last executing test programs:

16.0317763s ago: executing program 3 (id=1515):
timer_create(0x8, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000400)={{}, {0x0, 0x1c9c380}}, 0x0)
timer_settime(r0, 0x0, &(0x7f0000000000), &(0x7f0000000240))
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000400)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190880"], 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xf)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={<r3=>0x0, 0x400, 0x8}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000100)={r3, 0x40000}, &(0x7f0000000140)=0x8)

13.519651995s ago: executing program 4 (id=1521):
socket$inet6(0xa, 0x3, 0x3c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000440)={[0x6, 0x7fffffff, 0x2, 0x5, 0xce44, 0x6, 0x181, 0x7, 0x0, 0x1, 0x7f, 0x3, 0x5, 0x5, 0x6f, 0xc], 0x6000, 0x40000})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r1, 0x0, 0x0)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r2, 0x46b5b071fb3773b1, 0x0, 0x0, {0x26}}, 0x14}}, 0x0)
syz_fuse_handle_req(r1, &(0x7f0000009800)="c81a44e63986e08d99ccf23dc0ffa0818fa1b29e99c766114f54433926cc9086d6348367b02c96642668b5f3bbb112262d5712ed8054d5bdfce73f367d017a9fe5d0611a2095a2d64ea5f872e6a2e82823552a5d00e6082e192c9a65203f7b2ead5b76d5941092f89ebfb3af4f7eda2aed59b7954bde4c5aac060c0ac12c09eca75388b6a8179c4977dc61547dad45fbd56bf748286464af77701c3a9029c4b20184af67cf8928b6ce60192173baaf4c2dddf1184b3f22666a9f1ce962649f152fc1d81f46bc01e552e264bea7d558de6fc211353cc3033d74b1f277f40ff3d32b43df5be1660621248ea797ff8e32400c8114a0dbfdfd023924a1d6e35e335c903972c8b0d8e291f1f70996febc0bcd3fe9adc77eaec7e2922b0c1da784a98d3bb5be2afa19700eef6a89214c61e5f79f87edf6584c67031d65da8f1e2615e41b09bcb25c19288e1852d8198910c923e0b2e4d2bd09684028f157e6d512724f8d0da0c5253cd215c4802a7d24c019d4cbd4875904be09477406ce9ea11d1d8e4fb15c38e17e99f546a9b804c7f143a99c1f650a97c5dddaf43bc02839da9bc8201c086a8f83014aa838918f5788f3d52c3116c2b9ca72e8dafa94f9dd75110989e31d5dfd985a00cc3bc79e603e29113ccb7e7492bfd97ad7afdecd6f15c3b5d43ace4840105618679619db4906cf2ea7337bd27ac2de362633363bd8fa8dec3402e8e7663806d24f72b72a75e30e4633fcc78049fe47237a47b8d6393d2766c879189e6f379529c7e6cb38d24d5bcf99602e8205c83e17d8e859399df4aaed02f0ed1d0ba10a9bac073b27ec2b8cb0691080a1041732d3018d378c480878923e25991e599e97020c1b2e17e5759401f040ab398d8b4d216a07b9514ab547f0084e3b37869a2330af29fa894fb4434be6629edc8db63b95dd86e036064290297afe39869f399c2c7fedada7ca2202be1d4b7a095198b11a77429eb2ced2b7a131a207abd34bc311a88eaae478b79fff624178693c4af30706d94689ca692bd064c582278b2e08515738035c7bb5119821cb82f6aca4c0ce8884d1aa040db9d1b2579a4a5ca379ad973f54a9f68746bbc9261a3426889e70716b5c1a8f14f83d080b1c0e3c4be39906de065fab911c9628d9af546172740adaba5dc048c520871279bb0fe80cea62a57f7f59c8d034b66f1791c91b09a444bf4dde1e8520871ceadcd8307ae7a924ca0a24364853d5b87cecec18cd2081292e1939d69c8f03cfb7ae6aa553fe9a3d8bf32906b22fade678f6459383ee9d40968ab818b065985f55a314fbf5b54554e7b5a06947cf6671dc5ed1f78f087ac41dd7d382b93d7190cbbe119f4523ad769aa1c0c373e8a68375b8fc0b6add933718772c4c019646efb0be7959e7d53f3ab1bfde0d7a0e12c7efcacf19ed6809fd8c17613d36167d32b52a36127aaeef68071a142833f8e3e503c9195415ce8c53a82b39311e0790d09ee78417cc81886bac390abc59b8263509877faece16c6bb48e5ac75756f47f0d1f722ef64b88bdca0f495a6c718f3c8bb8e4c36d2c7421096dbbb575355bc69b957fef70122dbf4b7767753029367ba18b25c222ec10b236b83e15d736fba9d31948a5c4f624a490ffa520b23f75e9d2fe631706e92157226e52cc6fa5c1dafd7651450358e894948d1b2a5443c160270d5441913288946e21f42e872bf62a597767c2a96270b86e04ceeb9f84e3e61d077f79e2b9345187e54f20a78bbd8afd1b0f082a58e0d436012017c0045e12c514e9b0610236a1cc091f6e4500b388dc629516e53899489ea3abe2b5f39d59b7d303387aa2cc866aba5cde3faea9914870a74ec9fd9e034e2520fb1e9be06f3111750c161c0898f44f2c3d42584888bfa8bae0bddd6671df44c41272b870868bc53eece9424861460729e99b480eaa61f55d9a8da4c74d94fea85b1df9a10858fd38c25809f924d5f13910668fad16fc635c1996d125b110171e38cef8f06e277e0e8eccec36d25036dbb9ad0447f7116ebf6197c58f4bbf1a53ff5972f138cc7682e3059d9d3489726f038c5cc5900de4805be00bc4c545106558a3b4877de92848e4a4b1750399f19228a48fb1df6103b1d4b9cc5d1d10ba75ba53925a150a61744747043cea4ce192bb1e199a536d0654a91bc567852d260fb3db4b77d14eb9721e176cd4eb260bebc7868d0c9a1598ecf78aa58a363086c6841cba16e0ecd8316dfca3310f8ab0e9e11472fadb6b18a713796a1fa3a4f23003de3384c7756c9a59c74e7d4f4355589783ea9b9bd92f265697c838d8e2f749bd2929765ed7038a9ee7766a01c05881ca4b96f6baf6c14eb59a7090a3f876acfeabe8f30daf746e38faf33cea4f7ade758fc3680d7da99d04da4599f0d19981382b2c40c3aff6222c8e1bf688a96adfd934b5398cce4c6602f5235cd8abf0f7af2cb2c8771b23a6a34800be0b7d73264c9faf6e6a9721ce0ddac96616034f2244682a6984ddc41ab8bddb137f7b7386e550256d579b6ba677903fa8d177680be70eef89b150c147f5db9459c5a7214486dfd165c148a68c2b70881542efe4f78b5c6a7329918512cfb0bf07021b8fb76e1fca4503fbfbe06bc6dd776710bac8b9e57295cfe054c91815b01bdbacb450751491bc512a0a738f9260970bf2ef481e9b1134537eec67a109545ea3933fc5895bd2bacedf8e52549c8579b826f15390562c0637cc6bdd54d1930994f324a3ff46e471b2b66a651c1651750c2f038d513e0049f3c2bc86864712b6dff80b832c7039c6b2b90d80bfc155599b8751c5fdc2e5cd928a070ece0cfe5832d9d5115e2ed9d9c4da773d4d846db1de129babf535900d85e8a5b08aea019bb64cdef8cf58a0218af39d25b27e4d26c299cf62d058515e39de2e4ebc153d643253d66b8843c47f8795e11d37f190599ee61c89f84b674f5ee9819b20ecf58bbf44821dac0b1e49d42d4369dc9c1ddc17bc813a0b0069ef5f657033277003c7c448a375e6d38fc602c644fdd4dd7d354901bc683bb08c630b1aac188afc674bbd17deb6ce9b97ab59fc5be3e246838a9f2a59b3d23362b3a79710ec4ef7cd85047910e2681350f77140737f56bee146be8723388222dbabe71f40c42c6a8390c85187ab013bd99c2322f9131e5e8ffb99c741b8ac55f698adb643ac78262b5719e4092c0184c990b463c8cc993e9d9250a976c3bd4711e7793938a02830b157f148f1113bb89d9d8b3f85aa8ad084027d4fde1723fba973c17115b9b3ce64d5c03d79a8a78581de2c76342133ef721600334b85984b0c3b9abb4c945538af9bd7120c591997a9d1e670b78f75fa430b9f0e66c675d674932798380c27a7af9d478b33669a207dc17abb1bf7c35718e53f2c549a74d65d3126c40e3ac9793742ec6a4643480d265daba1a6d7991311ba3ba20f6a13391ec14cef0f2b94a15d85a61ed1b7c3ac8876bf93777cb31c7f34a5cf41cac7eab910e7c6198b9506daccf362e7a84d13ef2cd5f192d0568cf18f83a7a9963622702d0b0f8a9a1c72ad239ec99ccb148f00b5682c18a838fdafd37e1b47a9722d8af15d20311dae3c482295755d661a91b8c49de39e54b689b5cd7704d6525f3c02916037b60bf1ad97640a88d2fa975dc26c2ccf01d57b0918005d2203677b8d5324683384f23e3237a4ffe544a9a46214c10601f88a18c2fa8dbe62ce019ea9a53fba8c3142797795f9486df7262f25f80f96b4bdfa7a64de723716fe13beeb8ea79fa8f9c80d00bb5b391587dcde3955e4d707d1463c69c2d62908f43e9eaf5c75473d4cd7b48eaec0febdcfbb752182e2fe9048dbb7b27d65422748dcc83d8bd7dc2fc6aefcc6d4337d5935289e57a0bbd73cc3fe69024c13deafcb1358d986ea47720a2dcccdd8be97626e6821ddcdda2966e37ce0900d4c4de88d7f0e8732b85c891857a00682a44c8efdafccd3250c41c09f97dc9f72f6b9b8addf98e64dafe3deb7babf4a2a7e2efeafe79e28d825b4595ad46a7199213b4c318f408df66022706b89fba65031f4664e04ec351e078821002e20dbc4985e76a8f1f0c6499e0a4eb220caca1aebc6bf83f9ca2c47206f3026bc22fd8a134916852b21d899c970bc6e71b8ef4aaebfa0bf95a940b9ab2dd3ca3db77f26cb8e849b2027ea64e090239c368eec0599f835520dd6387132f60ebcb2d2079a3dcf55844591f9c4aa8b369c6083675fc4f0859dd30d360f0692e81799f605ac136fc1e3ba0efb88c77fe5779d67a055388e24e313108f37329bee59a330de780460a6dc71a130af1ab92892881e3e25a35b1fa0511b96fde25bd405db741f3b38738e49c59a75f41cc26b5c34aeb76c7659a160faf37813239176bf0e47b0c9be25c884e60a0e55d3253ef3674717a527fac817560e51335e9c3b18a487ab79ce4d3c0fc03277367b27c94eae5a790e6a0dabdcc393b98ae78198a378aa709791e0ad01d335cccda768254c2859ba5184ac1c111c88e434c6888281e97ad0ef97c0b3082b22fc6521eea2c6086fef2416a0c32e3f924cab7af288bda5097969b40cb646f0b77b783bcf2741263a6800d29bc68bb36b89f95b5f492116d551e986dbee994cbe8bddaeaf8cb024aab160e528e7aec1e354d05fdf512ba3f72a868e31725371b27cf47e6fd8b61e21dfaf66c2206241a324239dab02044a3a9ba367caa3fc689ea76eca022272f2925852b881a8b6e81d3b21cb499659c536eacb3b1624b4b9d47a625a95ab947bdc106f61208430b6b3d7e87f4a18abe4074453e310884725dd31199fe7b492b8ab0a4fc64d4aebcc936773884bc7512b3ddd6fb822bb7b75b9e1597eb6395362b2d4eeb6909084900c0de27200b2f9b699f2db9cd0edab619a7f545746f40c8d8fcb12d40e0eb7f4604103fd52eec0f6d43477728d59c51ef5ebeaa5c9a4b9787f2465307380a0011d0eabe77bf5e37423b48b59f910f1ad8c05436a07cdbad9f61ff099279b84429d7836fb7279ca67a3c17cef69b417c6ac583570836b97ba8ffcc47ec3838039ba33afea8d2c8b8815bc0d7ecc4665f43b67deaec4477287b18a5093fd5877099e9dae01b229cc79083e6bb27a7552b5e39602a1b0c123c1659c1359500937d5390bbcfe38ff4ed55a4424c017fd05d1f752e291a7dc90ca123ce7af02c0d952bccb236563ed8006d7e642c35497007632877445e397fbffd29a43c95983b67efdcd04fae575479b138c93048f15768eae61e117b0f42a40ce3f1ad664f833a9c2dddde0826f988429099960100ddefa7b96bc3bb6918d1b6fd29e851e6a1d58c880c36c4e7d2d63f916b655dd8563e5cdeaa6041cc81e3d2e853927761a3d7a91b0cbdbfc89a725bae5b7c14c3fb6a74ef2aa259e38723a56c7d82da287f3aa1357d3380931109123f9b0c1250a7447a5327f6f11ce42b5f0269ea94547f9d18e34b32de7e55e47e99b113c7296a535857c4c5d8e624e672a692394aa2937461ac3f5d202ec652afbec1a44cbb38afa423d8a1cc6ff0d70a509bae6f07a4ea9062ae09da3ac26db55c5a4b2430f3967fa2b952597e6d0226f3a9ec47c1b8f1da16452cddc3d5d32eaadd569fe1e4d8af95027aaa689f113bb72fdb398bfdc3a6696d12b305cd8219522223b5eac1e00eadc6db5a52518339e78cfd6aafbda6251ef2ef7f317bccaf8df8ab14099dfd73a21ff89a591dfd038e7cd46e662156fe3b05cb6c7167eb8200a121a05118bc7f9e61812cff90726e0cdc9b5c0042426f842fffd045f3f466ede3a657767a6f985fdfdacecb2a99fc5992a2451d51b91465129eb54f532767a8b7097ca36e585d6c1aebafb92cf5467da3438c806d942bdcc67bed758d9e238a7488d58b1ffd3ae5034794d9a96f527b05aedd85bed353df22807395287233cb278772d567e8a00d4c9b4d51633d865b659921aca08d805a82d575f545fd850caed0949ded172b3b406038f000ec2cf0df7257335e38686a64e5099e55f4b57d04305b0ae91d39d49288907d126fa6e7cd134fc27fedadc0e41d193252bf029d13c247dab620cf9c635029fff178f654ca8e444f718cd944f1ce4feed3ce36cdbfc5c6c6cf0c3c1c4d80daae1574ce74ad0770238bb4ea5c7d6aa72587d20308a2dd9c3af0e9fcda48ea68e917a9f290d5358cf94c06f8a496a4c1a0a16a2a67bef07a9b5bae98bfc5536b3733260fbb3a2f6b1f7b17736a2ad9b44a2c87a4a2f9b80688ebe284557e205f7598320aa10c4fb154c5c033b71884daa6e3bcaeed8818fe85ca39277bd5139d58c188749db5bcdcf2737fcbec402b19a336e1d7386e2dc28c00f9e444205bbc99dcb8a31845f97227114ec36b98608efe42afaaee942c2d8fe3035b400c3155f9766044512b733800f4797fe8de6dc352ebc7cb0033f1434259ff9067133d9b863478b2ab895a8300cc913715c84114ffd21f22d3ab696f28272022dbbe9b36eeff0e8665a8f850c4897575aa2f0086a8312ec6f19763f132049961b138d7bcf9a9c0ba90050c8d59e01508eecac71ce4b5c737eb3ce93f2af6c0a9189c30fdde9ea5f8a73c2d579cf259e99d8a32c4d322b626b0dcdb8083dcfab6d4eb57d845bd9b93813d56b949ca5a67b3554e66526aff1fee4764c62bc45e201291e64f053fdf154190cd35503fde9e39198b62f08028302ca7325f4b4ad0ece5d7efe545987d5f7a7bfaad30202cd5abc00dd14938ff4218a01a8592254b33c7b32d3a386d942ab09c72b1ec6336e27dc17fc67e6ba92b6cd99e489fe89586cb832cbf269071233199559ee4cfda5a133d8832e084ba85617c1ef77017f8cc7876013114ebff0f0245029dce608f8a86c1c73a8ce3b58b8a9604023ae1c24a0833bf7d9818d8169305e726711fb25a46ce510a0fb8ab5dcd524de7437bb0b26c3ef4c70d5dac1c01798038b0b7d0049ae6eb1fd0add472b76c03f326a92f76371e65e1da47f02ad3b84cff0c38c756333e927c5f18c0a3355fda90a933c734af9ebd387efc5c90f523d45e1331bc02b6b65386f1706a47d4320b6990fed79e648d85c295178fe36b5b1251db63be3b16be8c3a11cc3c1f593382839812a58253cc1f826a7c42a14f68516f4b5258034c4b8dd31df41c82b2c89bf87c268ab1b8915ed88806e047e129b590bb1fb381c7f79ccff50868a9925f5ce19fddb41e7a6ff9220e9828d2cb5bef4509bfdb6365d804ff73c396eea42e739180d2bbd097b717c1b0ec2807b6fdcf04f7b361aa2876f6126860e4d84a85482a7f71b01a6d836ad83e886b57e727d54eb4d5b2c57bad52f39a2d807fc76be9a860d0d9acc2361dd91fde333a1bb0bdc77d9b1fd9a537a40e12090ee2c236aa7e04a699788f0afb8b2620d250a942ec3471bf3bb5ff77baa2ee463347ccdf63ff55d3dbd59ee7b43225966812840189a85be9e77529975258e44c3d40c046dc962ed51993266d96d1f7ac60bd5cb0eccc4df27958d7a23371ec699c31e8b32e7c34a9726b95329a9313fd0a5e1280fdeb385bc4c4cb43f34f59b0360cee138900db8c0b9859b7dce1687367e3258c0c8c02cbb260de8740435a0edb4073e6e0816b55f2a21693123d6d08ed478b17e05ff4b7b43991177e952c5a1895e054466fed8d3a2d2d54351ca2da8315729f242dfa59cbc457f5b64b5df90dcdd3051f4665aca22a3b7cdf66df9a3d82c5c908b808ef5b606e8a70a9bcd46abed11fb3f7a940e5280d64b53c26ea1fa1e7aa5d1b9eb700e047e1150a44d27e9fa2f72930af2271a7f4f33ec8ff9a6234c04d1813b626d775bb890685dffa08207e87f5af528a601e938f782c9fd57611f90c46e8cef52c4dd1b9eaf6eab74f951d374195ff142728f795dab16d48f99255bd1241aef1ab2922e8b98c037e44de901ee98ee90ff9295151068966e894a1680065646399c72257e6f1edaea592c116a810a59fa84d062cfe09aabf9daf2aa8c5552cd3c4583eeda46730328a8aa00f260f5c857f696ccaefef069b0ca1f9be96e5028ea00f0124ca242b250a841574ce81c30aae7845335017c5e485ccd929c24b2805400f0703407c52297588e1b1385b898ac4c0f218864b2196e4db21bba024abab0aea0d9e03761e9c0ac3692730d4dc8d4fd16d63b1b95392b02966c77845dd0561e8ec5546e7d8f58019299faaf578e490d29aacd9632564133424d03c4f724a71640556379d8b36aeb83948a38b4a8e686dbb58cd451116bc07f9d7096bb3543aca26a0b137c9f7a18fc671b8bc67158ac64910d61bde226c90c8e019c64478d18523c0a4a9ebd5a32954e8449793397d2cee8fedb8e89a0e63ef7202745d98180025a95f6ff6145cce98ded7428ad5462fee7188387a2d3ce89d200d1247b84a4335b0be3e48b7d219900d4797c18e993969b800ac8c9e8ceeaaa2815b838fbc0f57cd749371d3bfc63fbf0943b77df8e2269b157eea5b17bc13f892984f403efd5209961c787caf79bc76010f1138e5371862d42019f9202035094b5dce365813286319fc174da07dfc6ce6bfab89a88c246934adc6733202def3a862fe6840f141241d8320faced105448334f9b2309a716a0c74c375554f9fe4a5bf29018f48b59c6dd789e3955caaf001391ad5c6e2be1ade7a37635ad5501389cb738decff82d3175bfad92b8d0f50d5c818ced8f018b238d149c04cb422612e2c658966cafea77ae4a2a0eaa48026b3987372c041f7ba8411dd3f0eee2355f019f17b806f52d72b143cf9721b78bc099bfc57b1749586b748a4314c73819072abfb5b56bc9050aaed5a31304e0452b227fa2bddc33b55d71f530e83ea6f051536167bd637d0cb0246b074e6b7cc3a08ef1eceaaabc842f99db8851ea938535b049eb248e75ce2860045247d3695048a0f677daf9e47797bdfe19c1979a6beb70fc5eb99af8f65e587d73cfb14b4164e31ecc3283209c86f3f1a05d6ef8ca6682fdf049d3e3874e12a11ce39bf77d0b8824c78d3fdab6656c0693a0dfb232335de3f7bbeb3380501b770b77c8375fa0901af046086ac5b373dbf0d0d4f5d4ca048138a33dd475050c307f77986fcc6ec79bbcdf72122cbec8bfb5fa7e37c899166ecae3de6e1a9f14d097fced460db12572e7b41ca8028f20a37a8893bfc92824d13cddcd5343930a21e485ba05cc52806e57888454c7e08928769941fc007c710bf132c026c9bc5cd34b0dd1bc946479f0b5dabc4a858037d73ed5c83d8d94c4fa76912df5c868142548a9eaeb67fea1c9338ecb2a05c8f129ed11228d8175f0e9f248c066cbb0dedb3a0625938b0026e8cbdcec04ba5e3d0e2eef90f0c46af9d722bc17b3ca0e4e7bbc97f93658eb57a68c53cb5a00d94fa2432ef6ec8c32d87b8a58cfb60c5636d0d09b809670ae2e068e708e21c6cb2c72aa2b95b771e5d076aeff5a1aac9de57388edf1394e18099fa4424a44853c513395d47186aa285157b4a15acbe8fa3766f90bb52d37dc3ab3cb291fc01c02428b063541fe8eaa786e41a7bc39d9884ede36235998cd15a9b1cecbef4886d0b79636afd7d018bf28d8f4b4386ecc663aa32710e1446739f3a837f5424bcf0aca30c429e0071b960381a8cccfd9cd36c3f76e609d53fe17549a659dda76513ce2674a1fe203f292be577e9f47d824a49e943cf20177b8b3e593a7ce8c85b43db60fc368bd15e4de619ea63f49f8b4deb9444c9a6c54a1435cd6c1cd789bd363d9c6cda72b7e6c193542db0ad9898270dd91ea268847352d295046744d374dba4440a27825ec81f19a7cc0197974802f48a0326b76e72c54f4acb9322fe691a08f85c0e7d6bb9fd11609d97825d19297ed6e2721cbee92324d28e4e47c11214500cb17c8cdf75095b0327fa66c901027794df2de7ca1af1ec578a44a1271fd4d544faf1b293e52c196e264fc90545d8311271dcf1fa43ee04ad5b866d6552d9525e09da558a9dd7da8be8c06636ceae3db522db17ffdc84118eb45c564d258edda3e800210567c22f8916822e12e195b6ec6ecf415ae6672f115e002f40fb0addd153d7efe01e429bfe6c667f546320110f10d9525418a6ecf27695279df78eca5f82a14d7e9f9764dd377ffb33103e7992260b882837d0de268c19624ef42739acab31ca409cd26172ba916eb08e81c957e56d80ba0fca8da6659bc1e33c2cd2d778fc36c4b42163c2758c0e5f9f4d02c4c1dca2e3fa6f777926da4d226aad23a208d1e1e58117aadd771a4aa88776825e166986f3e958e9c3eb2fdd8236b4caa23799885ee877f9564780e64cf0fd2c0ed2d904467566c514b24bf412580aec6b6fb9f55c9cc90480f870332bf4f650c1efc52d29076183163e79bc67f6f2d6ee1976fb00e9840bf6a92f20f4e5aa7bc1061e99add7c25e4c75d477b680ec0f19576b4c43e5d8f4bf5da1861b065eb50f4361ec3554bd7c1f7ec18b3c4510c31e51afdac40e78de077e4392c47164ce41458b768c6014e00b3614276147df64ed33242bc85163b65610809764983e117d7bcc4845ccda2c9beea259c9f369e2c58e713fdf08f6e377095a3a4c3028c016a01fc280d9eaefcfdf4c15cb96dcea6e9e349488a58dc3a529d372e64a788742447156543854acaf45bbedbf842cba8c8598c84f120300b6c583c725852a3ecdc9ee07fa2338c2c4e96a7f5067f9f6891d5045be4486c663ac35a80d3bd7e1cede8c78de7fc09b92ce3f3245404502013e7ba4a2326264ab10a443be6a6e86b61b004115f1d5db953b4a563fc9bbee76b2b9b27edaf131849c3fdabd8eb1ff80f649659031ea855046ca07d9f559bdbfe999eb8a0d2e4965dfe5f859ea83c5e5fa69afb7481f069363d490b8524f08b6416790dd4f8f9ef78e642708f7fdccd3bd757f112f817515563fc0926f751065556bac668768d999026ef7bde90579f39fe0c55785f5e95a0c31f732dbfb8743b8ed9d61183dc7264edb80260a0f6f107a275dcb5983b450bf8c21660e842433730fb2f32799c66741b36c7c414d84a0fa0653d71aa0a96551866603515701b7caffb2bc1c86fb3751f7ca1e9e69beb865bf34402ebcffec3dfa5813bb5e7aeaa0bf72f9f52a9e12ad19e8babbc2a3196ac56f8efb1c254fdbee2779723411bd4fa35e298deb2b23162197473df5c9c150b70027e49f05e3d0905133c87a1d6f39eba50159356a7dc179f6fccf461aac8416c2f2eb914587df9c4cef4bc171df5cf569983b5315b0c284c97662ce100fd4da1567a0aedb13cb051ba7f50616243e0ab865e92440d2b7dd5bc7f1248554c641a101230487575b8daa3dcdad23cba379a5d3d064fc679d9ff56997a93ccdce2e7afd76f848fd3a753cc7056ffda235a5efaf2f10dac4d056f0baa51f01a0ffbc547ece5434b5099b7c5fe62413121139e55ccefd18b3bf8cd3962b126ea1d68c808ba60b56da8467c360fa88d85cecfa47d9cef26129c0afe0a28b43a1bf5bf714aa4ea2dae3ce9bd86ce6764f29b232148291fbd2ebd3a213aca4b101dbab579e82624fb0148d9572fe41347fe711967544aeab03b219789e8c0aaa49fbfcb1", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0xb0, 0x0, 0x0, [{{0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}, {0x0, 0x0, 0x1, 0x0, '\x00'}}]}, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r5, 0x11c, 0x3, &(0x7f0000000100)=""/77, &(0x7f0000000180)=0x4d)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "ab387c589872ea7e", "154b638301000100da2301b70eba0e80", "4d6f0211", "fdffffffe6ffffff"}, 0x28)
sendto$inet6(r4, &(0x7f0000000340), 0x0, 0x8000, 0x0, 0x0)
write$binfmt_aout(r4, 0x0, 0xfdef)
write$binfmt_elf64(r4, &(0x7f0000001740)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)
close(r4)
write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x3, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
socket$nl_route(0x10, 0x3, 0x0)

