last executing test programs:

43.352690981s ago: executing program 4 (id=152):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000480)=<r1=>0x0)
ptrace$setregs(0xf, r1, 0x9d, &(0x7f0000000740)="a677286d8a3e12a097eda93f118fa690c1e98a8f3586fbb529b72560702e70ab8063cc62c17930b7e7c3c11cc0a0bd123ed926eec6d3b079ded55ed8639c95813a4ead69e00d036e5440eaa88361f96719b89fd3555783b16851cffbf587dcc2fbe42618b471665eb41a7da4bad446679249ff3376e273")
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000400)=""/103, &(0x7f0000000300)=0x67)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x1dc82e11}, {&(0x7f0000000580)=""/156}, {&(0x7f00000000c0)=""/11}, {&(0x7f0000000640)=""/247}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x10, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}, {0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "ac"}]}, @NFTA_CMP_SREG={0x8}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x0)
semget$private(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
madvise(&(0x7f0000c85000/0x3000)=nil, 0x3000, 0xf)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
clock_nanosleep(0x5, 0x1, &(0x7f0000000080), &(0x7f00000000c0))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x900, 0x0, 0x1c, {[@window={0xe, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x1, 0x9, 0xa, 0x2008, 0x1, 0xc08, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bbf8ab9c691841ab0931d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c2f56855b18f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c250e2ba56301e25c19a7e37ce880bed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000000000774c"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x18000000000002a0, 0xe80, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0050000000100008877fbac141416e000030a89079f03b18000440c0511e0845013f2325f004408050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c)

41.985652708s ago: executing program 4 (id=158):
socket$qrtr(0x2a, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000100)={@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
r3 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r3, 0xab00, 0xffffffffffffffff)
ioctl$NBD_DO_IT(r1, 0xab03)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff})
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x80049367, &(0x7f0000000180))
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
ioctl$NBD_CLEAR_SOCK(r3, 0xab04)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
pipe2$9p(&(0x7f0000000240)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r10 = dup(r9)
write$FUSE_BMAP(r10, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r10, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7472616e733d66642c725c646e6f590bfb0df91e2652833dfe783b859674347c43416b856948f5d0c3b03fab109318a761734acc262c476d7a1ea7b7c32b855028985b7dad0295d5a68c0c9d5605e3d5b7ef56108632095b93885ff158d76659673e1777911a27d6370f79dc656ea27088bbfbb27acedd31bda1e95ae4f80541ccddc4877c2d5f15f30df5ed0764e8bfa5af059c9b3bfdb342821465f1438c75a4fb0c533bb7efc54b92dc42cfc73c5a704961563a25d232ee152143ed667fe5f1418ba5a69d3720313a49605e86c57e1a90b513ec406313", @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r10, @ANYBLOB=',cachetag=wfdno,cache=fscache,k'])
syz_fuse_handle_req(r7, &(0x7f0000002240)="afaddbba376e1bba12e2f2262ec7a1f5b377313a7bcf2d9b013196c2f0f94bc244fc0dc1c1bfbd4ed45229ce0cb7ca58f4b8d430b30d6ad8e8a56099ff70f31257cbe8710542fbedf009e1a5799fb06a7e0301b43d31008caf089c4a5a49dc50ea4c476f63a8b0aa08dd78d9ff39d8dfafbe2c41ff5d2331dd2e9d784247d5272cdcd13e6d9d7a03fa6b0622e6f130e0489bf9105a2a511d6f5b7da1100ecfe5d6ce64f4aac5c00c26d636ac66f059201a3a790b946da4808f1d665484847b61faab09a5e4b45a17c4c55b64ecf6933705c22c85317cc5edeba3e9260033f6bac869ac3b08ed1c55ae3119c78761be6d934c3757d5f10079243e4f06429907163f81855b74887146d875d0e6ab4d5c7032e84c33ea24bb93b2ab6eaec0feeca93f006a0d2bc2bd601f2ede8f32b5fa2e37e0ad1460b8839676dedef30fb684f6fddfcd9a84f3efd78d076c996d92a186e921e16e5ac7aa1f70c585b3752cc1312876c758219645ad0a5540bc82074a497ffc3717c8e139c09b3d2e21fff27e12db18540448f7ff7b637f87b7a717a60a23934e4be7f55ac10d2c09098fa13c9f1c5ed9ba61cc3ddc320b5409071d2ddd25d5b8f79475e80b3b8257b25fad2c59c31c5855560f2600de1930cb1f2e57aed4fb0b79fa7aac52d54a73d62f424cbad6f82ce5d5749cce356f892488ed149283e51dfdded96136a90b5e0c63d1728a82c324b1dd756b9f9b257a9e7f4b07a007e8ed37274d686e4b1667b315b640cb610d48fbe98c07ddb82250e9399b1e705e3f805969b9a003902e2e7b85cb9e2171f5bd180fbb9bd26805fce0b2c6f87cd7d02a579ac24a5391ad2eec8868425034c5dc19dc7581bc0162ecb37a172175a859b143284e3146dfa01731b6ceca8e458cbdf8d785300d12c50c3bd9ca4b72cbb0480711b2cfe820c31887289b29fed60c04548ee3e24acaeed283a9400cbba31e1317ec6158ece4ce56af53e46e182a6d441ba04520f0e8b45b56eb378ddb17ef5d57b27941032e7c917313f555838ba5397816757da7bedb6c5ac760239455cf09861026920c2ab3119a3257d2eb61e8dac7c39ee5880cdfb7c4fcbcf28dc4fcceb81e81f5fbbc0179fe22fbac014b118ed1ec81652d34a67b53a9a8ee468d8e927a77ae79f381a249501d3055e7da0b7a8847850f4e35aaf5b5dd4338326da84d93091035bf10b80b3e79badd38fd5d2b9fdf0b0923c96193d93ae4d8753980f8c73e980934686f11acb266c161751367dc05e6ae5175bd304ae6b1fc016ff2a01eb05a1ba7ebf1b91cf25dc14852984acdfb008a5df08d5c8619c9211320b87a5f1b3902531050a147af6a7134316a7735ad310f6241258bd9b79e2dee1461840dfdd905bc2e17d55b49694a68f36bf4a64fb2f5a483b633398abaff7917d9f1216d70368ad4c8e4fcfb040040f32e8a6a534d02c4187fbd19b85f35f8c119e06e3dabaa210a649117722816b5a91c5125c84482d414edcd992c79aa80fd568a884c99d43b77a87daa96f662c53fba7367ee147daf620bc6d13d32c3d9cdf8095962a9bcb85a93b6598750cdbbf5925a2a0875afd1e58a568b89815ae420ea9553ed487a55393115a8907aaf3982827be1534576c257b8594b48d0d71fa1f56dd096a6ea3f7fa339b51585d36ef72d0bb0da4c2c84ace8d16be3ead998187df0e59045541b0a1e79e5ee5b1a55d8fcd157d49df504b6fc031c5fd1e01a8ee2ae9f84df78ef03595642a7812d737ad2595b922ee618823b53ae2594dc15193c7206591e9b16689c3d5bd4b4b8d6851c2e7f0550ba0178a64b8d3c08bfa35f064576ccac39e7936e2e10fd27785f66053580b45e9c93d666bb7d4eff042da50774049f0948b150a660e08e82fc352636cfa0fdc9409316e402440aba8ab8944840838d8121a76274a5f929101e25c2a7c0ccf84831c8981258b21679dd92b7c44a78acfd706cd25f8878873683a6f5aebc81d45375aefcb484bf517ec13dc814fdf390cd39f764a008777c9db7b22b1c7eb556a5f51fe9755916f84db7401744c015c1100b3d3cb8264b26c022d7f6441cd0f099681d7d9df8b3c9c6d153d6d0c30fefded15e74c7a9b5832032552ef6bfb3863330edac33a33df4a4839d661bf10ab6aed5d2093b57450ce6dd2fae63096d07e47b8ba3c5225625f6c8d98e007b49b907a4ca511aeefaf8ae3cf10ed63bf3a7dc0f7b0c1e48e6af2b158dc1ea12335ab91acaabacc104e79968f89999aec3b694aecc6783dfeb9a8efc140f18583d113454145bfbe1fe480bfb7de71fb394d08f453926208d5d595e09df3fa216fe78a2693c2c2a29cadb2c2e86ae09e912bd2ed18559a0f8b5f131b780fc8037081aa98eed56795f1bb5b44300f73b7ceb080d7c9b022b7246a93f7784aa3475e05e125d50b3a0cee066c609add2716ec88a70e1f0c79344b0cc80a543c28b970a186aefa24e9246882e790053d652b2175565a12916ce13f1865a40d34a9cc6555a7072b091e6e8b9c2c7137bca71cccc56e33281badaa73a30e67ff5ac9f489ab35bff85aa1daa10b23f4ca0d55f5850e6af0c5ac755364dcbd8c8cbd4bc76bfd220cb12d46361ef68dc9f90601a46a56140d19d05fe5be799c3af81340c9f07e252aa1768a5dfb4a0536481313d985d8ecb36cdbaa6891e0608ae5a842d9580400977d8a855308b85d1bd70e57523ca5c153640a2e7a778c9df5ad48e230d881c06e0222bba818738ee67ddb7cc2034d25a3ca5d259be6ad63f6cd84938be096d2ab5df0fa7249b57c7653a2c6a016d2890dbf6620c52e4594358c0711dea1bc6fbddb44f500bcbe64f269bf17e0c6c5d8e18ec56d3519706efb6c868d34643e48e5d05c91f458f8f3e0c6befc8511dfa508f5c26eafce1077a082abf8a868ddd62206f39e125cdfb52be753ac96f39341b797d23a3d173d783932271996f482fb80d8022700ab96efe2df6c19370fdf2030d784578a05594eb7905ab5125fc543713dad95d4467cd76f35de43e79a6eb5ede4edc8afb04ab682cf282ac865165329688e7a9a181cc42f9bc31c0203d5c4f8583f7f03ce0b69a5e7e5af7a87d8477dfe1ec64ec8e1132d7f36d3ce6c41dcbd347a50ba51c16340376f50f093269266f97a0b3570675d1bd54f7fccc8f99b264dcff9d057df961a6a4dc4268791091cc08208bd62e1088ca07ca5a2fa849978036554806fdfd9dcf231b28872715eb7b6f65b5ef064c49f0ad04e5bf4f50612a5f313b65eecf07c2b79f65a8b03058a043fcf4ca62a71027db9c2e5311febf53e8027d92f14ea0958000d1d388a323bdc70f6a2bffedd7d7697523b0c4add0e1234e35629014afd1789288e9ca6d65b49e5e2d31631da7674376781e7be087b9cdb58098744e4d6b9ffc2dd82d02ebe3886b869aae44f7080252dafd6d00718c5ddd1ef66d5a950ecd79a87ff35d286259e758e0a4bc552abe99a19d0abe5614e5e0474b8552c0b30cff0d44c816c7e23bec85bf466f7ab534b38e6d97fda0f42a3e2ad15d0f242b41818d7d0d99118a0c3230288a4fb7d18b19000cc58f46d26fefc703a00e6b5c592ad7e34caf29b9acf1d6cf3eec647b86ef3c5d5a8151914ec82320c546b92139e5c2ef2c7906413a0755d6bdb53441ef21a0d2d1400b4e024f4fd924a600d098f88649190cdb74a2390e497941743b87ff0d3e3016bc0f149b600232efa3a0403cbb6695520ad6aa4393c4f1cf201ac140e4a5e31bfdc1da895b0f38dd25d126cefd05fcde00f6f2afdb4e93c70cc3a6696c660c497b68072c3cfa7132d71a799cc1222c250df2aecee7d7656b888ccf61e9a572f76ba0a7d287ae7490365bd610bf9df142d131ee4324af19fb451e984a79b43026f516bec5e88a6aae9c6d37e13adfd2c99428dbd3dfab9ea008e15d01a2cada5c1e9482fd6e10de25ad362c83c27e913c6f27bed3dc5515d2e65eca95109c001782715fb897f3e572efda7196f96ec781f1e93201202a9596030d1936b25288dedde240d70dd3d01e5cd91e318a1ae3630d136e8e267deaac70079bf3282f93b08d12c9eb3f0b4617119857af8634531c922c75ca8b674e7cdf51a425fc0bb7f77c6a07e6a98293f991d7ba26e994d63cbb40becf54bdb74805006d55210e04bb31e8f97041cc9c345d8cc4783cf40a3007437872583ce7490a408f9d4d85d0fd063140e33078eb143d001f574ab412d8ab0affd504eacc1cf77ad14e2f3b7e78fb9ee66edb99fd6667e51bc522a6b61c0a7e81456097ce62b79fbf12dea8df4356f205f9ca4c0633aed65a0581952802be787bdbde12cd344f6cd0cd21cc3ce7515407051f61a8d686f25dd7dad9b3c8f9bd5ee578dd636028238eff03906b67751b275cd37d39b9c2458fa6b3bfeb9969ea1471ff982287efe8f31e3d50aa2a357c033691c78b5509c93272d674debc6a3a03a0ba7df7aa929888930de1b6a5aee0f599ea50ad079e183667142884be38b6715dbc6638c83a80f95bf9bad4e18bbd900da87964b7199ef9f49e3a1ae030d42107baba0e1170e48cd1b66d0bc63f1bded9748a2b8bea4a7d4b04e2d8dbd3b174d4a822470c2ffe4103fd2ecf0f9986935ae43cc8f2ed1e48ce542b197e6fee4ec1bd6f600a290d4e882b2fef318412aabd3fd1c9a57c313b81340bcded3505c0edd12fb88ec07e3743aaf48d93a3664a038953a3048f267c8f6b130e0d183f982cb4385dedf41e3dd68b0a00a8deb882476fe38cffce5f04c9dfd55a009051ef0608721d429b1f4731708d1c092eebe88382debdd0be1c6cb59ccf8d1951f350df8ca79972b3d35f420fd68b602ecaf29a94a0efe785042e8101d462a78ee0e215c380e7b115b74fe9b99d0762a0798d7e308d8594a158b28476dc1de2f4fa4bb68b9325d4bfb491212331eba8f2fabf611300d21fa9c7941306098a9ef3b5e66a40c3060bdc8f707956bcd95545db971d573b1cd9e4e9252b97d36a8a505855e8189b85cef25b736add58e74a67695e8f8e59a3bd97ed858a7c355ff674fd8402fa271bd3e50ccf88070408d31e76e9f166bd44f58fdfd682f8bdcc389ea33b4eee566f9a7e6174abcae98c0aacffae73c5b29fc5d210e35f7d42270b265ffde2de3d45439f8d71e371be19b0f2954bb9530ea5cc18f525c9c79990da81aac6c69550120d3c8ee98d82d8b6de6e59f86f41347d206411aa3a1cc39f841e8daf6a78f700170a140432126d3cd7c3b53cb592fd3aaaf7a45d02a8a537704cb5ea8d165315757d9477f0d52006525ef830dd7d16e82f9ef127689501ee55e2f69b79de0bab64b8325aa1f4bcae387fe84ed1baeecaa42413f684a1db7a120cb73853838f03565ade441ee66cb5f648e165fe617c539f6dec4f12a5f738171e8971184a9d6a14a123bf3cf888fc9e1253d6f98c26b3061e6358d36bdfdfdc85924b9114aec973f4d0e2d4b0c8cd66bf32fd208bb7485cb9c730c8d6e368fbf8fac16be225bcc8d320980f8f6d73ab1ed01d3db4a7e2c275da0fa6ee3eac4fb6b3831ce90b9d654a5039d0be542c3341ccae50193954a233b81e54a191e6cf1e0685ada89e21723ea1e836441d6b7d3da1d41e4e04f7cf770fdde3086c6dcc28b2bc4527b03fd5ca3fd5ce90c4ae665c34386d6bd423d391ea4a13bf62395846afd7bc8417889c02fe34373f20621d20d4912f1acef23169e7b45c7656643d1961fd1151a2a0df5b73fcb022a83d1b8b9a3669e00924a5af0d63bafb044eaaf09497f09187511254fe0d7343909f2b11ddea84191cbd14db3636c5458227ef53f8bd17bc933190958edcaf90453525b81cb0a2cc3088ae5c19fc7aa71b531ebf141a16bc11853bb82c320d21bd2ecf6556894fc586e253b659ab1545ee63e8a9a2d31765d07bc8ce446316aaf712cac59fa4e9d92e002c4421d2318e8b8dcbd67d1b9ca688d3d204a764e83e2d9b92cecd794b5f4763f482210165786b2892dd3a84b35c9348965de9f34ea2211d6062746c1053cd7d58cbef089c67209f301122fbcebd7ee15f627a78ccec7541a7b23f1f19f00238edadad3850fadea580aacf3f09261be6fd456d19c6c9b32e27f355178f0f8c4c9783b976a5555a198ad175274cbcf57ea23926fd38db0256ada2207115077ab6f0037c67a27532e68122ac57c990c581754736d72a81f4bba6d7a2ca7805873856a38c137e8a0b5741dcf16f3431d086e28ca138e2e75d129bff24137c930fb1f227083ed7055ad54d59d66fd4ec309b84767595a39d418d763b7f9c603d18d7992b2718cff68ad4975d1130b997a3a1f4fd27f583f95bf24cfdd49da653efe58d9a34703acca628938c8f395c701b1037151a3190d2eb174763fa78395b3e56bd716c8fe28d4e71d313e590561bf133c8a804c0c7f19453e0fcbf7315071120141780cf195ed34560ad38ecc7b81274768f96e37d6e655be2227eee8d0d1eea5e0c22502233377f56dab09a3f404e6216d65987066904c075bf09e39221dfc90f8c843abc9b145b9d5d7addf62d9016b8ee38b3a6c3d74f0656b3dc719782f6ea5cfb924e81e632d408d4b41c1aa56794c9a03c3527c826e2dc125b503d567536efef5c33e63507022f9615a503e52105f1357b8268a586e62a435b89f0aa4577baad3bda26c531e16ff99658f36fa86c2708d6a8142baf8db30db3fde91f51fe0ef9a19c9f4d79b16117ea59b8d92a9eb9cc4291f8fb758eea16dfffe3536ec690c02f767f36d4c1e93612dd09d6072501d5823adaa0183773b8ce6a841c1d78e97b364e527e5f2a5e185b1a9edbe425bb7c690d46fa65132d27834b0f1c06f69890fc5be997f7391da6324a2155b447470071f2435097e2ca46c0ee0dbda72d06dff6ef260934d198bad8a010023f2b8a04512732dcbb0ddc7c93cef9657dc4652789ad846958f9d696bd028d7e7f3b5876c25c01af0d252a2064c3a8663deb4d3f4692904152f758035f1746bbf8af5ced2837363de3a923a1ac1c1fb9d5258158d8f0b44e27a893820deb4f721f8cad92d7bdcfe26c098339719ce02bc54cf93b8760b36b6d8b7e2342e5ce7002dd9f46dc89fab1e878d574937e6969cb51a6f8a347ebcd48ce645aebcc2f7ed8e53c2564cdb80dad1040869650f5e16f334c19a479c4ae387648a372650d25101ba0deff30a944ca5cfefbbfaf0984687e5a2cb736b46f8df2a36784f4671f531c11c921cf4701de5b3395df8d88771326b3d7e2ff41b524abc75b9cdbdf40854f31c6a7e7847aea31900bcfe0b1311657ac591daffa773c6945c8444be06ddc0d5b49a4f713e04c7a78c423ca2177dc8c5ea898f5938105e8d5c560a4120a7d1444d546b09650b611013b9680f710cb843396aac34b91da40240098daad3672c45e35ff9bc804557d5b6ff3a46d455c7c8840e158a301b675de37558c4147c08fed3571af29da4d4a9ed9747f3c44a6f2cdfc7ac2be01b4180feb1997638a6fbd86227a0cec71b47312c0e3db7675f5939278008b93eaee1c09d7df8abf9e4d973c22c2b8a5743bec84fca15c855f231f15427b9e7d23f52b74e95577883322224a9cbdaf312afd780982666848d5e6e3dc403fa1061cc2c8914672e963909c14fb3612bca05aec976495c621f7fdb96ecb6714f966e3a44849ec256dbc9656d2d3166764a9608b6a91c9145367e764749d57a58d8e0b196921aa0e4520d6be238ccf9bdc462b63d02f95b36d62b93783f33bc56cb9cb224fccdadba782363b558985bedc9f079fb7bcb7cf91402bfbd8ece7e2840421fd2c1319728022ed81b4f24a9de307b127e09542fbfdf37e320dcf33c701f07cd1a64dfdf1bb3b34f303dff533b1ffa1abd7babc08395039b0f1165f132f5b131a47f51fab324d9502a3266a35cf6dfff372557b73bfb685ea46d2c38375231300ba10c6e16fcc873dc366f1cb7550659ccba00767bee15485c91aeee4a97d7af962d2f44e96e620bb2208410ef8aeb32c024e289668cad3c4e82e9fb0d76bd8d0343bd6fbd3460818594cca97be3d3140a244089b2ef22414b1fe8a4c1cd337532ed215bd7b73bb03753dbf26ec8e6d664dff003797bd34fc72fb6fcfdc916bd62b2ccb7193aee70869499b2349e6a4fcb35a9cba8dd8998de8afa734b854dc71e47f0103b0ff1c38562190def665509c76f037e393f8fe7ae05d8a4030640d99fda6f6e70d08709277e315e35e51a78dd3e1e47ee9cb06b9279989b97f42dae2cfd85296b570c3fe0f2615fadc33b09176b6e8c41978aa118ae407c3d8d12474d1aaab08b4067615d77c4373ac50715d9e9384461eb373790bbfe1b38976047eabb6ba9ecb4950110ceb95fbd11b32ed0b22b6d0c40bdcb44e9a08cca1e29dcf35da2db25606186a000bf157554ba7c55530dc3281336a272d9bc76814e2335db48c9980246214475f4dbc397e46d0b05cb1387d0551599ee0b67d612c085135f89472e99b275a48f7a90d2c6f377d023bc0f2ec69906856d4d05e94892d8aec469f800a76232f6b60fe170bde18df4702ae94556b976390d6aec61e6d017ebabe20fe7d0469b72207aff967865cc8dec893596449c640f486b2a8829d2973f65aadbd8b001f065b43ad57665887e1919f87a7e4d6e16b9beaf6099afffe31dca58f2869e707fa5f04d581ebcb8af9050a14a5a9fb333884e50a444563282118ab9c843f8152a7765901f392b32b22db3867bef3ef05fa41286bffc556e5357ae22bcde91e5a0d80dab8d0d83aa1d60f25b14dec69dcf15f3dc48e677b684c61d51c124bff09702d8e1e663cb87a7efefdbcf3576178e7dd614e3266b7f83f338250ffcf64260c7ca621c4750fe0345483202adab46eeb42779759e4974707b23e12bcc63371a9c1a39e681dd2bb6d2d304f3baefc9b38e16aeb4b33df166c0e19186b0fc8269bd9cd96d5b3adda68ccb9be58963a3865291d767fd6f8f133f30b9404ed1231cfa93d21d5f16941252650f6684b6499adef0aeae110ba35f9c611a08b57e3f219c2bd7bd5ffff509aa7cddd73bc62e681dabd8f15b24fd924f6ab00fbb2b16cc6af67fbeea2960ab6f5f98f1a6d0a870ccf10e3ba73d48e0ef1b38bfd7463b30309683e65dbf90776ab30cbf0e762c86c9864e27ca9a95e15a7b9d0b902f3dff2c8db81373ab7edc5eaf45a6230ff72837bed6fd2f0b3bcf829b5b75bbfa1b18af3c9f7490381eae64b553921c4da40db5a17afee6658acaf6a2eb1d381e1ccd9ec4e68eeae2f3e0d5de21a453ef99d99d65d6a067dff051822b9cacf5f1110e2972e2724c979b0c6c8bf5295716022c47c8f4af702bcfe1060602ba8f4be94815dd22ba2ee0d76f46eb4fd816d7e7b88a37a9cb65f1ef32e6cc6d101de6e94050eed22f6c0299a7cfb74a5f5f6ef4683f071839943017e0b58c8cc5a77251909888ab6f69b0e18b8ed8905654578f1604c620f7d8bcb0a0010a2b71a1b8d11e34f7c674912fbb61fad795b6fd455cf4feeff71d865d92ae41c3a5935d7ee5c28706de5cd4733a26320bc5e79b4352b63d7d320c69a63d9057187799ae483a6e9dc7ce101851cd598319173ab4ac49bf3b25ec8bd9fe8b664c87722223f1ee8c1b613e78729072ebcd51b7b9e3c5dd22b17b0dccf6a177b9fe279f56644476acb27f5c4a7bff77d0416dead2231d8f8ee44e6618ddcc2b9e34919bf21fa986d9e6b9d54c007e2f15293808b065c62aad7f9f42b0f39361528328071c4b5df273d2b41e2b9881a8c215fbb0280fd79a77570f93855d5d795a89613e0b4be1d8b1f50864637471d694ac417216294b08a4226fe098dee8d410bc3828ef27777489b9e6e3701e6ccf13151070b027fb53b00ee3a5e780348f47d314d04b353c76f920c69d571d7b674d2b1f9ad1597bd6f36e5ff82981d2158990e21b7102b20fbdbcbd2c2c25da51aceff00a1e7a56c8f75f9bf3655d6142ac74cbc8ee70ffec7a45bf1c4a3b6a65f629494670a84088a802598909031871dd576a5d47d911b509b0799e7178657dd66943ddc2666b7cae6b996c8b55b7cf0a6b9ce396cc3e262ebb83c2f640ec6a80538823a83fb3b74c8b51a8cbb18b4925b8045530ce8283c962561e3da3f7843720b4dc6afbe5278fe9a964860b88e33aedb298b61910e5c3ea4971e02cf869d5e68e8a95215e0e207af9b7e48f3452dc9aaf0bf15202932e71552a1f79a6482afc0c104fc70f3ffeb153a249620dafb5ef82308e97113ba4aee10301ea19ec5f0f2d643fba39a4a5f039003187255c1cd9a7d54253ab0c6f8c09cf51ea635d945231386fd891d80483ddb4f4d8e68a62a71b61bbd75b74fdff1610949508d33d740a72c633dde4db6a4cdc92a7de18a7b9ceec93ef8e130fbee0b66d7c4d3eb3d92d41f89b3bc7f276f275f827a5f5d4eee0ed7c0a90ca0a6639a974ed1311422372d7a84305ed6154a80f9cf4dc52a717c5ba57aa2e4fc2adb9da2b5c246706777fce38f6aba54534701314df2bb1725ec00b40bf6281ea0f45f3d085836934a8c884bbc3a89fca0240525fbc58969e7772709a3eb827e4da5035c852be598c14a36f71c78ca002bdc4161da2daf8db5303185b9dc97302a2df8f3adb1acfc5a19faa3066318892b44276606f537475b03d28b01182eba9be649c74b35dca086e4bbe0e9d6c5f3edf6c929e3ace7419cc7b106fe74d1b81eb675dd361a8099f8327cb99a72b1b83e194fd90c92450a6525445b7f2aac705920793ea1e0f1b33c754a0460fc681716fa70a383f81c6cf95f49e54baaae984bf931e9bd28942e5c4e90f57d2d398299669af06e62fcf860dec6158982f80331060f24af75ac27bf05e3652a822d6421c26c2dd33ddf1ce60d4c7a74abba565bec2e18b7a5cf21ac63c8271ac2c00ed736bc14998448dc4c19c5f50f9f9c75b4dc546a33c26e8ea26ab2ab05de5f4a346831bf743abd4119079d42df45b461258cbf1ca05370229802f7e0430c5496cac07658ac3ce55ad783a55b3414c0572dc3632a368c9395af43ad25a0e1fa3569366492bb9063a64b77a4d0001208ad093f98c1c3482e97015dcbae76f173bdce59db0bfd1015de911b3b652bae2dfba64f496e7bab5735fc3b683ffe19750b73ea2491b1f7a2be4db9ca703f11c360d7b2ef8f49b9d262900de5476f682bf7d526497f7825cebf9f136a4d6b347d1874fa6fe441fb95d338080b2a5268cfaea8fed039a1900028c4aecf225e0bb328522c2944f2a7281daebb2dd52d312be1c5824cb19317021d10ba3b89d02763677172ce0ae6ca996b147a934a266e75b2bf35d523b7f9eddf0afe102d4ee9db8926d10be781bbaa25b815ea2dad9a9908a827be0c0e5b6b960e99b702d76b2af58a2afe7eb1e2cf30e660cf6296bd11607c33e85fefbff67b0dd74c5110236048da6d92eabda02925f0816ec048cb1333894aa172ee73d5e3c833e3858a0e219debc74d89bda90c70f88bbe41c943375840ceb55064b2f2b239cfc769582cd410f1bdb26fc78d9728a30899b3460405b157a1dcd33b31fb6e2a4113e4bb41214aae4a037f99f8", 0x2000, &(0x7f0000007080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = socket(0x1d, 0x2, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r11, 0x89f1, &(0x7f00000002c0)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x80, 0x2f, 0x0, @remote, @multicast1}}}})
socket$inet6(0xa, 0x2, 0x0)

