max is 2
[ 1201.301125][ T5891] usb 8-1: config 8 has an invalid interface number: 150 but max is 2
[ 1201.309844][ T5891] usb 8-1: config 8 has 4 interfaces, different from the descriptor's value: 3
[ 1201.320123][ T5891] usb 8-1: config 8 has no interface number 0
[ 1201.326677][ T5891] usb 8-1: config 8 has no interface number 1
[ 1201.332868][ T5891] usb 8-1: config 8 has no interface number 2
[ 1201.339431][ T5891] usb 8-1: config 8 has no interface number 3
[ 1201.346103][ T5891] usb 8-1: config 8 interface 129 altsetting 0 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[ 1201.358055][ T5891] usb 8-1: config 8 interface 129 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1201.369497][ T5891] usb 8-1: config 8 interface 129 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1201.380866][ T5891] usb 8-1: config 8 interface 129 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[ 1201.392077][ T5891] usb 8-1: config 8 interface 5 altsetting 5 has a duplicate endpoint with address 0x7, skipping
[ 1201.403893][ T5891] usb 8-1: config 8 interface 204 altsetting 1 endpoint 0xF has an invalid bInterval 111, changing to 4
[ 1201.415542][ T5891] usb 8-1: config 8 interface 204 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1201.426875][ T5891] usb 8-1: config 8 interface 204 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[ 1201.438117][ T5891] usb 8-1: config 8 interface 204 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1201.449477][ T5891] usb 8-1: config 8 interface 204 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1201.461653][ T5891] usb 8-1: config 8 interface 204 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[ 1201.474260][ T5891] usb 8-1: config 8 interface 204 altsetting 1 has 9 endpoint descriptors, different from the interface descriptor's value: 11
[ 1201.487564][ T5891] usb 8-1: too many endpoints for config 8 interface 150 altsetting 214: 188, using maximum allowed: 30
[ 1201.504612][ T5891] usb 8-1: config 8 interface 150 altsetting 214 endpoint 0x9 has invalid maxpacket 104, setting to 64
[ 1201.516922][ T5891] usb 8-1: config 8 interface 150 altsetting 214 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[ 1201.528770][ T5891] usb 8-1: config 8 interface 150 altsetting 214 has 3 endpoint descriptors, different from the interface descriptor's value: 188
[ 1201.542951][ T5891] usb 8-1: config 8 interface 5 has no altsetting 0
[ 1201.549994][ T5891] usb 8-1: config 8 interface 204 has no altsetting 0
[ 1201.557625][ T5891] usb 8-1: config 8 interface 150 has no altsetting 0
[ 1201.567087][ T5891] usb 8-1: New USB device found, idVendor=129b, idProduct=160c, bcdDevice=c2.da
[ 1201.577215][ T5891] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1201.585947][ T5891] usb 8-1: Product: syz
[ 1201.590133][ T5891] usb 8-1: Manufacturer: syz
[ 1201.595189][ T5891] usb 8-1: SerialNumber: syz
[ 1201.761254][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1201.822324][ T5891] usb 8-1: Could not find all expected endpoints
[ 1201.836602][ T5891] usb 8-1: Could not find all expected endpoints
[ 1201.847863][ T5891] usb 8-1: Could not find all expected endpoints
[ 1201.860560][ T5891] usb 8-1: Could not find all expected endpoints
[ 1201.874855][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1201.901795][ T5891] usb 8-1: USB disconnect, device number 10
[ 1202.001856][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1202.174237][   T35] bridge_slave_1: left allmulticast mode
[ 1202.180063][   T35] bridge_slave_1: left promiscuous mode
[ 1202.194549][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1202.204498][   T35] bridge_slave_0: left allmulticast mode
[ 1202.210190][   T35] bridge_slave_0: left promiscuous mode
[ 1202.216693][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1203.035573][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1203.074024][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1203.133039][   T35] bond0 (unregistering): Released all slaves
[ 1204.625859][T18990] FAULT_INJECTION: forcing a failure.
[ 1204.625859][T18990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1204.639973][T18990] CPU: 0 UID: 0 PID: 18990 Comm: syz.7.3257 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1204.650418][T18990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1204.660499][T18990] Call Trace:
[ 1204.663803][T18990]  <TASK>
[ 1204.666754][T18990]  dump_stack_lvl+0x241/0x360
[ 1204.671551][T18990]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1204.676770][T18990]  ? __pfx__printk+0x10/0x10
[ 1204.681389][T18990]  ? __pfx_lock_release+0x10/0x10
[ 1204.686439][T18990]  should_fail_ex+0x3b0/0x4e0
[ 1204.691145][T18990]  _copy_from_user+0x2f/0xc0
[ 1204.695890][T18990]  sk_setsockopt+0x2d4/0x33b0
[ 1204.700589][T18990]  ? mark_lock+0x9a/0x360
[ 1204.704951][T18990]  ? __pfx_sk_setsockopt+0x10/0x10
[ 1204.710107][T18990]  ? __pfx_lock_acquire+0x10/0x10
[ 1204.715153][T18990]  ? __fget_files+0x2a/0x410
[ 1204.719859][T18990]  do_sock_setsockopt+0x2fb/0x720
[ 1204.724949][T18990]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1204.730549][T18990]  ? __fget_files+0x395/0x410
[ 1204.735342][T18990]  ? __fget_files+0x2a/0x410
[ 1204.739964][T18990]  __x64_sys_setsockopt+0x1ee/0x280
[ 1204.745197][T18990]  do_syscall_64+0xf3/0x230
[ 1204.749726][T18990]  ? clear_bhb_loop+0x35/0x90
[ 1204.754437][T18990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.760626][T18990] RIP: 0033:0x7f84e7f80809
[ 1204.765070][T18990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1204.784779][T18990] RSP: 002b:00007f84e8ca3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1204.793294][T18990] RAX: ffffffffffffffda RBX: 00007f84e8146080 RCX: 00007f84e7f80809
[ 1204.801304][T18990] RDX: 000000000000002b RSI: 0000000000000001 RDI: 0000000000000008
[ 1204.809342][T18990] RBP: 00007f84e8ca30a0 R08: 0000000000000004 R09: 0000000000000000
[ 1204.817345][T18990] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[ 1204.825360][T18990] R13: 0000000000000000 R14: 00007f84e8146080 R15: 00007ffdfba89508
[ 1204.833368][T18990]  </TASK>
[ 1204.869017][ T5859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1204.881803][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1204.901414][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1204.910467][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1204.920706][ T5859] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1204.928730][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1205.027826][T18997] sg_write: data in/out 246879826/56 bytes for SCSI command 0xeb-- guessing data in;
[ 1205.027826][T18997]    program syz.5.3259 not setting count and/or reply_len properly
[ 1205.830305][T18997] 9pnet_fd: p9_fd_create_tcp (18997): problem connecting socket to 127.0.0.1
[ 1207.042118][   T35] hsr_slave_0: left promiscuous mode
[ 1207.056783][T19018] FAULT_INJECTION: forcing a failure.