12.469496485s ago: executing program 4 (id=1524):
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000040)={@remote, @private, <r0=>0x0}, &(0x7f0000000080)=0xc)
r1 = gettid()
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r2, 0x227b, &(0x7f00000000c0)=0x2001)
r3 = fcntl$dupfd(r2, 0x0, r2)
readv(r3, &(0x7f0000000480)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000040)={'gretap0\x00', &(0x7f0000000380)={'gre0\x00', 0x0, 0x7789, 0x40, 0xe, 0xffff, {{0x1b, 0x4, 0x3, 0x0, 0x6c, 0x64, 0x0, 0x29, 0x2f, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0xb}, {[@timestamp_addr={0x44, 0x1c, 0x49, 0x1, 0x9, [{@multicast2, 0x8}, {@dev={0xac, 0x14, 0x14, 0x38}, 0x6}, {@private=0xa010100, 0x6}]}, @ssrr={0x89, 0x13, 0x4a, [@empty, @dev={0xac, 0x14, 0x14, 0x16}, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1]}, @lsrr={0x83, 0x27, 0x3c, [@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @remote, @empty, @broadcast, @remote, @loopback, @multicast2, @rand_addr=0x64010101]}]}}}}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='net/igmp\x00')
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=r6, @ANYRES16=r5], 0x20}, 0x1, 0xc00000000000000}, 0x0)
ioctl$VHOST_VDPA_GET_CONFIG(r5, 0x8008af73, &(0x7f00000000c0)={0x0, 0x22, ""/34})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x9, &(0x7f00000001c0)=@raw=[@generic={0x3, 0x4, 0x8, 0x5, 0x4}, @alu={0x7, 0x0, 0x6, 0x0, 0x3, 0x20, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r7}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)

10.185105689s ago: executing program 3 (id=1529):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000001200)='auxv\x00')
preadv(r2, &(0x7f0000000100)=[{&(0x7f0000000280)=""/48, 0x30}], 0x1, 0xfffffffe, 0x80000000)
ioctl$INOTIFY_IOC_SETNEXTWD(r2, 0x40044900, 0x5)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x85}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000800)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x1c, r3, 0x329, 0x0, 0x0, {0x16}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x0)
syz_emit_ethernet(0x92, &(0x7f0000000180)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x5c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x17, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x1e, 0x4, 0xa101}, @sack_perm={0x4, 0x2}, @generic={0x0, 0x11, "69fbd54ae5c72f55270fb651aa9d2f"}, @sack={0x5, 0x12, [0x0, 0x0, 0x0, 0x0]}, @fastopen={0x22, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @mptcp=@remove_addr={0x1e, 0x8, 0x9, 0x0, "d3bfd50362"}]}}}}}}}}, 0x0)

6.887202273s ago: executing program 3 (id=1533):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120108000000000d00000000000000000001090224000100000000090400000103000000092100000001220200090581030000000000"], 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_connect$uac1(0x1, 0xef, &(0x7f00000002c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xf5601c12bd913139, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xdd, 0x3, 0x1, 0x9, 0x40, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x8, 0x20}, [@feature_unit={0xf, 0x24, 0x6, 0x1, 0x1, 0x4, [0x8, 0x7, 0x6, 0x2], 0x3}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x305, 0x1, 0x6, 0x9}, @selector_unit={0xb, 0x24, 0x5, 0x2, 0x2, "92b4dc9d687c"}, @feature_unit={0x11, 0x24, 0x6, 0x5, 0x6, 0x5, [0x6, 0x6, 0x8, 0x6, 0x6], 0x7}, @output_terminal={0x9, 0x24, 0x3, 0x5, 0x1ff, 0x1, 0x1}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0xb, 0x2}, @format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x8, 0xb, 0x74, 'u<Y'}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x7, 0x0, 0x5}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x7, 0x8, 0x4, {0x7, 0x25, 0x1, 0x81, 0x6, 0xed}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x9, 0x24, 0x2, 0x1, 0x5, 0x3, 0x5, 0x9, "99"}, @as_header={0x7, 0x24, 0x1, 0x10, 0x6, 0x4}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x9, 0x0, 0x9}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x1, 0x4, 0x5, 0x9, "f98de95d"}]}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0xa1, 0x1, 0x4, {0x7, 0x25, 0x1, 0x100, 0x9, 0x9}}}}}}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x110, 0x8, 0xc4, 0x4, 0x60, 0x4f}, 0x3c, &(0x7f0000000180)={0x5, 0xf, 0x3c, 0x5, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "286195a287b2e989c9e37275e2c76eae"}, @wireless={0xb, 0x10, 0x1, 0xe, 0x91, 0x3, 0x0, 0x9, 0x1}, @ext_cap={0x7, 0x10, 0x2, 0xc, 0x7, 0xc, 0x100}, @ext_cap={0x7, 0x10, 0x2, 0x1c, 0x3, 0xb, 0x850}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x3, 0xfc, 0x5}]}, 0x5, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x40b}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x827}}, {0x8, &(0x7f0000000500)=ANY=[@ANYBLOB="080328562cdc26e86d7c4f6991ef16726481d77ec191c05bdc64fcd6dd9fa79f02ff1658436e1f43ca483b03cb552709f331c7c2d6693eba1b0f10d66d79820b8c3f92f9f394af7c5e863de1762b434deb41696bd0f109f2b3940b2fa7d7e7faa3e3a312a10e3f2436aac946bb488d0381c87316d4ce3578578e273bafabfa3455fa3d81377b4792243f6623f5d499d55a543dbe556767ce6b5cc301ac7d30bf3cc55a690cbc18058915fe308f33e085b22611e5"]}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x827}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x410}}]})
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000600)=@mangle={'mangle\x00', 0x4, 0x6, 0x568, 0x0, 0x0, 0x378, 0x1c0, 0x0, 0x498, 0x498, 0x498, 0x498, 0x498, 0x13a, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28, 'HL\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@dev, @ipv6=@private0}}}, {{@ipv6={@private0, @remote, [], [], 'bridge_slave_1\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0, 0x48000000}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'bridge0\x00', 'macvlan1\x00'}, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5c8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}}, 0x4)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "0c959905"}]}}, 0x0}, 0x0)

6.764083124s ago: executing program 1 (id=1535):
seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f0000000100))
seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f0000000180))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
io_setup(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30)
write$binfmt_elf64(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x2000004, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRESHEX=r3, @ANYBLOB="2cff66646e6f3d", @ANYRESHEX=r5])
chdir(&(0x7f0000000100)='./file0\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f00000000c0))
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)

6.173827919s ago: executing program 4 (id=1539):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1800000007140100000032c83a1100000500420002"], 0x18}}, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x0, 0x168, 0x9, 0x0, 0xb, 0x2e8, 0x250, 0x250, 0x2e8, 0x250, 0x3, 0x0, {[{{@ipv6={@mcast1, @remote, [], [], 'macvlan0\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x1a0, 0x1e8, 0x0, {0x0, 0x28e}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@private1, [], @ipv4=@local, [], @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}, [], @ipv4=@local}}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@rand_addr=0x64010100, 'dvmrp0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'veth0_to_bond\x00', 'caif0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}, {{0x0, 0xfd}}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000080)=0xc)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)
setsockopt$inet_group_source_req(r3, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
setsockopt$inet_group_source_req(r3, 0x0, 0x2c, &(0x7f00000006c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}}}, 0x108)
prlimit64(r2, 0xb, &(0x7f00000000c0)={0xb960, 0x1}, &(0x7f0000000100))
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f000000b880)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000002c0)=[{0x0, 0x3, 0x0, 0x9}, {0x0, 0x4, 0x0, 0x4}], 0x10, 0x0, @void, @value}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r5 = timerfd_create(0x0, 0x0)
readv(r5, &(0x7f00000031c0)=[{&(0x7f00000020c0)=""/4088, 0xff8}], 0x1)
timerfd_settime(r5, 0x3, &(0x7f0000000140), 0x0)
ioctl$TFD_IOC_SET_TICKS(r5, 0x40085400, &(0x7f0000000080)=0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_READ_VERITY_METADATA(r6, 0xc0286687, &(0x7f0000000200)={0x1, 0x8, 0xc2, &(0x7f0000000500)=""/194})
ioctl$PTP_SYS_OFFSET_PRECISE(r4, 0xc0403d08, &(0x7f0000000180))
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020007800500150000000000080012400000000011000300686173683a69702c6d61726b00000000050005000200000005000400000000008b3527d4119e1553306931fc4e7625b49e90f25ed613a404b7066753b9be1c9d705de13a7ae5110149be7b46a0a08d317d1fc8536ed97db100a8997cf086e476f02256ccb1f4dbf1db5de75068300e38d9b6baca0780bd9f32d4aba1a1a6c24201f2b454d702a2443e10cd6a51c8b1aef87ed3760bccda1c8651cb905c240a574859d7ba2385640e58eb6b173eb18d73"], 0x60}}, 0x0)
syz_emit_vhci(&(0x7f00000004c0)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000400), 0x208e24b)
accept$alg(r7, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a00060004000000070093f10ffd2fb2f181a04782296814e1aa3a60ee8f"], 0xf)
socket$nl_generic(0x10, 0x3, 0x10)

6.169960852s ago: executing program 1 (id=1540):
r0 = socket(0x28, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x10)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380), 0x13f}}, 0x20)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x4000000}], 0x1, 0x1f, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000140)={0x0, 0x0, "817e63c37863ac06f909a7aa6f1cffe4fad674b47b089b1e4da2ed7bf4e829c7b7d15e0fed6b8c601113e94cf6d4bc5ce88cce23d3f7e5ead6bd812ba1da90dbb18300bb91a31bd916d3988393691c77ab9ef17e0fd77ce067f0e5b8984e716605eca9f3ad2f9f7e98a26e7921642c58e6e875076cac3e3df8286f09b6bb2f4ea38e949573d2234a56a953823f783513d33438fb3e69132872375265ce73e6cab4664f1d6190a50439e04fbf3df74ccbebf24b20765ea70296d49cb260fcc2252f3de0a6a9ddb0ec35ea4038b7781826acbe10981a0c26064d60b57c7ddcf756e7fd2eaf4bc35397ac2846d5b4aa80c1eb7f7255e6192315c8e96f16e1f291f0", "d196eeb4ebf971cd7208bd28e0265105c2274c4dc974b525ee8c2257c89fc781bcc47d111185998d213f7b1937c8b2e96e101df8a4bacb5241cbcf4f4300c64cbed7520168092c2996b3ed90b5f541bc97315878c2cda7ab6c5b66147d14356b995f6e46706472b6c2ec42431a14411dd13e74f65932c835e79fd8f832e10c7f0cd80e96d89c1039e2aebb5af082e349b20dcb12e367bda52e25481a7954aa18190b10b8e464ed561d4ad5897e6115124715b8394e6e8517b8b32b4c01487f9c226a3478030f00f2a940ce3896e1661b6f29812b1bfadc9f8e76e836cf702f4293d26f0eca6a518d81219ecaee4c0ea71e99e083c217e7e57a7c9743d833ce231ee1cdb48f87c521e30138e6c1213bb9f1d53df176a13074e99e82bd1bfcb0b2871821c0ab74bc95245fc8b18ab7c5899310ec89ea3c8f3c972ad58af2443c62197f3c3322b77b1dd1b004a9915b53a1d7a2a8886401991b352cedae1134590434fadd5e72cb75511b885a4a0e5489eae6a2fb8c941351eeaaab150afaec72500a3ccad4076d1c142cbc5b34e1beaf2f5304bef86c951e3bdabd3e970b74829edb5628a528b6ff41389741c0c618452828f188f11fd549a6ef6bbc3c8e6b0b08bf77b536d1f1dcfe381de08333eabe8708cea871712c7e09a965701ddc2476fb8f424ccc82c54d5fdf06acfc0903a82a80fde5988002bdb75cf508687e549c2c08af3fe5bda366a62372c9622eca7eee997d89cf4a63247882dfc45d16fe01e262cf852a2660e2682c61b7a86ad90c48cc933f270e0b29381301571f9987e574d457648336128365f141ab967671b6924832a252fc0b2691fec341f595d6ab2538c6569382d5ce0b24f254cdd563391b2b8148a7d227f164de3de023e9d6d545ae63b40c122da0722d26c54dd3acd5e06028356e8fd2c05de0fb0c9f34a70b6d07a505270299bfb4eec84df48d4d301ad033ceea73d0626c9c9eacbfd5fc83df879637f955918c0c9232afd750cf89dd46336d0e699a26c49e101513643f69cb601765810e816561b764bf60a0bf6e28085a542f343f6a7c8427212650b31cc23591b5cafd6e58da01327e86ca9366e442c1e88d5343ba1f5a4ebfcaabae67a158cef58ddf4b56cdb851185a3f7c1a710be4faa124030070de14988618991ca01a3ca109925f99ab5ab1cb456ba82f030db5da279b1df8fde1898483ca4494d57416e732d9c12d0a9337aa0216d08f9dfb76b8cd35b24ab8aaa6b070ca8515c1334c42f31b8fbd16c3a7ef6adaaf6068569bed9f48a16a389d02b0b7910f0fef609d5c57260af0910de5a59dfa8849e310b02d6a289cb4f4e0dc765f28e6516514ae9240b5e8227df4f7e9bb135ee669818223cb0ca68037b8a83ca9c3c220941a1008757b85af5381fa45f6d2146fbdcf1e10d2172cbd3f1ef5fccbd5235e497f30007de63481a213c5e8e73e96dc45b3be82d4a047144846be6e0cf2d69b265bf7f8ba7e3042f33c3bd2f2b469357070014066b95e55ff32286ef57eb677a9b357b17d667263df768b11a189c1c39c9d00d5220b5016f5a0621a4a9907d438b24d9b98ca02c41c70abecb34e48332e52fde63296fd39afe95795c10117b3f26c80a0df2d171a761a614e1a4ad6cde254737450fe45c8d0171ac788f2bf2334bfbb1e23b2cc065b794899272848a2582103ef58634d9cef554edb3b74a6ad81a96743af3ff7a8d9e635aa4cc262017ce65d566568a64d01bbd41ad391e9a494cd368e36f9ad19ad5d7df50f5698a381bd4f7f97483be38f4e8e997a9edd827762d445136bd6e0ab086cea8918053d2f7d4d1a734d48a01d41c085bde3c17563dcebb7d7662c54a77af595bedc7bb3e259c9066154a5f5e004524e37311e349587d5824ee81ebf0c64f2890fb5edde80040787e6bdd1efe70797b16255a684f92e52cbd290642a18281fe9e4de00eb16fa9adaeedb85211e6a2f759761b6ea8bfc488ac67deccbf20002b1d43d1c89bed76722c5e22d88f98bb2e867b36676e81ef67c07b097f12282e260323022c331ea9ae3ba40abc9e8e5fdcc636bbd1d166f0935c91a90572f260051f10c0443a8f7623478628aaf527f96a674d1d82335c9295071f425bc11a8ab3ff482f152fa2fbad5d7d764e5b6af0e35871f6687031e19a7a5a238cdf075f42c9402e7c19227903e6eaf20cac1887ecb126f696a52de0f8ed05c6fc695142a7b991bca2bf7e6ffb7c47ee6630c4fb69f5881fc0fcef2623e81e603f977da4a48214ca1db03b497a89a7aa55edd0260bd5e3213365eb004846e1a3e7303adef7feff831eb37b7b0276b19a5ac71d6962bdbba7927470ef254591f1d795e593d212a0197265a8d3daf4324d2ecfe1b6ff7308ab5c53c1688e48938460dff849c547229770314e9f4188857c78d92859c2df93a055b757e8532adbc04c73a93d1b11aac9eec7013563bccc754404187bbc15309bff6b029984162907c00cab4ceb0f04b9ebb78a83e7a4fb7bdf6d42c703431b4a52612b54edd88a4dec05efe48355ecfc1bea9060e720af33e27223f502fa03ab0696afa6a407e6557f9b1f732ca8e7571e651af3475f677a97082692efd0d82bf5ff92e7535b1719794c18a44c6f6f0247ecc1d71fa86bdca93470574c4e7ffce183ed8faab13705b516649edead5646f43b4abcb78d2b7ba5cb5c332ac63b16e94c7236f888d986e4d26676b5508576e5c80101453a9ff15fe7eb0a8745348362dae300f8b9762e4df50f0a47eac1e6935ca439d6ea25a272d149735fea918ad713266b4c6a9ed82dfb5b16e800bfa261c551059740e33de233269096913d0962ae9b89e1cb9b8934641433990fe6f927dcd174c5d249019768b7d9c366457c287da6e25452ae7a8e078b78ca2655377d711ac99081e336dc7a55ccbaca11bedd82db33cd88c9b4b6e4e2291413ba47e5961cc2ee3a20815aa78479da79c6799a7b07affa66a1c34bb192ea9237ffed5ba8eb3034d0d15574e43cfbfcce55c78279de6c5179cbf8bba083c3109c6cec0613fcf16685a343b1ddae515ff5a3fcec121c43a9cd5427e4f70df3eccc82ddd667bc7db330674fc7a9cdd07c3d705663c4ee34f963aacf88cd8c8f9c9c0f5243ae246d8aa063dc0c1e2b1ae03b1c055c7e6cfc80c89e0ce2ada041625f7da04e528e28d20e04e9af3b64cdd4a3b85216e2a4765b2942bad3c7c6f8b336aabf7f0b72667e2418ca59161b03b6a1bb334ce9356fcd5956a9d18fb28d10f5fdc5bd670ce86ae9cf1753a6514e486dd6aaeed5597df47c523faa75a760ee55840075eec84ee089fe0dc8cf50ae3e44bfa9a2e83f90e91741f08e05f47f88df23b221150eff44e5d271208e78962dad72525e770dd918cf1ecd5b64c8c041d9ba71a212eab58d00bdbe7adfa596bd14477372b5baa0f95cdb22dec140cb0a475cb261f70563930137eb300b99fdd4c4e878cd694f0fd8ca59d08bd04e1a3fdb4fb83335ac0ddd654044040914d8ce0c88e0d6312dcf1ec1a628f260bcf9b846720030973b1479bc3433c83ed0db07ad7666fcb08986a1bb94e9bc05b22a2e5a1aae1a27e3e9b0fb2a9292bed25e3df7ca0d9a521c7b2ff44256bf582062fe78884e9ff1231c49e30bc97b2af30267a270c4d8d3d2594309b1ed12aecd495f081048604feaf0bed7aa3462d1163df21b6ee6af1168aa1a8c132271dd02e9ae253dd786846cf5632218d95945dfc7d5de5b5c2fc7f75341f3606078bbf742cc72e4ffc369409e6b0bf5eb37a131738a639898048d46b83e56b564935d08b9aa776c2d098f88a8db29de35ca634b1b44c0b0e73d79a70fca34c483acd2f62c35d4a23411b8a983d0aa2fceb4c8dc3ad89592c23201a20d77a95dfbf487cc25653af88f04c3229444c20567f690c21cff5c336e225cdad4d1cdd4193ad632cda78a8b4ccea93e4cc718fb5c9389e62e679ea08e73086ced5d6bbaa3502f3e7eea3d4a0dbbbebf971b83c04e74ea7300ae0a8dd4ccfceda3d4e7ffee772b6c5561e542bf2766fca45757f35128877c91ed175a272b14c6362a01927e0c39c9c974acdaedf22177e6ce23466c489ce0c99b59688ac0bbe43a5ec9cbfa590bc2e0bdc3a408b32ca0623d110ab416c9fa4fa0a32dd3c52cd7350abd3ba060df121fd90e641e76ccdc37323c648e23e3fb36fe6a111f15492061b02d1a6c3bbed2c3fa7872e1fc3c68fbf5aca5f502257913d9a82700bb1f91b242ef777b338d992e14930744e52cc72f0e3557d8cb9a1e8949acae7b34cf642be12fe4e429376bcc544c1ea56537c06de619b90424d4c40782800358b61da9070710e9873cd19425f9b746e3c42f064a429dbfbebc74f7fc7b732e104ed97dde68c1acc2bf21e42b57201ace6c08016750092bc81d48067402d84c4f7fb0fdae6fec41bf66daa19afc07b5745f1efe87214494252cde8807c13eba65400eac97db1079f5c468ffdf3213a7f87be3d83e2d5a9337154c1e3a832e987cdc9585f36bff0e1d62d4035947b0eb8e13b02d961ca4f1ae71871d043b47f5132fef76e6b3556ed65b36dda96c2c319793723e9383d8f663b20b86b8a245c492a9f38fbaef561d2ea109684596cea7fa69fbae0cce48daaf2c65011381ad2b0bc23bd50585b399fb35c453c8f0a5d9b80abd784f45cf55af476442a08d15334c1f1c479aa2ba9d65d71b00f9dc34c425115fa179b126efae40091c7cbb8c8988f5662c8de3a089b446789a6d27740232e3617dc2907e299353814ed3878a8e4d2b36dce3353412569e5015ae0e8e251ae8adfdb4b76b48d5394cf91939ac96387ccbfc4be2ebf7e4546b4d72450b4c66140fa5c82bab6efee04779ade9cfe864f56997ad161d390a6281a1802fd5edcfe3d939dd4b5f403694df75f06091e81692d9e647a7bf22fdd84b4091a10635e74497c64509f9c1a7633bf068f2c4a7025387ac9d5d4fc35f7f74ec348c465e87cf5a55ccdbea0a23f8ab5908e8b4927d274130b8b9f9e93b7e3e74ea21e5bba1d89e731741ea41cddf310b422301c4eef12b1f386c503b916e2a384d1900072f7888083d4758afaf8b402eeaa203358f44a311e46928a2133bd937310fc2d16ea5bc952ab34b79455e64f1e419d5ef3702578d6ee2756252dabf4d932f963ff374eba4b30cfe38373b6257983e11d6db3891b4f4d5a0e275b6dd62f2c070805a5773064ee9a2aaa4595c57c8e5632b8b4f91de1e99c86e1e10c462c0cdf48e546cf6c0f7b631d556527905b4586c156d70d187a9c98d0ea701467a6208261647259151178c3be45fdc604301d05b6b75f5f13fa15583ff9600631b327caacd22e62bb5c9e7f086e8ab9dbf7f6314c33b1d455dc1bbea076cf80c0490c9d442a62d44e"})
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x952f, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
connect$packet(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@noextend}], [{@smackfsdef={'smackfsdef', 0x3d, 'overlay\x00'}}]}})
connect$packet(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