37.799631229s ago: executing program 4 (id=161):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xc)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x6, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "693f6200b8da3af3"}}, 0x48}}, 0x0)

36.289593155s ago: executing program 4 (id=163):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYRES8=r0], 0x58}}, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0])
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x2b8, 0x150, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x220, 0xffffff7a, 0xffffffff, 0x220, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00'}, 0x6, 0x130, 0x150, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "00000100cbd047da9ca965f96ad5801f0514d30500000000000000490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5cffa56a5e8d7137024c183ebacdf741cea92ded3a9ca54de162d99e000000000000000000ffffff7f00"}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x130, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)={&(0x7f0000000240)=ANY=[@ANYBLOB="600000000206050200000000000000000000000005000400000000000900020073797a300000000014000780080013400000000008000640000019000500050002000000050001000600000012000300686173683a6e6574"], 0x60}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r4, &(0x7f0000000500)="a4", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x9)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f00000003c0), &(0x7f0000000240)=0x8)
bind$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
bind$rxrpc(r3, &(0x7f0000000100)=@in4={0x21, 0x400, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
listen(r3, 0x65f)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000180)=0x7ff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1}, 0x20)

34.975313576s ago: executing program 4 (id=168):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.memory_pressure\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000002000000000000000000007700000000000000650000000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x231, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000300), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=r2])

8.262935939s ago: executing program 0 (id=242):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000540)={@loopback={0x2}, 0x0, 0x0, 0xff, 0x1}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440), 0x10)
socket(0x2a, 0x4, 0x2)
socket$inet(0x2, 0x0, 0x84)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x200, 0xb})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x10, 0x9c2, 0xfc, 0xff, 0x9, 0x3, 0x5}, 0x1c)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240), 0x0, 0x0, 0x0)
io_uring_setup(0x15c7, &(0x7f0000000480)={0x0, 0x1f26, 0x800, 0x0, 0x404})
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000009, 0x13, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x2000)
r2 = socket(0x15, 0x5, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/rcu_normal', 0x42, 0x4)
memfd_create(0x0, 0x18)
sendfile(r3, r3, 0x0, 0xa)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r3, 0x4040942c, &(0x7f0000000000)={0x0, 0x7, [0x8, 0x100000000000003, 0x7, 0x4, 0x1ff, 0x1]})
getsockopt(r2, 0x200000000114, 0x271f, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)

7.352226683s ago: executing program 3 (id=243):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x40fd)
syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000600)='./file1\x00', 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000a00)='./file1\x00', &(0x7f0000000000)='reiserfs\x00', 0x0, &(0x7f0000000a80)=',\x00') (fail_nth: 4)

6.821724422s ago: executing program 0 (id=245):
unshare(0x20000400)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = dup2(r0, r2)
sendfile(r3, r1, &(0x7f0000000180)=0xfffffffffffffff9, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000280)={0x2, 0x0, [{0x0, 0x4, 0x0, 0x0, @irqchip={0x1, 0x1}}, {0x6, 0x3, 0x0, 0x0, @adapter={0x9, 0x3, 0x4, 0x8, 0xe}}]})
syz_extract_tcp_res$synack(&(0x7f0000000040)={<r6=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0xc7, &(0x7f00000103c0)={@remote, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x91, 0x2c, 0x0, @remote, @mcast1, {[], {{0x0, 0x0, r6, 0x41424344, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, {[@sack={0x5, 0x6, [0x0]}, @exp_fastopen={0xfe, 0x4}]}}, {"d052fd2251cbce6e2b46d01a88d3dba19a29f8d5cd2f6048423dc03141886410db358068b050e41698815108f54d1d3cde7115212e26e0176db06d65f3ca9bebe427ca394a18285cee4493271d868fb047bc00d02c8aaa6cf58da627393901692aac65b417865b245f33a93a86136a414d"}}}}}}}, 0x0)
syz_extract_tcp_res(&(0x7f0000000040)={<r7=>0x41424344}, 0x0, 0x5c3d)
syz_emit_ethernet(0x1bb, &(0x7f0000000300)={@empty, @local, @void, {@mpls_mc={0x8848, {[{0x6}, {0x4, 0x0, 0x1}], @ipv6=@tcp={0x9, 0x6, "343ab4", 0x17d, 0x6, 0x0, @loopback, @rand_addr=' \x01\x00', {[@srh={0x2f, 0x6, 0x4, 0x3, 0x0, 0x48, 0x7, [@mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote]}, @dstopts={0x5e, 0x1, '\x00', [@pad1, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0x2, [0x0, 0x0]}]}, @srh={0xc, 0x4, 0x4, 0x2, 0x40, 0x48, 0x1, [@private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0xff}]}], {{0x4e20, 0x4e23, r6, r7, 0x1, 0x0, 0x18, 0x80, 0x1, 0x0, 0x4, {[@sack={0x5, 0x1e, [0xc133, 0x3, 0x2, 0x10, 0x80000000, 0x74, 0xffffffff]}, @nop, @exp_fastopen={0xfe, 0xd, 0xf989, "cdd556f80472851d6c"}, @fastopen={0x22, 0x10, "316d89f814466449501fcabdec1e"}, @nop, @sack={0x5, 0xe, [0x6cb7, 0x4, 0xb9ac]}]}}, {"d645f9d69007aef16d8a37bbee3fd59053af539571a757374b259ad0982e1139c84f3d5144ad84e6d2967eec0f11a6f92ca804cdf9a34c166ced8e35ce5598f55ab3d700cebe270604d5fb53904b7bd58eb1c6ac27b6fdb8270acb268a45eccdbe998d656a851e41247e76c3e8b85e0656884a5caf0cdacc561901cda6a15ba310e4bf2f4c0732e579b6dc8f9387764f55977c7ba7477eb5a7f69ad35113a1432831fc00db"}}}}}}}}, &(0x7f0000000100)={0x1, 0x3, [0xcac, 0xcc3, 0x550, 0xaea]})

6.695240317s ago: executing program 2 (id=247):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x80000, 0x8, 0x8}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000001400), 0xffffffffffffffff)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x62402, 0x110)
getpgrp(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x80000000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020030000b02d25a806f8c2d94f90724fc602f1a04000a740100053582c137153e37024801800af01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_80211_join_ibss(&(0x7f0000000300)='wlan1\x00', 0x0, 0x52, 0x1)

6.620805894s ago: executing program 3 (id=248):
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1a)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x9, 0x6, 0x0, &(0x7f0000000180)='syzkaller\x00', 0xfffffff9, 0xc3, &(0x7f000000cf3d)=""/180, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x6, 0x0, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0xa7)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0xc28a)
getpid()
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x1, 0x4, 0xff, 0x2592, 0x1}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
tkill(0x0, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x3, &(0x7f0000000780)=ANY=[@ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

5.727191387s ago: executing program 1 (id=249):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) (fail_nth: 3)

5.173284783s ago: executing program 2 (id=250):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000480)={<r2=>0xffffffffffffffff}, 0x2}}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000040)}], 0x1)
openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r7, 0x80089203, 0x200000000000000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @mcast1}, r2, 0x10}}, 0x48)

5.057064685s ago: executing program 0 (id=251):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (fail_nth: 12)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9}}, 0x50)
read$FUSE(r0, &(0x7f00000044c0)={0x2020, 0x0, <r2=>0x0}, 0xfe63)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000002400)=ANY=[@ANYBLOB="290000000400000000000000000000000100000000000000000000150000000001"], 0x29)
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r3, r0, 0x0)

4.636664714s ago: executing program 1 (id=252):
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000000)="b86f4aac629f38f846041f2e8152ac1a5b045a3f95046e24fdb5e66ee55df31120c41853e8b06d9561e16ec80fd74d8fb8ef03b546cf906a1a6e232b82330d7cd581ade02c61fe5984c0b72ae04484958f9b0200c4869dfcf53751e8ee9ffef1", 0x60}, {&(0x7f0000000080)}, {&(0x7f00000000c0)="39eaedc119365f43d324c441265623a01f588abf05fa357e6d8849240a55be4715d388bef5dc3306ac0270eb8f884c302226b1ef40c8a3413cae754d800d0c7d990d5054ddade7b3d5ac61712a0096e2024f12917d3afb6c0aac25de6cb4b9924ac606b612927214bb568230f6e718dcab8618d7305a2b4284dc6dbc186f513954861760a09937bd88716514189c7b8309132d864669178fca18cafe709307b67bc0ca42ebb58ddb0e5793cc12a48264e78bdae722b345317eb6eaaab9bc2559ba330548042314f9e5d7e91682db8f81e432fa94b22581a0ee5997ee7b8ca001b89d27839526254794420d144443f6", 0xef}, {&(0x7f00000001c0)="dce68fa3ddd5b9918abef51c8d76c88575a34b28151e3db3c973652a", 0x1c}, {&(0x7f0000000200)="ce1095afe4ae092ea081564c304d295e0bd9f9efabe611e572ca82e4e6b6bf557d2f168c94e7667491a7d4de7fb634eda9c312a0b45722c7187a1c19280238d85d73dbcac71cfbf063d9ef965bc90f169f7ed8bd0d7e54cfad3e389b39be7c1c94b2e7bbafdc1d54723baf49cbdee5e2816ad5ae3e57ed234cc151dba838d74dd502b7e038be6529a0ad02a9a84dcbb9161eef5e1fa18c4e94bbe44e248626ed17d7a1775828136103e5f45abc40f9de769b63d923fd1baaed0a0e", 0xbb}, {&(0x7f00000002c0)="643c014d361312264d849b2265a245cc9b6853a937a7ef10ca7166abe6b59ccb8df6df7d8f47ac5c8fa74db158c0a6e22e1cff21fb1511f68af01495e5fe8b20fc9ac53a5c113185082f5e77e1c64ddac98d1cb07f5dbfbbfb98e790850b9300de947879fc2572def38dbaf478631048b418da3de6406dd96bfb042da9d5a3065431e2e015fa8f545514497b163622173c22c61e8c112a0bef1fb5a50046b9fbe968a15f83d2f38bebdc19d2498e5981d34fa552a8c4", 0xb6}, {&(0x7f0000000380)}, {&(0x7f00000003c0)="ca3796fb010c9470ab9d5180949c989a415fe826d2e59e2adf65c8eb94118b12d8033f8b4f1bcba89c295a8cac397373279807b6d1edf4ceea34ea6de469e433dbdb7299eb7ff74dcbbd056682f817a9237d42eb0aea5361eecf4acfae", 0x5d}], 0x8)
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000500)=0x1c, 0x0)
getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000540)={@private1, <r1=>0x0}, &(0x7f0000000580)=0x14) (async, rerun: 64)
r2 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) (rerun: 64)
ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f00000005c0)) (async)
connect$inet(r2, &(0x7f0000000600)={0x2, 0x1, @remote}, 0x10)
read$hiddev(r2, &(0x7f0000000640)=""/136, 0x88) (async)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000700)=<r3=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, r3, 0x1, &(0x7f0000000740)) (async)
ioctl$VIDIOC_ENUMOUTPUT(r2, 0xc0485630, &(0x7f0000000780)={0x10, "2b3d10ad9208ddbde040921ad30a335bce71bf333990a10bf23093e35af4419a", 0x3, 0x7fff, 0x1ff, 0x1000, 0x4}) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000800)={0x200, 0x1, {0x3, 0x0, 0xfffffffb, 0x1, 0xfffffffa}, 0x5}) (async)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f0000000880))
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f00000008c0)={{0x7, 0x5}, {0x1, 0xa2b0}, 0x34a, 0x1}) (async)
prlimit64(r3, 0xf, &(0x7f0000000900)={0x2, 0x100000000}, &(0x7f0000000940)) (async)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0) (async)
read$FUSE(r2, &(0x7f00000009c0)={0x2020, 0x0, <r5=>0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_LSEEK(r4, &(0x7f0000002a00)={0x18, 0x0, r5, {0x1ff}}, 0x18) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002a40)='./cgroup.net/syz0\x00', 0x1ff)
geteuid() (async, rerun: 32)
ioctl$HIDIOCGRAWPHYS(r2, 0x80404805, &(0x7f0000002a80)) (async, rerun: 32)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r2, 0x8982, &(0x7f0000002ac0)={0x8, 'vlan0\x00', {'veth0_vlan\x00'}, 0x90}) (async)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000002b80)={'erspan0\x00', &(0x7f0000002b00)={'gre0\x00', r1, 0x7, 0x8000, 0x3, 0x2, {{0x14, 0x4, 0x2, 0x6, 0x50, 0x65, 0x0, 0x3, 0x29, 0x0, @multicast2, @remote, {[@ssrr={0x89, 0x17, 0x42, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @empty, @multicast2, @multicast1]}, @generic={0x88, 0x3, "e3"}, @noop, @ssrr={0x89, 0xf, 0x34, [@remote, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @noop, @rr={0x7, 0xf, 0x1f, [@loopback, @broadcast, @broadcast]}]}}}}}) (async)
getsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000002bc0), &(0x7f0000002c00)=0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
lstat(&(0x7f0000002c40)='./file0\x00', &(0x7f0000002c80)) (async)
ptrace$getsig(0x4202, r3, 0x8, &(0x7f0000002d00)) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x15)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000002e40)={&(0x7f0000002d80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002e00)={&(0x7f0000002dc0)={0x2c, 0xb, 0x6, 0x301, 0x0, 0x0, {0x7, 0x0, 0x4}, [@IPSET_ATTR_LINENO={0x8}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8084}, 0x8004)
syz_open_procfs(r6, &(0x7f0000002e80)='net/igmp6\x00')