[ 1207.056783][T19018] name failslab, interval 1, probability 0, space 0, times 0
[ 1207.178674][T19018] CPU: 0 UID: 0 PID: 19018 Comm: syz.6.3266 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1207.189161][T19018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1207.199214][T19018] Call Trace:
[ 1207.202591][T19018]  <TASK>
[ 1207.205510][T19018]  dump_stack_lvl+0x241/0x360
[ 1207.210180][T19018]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1207.215371][T19018]  ? __pfx__printk+0x10/0x10
[ 1207.219955][T19018]  ? fs_reclaim_acquire+0x93/0x130
[ 1207.225087][T19018]  ? __pfx___might_resched+0x10/0x10
[ 1207.230406][T19018]  should_fail_ex+0x3b0/0x4e0
[ 1207.235102][T19018]  should_failslab+0xac/0x100
[ 1207.239766][T19018]  __kmalloc_noprof+0xdd/0x4c0
[ 1207.244526][T19018]  ? tomoyo_encode+0x26f/0x540
[ 1207.249309][T19018]  tomoyo_encode+0x26f/0x540
[ 1207.253914][T19018]  tomoyo_mount_permission+0x359/0xb80
[ 1207.259388][T19018]  ? tomoyo_mount_permission+0x298/0xb80
[ 1207.265129][T19018]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 1207.271121][T19018]  ? hook_sb_mount+0x10b/0x420
[ 1207.275877][T19018]  ? security_sb_mount+0x22/0x2f0
[ 1207.280912][T19018]  security_sb_mount+0xe0/0x2f0
[ 1207.285806][T19018]  path_mount+0xb9/0xfa0
[ 1207.290214][T19018]  ? kmem_cache_free+0x195/0x410
[ 1207.295195][T19018]  ? user_path_at+0x44/0x60
[ 1207.299717][T19018]  __se_sys_mount+0x2d6/0x3c0
[ 1207.304390][T19018]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1207.310364][T19018]  ? __pfx___se_sys_mount+0x10/0x10
[ 1207.315554][T19018]  ? do_syscall_64+0x100/0x230
[ 1207.320312][T19018]  ? __x64_sys_mount+0x20/0xc0
[ 1207.325067][T19018]  do_syscall_64+0xf3/0x230
[ 1207.329563][T19018]  ? clear_bhb_loop+0x35/0x90
[ 1207.334259][T19018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.340182][T19018] RIP: 0033:0x7f2fb3380809
[ 1207.344603][T19018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1207.364211][T19018] RSP: 002b:00007f2fb417e058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1207.372823][T19018] RAX: ffffffffffffffda RBX: 00007f2fb3545fa0 RCX: 00007f2fb3380809
[ 1207.380795][T19018] RDX: 0000000020000080 RSI: 0000000020000100 RDI: 0000000020000040
[ 1207.388767][T19018] RBP: 00007f2fb417e0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1207.396747][T19018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1207.404724][T19018] R13: 0000000000000000 R14: 00007f2fb3545fa0 R15: 00007fff3547bac8
[ 1207.412693][T19018]  </TASK>
[ 1207.419752][   T35] hsr_slave_1: left promiscuous mode
[ 1207.429454][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1207.447295][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1207.453204][ T5859] Bluetooth: hci0: command tx timeout
[ 1207.464520][T19019] dlm: no local IP address has been set
[ 1207.470457][T19019] dlm: cannot start dlm midcomms -107
[ 1207.501701][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1207.558140][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1207.794915][   T35] veth1_macvtap: left promiscuous mode
[ 1207.830644][   T35] veth0_macvtap: left promiscuous mode
[ 1207.900466][   T35] veth1_vlan: left promiscuous mode
[ 1207.921191][   T35] veth0_vlan: left promiscuous mode
[ 1207.948414][T19033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1208.129017][T19034] syz.5.3262: attempt to access beyond end of device
[ 1208.129017][T19034] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1208.144637][T19034] (syz.5.3262,19034,0):ocfs2_get_sector:1769 ERROR: status = -5
[ 1208.153057][T19034] (syz.5.3262,19034,0):ocfs2_sb_probe:749 ERROR: status = -5
[ 1208.160464][T19034] (syz.5.3262,19034,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[ 1208.169350][T19034] (syz.5.3262,19034,0):ocfs2_fill_super:1178 ERROR: status = -5
[ 1208.645995][T19037] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3268'.
[ 1208.820317][T19040] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3268'.