6.153495001s ago: executing program 0 (id=1541):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x11, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xfa}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_EXTHDR_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xdc}}, 0x0)

5.887688229s ago: executing program 0 (id=1542):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003440)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@rthdr={{0x18, 0x29, 0x39, {0x1b, 0x0, 0x1ec350a8dcb8e3ee, 0x4}}}], 0x18}}, {{&(0x7f0000000580)={0xa, 0x4e22, 0xb4, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f0000001a40)=[{0x0}], 0x1}}], 0x2, 0x40000)
getpid()

4.962076607s ago: executing program 0 (id=1543):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[{0x10, 0x119, 0xb}], 0x10}, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c02000058c790780000"], 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[], 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000780)={'vcan0\x00', <r5=>0x0})
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7ece1e40ad8871461ab0800", @ANYRES64=r2, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x4c, &(0x7f0000000080)=0xcdb, 0x4)
connect$unix(r7, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f0000000180))
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x4052, r8, 0x0)
sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x20000600}}, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@IEEE802154_ATTR_PAN_ID={0x6}]}, 0x1c}}, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x4})
socket$isdn_base(0x22, 0x3, 0x0)

4.858807687s ago: executing program 4 (id=1545):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a", 0xa}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x0)

4.851087795s ago: executing program 1 (id=1546):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000001140)='ext4_allocate_inode\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = userfaultfd(0x1)
fcntl$dupfd(r5, 0x0, r5)
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
r6 = syz_open_procfs(0x0, &(0x7f0000000180)='smaps\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r3}, 0x10)
close(r2)
close(0xffffffffffffffff)
ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000140))

3.987450579s ago: executing program 0 (id=1547):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(0xffffffffffffffff, 0xc0045540, 0x0)
r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r3, 0xc008551a, &(0x7f0000005480)={0x5})
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000), 0x12)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1)
setresuid(0x0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x2)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0x40000000, &(0x7f00000001c0)={0x1, @pix_mp={0x0, 0x0, 0x48524742}})

3.894331671s ago: executing program 2 (id=1548):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@func_proto={0x2, 0x0, 0x0, 0x4, 0x2}]}, {0x0, [0x2e, 0x5f]}}, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (fail_nth: 4)

3.859477287s ago: executing program 1 (id=1549):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x2000, 0x71, 0x10, 0x65}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2) (async)
mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0)
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async)
syz_open_dev$vbi(&(0x7f0000000240), 0x1, 0x2)
write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYRES64=r2], 0xb9)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) (async)
r3 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x100)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x40045730, &(0x7f0000002780))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
recvmsg(r4, &(0x7f00000005c0)={0x0, 0xfffffffffffffe7e, 0x0, 0x0, &(0x7f0000003e00)=""/4102, 0x1001}, 0x0) (async)
r5 = dup3(r1, r3, 0x80000)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r5, 0x89fb, &(0x7f0000000200)={'sit0\x00', &(0x7f00000001c0)={@private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xe, 0x16}})

3.780070305s ago: executing program 2 (id=1550):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x28, 0x0, 0xc, 0xc, 0x4, [@func_proto={0x2, 0x0, 0x0, 0x4, 0x2}]}, {0x0, [0x2e, 0x5f]}}, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

3.627774326s ago: executing program 4 (id=1551):
r0 = socket(0x28, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x10)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380), 0x13f}}, 0x20)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x4000000}], 0x1, 0x0, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000140)={0x0, 0x0, "817e63c37863ac06f909a7aa6f1cffe4fad674b47b089b1e4da2ed7bf4e829c7b7d15e0fed6b8c601113e94cf6d4bc5ce88cce23d3f7e5ead6bd812ba1da90dbb18300bb91a31bd916d3988393691c77ab9ef17e0fd77ce067f0e5b8984e716605eca9f3ad2f9f7e98a26e7921642c58e6e875076cac3e3df8286f09b6bb2f4ea38e949573d2234a56a953823f783513d33438fb3e69132872375265ce73e6cab4664f1d6190a50439e04fbf3df74ccbebf24b20765ea70296d49cb260fcc2252f3de0a6a9ddb0ec35ea4038b7781826acbe10981a0c26064d60b57c7ddcf756e7fd2eaf4bc35397ac2846d5b4aa80c1eb7f7255e6192315c8e96f16e1f291f0", "d196eeb4ebf971cd7208bd28e0265105c2274c4dc974b525ee8c2257c89fc781bcc47d111185998d213f7b1937c8b2e96e101df8a4bacb5241cbcf4f4300c64cbed7520168092c2996b3ed90b5f541bc97315878c2cda7ab6c5b66147d14356b995f6e46706472b6c2ec42431a14411dd13e74f65932c835e79fd8f832e10c7f0cd80e96d89c1039e2aebb5af082e349b20dcb12e367bda52e25481a7954aa18190b10b8e464ed561d4ad5897e6115124715b8394e6e8517b8b32b4c01487f9c226a3478030f00f2a940ce3896e1661b6f29812b1bfadc9f8e76e836cf702f4293d26f0eca6a518d81219ecaee4c0ea71e99e083c217e7e57a7c9743d833ce231ee1cdb48f87c521e30138e6c1213bb9f1d53df176a13074e99e82bd1bfcb0b2871821c0ab74bc95245fc8b18ab7c5899310ec89ea3c8f3c972ad58af2443c62197f3c3322b77b1dd1b004a9915b53a1d7a2a8886401991b352cedae1134590434fadd5e72cb75511b885a4a0e5489eae6a2fb8c941351eeaaab150afaec72500a3ccad4076d1c142cbc5b34e1beaf2f5304bef86c951e3bdabd3e970b74829edb5628a528b6ff41389741c0c618452828f188f11fd549a6ef6bbc3c8e6b0b08bf77b536d1f1dcfe381de08333eabe8708cea871712c7e09a965701ddc2476fb8f424ccc82c54d5fdf06acfc0903a82a80fde5988002bdb75cf508687e549c2c08af3fe5bda366a62372c9622eca7eee997d89cf4a63247882dfc45d16fe01e262cf852a2660e2682c61b7a86ad90c48cc933f270e0b29381301571f9987e574d457648336128365f141ab967671b6924832a252fc0b2691fec341f595d6ab2538c6569382d5ce0b24f254cdd563391b2b8148a7d227f164de3de023e9d6d545ae63b40c122da0722d26c54dd3acd5e06028356e8fd2c05de0fb0c9f34a70b6d07a505270299bfb4eec84df48d4d301ad033ceea73d0626c9c9eacbfd5fc83df879637f955918c0c9232afd750cf89dd46336d0e699a26c49e101513643f69cb601765810e816561b764bf60a0bf6e28085a542f343f6a7c8427212650b31cc23591b5cafd6e58da01327e86ca9366e442c1e88d5343ba1f5a4ebfcaabae67a158cef58ddf4b56cdb851185a3f7c1a710be4faa124030070de14988618991ca01a3ca109925f99ab5ab1cb456ba82f030db5da279b1df8fde1898483ca4494d57416e732d9c12d0a9337aa0216d08f9dfb76b8cd35b24ab8aaa6b070ca8515c1334c42f31b8fbd16c3a7ef6adaaf6068569bed9f48a16a389d02b0b7910f0fef609d5c57260af0910de5a59dfa8849e310b02d6a289cb4f4e0dc765f28e6516514ae9240b5e8227df4f7e9bb135ee669818223cb0ca68037b8a83ca9c3c220941a1008757b85af5381fa45f6d2146fbdcf1e10d2172cbd3f1ef5fccbd5235e497f30007de63481a213c5e8e73e96dc45b3be82d4a047144846be6e0cf2d69b265bf7f8ba7e3042f33c3bd2f2b469357070014066b95e55ff32286ef57eb677a9b357b17d667263df768b11a189c1c39c9d00d5220b5016f5a0621a4a9907d438b24d9b98ca02c41c70abecb34e48332e52fde63296fd39afe95795c10117b3f26c80a0df2d171a761a614e1a4ad6cde254737450fe45c8d0171ac788f2bf2334bfbb1e23b2cc065b794899272848a2582103ef58634d9cef554edb3b74a6ad81a96743af3ff7a8d9e635aa4cc262017ce65d566568a64d01bbd41ad391e9a494cd368e36f9ad19ad5d7df50f5698a381bd4f7f97483be38f4e8e997a9edd827762d445136bd6e0ab086cea8918053d2f7d4d1a734d48a01d41c085bde3c17563dcebb7d7662c54a77af595bedc7bb3e259c9066154a5f5e004524e37311e349587d5824ee81ebf0c64f2890fb5edde80040787e6bdd1efe70797b16255a684f92e52cbd290642a18281fe9e4de00eb16fa9adaeedb85211e6a2f759761b6ea8bfc488ac67deccbf20002b1d43d1c89bed76722c5e22d88f98bb2e867b36676e81ef67c07b097f12282e260323022c331ea9ae3ba40abc9e8e5fdcc636bbd1d166f0935c91a90572f260051f10c0443a8f7623478628aaf527f96a674d1d82335c9295071f425bc11a8ab3ff482f152fa2fbad5d7d764e5b6af0e35871f6687031e19a7a5a238cdf075f42c9402e7c19227903e6eaf20cac1887ecb126f696a52de0f8ed05c6fc695142a7b991bca2bf7e6ffb7c47ee6630c4fb69f5881fc0fcef2623e81e603f977da4a48214ca1db03b497a89a7aa55edd0260bd5e3213365eb004846e1a3e7303adef7feff831eb37b7b0276b19a5ac71d6962bdbba7927470ef254591f1d795e593d212a0197265a8d3daf4324d2ecfe1b6ff7308ab5c53c1688e48938460dff849c547229770314e9f4188857c78d92859c2df93a055b757e8532adbc04c73a93d1b11aac9eec7013563bccc754404187bbc15309bff6b029984162907c00cab4ceb0f04b9ebb78a83e7a4fb7bdf6d42c703431b4a52612b54edd88a4dec05efe48355ecfc1bea9060e720af33e27223f502fa03ab0696afa6a407e6557f9b1f732ca8e7571e651af3475f677a97082692efd0d82bf5ff92e7535b1719794c18a44c6f6f0247ecc1d71fa86bdca93470574c4e7ffce183ed8faab13705b516649edead5646f43b4abcb78d2b7ba5cb5c332ac63b16e94c7236f888d986e4d26676b5508576e5c80101453a9ff15fe7eb0a8745348362dae300f8b9762e4df50f0a47eac1e6935ca439d6ea25a272d149735fea918ad713266b4c6a9ed82dfb5b16e800bfa261c551059740e33de233269096913d0962ae9b89e1cb9b8934641433990fe6f927dcd174c5d249019768b7d9c366457c287da6e25452ae7a8e078b78ca2655377d711ac99081e336dc7a55ccbaca11bedd82db33cd88c9b4b6e4e2291413ba47e5961cc2ee3a20815aa78479da79c6799a7b07affa66a1c34bb192ea9237ffed5ba8eb3034d0d15574e43cfbfcce55c78279de6c5179cbf8bba083c3109c6cec0613fcf16685a343b1ddae515ff5a3fcec121c43a9cd5427e4f70df3eccc82ddd667bc7db330674fc7a9cdd07c3d705663c4ee34f963aacf88cd8c8f9c9c0f5243ae246d8aa063dc0c1e2b1ae03b1c055c7e6cfc80c89e0ce2ada041625f7da04e528e28d20e04e9af3b64cdd4a3b85216e2a4765b2942bad3c7c6f8b336aabf7f0b72667e2418ca59161b03b6a1bb334ce9356fcd5956a9d18fb28d10f5fdc5bd670ce86ae9cf1753a6514e486dd6aaeed5597df47c523faa75a760ee55840075eec84ee089fe0dc8cf50ae3e44bfa9a2e83f90e91741f08e05f47f88df23b221150eff44e5d271208e78962dad72525e770dd918cf1ecd5b64c8c041d9ba71a212eab58d00bdbe7adfa596bd14477372b5baa0f95cdb22dec140cb0a475cb261f70563930137eb300b99fdd4c4e878cd694f0fd8ca59d08bd04e1a3fdb4fb83335ac0ddd654044040914d8ce0c88e0d6312dcf1ec1a628f260bcf9b846720030973b1479bc3433c83ed0db07ad7666fcb08986a1bb94e9bc05b22a2e5a1aae1a27e3e9b0fb2a9292bed25e3df7ca0d9a521c7b2ff44256bf582062fe78884e9ff1231c49e30bc97b2af30267a270c4d8d3d2594309b1ed12aecd495f081048604feaf0bed7aa3462d1163df21b6ee6af1168aa1a8c132271dd02e9ae253dd786846cf5632218d95945dfc7d5de5b5c2fc7f75341f3606078bbf742cc72e4ffc369409e6b0bf5eb37a131738a639898048d46b83e56b564935d08b9aa776c2d098f88a8db29de35ca634b1b44c0b0e73d79a70fca34c483acd2f62c35d4a23411b8a983d0aa2fceb4c8dc3ad89592c23201a20d77a95dfbf487cc25653af88f04c3229444c20567f690c21cff5c336e225cdad4d1cdd4193ad632cda78a8b4ccea93e4cc718fb5c9389e62e679ea08e73086ced5d6bbaa3502f3e7eea3d4a0dbbbebf971b83c04e74ea7300ae0a8dd4ccfceda3d4e7ffee772b6c5561e542bf2766fca45757f35128877c91ed175a272b14c6362a01927e0c39c9c974acdaedf22177e6ce23466c489ce0c99b59688ac0bbe43a5ec9cbfa590bc2e0bdc3a408b32ca0623d110ab416c9fa4fa0a32dd3c52cd7350abd3ba060df121fd90e641e76ccdc37323c648e23e3fb36fe6a111f15492061b02d1a6c3bbed2c3fa7872e1fc3c68fbf5aca5f502257913d9a82700bb1f91b242ef777b338d992e14930744e52cc72f0e3557d8cb9a1e8949acae7b34cf642be12fe4e429376bcc544c1ea56537c06de619b90424d4c40782800358b61da9070710e9873cd19425f9b746e3c42f064a429dbfbebc74f7fc7b732e104ed97dde68c1acc2bf21e42b57201ace6c08016750092bc81d48067402d84c4f7fb0fdae6fec41bf66daa19afc07b5745f1efe87214494252cde8807c13eba65400eac97db1079f5c468ffdf3213a7f87be3d83e2d5a9337154c1e3a832e987cdc9585f36bff0e1d62d4035947b0eb8e13b02d961ca4f1ae71871d043b47f5132fef76e6b3556ed65b36dda96c2c319793723e9383d8f663b20b86b8a245c492a9f38fbaef561d2ea109684596cea7fa69fbae0cce48daaf2c65011381ad2b0bc23bd50585b399fb35c453c8f0a5d9b80abd784f45cf55af476442a08d15334c1f1c479aa2ba9d65d71b00f9dc34c425115fa179b126efae40091c7cbb8c8988f5662c8de3a089b446789a6d27740232e3617dc2907e299353814ed3878a8e4d2b36dce3353412569e5015ae0e8e251ae8adfdb4b76b48d5394cf91939ac96387ccbfc4be2ebf7e4546b4d72450b4c66140fa5c82bab6efee04779ade9cfe864f56997ad161d390a6281a1802fd5edcfe3d939dd4b5f403694df75f06091e81692d9e647a7bf22fdd84b4091a10635e74497c64509f9c1a7633bf068f2c4a7025387ac9d5d4fc35f7f74ec348c465e87cf5a55ccdbea0a23f8ab5908e8b4927d274130b8b9f9e93b7e3e74ea21e5bba1d89e731741ea41cddf310b422301c4eef12b1f386c503b916e2a384d1900072f7888083d4758afaf8b402eeaa203358f44a311e46928a2133bd937310fc2d16ea5bc952ab34b79455e64f1e419d5ef3702578d6ee2756252dabf4d932f963ff374eba4b30cfe38373b6257983e11d6db3891b4f4d5a0e275b6dd62f2c070805a5773064ee9a2aaa4595c57c8e5632b8b4f91de1e99c86e1e10c462c0cdf48e546cf6c0f7b631d556527905b4586c156d70d187a9c98d0ea701467a6208261647259151178c3be45fdc604301d05b6b75f5f13fa15583ff9600631b327caacd22e62bb5c9e7f086e8ab9dbf7f6314c33b1d455dc1bbea076cf80c0490c9d442a62d44e"})
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x952f, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
connect$packet(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$9p_fd(0x20, &(0x7f0000000080)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@noextend}], [{@smackfsdef={'smackfsdef', 0x3d, 'overlay\x00'}}]}})
connect$packet(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

3.627404202s ago: executing program 3 (id=1552):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x259a}}, './file0\x00'})
ioctl$KVM_GET_XSAVE(r0, 0x9000aea4, &(0x7f00000001c0))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800b00010062726964676500003c00028005002d000100000008001d000008000005001600010000000800040004000000050029"], 0x6c}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x259a}}, './file0\x00'}) (async)
ioctl$KVM_GET_XSAVE(r0, 0x9000aea4, &(0x7f00000001c0)) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800b00010062726964676500003c00028005002d000100000008001d000008000005001600010000000800040004000000050029"], 0x6c}}, 0x0) (async)

2.860681693s ago: executing program 0 (id=1553):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
socket(0x1e, 0x3, 0x7)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740), 0x8202, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r6, &(0x7f0000000100)=[{&(0x7f0000000000)=""/240, 0xf0}], 0x1, 0x0, 0x1)
r7 = dup(r5)
ioctl$SNDRV_TIMER_IOCTL_TREAD(0xffffffffffffffff, 0x40045402, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r8 = dup(r5)
sendfile(r8, r7, 0x0, 0x89ffc)

2.860169853s ago: executing program 2 (id=1554):
mount$9p_fd(0x0, &(0x7f0000000080)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@noextend}], [{@smackfsdef={'smackfsdef', 0x3d, 'overlay\x00'}}]}})

2.774138255s ago: executing program 1 (id=1555):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000f00)={0xa, 0xa00, 0x0, @mcast1, 0x1}, 0x1c)
getsockname$inet6(r0, 0x0, &(0x7f0000000040))

2.670229287s ago: executing program 3 (id=1556):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1800000007140100000032c83a1100000500420002"], 0x18}}, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x0, 0x168, 0x9, 0x0, 0xb, 0x2e8, 0x250, 0x250, 0x2e8, 0x250, 0x3, 0x0, {[{{@ipv6={@mcast1, @remote, [], [], 'macvlan0\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x1a0, 0x1e8, 0x0, {0x0, 0x28e}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@private1, [], @ipv4=@local, [], @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}, [], @ipv4=@local}}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@rand_addr=0x64010100, 'dvmrp0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'veth0_to_bond\x00', 'caif0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}, {{0x0, 0xfd}}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)
setsockopt$inet_group_source_req(r2, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
setsockopt$inet_group_source_req(r2, 0x0, 0x2c, &(0x7f00000006c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}}}, 0x108)

367.168699ms ago: executing program 2 (id=1557):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000020850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

249.942928ms ago: executing program 0 (id=1558):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000002380)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='tlb_flush\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x64}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
timer_getoverrun(0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000), 0xe)
listen(r4, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x76, @fixed, 0x0, 0x2}, 0xe)

146.260906ms ago: executing program 4 (id=1559):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYRES16=0x0], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000001c0)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0})
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x80100, 0x0, 0x20}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socket$kcm(0x29, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)

145.83253ms ago: executing program 3 (id=1560):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = userfaultfd(0x1)
fcntl$dupfd(r4, 0x0, r4)
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='smaps\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
pread64(r5, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r2}, 0x10)
close(r1)
close(0xffffffffffffffff)
ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000140))

124.68652ms ago: executing program 1 (id=1561):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394", 0xf}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x0)

65.522581ms ago: executing program 2 (id=1562):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f00000000c0), &(0x7f0000000140)='%pi6   \x00'}, 0x20)