4.150344244s ago: executing program 2 (id=253):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001080)='dctcp\x00', 0x6)
sendto$inet(r1, 0x0, 0x0, 0x24040ffd, &(0x7f0000000440)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000c40)='\x00', 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet(r1, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf74", 0x49, 0x182, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[], &(0x7f0000000240)=""/194, 0x35, 0xc2, 0x0, 0x4}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1e, 0x0, 0x0, 0x2, 0x0})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r5 = userfaultfd(0x80801)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
fcntl$getownex(r5, 0x10, &(0x7f0000000000)={0x0, <r8=>0x0})
syz_open_procfs(r8, &(0x7f0000000080)='net/ip6_mr_vif\x00')
pread64(r5, &(0x7f0000000200)=""/274, 0x16f, 0xfffffffffffffffb)

3.817648223s ago: executing program 1 (id=254):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000540)={@loopback={0x2}, 0x0, 0x0, 0xff, 0x1}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440), 0x10)
socket(0x2a, 0x4, 0x2)
socket$inet(0x2, 0x0, 0x84)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x200, 0xb})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x10, 0x9c2, 0xfc, 0xff, 0x9, 0x3, 0x5}, 0x1c)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240), 0x0, 0x0, 0x0)
io_uring_setup(0x15c7, &(0x7f0000000480)={0x0, 0x1f26, 0x800, 0x0, 0x404})
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000009, 0x13, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x2000)
r2 = socket(0x15, 0x5, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/rcu_normal', 0x42, 0x4)
memfd_create(0x0, 0x18)
sendfile(r3, r3, 0x0, 0xa)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r3, 0x4040942c, &(0x7f0000000000)={0x0, 0x7, [0x8, 0x100000000000003, 0x7, 0x4, 0x1ff, 0x1]})
getsockopt(r2, 0x200000000114, 0x271f, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)

3.424697792s ago: executing program 0 (id=255):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001)
fchdir(r0)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x1, &(0x7f0000000440))
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240)=0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xfffffffb, 0x2, 0x10000, 0xf6})
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f0000000000)={0x0, 0x4, 0xd4a4})
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0x0, @private1}, 0x1c)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000002030102000000000000000000000010080001000100000016c798a7a8be429f266aaa9fc26d5d401e00572f6bbf0e38b11b74fb052adbead0994c7e8c6a24cc5be3479fc2117ee54cc3b0a38ad3b7f90b31dfae64b66dd684f56214dcdc8185e581b1c33f5ad671e8ac18454066395c8eec06f484df86911de70a9410dc9f2a63839212062db703bd9a386bb2ca210a712924631d3923da233f43ce65cff9022548853c33ff260bfd4ca4580f8a1c80d4548497e4b492b934d2052345915c29838b78932aa8abe8c36f053711e5dc0b6a0812"], 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000380)=@assoc_value, &(0x7f00000003c0)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1})
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000000)={'virt_wifi0\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x4, 0x9, 0x0, 0xffffff7f}, {0xc, 0x9}, {}, {0x20, 0x0, 0xf2}, {0x6}]})
syz_open_dev$vcsn(&(0x7f0000000480), 0x1ff, 0xd05b01)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r5, {0x2, 0x4e24, @loopback}, 0x0, 0x0, 0x0, 0x1}}, 0x2e)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10065, 0x0)
close_range(r5, 0xffffffffffffffff, 0x2)

3.362499832s ago: executing program 1 (id=256):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xc)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x6, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "693f6200b8da3af3"}}, 0x48}}, 0x0)

3.18638361s ago: executing program 2 (id=257):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000140), 0x9)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket(0xa, 0x6, 0x0)
getsockopt$inet6_mreq(r2, 0x10d, 0x83, 0x0, &(0x7f0000000000)) (fail_nth: 1)

2.568842792s ago: executing program 2 (id=258):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000080)={'bond0\x00', 0x800})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000540)='kfree\x00', r0}, 0x10)
syz_open_dev$vivid(&(0x7f0000000480), 0x1, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x3c, 0xa, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz2\x00'}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_LINENO={0x8}]}, 0x3c}}, 0x0)

2.380440599s ago: executing program 2 (id=259):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da24"], 0x0)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x1, 0xccb4, 0x9585, 0x122, r1, 0xfffffff9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
syz_usb_ep_write(r0, 0xfc, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="7800000018002507b9409b14ffff00000202be040205fe056403040c5c000900580020010a0000000d0085a168216b46d32345653600648d270015000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000402160012000a0024a40423e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)
recvfrom(0xffffffffffffffff, &(0x7f00000001c0)=""/45, 0x2d, 0x40000140, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_GET_REPORT_REPLY(r5, &(0x7f00000000c0)={0xa, {0x0, 0x3, 0x11}}, 0xa)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
getsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000200), &(0x7f0000000940)=0x4)
sendmsg$AUDIT_ADD_RULE(r3, 0x0, 0x4000041)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x2c00, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x25000000)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300), 0x600001, 0x0)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="02c90012000e00050018010a0000dd3c0d022a705f9e93"], 0x17)

2.238415561s ago: executing program 0 (id=260):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x0, @scatter={0x1, 0x3, &(0x7f0000000540)=[{&(0x7f0000000380)=""/204, 0xcc}]}, &(0x7f0000000240)="008d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})

2.116733264s ago: executing program 1 (id=261):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000001640)={0x50, 0x2, 0x1, 0x101, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x2, 0x21}}]}]}, 0x50}}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x100000000, 0x90}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r1, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x80010, r0, 0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
close_range(r4, r3, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x2, 0x5, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r6, &(0x7f0000000300)='1\x00', 0xffffff4a)
write$sysctl(r6, &(0x7f0000000000)='2\x00', 0x2)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r5, &(0x7f0000000bc0)=[{&(0x7f0000000040)=@in={0x2, 0x4e22, @private=0xa010100}, 0x36, 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000070200000000000000000000000000000000000000000000125da2620197b60ec4cec729aa91c21b4376f81aa0502693a151f3bf33d812d20fc07d811afb9c1993aba6dd52cc62b5cc9d5c403fa31a53f7ae561a9e37410566a3afe4f8ede5c077da5dd1211e056e252325ddd5194361008fe8129c456fbf47874f6351ecb563aa2479363c1cfb9b00540804b9a69c091815607039d06c6ce634e641e77931c06d3517c088", @ANYRES32=0x0], 0x30}], 0x1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0x5)

2.11635391s ago: executing program 3 (id=262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000480)={<r2=>0xffffffffffffffff}, 0x2}}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000040)}], 0x1)
openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r7, 0x80089203, 0x200000000000000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @mcast1}, r2, 0x10}}, 0x48)

2.054211207s ago: executing program 0 (id=263):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000300)={0x1c, &(0x7f0000000180)={0x0, 0x0, 0x1, "98"}, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x172f, 0x501, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)

1.196470855s ago: executing program 3 (id=264):
r0 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0xfffd, 0x9, @empty, 0xc9f2}, 0x1c)

1.009896894s ago: executing program 3 (id=265):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000540)={@loopback={0x2}, 0x0, 0x0, 0xff, 0x1}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440), 0x10)
socket(0x2a, 0x4, 0x2)
socket$inet(0x2, 0x0, 0x84)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x200, 0xb})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x10, 0x9c2, 0xfc, 0xff, 0x9, 0x3, 0x5}, 0x1c)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
io_uring_setup(0x15c7, &(0x7f0000000480)={0x0, 0x1f26, 0x800, 0x0, 0x404})
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000009, 0x13, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x2000)
r2 = socket(0x15, 0x5, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/rcu_normal', 0x42, 0x4)
memfd_create(0x0, 0x18)
sendfile(r3, r3, 0x0, 0xa)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r3, 0x4040942c, &(0x7f0000000000)={0x0, 0x7, [0x8, 0x100000000000003, 0x7, 0x4, 0x1ff, 0x1]})
getsockopt(r2, 0x200000000114, 0x271f, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)

456.781613ms ago: executing program 1 (id=266):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001080)='dctcp\x00', 0x6)
sendto$inet(r1, 0x0, 0x0, 0x24040ffd, &(0x7f0000000440)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000c40)='\x00', 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet(r1, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf74", 0x49, 0x182, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[], &(0x7f0000000240)=""/194, 0x35, 0xc2, 0x0, 0x4}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1e, 0x0, 0x0, 0x2, 0x0})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r5 = userfaultfd(0x80801)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
fcntl$getownex(r5, 0x10, &(0x7f0000000000)={0x0, <r8=>0x0})
syz_open_procfs(r8, &(0x7f0000000080)='net/ip6_mr_vif\x00')
pread64(r5, &(0x7f0000000200)=""/274, 0x16f, 0xfffffffffffffffb)

398.525705ms ago: executing program 3 (id=267):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xc)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x6, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "693f6200b8da3af3"}}, 0x48}}, 0x0)

0s ago: executing program 4 (id=196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x505}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000002c0), 0xa79, r0}, 0x38)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_clone(0x84001100, 0x0, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000016c0)={0x5, &(0x7f0000000380)=[{0x4cc, 0x0, 0x0, 0x2}, {0x9, 0xe, 0x2, 0x5}, {0xff, 0x4, 0x82, 0xfffffff8}, {0x3, 0x3, 0x7, 0x5}, {0x5, 0x43, 0x6, 0xf}]})
r5 = socket(0xf, 0x6, 0xfffffffe)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r5)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdir(0x0, 0x8)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)

kernel console output (not intermixed with test programs):