[ 1209.122300][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1209.186266][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1209.544427][T16781] Bluetooth: hci0: command tx timeout
[ 1210.493130][T16781] Bluetooth: hci2: command 0x0406 tx timeout
[ 1211.045918][T18991] chnl_net:caif_netlink_parms(): no params data found
[ 1211.143946][ T5893] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[ 1211.259231][T19060] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1211.283923][T19060] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[ 1211.313452][ T5893] usb 2-1: Using ep0 maxpacket: 16
[ 1211.346219][ T5893] usb 2-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice=80.f2
[ 1211.364020][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1211.387443][ T5893] usb 2-1: Product: syz
[ 1211.392020][ T5893] usb 2-1: Manufacturer: syz
[ 1211.440962][ T5893] usb 2-1: SerialNumber: syz
[ 1211.467029][ T5893] usb 2-1: config 0 descriptor??
[ 1211.477100][ T5893] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1211.507974][ T5893] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1211.536129][T19063] o2cb: This node has not been configured.
[ 1211.559170][T18600] udevd[18600]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1211.573688][T19063] o2cb: Cluster check failed. Fix errors before retrying.
[ 1211.584975][T19063] (syz.6.3274,19063,1):user_dlm_register:674 ERROR: status = -22
[ 1211.613655][ T5859] Bluetooth: hci0: command tx timeout
[ 1211.633836][T19063] (syz.6.3274,19063,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1211.634028][ T5232] usb 6-1: new full-speed USB device number 79 using dummy_hcd
[ 1211.654432][T19068] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3275'.
[ 1211.673305][T19068] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3275'.
[ 1211.721974][T18991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1211.785823][T19070] netlink: 216 bytes leftover after parsing attributes in process `syz.6.3276'.
[ 1211.795625][T19070] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3276'.
[ 1211.803702][T18991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1211.823653][T18991] bridge_slave_0: entered allmulticast mode
[ 1211.827171][ T5232] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1211.830673][T18991] bridge_slave_0: entered promiscuous mode
[ 1211.849889][ T5232] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 2048, setting to 64
[ 1211.862109][ T5232] usb 6-1: New USB device found, idVendor=01ac, idProduct=0000, bcdDevice= 1.00
[ 1211.875550][T18991] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1211.882714][T18991] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1211.903789][T18991] bridge_slave_1: entered allmulticast mode
[ 1211.910893][T18991] bridge_slave_1: entered promiscuous mode
[ 1211.970209][ T5232] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1212.302802][ T5232] usb 6-1: config 0 descriptor??
[ 1212.388341][T18991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1212.417328][T18991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1212.525122][T19060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1212.580837][T19060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1212.628746][ T5232] usbhid 6-1:0.0: can't add hid device: -71
[ 1212.677723][T18991] team0: Port device team_slave_0 added
[ 1212.686355][ T5232] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1212.706877][T18991] team0: Port device team_slave_1 added
[ 1212.992856][ T5232] usb 6-1: USB disconnect, device number 79
[ 1213.715300][ T5859] Bluetooth: hci0: command tx timeout
[ 1215.277440][ T5893] usb 2-1: USB disconnect, device number 96
[ 1215.310622][T18991] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1215.318377][T18991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1215.348930][T18991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1215.361559][T18991] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1215.368594][T18991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1215.395337][T18991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1215.668523][   T29] audit: type=1326 audit(1732712455.651:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19087 comm="syz.1.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1215.693325][   T29] audit: type=1326 audit(1732712455.651:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19087 comm="syz.1.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1216.154035][T18991] hsr_slave_0: entered promiscuous mode
[ 1216.173851][T18991] hsr_slave_1: entered promiscuous mode
[ 1216.289447][T18991] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1216.337913][T18991] Cannot create hsr debugfs directory
[ 1216.885679][T19111] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1217.266919][T19112] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3284'.
[ 1217.895004][T19112] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[ 1218.089172][T19117] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3288'.
[ 1218.116900][T19116] netlink: 216 bytes leftover after parsing attributes in process `syz.7.3287'.
[ 1218.140524][T19116] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3287'.
[ 1218.718759][T19117] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3288'.
[ 1219.723465][ T5893] usb 6-1: new high-speed USB device number 80 using dummy_hcd
[ 1219.877634][ T5893] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1219.898738][ T5893] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1219.953830][ T5893] usb 6-1: Product: syz
[ 1219.962182][ T5893] usb 6-1: Manufacturer: syz
[ 1219.968391][ T5893] usb 6-1: SerialNumber: syz
[ 1219.991927][ T5893] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1220.026977][   T25] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1220.103340][ T5962] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1220.263729][ T5962] usb 8-1: Using ep0 maxpacket: 8
[ 1220.276933][ T5962] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1220.286949][ T5962] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1220.299680][ T5962] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1220.323439][ T5962] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1220.336657][T18991] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1220.376401][T18991] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1220.405896][ T5962] usb 8-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[ 1220.423575][ T5962] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1220.429179][T18991] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1220.446891][ T5962] usb 8-1: Product: syz
[ 1220.451180][ T5962] usb 8-1: Manufacturer: syz
[ 1220.471106][ T5962] usb 8-1: SerialNumber: syz
[ 1220.487157][T18991] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1220.508630][ T5962] input: bcm5974 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/input/input46
[ 1220.686318][ T5891] usb 6-1: USB disconnect, device number 80
[ 1220.737400][ T5198] bcm5974 8-1:1.0: could not read from device
[ 1220.764202][ T5198] bcm5974 8-1:1.0: could not read from device
[ 1220.785744][ T5962] usb 8-1: USB disconnect, device number 11
[ 1220.796783][ T5198] bcm5974 8-1:1.0: could not read from device
[ 1220.844671][T18991] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1220.889707][T18991] 8021q: adding VLAN 0 to HW filter on device team0
[ 1220.916395][T16314] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1220.923631][T16314] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1220.965689][T16314] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1220.972895][T16314] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1221.053640][   T25] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 1221.065505][   T25] ath9k_htc: Failed to initialize the device
[ 1221.089233][ T5891] usb 6-1: ath9k_htc: USB layer deinitialized
[ 1221.462850][   T29] audit: type=1326 audit(1732712461.441:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19151 comm="syz.1.3294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1221.671352][   T29] audit: type=1326 audit(1732712461.441:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19151 comm="syz.1.3294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1222.185966][T18991] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1222.359531][T19169] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1223.190780][T18991] veth0_vlan: entered promiscuous mode
[ 1223.236419][T18991] veth1_vlan: entered promiscuous mode
[ 1224.141515][T19174] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3299'.