0s ago: executing program 2 (id=1563):
r0 = fsopen(&(0x7f0000000080)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
openat(r1, &(0x7f00000003c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) (fail_nth: 5)

kernel console output (not intermixed with test programs):

 bytes leftover after parsing attributes in process `syz.2.954'.
[  552.167923][ T9895] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  552.174462][ T9895] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  552.481630][ T9902] netlink: 'syz.0.968': attribute type 4 has an invalid length.
[  552.509526][ T9902] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.968'.
[  552.525889][ T9895] vhci_hcd vhci_hcd.0: Device attached
[  552.548648][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  552.558309][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  552.567014][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  552.580720][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  552.589319][ T5229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  552.596631][ T5229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  552.745825][ T5301] vhci_hcd: vhci_device speed not set
[  552.883714][ T5301] usb 11-1: new full-speed USB device number 7 using vhci_hcd
[  552.991787][ T9897] vhci_hcd: connection closed
[  553.016161][ T3398] vhci_hcd: stop threads
[  553.055773][ T3398] vhci_hcd: release socket
[  553.102544][ T9899] chnl_net:caif_netlink_parms(): no params data found
[  553.116655][ T3398] vhci_hcd: disconnect device
[  554.028003][ T9919] binder_alloc: binder_alloc_mmap_handler: 9914 20ffc000-20ffd000 already mapped failed -16
[  555.193534][ T5229] Bluetooth: hci3: command tx timeout
[  555.470799][ T9899] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.583018][ T9899] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.591310][ T9899] bridge_slave_0: entered allmulticast mode
[  555.599073][ T9899] bridge_slave_0: entered promiscuous mode
[  555.809167][ T9932] overlayfs: failed to resolve './file0': -2
[  556.021131][ T9899] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.309486][ T9899] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.332732][ T9899] bridge_slave_1: entered allmulticast mode
[  556.358043][ T9899] bridge_slave_1: entered promiscuous mode
[  556.503440][ T9927] netlink: 4 bytes leftover after parsing attributes in process `syz.0.974'.
[  556.625265][ T3398] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.215866][ T5235] Bluetooth: hci3: command tx timeout
[  557.525035][ T9899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  557.662058][ T9954] 9pnet_fd: Insufficient options for proto=fd
[  557.669319][ T9955] tmpfs: Bad value for 'mpol'
[  557.784663][ T3398] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.820207][ T9899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  557.877790][ T9954] netlink: 'syz.0.977': attribute type 10 has an invalid length.
[  557.924110][ T3398] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.025859][ T5301] vhci_hcd: vhci_device speed not set
[  558.074355][ T9899] team0: Port device team_slave_0 added
[  558.255510][ T3398] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.449869][ T9899] team0: Port device team_slave_1 added
[  560.112062][ T5235] Bluetooth: hci3: command tx timeout
[  560.427652][ T9899] batman_adv: batadv0: Adding interface: batadv_slave_0
[  560.434644][ T9899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  561.166493][ T9899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  561.185134][ T9980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.984'.
[  561.207059][ T9899] batman_adv: batadv0: Adding interface: batadv_slave_1
[  561.223561][ T9899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  561.380888][ T9899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  561.541035][ T9983] binder_alloc: binder_alloc_mmap_handler: 9976 20ffc000-20ffd000 already mapped failed -16
[  561.564612][ T9899] hsr_slave_0: entered promiscuous mode
[  562.333463][ T5235] Bluetooth: hci3: command tx timeout
[  562.348255][ T9899] hsr_slave_1: entered promiscuous mode
[  562.590414][ T9992] binder_alloc: binder_alloc_mmap_handler: 9987 20ffc000-20ffd000 already mapped failed -16
[  563.073510][ T9899] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  563.095743][ T9899] Cannot create hsr debugfs directory
[  563.354304][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  563.360856][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  563.474385][ T9995] 9pnet_fd: Insufficient options for proto=fd
[  563.537154][ T9995] netlink: 'syz.4.987': attribute type 10 has an invalid length.
[  563.571310][ T9998] overlayfs: failed to resolve './file0': -2
[  563.618027][ T3398] bridge_slave_1: left allmulticast mode
[  563.623737][ T3398] bridge_slave_1: left promiscuous mode
[  563.666527][ T3398] bridge0: port 2(bridge_slave_1) entered disabled state
[  563.698539][ T3398] bridge_slave_0: left allmulticast mode
[  563.711729][ T3398] bridge_slave_0: left promiscuous mode
[  563.735209][ T3398] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.874764][ T3398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  567.924400][ T3398] bond0 (unregistering): Released all slaves
[  567.956188][T10026] tmpfs: Bad value for 'mpol'
[  567.976039][T10001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.989'.
[  572.824197][ T3398] hsr_slave_0: left promiscuous mode
[  572.935115][ T3398] hsr_slave_1: left promiscuous mode
[  573.314974][ T3398] veth1_macvtap: left promiscuous mode
[  573.325268][ T3398] veth0_macvtap: left promiscuous mode
[  573.347483][ T3398] veth1_vlan: left promiscuous mode
[  573.366726][ T3398] veth0_vlan: left promiscuous mode
[  574.184757][T10078] tmpfs: Bad value for 'mpol'
[  575.056158][ T5302] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  575.267556][ T5302] usb 1-1: Using ep0 maxpacket: 8
[  575.278170][ T5302] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  575.315899][ T5302] usb 1-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  575.351194][ T5302] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  575.375908][ T5302] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.411995][ T5302] usbtmc 1-1:16.0: bulk endpoints not found
[  575.467005][ T3398] team0 (unregistering): Port device team_slave_1 removed
[  575.574011][ T3398] team0 (unregistering): Port device team_slave_0 removed
[  576.518414][T10076] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  576.556108][ T5270] usb 1-1: USB disconnect, device number 11
[  576.941482][T10093] binder_alloc: binder_alloc_mmap_handler: 10088 20ffc000-20ffd000 already mapped failed -16
[  578.467601][T10113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1007'.
[  578.678090][ T8731] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  578.678509][ T9899] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  578.703279][ T9899] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  578.724543][ T9899] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  578.748217][ T9899] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  578.874647][ T9899] 8021q: adding VLAN 0 to HW filter on device bond0
[  578.882588][ T8731] usb 1-1: Using ep0 maxpacket: 8
[  578.910923][ T8731] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  578.935022][ T8731] usb 1-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  578.955064][ T9899] 8021q: adding VLAN 0 to HW filter on device team0
[  578.985570][ T8731] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  579.008820][ T3398] bridge0: port 1(bridge_slave_0) entered blocking state
[  579.016103][ T3398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  579.037674][ T8731] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.059857][ T3398] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.067072][ T3398] bridge0: port 2(bridge_slave_1) entered forwarding state
[  579.306592][ T8731] usbtmc 1-1:16.0: bulk endpoints not found
[  579.530469][T10133] binder_alloc: binder_alloc_mmap_handler: 10126 20ffc000-20ffd000 already mapped failed -16
[  579.945602][ T9899] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  580.493897][T10142] overlayfs: failed to resolve './file0': -2
[  580.745222][ T5229] Bluetooth: hci2: command 0x0406 tx timeout
[  581.191606][ T5271] usb 1-1: USB disconnect, device number 12
[  581.367125][T10146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1013'.
[  581.482148][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1015'.
[  581.886055][ T9899] 8021q: adding VLAN 0 to HW filter on device batadv0
[  582.222685][ T9899] veth0_vlan: entered promiscuous mode
[  582.695361][T10171] binder_alloc: binder_alloc_mmap_handler: 10164 20ffc000-20ffd000 already mapped failed -16
[  582.959039][T10173] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1019'.
[  583.320374][ T9899] veth1_vlan: entered promiscuous mode
[  583.493653][T10182] overlayfs: failed to resolve './file0': -2
[  583.602908][ T9899] veth0_macvtap: entered promiscuous mode
[  583.948131][T10194] binder_alloc: binder_alloc_mmap_handler: 10183 20ffc000-20ffd000 already mapped failed -16
[  584.711088][T10198] tmpfs: Bad value for 'mpol'
[  584.834391][T10182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1018'.
[  584.859738][ T9899] veth1_macvtap: entered promiscuous mode
[  584.912544][T10202] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1023'.
[  585.018228][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  585.164294][T10180] syzkaller0: entered promiscuous mode
[  585.235954][T10180] syzkaller0: entered allmulticast mode
[  585.924486][ T9899] batman_adv: batadv0: Interface activated: batadv_slave_0
[  586.086725][ T9899] batman_adv: batadv0: Interface activated: batadv_slave_1
[  586.129418][ T9899] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.194189][ T9899] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.203360][ T9899] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.212514][ T9899] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  586.445878][  T940] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  587.396872][  T940] usb 2-1: Using ep0 maxpacket: 8
[  587.430623][  T940] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  587.446973][  T940] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  587.461431][  T940] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  587.471706][  T940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  587.484865][  T940] usbtmc 2-1:16.0: bulk endpoints not found
[  587.670174][T10232] netlink: 'syz.0.1027': attribute type 4 has an invalid length.
[  587.710669][T10232] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1027'.
[  588.885404][T10243] binder_alloc: binder_alloc_mmap_handler: 10240 20ffc000-20ffd000 already mapped failed -16
[  591.608580][T10247] netlink: 'syz.4.1030': attribute type 4 has an invalid length.
[  591.637425][T10247] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1030'.
[  593.500267][ T5229] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  593.510005][ T5229] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  593.518718][ T5229] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  593.553178][ T5229] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  593.567739][ T5229] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  593.582584][ T5229] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  595.439535][T10257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1032'.
[  595.518808][ T8731] usb 2-1: USB disconnect, device number 6
[  595.617936][ T5235] Bluetooth: hci4: command tx timeout
[  595.700098][T10267] 9pnet_fd: Insufficient options for proto=fd
[  595.722231][T10267] netlink: 'syz.4.1035': attribute type 10 has an invalid length.
[  595.788997][ T1114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  595.824005][ T1114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  596.106936][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  596.115109][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  597.738500][ T5235] Bluetooth: hci4: command tx timeout
[  597.788787][T10281] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1038'.
[  598.171664][T10289] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1041'.
[  598.981389][   T52] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.241626][T10264] chnl_net:caif_netlink_parms(): no params data found
[  599.836570][ T5235] Bluetooth: hci4: command tx timeout
[  601.466244][T10316] binder_alloc: binder_alloc_mmap_handler: 10311 20ffc000-20ffd000 already mapped failed -16
[  602.236600][T10320] binder_alloc: binder_alloc_mmap_handler: 10303 20ffc000-20ffd000 already mapped failed -16
[  603.886338][ T5235] Bluetooth: hci4: command tx timeout
[  604.066157][T10304] tmpfs: Bad value for 'mpol'
[  604.416655][   T52] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  604.573405][T10309] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  606.864766][   T52] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.338651][T10341] tmpfs: Bad value for 'mpol'
[  607.918241][T10351] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1052'.
[  607.978553][   T52] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  608.677882][T10264] bridge0: port 1(bridge_slave_0) entered blocking state
[  608.685145][T10264] bridge0: port 1(bridge_slave_0) entered disabled state
[  608.698192][T10264] bridge_slave_0: entered allmulticast mode
[  608.722956][T10264] bridge_slave_0: entered promiscuous mode
[  608.738414][T10264] bridge0: port 2(bridge_slave_1) entered blocking state
[  608.772078][T10264] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.797544][T10264] bridge_slave_1: entered allmulticast mode
[  608.815111][T10264] bridge_slave_1: entered promiscuous mode
[  608.830747][T10373] netlink: 'syz.4.1055': attribute type 4 has an invalid length.
[  609.005476][ T5275] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  609.860511][T10373] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1055'.
[  609.912031][T10376] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1056'.
[  610.065922][ T5275] usb 3-1: Using ep0 maxpacket: 8
[  610.102164][ T5275] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  610.115217][T10264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  610.145835][ T5275] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  610.168278][ T5275] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  610.192324][T10264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  610.207965][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.275549][ T5275] usbtmc 3-1:16.0: bulk endpoints not found
[  610.313947][T10380] tmpfs: Bad value for 'mpol'
[  610.486107][   T52] bridge_slave_1: left allmulticast mode
[  610.498470][   T52] bridge_slave_1: left promiscuous mode
[  610.522448][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.569012][   T52] bridge_slave_0: left allmulticast mode
[  610.577121][   T52] bridge_slave_0: left promiscuous mode
[  610.774757][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.849186][T10395] binder_alloc: binder_alloc_mmap_handler: 10388 20ffc000-20ffd000 already mapped failed -16
[  612.431842][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  612.448807][   T52] bond0 (unregistering): Released all slaves
[  612.526818][T10264] team0: Port device team_slave_0 added
[  612.566792][T10264] team0: Port device team_slave_1 added
[  612.611644][ T5275] usb 3-1: USB disconnect, device number 10
[  612.901338][T10264] batman_adv: batadv0: Adding interface: batadv_slave_0
[  612.916065][T10264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  613.005477][T10264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  613.043778][T10264] batman_adv: batadv0: Adding interface: batadv_slave_1
[  613.050946][T10264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  613.517690][T10412] binder_alloc: binder_alloc_mmap_handler: 10406 20ffc000-20ffd000 already mapped failed -16
[  613.859167][T10264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  617.039086][T10421] netlink: 'syz.1.1065': attribute type 4 has an invalid length.
[  617.064373][T10421] netlink: 126052 bytes leftover after parsing attributes in process `syz.1.1065'.
[  617.261891][T10433] tmpfs: Bad value for 'mpol'
[  617.277046][T10264] hsr_slave_0: entered promiscuous mode
[  617.364637][T10264] hsr_slave_1: entered promiscuous mode
[  617.385342][T10264] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  617.413840][T10264] Cannot create hsr debugfs directory
[  617.560937][   T52] hsr_slave_0: left promiscuous mode
[  617.586224][   T52] hsr_slave_1: left promiscuous mode
[  617.719100][   T52] veth1_macvtap: left promiscuous mode
[  617.750050][   T52] veth0_macvtap: left promiscuous mode
[  617.766745][   T52] veth1_vlan: left promiscuous mode
[  617.786577][   T52] veth0_vlan: left promiscuous mode
[  618.898373][T10448] netlink: 'syz.1.1069': attribute type 4 has an invalid length.
[  618.906646][T10448] netlink: 126052 bytes leftover after parsing attributes in process `syz.1.1069'.
[  619.129199][T10456] overlayfs: missing 'lowerdir'
[  621.191614][   T52] team0 (unregistering): Port device team_slave_1 removed
[  621.233019][   T52] team0 (unregistering): Port device team_slave_0 removed
[  621.638147][T10447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1068'.
[  621.678325][T10459] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1071'.
[  621.706302][T10463] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1072'.
[  621.949411][T10472] tmpfs: Bad value for 'mpol'
[  623.487525][T10477] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1073'.
[  624.173134][T10484] sch_fq: defrate 113 ignored.
[  624.209279][T10488] tmpfs: Bad value for 'mpol'
[  624.434908][T10497] netlink: 'syz.4.1081': attribute type 4 has an invalid length.
[  624.473539][T10497] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1081'.
[  624.701206][T10502] tmpfs: Bad value for 'mpol'
[  624.706856][T10505] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1079'.
[  624.740398][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  624.747496][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  625.390020][T10264] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  625.899570][T10519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1082'.
[  625.975938][T10264] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  626.089669][T10530] netlink: 'syz.4.1085': attribute type 4 has an invalid length.
[  626.100126][T10530] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1085'.
[  626.137552][T10264] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  626.168959][T10264] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  626.587073][T10539] netlink: 'syz.2.1084': attribute type 4 has an invalid length.
[  626.627085][T10542] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1086'.
[  626.653493][T10264] 8021q: adding VLAN 0 to HW filter on device bond0
[  626.680970][T10539] netlink: 126052 bytes leftover after parsing attributes in process `syz.2.1084'.
[  626.756144][T10264] 8021q: adding VLAN 0 to HW filter on device team0
[  626.825520][ T3398] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.832680][ T3398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  626.896163][ T3398] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.903311][ T3398] bridge0: port 2(bridge_slave_1) entered forwarding state
[  626.969285][T10264] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  627.005019][T10264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  627.131589][T10552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1087'.
[  627.143321][T10554] netlink: 'syz.4.1088': attribute type 4 has an invalid length.
[  627.188895][T10554] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1088'.
[  627.847541][ T5270] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  628.175754][ T5270] usb 1-1: Using ep0 maxpacket: 8
[  628.208107][ T5270] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  628.261881][ T5270] usb 1-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  628.317736][ T5270] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  628.343496][T10264] 8021q: adding VLAN 0 to HW filter on device batadv0
[  628.358390][ T5270] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.408707][ T5270] usbtmc 1-1:16.0: bulk endpoints not found
[  628.566860][T10264] veth0_vlan: entered promiscuous mode
[  628.658851][T10264] veth1_vlan: entered promiscuous mode
[  628.744110][T10592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1093'.
[  628.795441][T10264] veth0_macvtap: entered promiscuous mode
[  628.823629][ T5270] usb 1-1: USB disconnect, device number 13
[  628.836766][T10595] netlink: 'syz.4.1092': attribute type 4 has an invalid length.
[  628.845087][T10264] veth1_macvtap: entered promiscuous mode
[  628.856600][T10595] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1092'.
[  628.930589][T10264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.991482][T10264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.950543][T10264] batman_adv: batadv0: Interface activated: batadv_slave_0
[  630.020690][T10264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  630.135780][T10264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  630.194444][T10264] batman_adv: batadv0: Interface activated: batadv_slave_1
[  630.258808][T10264] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  631.046223][T10264] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  631.055926][T10264] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  631.154247][T10264] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  631.378177][T10619] 9pnet_fd: Insufficient options for proto=fd
[  631.435483][T10620] netlink: 'syz.0.1098': attribute type 4 has an invalid length.
[  631.446806][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  631.476641][T10620] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.1098'.
[  631.495923][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  631.523101][T10621] netlink: 'syz.2.1096': attribute type 4 has an invalid length.
[  631.534464][T10621] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1096'.
[  631.561471][T10619] netlink: 'syz.4.1097': attribute type 10 has an invalid length.
[  631.780336][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  631.851716][T10628] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1099'.
[  632.505782][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.860765][T10638] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  632.905482][T10642] tmpfs: Bad value for 'mpol'
[  633.347036][T10654] netlink: 'syz.0.1103': attribute type 4 has an invalid length.
[  633.382734][T10654] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.1103'.
[  633.568056][T10659] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1104'.
[  634.020584][ T5235] Bluetooth: hci3: ISO packet for unknown connection handle 3840
[  634.180208][T10670] netlink: 'syz.4.1106': attribute type 4 has an invalid length.
[  634.202106][T10670] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1106'.
[  634.794019][T10678] tmpfs: Bad value for 'mpol'
[  636.007018][T10686] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1110'.
[  636.890494][T10687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1109'.
[  637.889053][T10698] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  639.523410][T10717] tmpfs: Bad value for 'mpol'
[  639.563548][T10712] netlink: 'syz.2.1115': attribute type 4 has an invalid length.
[  639.573077][T10706] netlink: 'syz.4.1116': attribute type 4 has an invalid length.
[  639.591898][T10706] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1116'.
[  639.622180][T10712] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1115'.
[  640.366936][T10727] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1119'.
[  640.893477][T10738] binder_alloc: binder_alloc_mmap_handler: 10732 20ffc000-20ffd000 already mapped failed -16
[  641.754535][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1123'.
[  641.797426][T10735] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  641.816229][T10735] batman_adv: batadv0: Removing interface: batadv_slave_0
[  641.959385][T10736] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1121'.
[  642.110488][T10735] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  642.130192][T10735] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.821396][T10752] binder_alloc: binder_alloc_mmap_handler: 10748 20ffc000-20ffd000 already mapped failed -16
[  644.080054][T10763] tmpfs: Bad value for 'mpol'
[  644.827816][T10774] tmpfs: Bad value for 'mpol'
[  645.619564][T10780] binder_alloc: binder_alloc_mmap_handler: 10777 20ffc000-20ffd000 already mapped failed -16
[  647.376498][T10791] tmpfs: Bad value for 'mpol'
[  647.445127][T10792] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1133'.
[  647.546568][T10795] netlink: 'syz.3.1136': attribute type 4 has an invalid length.
[  647.554468][T10795] netlink: 126052 bytes leftover after parsing attributes in process `syz.3.1136'.
[  650.416975][T10821] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  650.423524][T10821] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  650.435949][T10821] vhci_hcd vhci_hcd.0: Device attached
[  651.404678][T10822] vhci_hcd: connection closed
[  651.415888][ T5275] vhci_hcd: vhci_device speed not set
[  651.415904][ T5340] vhci_hcd: stop threads
[  651.415921][ T5340] vhci_hcd: release socket
[  651.485815][ T5275] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[  651.525394][T10835] tmpfs: Bad value for 'mpol'
[  651.530507][ T5340] vhci_hcd: disconnect device
[  651.671796][T10828] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1144'.
[  652.539452][T10842] binder_alloc: binder_alloc_mmap_handler: 10839 20ffc000-20ffd000 already mapped failed -16
[  654.169979][T10848] binder_alloc: binder_alloc_mmap_handler: 10845 20ffc000-20ffd000 already mapped failed -16
[  654.970586][T10856] tmpfs: Bad value for 'mpol'
[  655.160733][T10857] netlink: 'syz.4.1149': attribute type 4 has an invalid length.
[  655.182363][T10857] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1149'.