ed BSSID 50:50:50:50:50:50
[   62.220600][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.239339][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.254110][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.264338][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.275504][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.285384][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.298699][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.313369][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.324790][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.351843][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.455778][ T5213] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.488688][ T5213] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.500910][ T5213] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.525067][ T5213] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.615180][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.659644][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.690422][ T5330] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   62.805565][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.843860][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.972975][ T1295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.980821][ T1295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.059545][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.088371][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.214399][ T5225] Bluetooth: hci4: command tx timeout
[   63.220099][ T5225] Bluetooth: hci2: command tx timeout
[   63.231540][ T5225] Bluetooth: hci1: command tx timeout
[   63.237378][ T5225] Bluetooth: hci3: command tx timeout
[   63.243186][ T5225] Bluetooth: hci0: command tx timeout
[   64.232099][ T5349] netlink: 'syz.3.15': attribute type 4 has an invalid length.
[   64.241645][ T5349] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.15'.
[   64.349007][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   64.520933][ T5353] syz.4.17 uses obsolete (PF_INET,SOCK_PACKET)
[   65.128355][ T5366] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   65.147431][ T5367] FAULT_INJECTION: forcing a failure.
[   65.147431][ T5367] name failslab, interval 1, probability 0, space 0, times 0
[   65.160198][ T5367] CPU: 0 UID: 0 PID: 5367 Comm: syz.0.19 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[   65.170797][ T5367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   65.180853][ T5367] Call Trace:
[   65.184136][ T5367]  <TASK>
[   65.187081][ T5367]  dump_stack_lvl+0x241/0x360
[   65.191782][ T5367]  ? __pfx_dump_stack_lvl+0x10/0x10
[   65.196997][ T5367]  ? __pfx__printk+0x10/0x10
[   65.201603][ T5367]  ? __kmalloc_node_noprof+0xb7/0x440
[   65.206986][ T5367]  ? __pfx___might_resched+0x10/0x10
[   65.212285][ T5367]  should_fail_ex+0x3b0/0x4e0
[   65.216977][ T5367]  should_failslab+0xac/0x100
[   65.221667][ T5367]  __kmalloc_node_noprof+0xdf/0x440
[   65.226880][ T5367]  ? alloc_slab_obj_exts+0x3a/0xa0
[   65.232007][ T5367]  alloc_slab_obj_exts+0x3a/0xa0
[   65.236953][ T5367]  __memcg_slab_post_alloc_hook+0x31c/0x7e0
[   65.242869][ T5367]  ? alloc_empty_file+0x9e/0x1d0
[   65.247815][ T5367]  kmem_cache_alloc_noprof+0x1de/0x2a0
[   65.253287][ T5367]  alloc_empty_file+0x9e/0x1d0
[   65.258067][ T5367]  alloc_file_pseudo+0x1da/0x290
[   65.263022][ T5367]  ? __pfx_alloc_file_pseudo+0x10/0x10
[   65.268489][ T5367]  ? alloc_fd+0x5a1/0x640
[   65.272835][ T5367]  anon_inode_getfd+0xce/0x1e0
[   65.277616][ T5367]  map_create+0xe5b/0x1200
[   65.282045][ T5367]  ? security_bpf+0x87/0xb0
[   65.286561][ T5367]  __sys_bpf+0x6d1/0x810
[   65.290812][ T5367]  ? __pfx___sys_bpf+0x10/0x10
[   65.295592][ T5367]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   65.301585][ T5367]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   65.307923][ T5367]  ? do_syscall_64+0x100/0x230
[   65.312702][ T5367]  __x64_sys_bpf+0x7c/0x90
[   65.317128][ T5367]  do_syscall_64+0xf3/0x230
[   65.321640][ T5367]  ? clear_bhb_loop+0x35/0x90
[   65.326331][ T5367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.332236][ T5367] RIP: 0033:0x7f81b17779f9
[   65.336656][ T5367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.356269][ T5367] RSP: 002b:00007f81b254e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   65.364696][ T5367] RAX: ffffffffffffffda RBX: 00007f81b1906130 RCX: 00007f81b17779f9
[   65.372675][ T5367] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000000
[   65.380652][ T5367] RBP: 00007f81b254e090 R08: 0000000000000000 R09: 0000000000000000
[   65.388628][ T5367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.396600][ T5367] R13: 0000000000000000 R14: 00007f81b1906130 R15: 00007ffe1b094168
[   65.404592][ T5367]  </TASK>
[   66.031496][ T5370] nbd: must specify at least one socket
[   66.329304][ T5381] sctp: [Deprecated]: syz.2.23 (pid 5381) Use of int in max_burst socket option deprecated.
[   66.329304][ T5381] Use struct sctp_assoc_value instead
[   67.903348][ T5407] nbd: must specify at least one socket
[   67.970787][ T5410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.37'.
[   68.179507][ T5416] sctp: [Deprecated]: syz.2.39 (pid 5416) Use of int in max_burst socket option deprecated.
[   68.179507][ T5416] Use struct sctp_assoc_value instead
[   68.190037][ T5418] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[   69.412498][ T5308] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   69.497631][   T29] audit: type=1326 audit(1723139492.981:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.501255][ T5444] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 925 (only 8 groups)
[   69.522274][   T29] audit: type=1326 audit(1723139492.981:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.552407][   T29] audit: type=1326 audit(1723139492.981:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.575709][   T29] audit: type=1326 audit(1723139492.981:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.602800][   T29] audit: type=1326 audit(1723139492.981:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.630009][   T29] audit: type=1326 audit(1723139492.981:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.657518][   T29] audit: type=1326 audit(1723139492.981:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.698440][ T5308] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   69.716312][   T29] audit: type=1326 audit(1723139492.981:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.742210][ T5308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   69.770330][   T29] audit: type=1326 audit(1723139492.981:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.771318][ T5308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   69.830156][   T29] audit: type=1326 audit(1723139492.981:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5443 comm="syz.3.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494c1779f9 code=0x7ffc0000
[   69.852152][ T5308] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   69.883989][ T5308] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   69.893656][ T5308] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.901782][ T5449] netlink: 8 bytes leftover after parsing attributes in process `syz.3.49'.
[   69.914907][ T5308] usb 2-1: config 0 descriptor??
[   70.517601][ T5464] fuse: Bad value for 'fd'
[   70.821780][ T5308] usbhid 2-1:0.0: can't add hid device: -71
[   70.840046][ T5308] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[   70.883156][ T5308] usb 2-1: USB disconnect, device number 2
[   70.942577][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   71.542493][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   71.723441][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[   71.838983][ T1262] ieee802154 phy1 wpan1: encryption failed: -22
[   72.029297][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   72.124276][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   72.133868][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   72.174189][ T5301] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   72.382267][ T5301] usb 5-1: Using ep0 maxpacket: 32
[   72.389933][ T5301] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[   72.409514][ T5301] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[   72.419140][ T5301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.430550][ T5301] usb 5-1: Product: syz
[   72.432254][ T5270] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   72.435288][ T5301] usb 5-1: Manufacturer: syz
[   72.448727][ T5301] usb 5-1: SerialNumber: syz
[   72.469420][ T5301] usb 5-1: config 0 descriptor??
[   72.481602][ T5477] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   72.494898][ T5301] hub 5-1:0.0: bad descriptor, ignoring hub
[   72.501139][ T5301] hub 5-1:0.0: probe with driver hub failed with error -5
[   72.530411][ T5301] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5
[   72.664317][ T5270] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   72.686500][ T5270] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.720034][ T5270] usb 4-1: config 0 descriptor??
[   72.817808][ T5477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.856847][ T5477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.960787][ T5489] netlink: 'syz.4.61': attribute type 10 has an invalid length.
[   73.085175][ T5489] batman_adv: batadv0: Adding interface: team0
[   73.091586][ T5489] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.235881][ T5489] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   73.249460][ T5491] netlink: 'syz.4.61': attribute type 10 has an invalid length.
[   73.259885][ T5491] netlink: 2 bytes leftover after parsing attributes in process `syz.4.61'.
[   73.269548][ T5491] team0: entered promiscuous mode
[   73.274881][ T5491] team_slave_0: entered promiscuous mode
[   73.281571][ T5491] team_slave_1: entered promiscuous mode
[   73.293509][ T5491] 8021q: adding VLAN 0 to HW filter on device team0
[   73.300922][ T5491] batman_adv: batadv0: Interface activated: team0
[   73.307756][ T5491] batman_adv: batadv0: Interface deactivated: team0
[   73.314794][ T5491] batman_adv: batadv0: Removing interface: team0
[   73.416558][ T5270] usb 4-1: Cannot read MAC address
[   73.429737][ T5270] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61
[   73.766403][ T5491] bridge0: port 3(team0) entered blocking state
[   73.776180][ T5491] bridge0: port 3(team0) entered disabled state
[   73.783325][ T5491] team0: entered allmulticast mode
[   73.787188][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[   73.788697][ T5491] team_slave_0: entered allmulticast mode
[   73.802863][ T5491] team_slave_1: entered allmulticast mode
[   73.812192][ T5318] usb 4-1: USB disconnect, device number 2
[   73.814540][ T5491] bridge0: port 3(team0) entered blocking state
[   73.825037][ T5491] bridge0: port 3(team0) entered forwarding state
[   74.307445][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[   74.345463][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   78.198735][ T1171] cfg80211: failed to load regulatory.db
[   78.475308][ T5501] fuse: Bad value for 'fd'
[   78.680915][ T5318] usb 5-1: USB disconnect, device number 2
[   78.681063][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[   78.997113][ T5507] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.527686][ T5520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.72'.
[   80.086913][ T5531] netlink: 12 bytes leftover after parsing attributes in process `syz.1.73'.
[   80.211467][   T29] kauditd_printk_skb: 6 callbacks suppressed
[   80.211862][   T29] audit: type=1326 audit(1723139503.691:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5528 comm="syz.1.73" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f46c63779f9 code=0x0
[   80.241821][ T5225] Bluetooth: hci4: command 0x0405 tx timeout
[   80.401524][ T5535] netlink: 12 bytes leftover after parsing attributes in process `syz.4.74'.
[   80.615917][   T29] audit: type=1326 audit(1723139504.101:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5533 comm="syz.4.74" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe90ad779f9 code=0x0
[   81.241005][ T5267] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   81.705845][ T5547] FAULT_INJECTION: forcing a failure.
[   81.705845][ T5547] name failslab, interval 1, probability 0, space 0, times 0
[   81.749731][ T5547] CPU: 1 UID: 0 PID: 5547 Comm: syz.1.77 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[   81.760261][ T5547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   81.770328][ T5547] Call Trace:
[   81.773616][ T5547]  <TASK>
[   81.776553][ T5547]  dump_stack_lvl+0x241/0x360
[   81.781250][ T5547]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.786464][ T5547]  ? __pfx__printk+0x10/0x10
[   81.791073][ T5547]  ? ref_tracker_alloc+0x332/0x490
[   81.796197][ T5547]  should_fail_ex+0x3b0/0x4e0
[   81.800885][ T5547]  ? skb_clone+0x20c/0x390
[   81.805318][ T5547]  should_failslab+0xac/0x100
[   81.810010][ T5547]  ? skb_clone+0x20c/0x390
[   81.814443][ T5547]  kmem_cache_alloc_noprof+0x6c/0x2a0
[   81.819833][ T5547]  skb_clone+0x20c/0x390
[   81.824096][ T5547]  __netlink_deliver_tap+0x3cc/0x7c0
[   81.829413][ T5547]  ? netlink_deliver_tap+0x2e/0x1b0
[   81.834636][ T5547]  netlink_deliver_tap+0x19d/0x1b0
[   81.839767][ T5547]  netlink_unicast+0x7be/0x990
[   81.844561][ T5547]  ? __pfx_netlink_unicast+0x10/0x10
[   81.849856][ T5547]  ? __virt_addr_valid+0x183/0x530
[   81.854977][ T5547]  ? __check_object_size+0x49c/0x900
[   81.860270][ T5547]  ? bpf_lsm_netlink_send+0x9/0x10
[   81.865389][ T5547]  netlink_sendmsg+0x8e4/0xcb0
[   81.870149][ T5547]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.875421][ T5547]  ? __import_iovec+0x536/0x820
[   81.880263][ T5547]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   81.885537][ T5547]  ? security_socket_sendmsg+0x87/0xb0
[   81.891003][ T5547]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.896287][ T5547]  __sock_sendmsg+0x221/0x270
[   81.900966][ T5547]  ____sys_sendmsg+0x525/0x7d0
[   81.905732][ T5547]  ? __pfx_____sys_sendmsg+0x10/0x10
[   81.911018][ T5547]  __sys_sendmsg+0x2b0/0x3a0
[   81.915602][ T5547]  ? __pfx___sys_sendmsg+0x10/0x10
[   81.920720][ T5547]  ? vfs_write+0x7c4/0xc90
[   81.925159][ T5547]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   81.931481][ T5547]  ? do_syscall_64+0x100/0x230
[   81.936247][ T5547]  ? do_syscall_64+0xb6/0x230
[   81.940922][ T5547]  do_syscall_64+0xf3/0x230
[   81.945420][ T5547]  ? clear_bhb_loop+0x35/0x90
[   81.950093][ T5547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.955980][ T5547] RIP: 0033:0x7f46c63779f9
[   81.960385][ T5547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.980076][ T5547] RSP: 002b:00007f46c71fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.988492][ T5547] RAX: ffffffffffffffda RBX: 00007f46c6505f80 RCX: 00007f46c63779f9
[   81.996450][ T5547] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[   82.004408][ T5547] RBP: 00007f46c71fc090 R08: 0000000000000000 R09: 0000000000000000
[   82.012370][ T5547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.020327][ T5547] R13: 0000000000000000 R14: 00007f46c6505f80 R15: 00007ffead819768
[   82.028298][ T5547]  </TASK>
[   82.087813][ T5267] usb 3-1: Using ep0 maxpacket: 32
[   82.106929][ T5267] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[   82.126210][ T5267] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[   82.140065][ T5267] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.282356][ T5267] usb 3-1: Product: syz
[   82.289150][ T5267] usb 3-1: Manufacturer: syz
[   82.307098][ T5267] usb 3-1: SerialNumber: syz
[   83.029049][ T5267] usb 3-1: config 0 descriptor??
[   83.040443][ T5541] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   83.107188][ T5267] hub 3-1:0.0: bad descriptor, ignoring hub
[   83.121847][ T5267] hub 3-1:0.0: probe with driver hub failed with error -5
[   83.132447][ T5267] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6
[   84.032933][ T5541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.041583][ T5541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.476131][ T5270] usb 3-1: USB disconnect, device number 2
[   92.476265][    C1] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[   92.672023][ T5566] netlink: 'syz.2.75': attribute type 10 has an invalid length.
[   92.704358][ T5566] netlink: 2 bytes leftover after parsing attributes in process `syz.2.75'.
[   92.781464][ T5566] team0: entered promiscuous mode
[   92.807236][ T5566] team_slave_0: entered promiscuous mode
[   92.832058][ T5577] netlink: 12 bytes leftover after parsing attributes in process `syz.4.83'.
[   92.852647][ T5566] team_slave_1: entered promiscuous mode
[   92.858519][ T5566] bridge0: port 3(team0) entered blocking state
[   92.887897][ T5566] bridge0: port 3(team0) entered disabled state
[   92.900752][ T5566] team0: entered allmulticast mode
[   92.933264][ T5566] team_slave_0: entered allmulticast mode
[   92.938999][ T5566] team_slave_1: entered allmulticast mode
[   92.993122][ T5566] bridge0: port 3(team0) entered blocking state
[   92.999520][ T5566] bridge0: port 3(team0) entered forwarding state
[   93.072460][   T29] audit: type=1326 audit(1723139516.551:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5571 comm="syz.4.83" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe90ad779f9 code=0x0
[   93.806045][ T5584] netlink: 12 bytes leftover after parsing attributes in process `syz.1.87'.
[   93.931489][   T29] audit: type=1326 audit(1723139517.401:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5582 comm="syz.1.87" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f46c63779f9 code=0x0
[   94.039872][ T5216] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   94.050911][ T5216] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   94.059142][ T5216] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   94.067514][ T5216] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   94.075565][ T5216] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   94.085258][ T5216] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.134645][ T5216] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   94.142738][ T5216] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   94.150891][ T5216] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   94.160067][ T5216] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   94.181283][ T5232] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   94.188876][ T5232] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   94.262228][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   94.270775][ T5232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   94.279001][ T5232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   94.287291][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   94.295140][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   94.302632][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   94.600146][ T1295] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.647772][ T1295] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.054303][ T1295] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.210387][ T1295] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.233297][ T5232] Bluetooth: hci5: command tx timeout
[   96.233314][ T5225] Bluetooth: hci0: command tx timeout
[   96.392761][ T5232] Bluetooth: hci4: command tx timeout
[   96.412854][   T47] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   96.507676][ T1295] bridge_slave_1: left allmulticast mode
[   96.517324][ T1295] bridge_slave_1: left promiscuous mode
[   96.523911][ T1295] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.539481][ T1295] bridge_slave_0: left allmulticast mode
[   96.546274][ T1295] bridge_slave_0: left promiscuous mode
[   96.552195][ T1295] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.602268][   T47] usb 5-1: Using ep0 maxpacket: 32
[   96.615793][   T47] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[   96.634639][   T47] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[   96.644602][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.653096][   T47] usb 5-1: Product: syz
[   96.657820][   T47] usb 5-1: Manufacturer: syz
[   96.665045][   T47] usb 5-1: SerialNumber: syz
[   96.675820][   T47] usb 5-1: config 0 descriptor??
[   96.682438][ T5616] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   96.695396][   T47] hub 5-1:0.0: bad descriptor, ignoring hub
[   96.701546][   T47] hub 5-1:0.0: probe with driver hub failed with error -5
[   96.721414][   T47] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input7
[   97.051966][ T1295] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   97.330363][ T1295] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.390473][ T1295] bond0 (unregistering): Released all slaves
[   98.115423][ T5633] netlink: 'syz.4.94': attribute type 10 has an invalid length.
[   98.123494][ T5633] netlink: 2 bytes leftover after parsing attributes in process `syz.4.94'.
[   98.312303][ T5232] Bluetooth: hci5: command tx timeout
[   98.317903][ T5232] Bluetooth: hci0: command tx timeout
[   98.532747][ T5225] Bluetooth: hci4: command tx timeout
[   98.820715][ T1295] IPVS: stopping backup sync thread 5418 ...
[   98.873216][ T5630] netlink: 'syz.4.94': attribute type 10 has an invalid length.
[   99.004758][ T5630] bridge0: port 3(team0) entered disabled state
[   99.075311][ T5630] team0: left allmulticast mode
[   99.080358][ T5630] team_slave_0: left allmulticast mode
[   99.086183][ T5630] team_slave_1: left allmulticast mode
[   99.091739][ T5630] team0: left promiscuous mode
[   99.096606][ T5630] team_slave_0: left promiscuous mode
[   99.103107][ T5630] team_slave_1: left promiscuous mode
[   99.109869][ T5630] bridge0: port 3(team0) entered disabled state
[   99.238586][ T5630] batman_adv: batadv0: Adding interface: team0
[   99.245084][ T5630] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.273316][ T5630] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   99.405493][ T5593] chnl_net:caif_netlink_parms(): no params data found
[   99.513584][ T5588] chnl_net:caif_netlink_parms(): no params data found
[  101.382448][ T5225] Bluetooth: hci0: command tx timeout
[  101.388021][ T5225] Bluetooth: hci5: command tx timeout
[  101.393682][ T5225] Bluetooth: hci4: command tx timeout
[  101.920927][ T1769] usb 5-1: USB disconnect, device number 3
[  101.926775][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  102.302363][ T5267] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  102.982350][ T5589] chnl_net:caif_netlink_parms(): no params data found
[  103.044612][ T5593] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.051899][ T5593] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.061048][ T5593] bridge_slave_0: entered allmulticast mode
[  103.068487][ T5593] bridge_slave_0: entered promiscuous mode
[  103.078178][ T5593] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.085338][ T5593] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.093058][ T5593] bridge_slave_1: entered allmulticast mode
[  103.100706][ T5593] bridge_slave_1: entered promiscuous mode
[  103.112119][ T5588] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.119958][ T5588] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.127234][ T5588] bridge_slave_0: entered allmulticast mode
[  103.134617][ T5588] bridge_slave_0: entered promiscuous mode
[  103.157911][ T5267] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.171109][ T5267] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  103.180534][ T5267] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.210297][ T5267] usb 2-1: config 0 descriptor??
[  103.218730][ T5588] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.225302][ T5267] pwc: Askey VC010 type 2 USB webcam detected.
[  103.226302][ T5588] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.239875][ T5588] bridge_slave_1: entered allmulticast mode
[  103.247426][ T5588] bridge_slave_1: entered promiscuous mode
[  103.264155][ T1295] hsr_slave_0: left promiscuous mode
[  103.270665][ T1295] hsr_slave_1: left promiscuous mode
[  103.277983][ T1295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.285597][ T1295] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.295345][ T1295] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.302923][ T1295] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.326644][ T1295] veth1_macvtap: left promiscuous mode
[  103.332492][ T1295] veth0_macvtap: left promiscuous mode
[  103.338047][ T1295] veth1_vlan: left promiscuous mode
[  103.344078][ T1295] veth0_vlan: left promiscuous mode
[  103.432704][ T5232] Bluetooth: hci4: command tx timeout
[  103.438135][ T5232] Bluetooth: hci5: command tx timeout
[  103.443598][ T5225] Bluetooth: hci0: command tx timeout
[  103.450793][ T5267] pwc: send_video_command error -71
[  103.468533][ T5267] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  103.487265][ T5267] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  103.512575][ T5267] usb 2-1: USB disconnect, device number 3
[  103.778080][ T1295] team0 (unregistering): Port device team_slave_1 removed
[  103.808991][ T1295] team0 (unregistering): Port device team_slave_0 removed