[ 1224.231535][T18991] veth0_macvtap: entered promiscuous mode
[ 1224.344167][T19174] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[ 1224.368813][T18991] veth1_macvtap: entered promiscuous mode
[ 1224.468134][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1224.534920][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.599458][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1224.650571][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.660977][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1224.671770][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.681943][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1224.692627][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.715597][T18991] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1224.727528][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1224.738202][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.768309][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1224.782038][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.792759][T18991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1224.811104][T18991] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1224.826142][T18991] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1224.836011][   T29] audit: type=1800 audit(1732712464.821:524): pid=19193 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.3303" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1224.858449][T19186] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3301'.
[ 1224.868447][T19184] netlink: 216 bytes leftover after parsing attributes in process `syz.7.3302'.
[ 1224.881929][T19186] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3301'.
[ 1224.894755][T19184] netlink: 'syz.7.3302': attribute type 6 has an invalid length.
[ 1224.918258][T19194] nbd: must specify an index to disconnect
[ 1224.982373][T18991] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.002325][T18991] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.036623][T18991] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.073570][T18991] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.345936][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1225.376385][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1225.458655][T10971] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1225.472689][T10971] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1225.765279][ T5893] usb 7-1: new high-speed USB device number 89 using dummy_hcd
[ 1225.910991][   T29] audit: type=1326 audit(1732712465.891:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19209 comm="syz.1.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1225.932725][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1226.063152][   T29] audit: type=1326 audit(1732712465.891:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19209 comm="syz.1.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1226.601496][T19212] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[ 1226.610536][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1226.618446][ T5893] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1226.644130][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1226.765185][T19222] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1227.398798][ T5893] usb 7-1: Product: syz
[ 1227.412754][ T5893] usb 7-1: Manufacturer: syz
[ 1227.432039][ T5893] usb 7-1: SerialNumber: syz
[ 1227.446862][ T5893] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1227.475907][   T25] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1227.653514][T10466] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1227.843393][T10466] usb 8-1: Using ep0 maxpacket: 32
[ 1227.866428][T10466] usb 8-1: config 0 has an invalid interface number: 88 but max is 0
[ 1227.880604][T10466] usb 8-1: config 0 has no interface number 0
[ 1228.173916][T10466] usb 8-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=7d.12
[ 1228.186279][T11095] usb 7-1: USB disconnect, device number 89
[ 1228.188937][T10466] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1228.201153][T10466] usb 8-1: Product: syz
[ 1228.205944][T10466] usb 8-1: Manufacturer: syz
[ 1228.210569][T10466] usb 8-1: SerialNumber: syz
[ 1228.224437][T10466] usb 8-1: config 0 descriptor??
[ 1228.307415][T19233] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3314'.
[ 1228.833449][   T25] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[ 1228.840504][   T25] ath9k_htc: Failed to initialize the device
[ 1228.846674][ T5859] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1228.879083][T11095] usb 7-1: ath9k_htc: USB layer deinitialized
[ 1228.964027][T10466] f81534a_ctrl 8-1:0.88: failed to set register 0x116: -5
[ 1228.971219][T10466] f81534a_ctrl 8-1:0.88: failed to enable ports: -5
[ 1228.979577][T10466] f81534a_ctrl 8-1:0.88: probe with driver f81534a_ctrl failed with error -5
[ 1229.000251][T10466] usb 8-1: USB disconnect, device number 12
[ 1229.175654][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.216815][T19233] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[ 1229.303749][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.427161][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.540533][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.727425][   T35] bridge_slave_1: left allmulticast mode
[ 1229.735090][   T35] bridge_slave_1: left promiscuous mode
[ 1229.740825][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1229.758601][   T35] bridge_slave_0: left allmulticast mode
[ 1229.764802][   T35] bridge_slave_0: left promiscuous mode
[ 1229.770470][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1230.348955][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1230.361078][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1230.372404][   T35] bond0 (unregistering): Released all slaves
[ 1230.637676][   T35] hsr_slave_0: left promiscuous mode
[ 1230.644826][   T35] hsr_slave_1: left promiscuous mode
[ 1230.650838][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1230.659198][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1230.669449][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1230.676977][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1230.704119][   T35] veth1_macvtap: left promiscuous mode
[ 1230.709689][   T35] veth0_macvtap: left promiscuous mode
[ 1230.717516][   T35] veth1_vlan: left promiscuous mode
[ 1230.722894][   T35] veth0_vlan: left promiscuous mode
[ 1231.153929][T19243] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3318'.
[ 1231.181391][T19243] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3318'.
[ 1231.201951][T19243] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3318'.