[  656.528894][T10868] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1150'.
[  657.268423][ T5275] vhci_hcd: vhci_device speed not set
[  657.901595][T10882] netlink: 'syz.0.1154': attribute type 4 has an invalid length.
[  658.614192][T10882] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1154'.
[  659.574719][ T5229] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  659.584364][ T5229] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  659.592746][ T5229] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  659.600888][ T5229] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  659.609636][ T5229] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  659.617327][ T5229] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  659.698633][T10890] syzkaller0: entered promiscuous mode
[  659.738401][T10890] syzkaller0: entered allmulticast mode
[  659.957850][T10897] netlink: 'syz.0.1159': attribute type 4 has an invalid length.
[  659.978888][T10897] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.1159'.
[  662.826179][T10909] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1162'.
[  665.606061][ T5229] Bluetooth: hci2: command tx timeout
[  666.192179][T10917] tmpfs: Bad value for 'mpol'
[  666.254579][T10919] netlink: 'syz.4.1166': attribute type 4 has an invalid length.
[  666.314149][T10919] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1166'.
[  666.683541][T10926] netlink: 'syz.4.1168': attribute type 4 has an invalid length.
[  666.699707][T10926] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1168'.
[  667.171420][T10930] netlink: 'syz.4.1169': attribute type 4 has an invalid length.
[  667.204327][T10930] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1169'.
[  667.603970][T10938] tmpfs: Bad value for 'mpol'
[  667.621456][ T5229] Bluetooth: hci2: command tx timeout
[  667.677216][T10937] netlink: 'syz.0.1171': attribute type 4 has an invalid length.
[  667.686796][T10937] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1171'.
[  669.673828][ T5235] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  669.691728][ T5235] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  669.699417][T10950] Bluetooth: hci2: command tx timeout
[  669.705334][ T5235] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  669.710866][T10951] tmpfs: Bad value for 'mpol'
[  669.714631][ T5235] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  669.729804][ T5235] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  669.737361][ T5235] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  669.828885][T10916] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  669.830792][T10936] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  670.001899][ T5340] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  670.057764][T10959] tmpfs: Bad value for 'mpol'
[  670.502436][ T5340] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.135994][T10972] tmpfs: Bad value for 'mpol'
[  671.146989][ T5340] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.240680][ T5340] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.263038][T10974] netlink: 'syz.0.1179': attribute type 4 has an invalid length.
[  671.271856][T10974] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1179'.
[  671.517294][T10979] netlink: 'syz.4.1180': attribute type 4 has an invalid length.
[  671.528948][T10979] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1180'.
[  671.664821][T10983] 9pnet_fd: Insufficient options for proto=fd
[  671.700906][T10893] chnl_net:caif_netlink_parms(): no params data found
[  671.712344][ T5340] bridge_slave_1: left allmulticast mode
[  671.722081][ T5340] bridge_slave_1: left promiscuous mode
[  671.729238][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state
[  671.741238][ T5340] bridge_slave_0: left allmulticast mode
[  671.755966][ T5340] bridge_slave_0: left promiscuous mode
[  671.775897][ T5229] Bluetooth: hci5: command tx timeout
[  671.781649][ T5235] Bluetooth: hci2: command tx timeout
[  671.799386][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state
[  671.965356][T10989] netlink: 'syz.2.1182': attribute type 4 has an invalid length.
[  672.050271][ T5340] bond0: left promiscuous mode
[  672.055145][ T5340] bond_slave_1: left promiscuous mode
[  672.067674][T10989] netlink: 126052 bytes leftover after parsing attributes in process `syz.2.1182'.
[  672.777752][T11002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1186'.
[  672.913916][T11003] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1185'.
[  673.696679][T11008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1187'.
[  673.945038][ T5235] Bluetooth: hci5: command tx timeout
[  674.677743][T11015] netlink: 'syz.2.1189': attribute type 4 has an invalid length.
[  674.685825][T11015] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1189'.
[  674.804393][ T5340] team0: Port device vlan2 removed
[  674.850799][ T5340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  674.861454][ T5340] bond0 (unregistering): Released all slaves
[  674.945447][T11013] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1188'.
[  674.982733][T10948] chnl_net:caif_netlink_parms(): no params data found
[  675.212571][T11030] netlink: 'syz.2.1190': attribute type 4 has an invalid length.
[  675.235400][T11030] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1190'.
[  675.592486][T11044] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1192'.
[  676.015778][ T5229] Bluetooth: hci5: command tx timeout
[  676.498405][T10893] bridge0: port 1(bridge_slave_0) entered blocking state
[  676.510313][T10893] bridge0: port 1(bridge_slave_0) entered disabled state
[  676.520036][T10893] bridge_slave_0: entered allmulticast mode
[  676.531670][T10893] bridge_slave_0: entered promiscuous mode
[  676.542694][T10893] bridge0: port 2(bridge_slave_1) entered blocking state
[  676.553723][T10893] bridge0: port 2(bridge_slave_1) entered disabled state
[  676.657470][T10893] bridge_slave_1: entered allmulticast mode
[  676.672666][T10893] bridge_slave_1: entered promiscuous mode
[  677.535035][T10893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  677.555232][T10948] bridge0: port 1(bridge_slave_0) entered blocking state
[  677.562533][T10948] bridge0: port 1(bridge_slave_0) entered disabled state
[  677.571536][T10948] bridge_slave_0: entered allmulticast mode
[  677.579123][T10948] bridge_slave_0: entered promiscuous mode
[  677.593191][T10948] bridge0: port 2(bridge_slave_1) entered blocking state
[  677.600443][T10948] bridge0: port 2(bridge_slave_1) entered disabled state
[  677.611430][T10948] bridge_slave_1: entered allmulticast mode
[  677.618933][T10948] bridge_slave_1: entered promiscuous mode
[  678.015934][ T5229] Bluetooth: hci3: command 0x0406 tx timeout
[  678.096105][ T5235] Bluetooth: hci5: command tx timeout
[  678.426437][T11059] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  678.440632][T10893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  678.504420][ T5340] hsr_slave_0: left promiscuous mode
[  678.535851][ T5340] hsr_slave_1: left promiscuous mode
[  678.665265][ T5340] veth1_macvtap: left promiscuous mode
[  678.670939][ T5340] veth0_macvtap: left promiscuous mode
[  678.676734][ T5340] veth1_vlan: left promiscuous mode
[  678.682530][ T5340] veth0_vlan: left promiscuous mode
[  679.588503][T11068] netlink: 'syz.4.1196': attribute type 4 has an invalid length.
[  679.596609][T11068] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1196'.
[  680.404562][T11081] netlink: 'syz.4.1200': attribute type 4 has an invalid length.
[  680.412648][T11081] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1200'.
[  681.598497][T11091] 9pnet_fd: Insufficient options for proto=fd
[  681.707441][T11093] tmpfs: Bad value for 'mpol'
[  681.721396][ T5340] team0 (unregistering): Port device team_slave_1 removed
[  681.769177][ T5340] team0 (unregistering): Port device team_slave_0 removed
[  682.229077][T11074] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1198'.
[  682.247147][T10893] team0: Port device team_slave_0 added
[  682.262054][T10893] team0: Port device team_slave_1 added
[  682.334627][T11092] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1203'.
[  682.397457][T10948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  682.739490][T10893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  683.025234][T10893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.191363][T10893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  683.204363][T10948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  683.226651][T11106] netlink: 'syz.4.1206': attribute type 4 has an invalid length.
[  683.240109][T10893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  683.268537][T10893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.306150][T11106] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1206'.
[  683.449767][T10893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  683.660358][T11124] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1208'.
[  683.754837][T10948] team0: Port device team_slave_0 added
[  683.819135][T10948] team0: Port device team_slave_1 added
[  683.924395][T10893] hsr_slave_0: entered promiscuous mode
[  683.978609][T10893] hsr_slave_1: entered promiscuous mode
[  684.001009][T10893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  684.012483][T10893] Cannot create hsr debugfs directory
[  684.100127][T10948] batman_adv: batadv0: Adding interface: batadv_slave_0
[  684.119874][T10948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  684.149591][T11131] netlink: 'syz.4.1209': attribute type 4 has an invalid length.
[  684.156555][T10948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  684.163954][T11131] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1209'.
[  684.216603][T10948] batman_adv: batadv0: Adding interface: batadv_slave_1
[  684.224205][ T5270] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  684.232408][T10948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  684.270067][T10948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  684.456003][ T5270] usb 1-1: Using ep0 maxpacket: 8
[  684.478071][ T5270] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  684.590770][ T5270] usb 1-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  684.981110][ T5270] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  684.991398][ T5270] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.007432][ T5270] usbtmc 1-1:16.0: bulk endpoints not found
[  685.134299][T10948] hsr_slave_0: entered promiscuous mode
[  685.151072][T11136] netlink: 'syz.2.1211': attribute type 4 has an invalid length.
[  685.160932][T10948] hsr_slave_1: entered promiscuous mode
[  685.230072][T11136] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1211'.
[  685.244930][T10948] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  685.396082][T10948] Cannot create hsr debugfs directory
[  685.722983][ T5271] usb 1-1: USB disconnect, device number 14
[  685.880136][ T5340] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.224464][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  686.231610][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  686.742508][ T5340] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  688.240693][ T5340] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.307254][T11178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1219'.
[  689.542861][ T5340] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.204722][T11186] netlink: 'syz.4.1220': attribute type 4 has an invalid length.
[  690.216802][T11186] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1220'.
[  690.560055][ T5340] bridge_slave_1: left allmulticast mode
[  690.619263][ T5340] bridge_slave_1: left promiscuous mode
[  690.663291][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state
[  690.703780][ T5340] bridge_slave_0: left allmulticast mode
[  690.710627][ T5340] bridge_slave_0: left promiscuous mode
[  690.716575][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.252172][T11218] netlink: 'syz.2.1227': attribute type 4 has an invalid length.
[  693.292223][T11218] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1227'.
[  693.990596][T11224] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1229'.
[  694.003132][ T5340] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  694.029460][ T5340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  694.047111][ T5340] bond0 (unregistering): Released all slaves
[  695.233354][T10893] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  695.510566][T10893] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  695.661770][T10893] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  695.881392][T10893] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  696.395837][ T5340] hsr_slave_0: left promiscuous mode
[  696.430242][ T5340] hsr_slave_1: left promiscuous mode
[  696.494893][ T5340] veth1_macvtap: left promiscuous mode
[  696.515951][ T5340] veth0_macvtap: left promiscuous mode
[  696.521655][ T5340] veth1_vlan: left promiscuous mode
[  696.536465][ T5340] veth0_vlan: left promiscuous mode
[  697.867931][    T8] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  698.129739][    T8] usb 1-1: Using ep0 maxpacket: 8
[  698.185055][    T8] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  698.591082][    T8] usb 1-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  698.644708][    T8] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  698.719103][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.758089][    T8] usbtmc 1-1:16.0: bulk endpoints not found
[  699.413795][T11283] netlink: 'syz.4.1240': attribute type 4 has an invalid length.
[  699.445836][T11283] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1240'.
[  700.082720][ T5340] team0 (unregistering): Port device team_slave_1 removed
[  700.806390][ T5340] team0 (unregistering): Port device team_slave_0 removed
[  702.379093][T11305] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1246'.
[  702.555235][ T5235] Bluetooth: hci3: ISO packet for unknown connection handle 2816
[  702.631941][T11309] netlink: 'syz.4.1247': attribute type 4 has an invalid length.
[  702.643091][T11309] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.1247'.
[  703.403980][ T5275] usb 1-1: USB disconnect, device number 15
[  704.640714][T11329] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1250'.
[  704.690156][T10948] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  704.901716][T10948] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  704.993997][T11339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1251'.
[  705.151105][T10948] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  705.504681][T10948] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  705.637151][T10893] 8021q: adding VLAN 0 to HW filter on device bond0
[  705.800211][T10893] 8021q: adding VLAN 0 to HW filter on device team0
[  705.844514][T11348] netlink: 'syz.2.1253': attribute type 4 has an invalid length.
[  705.854635][ T1246] bridge0: port 1(bridge_slave_0) entered blocking state
[  705.865645][ T1246] bridge0: port 1(bridge_slave_0) entered forwarding state
[  705.953507][T11348] netlink: 126052 bytes leftover after parsing attributes in process `syz.2.1253'.
[  706.561900][ T1246] bridge0: port 2(bridge_slave_1) entered blocking state
[  706.569335][ T1246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  707.102349][T10948] 8021q: adding VLAN 0 to HW filter on device bond0
[  707.184635][T10948] 8021q: adding VLAN 0 to HW filter on device team0
[  707.789446][ T3398] bridge0: port 1(bridge_slave_0) entered blocking state
[  707.796638][ T3398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  707.927507][ T1246] bridge0: port 2(bridge_slave_1) entered blocking state
[  707.934653][ T1246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  711.182515][T10893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  711.811427][T10948] 8021q: adding VLAN 0 to HW filter on device batadv0
[  711.840756][T10893] veth0_vlan: entered promiscuous mode
[  711.863658][T10893] veth1_vlan: entered promiscuous mode
[  712.013727][T11422] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1264'.
[  713.022837][T10948] veth0_vlan: entered promiscuous mode
[  713.093473][T10893] veth0_macvtap: entered promiscuous mode
[  713.579303][T10893] veth1_macvtap: entered promiscuous mode
[  713.653984][T11434] tmpfs: Bad value for 'mpol'
[  713.674180][T10948] veth1_vlan: entered promiscuous mode
[  713.710469][T10893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  713.737674][T10893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  713.754392][T10893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  713.772436][T10893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  713.797073][T10893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  713.818443][T10893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  713.850013][T10893] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  713.870342][T10893] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  713.915764][T10893] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  713.931514][T10893] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  714.761501][T10948] veth0_macvtap: entered promiscuous mode
[  715.785333][T10948] veth1_macvtap: entered promiscuous mode
[  716.191027][T10948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  716.975869][T10948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.005866][T10948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.043379][T10948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.095154][T10948] batman_adv: batadv0: Interface activated: batadv_slave_0
[  717.167662][T10948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  717.293834][T10948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.335810][T10948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  717.379247][T10948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.414794][T10948] batman_adv: batadv0: Interface activated: batadv_slave_1
[  717.628371][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  717.833330][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  717.991290][T11483] tmpfs: Bad value for 'mpol'
[  718.024636][T10948] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  718.074892][T10948] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  718.112676][T10948] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  718.122044][T10948] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  718.430693][T11493] netlink: 'syz.0.1275': attribute type 4 has an invalid length.
[  718.446042][T11493] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.1275'.
[  718.483817][ T5342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  718.521366][ T5342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  718.635853][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  718.677235][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  720.567737][ T5229] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  720.578659][ T5229] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  720.587275][ T5229] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  720.758754][ T5229] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  721.276999][ T5229] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  721.319701][ T5229] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  721.331621][ T1246] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.523199][ T1246] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.047825][T11526] netlink: 'syz.0.1278': attribute type 4 has an invalid length.
[  722.068164][T11526] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1278'.
[  722.172171][ T1246] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.059941][ T1246] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.537259][ T5235] Bluetooth: hci2: command tx timeout
[  724.121082][T11559] tmpfs: Bad value for 'mpol'
[  725.120595][T11569] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1286'.
[  725.307103][ T1246] bridge_slave_1: left allmulticast mode
[  725.326531][ T1246] bridge_slave_1: left promiscuous mode
[  725.332234][ T1246] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.366421][ T1246] bridge_slave_0: left allmulticast mode
[  725.383415][ T1246] bridge_slave_0: left promiscuous mode
[  725.392841][ T1246] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.412700][T11581] netlink: 'syz.0.1289': attribute type 4 has an invalid length.
[  725.426610][T11581] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.1289'.
[  725.616653][ T5235] Bluetooth: hci2: command tx timeout
[  725.706048][T11589] netlink: 'syz.2.1290': attribute type 4 has an invalid length.
[  725.751951][T11589] netlink: 126052 bytes leftover after parsing attributes in process `syz.2.1290'.
[  726.409667][T11595] tmpfs: Bad value for 'mpol'
[  726.432142][ T1246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  726.454039][ T1246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  726.484741][ T1246] bond0 (unregistering): Released all slaves
[  727.434919][T11511] chnl_net:caif_netlink_parms(): no params data found
[  727.694576][T11608] tmpfs: Bad value for 'mpol'
[  727.707474][ T5235] Bluetooth: hci2: command tx timeout
[  729.776317][ T5235] Bluetooth: hci2: command tx timeout
[  730.073869][ T1246] hsr_slave_0: left promiscuous mode
[  730.155066][ T1246] hsr_slave_1: left promiscuous mode
[  731.084020][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  731.127348][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  731.162914][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  731.210402][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  731.658011][ T1246] veth1_macvtap: left promiscuous mode
[  731.676577][ T1246] veth0_macvtap: left promiscuous mode
[  731.725899][ T1246] veth1_vlan: left promiscuous mode
[  731.738134][ T1246] veth0_vlan: left promiscuous mode
[  734.314382][T11683] netlink: 'syz.3.1310': attribute type 4 has an invalid length.
[  734.386098][T11683] netlink: 126052 bytes leftover after parsing attributes in process `syz.3.1310'.
[  736.048940][ T5271] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  736.338153][ T5271] usb 1-1: Using ep0 maxpacket: 8
[  736.608054][ T5271] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  736.783612][ T5271] usb 1-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  736.802273][ T5271] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  736.839185][ T5271] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.526578][ T5271] usbtmc 1-1:16.0: bulk endpoints not found
[  737.800781][ T1246] team0 (unregistering): Port device team_slave_1 removed
[  738.017893][ T1246] team0 (unregistering): Port device team_slave_0 removed
[  738.640410][T11721] tmpfs: Bad value for 'mpol'
[  738.864283][T11701] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1312'.
[  738.904502][ T5270] usb 1-1: USB disconnect, device number 16
[  739.058131][T11511] bridge0: port 1(bridge_slave_0) entered blocking state
[  739.065515][T11511] bridge0: port 1(bridge_slave_0) entered disabled state
[  739.073191][T11511] bridge_slave_0: entered allmulticast mode
[  739.087636][T11511] bridge_slave_0: entered promiscuous mode
[  739.212698][T11733] tmpfs: Bad value for 'mpol'
[  739.926376][T11511] bridge0: port 2(bridge_slave_1) entered blocking state
[  739.960896][T11511] bridge0: port 2(bridge_slave_1) entered disabled state
[  740.006383][T11511] bridge_slave_1: entered allmulticast mode
[  740.037400][T11511] bridge_slave_1: entered promiscuous mode
[  740.163834][T11511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  740.202349][T11511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  740.378152][T11742] tmpfs: Bad value for 'mpol'
[  740.729595][T11511] team0: Port device team_slave_0 added
[  740.750216][T11511] team0: Port device team_slave_1 added
[  741.009994][T11737] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  741.011070][T11745] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1320'.
[  741.167848][T11511] batman_adv: batadv0: Adding interface: batadv_slave_0
[  741.174836][T11511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  741.693259][T11511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  742.024947][T11511] batman_adv: batadv0: Adding interface: batadv_slave_1
[  742.046622][T11511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  742.107378][T11511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  742.187278][T11763] netlink: 'syz.0.1325': attribute type 4 has an invalid length.
[  742.195027][T11763] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1325'.
[  742.243245][T11763] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1325'.
[  742.260379][T11511] hsr_slave_0: entered promiscuous mode
[  742.299476][T11511] hsr_slave_1: entered promiscuous mode
[  742.330058][T11511] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  742.340420][T11511] Cannot create hsr debugfs directory
[  742.566289][    T8] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  742.592091][ T5271] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  742.708172][T11788] tmpfs: Bad value for 'mpol'
[  742.775787][    T8] usb 3-1: Using ep0 maxpacket: 8
[  742.784143][    T8] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  742.794542][ T5271] usb 4-1: Using ep0 maxpacket: 8
[  742.819819][ T5271] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  742.843892][    T8] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  742.866209][ T5271] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  742.885369][    T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  742.900283][ T5271] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  742.917062][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.931676][ T5271] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.980716][    T8] usbtmc 3-1:16.0: bulk endpoints not found
[  742.998996][ T5271] usbtmc 4-1:16.0: bulk endpoints not found
[  743.932419][ T5275] usb 3-1: USB disconnect, device number 11
[  743.934257][ T5271] usb 4-1: USB disconnect, device number 10