[  104.024088][ T5267] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  104.105955][ T5593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.160719][ T5593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.227801][ T5267] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  104.242671][ T5267] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  104.252980][ T5267] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.276018][ T5588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.286428][ T5267] usb 2-1: config 0 descriptor??
[  104.295299][ T5267] pwc: Askey VC010 type 2 USB webcam detected.
[  104.321775][ T5593] team0: Port device team_slave_0 added
[  104.353386][ T5589] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.360646][ T5589] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.368058][ T5589] bridge_slave_0: entered allmulticast mode
[  104.375767][ T5589] bridge_slave_0: entered promiscuous mode
[  104.390169][ T5588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.410037][ T5593] team0: Port device team_slave_1 added
[  104.421219][ T5589] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.432704][ T5589] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.440349][ T5589] bridge_slave_1: entered allmulticast mode
[  104.451285][ T5589] bridge_slave_1: entered promiscuous mode
[  104.625574][ T5589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.641655][ T5588] team0: Port device team_slave_0 added
[  104.651051][ T5593] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.670804][ T5593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.698766][ T5267] pwc: recv_control_msg error -32 req 02 val 2b00
[  104.705776][ T5593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.718108][ T5640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  104.726651][ T5267] pwc: recv_control_msg error -32 req 02 val 2700
[  104.734576][ T5640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.749229][ T5593] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.758170][ T5640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  104.767940][ T5593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.794370][ T5640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.813936][ T5267] pwc: recv_control_msg error -71 req 02 val 2c00
[  104.820605][ T5593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.832326][ T5267] pwc: recv_control_msg error -71 req 04 val 1000
[  104.837723][ T5589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.842668][ T5267] pwc: recv_control_msg error -71 req 04 val 1300
[  104.857718][ T5267] pwc: recv_control_msg error -71 req 04 val 1400
[  104.864688][ T5267] pwc: recv_control_msg error -71 req 02 val 2000
[  104.871520][ T5267] pwc: recv_control_msg error -71 req 02 val 2100
[  104.878704][ T5267] pwc: recv_control_msg error -71 req 04 val 1500
[  104.880888][ T5588] team0: Port device team_slave_1 added
[  104.885687][ T5267] pwc: recv_control_msg error -71 req 02 val 2500
[  104.898054][ T5267] pwc: recv_control_msg error -71 req 02 val 2400
[  104.906046][ T5267] pwc: recv_control_msg error -71 req 02 val 2600
[  104.913334][ T5267] pwc: recv_control_msg error -71 req 02 val 2900
[  104.920168][ T5267] pwc: recv_control_msg error -71 req 02 val 2800
[  104.983193][ T5267] pwc: recv_control_msg error -71 req 04 val 1100
[  104.990784][ T5267] pwc: recv_control_msg error -71 req 04 val 1200
[  105.005588][ T5267] pwc: Registered as video71.
[  105.014512][ T5267] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8
[  105.050437][ T5267] usb 2-1: USB disconnect, device number 4
[  105.209033][ T5589] team0: Port device team_slave_0 added
[  105.228134][ T5588] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.240914][ T5588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.268367][ T5588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.307131][ T5673] sctp: [Deprecated]: syz.4.98 (pid 5673) Use of int in max_burst socket option deprecated.
[  105.307131][ T5673] Use struct sctp_assoc_value instead
[  105.307213][ T5588] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.334330][ T5588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.360752][ T5588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.422731][ T5589] team0: Port device team_slave_1 added
[  105.527793][ T5593] hsr_slave_0: entered promiscuous mode
[  105.550132][ T5593] hsr_slave_1: entered promiscuous mode
[  105.628949][ T5676] netlink: 'syz.1.99': attribute type 4 has an invalid length.
[  105.636796][ T5676] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.99'.
[  106.417286][ T5593] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  106.472593][ T5593] Cannot create hsr debugfs directory
[  109.085230][ T5589] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.143328][ T5589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.254253][ T5589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.431746][ T1295] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.450321][ T5589] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.466997][ T5589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.494753][ T5589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.580101][ T1295] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.664272][ T5588] hsr_slave_0: entered promiscuous mode
[  109.674013][ T5588] hsr_slave_1: entered promiscuous mode
[  109.683964][ T5588] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.691627][ T5588] Cannot create hsr debugfs directory
[  109.746122][ T1295] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.904744][ T1295] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.930351][ T5589] hsr_slave_0: entered promiscuous mode
[  109.940257][ T5589] hsr_slave_1: entered promiscuous mode
[  109.960164][ T5589] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.969244][ T5589] Cannot create hsr debugfs directory
[  110.537573][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  110.741156][ T1295] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.752491][    T9] usb 5-1: Using ep0 maxpacket: 32
[  110.763552][    T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  110.786942][    T9] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  110.797369][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.809815][    T9] usb 5-1: Product: syz
[  110.814068][    T9] usb 5-1: Manufacturer: syz
[  110.819797][    T9] usb 5-1: SerialNumber: syz
[  110.842469][ T5308] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  110.856122][    T9] usb 5-1: config 0 descriptor??
[  110.864497][ T5710] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  110.873396][    T9] hub 5-1:0.0: bad descriptor, ignoring hub
[  110.879632][    T9] hub 5-1:0.0: probe with driver hub failed with error -5
[  110.897447][ T1295] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.898220][    T9] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input9
[  110.983595][ T1295] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.065761][ T5308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.089860][ T5308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.100390][ T5308] usb 2-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.09
[  111.109996][ T5308] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.153488][ T5308] usb 2-1: config 0 descriptor??
[  111.180336][ T1295] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.243212][ T5710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.260020][ T5710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.515218][ T5718] netlink: 'syz.4.104': attribute type 10 has an invalid length.
[  111.524095][ T5718] netlink: 2 bytes leftover after parsing attributes in process `syz.4.104'.
[  111.533144][ T5718] team0: entered promiscuous mode
[  111.538217][ T5718] team_slave_0: entered promiscuous mode
[  111.544233][ T5718] team_slave_1: entered promiscuous mode
[  111.552087][ T5718] 8021q: adding VLAN 0 to HW filter on device team0
[  111.560161][ T5718] batman_adv: batadv0: Interface activated: team0
[  111.566704][ T5718] batman_adv: batadv0: Interface deactivated: team0
[  111.573442][ T5718] batman_adv: batadv0: Removing interface: team0
[  111.596344][ T5718] bridge0: port 3(team0) entered blocking state
[  111.605114][ T5718] bridge0: port 3(team0) entered disabled state
[  111.611553][ T5718] team0: entered allmulticast mode
[  111.616800][ T5718] team_slave_0: entered allmulticast mode
[  111.622607][ T5718] team_slave_1: entered allmulticast mode
[  111.630723][ T5718] bridge0: port 3(team0) entered blocking state
[  111.637187][ T5718] bridge0: port 3(team0) entered forwarding state
[  111.648968][ T5719] netlink: 'syz.4.104': attribute type 10 has an invalid length.
[  111.684427][ T5719] bridge0: port 3(team0) entered disabled state
[  111.692851][ T5719] team0: left allmulticast mode
[  111.697879][ T5719] team_slave_0: left allmulticast mode
[  111.703520][ T5719] team_slave_1: left allmulticast mode
[  111.709376][ T5719] team0: left promiscuous mode
[  111.714518][ T5719] team_slave_0: left promiscuous mode
[  111.717185][ T5308] logitech-hidpp-device 0003:046D:C086.0001: item fetching failed at offset 1/5
[  111.729688][ T5719] team_slave_1: left promiscuous mode
[  111.730881][ T5308] logitech-hidpp-device 0003:046D:C086.0001: hidpp_probe:parse failed
[  111.744231][ T5719] bridge0: port 3(team0) entered disabled state
[  111.744560][ T5308] logitech-hidpp-device 0003:046D:C086.0001: probe with driver logitech-hidpp-device failed with error -22
[  112.171713][ T5719] batman_adv: batadv0: Adding interface: team0
[  112.178449][ T5719] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.203761][ T5719] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  114.795458][ T5301] usb 5-1: USB disconnect, device number 4
[  114.795594][    C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  115.341153][ T5271] usb 2-1: USB disconnect, device number 5
[  115.510791][ T1295] bridge_slave_1: left allmulticast mode
[  115.531735][ T1295] bridge_slave_1: left promiscuous mode
[  115.548524][ T1295] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.791900][ T1295] bridge_slave_0: left allmulticast mode
[  116.054304][ T1295] bridge_slave_0: left promiscuous mode
[  116.444344][ T1295] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.529092][ T1295] team0: left allmulticast mode
[  116.553479][ T1295] team_slave_0: left allmulticast mode
[  116.559161][ T1295] team_slave_1: left allmulticast mode
[  116.624037][ T1295] bridge0: port 3(team0) entered disabled state
[  116.666783][ T1295] bridge_slave_1: left allmulticast mode
[  116.681532][ T1295] bridge_slave_1: left promiscuous mode
[  116.694126][ T1295] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.723798][ T1295] bridge_slave_0: left allmulticast mode
[  116.729465][ T1295] bridge_slave_0: left promiscuous mode
[  116.751545][ T1295] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.197170][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.110'.
[  118.602646][ T1295] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.631613][ T1295] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.649349][ T1295] bond0 (unregistering): Released all slaves
[  118.809516][ T1295] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.840528][ T1295] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.870646][ T1295] bond0 (unregistering): Released all slaves
[  118.994123][ T5588] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  119.061768][ T5588] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  119.121664][ T5588] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  119.160795][ T5588] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  120.333837][ T5588] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.387497][ T5588] 8021q: adding VLAN 0 to HW filter on device team0
[  120.600436][ T5318] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.607619][ T5318] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.784588][ T5318] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.791780][ T5318] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.452263][ T5301] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  121.536482][ T1295] hsr_slave_0: left promiscuous mode
[  121.546565][ T1295] hsr_slave_1: left promiscuous mode
[  121.553902][ T1295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.565605][ T1295] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.575288][ T1295] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.583158][ T1295] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.595070][ T1295] hsr_slave_0: left promiscuous mode
[  121.600902][ T1295] hsr_slave_1: left promiscuous mode
[  121.608325][ T1295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.615873][ T1295] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.624444][ T1295] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.664094][ T1295] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.675701][ T5301] usb 2-1: Using ep0 maxpacket: 32
[  121.737608][ T5301] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  124.062404][ T5301] usb 2-1: string descriptor 0 read error: -71
[  124.078155][ T1295] veth1_macvtap: left promiscuous mode
[  124.094131][ T5301] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  124.111465][ T1295] veth0_macvtap: left promiscuous mode
[  124.120748][ T5301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.140571][ T1295] veth1_vlan: left promiscuous mode
[  124.162081][ T1295] veth0_vlan: left promiscuous mode
[  124.186178][ T5301] usb 2-1: config 0 descriptor??
[  124.191781][ T5301] usb 2-1: can't set config #0, error -71
[  124.199289][ T1295] veth1_macvtap: left promiscuous mode
[  124.207649][ T5301] usb 2-1: USB disconnect, device number 6
[  124.209392][ T1295] veth0_macvtap: left promiscuous mode
[  124.219144][ T1295] veth1_vlan: left promiscuous mode
[  124.226123][ T1295] veth0_vlan: left promiscuous mode
[  124.311369][ T5811] netlink: 12 bytes leftover after parsing attributes in process `syz.4.119'.
[  124.441611][   T29] audit: type=1326 audit(1723139803.926:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5808 comm="syz.4.119" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe90ad779f9 code=0x0
[  124.473571][ T5232] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  124.482621][ T5232] Bluetooth: hci3: Injecting HCI hardware error event
[  124.498763][ T5225] Bluetooth: hci3: hardware error 0x00
[  125.062786][ T1295] team0 (unregistering): Port device team_slave_1 removed
[  125.133368][ T1295] team0 (unregistering): Port device team_slave_0 removed
[  125.701137][ T1295] team_slave_1 (unregistering): left promiscuous mode
[  125.714721][ T1295] team0 (unregistering): Port device team_slave_1 removed
[  125.748226][ T1295] team_slave_0 (unregistering): left promiscuous mode
[  125.756708][ T1295] team0 (unregistering): Port device team_slave_0 removed
[  126.124763][ T5589] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  126.150793][ T5589] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  126.208790][ T5588] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  126.238795][ T5589] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  126.286400][ T5589] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  126.376640][   T29] audit: type=1326 audit(1723139805.856:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5819 comm="syz.4.122" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe90ad779f9 code=0x0
[  126.501361][ T5828] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  126.508026][ T5828] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  126.526871][ T5828] vhci_hcd vhci_hcd.0: Device attached
[  126.552485][ T5225] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  126.569152][ T5593] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  126.587349][ T5593] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  126.609619][ T5593] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  126.666291][ T5593] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  126.733610][ T1769] vhci_hcd: vhci_device speed not set
[  126.809008][ T5821] netlink: 'syz.4.122': attribute type 1 has an invalid length.
[  126.819845][ T5821] netlink: 4 bytes leftover after parsing attributes in process `syz.4.122'.
[  126.829296][ T1769] usb 17-1: new full-speed USB device number 2 using vhci_hcd
[  126.854021][ T5821] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  126.865899][ T5821] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  126.875020][ T5821] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  126.885095][ T5821] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  127.104362][ T5589] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.123354][ T5588] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.200871][ T5830] vhci_hcd: connection closed
[  127.207391][   T62] vhci_hcd: stop threads
[  127.226305][   T62] vhci_hcd: release socket
[  127.231688][   T62] vhci_hcd: disconnect device
[  127.238614][ T5589] 8021q: adding VLAN 0 to HW filter on device team0
[  127.309621][ T5588] veth0_vlan: entered promiscuous mode
[  127.365611][ T5593] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.384532][ T5270] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.391642][ T5270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.449466][ T5270] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.456632][ T5270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.513798][ T5588] veth1_vlan: entered promiscuous mode
[  127.618028][ T5593] 8021q: adding VLAN 0 to HW filter on device team0
[  127.659876][ T5589] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  127.672233][ T5589] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  127.741363][ T5270] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.748496][ T5270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.776691][ T5270] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.783882][ T5270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.866205][ T5588] veth0_macvtap: entered promiscuous mode
[  127.954959][ T5588] veth1_macvtap: entered promiscuous mode
[  128.033529][ T5588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.066330][ T5588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.088647][ T5588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.103824][ T5588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.115786][ T5588] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.140155][ T5588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.173243][ T5588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.193105][ T5588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.209563][ T5588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.223708][ T5588] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.257420][ T5588] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.277434][ T5588] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.291506][ T5588] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.306725][ T5588] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.352310][ T5267] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  128.377338][ T5589] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.438910][ T5593] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.500094][ T5636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.524923][ T5636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.554155][ T5267] usb 5-1: Using ep0 maxpacket: 32
[  128.591068][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.595182][ T5589] veth0_vlan: entered promiscuous mode
[  128.604860][ T5267] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  128.622117][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.629300][ T5267] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  128.653696][ T5267] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.671907][ T5593] veth0_vlan: entered promiscuous mode
[  128.680054][ T5267] usb 5-1: Product: syz
[  128.686994][ T5267] usb 5-1: Manufacturer: syz
[  128.699520][ T5267] usb 5-1: SerialNumber: syz
[  128.716828][ T5267] usb 5-1: config 0 descriptor??
[  128.723148][ T5865] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  128.761045][ T5593] veth1_vlan: entered promiscuous mode
[  128.785905][ T5267] hub 5-1:0.0: bad descriptor, ignoring hub
[  128.793018][ T5589] veth1_vlan: entered promiscuous mode
[  128.799641][ T5267] hub 5-1:0.0: probe with driver hub failed with error -5
[  128.812899][ T5267] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input10
[  128.840314][ T5881] netlink: 'syz.0.84': attribute type 10 has an invalid length.
[  128.851716][ T5881] netlink: 55 bytes leftover after parsing attributes in process `syz.0.84'.
[  129.011241][ T5589] veth0_macvtap: entered promiscuous mode
[  129.116047][ T5589] veth1_macvtap: entered promiscuous mode
[  129.165063][ T5593] veth0_macvtap: entered promiscuous mode
[  129.199545][ T5593] veth1_macvtap: entered promiscuous mode
[  129.221317][ T5865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.262066][ T5865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.301460][ T5593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.332570][ T5593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.343676][ T5593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.358048][ T5593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.370031][ T5593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.444567][ T5593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.050385][ T5593] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.992382][ T5225] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  132.002081][ T5225] Bluetooth: hci2: Injecting HCI hardware error event
[  132.011545][ T5225] Bluetooth: hci2: hardware error 0x00
[  133.120840][ T1769] vhci_hcd: vhci_device speed not set
[  133.251049][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[  133.255418][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.273061][ T5271] usb 5-1: USB disconnect, device number 5
[  133.278902][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  133.288404][ T1262] ieee802154 phy1 wpan1: encryption failed: -22
[  133.297746][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.307644][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.318142][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.328366][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.340245][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.352017][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.363667][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.387518][ T5589] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.409091][ T5892] netlink: 'syz.4.124': attribute type 10 has an invalid length.
[  133.442024][ T5892] netlink: 2 bytes leftover after parsing attributes in process `syz.4.124'.
[  133.498474][ T5892] team0: entered promiscuous mode
[  133.517306][ T5892] team_slave_0: entered promiscuous mode
[  133.553915][ T5892] team_slave_1: entered promiscuous mode
[  133.620117][ T5892] 8021q: adding VLAN 0 to HW filter on device team0
[  133.631716][ T5892] batman_adv: batadv0: Interface activated: team0
[  133.640734][ T5892] batman_adv: batadv0: Interface deactivated: team0
[  133.652601][ T5892] batman_adv: batadv0: Removing interface: team0
[  133.679573][ T5892] bridge0: port 3(team0) entered blocking state
[  133.706027][ T5892] bridge0: port 3(team0) entered disabled state
[  133.732346][ T5892] team0: entered allmulticast mode
[  133.737452][ T5892] team_slave_0: entered allmulticast mode
[  133.759254][ T5892] team_slave_1: entered allmulticast mode
[  133.775369][ T5892] bridge0: port 3(team0) entered blocking state
[  133.781661][ T5892] bridge0: port 3(team0) entered forwarding state
[  133.800182][ T5593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.851223][ T5593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.866243][ T5593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.883845][ T5593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.897317][ T5593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.910470][ T5593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.938006][ T5593] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.963474][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.992458][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.022215][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.124290][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.176001][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.236230][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.279957][ T5589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.286492][ T5904] sched: RT throttling activated
[  135.289709][ T5225] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  135.316897][ T5589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.953094][ T5589] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.005311][ T5593] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.075123][ T5593] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.122099][ T5593] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.152723][ T5593] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.208526][ T5589] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.248590][ T5589] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.274238][ T5589] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.308723][ T5589] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.354603][ T5914] netlink: 'syz.0.129': attribute type 4 has an invalid length.