[ 1231.363582][T10466] usb 2-1: new full-speed USB device number 97 using dummy_hcd
[ 1231.525083][T16781] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1231.540743][T16781] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1231.545544][T10466] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1231.557966][T10466] usb 2-1: not running at top speed; connect to a high speed hub
[ 1231.567822][T16781] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1231.577583][T10466] usb 2-1: config 129 has an invalid descriptor of length 0, skipping remainder of the config
[ 1231.581596][T16781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1231.590805][T10466] usb 2-1: config 129 has 0 interfaces, different from the descriptor's value: 1
[ 1231.625388][T16781] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1231.627572][T10466] usb 2-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=db.57
[ 1231.657158][T16781] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1231.666408][T10466] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1231.685362][T10466] usb 2-1: Product: syz
[ 1231.694763][T10466] usb 2-1: Manufacturer: syz
[ 1231.754155][T10466] usb 2-1: SerialNumber: syz
[ 1231.946135][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1232.005357][T11095] usb 2-1: USB disconnect, device number 97
[ 1232.090958][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1233.075429][   T29] audit: type=1326 audit(1732712473.051:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19252 comm="syz.1.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1233.214011][   T29] audit: type=1326 audit(1732712473.051:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19252 comm="syz.1.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d2380809 code=0x7ffc0000
[ 1233.570884][T19239] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3315'.
[ 1233.580299][T19239] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3315'.
[ 1233.611485][T19243] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[ 1233.724131][T19243] bridge0: entered promiscuous mode
[ 1233.744549][T19243] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[ 1233.752637][T19243] Cannot create hsr debugfs directory
[ 1233.773608][T16781] Bluetooth: hci0: command tx timeout
[ 1233.883531][    C0] 
[ 1233.885913][    C0] ============================================
[ 1233.892068][    C0] WARNING: possible recursive locking detected
[ 1233.898215][    C0] 6.12.0-syzkaller-09567-g7eef7e306d3c #0 Not tainted
[ 1233.905341][    C0] --------------------------------------------
[ 1233.911502][    C0] syz.6.3323/19263 is trying to acquire lock:
[ 1233.917581][    C0] ffff8880357c8f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[ 1233.926678][    C0] 
[ 1233.926678][    C0] but task is already holding lock:
[ 1233.934064][    C0] ffff8880273d0f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: send_hsr_supervision_frame+0x27c/0xcc0
[ 1233.944375][    C0] 
[ 1233.944375][    C0] other info that might help us debug this:
[ 1233.952453][    C0]  Possible unsafe locking scenario:
[ 1233.952453][    C0] 
[ 1233.959926][    C0]        CPU0
[ 1233.963229][    C0]        ----
[ 1233.966525][    C0]   lock(&hsr->seqnr_lock);
[ 1233.971073][    C0]   lock(&hsr->seqnr_lock);
[ 1233.975690][    C0] 
[ 1233.975690][    C0]  *** DEADLOCK ***
[ 1233.975690][    C0] 
[ 1233.983851][    C0]  May be due to missing lock nesting notation
[ 1233.983851][    C0] 
[ 1233.992180][    C0] 8 locks held by syz.6.3323/19263:
[ 1233.997370][    C0]  #0: ffff88802bb20b60 (&mm->mmap_lock){++++}-{4:4}, at: __mm_populate+0x1b0/0x460
[ 1234.006796][    C0]  #1: ffffc90000007c00 ((&hsr->announce_timer)){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[ 1234.016841][    C0]  #2: ffffffff8e93c520 (rcu_read_lock){....}-{1:3}, at: hsr_announce+0xaa/0x3a0
[ 1234.026092][    C0]  #3: ffff8880273d0f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: send_hsr_supervision_frame+0x27c/0xcc0
[ 1234.036995][    C0]  #4: ffffffff8e93c520 (rcu_read_lock){....}-{1:3}, at: hsr_forward_skb+0xb6/0x2ac0
[ 1234.046747][    C0]  #5: ffffffff8e93c580 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f4/0x3f50
[ 1234.056777][    C0]  #6: ffffffff8e93c520 (rcu_read_lock){....}-{1:3}, at: br_dev_xmit+0x21d/0x1b40
[ 1234.066030][    C0]  #7: ffffffff8e93c580 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f4/0x3f50
[ 1234.075987][    C0] 
[ 1234.075987][    C0] stack backtrace:
[ 1234.082054][    C0] CPU: 0 UID: 0 PID: 19263 Comm: syz.6.3323 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[ 1234.092460][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1234.102862][    C0] Call Trace:
[ 1234.106138][    C0]  <IRQ>
[ 1234.109000][    C0]  dump_stack_lvl+0x241/0x360
[ 1234.113701][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1234.118922][    C0]  ? __pfx__printk+0x10/0x10
[ 1234.123523][    C0]  ? lockdep_unlock+0x16a/0x300
[ 1234.128375][    C0]  print_deadlock_bug+0x483/0x620
[ 1234.133425][    C0]  validate_chain+0x15e2/0x5920
[ 1234.138311][    C0]  ? deref_stack_reg+0x17c/0x210
[ 1234.143297][    C0]  ? stack_trace_save+0x118/0x1d0
[ 1234.148346][    C0]  ? get_stack_info_noinstr+0x1a/0x130
[ 1234.153805][    C0]  ? deref_stack_reg+0x17c/0x210
[ 1234.158826][    C0]  ? __pfx_validate_chain+0x10/0x10
[ 1234.164372][    C0]  ? 0xffffffffa000094c
[ 1234.168516][    C0]  ? is_bpf_text_address+0x26/0x2a0
[ 1234.173715][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1234.179892][    C0]  ? kernel_text_address+0xa7/0xe0
[ 1234.185390][    C0]  ? __kernel_text_address+0xd/0x40
[ 1234.190593][    C0]  ? unwind_get_return_address+0x4d/0x90