[  744.090959][T11799] tmpfs: Bad value for 'mpol'
[  745.144174][T11831] tmpfs: Bad value for 'mpol'
[  745.201134][T11833] netlink: 'syz.4.1334': attribute type 4 has an invalid length.
[  745.216257][T11833] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1334'.
[  745.353722][T11511] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  745.396535][T11511] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  745.426076][T11511] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  745.459931][T11511] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  745.465831][ T5275] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  745.955874][ T5275] usb 4-1: Using ep0 maxpacket: 8
[  745.966042][ T5275] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  745.984492][ T5275] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  746.006717][ T5275] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  746.010580][T11511] 8021q: adding VLAN 0 to HW filter on device bond0
[  746.022614][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.053462][ T5275] usbtmc 4-1:16.0: bulk endpoints not found
[  746.080575][T11511] 8021q: adding VLAN 0 to HW filter on device team0
[  746.721031][ T1246] bridge0: port 1(bridge_slave_0) entered blocking state
[  746.728397][ T1246] bridge0: port 1(bridge_slave_0) entered forwarding state
[  746.906136][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  746.913455][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  747.700583][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  747.722995][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  747.776129][ T5271] usb 4-1: USB disconnect, device number 11
[  748.887021][T11871] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1339'.
[  750.633780][T11511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  750.825529][T11511] veth0_vlan: entered promiscuous mode
[  750.864389][T11511] veth1_vlan: entered promiscuous mode
[  751.048642][T11511] veth0_macvtap: entered promiscuous mode
[  751.074047][T11511] veth1_macvtap: entered promiscuous mode
[  751.227612][T11920] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1347'.
[  752.273270][T11511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  752.299215][T11511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  752.310994][T11511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  752.357702][T11511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  752.407333][T11511] batman_adv: batadv0: Interface activated: batadv_slave_0
[  752.445116][T11511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  752.479219][T11511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  752.505793][T11511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  752.540790][T11511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  752.644954][T11511] batman_adv: batadv0: Interface activated: batadv_slave_1
[  753.610551][T11511] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  753.656061][T11511] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  753.664898][T11511] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  753.674318][T11511] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  755.990019][ T1114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  756.447576][ T1114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  756.729378][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  756.780439][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  760.686193][T11993] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1362'.
[  764.200134][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  764.210986][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  764.219515][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  764.254499][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  764.262416][ T5229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  764.269858][ T5229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  764.714320][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.491606][T12032] netlink: 'syz.1.1371': attribute type 4 has an invalid length.
[  765.573791][T12032] netlink: 126052 bytes leftover after parsing attributes in process `syz.1.1371'.
[  766.165179][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.335870][ T5229] Bluetooth: hci3: command tx timeout
[  766.349984][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  767.215122][T12059] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1379'.
[  767.636872][T12061] FAULT_INJECTION: forcing a failure.
[  767.636872][T12061] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  767.702428][T12061] CPU: 0 UID: 0 PID: 12061 Comm: syz.4.1381 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  767.713249][T12061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  767.723435][T12061] Call Trace:
[  767.726710][T12061]  <TASK>
[  767.729658][T12061]  dump_stack_lvl+0x241/0x360
[  767.734332][T12061]  ? __pfx_dump_stack_lvl+0x10/0x10
[  767.739518][T12061]  ? __pfx__printk+0x10/0x10
[  767.744098][T12061]  ? snprintf+0xda/0x120
[  767.748326][T12061]  should_fail_ex+0x3b0/0x4e0
[  767.753031][T12061]  _copy_to_user+0x2f/0xb0
[  767.757482][T12061]  simple_read_from_buffer+0xca/0x150
[  767.762899][T12061]  proc_fail_nth_read+0x1ec/0x260
[  767.768050][T12061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  767.773634][T12061]  ? rw_verify_area+0x520/0x6b0
[  767.778513][T12061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  767.784086][T12061]  vfs_read+0x204/0xbc0
[  767.788272][T12061]  ? __pfx_lock_release+0x10/0x10
[  767.793336][T12061]  ? __pfx_vfs_read+0x10/0x10
[  767.798046][T12061]  ? __fget_files+0x29/0x470
[  767.802662][T12061]  ? __fget_files+0x3f6/0x470
[  767.807454][T12061]  ksys_read+0x1a0/0x2c0
[  767.811792][T12061]  ? __pfx_ksys_read+0x10/0x10
[  767.816565][T12061]  ? do_syscall_64+0x100/0x230
[  767.821338][T12061]  ? do_syscall_64+0xb6/0x230
[  767.826020][T12061]  do_syscall_64+0xf3/0x230
[  767.830534][T12061]  ? clear_bhb_loop+0x35/0x90
[  767.835208][T12061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.841116][T12061] RIP: 0033:0x7f4b73f7c93c
[  767.845528][T12061] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  767.865129][T12061] RSP: 002b:00007f4b74d4f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  767.873546][T12061] RAX: ffffffffffffffda RBX: 00007f4b74135f80 RCX: 00007f4b73f7c93c
[  767.881509][T12061] RDX: 000000000000000f RSI: 00007f4b74d4f0a0 RDI: 0000000000000003
[  767.889476][T12061] RBP: 00007f4b74d4f090 R08: 0000000000000000 R09: 0000000000000000
[  767.897437][T12061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  767.905397][T12061] R13: 0000000000000001 R14: 00007f4b74135f80 R15: 00007ffd83f1fb78
[  767.913371][T12061]  </TASK>
[  768.553920][T12075] binder_alloc: 12062: binder_alloc_buf, no vma
[  768.588823][ T5229] Bluetooth: hci3: command tx timeout
[  768.953822][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.969085][T12080] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  769.009402][T12074] tipc: Started in network mode
[  769.024884][T12074] tipc: Node identity 663a20300a74797, cluster identity 4711
[  769.054132][T12074] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  769.130550][T12017] chnl_net:caif_netlink_parms(): no params data found
[  769.389990][T12095] netlink: 'syz.3.1392': attribute type 8 has an invalid length.
[  770.472651][T12017] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.510758][T12017] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.546102][T12017] bridge_slave_0: entered allmulticast mode
[  770.654336][T12017] bridge_slave_0: entered promiscuous mode
[  770.660574][ T5229] Bluetooth: hci3: command tx timeout
[  770.740362][T12017] bridge0: port 2(bridge_slave_1) entered blocking state
[  770.898334][T12017] bridge0: port 2(bridge_slave_1) entered disabled state
[  770.910810][T12017] bridge_slave_1: entered allmulticast mode
[  770.962576][T12017] bridge_slave_1: entered promiscuous mode
[  771.237914][   T12] bridge_slave_1: left allmulticast mode
[  771.243612][   T12] bridge_slave_1: left promiscuous mode
[  771.280811][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  771.339146][   T12] bridge_slave_0: left allmulticast mode
[  771.357661][   T12] bridge_slave_0: left promiscuous mode
[  771.408043][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  771.575190][T12123] FAULT_INJECTION: forcing a failure.
[  771.575190][T12123] name failslab, interval 1, probability 0, space 0, times 1
[  771.614375][T12123] CPU: 1 UID: 0 PID: 12123 Comm: syz.0.1401 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  771.625198][T12123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  771.635278][T12123] Call Trace:
[  771.638584][T12123]  <TASK>
[  771.641625][T12123]  dump_stack_lvl+0x241/0x360
[  771.646327][T12123]  ? __pfx_dump_stack_lvl+0x10/0x10
[  771.651542][T12123]  ? __pfx__printk+0x10/0x10
[  771.656147][T12123]  ? __kmalloc_node_noprof+0xb7/0x440
[  771.661533][T12123]  ? __pfx___might_resched+0x10/0x10
[  771.666837][T12123]  should_fail_ex+0x3b0/0x4e0
[  771.671513][T12123]  should_failslab+0xac/0x100
[  771.676188][T12123]  __kmalloc_node_noprof+0xdf/0x440
[  771.681380][T12123]  ? __kvmalloc_node_noprof+0x72/0x190
[  771.686837][T12123]  __kvmalloc_node_noprof+0x72/0x190
[  771.692112][T12123]  file_tty_write+0x2c7/0x9c0
[  771.696789][T12123]  vfs_write+0xa72/0xc90
[  771.701029][T12123]  ? __pfx_tty_write+0x10/0x10
[  771.705794][T12123]  ? __pfx_vfs_write+0x10/0x10
[  771.710576][T12123]  ksys_write+0x1a0/0x2c0
[  771.714905][T12123]  ? __pfx_ksys_write+0x10/0x10
[  771.719754][T12123]  ? do_syscall_64+0x100/0x230
[  771.724513][T12123]  ? do_syscall_64+0xb6/0x230
[  771.729183][T12123]  do_syscall_64+0xf3/0x230
[  771.733682][T12123]  ? clear_bhb_loop+0x35/0x90
[  771.738358][T12123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.744242][T12123] RIP: 0033:0x7f4b2757def9
[  771.748649][T12123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.768430][T12123] RSP: 002b:00007f4b2845e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  771.776847][T12123] RAX: ffffffffffffffda RBX: 00007f4b27735f80 RCX: 00007f4b2757def9
[  771.784809][T12123] RDX: 0000000000001006 RSI: 0000000020002080 RDI: 0000000000000004
[  771.792775][T12123] RBP: 00007f4b2845e090 R08: 0000000000000000 R09: 0000000000000000
[  771.800735][T12123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.808699][T12123] R13: 0000000000000000 R14: 00007f4b27735f80 R15: 00007ffeff6e4738
[  771.816679][T12123]  </TASK>
[  771.837047][  T940] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  771.862884][  T940] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  771.907520][  T940] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  772.737624][ T5229] Bluetooth: hci3: command tx timeout
[  773.154581][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  773.172922][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  773.183595][   T12] bond0 (unregistering): Released all slaves
[  773.212788][T12017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  773.250347][T12017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  773.400010][  T940] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  773.438840][T12017] team0: Port device team_slave_0 added
[  773.450769][T12017] team0: Port device team_slave_1 added
[  774.429194][T12017] batman_adv: batadv0: Adding interface: batadv_slave_0
[  774.437356][  T940] usb 1-1: Using ep0 maxpacket: 32
[  774.448519][T12017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  774.506322][  T940] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  774.526980][  T940] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  774.541738][T12017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  774.565886][  T940] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  774.601611][T12017] batman_adv: batadv0: Adding interface: batadv_slave_1
[  774.610091][  T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.622193][T12017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  774.660336][  T940] hub 1-1:4.0: USB hub found
[  774.665326][T12017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  774.759043][   T12] hsr_slave_0: left promiscuous mode
[  774.790745][   T12] hsr_slave_1: left promiscuous mode
[  774.815548][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  774.833812][T12169] netlink: 'syz.3.1412': attribute type 1 has an invalid length.
[  774.853276][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  774.853512][T12169] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1412'.
[  774.873816][  T940] hub 1-1:4.0: config failed, can't read hub descriptor (err -22)
[  774.893475][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  774.921222][  T940] usb 1-1: USB disconnect, device number 17
[  774.932052][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  774.994207][   T12] veth1_macvtap: left promiscuous mode
[  775.016531][   T12] veth0_macvtap: left promiscuous mode
[  775.030093][   T12] veth1_vlan: left promiscuous mode
[  775.035505][   T12] veth0_vlan: left promiscuous mode
[  775.081870][T12178] netlink: 'syz.1.1414': attribute type 4 has an invalid length.
[  775.095892][T12178] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.1414'.
[  776.422592][   T12] team0 (unregistering): Port device team_slave_1 removed
[  776.497545][  T940] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  776.561645][   T12] team0 (unregistering): Port device team_slave_0 removed
[  776.706225][  T940] usb 2-1: Using ep0 maxpacket: 8
[  776.723123][  T940] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  776.755339][  T940] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  776.794375][  T940] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  776.806102][  T940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.858504][  T940] usbtmc 2-1:16.0: bulk endpoints not found
[  776.861184][T12201] netlink: 'syz.0.1419': attribute type 4 has an invalid length.
[  776.892934][T12201] netlink: 126052 bytes leftover after parsing attributes in process `syz.0.1419'.
[  777.561092][T12205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  777.652401][ T5270] usb 2-1: USB disconnect, device number 7
[  777.794250][T12017] hsr_slave_0: entered promiscuous mode
[  777.814058][T12017] hsr_slave_1: entered promiscuous mode
[  777.973593][T12017] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  777.986341][T12017] Cannot create hsr debugfs directory
[  778.069403][T12214] Illegal XDP return value 4294967274 on prog  (id 545) dev N/A, expect packet loss!
[  778.386170][    T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  778.698866][    T8] usb 4-1: Using ep0 maxpacket: 32
[  778.737411][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  778.756000][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  778.779189][    T8] usb 4-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[  778.805299][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.851006][    T8] usb 4-1: config 0 descriptor??
[  779.106803][T12234] fuse: Unknown parameter '·|¼¤„'
[  779.159168][T12017] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  779.185211][T12017] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  779.227789][T12017] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  779.250948][T12017] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  779.309219][    T8] glorious 0003:258A:0033.0003: unknown main item tag 0x0
[  779.341943][T12248] netlink: 'syz.4.1427': attribute type 4 has an invalid length.
[  779.345776][    T8] glorious 0003:258A:0033.0003: unknown main item tag 0x6
[  779.366484][T12248] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1427'.
[  779.434458][    T8] glorious 0003:258A:0033.0003: hidraw0: USB HID v0.00 Device [Glorious Model D] on usb-dummy_hcd.3-1/input0
[  779.512268][T12017] 8021q: adding VLAN 0 to HW filter on device bond0
[  779.571975][T12017] 8021q: adding VLAN 0 to HW filter on device team0
[  779.600789][ T1246] bridge0: port 1(bridge_slave_0) entered blocking state
[  779.607953][ T1246] bridge0: port 1(bridge_slave_0) entered forwarding state
[  779.650493][ T1246] bridge0: port 2(bridge_slave_1) entered blocking state
[  779.657646][ T1246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  779.671428][T12255] FAULT_INJECTION: forcing a failure.
[  779.671428][T12255] name failslab, interval 1, probability 0, space 0, times 0
[  779.696260][ T5302] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  779.731919][T12255] CPU: 0 UID: 0 PID: 12255 Comm: syz.1.1429 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  779.742737][T12255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  779.752815][T12255] Call Trace:
[  779.756112][T12255]  <TASK>
[  779.759141][T12255]  dump_stack_lvl+0x241/0x360
[  779.763835][T12255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  779.769035][T12255]  ? __pfx__printk+0x10/0x10
[  779.773623][T12255]  ? fs_reclaim_acquire+0x93/0x140
[  779.778729][T12255]  ? __pfx___might_resched+0x10/0x10
[  779.784019][T12255]  should_fail_ex+0x3b0/0x4e0
[  779.788697][T12255]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  779.794414][T12255]  should_failslab+0xac/0x100
[  779.799091][T12255]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  779.804808][T12255]  __kmalloc_noprof+0xd8/0x400
[  779.809571][T12255]  ? kfree+0x4e/0x360
[  779.813551][T12255]  tomoyo_realpath_from_path+0xcf/0x5e0
[  779.819102][T12255]  tomoyo_path_number_perm+0x23a/0x880
[  779.824556][T12255]  ? tomoyo_path_number_perm+0x208/0x880
[  779.830181][T12255]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  779.836184][T12255]  ? __fget_files+0x29/0x470
[  779.840769][T12255]  ? __fget_files+0x3f6/0x470
[  779.845435][T12255]  ? __fget_files+0x29/0x470
[  779.850023][T12255]  security_file_ioctl+0x75/0xb0
[  779.854962][T12255]  __se_sys_ioctl+0x47/0x170
[  779.859549][T12255]  do_syscall_64+0xf3/0x230
[  779.864045][T12255]  ? clear_bhb_loop+0x35/0x90
[  779.868718][T12255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.874606][T12255] RIP: 0033:0x7f34daf7def9
[  779.879016][T12255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.898615][T12255] RSP: 002b:00007f34dbd3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  779.907028][T12255] RAX: ffffffffffffffda RBX: 00007f34db135f80 RCX: 00007f34daf7def9
[  779.915083][T12255] RDX: 0000000000000000 RSI: 00000000c020660b RDI: 0000000000000003
[  779.923047][T12255] RBP: 00007f34dbd3b090 R08: 0000000000000000 R09: 0000000000000000
[  779.931102][T12255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  779.939065][T12255] R13: 0000000000000000 R14: 00007f34db135f80 R15: 00007fff79b1a6e8
[  779.947063][T12255]  </TASK>
[  779.957225][T12255] ERROR: Out of memory at tomoyo_realpath_from_path.
[  779.961023][T12017] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  779.974830][T12017] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  780.126208][ T5302] usb 1-1: device descriptor read/64, error -71
[  780.232702][T12017] 8021q: adding VLAN 0 to HW filter on device batadv0
[  780.319032][ T8731] usb 4-1: USB disconnect, device number 12
[  780.396652][ T5302] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  780.429397][T12017] veth0_vlan: entered promiscuous mode
[  780.435025][T12269] sp0: Synchronizing with TNC
[  780.443567][T12273] tmpfs: Bad value for 'mpol'
[  780.488716][T12017] veth1_vlan: entered promiscuous mode
[  780.578095][ T5302] usb 1-1: device descriptor read/64, error -71
[  780.625295][T12017] veth0_macvtap: entered promiscuous mode
[  780.626624][T12280] tmpfs: Bad value for 'mpol'
[  780.670284][T12017] veth1_macvtap: entered promiscuous mode
[  780.702193][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  780.712754][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.719808][ T5302] usb usb1-port1: attempt power cycle
[  780.731185][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  780.749042][T12283] tmpfs: Bad value for 'mpol'
[  780.777790][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.807504][T12017] batman_adv: batadv0: Interface activated: batadv_slave_0
[  780.856024][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.871743][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.882568][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.901344][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.912964][T12017] batman_adv: batadv0: Interface activated: batadv_slave_1
[  780.952289][T12017] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  780.964502][T12017] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  780.994355][T12017] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  781.217822][T12017] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  781.758141][ T5302] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  781.819389][ T5302] usb 1-1: device descriptor read/8, error -71
[  781.888275][ T1114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.907486][ T1114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  781.976864][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  782.026732][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  782.105787][ T5302] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  782.119567][T12309] FAULT_INJECTION: forcing a failure.
[  782.119567][T12309] name failslab, interval 1, probability 0, space 0, times 0
[  782.126862][T12307] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1438'.
[  782.149524][T12309] CPU: 1 UID: 0 PID: 12309 Comm: syz.3.1439 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  782.158701][T12307] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1438'.
[  782.160339][T12309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  782.179436][T12309] Call Trace:
[  782.182701][T12309]  <TASK>
[  782.185614][T12309]  dump_stack_lvl+0x241/0x360
[  782.190311][T12309]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.195496][T12309]  ? __pfx__printk+0x10/0x10
[  782.200071][T12309]  ? fs_reclaim_acquire+0x93/0x140
[  782.205165][T12309]  ? __pfx___might_resched+0x10/0x10
[  782.210532][T12309]  should_fail_ex+0x3b0/0x4e0
[  782.215197][T12309]  ? tomoyo_encode+0x26f/0x540
[  782.219944][T12309]  should_failslab+0xac/0x100
[  782.224605][T12309]  ? tomoyo_encode+0x26f/0x540
[  782.229443][T12309]  __kmalloc_noprof+0xd8/0x400
[  782.234196][T12309]  tomoyo_encode+0x26f/0x540
[  782.238774][T12309]  tomoyo_realpath_from_path+0x59e/0x5e0
[  782.244396][T12309]  tomoyo_path_number_perm+0x23a/0x880
[  782.249842][T12309]  ? tomoyo_path_number_perm+0x208/0x880
[  782.255487][T12309]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  782.261479][T12309]  ? __fget_files+0x29/0x470
[  782.266056][T12309]  ? __fget_files+0x3f6/0x470
[  782.270714][T12309]  ? __fget_files+0x29/0x470
[  782.275287][T12309]  security_file_ioctl+0x75/0xb0
[  782.280211][T12309]  __se_sys_ioctl+0x47/0x170
[  782.284789][T12309]  do_syscall_64+0xf3/0x230
[  782.289279][T12309]  ? clear_bhb_loop+0x35/0x90
[  782.293946][T12309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.299825][T12309] RIP: 0033:0x7f516f17def9
[  782.304221][T12309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  782.323829][T12309] RSP: 002b:00007f5170054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  782.332226][T12309] RAX: ffffffffffffffda RBX: 00007f516f335f80 RCX: 00007f516f17def9
[  782.340181][T12309] RDX: 0000000020000040 RSI: 0000000040485404 RDI: 0000000000000003
[  782.348135][T12309] RBP: 00007f5170054090 R08: 0000000000000000 R09: 0000000000000000
[  782.356201][T12309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  782.364163][T12309] R13: 0000000000000000 R14: 00007f516f335f80 R15: 00007ffdb7f16798
[  782.372140][T12309]  </TASK>
[  782.379325][T12309] ERROR: Out of memory at tomoyo_realpath_from_path.
[  782.390313][ T5302] usb 1-1: device descriptor read/8, error -71
[  782.515952][ T5302] usb usb1-port1: unable to enumerate USB device
[  782.587087][T12316] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1440'.
[  782.670125][T12320] netlink: 'syz.2.1361': attribute type 4 has an invalid length.
[  782.679604][T12320] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1361'.
[  782.694822][T12319] netlink: 'syz.0.1441': attribute type 8 has an invalid length.
[  782.989969][T12323] netlink: 'syz.3.1442': attribute type 6 has an invalid length.
[  783.091744][T12330] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  783.098292][T12330] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  783.157940][T12330] vhci_hcd vhci_hcd.0: Device attached
[  783.230966][T12336] FAULT_INJECTION: forcing a failure.
[  783.230966][T12336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  783.244859][T12336] CPU: 0 UID: 0 PID: 12336 Comm: syz.1.1444 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  783.255657][T12336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  783.265737][T12336] Call Trace:
[  783.269039][T12336]  <TASK>
[  783.271989][T12336]  dump_stack_lvl+0x241/0x360
[  783.276695][T12336]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.281919][T12336]  ? __pfx__printk+0x10/0x10
[  783.286543][T12336]  ? mark_lock+0x9a/0x350
[  783.290906][T12336]  should_fail_ex+0x3b0/0x4e0
[  783.295618][T12336]  strncpy_from_user+0x36/0x2e0
[  783.300509][T12336]  strncpy_from_user_nofault+0x71/0x140
[  783.306092][T12336]  bpf_probe_read_user_str+0x2a/0x70
[  783.311410][T12336]  bpf_prog_4e6a4fc51b8ce294+0x40/0x42
[  783.316893][T12336]  __bpf_prog_test_run_raw_tp+0x204/0x440
[  783.322614][T12336]  ? __bpf_prog_test_run_raw_tp+0xd6/0x440
[  783.328439][T12336]  ? __pfx___bpf_prog_test_run_raw_tp+0x10/0x10
[  783.334698][T12336]  ? __pfx_lock_release+0x10/0x10
[  783.335822][T11201] vhci_hcd: vhci_device speed not set
[  783.339816][T12336]  bpf_prog_test_run_raw_tp+0x47b/0x6a0
[  783.350711][T12336]  ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10
[  783.356768][T12336]  ? __fget_files+0x3f6/0x470
[  783.361436][T12336]  ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10
[  783.367489][T12336]  bpf_prog_test_run+0x33a/0x3b0
[  783.372454][T12336]  __sys_bpf+0x48d/0x810
[  783.376687][T12336]  ? __pfx___sys_bpf+0x10/0x10