[  136.362475][ T5914] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.129'.
[  136.671823][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.704970][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.820935][ T1295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.858184][ T1295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.918661][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.963516][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.987339][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.005710][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.166083][ T5232] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  137.177323][ T5232] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  137.190709][ T5232] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  137.204397][ T5232] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  137.212040][ T5232] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  137.219316][ T5232] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  137.762873][ T5959] netlink: 'syz.4.133': attribute type 10 has an invalid length.
[  137.786804][ T5959] netlink: 55 bytes leftover after parsing attributes in process `syz.4.133'.
[  138.278768][ T5926] chnl_net:caif_netlink_parms(): no params data found
[  139.352632][ T5225] Bluetooth: hci1: command tx timeout
[  139.584096][ T5995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.138'.
[  139.650291][ T5926] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.660053][ T5926] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.270906][ T5926] bridge_slave_0: entered allmulticast mode
[  140.300241][ T5926] bridge_slave_0: entered promiscuous mode
[  140.334376][   T29] audit: type=1326 audit(1723139819.826:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5987 comm="syz.0.138" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f260a5779f9 code=0x0
[  140.358614][ T5926] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.382717][ T5267] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  140.412432][ T5926] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.438000][ T5926] bridge_slave_1: entered allmulticast mode
[  140.472450][ T5926] bridge_slave_1: entered promiscuous mode
[  140.602341][ T5267] usb 5-1: Using ep0 maxpacket: 32
[  140.624832][ T5267] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  140.659732][ T5926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.686499][ T5267] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  140.700804][ T5267] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.714407][ T5267] usb 5-1: Product: syz
[  140.719508][ T5267] usb 5-1: Manufacturer: syz
[  140.737652][ T5926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.748256][ T5267] usb 5-1: SerialNumber: syz
[  140.768015][ T5267] usb 5-1: config 0 descriptor??
[  140.788853][ T6000] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  140.817019][ T5267] hub 5-1:0.0: bad descriptor, ignoring hub
[  140.955032][ T5267] hub 5-1:0.0: probe with driver hub failed with error -5
[  141.059137][ T5267] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input11
[  141.182753][ T6000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.208707][ T6000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.438705][ T5225] Bluetooth: hci1: command tx timeout
[  141.444307][ T5225] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  141.472902][ T5225] Bluetooth: hci0: Injecting HCI hardware error event
[  141.483265][ T5232] Bluetooth: hci0: hardware error 0x00
[  141.603979][ T5926] team0: Port device team_slave_0 added
[  141.954281][ T5926] team0: Port device team_slave_1 added
[  142.317818][ T5225] Bluetooth: hci0: unexpected event for opcode 0x2031
[  143.107149][ T6032] netlink: 'syz.4.139': attribute type 10 has an invalid length.
[  143.116814][ T6032] netlink: 2 bytes leftover after parsing attributes in process `syz.4.139'.
[  143.522487][ T5225] Bluetooth: hci1: command tx timeout
[  145.602253][ T5225] Bluetooth: hci1: command tx timeout
[  145.937368][   T25] usb 5-1: USB disconnect, device number 6
[  145.937416][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  145.942173][ T5232] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  146.020288][ T5926] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.040933][ T5926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.077651][ T5926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.099705][ T6036] netlink: 'syz.4.144': attribute type 10 has an invalid length.
[  146.108784][ T6036] netlink: 55 bytes leftover after parsing attributes in process `syz.4.144'.
[  146.169385][ T5926] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.188401][ T5926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.215646][ T5926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.265232][ T6042] bridge0: port 3(vlan2) entered blocking state
[  146.290550][ T6042] bridge0: port 3(vlan2) entered disabled state
[  146.302948][ T6042] vlan2: entered allmulticast mode
[  146.311238][ T6042] vlan2: left allmulticast mode
[  146.332180][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:172.20.20.170]:2. Sending cookies.
[  146.379917][ T6046] TCP: out of memory -- consider tuning tcp_mem
[  146.400834][ T5926] hsr_slave_0: entered promiscuous mode
[  146.410933][ T5926] hsr_slave_1: entered promiscuous mode
[  146.420318][ T5926] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  146.429125][ T5926] Cannot create hsr debugfs directory
[  146.669577][ T6054] sctp: [Deprecated]: syz.4.149 (pid 6054) Use of int in max_burst socket option deprecated.
[  146.669577][ T6054] Use struct sctp_assoc_value instead
[  146.818090][ T5926] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.908527][ T5926] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.056316][ T5926] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.187728][ T5926] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.212690][ T6061] sctp: [Deprecated]: syz.0.150 (pid 6061) Use of int in max_burst socket option deprecated.
[  147.212690][ T6061] Use struct sctp_assoc_value instead
[  147.355629][ T6064] syzkaller0: tun_chr_ioctl cmd 1074025677
[  147.376950][ T6064] syzkaller0: linktype set to 0
[  147.409608][ T6060] netlink: 20 bytes leftover after parsing attributes in process `syz.2.151'.
[  147.466558][ T5926] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  147.481176][ T5926] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  147.517597][ T5926] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  147.534408][ T5926] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  147.748443][ T5926] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.799291][ T5926] 8021q: adding VLAN 0 to HW filter on device team0
[  147.844153][ T5308] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.851304][ T5308] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.890927][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.898107][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.002301][ T1171] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  148.080687][ T5926] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  148.212465][ T1171] usb 3-1: Using ep0 maxpacket: 32
[  148.242804][ T1171] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  148.281006][ T1171] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  148.325539][ T1171] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.339260][ T1171] usb 3-1: Product: syz
[  148.344559][ T1171] usb 3-1: Manufacturer: syz
[  148.349499][ T1171] usb 3-1: SerialNumber: syz
[  148.378208][ T1171] usb 3-1: config 0 descriptor??
[  148.389431][ T6068] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  148.407554][ T1171] hub 3-1:0.0: bad descriptor, ignoring hub
[  148.428488][ T1171] hub 3-1:0.0: probe with driver hub failed with error -5
[  148.468591][ T1171] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input12
[  148.540925][ T5926] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.757074][ T6080] netlink: 'syz.0.156': attribute type 10 has an invalid length.
[  148.769307][ T6080] netlink: 55 bytes leftover after parsing attributes in process `syz.0.156'.
[  148.811292][ T6068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.823505][ T6068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.842002][ T5926] veth0_vlan: entered promiscuous mode
[  148.884892][ T5926] veth1_vlan: entered promiscuous mode
[  148.984206][ T5926] veth0_macvtap: entered promiscuous mode
[  149.005954][ T5926] veth1_macvtap: entered promiscuous mode
[  149.289320][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.955477][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.972211][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.994103][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.006919][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.021544][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.036721][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.062253][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.069431][ T1171] usb 3-1: USB disconnect, device number 3
[  153.072079][    C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  153.105802][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.145698][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.185066][ T5926] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.206084][ T6086] netlink: 'syz.2.153': attribute type 10 has an invalid length.
[  153.261038][ T6086] batman_adv: batadv0: Adding interface: team0
[  153.288171][ T6086] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.373077][ T6086] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  153.399357][ T6085] netlink: 'syz.2.153': attribute type 10 has an invalid length.
[  153.411914][ T6098] sctp: [Deprecated]: syz.4.161 (pid 6098) Use of int in max_burst socket option deprecated.
[  153.411914][ T6098] Use struct sctp_assoc_value instead
[  153.431011][ T6085] netlink: 2 bytes leftover after parsing attributes in process `syz.2.153'.
[  153.444661][ T6085] team0: entered promiscuous mode
[  153.456031][ T6085] team_slave_0: entered promiscuous mode
[  153.472918][ T6085] team_slave_1: entered promiscuous mode
[  153.480164][ T6085] 8021q: adding VLAN 0 to HW filter on device team0
[  153.507887][ T6085] batman_adv: batadv0: Interface activated: team0
[  153.545606][ T6085] batman_adv: batadv0: Interface deactivated: team0
[  153.565487][ T6085] batman_adv: batadv0: Removing interface: team0
[  153.590207][ T6085] bridge0: port 3(team0) entered blocking state
[  153.753683][ T6085] bridge0: port 3(team0) entered disabled state
[  153.834906][ T6085] team0: entered allmulticast mode
[  153.856545][ T6085] team_slave_0: entered allmulticast mode
[  153.866895][ T6085] team_slave_1: entered allmulticast mode
[  153.879597][ T6085] bridge0: port 3(team0) entered blocking state
[  153.886095][ T6085] bridge0: port 3(team0) entered forwarding state
[  154.593766][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.661228][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.707987][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.742181][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.747245][ T5232] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  154.752091][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.772713][ T5232] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  154.782683][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.791117][ T5216] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  154.794154][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.806383][ T5216] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  154.820322][ T5216] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  154.828684][ T5216] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  154.848234][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.914647][ T5926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.931576][ T5926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.166988][ T5926] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.837714][ T5926] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.856354][ T5926] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.867175][ T5926] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.880485][ T5926] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.908696][ T6123] netlink: 'syz.2.167': attribute type 10 has an invalid length.
[  155.932878][ T6123] netlink: 55 bytes leftover after parsing attributes in process `syz.2.167'.
[  156.273834][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.282533][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.312499][ T5270] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  156.350840][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.358806][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.439569][ T6106] chnl_net:caif_netlink_parms(): no params data found
[  156.492547][ T5270] usb 1-1: Using ep0 maxpacket: 32
[  156.503694][ T5270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.525817][ T5270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.564603][ T5270] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  156.612411][ T5270] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.625861][ T6106] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.640818][ T6106] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.649471][   T29] audit: type=1326 audit(1723139836.136:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6138 comm="syz.1.127" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x0
[  156.673595][ T6147] sctp: [Deprecated]: syz.2.171 (pid 6147) Use of int in max_burst socket option deprecated.
[  156.673595][ T6147] Use struct sctp_assoc_value instead
[  156.689356][ T6106] bridge_slave_0: entered allmulticast mode
[  156.707080][ T5270] usb 1-1: config 0 descriptor??
[  156.718101][ T6106] bridge_slave_0: entered promiscuous mode
[  156.730688][ T5270] hub 1-1:0.0: USB hub found
[  156.748330][ T6106] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.756845][ T6106] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.769757][ T6106] bridge_slave_1: entered allmulticast mode
[  156.805274][ T6151] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  156.811811][ T6151] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  156.822850][ T6106] bridge_slave_1: entered promiscuous mode
[  156.830057][ T6151] vhci_hcd vhci_hcd.0: Device attached
[  156.906174][ T6151] netlink: 'syz.1.127': attribute type 1 has an invalid length.
[  156.914582][ T6151] netlink: 4 bytes leftover after parsing attributes in process `syz.1.127'.
[  156.939180][ T5270] hub 1-1:0.0: 1 port detected
[  156.943246][ T6151] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  156.953226][ T6151] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  156.964472][ T5216] Bluetooth: hci6: command tx timeout
[  156.964969][ T6151] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  156.985397][ T6151] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  157.038974][ T6106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.048453][ T5301] vhci_hcd: vhci_device speed not set
[  157.087333][ T6106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.132554][ T5301] usb 11-1: new full-speed USB device number 2 using vhci_hcd
[  157.209462][ T6106] team0: Port device team_slave_0 added
[  157.233742][ T6106] team0: Port device team_slave_1 added
[  157.308158][ T6106] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.319538][ T6106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.392207][ T6106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.439492][ T6106] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.454359][ T6152] vhci_hcd: connection closed
[  157.467291][ T6106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.498348][   T11] vhci_hcd: stop threads
[  157.504071][   T11] vhci_hcd: release socket
[  157.518217][   T11] vhci_hcd: disconnect device
[  157.529049][ T6106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.613675][ T5270] hub 1-1:0.0: hub_ext_port_status failed (err = -71)
[  157.614015][   T25] usb 1-1: USB disconnect, device number 2
[  157.830093][ T6106] hsr_slave_0: entered promiscuous mode
[  157.865493][ T6106] hsr_slave_1: entered promiscuous mode
[  157.874475][ T6106] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.883211][ T6106] Cannot create hsr debugfs directory
[  158.093081][ T6161] tipc: Started in network mode
[  158.098097][ T6161] tipc: Node identity 8eb2288da1d6, cluster identity 4711
[  158.107141][ T6161] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  158.127281][ T6161] 
€Â: renamed from syzkaller0
[  158.135166][ T6161] tipc: Disabling bearer <eth:syzkaller0>
[  158.214266][ T6106] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.444843][ T6106] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.793570][ T5216] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  158.802352][ T5216] Bluetooth: hci5: Injecting HCI hardware error event
[  158.810885][ T5225] Bluetooth: hci5: hardware error 0x00
[  159.033151][ T5216] Bluetooth: hci6: command tx timeout
[  159.241771][ T6106] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.320392][ T6171] tipc: Started in network mode
[  159.327308][ T6171] tipc: Node identity 2626330b4d76, cluster identity 4711
[  159.336462][ T6171] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  159.391830][ T6106] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.421808][ T6168] 
€Â: renamed from syzkaller0
[  159.441504][ T6168] tipc: Disabling bearer <eth:syzkaller0>
[  159.467315][ T6176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.177'.
[  159.488033][ T6181] netlink: 'syz.0.177': attribute type 1 has an invalid length.
[  159.499393][ T6181] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.177'.
[  159.791869][ T6186] netlink: 'syz.2.178': attribute type 10 has an invalid length.
[  159.800245][ T6186] netlink: 55 bytes leftover after parsing attributes in process `syz.2.178'.
[  159.809437][ T6106] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  159.845724][ T6106] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  159.897636][ T6106] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  159.958101][ T6106] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  160.306800][ T6106] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.381805][ T6106] 8021q: adding VLAN 0 to HW filter on device team0
[  160.408235][ T6201] netlink: 'syz.0.181': attribute type 4 has an invalid length.
[  160.416058][ T6201] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.181'.
[  160.954137][ T5225] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  161.123068][ T5225] Bluetooth: hci6: command tx timeout
[  161.171086][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.178476][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.188743][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.195932][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.242910][ T6200] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  161.299201][ T6200] input: syz0 as /devices/virtual/input/input13
[  162.555959][ T5301] vhci_hcd: vhci_device speed not set
[  162.587009][ T6106] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.609360][ T6216] netlink: 12 bytes leftover after parsing attributes in process `syz.2.185'.
[  162.809814][   T29] audit: type=1326 audit(1723139842.296:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6211 comm="syz.2.185" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30ad7779f9 code=0x0
[  162.846703][ T6106] veth0_vlan: entered promiscuous mode
[  162.967825][ T6106] veth1_vlan: entered promiscuous mode
[  163.108348][ T6106] veth0_macvtap: entered promiscuous mode
[  163.180919][ T6106] veth1_macvtap: entered promiscuous mode
[  163.192602][ T5225] Bluetooth: hci6: command tx timeout
[  163.248052][ T6229] FAULT_INJECTION: forcing a failure.
[  163.248052][ T6229] name failslab, interval 1, probability 0, space 0, times 0
[  163.312248][ T6229] CPU: 0 UID: 0 PID: 6229 Comm: syz.1.187 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  163.322877][ T6229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  163.323197][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.332925][ T6229] Call Trace:
[  163.332936][ T6229]  <TASK>
[  163.332945][ T6229]  dump_stack_lvl+0x241/0x360
[  163.332996][ T6229]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.333021][ T6229]  ? __pfx__printk+0x10/0x10
[  163.333047][ T6229]  ? kmem_cache_alloc_lru_noprof+0x49/0x2b0
[  163.358308][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.359505][ T6229]  ? __pfx___might_resched+0x10/0x10
[  163.359533][ T6229]  ? __asan_memset+0x23/0x50
[  163.365924][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.369967][ T6229]  should_fail_ex+0x3b0/0x4e0
[  163.369995][ T6229]  ? __d_alloc+0x31/0x700
[  163.370017][ T6229]  should_failslab+0xac/0x100
[  163.370039][ T6229]  ? __d_alloc+0x31/0x700
[  163.370062][ T6229]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[  163.370090][ T6229]  __d_alloc+0x31/0x700
[  163.370118][ T6229]  d_alloc_pseudo+0x1f/0xb0
[  163.370141][ T6229]  alloc_file_pseudo+0x123/0x290
[  163.370169][ T6229]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  163.370190][ T6229]  ? tipc_node_get_capabilities+0xef/0x130
[  163.370224][ T6229]  sock_alloc_file+0xb8/0x290
[  163.370251][ T6229]  __sys_socketpair+0x4f9/0x720
[  163.370282][ T6229]  ? __pfx___sys_socketpair+0x10/0x10
[  163.370306][ T6229]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  163.370333][ T6229]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  163.370358][ T6229]  ? do_syscall_64+0x100/0x230
[  163.370386][ T6229]  __x64_sys_socketpair+0x9b/0xb0
[  163.370414][ T6229]  do_syscall_64+0xf3/0x230
[  163.370439][ T6229]  ? clear_bhb_loop+0x35/0x90
[  163.370461][ T6229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.370487][ T6229] RIP: 0033:0x7fb72cf779f9
[  163.370505][ T6229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.370528][ T6229] RSP: 002b:00007fb72dd63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  163.370550][ T6229] RAX: ffffffffffffffda RBX: 00007fb72d105f80 RCX: 00007fb72cf779f9
[  163.370564][ T6229] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  163.370576][ T6229] RBP: 00007fb72dd63090 R08: 0000000000000000 R09: 0000000000000000
[  163.370588][ T6229] R10: 0000000020000940 R11: 0000000000000246 R12: 0000000000000002
[  163.370600][ T6229] R13: 0000000000000000 R14: 00007fb72d105f80 R15: 00007ffd4c471fb8
[  163.370630][ T6229]  </TASK>
[  163.593585][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.603760][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.614594][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.624768][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.635790][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.658874][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.748679][ T6232] trusted_key: syz.0.188 sent an empty control message without MSG_MORE.
[  163.753089][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.781174][ T6235] netlink: 'syz.1.189': attribute type 4 has an invalid length.
[  163.782086][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.797448][ T6235] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.189'.
[  163.799428][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.157688][ T6106] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.533728][ T6236] capability: warning: `syz.0.188' uses deprecated v2 capabilities in a way that may be insecure
[  164.547427][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.579519][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.589767][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.601762][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.613435][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.652973][ T6236] netlink: 72 bytes leftover after parsing attributes in process `syz.0.188'.
[  164.662156][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.662170][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.662185][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.662195][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.662207][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.662220][ T6106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.728539][ T6106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.761344][ T6106] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.833475][ T6242] netlink: 'syz.1.191': attribute type 10 has an invalid length.
[  164.866975][ T6242] netlink: 55 bytes leftover after parsing attributes in process `syz.1.191'.
[  164.959204][ T6106] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.992543][ T6106] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.001278][ T6106] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.019978][ T6106] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.844579][ T5636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.858391][ T5636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.902570][ T1295] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.064170][ T1295] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.424198][ T6263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.197'.