[ 1234.196226][    C0]  ? __pfx_validate_chain+0x10/0x10
[ 1234.201437][    C0]  ? arch_stack_walk+0xfd/0x150
[ 1234.206288][    C0]  ? mark_lock+0x9a/0x360
[ 1234.210609][    C0]  __lock_acquire+0x1397/0x2100
[ 1234.215456][    C0]  lock_acquire+0x1ed/0x550
[ 1234.219951][    C0]  ? hsr_dev_xmit+0x18a/0x210
[ 1234.224631][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1234.229734][    C0]  ? hsr_dev_xmit+0x18a/0x210
[ 1234.234407][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1234.240224][    C0]  ? netif_skb_features+0x8b6/0xc90
[ 1234.245486][    C0]  ? hsr_dev_xmit+0x18a/0x210
[ 1234.250176][    C0]  _raw_spin_lock_bh+0x35/0x50
[ 1234.254939][    C0]  ? hsr_dev_xmit+0x18a/0x210
[ 1234.259616][    C0]  hsr_dev_xmit+0x18a/0x210
[ 1234.264119][    C0]  dev_hard_start_xmit+0x27a/0x7e0
[ 1234.269234][    C0]  __dev_queue_xmit+0x1b73/0x3f50
[ 1234.274260][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[ 1234.279365][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1234.285689][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1234.291056][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 1234.296420][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 1234.301611][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 1234.306976][    C0]  ? ebt_do_table+0x2840/0x2a40
[ 1234.311819][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1234.317539][    C0]  ? skb_push+0x97/0x100
[ 1234.321768][    C0]  br_dev_queue_push_xmit+0x726/0x900
[ 1234.327140][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1234.332157][    C0]  ? ebt_do_table+0x2840/0x2a40
[ 1234.337009][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[ 1234.342901][    C0]  NF_HOOK+0x3a7/0x460
[ 1234.346965][    C0]  ? NF_HOOK+0x9f/0x460
[ 1234.351115][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1234.355711][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[ 1234.361599][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1234.366612][    C0]  ? dev_hard_start_xmit+0x27a/0x7e0
[ 1234.371892][    C0]  ? hsr_forward_skb+0x171c/0x2ac0
[ 1234.376992][    C0]  ? hsr_announce+0x1f8/0x3a0
[ 1234.381664][    C0]  ? __run_timer_base+0x66a/0x8e0
[ 1234.386685][    C0]  br_forward_finish+0xd8/0x130
[ 1234.391533][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[ 1234.397420][    C0]  NF_HOOK+0x3a7/0x460
[ 1234.401482][    C0]  ? populate_vma_page_range+0x264/0x330
[ 1234.407204][    C0]  ? NF_HOOK+0x9f/0x460
[ 1234.411356][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1234.415940][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[ 1234.421397][    C0]  __br_forward+0x489/0x660
[ 1234.425899][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[ 1234.431384][    C0]  ? __pfx___br_forward+0x10/0x10
[ 1234.436403][    C0]  ? skb_clone+0x240/0x390
[ 1234.440816][    C0]  maybe_deliver+0xb3/0x150
[ 1234.445311][    C0]  br_flood+0x2e4/0x660
[ 1234.449498][    C0]  br_dev_xmit+0x1202/0x1b40
[ 1234.454081][    C0]  ? br_dev_xmit+0x21d/0x1b40
[ 1234.458754][    C0]  ? __pfx_br_dev_xmit+0x10/0x10
[ 1234.463706][    C0]  ? __pfx_validate_xmit_xfrm+0x10/0x10
[ 1234.469243][    C0]  ? netif_skb_features+0x8b6/0xc90
[ 1234.474437][    C0]  ? validate_xmit_skb+0x9b8/0xff0
[ 1234.479541][    C0]  dev_hard_start_xmit+0x27a/0x7e0
[ 1234.484706][    C0]  __dev_queue_xmit+0x1b73/0x3f50
[ 1234.489725][    C0]  ? kasan_save_track+0x51/0x80
[ 1234.494574][    C0]  ? run_timer_softirq+0xb7/0x170
[ 1234.499588][    C0]  ? try_charge_memcg+0x4e0/0x1150
[ 1234.504688][    C0]  ? shmem_alloc_and_add_folio+0x8a1/0x13d0
[ 1234.510574][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[ 1234.515680][    C0]  ? shmem_fault+0x253/0x6f0
[ 1234.520363][    C0]  ? __do_fault+0x135/0x460
[ 1234.524858][    C0]  ? handle_pte_fault+0x335a/0x68a0
[ 1234.530052][    C0]  ? handle_mm_fault+0x1053/0x1ad0
[ 1234.535159][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1234.540537][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1234.546607][    C0]  ? __copy_skb_header+0x437/0x5b0
[ 1234.551708][    C0]  ? __asan_memcpy+0x40/0x70
[ 1234.556295][    C0]  ? hsr_addr_subst_dest+0x30a/0xac0
[ 1234.561577][    C0]  ? skb_clone+0x240/0x390
[ 1234.566022][    C0]  hsr_forward_skb+0x171c/0x2ac0
[ 1234.571042][    C0]  ? hsr_forward_skb+0xb6/0x2ac0
[ 1234.575970][    C0]  ? __pfx_hsr_forward_skb+0x10/0x10
[ 1234.581336][    C0]  ? __asan_memset+0x23/0x50
[ 1234.585920][    C0]  ? hsr_init_skb+0x422/0x5c0
[ 1234.590607][    C0]  send_hsr_supervision_frame+0x63b/0xcc0
[ 1234.596329][    C0]  ? __pfx_send_hsr_supervision_frame+0x10/0x10
[ 1234.602564][    C0]  hsr_announce+0x1f8/0x3a0
[ 1234.607064][    C0]  ? hsr_announce+0xaa/0x3a0
[ 1234.611645][    C0]  ? __pfx_hsr_announce+0x10/0x10
[ 1234.616673][    C0]  ? call_timer_fn+0xa8/0x650
[ 1234.621520][    C0]  call_timer_fn+0x18e/0x650
[ 1234.626131][    C0]  ? call_timer_fn+0xc0/0x650
[ 1234.630793][    C0]  ? __pfx_hsr_announce+0x10/0x10
[ 1234.635811][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[ 1234.640928][    C0]  ? __pfx_hsr_announce+0x10/0x10
[ 1234.645947][    C0]  ? __pfx_hsr_announce+0x10/0x10
[ 1234.650960][    C0]  ? __pfx_hsr_announce+0x10/0x10
[ 1234.655973][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1234.661163][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 1234.666357][    C0]  ? __pfx_hsr_announce+0x10/0x10
[ 1234.671375][    C0]  __run_timer_base+0x66a/0x8e0
[ 1234.676222][    C0]  ? __pfx___run_timer_base+0x10/0x10
[ 1234.681583][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1234.687901][    C0]  run_timer_softirq+0xb7/0x170
[ 1234.692742][    C0]  handle_softirqs+0x2c5/0x980
[ 1234.697502][    C0]  ? __irq_exit_rcu+0xf7/0x220