[  783.381459][T12336]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  783.387447][T12336]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  783.393777][T12336]  ? do_syscall_64+0x100/0x230
[  783.398533][T12336]  __x64_sys_bpf+0x7c/0x90
[  783.402935][T12336]  do_syscall_64+0xf3/0x230
[  783.407424][T12336]  ? clear_bhb_loop+0x35/0x90
[  783.412089][T12336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.417974][T12336] RIP: 0033:0x7f34daf7def9
[  783.422369][T12336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.442048][T12336] RSP: 002b:00007f34dbd3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  783.450447][T12336] RAX: ffffffffffffffda RBX: 00007f34db135f80 RCX: 00007f34daf7def9
[  783.458437][T12336] RDX: 0000000000000050 RSI: 0000000020000640 RDI: 000000000000000a
[  783.466396][T12336] RBP: 00007f34dbd3b090 R08: 0000000000000000 R09: 0000000000000000
[  783.474370][T12336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.482325][T12336] R13: 0000000000000000 R14: 00007f34db135f80 R15: 00007fff79b1a6e8
[  783.490301][T12336]  </TASK>
[  783.607896][T11201] usb 9-1: new full-speed USB device number 3 using vhci_hcd
[  783.714618][T12344] FAULT_INJECTION: forcing a failure.
[  783.714618][T12344] name failslab, interval 1, probability 0, space 0, times 0
[  783.749495][T12344] CPU: 1 UID: 0 PID: 12344 Comm: syz.1.1445 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  783.760318][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  783.770393][T12344] Call Trace:
[  783.773689][T12344]  <TASK>
[  783.776640][T12344]  dump_stack_lvl+0x241/0x360
[  783.781349][T12344]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.786578][T12344]  ? __pfx__printk+0x10/0x10
[  783.791283][T12344]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  783.797293][T12344]  ? __pfx___might_resched+0x10/0x10
[  783.802613][T12344]  should_fail_ex+0x3b0/0x4e0
[  783.807371][T12344]  should_failslab+0xac/0x100
[  783.812072][T12344]  ? __alloc_skb+0x1c3/0x440
[  783.817028][T12344]  kmem_cache_alloc_node_noprof+0x71/0x320
[  783.822949][T12344]  __alloc_skb+0x1c3/0x440
[  783.827393][T12344]  ? __pfx___alloc_skb+0x10/0x10
[  783.832356][T12344]  ? netlink_autobind+0xd6/0x2f0
[  783.837311][T12344]  ? netlink_autobind+0x2b0/0x2f0
[  783.842361][T12344]  netlink_sendmsg+0x638/0xcb0
[  783.847162][T12344]  ? __pfx_netlink_sendmsg+0x10/0x10
[  783.852558][T12344]  ? __import_iovec+0x536/0x820
[  783.857617][T12344]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  783.862929][T12344]  ? security_socket_sendmsg+0x87/0xb0
[  783.868417][T12344]  ? __pfx_netlink_sendmsg+0x10/0x10
[  783.873735][T12344]  __sock_sendmsg+0x221/0x270
[  783.878463][T12344]  ____sys_sendmsg+0x525/0x7d0
[  783.883258][T12344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  783.888589][T12344]  __sys_sendmsg+0x2b0/0x3a0
[  783.893212][T12344]  ? __pfx___sys_sendmsg+0x10/0x10
[  783.898354][T12344]  ? vfs_write+0x7c4/0xc90
[  783.902839][T12344]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  783.909194][T12344]  ? do_syscall_64+0x100/0x230
[  783.914161][T12344]  ? do_syscall_64+0xb6/0x230
[  783.919044][T12344]  do_syscall_64+0xf3/0x230
[  783.923579][T12344]  ? clear_bhb_loop+0x35/0x90
[  783.928286][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.934204][T12344] RIP: 0033:0x7f34daf7def9
[  783.938641][T12344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.958272][T12344] RSP: 002b:00007f34dbd3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  783.965586][T12331] vhci_hcd: connection reset by peer
[  783.966698][T12344] RAX: ffffffffffffffda RBX: 00007f34db135f80 RCX: 00007f34daf7def9
[  783.966718][T12344] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  783.966732][T12344] RBP: 00007f34dbd3b090 R08: 0000000000000000 R09: 0000000000000000
[  783.966744][T12344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.966756][T12344] R13: 0000000000000000 R14: 00007f34db135f80 R15: 00007fff79b1a6e8
[  783.981210][   T12] vhci_hcd: stop threads
[  783.987958][T12344]  </TASK>
[  784.098068][T12353] FAULT_INJECTION: forcing a failure.
[  784.098068][T12353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.119374][   T12] vhci_hcd: release socket
[  784.162197][   T12] vhci_hcd: disconnect device
[  784.177737][T12353] CPU: 0 UID: 0 PID: 12353 Comm: syz.3.1447 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  784.188533][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  784.198580][T12353] Call Trace:
[  784.201863][T12353]  <TASK>
[  784.204798][T12353]  dump_stack_lvl+0x241/0x360
[  784.209470][T12353]  ? __pfx_dump_stack_lvl+0x10/0x10
[  784.214655][T12353]  ? __pfx__printk+0x10/0x10
[  784.219248][T12353]  ? snprintf+0xda/0x120
[  784.223569][T12353]  should_fail_ex+0x3b0/0x4e0
[  784.228335][T12353]  _copy_to_user+0x2f/0xb0
[  784.232749][T12353]  simple_read_from_buffer+0xca/0x150
[  784.238119][T12353]  proc_fail_nth_read+0x1ec/0x260
[  784.243139][T12353]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  784.248687][T12353]  ? rw_verify_area+0x520/0x6b0
[  784.253553][T12353]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  784.259096][T12353]  vfs_read+0x204/0xbc0
[  784.263255][T12353]  ? __pfx_lock_release+0x10/0x10
[  784.268337][T12353]  ? __pfx_vfs_read+0x10/0x10
[  784.273020][T12353]  ? __fget_files+0x29/0x470
[  784.277611][T12353]  ? __fget_files+0x3f6/0x470
[  784.282294][T12353]  ksys_read+0x1a0/0x2c0
[  784.286548][T12353]  ? __pfx_ksys_read+0x10/0x10
[  784.291333][T12353]  ? do_syscall_64+0x100/0x230
[  784.296105][T12353]  ? do_syscall_64+0xb6/0x230
[  784.300954][T12353]  do_syscall_64+0xf3/0x230
[  784.305474][T12353]  ? clear_bhb_loop+0x35/0x90
[  784.310155][T12353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.316053][T12353] RIP: 0033:0x7f516f17c93c
[  784.320474][T12353] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  784.340162][T12353] RSP: 002b:00007f5170054030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  784.348566][T12353] RAX: ffffffffffffffda RBX: 00007f516f335f80 RCX: 00007f516f17c93c
[  784.356530][T12353] RDX: 000000000000000f RSI: 00007f51700540a0 RDI: 0000000000000003
[  784.364486][T12353] RBP: 00007f5170054090 R08: 0000000000000000 R09: 0000000000000000
[  784.372460][T12353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.380436][T12353] R13: 0000000000000000 R14: 00007f516f335f80 R15: 00007ffdb7f16798
[  784.388407][T12353]  </TASK>
[  784.584896][T12360] FAULT_INJECTION: forcing a failure.
[  784.584896][T12360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.599947][T12360] CPU: 0 UID: 0 PID: 12360 Comm: syz.3.1449 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  784.610793][T12360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  784.620868][T12360] Call Trace:
[  784.624142][T12360]  <TASK>
[  784.627066][T12360]  dump_stack_lvl+0x241/0x360
[  784.631739][T12360]  ? __pfx_dump_stack_lvl+0x10/0x10
[  784.636955][T12360]  ? __pfx__printk+0x10/0x10
[  784.641539][T12360]  should_fail_ex+0x3b0/0x4e0
[  784.646208][T12360]  strncpy_from_user+0x36/0x2e0
[  784.651055][T12360]  ? kmem_cache_alloc_noprof+0x185/0x2a0
[  784.656684][T12360]  getname_flags+0xf1/0x540
[  784.661213][T12360]  do_sys_openat2+0xd2/0x1d0
[  784.665805][T12360]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  784.671778][T12360]  ? __pfx_do_sys_openat2+0x10/0x10
[  784.676971][T12360]  ? __fget_files+0x3f6/0x470
[  784.681640][T12360]  __x64_sys_openat+0x247/0x2a0
[  784.686484][T12360]  ? __pfx___x64_sys_openat+0x10/0x10
[  784.691846][T12360]  ? do_syscall_64+0x100/0x230
[  784.696601][T12360]  ? do_syscall_64+0xb6/0x230
[  784.701270][T12360]  do_syscall_64+0xf3/0x230
[  784.705765][T12360]  ? clear_bhb_loop+0x35/0x90
[  784.710467][T12360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.716415][T12360] RIP: 0033:0x7f516f17def9
[  784.720824][T12360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.740424][T12360] RSP: 002b:00007f5170054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  784.748940][T12360] RAX: ffffffffffffffda RBX: 00007f516f335f80 RCX: 00007f516f17def9
[  784.756935][T12360] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004
[  784.764895][T12360] RBP: 00007f5170054090 R08: 0000000000000000 R09: 0000000000000000
[  784.772942][T12360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.780913][T12360] R13: 0000000000000000 R14: 00007f516f335f80 R15: 00007ffdb7f16798
[  784.788897][T12360]  </TASK>
[  784.834096][T12362] FAULT_INJECTION: forcing a failure.
[  784.834096][T12362] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.863352][T12362] CPU: 0 UID: 0 PID: 12362 Comm: syz.1.1450 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  784.874147][T12362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  784.884204][T12362] Call Trace:
[  784.887478][T12362]  <TASK>
[  784.890420][T12362]  dump_stack_lvl+0x241/0x360
[  784.895178][T12362]  ? __pfx_dump_stack_lvl+0x10/0x10
[  784.900375][T12362]  ? __pfx__printk+0x10/0x10
[  784.904965][T12362]  ? __pfx_lock_release+0x10/0x10
[  784.909992][T12362]  ? rcu_is_watching+0x15/0xb0
[  784.914751][T12362]  should_fail_ex+0x3b0/0x4e0
[  784.919445][T12362]  _copy_from_iter+0x1f6/0x1960
[  784.924315][T12362]  ? alloc_pages_mpol_noprof+0x417/0x680
[  784.929941][T12362]  ? __pfx__copy_from_iter+0x10/0x10
[  784.935226][T12362]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  784.941211][T12362]  ? alloc_pages_noprof+0xef/0x170
[  784.946327][T12362]  ? page_copy_sane+0x46/0x260
[  784.951173][T12362]  copy_page_from_iter+0x7a/0x100
[  784.956203][T12362]  tun_get_user+0x1f7d/0x4720
[  784.960875][T12362]  ? tun_get_user+0x871/0x4720
[  784.965644][T12362]  ? __lock_acquire+0x137a/0x2040
[  784.970679][T12362]  ? __pfx_tun_get_user+0x10/0x10
[  784.975710][T12362]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  784.981163][T12362]  ? tun_get+0x1e/0x2f0
[  784.985312][T12362]  ? __pfx_lock_release+0x10/0x10
[  784.990339][T12362]  ? tun_get+0x1e/0x2f0
[  784.994484][T12362]  ? tun_get+0x27d/0x2f0
[  784.998718][T12362]  tun_chr_write_iter+0x113/0x1f0
[  785.003738][T12362]  vfs_write+0xa72/0xc90
[  785.007980][T12362]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  785.013519][T12362]  ? __pfx_vfs_write+0x10/0x10
[  785.018291][T12362]  ksys_write+0x1a0/0x2c0
[  785.022623][T12362]  ? __pfx_ksys_write+0x10/0x10
[  785.027478][T12362]  ? do_syscall_64+0x100/0x230
[  785.032240][T12362]  ? do_syscall_64+0xb6/0x230
[  785.036912][T12362]  do_syscall_64+0xf3/0x230
[  785.041410][T12362]  ? clear_bhb_loop+0x35/0x90
[  785.046087][T12362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.051974][T12362] RIP: 0033:0x7f34daf7c9df
[  785.056384][T12362] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  785.075987][T12362] RSP: 002b:00007f34dbd3b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  785.084398][T12362] RAX: ffffffffffffffda RBX: 00007f34db135f80 RCX: 00007f34daf7c9df
[  785.092363][T12362] RDX: 00000000000000c2 RSI: 0000000020000240 RDI: 00000000000000c8
[  785.100415][T12362] RBP: 00007f34dbd3b090 R08: 0000000000000000 R09: 0000000000000000
[  785.108378][T12362] R10: 00000000000000c2 R11: 0000000000000293 R12: 0000000000000001
[  785.116385][T12362] R13: 0000000000000001 R14: 00007f34db135f80 R15: 00007fff79b1a6e8
[  785.124376][T12362]  </TASK>
[  785.958387][T12385] sctp: [Deprecated]: syz.4.1456 (pid 12385) Use of int in maxseg socket option.
[  785.958387][T12385] Use struct sctp_assoc_value instead
[  787.951532][T12390] 9pnet_fd: Insufficient options for proto=fd
[  788.813860][T12400] 
€Â: renamed from syzkaller0
[  788.865970][ T5301] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  789.551059][T11201] vhci_hcd: vhci_device speed not set
[  789.728720][T12394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.867973][T12413] FAULT_INJECTION: forcing a failure.
[  789.867973][T12413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  789.881586][T12413] CPU: 1 UID: 0 PID: 12413 Comm: syz.4.1463 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  789.892363][T12413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  789.902433][T12413] Call Trace:
[  789.905894][T12413]  <TASK>
[  789.908831][T12413]  dump_stack_lvl+0x241/0x360
[  789.913528][T12413]  ? __pfx_dump_stack_lvl+0x10/0x10
[  789.918738][T12413]  ? __pfx__printk+0x10/0x10
[  789.923340][T12413]  ? __pfx_lock_release+0x10/0x10
[  789.928387][T12413]  should_fail_ex+0x3b0/0x4e0
[  789.933105][T12413]  _copy_to_iter+0x43a/0x1960
[  789.939903][T12413]  ? __virt_addr_valid+0x183/0x530
[  789.945050][T12413]  ? __pfx__copy_to_iter+0x10/0x10
[  789.950180][T12413]  ? __virt_addr_valid+0x183/0x530
[  789.955300][T12413]  ? __virt_addr_valid+0x183/0x530
[  789.960418][T12413]  ? __virt_addr_valid+0x45f/0x530
[  789.965537][T12413]  ? __phys_addr_symbol+0x2f/0x70
[  789.970569][T12413]  ? __check_object_size+0x49c/0x900
[  789.975864][T12413]  ? m_stop+0x17e/0x1e0
[  789.980118][T12413]  seq_read_iter+0xb72/0xd60
[  789.984746][T12413]  seq_read+0x3a4/0x4f0
[  789.988925][T12413]  ? __pfx_seq_read+0x10/0x10
[  789.993634][T12413]  ? __mutex_trylock_common+0x183/0x2e0
[  789.999215][T12413]  ? rw_verify_area+0x520/0x6b0
[  790.004078][T12413]  ? __pfx_seq_read+0x10/0x10
[  790.008774][T12413]  vfs_read+0x204/0xbc0
[  790.012941][T12413]  ? __pfx_lock_release+0x10/0x10
[  790.018071][T12413]  ? __pfx_vfs_read+0x10/0x10
[  790.022780][T12413]  ? __fget_files+0x29/0x470
[  790.027378][T12413]  ? __fget_files+0x3f6/0x470
[  790.032073][T12413]  ksys_read+0x1a0/0x2c0
[  790.036337][T12413]  ? __pfx_ksys_read+0x10/0x10
[  790.041113][T12413]  ? do_syscall_64+0x100/0x230
[  790.045895][T12413]  ? do_syscall_64+0xb6/0x230
[  790.050585][T12413]  do_syscall_64+0xf3/0x230
[  790.055186][T12413]  ? clear_bhb_loop+0x35/0x90
[  790.059972][T12413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.065875][T12413] RIP: 0033:0x7f4b73f7def9
[  790.070302][T12413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.089919][T12413] RSP: 002b:00007f4b74d0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  790.098345][T12413] RAX: ffffffffffffffda RBX: 00007f4b74136130 RCX: 00007f4b73f7def9
[  790.106332][T12413] RDX: 00000000000010c8 RSI: 0000000020002140 RDI: 000000000000000e
[  790.114313][T12413] RBP: 00007f4b74d0d090 R08: 0000000000000000 R09: 0000000000000000
[  790.122462][T12413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  790.130525][T12413] R13: 0000000000000000 R14: 00007f4b74136130 R15: 00007ffd83f1fb78
[  790.138525][T12413]  </TASK>
[  791.865227][T12423] syz.3.1464[12423] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  791.865325][T12423] syz.3.1464[12423] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  793.007739][T12437] tmpfs: Bad value for 'mpol'
[  793.327504][T12439] 9pnet_fd: Insufficient options for proto=fd
[  794.545105][T12455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1476'.
[  794.570137][T12455] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1476'.
[  794.936341][ T5301] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  795.129037][ T5301] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  795.144655][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1469'.
[  795.153827][ T5301] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  795.181789][ T5301] usb 4-1: config 0 descriptor??
[  795.795897][ T5229] Bluetooth: hci5: command 0x0406 tx timeout
[  796.649838][ T5301] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  796.688509][ T5301] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  796.822344][ T5301] [drm:udl_init] *ERROR* Selecting channel failed
[  796.872769][T12476] ecryptfs_parse_options: eCryptfs: unrecognized option [&@]
[  796.890334][ T5301] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  796.900013][T12476] ecryptfs_parse_options: eCryptfs: unrecognized option []
[  796.915797][T12476] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  796.949661][ T5301] [drm] Initialized udl on minor 2
[  796.960521][ T5301] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  796.974639][T12476] Error parsing options; rc = [-22]
[  796.994979][T12481] netlink: 'syz.4.1482': attribute type 8 has an invalid length.
[  797.016830][ T5301] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  797.049092][T11201] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  797.049507][T11201] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  797.058678][ T5301] usb 4-1: USB disconnect, device number 14
[  797.265989][T12487] FAULT_INJECTION: forcing a failure.
[  797.265989][T12487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  797.283471][T12487] CPU: 1 UID: 0 PID: 12487 Comm: syz.0.1486 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  797.294279][T12487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  797.304356][T12487] Call Trace:
[  797.307656][T12487]  <TASK>
[  797.310609][T12487]  dump_stack_lvl+0x241/0x360
[  797.315311][T12487]  ? __pfx_dump_stack_lvl+0x10/0x10
[  797.320532][T12487]  ? __pfx__printk+0x10/0x10
[  797.325145][T12487]  ? __pfx_lock_release+0x10/0x10
[  797.330191][T12487]  ? __bpf_prog_test_run_raw_tp+0x2ce/0x440
[  797.336114][T12487]  should_fail_ex+0x3b0/0x4e0
[  797.340804][T12487]  _copy_to_user+0x2f/0xb0
[  797.345224][T12487]  bpf_prog_test_run_raw_tp+0x4f0/0x6a0
[  797.350767][T12487]  ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10
[  797.356821][T12487]  ? __fget_files+0x3f6/0x470
[  797.361493][T12487]  ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10
[  797.367552][T12487]  bpf_prog_test_run+0x33a/0x3b0
[  797.372489][T12487]  __sys_bpf+0x48d/0x810
[  797.376729][T12487]  ? __pfx___sys_bpf+0x10/0x10
[  797.381498][T12487]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  797.387485][T12487]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  797.393821][T12487]  ? do_syscall_64+0x100/0x230
[  797.398583][T12487]  __x64_sys_bpf+0x7c/0x90
[  797.402998][T12487]  do_syscall_64+0xf3/0x230
[  797.407498][T12487]  ? clear_bhb_loop+0x35/0x90
[  797.412180][T12487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.418075][T12487] RIP: 0033:0x7f4b2757def9
[  797.422487][T12487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  797.442089][T12487] RSP: 002b:00007f4b2845e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  797.450499][T12487] RAX: ffffffffffffffda RBX: 00007f4b27735f80 RCX: 00007f4b2757def9
[  797.458463][T12487] RDX: 0000000000000050 RSI: 0000000020000640 RDI: 000000000000000a
[  797.466425][T12487] RBP: 00007f4b2845e090 R08: 0000000000000000 R09: 0000000000000000
[  797.474391][T12487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  797.482378][T12487] R13: 0000000000000000 R14: 00007f4b27735f80 R15: 00007ffeff6e4738
[  797.490377][T12487]  </TASK>
[  797.493543][    C1] vkms_vblank_simulate: vblank timer overrun
[  797.494820][ T5302] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  798.518506][ T5302] usb 3-1: device descriptor read/64, error -71
[  798.906197][ T5302] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  798.985627][T12511] FAULT_INJECTION: forcing a failure.
[  798.985627][T12511] name failslab, interval 1, probability 0, space 0, times 0
[  799.001570][T12511] CPU: 0 UID: 0 PID: 12511 Comm: syz.4.1493 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  799.012368][T12511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  799.022442][T12511] Call Trace:
[  799.025735][T12511]  <TASK>
[  799.028770][T12511]  dump_stack_lvl+0x241/0x360
[  799.033470][T12511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  799.038687][T12511]  ? __pfx__printk+0x10/0x10
[  799.043296][T12511]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  799.049300][T12511]  ? __pfx___might_resched+0x10/0x10
[  799.054612][T12511]  should_fail_ex+0x3b0/0x4e0
[  799.059571][T12511]  should_failslab+0xac/0x100
[  799.064263][T12511]  ? __alloc_skb+0x1c3/0x440
[  799.068901][T12511]  kmem_cache_alloc_node_noprof+0x71/0x320
[  799.074731][T12511]  __alloc_skb+0x1c3/0x440
[  799.079173][T12511]  ? __pfx___alloc_skb+0x10/0x10
[  799.084133][T12511]  ? netlink_autobind+0xd6/0x2f0
[  799.089081][T12511]  ? netlink_autobind+0x2b0/0x2f0
[  799.094120][T12511]  netlink_sendmsg+0x638/0xcb0
[  799.098998][T12511]  ? __pfx_netlink_sendmsg+0x10/0x10
[  799.104311][T12511]  ? __import_iovec+0x536/0x820
[  799.109187][T12511]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  799.114493][T12511]  ? security_socket_sendmsg+0x87/0xb0
[  799.119951][T12511]  ? __pfx_netlink_sendmsg+0x10/0x10
[  799.125226][T12511]  __sock_sendmsg+0x221/0x270
[  799.129897][T12511]  ____sys_sendmsg+0x525/0x7d0
[  799.134659][T12511]  ? __pfx_____sys_sendmsg+0x10/0x10
[  799.139959][T12511]  __sys_sendmsg+0x2b0/0x3a0
[  799.144575][T12511]  ? __pfx___sys_sendmsg+0x10/0x10
[  799.149687][T12511]  ? vfs_write+0x7c4/0xc90
[  799.154169][T12511]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  799.160496][T12511]  ? do_syscall_64+0x100/0x230
[  799.165253][T12511]  ? do_syscall_64+0xb6/0x230
[  799.169950][T12511]  do_syscall_64+0xf3/0x230
[  799.174462][T12511]  ? clear_bhb_loop+0x35/0x90
[  799.179129][T12511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.185021][T12511] RIP: 0033:0x7f4b73f7def9
[  799.189423][T12511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.209026][T12511] RSP: 002b:00007f4b74d4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  799.217448][T12511] RAX: ffffffffffffffda RBX: 00007f4b74135f80 RCX: 00007f4b73f7def9
[  799.225419][T12511] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[  799.233380][T12511] RBP: 00007f4b74d4f090 R08: 0000000000000000 R09: 0000000000000000
[  799.241337][T12511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  799.249301][T12511] R13: 0000000000000000 R14: 00007f4b74135f80 R15: 00007ffd83f1fb78
[  799.257283][T12511]  </TASK>
[  799.366047][ T5302] usb 3-1: device descriptor read/64, error -71
[  799.487656][ T5302] usb usb3-port1: attempt power cycle
[  799.695891][  T940] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  799.942775][  T940] usb 1-1: Using ep0 maxpacket: 16
[  799.963198][  T940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  799.976647][ T5302] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  800.013420][  T940] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  800.039383][  T940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.048254][ T5302] usb 3-1: device descriptor read/8, error -71
[  800.059108][  T940] usb 1-1: Product: syz
[  800.063285][  T940] usb 1-1: Manufacturer: syz
[  800.076939][  T940] usb 1-1: SerialNumber: syz
[  800.087119][  T940] usb 1-1: config 0 descriptor??
[  800.114844][  T940] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  800.120308][T12518] IPVS: Error connecting to the multicast addr
[  801.140211][ T3398] usb 1-1: Failed to submit usb control message: -110
[  801.153238][ T3398] usb 1-1: unable to send the bmi data to the device: -110
[  801.175237][ T3398] usb 1-1: unable to get target info from device
[  801.221986][ T3398] usb 1-1: could not get target info (-110)
[  801.228936][ T3398] usb 1-1: could not probe fw (-110)
[  802.461174][ T5270] usb 1-1: USB disconnect, device number 22
[  804.942405][T12562] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  806.302778][T12569] 9pnet_fd: Insufficient options for proto=fd
[  808.546269][T12582] 9pnet_fd: Insufficient options for proto=fd
[  809.109656][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  809.116736][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  810.792915][T12600] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  810.799545][T12600] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  810.809855][  T940] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  811.068301][T12600] vhci_hcd vhci_hcd.0: Device attached
[  811.306263][ T5270] vhci_hcd: vhci_device speed not set
[  811.595806][T11201] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  811.603460][ T5270] usb 13-1: new full-speed USB device number 7 using vhci_hcd
[  811.697792][  T940] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  811.730593][  T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  811.764731][  T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  811.795322][  T940] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  811.815817][T11201] usb 1-1: Using ep0 maxpacket: 16
[  811.827048][T11201] usb 1-1: unable to get BOS descriptor or descriptor too short
[  811.858245][T11201] usb 1-1: config 4 has an invalid interface number: 3 but max is 0
[  811.870526][T11201] usb 1-1: config 4 has no interface number 0
[  811.880747][T11201] usb 1-1: config 4 interface 3 has no altsetting 0
[  811.881051][  T940] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  811.892907][T11201] usb 1-1: New USB device found, idVendor=0c45, idProduct=60b0, bcdDevice=da.af
[  811.929187][T11201] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.955783][T11201] usb 1-1: Product: syz
[  811.957709][  T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.980760][T11201] usb 1-1: Manufacturer: syz
[  811.996917][T11201] usb 1-1: SerialNumber: syz
[  812.024293][  T940] usb 4-1: config 0 descriptor??
[  812.071540][T12591] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  812.129829][T12602] vhci_hcd: connection reset by peer
[  812.141087][   T52] vhci_hcd: stop threads
[  812.146306][   T52] vhci_hcd: release socket
[  812.153723][   T52] vhci_hcd: disconnect device
[  812.254019][T11201] gspca_main: sonixb-2.14.0 probing 0c45:60b0
[  812.275521][T11201] sonixb 1-1:4.3: Error reading register 00: -71
[  812.287908][T11201] usb 1-1: USB disconnect, device number 23
[  812.482022][T12621] FAULT_INJECTION: forcing a failure.
[  812.482022][T12621] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.508980][T12621] CPU: 0 UID: 0 PID: 12621 Comm: syz.1.1522 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  812.519777][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  812.529836][T12621] Call Trace:
[  812.533107][T12621]  <TASK>
[  812.536026][T12621]  dump_stack_lvl+0x241/0x360
[  812.540706][T12621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  812.545893][T12621]  ? __pfx__printk+0x10/0x10
[  812.550472][T12621]  ? snprintf+0xda/0x120