[  166.701628][ T6259] netlink: 8 bytes leftover after parsing attributes in process `syz.2.197'.
[  166.919219][ T6259] netlink: 12 bytes leftover after parsing attributes in process `syz.2.197'.
[  167.232981][ T6274] netlink: 'syz.2.200': attribute type 4 has an invalid length.
[  167.240751][ T6274] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.200'.
[  167.294370][ T5308] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  167.980450][ T6273] netlink: 12 bytes leftover after parsing attributes in process `syz.1.199'.
[  168.226986][   T29] audit: type=1326 audit(1723139847.716:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6268 comm="syz.1.199" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x0
[  168.291546][ T5308] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  168.302548][ T5216] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  168.316492][ T5216] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  168.325967][ T5216] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  168.334167][ T5216] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  168.341955][ T5216] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  168.349548][ T5216] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  168.414324][ T5308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  168.456080][ T5308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  168.466544][ T6283] netlink: 'syz.2.201': attribute type 10 has an invalid length.
[  168.476349][ T6283] netlink: 55 bytes leftover after parsing attributes in process `syz.2.201'.
[  168.533324][ T5308] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  168.606910][ T5308] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  168.622478][ T5308] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.690275][ T5308] usb 4-1: config 0 descriptor??
[  168.701761][ T6292] FAULT_INJECTION: forcing a failure.
[  168.701761][ T6292] name failslab, interval 1, probability 0, space 0, times 0
[  168.791070][ T6292] CPU: 1 UID: 0 PID: 6292 Comm: syz.1.204 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  168.801706][ T6292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  168.811770][ T6292] Call Trace:
[  168.815062][ T6292]  <TASK>
[  168.818006][ T6292]  dump_stack_lvl+0x241/0x360
[  168.822713][ T6292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.827936][ T6292]  ? __pfx__printk+0x10/0x10
[  168.832551][ T6292]  ? ref_tracker_alloc+0x332/0x490
[  168.837685][ T6292]  should_fail_ex+0x3b0/0x4e0
[  168.842378][ T6292]  ? skb_clone+0x20c/0x390
[  168.846810][ T6292]  should_failslab+0xac/0x100
[  168.850675][ T6299] 9pnet_fd: Insufficient options for proto=fd
[  168.851487][ T6292]  ? skb_clone+0x20c/0x390
[  168.851531][ T6292]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  168.867361][ T6292]  skb_clone+0x20c/0x390
[  168.871622][ T6292]  __netlink_deliver_tap+0x3cc/0x7c0
[  168.876937][ T6292]  ? netlink_deliver_tap+0x2e/0x1b0
[  168.882154][ T6292]  netlink_deliver_tap+0x19d/0x1b0
[  168.887287][ T6292]  netlink_sendskb+0x68/0x140
[  168.891985][ T6292]  netlink_unicast+0x39d/0x990
[  168.896767][ T6292]  ? __asan_memcpy+0x40/0x70
[  168.901379][ T6292]  ? __pfx_netlink_unicast+0x10/0x10
[  168.906694][ T6292]  netlink_rcv_skb+0x262/0x430
[  168.911480][ T6292]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  168.916957][ T6292]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  168.922277][ T6292]  ? safesetid_security_capable+0xb2/0x1d0
[  168.928106][ T6292]  ? bpf_lsm_capable+0x9/0x10
[  168.932793][ T6292]  ? security_capable+0x90/0xb0
[  168.937671][ T6292]  nfnetlink_rcv+0x297/0x2a90
[  168.942368][ T6292]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  168.948109][ T6292]  ? __dev_queue_xmit+0x2da/0x3e90
[  168.953235][ T6292]  ? __dev_queue_xmit+0x1763/0x3e90
[  168.958449][ T6292]  ? kasan_save_track+0x51/0x80
[  168.963320][ T6292]  ? do_syscall_64+0xf3/0x230
[  168.968020][ T6292]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  168.973146][ T6292]  ? __dev_queue_xmit+0x2da/0x3e90
[  168.978278][ T6292]  ? __pfx___dev_queue_xmit+0x10/0x10
[  168.983682][ T6292]  ? ref_tracker_free+0x643/0x7e0
[  168.988723][ T6292]  ? __asan_memcpy+0x40/0x70
[  168.993325][ T6292]  ? __pfx_ref_tracker_free+0x10/0x10
[  168.998729][ T6292]  ? netlink_deliver_tap+0x2e/0x1b0
[  169.003948][ T6292]  ? skb_clone+0x240/0x390
[  169.008380][ T6292]  ? __pfx_lock_release+0x10/0x10
[  169.008991][ T6278] chnl_net:caif_netlink_parms(): no params data found
[  169.013403][ T6292]  ? __netlink_deliver_tap+0x77e/0x7c0
[  169.013442][ T6292]  ? netlink_deliver_tap+0x2e/0x1b0
[  169.013470][ T6292]  netlink_unicast+0x7f0/0x990
[  169.035619][ T6292]  ? __pfx_netlink_unicast+0x10/0x10
[  169.040923][ T6292]  ? __virt_addr_valid+0x183/0x530
[  169.046055][ T6292]  ? __check_object_size+0x49c/0x900
[  169.051356][ T6292]  ? bpf_lsm_netlink_send+0x9/0x10
[  169.056486][ T6292]  netlink_sendmsg+0x8e4/0xcb0
[  169.061288][ T6292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.066586][ T6292]  ? __import_iovec+0x536/0x820
[  169.071457][ T6292]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  169.076757][ T6292]  ? security_socket_sendmsg+0x87/0xb0
[  169.082225][ T6292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.087524][ T6292]  __sock_sendmsg+0x221/0x270
[  169.092224][ T6292]  ____sys_sendmsg+0x525/0x7d0
[  169.097015][ T6292]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.102333][ T6292]  __sys_sendmsg+0x2b0/0x3a0
[  169.106943][ T6292]  ? __pfx___sys_sendmsg+0x10/0x10
[  169.112070][ T6292]  ? vfs_write+0x7c4/0xc90
[  169.116518][ T6292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  169.122856][ T6292]  ? do_syscall_64+0x100/0x230
[  169.127626][ T6292]  ? do_syscall_64+0xb6/0x230
[  169.132313][ T6292]  do_syscall_64+0xf3/0x230
[  169.136837][ T6292]  ? clear_bhb_loop+0x35/0x90
[  169.141535][ T6292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.147450][ T6292] RIP: 0033:0x7fb72cf779f9
[  169.151885][ T6292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.155113][ T5308] usbhid 4-1:0.0: can't add hid device: -71
[  169.171483][ T6292] RSP: 002b:00007fb72dd63038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.171515][ T6292] RAX: ffffffffffffffda RBX: 00007fb72d105f80 RCX: 00007fb72cf779f9
[  169.171530][ T6292] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  169.171541][ T6292] RBP: 00007fb72dd63090 R08: 0000000000000000 R09: 0000000000000000
[  169.171552][ T6292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  169.171564][ T6292] R13: 0000000000000000 R14: 00007fb72d105f80 R15: 00007ffd4c471fb8
[  169.171592][ T6292]  </TASK>
[  169.182784][ T5308] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  170.122948][ T6305] netlink: 16 bytes leftover after parsing attributes in process `syz.0.206'.
[  170.132759][ T6305] netlink: 52 bytes leftover after parsing attributes in process `syz.0.206'.
[  170.141633][ T6305] netlink: 24 bytes leftover after parsing attributes in process `syz.0.206'.
[  170.151110][ T6305] vlan0: entered allmulticast mode
[  170.158194][ T6305] veth0_vlan: entered allmulticast mode
[  170.310611][ T5308] usb 4-1: USB disconnect, device number 3
[  170.392436][ T5225] Bluetooth: hci7: command tx timeout
[  170.498428][ T6320] netlink: 'syz.3.210': attribute type 4 has an invalid length.
[  170.506301][ T6320] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.210'.
[  171.955949][ T6318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.208'.
[  171.983985][ T6324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.208'.
[  172.039061][ T6324] netlink: 20 bytes leftover after parsing attributes in process `syz.0.208'.
[  172.088594][ T6278] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.122346][ T6278] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.148887][ T6278] bridge_slave_0: entered allmulticast mode
[  172.163578][ T6337] netlink: 12 bytes leftover after parsing attributes in process `syz.1.213'.
[  172.192080][ T6278] bridge_slave_0: entered promiscuous mode
[  172.211441][ T6278] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.245526][ T6278] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.273692][ T6278] bridge_slave_1: entered allmulticast mode
[  172.482227][ T5225] Bluetooth: hci7: command tx timeout
[  173.133068][ T6278] bridge_slave_1: entered promiscuous mode
[  173.181533][   T29] audit: type=1326 audit(1723139852.666:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6333 comm="syz.1.213" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x0
[  173.329050][ T6278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  173.378918][ T6278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  173.649829][ T6278] team0: Port device team_slave_0 added
[  173.783057][ T6278] team0: Port device team_slave_1 added
[  174.512222][ T5308] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  174.606842][ T5225] Bluetooth: hci7: command tx timeout
[  174.653339][ T6278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.660294][ T6278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.227645][ T6278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.457137][ T6278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.608284][ T6278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.709276][ T6278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.524472][ T5308] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  176.538507][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  176.557682][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  176.567495][ T5308] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  176.584870][ T6385] netlink: 'syz.1.221': attribute type 4 has an invalid length.
[  176.584908][ T5308] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  176.601783][ T6385] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.221'.
[  176.602146][ T5308] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.652863][ T5225] Bluetooth: hci7: command tx timeout
[  176.732067][ T5308] usb 1-1: config 0 descriptor??
[  176.833544][ T6278] hsr_slave_0: entered promiscuous mode
[  176.853042][ T6278] hsr_slave_1: entered promiscuous mode
[  176.862890][ T5308] usbhid 1-1:0.0: can't add hid device: -71
[  176.868901][ T5308] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  176.898715][ T6278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.913367][ T6278] Cannot create hsr debugfs directory
[  176.950898][ T5308] usb 1-1: USB disconnect, device number 3
[  178.208103][ T6404] netlink: 12 bytes leftover after parsing attributes in process `syz.3.229'.
[  178.217157][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  178.252833][ T5308] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  178.972311][    T9] usb 2-1: device descriptor read/64, error -71
[  179.001091][ T6278] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.012949][ T6278] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  179.044850][   T29] audit: type=1326 audit(1723139858.536:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6402 comm="syz.3.229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd4485779f9 code=0x0
[  179.170632][ T6278] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.182292][ T5308] usb 1-1: Using ep0 maxpacket: 16
[  179.197004][ T6278] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  179.199186][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.248879][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.286556][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  179.310213][ T5308] usb 1-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  179.333240][ T5308] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.381074][ T5308] usb 1-1: config 0 descriptor??
[  179.396068][ T6278] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.430068][ T6278] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  179.669297][ T6422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.704834][ T6278] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.714392][    T9] usb 2-1: device descriptor read/64, error -71
[  179.717271][ T6422] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.770231][ T6278] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  179.836352][    T9] usb usb2-port1: attempt power cycle
[  180.530958][ T5308] usbhid 1-1:0.0: can't add hid device: -71
[  180.541029][ T5308] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  180.561451][ T5308] usb 1-1: USB disconnect, device number 4
[  180.592286][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  180.671704][    T9] usb 2-1: device descriptor read/8, error -71
[  180.765746][ T6433] netlink: 'syz.0.234': attribute type 4 has an invalid length.
[  180.773780][ T6433] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.234'.
[  181.024674][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  181.532248][    T9] usb 2-1: device descriptor read/8, error -71
[  181.594692][ T6278] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  181.657012][ T6278] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  181.678255][ T6278] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  181.702611][    T9] usb usb2-port1: unable to enumerate USB device
[  181.703348][ T6278] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  182.436342][ T6278] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.511610][ T6278] 8021q: adding VLAN 0 to HW filter on device team0
[  182.842747][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.849952][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.464938][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.472052][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.483199][ T6462] netlink: 12 bytes leftover after parsing attributes in process `syz.1.241'.
[  183.750719][   T29] audit: type=1326 audit(1723139863.236:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6453 comm="syz.1.241" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x0
[  183.808230][ T6473] FAULT_INJECTION: forcing a failure.
[  183.808230][ T6473] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  183.895034][ T6473] CPU: 0 UID: 0 PID: 6473 Comm: syz.3.243 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  183.905636][ T6473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  183.915681][ T6473] Call Trace:
[  183.918949][ T6473]  <TASK>
[  183.921867][ T6473]  dump_stack_lvl+0x241/0x360
[  183.926547][ T6473]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.931738][ T6473]  ? __pfx__printk+0x10/0x10
[  183.936325][ T6473]  ? __pfx_lock_release+0x10/0x10
[  183.941344][ T6473]  should_fail_ex+0x3b0/0x4e0
[  183.946015][ T6473]  _copy_from_user+0x2f/0xe0
[  183.950599][ T6473]  memdup_user+0x64/0xc0
[  183.954833][ T6473]  strndup_user+0x68/0xc0
[  183.959325][ T6473]  __se_sys_mount+0xe2/0x3c0
[  183.964003][ T6473]  ? __pfx_bpf_trace_run2+0x10/0x10
[  183.969193][ T6473]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  183.975169][ T6473]  ? __pfx___se_sys_mount+0x10/0x10
[  183.980358][ T6473]  ? rcu_is_watching+0x15/0xb0
[  183.985117][ T6473]  ? __x64_sys_mount+0x20/0xc0
[  183.989871][ T6473]  do_syscall_64+0xf3/0x230
[  183.994368][ T6473]  ? clear_bhb_loop+0x35/0x90
[  183.999038][ T6473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.004927][ T6473] RIP: 0033:0x7fd4485779f9
[  184.009345][ T6473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.028944][ T6473] RSP: 002b:00007fd44932a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  184.037362][ T6473] RAX: ffffffffffffffda RBX: 00007fd448705f80 RCX: 00007fd4485779f9
[  184.045326][ T6473] RDX: 0000000020000000 RSI: 0000000020000a00 RDI: 0000000020000040
[  184.053287][ T6473] RBP: 00007fd44932a090 R08: 0000000020000a80 R09: 0000000000000000
[  184.061248][ T6473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.069210][ T6473] R13: 0000000000000000 R14: 00007fd448705f80 R15: 00007ffd06fcbe48
[  184.077184][ T6473]  </TASK>
[  184.445329][ T6491] netlink: 'syz.2.247': attribute type 4 has an invalid length.
[  184.453238][ T6491] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.247'.
[  185.630423][ T6496] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  185.638272][ T6496] audit: out of memory in audit_log_start
[  185.642235][   T29] audit: type=1326 audit(1723139865.096:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  185.747730][   T29] audit: type=1326 audit(1723139865.096:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  185.802344][   T29] audit: type=1326 audit(1723139865.096:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  185.820212][ T6278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  185.871004][   T29] audit: type=1326 audit(1723139865.096:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  186.431705][   T29] audit: type=1326 audit(1723139865.096:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  186.663962][   T29] audit: type=1326 audit(1723139865.096:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  186.692220][   T29] audit: type=1326 audit(1723139865.106:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72cf779f9 code=0x7ffc0000
[  186.782366][   T29] audit: type=1326 audit(1723139865.116:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6492 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb72cf76390 code=0x7ffc0000
[  186.808542][ T6505] FAULT_INJECTION: forcing a failure.
[  186.808542][ T6505] name failslab, interval 1, probability 0, space 0, times 0
[  186.852077][ T6505] CPU: 1 UID: 0 PID: 6505 Comm: syz.0.251 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  186.862713][ T6505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  186.872780][ T6505] Call Trace:
[  186.876075][ T6505]  <TASK>
[  186.879018][ T6505]  dump_stack_lvl+0x241/0x360
[  186.883723][ T6505]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.888943][ T6505]  ? __pfx__printk+0x10/0x10
[  186.893565][ T6505]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  186.899047][ T6505]  ? __pfx___might_resched+0x10/0x10
[  186.904360][ T6505]  should_fail_ex+0x3b0/0x4e0
[  186.909060][ T6505]  should_failslab+0xac/0x100
[  186.913786][ T6505]  ? ima_calc_file_hash+0xab7/0x1b30
[  186.919160][ T6505]  __kmalloc_cache_noprof+0x6c/0x2c0
[  186.924449][ T6505]  ima_calc_file_hash+0xab7/0x1b30
[  186.929568][ T6505]  ? __pfx_fuse_update_get_attr+0x10/0x10
[  186.935293][ T6505]  ? __pfx_ima_calc_file_hash+0x10/0x10
[  186.940872][ T6505]  ? __pfx_fuse_simple_request+0x10/0x10
[  186.946497][ T6505]  ? __pfx_autoremove_wake_function+0x10/0x10
[  186.952562][ T6505]  ? __lock_acquire+0x137a/0x2040
[  186.957582][ T6505]  ? fuse_allow_current_process+0x1eb/0x3c0
[  186.963472][ T6505]  ima_collect_measurement+0x526/0xb20
[  186.968934][ T6505]  ? __pfx_ima_collect_measurement+0x10/0x10
[  186.974904][ T6505]  ? __mutex_trylock_common+0x183/0x2e0
[  186.980448][ T6505]  ? trace_contention_end+0x3c/0x120
[  186.985717][ T6505]  ? __mutex_lock+0x2ef/0xd70
[  186.990395][ T6505]  ? ima_get_hash_algo+0x156/0x4d0
[  186.995495][ T6505]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  187.000950][ T6505]  process_measurement+0x1357/0x1fb0
[  187.006246][ T6505]  ? __pfx_process_measurement+0x10/0x10
[  187.011866][ T6505]  ? fuse_file_open+0x791/0xb30
[  187.016732][ T6505]  ? fuse_file_io_open+0xf9/0x250
[  187.021767][ T6505]  ? smack_current_getsecid_subj+0x22/0xf0
[  187.027569][ T6505]  ima_file_check+0xf2/0x170
[  187.032153][ T6505]  ? do_dentry_open+0xe3f/0x1440
[  187.037092][ T6505]  ? __pfx_ima_file_check+0x10/0x10
[  187.042287][ T6505]  security_file_post_open+0x6d/0xa0
[  187.047565][ T6505]  path_openat+0x2b91/0x3470
[  187.052162][ T6505]  ? __pfx_stack_trace_save+0x10/0x10
[  187.057536][ T6505]  ? __lock_acquire+0x137a/0x2040
[  187.062562][ T6505]  ? __pfx_path_openat+0x10/0x10
[  187.067505][ T6505]  do_filp_open+0x235/0x490
[  187.072001][ T6505]  ? __pfx_do_filp_open+0x10/0x10
[  187.077032][ T6505]  ? _raw_spin_unlock+0x28/0x50
[  187.081870][ T6505]  ? alloc_fd+0x5a1/0x640
[  187.086200][ T6505]  do_sys_openat2+0x13e/0x1d0
[  187.090867][ T6505]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  187.096861][ T6505]  ? __pfx_do_sys_openat2+0x10/0x10
[  187.102060][ T6505]  ? __fget_files+0x3f6/0x470
[  187.106738][ T6505]  __x64_sys_open+0x225/0x270
[  187.111408][ T6505]  ? __pfx___x64_sys_open+0x10/0x10
[  187.116602][ T6505]  ? do_syscall_64+0x100/0x230
[  187.121368][ T6505]  ? do_syscall_64+0xb6/0x230
[  187.126044][ T6505]  do_syscall_64+0xf3/0x230
[  187.130549][ T6505]  ? clear_bhb_loop+0x35/0x90
[  187.135224][ T6505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.141123][ T6505] RIP: 0033:0x7f260a5779f9
[  187.145536][ T6505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.165135][ T6505] RSP: 002b:00007f260b288038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  187.173541][ T6505] RAX: ffffffffffffffda RBX: 00007f260a705f80 RCX: 00007f260a5779f9
[  187.181500][ T6505] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[  187.189458][ T6505] RBP: 00007f260b288090 R08: 0000000000000000 R09: 0000000000000000
[  187.197416][ T6505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  187.205375][ T6505] R13: 0000000000000000 R14: 00007f260a705f80 R15: 00007ffe6cfd77b8
[  187.213346][ T6505]  </TASK>
[  187.590749][ T6278] veth0_vlan: entered promiscuous mode
[  187.657270][ T6278] veth1_vlan: entered promiscuous mode
[  187.703186][ T6531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.255'.
[  187.737472][ T6532] sctp: [Deprecated]: syz.1.256 (pid 6532) Use of int in max_burst socket option deprecated.
[  187.737472][ T6532] Use struct sctp_assoc_value instead
[  187.776409][ T6278] veth0_macvtap: entered promiscuous mode
[  187.821759][ T6278] veth1_macvtap: entered promiscuous mode
[  187.924344][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.939000][ T6540] FAULT_INJECTION: forcing a failure.
[  187.939000][ T6540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.984328][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.011474][ T6540] CPU: 1 UID: 0 PID: 6540 Comm: syz.2.257 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  188.022074][ T6540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  188.032111][ T6540] Call Trace:
[  188.035381][ T6540]  <TASK>
[  188.038293][ T6540]  dump_stack_lvl+0x241/0x360
[  188.042964][ T6540]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.048158][ T6540]  ? __pfx__printk+0x10/0x10
[  188.052757][ T6540]  ? snprintf+0xda/0x120
[  188.056984][ T6540]  should_fail_ex+0x3b0/0x4e0
[  188.061641][ T6540]  _copy_to_user+0x2f/0xb0
[  188.066044][ T6540]  simple_read_from_buffer+0xca/0x150
[  188.071401][ T6540]  proc_fail_nth_read+0x1e9/0x250
[  188.076410][ T6540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  188.081939][ T6540]  ? rw_verify_area+0x520/0x6b0
[  188.086773][ T6540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  188.092304][ T6540]  vfs_read+0x204/0xbc0
[  188.096435][ T6540]  ? __pfx_lock_release+0x10/0x10
[  188.101441][ T6540]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  188.107325][ T6540]  ? __pfx_vfs_read+0x10/0x10
[  188.111981][ T6540]  ? __fget_files+0x29/0x470
[  188.116552][ T6540]  ? __fget_files+0x3f6/0x470
[  188.121218][ T6540]  ksys_read+0x1a0/0x2c0
[  188.125444][ T6540]  ? __pfx_ksys_read+0x10/0x10
[  188.130184][ T6540]  ? do_syscall_64+0x100/0x230
[  188.134936][ T6540]  ? do_syscall_64+0xb6/0x230
[  188.139594][ T6540]  do_syscall_64+0xf3/0x230
[  188.144080][ T6540]  ? clear_bhb_loop+0x35/0x90
[  188.148736][ T6540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.154617][ T6540] RIP: 0033:0x7f30ad77643c
[  188.159016][ T6540] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  188.178597][ T6540] RSP: 002b:00007f30ad1de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  188.186988][ T6540] RAX: ffffffffffffffda RBX: 00007f30ad906058 RCX: 00007f30ad77643c
[  188.194939][ T6540] RDX: 000000000000000f RSI: 00007f30ad1de0a0 RDI: 0000000000000007
[  188.202893][ T6540] RBP: 00007f30ad1de090 R08: 0000000000000000 R09: 0000000000000000
[  188.210845][ T6540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.218795][ T6540] R13: 0000000000000000 R14: 00007f30ad906058 R15: 00007ffefc077008
[  188.226753][ T6540]  </TASK>
[  188.304532][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.343067][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.370805][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.391940][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.402562][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.413641][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.423905][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.486194][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.512188][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.553113][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.595730][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.633342][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.654194][ T6278] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.716539][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.741139][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.781838][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.822170][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.846643][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.892146][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.912269][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  188.939553][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.340423][    T9] usb 3-1: Using ep0 maxpacket: 32