[ 1234.702271][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1234.707549][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[ 1234.712738][    C0]  __irq_exit_rcu+0xf7/0x220
[ 1234.717320][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1234.722509][    C0]  irq_exit_rcu+0x9/0x30
[ 1234.726832][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1234.732455][    C0]  </IRQ>
[ 1234.735380][    C0]  <TASK>
[ 1234.738300][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1234.744306][    C0] RIP: 0010:try_charge_memcg+0x4e0/0x1150
[ 1234.750022][    C0] Code: 44 24 18 00 02 00 00 75 1b 80 7c 24 38 00 75 20 e9 90 09 00 00 e8 c0 08 c3 09 f7 44 24 18 00 02 00 00 74 e5 fb 80 7c 24 38 00 <0f> 84 75 09 00 00 e9 06 02 00 00 44 89 fb 48 8b bc 24 80 00 00 00
[ 1234.769622][    C0] RSP: 0018:ffffc900046c6de0 EFLAGS: 00000246
[ 1234.775700][    C0] RAX: 31c65e858eab9600 RBX: 1ffff920008d8dd6 RCX: ffffffff81718f6a
[ 1234.783679][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0ad8a0 RDI: ffffc900046c6eb0
[ 1234.791664][    C0] RBP: ffffc900046c6fa0 R08: ffffffff942e98b7 R09: 1ffffffff285d316
[ 1234.799645][    C0] R10: dffffc0000000000 R11: fffffbfff285d317 R12: ffff88803597e000
[ 1234.807636][    C0] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000040
[ 1234.815756][    C0]  ? mark_lock+0x9a/0x360
[ 1234.820113][    C0]  ? try_charge_memcg+0x261/0x1150
[ 1234.825265][    C0]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1234.830647][    C0]  charge_memcg+0xa6/0x1e0
[ 1234.835165][    C0]  __mem_cgroup_charge+0x27/0x80
[ 1234.840115][    C0]  shmem_alloc_and_add_folio+0x8a1/0x13d0
[ 1234.846280][    C0]  ? __pfx_filemap_get_entry+0x10/0x10
[ 1234.851739][    C0]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1234.857892][    C0]  ? shmem_allowable_huge_orders+0x601/0x660
[ 1234.863869][    C0]  shmem_get_folio_gfp+0x5a9/0x20a0
[ 1234.869064][    C0]  ? filemap_map_pages+0x19d0/0x20d0
[ 1234.874350][    C0]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1234.879979][    C0]  shmem_fault+0x253/0x6f0
[ 1234.884390][    C0]  ? __pfx_shmem_fault+0x10/0x10
[ 1234.889315][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1234.894337][    C0]  ? handle_pte_fault+0x21c3/0x68a0
[ 1234.899549][    C0]  __do_fault+0x135/0x460
[ 1234.903892][    C0]  ? handle_pte_fault+0x21c3/0x68a0
[ 1234.909099][    C0]  handle_pte_fault+0x335a/0x68a0
[ 1234.914137][    C0]  ? mark_lock+0x9a/0x360
[ 1234.918466][    C0]  ? mark_lock+0x9a/0x360
[ 1234.922796][    C0]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1234.928166][    C0]  ? __lock_acquire+0x1397/0x2100
[ 1234.933190][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1234.938207][    C0]  ? count_memcg_event_mm+0x3c2/0x420
[ 1234.943573][    C0]  ? do_raw_spin_lock+0x14f/0x370
[ 1234.948600][    C0]  handle_mm_fault+0x1053/0x1ad0
[ 1234.953534][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1234.958806][    C0]  ? follow_page_pte+0x9ad/0x1db0
[ 1234.963827][    C0]  ? __pfx_find_vma+0x10/0x10
[ 1234.968498][    C0]  ? vma_is_secretmem+0xd/0x50
[ 1234.973253][    C0]  ? check_vma_flags+0x4fa/0x5a0
[ 1234.978198][    C0]  __get_user_pages+0x1c82/0x49e0
[ 1234.983238][    C0]  ? __pfx___get_user_pages+0x10/0x10
[ 1234.988969][    C0]  ? __pfx_mt_find+0x10/0x10
[ 1234.993561][    C0]  populate_vma_page_range+0x264/0x330
[ 1234.999055][    C0]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1235.005041][    C0]  ? userfaultfd_unmap_complete+0x30c/0x360
[ 1235.011120][    C0]  ? do_mmap+0x958/0x1000
[ 1235.015486][    C0]  __mm_populate+0x27a/0x460
[ 1235.020077][    C0]  ? __pfx___mm_populate+0x10/0x10
[ 1235.025243][    C0]  vm_mmap_pgoff+0x2c3/0x3d0
[ 1235.029840][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1235.035000][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1235.041330][    C0]  ? do_syscall_64+0x100/0x230
[ 1235.046097][    C0]  ? ksys_mmap_pgoff+0xdf/0x720
[ 1235.050956][    C0]  ? __x64_sys_mmap+0x7f/0x140
[ 1235.055714][    C0]  do_syscall_64+0xf3/0x230
[ 1235.060211][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1235.064977][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1235.070866][    C0] RIP: 0033:0x7f2fb3380809
[ 1235.075809][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1235.095426][    C0] RSP: 002b:00007f2fb417e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1235.103942][    C0] RAX: ffffffffffffffda RBX: 00007f2fb3545fa0 RCX: 00007f2fb3380809
[ 1235.111911][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 1235.119886][    C0] RBP: 00007f2fb33f393e R08: ffffffffffffffff R09: 0000000000000000
[ 1235.127852][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[ 1235.135848][    C0] R13: 0000000000000000 R14: 00007f2fb3545fa0 R15: 00007fff3547bac8
[ 1235.143825][    C0]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1236.097584][   T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.109231][   T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.131674][   T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.142563][   T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.208540][   T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.219335][   T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.280444][   T35] team0: Port device netdevsim0 removed
[ 1236.288902][   T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.299263][   T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.387027][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.398061][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.458846][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.471198][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.548293][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.558706][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.607572][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1236.619164][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.691752][   T35] bridge_slave_1: left allmulticast mode