[  812.554704][T12621]  should_fail_ex+0x3b0/0x4e0
[  812.559372][T12621]  _copy_to_user+0x2f/0xb0
[  812.563812][T12621]  simple_read_from_buffer+0xca/0x150
[  812.569195][T12621]  proc_fail_nth_read+0x1ec/0x260
[  812.574236][T12621]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.579778][T12621]  ? rw_verify_area+0x520/0x6b0
[  812.584622][T12621]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.590167][T12621]  vfs_read+0x204/0xbc0
[  812.594318][T12621]  ? __pfx_lock_release+0x10/0x10
[  812.599342][T12621]  ? __pfx_vfs_read+0x10/0x10
[  812.604014][T12621]  ? __fget_files+0x29/0x470
[  812.608590][T12621]  ? __fget_files+0x3f6/0x470
[  812.613263][T12621]  ksys_read+0x1a0/0x2c0
[  812.617515][T12621]  ? __pfx_ksys_read+0x10/0x10
[  812.622307][T12621]  ? do_syscall_64+0x100/0x230
[  812.627074][T12621]  ? do_syscall_64+0xb6/0x230
[  812.631774][T12621]  do_syscall_64+0xf3/0x230
[  812.636288][T12621]  ? clear_bhb_loop+0x35/0x90
[  812.640953][T12621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.646839][T12621] RIP: 0033:0x7f34daf7c93c
[  812.651259][T12621] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  812.670884][T12621] RSP: 002b:00007f34dbd3b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  812.679325][T12621] RAX: ffffffffffffffda RBX: 00007f34db135f80 RCX: 00007f34daf7c93c
[  812.687323][T12621] RDX: 000000000000000f RSI: 00007f34dbd3b0a0 RDI: 0000000000000003
[  812.695283][T12621] RBP: 00007f34dbd3b090 R08: 0000000000000000 R09: 0000000000000000
[  812.703244][T12621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.711214][T12621] R13: 0000000000000001 R14: 00007f34db135f80 R15: 00007fff79b1a6e8
[  812.719215][T12621]  </TASK>
[  812.758604][  T940] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd
[  812.798440][  T940] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  812.837810][  T940] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  812.883992][T12625] FAULT_INJECTION: forcing a failure.
[  812.883992][T12625] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.920121][T12625] CPU: 0 UID: 0 PID: 12625 Comm: syz.1.1523 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  812.930943][T12625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  812.941024][T12625] Call Trace:
[  812.944327][T12625]  <TASK>
[  812.947282][T12625]  dump_stack_lvl+0x241/0x360
[  812.952600][T12625]  ? __pfx_dump_stack_lvl+0x10/0x10
[  812.957826][T12625]  ? __pfx__printk+0x10/0x10
[  812.962452][T12625]  ? snprintf+0xda/0x120
[  812.966727][T12625]  should_fail_ex+0x3b0/0x4e0
[  812.971468][T12625]  _copy_to_user+0x2f/0xb0
[  812.975916][T12625]  simple_read_from_buffer+0xca/0x150
[  812.981314][T12625]  proc_fail_nth_read+0x1ec/0x260
[  812.986343][T12625]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.991891][T12625]  ? rw_verify_area+0x520/0x6b0
[  812.996736][T12625]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  813.002280][T12625]  vfs_read+0x204/0xbc0
[  813.006443][T12625]  ? __pfx_lock_release+0x10/0x10
[  813.011561][T12625]  ? __pfx_vfs_read+0x10/0x10
[  813.016237][T12625]  ? trace_contention_end+0x3c/0x120
[  813.021519][T12625]  ? __fget_files+0x29/0x470
[  813.026105][T12625]  ? __fget_files+0x3f6/0x470
[  813.030793][T12625]  ksys_read+0x1a0/0x2c0
[  813.035037][T12625]  ? __pfx_ksys_read+0x10/0x10
[  813.039797][T12625]  ? do_syscall_64+0x100/0x230
[  813.044557][T12625]  ? do_syscall_64+0xb6/0x230
[  813.049228][T12625]  do_syscall_64+0xf3/0x230
[  813.053812][T12625]  ? clear_bhb_loop+0x35/0x90
[  813.058485][T12625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.064372][T12625] RIP: 0033:0x7f34daf7c93c
[  813.068780][T12625] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  813.088393][T12625] RSP: 002b:00007f34dbd3b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  813.096805][T12625] RAX: ffffffffffffffda RBX: 00007f34db135f80 RCX: 00007f34daf7c93c
[  813.104772][T12625] RDX: 000000000000000f RSI: 00007f34dbd3b0a0 RDI: 0000000000000004
[  813.112735][T12625] RBP: 00007f34dbd3b090 R08: 0000000000000000 R09: 0000000000000000
[  813.120696][T12625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  813.128657][T12625] R13: 0000000000000000 R14: 00007f34db135f80 R15: 00007fff79b1a6e8
[  813.136631][T12625]  </TASK>
[  813.181676][T11921] usb 4-1: USB disconnect, device number 15
[  813.266672][T12632] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1526'.
[  813.319307][T12632] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1526'.
[  813.372621][T12632] erspan0: entered promiscuous mode
[  813.387956][T12632] batadv_slave_1: entered promiscuous mode
[  813.466426][T12638] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  814.815382][T12643] 9pnet_fd: Insufficient options for proto=fd
[  815.377484][T12650] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  818.365908][ T5270] vhci_hcd: vhci_device speed not set
[  818.573333][T12664] FAULT_INJECTION: forcing a failure.
[  818.573333][T12664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  818.582087][T12670] IPVS: set_ctl: invalid protocol: 135 100.1.1.1:20001
[  818.597311][T12664] CPU: 0 UID: 0 PID: 12664 Comm: syz.2.1534 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  818.608107][T12664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  818.618163][T12664] Call Trace:
[  818.621433][T12664]  <TASK>
[  818.624356][T12664]  dump_stack_lvl+0x241/0x360
[  818.629034][T12664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  818.634218][T12664]  ? __pfx__printk+0x10/0x10
[  818.638802][T12664]  ? snprintf+0xda/0x120
[  818.643036][T12664]  should_fail_ex+0x3b0/0x4e0
[  818.647703][T12664]  _copy_to_user+0x2f/0xb0
[  818.652121][T12664]  simple_read_from_buffer+0xca/0x150
[  818.657490][T12664]  proc_fail_nth_read+0x1ec/0x260
[  818.662511][T12664]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  818.668085][T12664]  ? rw_verify_area+0x520/0x6b0
[  818.672952][T12664]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  818.678563][T12664]  vfs_read+0x204/0xbc0
[  818.682724][T12664]  ? __pfx_lock_release+0x10/0x10
[  818.687749][T12664]  ? __pfx_vfs_read+0x10/0x10
[  818.692429][T12664]  ? __fget_files+0x29/0x470
[  818.697009][T12664]  ? __fget_files+0x3f6/0x470
[  818.701682][T12664]  ksys_read+0x1a0/0x2c0
[  818.706204][T12664]  ? __pfx_ksys_read+0x10/0x10
[  818.710966][T12664]  ? do_syscall_64+0x100/0x230
[  818.715731][T12664]  ? do_syscall_64+0xb6/0x230
[  818.720408][T12664]  do_syscall_64+0xf3/0x230
[  818.724909][T12664]  ? clear_bhb_loop+0x35/0x90
[  818.729629][T12664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.735549][T12664] RIP: 0033:0x7f4257b7c93c
[  818.739965][T12664] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  818.759665][T12664] RSP: 002b:00007f42589ac030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  818.768073][T12664] RAX: ffffffffffffffda RBX: 00007f4257d35f80 RCX: 00007f4257b7c93c
[  818.776122][T12664] RDX: 000000000000000f RSI: 00007f42589ac0a0 RDI: 0000000000000004
[  818.784082][T12664] RBP: 00007f42589ac090 R08: 0000000000000000 R09: 0000000000000000
[  818.792055][T12664] R10: 0000000000040000 R11: 0000000000000246 R12: 0000000000000001
[  818.800015][T12664] R13: 0000000000000000 R14: 00007f4257d35f80 R15: 00007fffdaff01f8
[  818.807991][T12664]  </TASK>
[  818.966061][T11921] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  819.156042][T12681] set match dimension is over the limit!
[  819.229030][T12681] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1539'.
[  819.315769][T11921] usb 4-1: device descriptor read/64, error -71
[  820.052604][T12685] 9pnet_fd: Insufficient options for proto=fd
[  820.308053][T11921] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  820.486519][T11921] usb 4-1: device descriptor read/64, error -71
[  820.622626][T11921] usb usb4-port1: attempt power cycle
[  821.045826][T11921] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  821.089360][T11921] usb 4-1: device descriptor read/8, error -71
[  821.366016][T11921] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  821.604240][T11921] usb 4-1: device descriptor read/8, error -71
[  822.242614][T12719] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1552'.
[  822.310857][T11921] usb usb4-port1: unable to enumerate USB device
[  822.347135][T12709] ALSA: mixer_oss: invalid OSS volume ''
[  822.359158][T12719] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1552'.
[  824.927881][T12734] set match dimension is over the limit!
[  825.295756][T12749] FAULT_INJECTION: forcing a failure.
[  825.295756][T12749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  825.295813][T12749] 
[  825.295817][T12749] ======================================================
[  825.295821][T12749] WARNING: possible circular locking dependency detected
[  825.295826][T12749] 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 Not tainted
[  825.295832][T12749] ------------------------------------------------------
[  825.295835][T12749] syz.2.1563/12749 is trying to acquire lock:
[  825.295841][T12749] ffffffff8e613cb8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x20/0xa0
[  825.295869][T12749] 
[  825.295869][T12749] but task is already holding lock:
[  825.295872][T12749] ffff8880b883e998 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  825.295896][T12749] 
[  825.295896][T12749] which lock already depends on the new lock.
[  825.295896][T12749] 
[  825.295899][T12749] 
[  825.295899][T12749] the existing dependency chain (in reverse order) is:
[  825.295903][T12749] 
[  825.295903][T12749] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  825.295915][T12749]        lock_acquire+0x1ed/0x550
[  825.295928][T12749]        _raw_spin_lock_nested+0x31/0x40
[  825.295937][T12749]        raw_spin_rq_lock_nested+0x2a/0x140
[  825.295947][T12749]        task_fork_fair+0x61/0x1e0
[  825.295960][T12749]        sched_cgroup_fork+0x37c/0x410
[  825.295968][T12749]        copy_process+0x2217/0x3dc0
[  825.295979][T12749]        kernel_clone+0x223/0x880
[  825.295990][T12749]        user_mode_thread+0x132/0x1a0
[  825.296002][T12749]        rest_init+0x23/0x300
[  825.296013][T12749]        start_kernel+0x47a/0x500
[  825.296025][T12749]        x86_64_start_reservations+0x2a/0x30
[  825.296035][T12749]        x86_64_start_kernel+0x9f/0xa0
[  825.296044][T12749]        common_startup_64+0x13e/0x147
[  825.296055][T12749] 
[  825.296055][T12749] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  825.296066][T12749]        lock_acquire+0x1ed/0x550
[  825.296078][T12749]        _raw_spin_lock_irqsave+0xd5/0x120
[  825.296090][T12749]        try_to_wake_up+0xb0/0x1470
[  825.296102][T12749]        up+0x72/0x90
[  825.296110][T12749]        console_unlock+0x22f/0x4d0
[  825.296119][T12749]        vprintk_emit+0x5dc/0x7c0
[  825.296128][T12749]        _printk+0xd5/0x120
[  825.296136][T12749]        batadv_check_known_mac_addr+0x2b1/0x410
[  825.296147][T12749]        batadv_hard_if_event+0x3a5/0x1620
[  825.296157][T12749]        notifier_call_chain+0x19f/0x3e0
[  825.296168][T12749]        dev_set_mac_address+0x3d9/0x510
[  825.296179][T12749]        dev_set_mac_address_user+0x31/0x50
[  825.296189][T12749]        do_setlink+0x8b6/0x41f0
[  825.296197][T12749]        rtnl_newlink+0x180d/0x20a0
[  825.296215][T12749]        rtnetlink_rcv_msg+0x73f/0xcf0
[  825.296223][T12749]        netlink_rcv_skb+0x1e3/0x430
[  825.296232][T12749]        netlink_unicast+0x7f6/0x990
[  825.296244][T12749]        netlink_sendmsg+0x8e4/0xcb0
[  825.296253][T12749]        __sock_sendmsg+0x221/0x270
[  825.296261][T12749]        __sys_sendto+0x3a4/0x4f0
[  825.296270][T12749]        __x64_sys_sendto+0xde/0x100
[  825.296280][T12749]        do_syscall_64+0xf3/0x230
[  825.296289][T12749]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.296301][T12749] 
[  825.296301][T12749] -> #0 ((console_sem).lock){-.-.}-{2:2}:
[  825.296313][T12749]        validate_chain+0x18e0/0x5900
[  825.296321][T12749]        __lock_acquire+0x137a/0x2040
[  825.296332][T12749]        lock_acquire+0x1ed/0x550
[  825.296343][T12749]        _raw_spin_lock_irqsave+0xd5/0x120
[  825.296355][T12749]        down_trylock+0x20/0xa0
[  825.296364][T12749]        __down_trylock_console_sem+0x109/0x250
[  825.296374][T12749]        vprintk_emit+0x2aa/0x7c0
[  825.296382][T12749]        _printk+0xd5/0x120
[  825.296390][T12749]        should_fail_ex+0x391/0x4e0
[  825.296398][T12749]        strncpy_from_user+0x36/0x2e0
[  825.296411][T12749]        strncpy_from_user_nofault+0x71/0x140
[  825.296425][T12749]        bpf_probe_read_compat_str+0xe9/0x180
[  825.296438][T12749]        bpf_prog_1ccb8ba97563bf77+0x40/0x63
[  825.296446][T12749]        bpf_trace_run2+0x2ec/0x540
[  825.296455][T12749]        __traceiter_tlb_flush+0x77/0xd0
[  825.296466][T12749]        trace_tlb_flush+0x118/0x140
[  825.296474][T12749]        switch_mm_irqs_off+0x7cb/0xae0
[  825.296483][T12749]        __schedule+0x1079/0x4a10
[  825.296495][T12749]        preempt_schedule_irq+0xfb/0x1c0
[  825.296507][T12749]        irqentry_exit+0x5e/0x90
[  825.296515][T12749]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  825.296526][T12749]        lock_acquire+0x264/0x550
[  825.296536][T12749]        fs_reclaim_acquire+0xaf/0x140
[  825.296547][T12749]        kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  825.296559][T12749]        __d_alloc+0x31/0x700
[  825.296569][T12749]        d_alloc_parallel+0xdf/0x1600
[  825.296580][T12749]        path_openat+0x947/0x3470
[  825.296591][T12749]        do_filp_open+0x235/0x490
[  825.296602][T12749]        do_sys_openat2+0x13e/0x1d0
[  825.296611][T12749]        __x64_sys_openat+0x247/0x2a0
[  825.296620][T12749]        do_syscall_64+0xf3/0x230
[  825.296629][T12749]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.296639][T12749] 
[  825.296639][T12749] other info that might help us debug this:
[  825.296639][T12749] 
[  825.296642][T12749] Chain exists of:
[  825.296642][T12749]   (console_sem).lock --> &p->pi_lock --> &rq->__lock
[  825.296642][T12749] 
[  825.296655][T12749]  Possible unsafe locking scenario:
[  825.296655][T12749] 
[  825.296658][T12749]        CPU0                    CPU1
[  825.296660][T12749]        ----                    ----
[  825.296663][T12749]   lock(&rq->__lock);
[  825.296669][T12749]                                lock(&p->pi_lock);
[  825.296675][T12749]                                lock(&rq->__lock);
[  825.296681][T12749]   lock((console_sem).lock);
[  825.296687][T12749] 
[  825.296687][T12749]  *** DEADLOCK ***
[  825.296687][T12749] 
[  825.296689][T12749] 5 locks held by syz.2.1563/12749:
[  825.296695][T12749]  #0: ffff888022d6ae90 (&sb->s_type->i_mutex_key#24){.+.+}-{3:3}, at: path_openat+0x7ec/0x3470
[  825.296722][T12749]  #1: ffffffff8e82e4a0 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  825.296746][T12749]  #2: ffffffff8e841120 (mmu_notifier_invalidate_range_start){+.+.}-{0:0}, at: fs_reclaim_acquire+0x93/0x140
[  825.296768][T12749]  #3: ffff8880b883e998 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  825.296791][T12749]  #4: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x540
[  825.296812][T12749] 
[  825.296812][T12749] stack backtrace:
[  825.296816][T12749] CPU: 1 UID: 0 PID: 12749 Comm: syz.2.1563 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  825.296828][T12749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  825.296835][T12749] Call Trace:
[  825.296839][T12749]  <TASK>
[  825.296843][T12749]  dump_stack_lvl+0x241/0x360
[  825.296855][T12749]  ? __pfx_dump_stack_lvl+0x10/0x10
[  825.296868][T12749]  ? print_circular_bug+0x130/0x1a0
[  825.296878][T12749]  check_noncircular+0x36a/0x4a0
[  825.296889][T12749]  ? __pfx_check_noncircular+0x10/0x10
[  825.296899][T12749]  ? lockdep_lock+0x123/0x2b0
[  825.296915][T12749]  validate_chain+0x18e0/0x5900
[  825.296931][T12749]  ? __pfx_validate_chain+0x10/0x10
[  825.296940][T12749]  ? __pfx_prb_first_seq+0x10/0x10
[  825.296957][T12749]  ? this_cpu_in_panic+0x4f/0x80
[  825.296971][T12749]  ? _prb_read_valid+0xa39/0xac0
[  825.296988][T12749]  ? mark_lock+0x9a/0x350
[  825.297002][T12749]  __lock_acquire+0x137a/0x2040
[  825.297019][T12749]  lock_acquire+0x1ed/0x550
[  825.297031][T12749]  ? down_trylock+0x20/0xa0
[  825.297041][T12749]  ? __pfx_desc_update_last_finalized+0x10/0x10
[  825.297055][T12749]  ? __pfx_lock_acquire+0x10/0x10
[  825.297067][T12749]  ? rcu_is_watching+0x15/0xb0
[  825.297081][T12749]  ? vprintk_store+0xd3e/0x1160
[  825.297094][T12749]  _raw_spin_lock_irqsave+0xd5/0x120
[  825.297106][T12749]  ? down_trylock+0x20/0xa0
[  825.297116][T12749]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  825.297129][T12749]  ? check_noncircular+0x259/0x4a0
[  825.297141][T12749]  down_trylock+0x20/0xa0
[  825.297151][T12749]  __down_trylock_console_sem+0x109/0x250
[  825.297163][T12749]  ? _printk+0xd5/0x120
[  825.297171][T12749]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  825.297186][T12749]  vprintk_emit+0x2aa/0x7c0
[  825.297196][T12749]  ? __pfx_vprintk_emit+0x10/0x10
[  825.297209][T12749]  ? __bpf_ringbuf_reserve+0x48a/0x600
[  825.297220][T12749]  ? do_raw_spin_lock+0x14f/0x370
[  825.297230][T12749]  ? __pfx_lock_release+0x10/0x10
[  825.297246][T12749]  _printk+0xd5/0x120
[  825.297257][T12749]  ? __pfx__printk+0x10/0x10
[  825.297270][T12749]  should_fail_ex+0x391/0x4e0
[  825.297280][T12749]  strncpy_from_user+0x36/0x2e0
[  825.297295][T12749]  strncpy_from_user_nofault+0x71/0x140
[  825.297310][T12749]  bpf_probe_read_compat_str+0xe9/0x180
[  825.297324][T12749]  ? bpf_trace_run2+0x1fc/0x540
[  825.297334][T12749]  bpf_prog_1ccb8ba97563bf77+0x40/0x63
[  825.297343][T12749]  bpf_trace_run2+0x2ec/0x540
[  825.297355][T12749]  ? __pfx_bpf_trace_run2+0x10/0x10
[  825.297368][T12749]  ? __pfx___bpf_trace_tlb_flush+0x10/0x10
[  825.297381][T12749]  __traceiter_tlb_flush+0x77/0xd0
[  825.297393][T12749]  trace_tlb_flush+0x118/0x140
[  825.297403][T12749]  switch_mm_irqs_off+0x7cb/0xae0
[  825.297415][T12749]  ? __pfx_switch_mm_irqs_off+0x10/0x10
[  825.297427][T12749]  __schedule+0x1079/0x4a10
[  825.297446][T12749]  ? __pfx___schedule+0x10/0x10
[  825.297460][T12749]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  825.297475][T12749]  ? preempt_schedule_irq+0xf0/0x1c0
[  825.297490][T12749]  preempt_schedule_irq+0xfb/0x1c0
[  825.297504][T12749]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  825.297521][T12749]  irqentry_exit+0x5e/0x90
[  825.297530][T12749]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  825.297542][T12749] RIP: 0010:lock_acquire+0x264/0x550
[  825.297556][T12749] Code: 2b 00 74 08 4c 89 f7 e8 7a e1 87 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  825.297564][T12749] RSP: 0018:ffffc90004c47540 EFLAGS: 00000206
[  825.297573][T12749] RAX: 0000000000000001 RBX: 1ffff92000988eb4 RCX: 13a819ba9032b500
[  825.297580][T12749] RDX: dffffc0000000000 RSI: ffffffff8beae6e0 RDI: ffffffff8c3fbb00
[  825.297587][T12749] RBP: ffffc90004c47698 R08: ffffffff93fa6857 R09: 1ffffffff27f4d0a
[  825.297594][T12749] R10: dffffc0000000000 R11: fffffbfff27f4d0b R12: 1ffff92000988eb0
[  825.297602][T12749] R13: dffffc0000000000 R14: ffffc90004c475a0 R15: 0000000000000246
[  825.297616][T12749]  ? __pfx_lock_acquire+0x10/0x10
[  825.297631][T12749]  ? __lock_acquire+0x137a/0x2040
[  825.297645][T12749]  ? fs_reclaim_acquire+0x93/0x140
[  825.297655][T12749]  ? __d_alloc+0x31/0x700
[  825.297666][T12749]  fs_reclaim_acquire+0xaf/0x140
[  825.297676][T12749]  ? fs_reclaim_acquire+0x93/0x140
[  825.297686][T12749]  kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  825.297700][T12749]  __d_alloc+0x31/0x700
[  825.297712][T12749]  d_alloc_parallel+0xdf/0x1600
[  825.297725][T12749]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  825.297741][T12749]  ? __d_lookup+0x64/0x7b0
[  825.297752][T12749]  ? __d_lookup+0x64/0x7b0
[  825.297764][T12749]  ? __pfx_d_alloc_parallel+0x10/0x10
[  825.297776][T12749]  ? __d_lookup+0x706/0x7b0
[  825.297792][T12749]  path_openat+0x947/0x3470
[  825.297812][T12749]  ? __pfx_path_openat+0x10/0x10
[  825.297829][T12749]  do_filp_open+0x235/0x490
[  825.297842][T12749]  ? __pfx_do_filp_open+0x10/0x10
[  825.297860][T12749]  ? _raw_spin_unlock+0x28/0x50
[  825.297873][T12749]  ? alloc_fd+0x5a1/0x640
[  825.297888][T12749]  do_sys_openat2+0x13e/0x1d0
[  825.297899][T12749]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  825.297910][T12749]  ? __pfx_do_sys_openat2+0x10/0x10
[  825.297919][T12749]  ? __fget_files+0x3f6/0x470
[  825.297932][T12749]  __x64_sys_openat+0x247/0x2a0
[  825.297943][T12749]  ? __pfx___x64_sys_openat+0x10/0x10
[  825.297955][T12749]  ? do_syscall_64+0x100/0x230
[  825.297966][T12749]  ? do_syscall_64+0xb6/0x230
[  825.297977][T12749]  do_syscall_64+0xf3/0x230
[  825.297987][T12749]  ? clear_bhb_loop+0x35/0x90
[  825.298000][T12749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.298011][T12749] RIP: 0033:0x7f4257b7def9
[  825.298019][T12749] Code: Unable to access opcode bytes at 0x7f4257b7decf.
[  825.298023][T12749] RSP: 002b:00007f42589ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  825.298033][T12749] RAX: ffffffffffffffda RBX: 00007f4257d35f80 RCX: 00007f4257b7def9
[  825.298040][T12749] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004
[  825.298046][T12749] RBP: 00007f42589ac090 R08: 0000000000000000 R09: 0000000000000000
[  825.298052][T12749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  825.298058][T12749] R13: 0000000000000000 R14: 00007f4257d35f80 R15: 00007fffdaff01f8
[  825.298069][T12749]  </TASK>
[  826.499284][T12749] CPU: 1 UID: 0 PID: 12749 Comm: syz.2.1563 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0
[  826.510020][T12749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  826.520050][T12749] Call Trace:
[  826.523307][T12749]  <TASK>
[  826.526219][T12749]  dump_stack_lvl+0x241/0x360
[  826.530883][T12749]  ? __pfx_dump_stack_lvl+0x10/0x10
[  826.536058][T12749]  ? __pfx__printk+0x10/0x10
[  826.540625][T12749]  should_fail_ex+0x3b0/0x4e0
[  826.545279][T12749]  strncpy_from_user+0x36/0x2e0
[  826.550124][T12749]  strncpy_from_user_nofault+0x71/0x140
[  826.555752][T12749]  bpf_probe_read_compat_str+0xe9/0x180
[  826.561278][T12749]  ? bpf_trace_run2+0x1fc/0x540
[  826.566103][T12749]  bpf_prog_1ccb8ba97563bf77+0x40/0x63
[  826.571533][T12749]  bpf_trace_run2+0x2ec/0x540
[  826.576187][T12749]  ? __pfx_bpf_trace_run2+0x10/0x10
[  826.581447][T12749]  ? __pfx___bpf_trace_tlb_flush+0x10/0x10
[  826.587230][T12749]  __traceiter_tlb_flush+0x77/0xd0
[  826.592318][T12749]  trace_tlb_flush+0x118/0x140
[  826.597056][T12749]  switch_mm_irqs_off+0x7cb/0xae0
[  826.602074][T12749]  ? __pfx_switch_mm_irqs_off+0x10/0x10
[  826.607596][T12749]  __schedule+0x1079/0x4a10
[  826.612087][T12749]  ? __pfx___schedule+0x10/0x10
[  826.616921][T12749]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  826.622896][T12749]  ? preempt_schedule_irq+0xf0/0x1c0
[  826.628162][T12749]  preempt_schedule_irq+0xfb/0x1c0
[  826.633255][T12749]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  826.638956][T12749]  irqentry_exit+0x5e/0x90
[  826.643345][T12749]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  826.649306][T12749] RIP: 0010:lock_acquire+0x264/0x550
[  826.654567][T12749] Code: 2b 00 74 08 4c 89 f7 e8 7a e1 87 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  826.674150][T12749] RSP: 0018:ffffc90004c47540 EFLAGS: 00000206
[  826.680194][T12749] RAX: 0000000000000001 RBX: 1ffff92000988eb4 RCX: 13a819ba9032b500
[  826.688142][T12749] RDX: dffffc0000000000 RSI: ffffffff8beae6e0 RDI: ffffffff8c3fbb00
[  826.696189][T12749] RBP: ffffc90004c47698 R08: ffffffff93fa6857 R09: 1ffffffff27f4d0a
[  826.704138][T12749] R10: dffffc0000000000 R11: fffffbfff27f4d0b R12: 1ffff92000988eb0
[  826.712085][T12749] R13: dffffc0000000000 R14: ffffc90004c475a0 R15: 0000000000000246
[  826.720112][T12749]  ? __pfx_lock_acquire+0x10/0x10
[  826.725178][T12749]  ? __lock_acquire+0x137a/0x2040
[  826.730219][T12749]  ? fs_reclaim_acquire+0x93/0x140
[  826.735344][T12749]  ? __d_alloc+0x31/0x700
[  826.739669][T12749]  fs_reclaim_acquire+0xaf/0x140
[  826.744599][T12749]  ? fs_reclaim_acquire+0x93/0x140
[  826.749715][T12749]  kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  826.755431][T12749]  __d_alloc+0x31/0x700
[  826.759587][T12749]  d_alloc_parallel+0xdf/0x1600
[  826.764423][T12749]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  826.770386][T12749]  ? __d_lookup+0x64/0x7b0
[  826.774783][T12749]  ? __d_lookup+0x64/0x7b0
[  826.779174][T12749]  ? __pfx_d_alloc_parallel+0x10/0x10
[  826.784530][T12749]  ? __d_lookup+0x706/0x7b0
[  826.789035][T12749]  path_openat+0x947/0x3470
[  826.793526][T12749]  ? __pfx_path_openat+0x10/0x10
[  826.798453][T12749]  do_filp_open+0x235/0x490
[  826.802932][T12749]  ? __pfx_do_filp_open+0x10/0x10
[  826.807944][T12749]  ? _raw_spin_unlock+0x28/0x50
[  826.812779][T12749]  ? alloc_fd+0x5a1/0x640
[  826.817087][T12749]  do_sys_openat2+0x13e/0x1d0
[  826.821768][T12749]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  826.827724][T12749]  ? __pfx_do_sys_openat2+0x10/0x10
[  826.832910][T12749]  ? __fget_files+0x3f6/0x470
[  826.837563][T12749]  __x64_sys_openat+0x247/0x2a0
[  826.842392][T12749]  ? __pfx___x64_sys_openat+0x10/0x10
[  826.847859][T12749]  ? do_syscall_64+0x100/0x230
[  826.852702][T12749]  ? do_syscall_64+0xb6/0x230
[  826.857369][T12749]  do_syscall_64+0xf3/0x230
[  826.861856][T12749]  ? clear_bhb_loop+0x35/0x90
[  826.866513][T12749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.872384][T12749] RIP: 0033:0x7f4257b7def9
[  826.876777][T12749] Code: Unable to access opcode bytes at 0x7f4257b7decf.
[  826.883769][T12749] RSP: 002b:00007f42589ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  826.892162][T12749] RAX: ffffffffffffffda RBX: 00007f4257d35f80 RCX: 00007f4257b7def9
[  826.900139][T12749] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004
[  826.908086][T12749] RBP: 00007f42589ac090 R08: 0000000000000000 R09: 0000000000000000
[  826.916033][T12749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  826.923996][T12749] R13: 0000000000000000 R14: 00007f4257d35f80 R15: 00007fffdaff01f8
[  826.931962][T12749]  </TASK>