[ 1236.697784][   T35] bridge_slave_1: left promiscuous mode
[ 1236.704757][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1236.714029][   T35] bridge_slave_0: left allmulticast mode
[ 1236.719741][   T35] bridge_slave_0: left promiscuous mode
[ 1236.726464][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1236.735078][   T35] bridge_slave_1: left allmulticast mode
[ 1236.740712][   T35] bridge_slave_1: left promiscuous mode
[ 1236.747070][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1236.754949][   T35] bridge_slave_0: left allmulticast mode
[ 1236.760582][   T35] bridge_slave_0: left promiscuous mode
[ 1236.766416][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1236.822937][   T35] bond1: left allmulticast mode
[ 1236.828444][   T35] bridge1: left allmulticast mode
[ 1236.837829][   T35] bond1: left promiscuous mode
[ 1236.842615][   T35] bridge1: left promiscuous mode
[ 1236.919266][   T35] bond1 (unregistering): (slave gretap2): Releasing active interface
[ 1236.998159][   T35] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1237.045091][   T35] bond1 (unregistering): (slave bridge1): Releasing active interface
[ 1237.148683][   T35] batman_adv: batadv0: Removing interface: macvlan2
[ 1237.158959][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1237.169094][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1237.179178][   T35] bond0 (unregistering): (slave macvlan3): Releasing backup interface
[ 1237.190980][   T35] veth1: left promiscuous mode
[ 1237.197640][   T35] bond0 (unregistering): Released all slaves
[ 1237.405865][   T35] bond1 (unregistering): Released all slaves
[ 1237.418375][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1237.428565][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1237.438416][   T35] bond0 (unregistering): Released all slaves
[ 1237.655096][   T35] bond1 (unregistering): Released all slaves
[ 1237.762705][   T35] tipc: Left network mode
[ 1237.839072][   T35] mac80211_hwsim hwsim13 wlan1 (unregistering): left allmulticast mode
[ 1238.080270][   T35] hsr_slave_0: left promiscuous mode
[ 1238.086185][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1238.093812][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1238.101507][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1238.109031][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1238.118228][   T35] team0: left promiscuous mode
[ 1238.123269][   T35] team_slave_0: left promiscuous mode
[ 1238.128846][   T35] team_slave_1: left promiscuous mode
[ 1238.135048][   T35] batadv_slave_0: left promiscuous mode
[ 1238.142902][   T35] : left promiscuous mode
[ 1238.149892][   T35] hsr_slave_1: left promiscuous mode
[ 1238.157790][   T35] veth1_macvtap: left promiscuous mode
[ 1238.163474][   T35] veth0_macvtap: left promiscuous mode
[ 1238.169204][   T35] veth1_vlan: left promiscuous mode
[ 1238.176143][   T35] veth0_vlan: left promiscuous mode
[ 1238.181961][   T35] veth1_macvtap: left promiscuous mode
[ 1238.187539][   T35] veth0_macvtap: left promiscuous mode
[ 1238.193190][   T35] veth1_vlan: left promiscuous mode
[ 1238.198435][   T35] veth0_vlan: left promiscuous mode
[ 1238.400720][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1238.439038][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1238.574521][   T35] pim6reg527 (unregistering): left allmulticast mode
[ 1238.756681][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1238.782607][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1239.136219][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.142755][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.297526][   T35] IPVS: stop unused estimator thread 0...
[ 1239.339187][   T35] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.399416][   T35] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.437440][   T35] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.486288][   T35] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.581850][   T35] bridge_slave_1: left allmulticast mode
[ 1239.587787][   T35] bridge_slave_1: left promiscuous mode
[ 1239.594985][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1239.603540][   T35] bridge_slave_0: left allmulticast mode
[ 1239.609186][   T35] bridge_slave_0: left promiscuous mode
[ 1239.615895][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1239.741347][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1239.751321][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1239.761381][   T35] bond0 (unregistering): Released all slaves
[ 1239.821013][   T35] tipc: Left network mode
[ 1239.962235][   T35] hsr_slave_0: left promiscuous mode
[ 1239.968967][   T35] hsr_slave_1: left promiscuous mode
[ 1239.975265][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1239.982696][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1239.992737][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1240.000563][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1240.010534][   T35] veth1_macvtap: left promiscuous mode
[ 1240.016622][   T35] veth0_macvtap: left promiscuous mode
[ 1240.022177][   T35] veth1_vlan: left promiscuous mode
[ 1240.027675][   T35] veth0_vlan: left promiscuous mode
[ 1240.124085][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1240.155308][   T35] team0 (unregistering): Port device team_slave_0 removed