[  189.362090][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  189.404908][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.691141][    T9] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  189.705232][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.755684][    T9] usb 3-1: Product: syz
[  189.756118][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.770830][    T9] usb 3-1: Manufacturer: syz
[  189.777587][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.780179][    T9] usb 3-1: SerialNumber: syz
[  189.787943][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.807174][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.817878][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.828842][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.850281][    T9] usb 3-1: config 0 descriptor??
[  189.852242][ T6278] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.868512][ T6547] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  189.887875][ T6278] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.902754][    T9] hub 3-1:0.0: bad descriptor, ignoring hub
[  189.913354][ T6278] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.918383][    T9] hub 3-1:0.0: probe with driver hub failed with error -5
[  189.952922][ T6278] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.954930][    T9] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input14
[  189.967342][ T6278] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.002301][ T5220] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  190.216211][ T5220] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.259010][ T5220] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  190.303133][ T5220] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.361855][ T5220] usb 1-1: config 0 descriptor??
[  190.383753][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.422183][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.453310][ T5220] pwc: Askey VC010 type 2 USB webcam detected.
[  190.553930][ T6547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.568007][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.572708][ T6547] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.627959][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.665488][ T6547] netlink: 'syz.2.259': attribute type 10 has an invalid length.
[  190.687644][ T6547] bridge0: port 3(team0) entered disabled state
[  190.733228][ T5220] pwc: send_video_command error -71
[  190.741592][ T5220] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  190.757737][ T6547] team0: left allmulticast mode
[  190.763125][ T6547] team_slave_0: left allmulticast mode
[  190.768613][ T6547] team_slave_1: left allmulticast mode
[  190.774145][ T6547] team0: left promiscuous mode
[  190.778928][ T6547] team_slave_0: left promiscuous mode
[  190.784669][ T6547] team_slave_1: left promiscuous mode
[  190.791190][ T6547] bridge0: port 3(team0) entered disabled state
[  190.820768][ T6547] batman_adv: batadv0: Adding interface: team0
[  190.827020][ T6547] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.852236][ T6547] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  190.874087][ T5220] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  190.901582][ T6578] sctp: [Deprecated]: syz.3.267 (pid 6578) Use of int in max_burst socket option deprecated.
[  190.901582][ T6578] Use struct sctp_assoc_value instead
[  190.912497][ T5220] usb 1-1: USB disconnect, device number 5
[  190.962215][ T6573] netlink: 'syz.2.259': attribute type 10 has an invalid length.
[  191.008480][ T6573] netlink: 2 bytes leftover after parsing attributes in process `syz.2.259'.
[  191.037495][ T6573] team0: entered promiscuous mode
[  191.044656][ T6573] team_slave_0: entered promiscuous mode
[  191.089476][ T6573] team_slave_1: entered promiscuous mode
[  191.156215][ T6573] 8021q: adding VLAN 0 to HW filter on device team0
[  191.180899][ T6573] batman_adv: batadv0: Interface activated: team0
[  191.188853][ T6573] batman_adv: batadv0: Interface deactivated: team0
[  191.198509][ T6573] batman_adv: batadv0: Removing interface: team0
[  191.209768][ T6573] bridge0: port 3(team0) entered blocking state
[  191.217278][ T6573] bridge0: port 3(team0) entered disabled state
[  191.238145][ T6573] team0: entered allmulticast mode
[  191.281911][ T6573] team_slave_0: entered allmulticast mode
[  191.285853][ T6584] netlink: 4 bytes leftover after parsing attributes in process `syz.4.196'.
[  191.346018][ T6573] team_slave_1: entered allmulticast mode
[  191.404697][ T6573] bridge0: port 3(team0) entered blocking state
[  191.411076][ T6573] bridge0: port 3(team0) entered forwarding state
[  191.434164][    C0] ------------[ cut here ]------------
[  191.440106][    C0] WARNING: CPU: 0 PID: 6584 at kernel/kcov.c:871 kcov_remote_start+0x5a2/0x7e0
[  191.449081][    C0] Modules linked in:
[  191.452966][    C0] CPU: 0 UID: 0 PID: 6584 Comm: syz.4.196 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  191.463538][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  191.473578][    C0] RIP: 0010:kcov_remote_start+0x5a2/0x7e0
[  191.479292][    C0] Code: 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 a6 01 00 00 41 f7 c6 00 02 00 00 0f 84 93 fa ff ff fb e9 8d fa ff ff 90 <0f> 0b 90 e8 96 d2 19 0a 89 c0 48 c7 c7 c8 d4 02 00 48 03 3c c5 40
[  191.498882][    C0] RSP: 0018:ffffc90000006470 EFLAGS: 00010002
[  191.504935][    C0] RAX: 0000000080010303 RBX: ffff888023783c00 RCX: 0000000000000002
[  191.512892][    C0] RDX: dffffc0000000000 RSI: ffffffff8beae6e0 RDI: ffffffff8c3f8b40
[  191.520843][    C0] RBP: 0100000000000003 R08: ffffffff934ee877 R09: 1ffffffff269dd0e
[  191.528797][    C0] R10: dffffc0000000000 R11: fffffbfff269dd0f R12: ffffffff81937ffe
[  191.536757][    C0] R13: ffff88802d4c1000 R14: 0000000000000006 R15: ffff8880b922d4c8
[  191.544714][    C0] FS:  00007f72f90c66c0(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
[  191.553624][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  191.560187][    C0] CR2: 0000000000000000 CR3: 000000007fdb2000 CR4: 00000000003506f0
[  191.568144][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  191.576102][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  191.584054][    C0] Call Trace:
[  191.587315][    C0]  <IRQ>
[  191.590140][    C0]  ? __warn+0x163/0x4e0
[  191.594281][    C0]  ? kcov_remote_start+0x5a2/0x7e0
[  191.599378][    C0]  ? report_bug+0x2b3/0x500
[  191.603865][    C0]  ? kcov_remote_start+0x5a2/0x7e0
[  191.608960][    C0]  ? handle_bug+0x3e/0x70
[  191.613267][    C0]  ? exc_invalid_op+0x1a/0x50
[  191.617923][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[  191.622931][    C0]  ? kcov_remote_start+0x9e/0x7e0
[  191.627940][    C0]  ? kcov_remote_start+0x5a2/0x7e0
[  191.633038][    C0]  ? usb_unanchor_urb+0xa3/0xc0
[  191.637868][    C0]  ? usb_anchor_suspend_wakeups+0x3a/0x40
[  191.643575][    C0]  __usb_hcd_giveback_urb+0x405/0x6e0
[  191.648939][    C0]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  191.654820][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  191.660005][    C0]  dummy_timer+0x830/0x45a0
[  191.664500][    C0]  ? __pfx_lock_release+0x10/0x10
[  191.669517][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  191.675829][    C0]  ? __hrtimer_run_queues+0x477/0xd50
[  191.681181][    C0]  ? __pfx_lock_release+0x10/0x10
[  191.686194][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  191.691376][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  191.696299][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  191.701218][    C0]  __hrtimer_run_queues+0x59b/0xd50
[  191.706397][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  191.712372][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  191.718077][    C0]  hrtimer_interrupt+0x396/0x990
[  191.723009][    C0]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  191.728972][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  191.734608][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  191.740600][    C0] RIP: 0010:___slab_alloc+0x4f7/0x14b0
[  191.746048][    C0] Code: e9 78 fb ff ff e8 09 28 c1 09 f7 c3 00 02 00 00 74 18 e9 8e fe ff ff 48 c7 43 10 00 00 00 00 4c 89 ff 48 89 de e8 f9 15 00 00 <49> 83 7c 24 18 00 0f 84 89 06 00 00 48 c7 44 24 60 00 00 00 00 9c
[  191.765635][    C0] RSP: 0018:ffffc90000006c08 EFLAGS: 00000206
[  191.771681][    C0] RAX: 09d4614a61cef000 RBX: 0000000000000246 RCX: ffffffff81702e4a
[  191.779634][    C0] RDX: dffffc0000000000 RSI: ffffffff8bead560 RDI: ffffffff8c3f8b40
[  191.787594][    C0] RBP: ffff8880b9242c80 R08: ffffffff934ee8c7 R09: 1ffffffff269dd18
[  191.795547][    C0] R10: dffffc0000000000 R11: fffffbfff269dd19 R12: ffff8880b9242c60
[  191.803503][    C0] R13: ffff888023783c00 R14: 00000000ffffffff R15: ffff888015442140
[  191.811459][    C0]  ? mark_lock+0x9a/0x350
[  191.815783][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  191.820964][    C0]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[  191.826933][    C0]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[  191.832909][    C0]  __slab_alloc+0x58/0xa0
[  191.837253][    C0]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[  191.843255][    C0]  __kmalloc_noprof+0x25a/0x400
[  191.848097][    C0]  ? stack_depot_save_flags+0x6e4/0x830
[  191.853629][    C0]  ieee802_11_parse_elems_full+0xdb/0x2880
[  191.859425][    C0]  ? kasan_save_track+0x51/0x80
[  191.864259][    C0]  ? kasan_save_track+0x3f/0x80
[  191.869091][    C0]  ? __kmalloc_noprof+0x1fc/0x400
[  191.874098][    C0]  ? __cfg80211_bss_update+0x1a5/0x2170
[  191.879629][    C0]  ? cfg80211_inform_single_bss_data+0xd51/0x2030
[  191.886028][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  191.891819][    C0]  ? cfg80211_inform_bss_frame_data+0x3b8/0x720
[  191.898055][    C0]  ? ieee80211_bss_info_update+0x8a7/0xbc0
[  191.903855][    C0]  ? ieee80211_scan_rx+0x526/0x9c0
[  191.908947][    C0]  ? ieee80211_rx_list+0x2b02/0x3780
[  191.914235][    C0]  ? ieee80211_rx_napi+0x18a/0x3c0
[  191.919364][    C0]  ? ieee80211_handle_queued_frames+0xe7/0x1e0
[  191.925504][    C0]  ? tasklet_action_common+0x321/0x4d0
[  191.930958][    C0]  ? handle_softirqs+0x2c4/0x970
[  191.935876][    C0]  ? do_softirq+0x11b/0x1e0
[  191.940366][    C0]  ? __local_bh_enable_ip+0x1bb/0x200
[  191.945721][    C0]  ? ieee80211_tx_skb_tid+0x264/0x420
[  191.951075][    C0]  ? ieee80211_mgmt_tx+0x1b46/0x2180
[  191.956345][    C0]  ? cfg80211_mlme_mgmt_tx+0x950/0x16a0
[  191.961886][    C0]  ? nl80211_tx_mgmt+0xb0d/0x1190
[  191.966907][    C0]  ? genl_rcv_msg+0xb14/0xec0
[  191.971566][    C0]  ? netlink_rcv_skb+0x1e3/0x430
[  191.976489][    C0]  ? genl_rcv+0x28/0x40
[  191.980626][    C0]  ? netlink_unicast+0x7f0/0x990
[  191.985550][    C0]  ? netlink_sendmsg+0x8e4/0xcb0
[  191.990465][    C0]  ? __sock_sendmsg+0x221/0x270
[  191.995300][    C0]  ? ____sys_sendmsg+0x525/0x7d0
[  192.000231][    C0]  ? __sys_sendmsg+0x2b0/0x3a0
[  192.004976][    C0]  ? do_syscall_64+0xf3/0x230
[  192.009638][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.015700][    C0]  ? __pfx_ieee802_11_parse_elems_full+0x10/0x10
[  192.022032][    C0]  ? cmp_bss+0x2eb/0xea0
[  192.026273][    C0]  ieee80211_inform_bss+0x15f/0x1080
[  192.031576][    C0]  ? __cfg80211_bss_update+0x1202/0x2170
[  192.037198][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  192.042909][    C0]  ? cfg80211_inform_single_bss_data+0xaff/0x2030
[  192.049309][    C0]  ? cfg80211_inform_single_bss_data+0xaff/0x2030
[  192.055714][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  192.061418][    C0]  cfg80211_inform_single_bss_data+0xe93/0x2030
[  192.067652][    C0]  ? __pfx_lock_release+0x10/0x10
[  192.072665][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  192.079340][    C0]  ? __pfx_validate_chain+0x10/0x10
[  192.084522][    C0]  ? kernel_text_address+0xa7/0xe0
[  192.089636][    C0]  ? cfg80211_inform_bss_data+0x3c5/0x5a70
[  192.095440][    C0]  cfg80211_inform_bss_data+0x3dd/0x5a70
[  192.101077][    C0]  ? __pfx_validate_chain+0x10/0x10
[  192.106261][    C0]  ? validate_chain+0x11e/0x5900
[  192.111194][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  192.117248][    C0]  ? __pfx_validate_chain+0x10/0x10
[  192.122428][    C0]  ? mark_lock+0x9a/0x350
[  192.126745][    C0]  ? mark_lock+0x9a/0x350
[  192.131060][    C0]  ? __lock_acquire+0x137a/0x2040
[  192.136086][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  192.141094][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  192.146894][    C0]  cfg80211_inform_bss_frame_data+0x3b8/0x720
[  192.152957][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  192.158745][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[  192.164366][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  192.170512][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  192.176823][    C0]  ? ieee80211_get_channel_khz+0x173/0x920
[  192.182617][    C0]  ieee80211_scan_rx+0x526/0x9c0
[  192.187545][    C0]  ieee80211_rx_list+0x2b02/0x3780
[  192.192643][    C0]  ? __lock_acquire+0x137a/0x2040
[  192.197663][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  192.203112][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  192.208121][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  192.214086][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  192.220418][    C0]  ? ieee80211_rx_napi+0xd6/0x3c0
[  192.225434][    C0]  ieee80211_rx_napi+0x18a/0x3c0
[  192.230356][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  192.236672][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  192.242131][    C0]  ? skb_dequeue+0x113/0x150
[  192.246751][    C0]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  192.252755][    C0]  tasklet_action_common+0x321/0x4d0
[  192.258033][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[  192.263838][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  192.270158][    C0]  ? workqueue_softirq_action+0xce/0x140
[  192.275784][    C0]  handle_softirqs+0x2c4/0x970
[  192.280541][    C0]  ? do_softirq+0x11b/0x1e0
[  192.285033][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  192.290306][    C0]  do_softirq+0x11b/0x1e0
[  192.294628][    C0]  </IRQ>
[  192.297544][    C0]  <TASK>
[  192.300456][    C0]  ? __pfx_do_softirq+0x10/0x10
[  192.305290][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  192.310906][    C0]  ? rcu_is_watching+0x15/0xb0
[  192.315662][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  192.320846][    C0]  ? ieee80211_xmit+0x30f/0x3f0
[  192.325682][    C0]  ? __ieee80211_tx_skb_tid_band+0x49e/0x610
[  192.331643][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  192.337346][    C0]  ? __ieee80211_tx_skb_tid_band+0x4e2/0x610
[  192.343313][    C0]  ? ieee80211_tx_skb_tid+0x30/0x420
[  192.348591][    C0]  ieee80211_tx_skb_tid+0x264/0x420
[  192.353804][    C0]  ? ieee80211_tx_skb_tid+0x30/0x420
[  192.359075][    C0]  ieee80211_mgmt_tx+0x1b46/0x2180
[  192.364179][    C0]  ? ieee80211_mgmt_tx+0xa2e/0x2180
[  192.369364][    C0]  cfg80211_mlme_mgmt_tx+0x950/0x16a0
[  192.374730][    C0]  nl80211_tx_mgmt+0xb0d/0x1190
[  192.379572][    C0]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  192.384841][    C0]  ? __pfx_netdev_run_todo+0x10/0x10
[  192.390120][    C0]  genl_rcv_msg+0xb14/0xec0
[  192.394605][    C0]  ? mark_lock+0x9a/0x350
[  192.398926][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  192.403945][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  192.408951][    C0]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  192.414304][    C0]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  192.419569][    C0]  ? __pfx_nl80211_post_doit+0x10/0x10
[  192.425013][    C0]  ? __pfx___might_resched+0x10/0x10
[  192.430287][    C0]  netlink_rcv_skb+0x1e3/0x430
[  192.435038][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  192.440047][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  192.445327][    C0]  ? __netlink_deliver_tap+0x77e/0x7c0
[  192.450779][    C0]  genl_rcv+0x28/0x40
[  192.454749][    C0]  netlink_unicast+0x7f0/0x990
[  192.459505][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[  192.464776][    C0]  ? __virt_addr_valid+0x183/0x530
[  192.469866][    C0]  ? __check_object_size+0x49c/0x900
[  192.475133][    C0]  ? bpf_lsm_netlink_send+0x9/0x10
[  192.480227][    C0]  netlink_sendmsg+0x8e4/0xcb0
[  192.484978][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.490240][    C0]  ? __import_iovec+0x536/0x820
[  192.495077][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  192.500344][    C0]  ? security_socket_sendmsg+0x87/0xb0
[  192.505785][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.511045][    C0]  __sock_sendmsg+0x221/0x270
[  192.515711][    C0]  ____sys_sendmsg+0x525/0x7d0
[  192.520462][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.525742][    C0]  __sys_sendmsg+0x2b0/0x3a0
[  192.530314][    C0]  ? __pfx___sys_sendmsg+0x10/0x10
[  192.535405][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  192.541308][    C0]  ? __secure_computing+0x125/0x370
[  192.546496][    C0]  do_syscall_64+0xf3/0x230
[  192.550985][    C0]  ? clear_bhb_loop+0x35/0x90
[  192.555652][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.561536][    C0] RIP: 0033:0x7f72f83779f9
[  192.565934][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.585521][    C0] RSP: 002b:00007f72f90c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.593918][    C0] RAX: ffffffffffffffda RBX: 00007f72f8506130 RCX: 00007f72f83779f9
[  192.601868][    C0] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005
[  192.609819][    C0] RBP: 00007f72f83e58ee R08: 0000000000000000 R09: 0000000000000000
[  192.617770][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  192.625723][    C0] R13: 0000000000000000 R14: 00007f72f8506130 R15: 00007ffe81508808
[  192.633685][    C0]  </TASK>
[  192.636697][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  192.643954][    C0] CPU: 0 UID: 0 PID: 6584 Comm: syz.4.196 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0
[  192.654515][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  192.664556][    C0] Call Trace:
[  192.667815][    C0]  <IRQ>
[  192.670636][    C0]  dump_stack_lvl+0x241/0x360
[  192.675304][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.680489][    C0]  ? __pfx__printk+0x10/0x10
[  192.685059][    C0]  ? _printk+0xd5/0x120
[  192.689201][    C0]  ? vscnprintf+0x5d/0x90
[  192.693512][    C0]  panic+0x349/0x860
[  192.697391][    C0]  ? __warn+0x172/0x4e0
[  192.701522][    C0]  ? __pfx_panic+0x10/0x10
[  192.705921][    C0]  ? show_trace_log_lvl+0x4e6/0x520
[  192.711111][    C0]  __warn+0x346/0x4e0
[  192.715072][    C0]  ? kcov_remote_start+0x5a2/0x7e0
[  192.720168][    C0]  report_bug+0x2b3/0x500
[  192.724498][    C0]  ? kcov_remote_start+0x5a2/0x7e0
[  192.729593][    C0]  handle_bug+0x3e/0x70
[  192.733726][    C0]  exc_invalid_op+0x1a/0x50
[  192.738205][    C0]  asm_exc_invalid_op+0x1a/0x20
[  192.743036][    C0] RIP: 0010:kcov_remote_start+0x5a2/0x7e0
[  192.748737][    C0] Code: 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 a6 01 00 00 41 f7 c6 00 02 00 00 0f 84 93 fa ff ff fb e9 8d fa ff ff 90 <0f> 0b 90 e8 96 d2 19 0a 89 c0 48 c7 c7 c8 d4 02 00 48 03 3c c5 40
[  192.768323][    C0] RSP: 0018:ffffc90000006470 EFLAGS: 00010002
[  192.774375][    C0] RAX: 0000000080010303 RBX: ffff888023783c00 RCX: 0000000000000002
[  192.782326][    C0] RDX: dffffc0000000000 RSI: ffffffff8beae6e0 RDI: ffffffff8c3f8b40
[  192.790276][    C0] RBP: 0100000000000003 R08: ffffffff934ee877 R09: 1ffffffff269dd0e
[  192.798230][    C0] R10: dffffc0000000000 R11: fffffbfff269dd0f R12: ffffffff81937ffe
[  192.806182][    C0] R13: ffff88802d4c1000 R14: 0000000000000006 R15: ffff8880b922d4c8
[  192.814136][    C0]  ? kcov_remote_start+0x9e/0x7e0
[  192.819151][    C0]  ? usb_unanchor_urb+0xa3/0xc0
[  192.823983][    C0]  ? usb_anchor_suspend_wakeups+0x3a/0x40
[  192.829680][    C0]  __usb_hcd_giveback_urb+0x405/0x6e0
[  192.835039][    C0]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  192.840916][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  192.846102][    C0]  dummy_timer+0x830/0x45a0
[  192.850593][    C0]  ? __pfx_lock_release+0x10/0x10
[  192.855610][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  192.861923][    C0]  ? __hrtimer_run_queues+0x477/0xd50
[  192.867283][    C0]  ? __pfx_lock_release+0x10/0x10
[  192.872317][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  192.877530][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  192.882455][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  192.887375][    C0]  __hrtimer_run_queues+0x59b/0xd50
[  192.892554][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  192.898525][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  192.904230][    C0]  hrtimer_interrupt+0x396/0x990
[  192.909160][    C0]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  192.915126][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  192.920739][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  192.926698][    C0] RIP: 0010:___slab_alloc+0x4f7/0x14b0
[  192.932152][    C0] Code: e9 78 fb ff ff e8 09 28 c1 09 f7 c3 00 02 00 00 74 18 e9 8e fe ff ff 48 c7 43 10 00 00 00 00 4c 89 ff 48 89 de e8 f9 15 00 00 <49> 83 7c 24 18 00 0f 84 89 06 00 00 48 c7 44 24 60 00 00 00 00 9c
[  192.951750][    C0] RSP: 0018:ffffc90000006c08 EFLAGS: 00000206
[  192.957799][    C0] RAX: 09d4614a61cef000 RBX: 0000000000000246 RCX: ffffffff81702e4a
[  192.965754][    C0] RDX: dffffc0000000000 RSI: ffffffff8bead560 RDI: ffffffff8c3f8b40
[  192.973707][    C0] RBP: ffff8880b9242c80 R08: ffffffff934ee8c7 R09: 1ffffffff269dd18
[  192.981658][    C0] R10: dffffc0000000000 R11: fffffbfff269dd19 R12: ffff8880b9242c60
[  192.989608][    C0] R13: ffff888023783c00 R14: 00000000ffffffff R15: ffff888015442140
[  192.997565][    C0]  ? mark_lock+0x9a/0x350
[  193.001883][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  193.007065][    C0]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[  193.013031][    C0]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[  193.018990][    C0]  __slab_alloc+0x58/0xa0
[  193.023309][    C0]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[  193.029269][    C0]  __kmalloc_noprof+0x25a/0x400
[  193.034103][    C0]  ? stack_depot_save_flags+0x6e4/0x830
[  193.039629][    C0]  ieee802_11_parse_elems_full+0xdb/0x2880
[  193.045421][    C0]  ? kasan_save_track+0x51/0x80
[  193.050252][    C0]  ? kasan_save_track+0x3f/0x80
[  193.055083][    C0]  ? __kmalloc_noprof+0x1fc/0x400
[  193.060088][    C0]  ? __cfg80211_bss_update+0x1a5/0x2170
[  193.065629][    C0]  ? cfg80211_inform_single_bss_data+0xd51/0x2030
[  193.072063][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  193.077858][    C0]  ? cfg80211_inform_bss_frame_data+0x3b8/0x720
[  193.084082][    C0]  ? ieee80211_bss_info_update+0x8a7/0xbc0
[  193.089867][    C0]  ? ieee80211_scan_rx+0x526/0x9c0
[  193.095045][    C0]  ? ieee80211_rx_list+0x2b02/0x3780
[  193.100309][    C0]  ? ieee80211_rx_napi+0x18a/0x3c0
[  193.105402][    C0]  ? ieee80211_handle_queued_frames+0xe7/0x1e0
[  193.111551][    C0]  ? tasklet_action_common+0x321/0x4d0
[  193.117004][    C0]  ? handle_softirqs+0x2c4/0x970
[  193.121937][    C0]  ? do_softirq+0x11b/0x1e0
[  193.126434][    C0]  ? __local_bh_enable_ip+0x1bb/0x200
[  193.131787][    C0]  ? ieee80211_tx_skb_tid+0x264/0x420
[  193.137142][    C0]  ? ieee80211_mgmt_tx+0x1b46/0x2180
[  193.142412][    C0]  ? cfg80211_mlme_mgmt_tx+0x950/0x16a0
[  193.147941][    C0]  ? nl80211_tx_mgmt+0xb0d/0x1190
[  193.152949][    C0]  ? genl_rcv_msg+0xb14/0xec0
[  193.157606][    C0]  ? netlink_rcv_skb+0x1e3/0x430
[  193.162530][    C0]  ? genl_rcv+0x28/0x40
[  193.166665][    C0]  ? netlink_unicast+0x7f0/0x990
[  193.171592][    C0]  ? netlink_sendmsg+0x8e4/0xcb0
[  193.176525][    C0]  ? __sock_sendmsg+0x221/0x270
[  193.181368][    C0]  ? ____sys_sendmsg+0x525/0x7d0
[  193.186287][    C0]  ? __sys_sendmsg+0x2b0/0x3a0
[  193.191029][    C0]  ? do_syscall_64+0xf3/0x230
[  193.195696][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.201756][    C0]  ? __pfx_ieee802_11_parse_elems_full+0x10/0x10
[  193.208080][    C0]  ? cmp_bss+0x2eb/0xea0
[  193.212309][    C0]  ieee80211_inform_bss+0x15f/0x1080
[  193.217580][    C0]  ? __cfg80211_bss_update+0x1202/0x2170
[  193.223202][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  193.228911][    C0]  ? cfg80211_inform_single_bss_data+0xaff/0x2030
[  193.235318][    C0]  ? cfg80211_inform_single_bss_data+0xaff/0x2030
[  193.241731][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  193.247442][    C0]  cfg80211_inform_single_bss_data+0xe93/0x2030
[  193.253676][    C0]  ? __pfx_lock_release+0x10/0x10
[  193.258684][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  193.265353][    C0]  ? __pfx_validate_chain+0x10/0x10
[  193.270544][    C0]  ? kernel_text_address+0xa7/0xe0
[  193.275666][    C0]  ? cfg80211_inform_bss_data+0x3c5/0x5a70
[  193.281462][    C0]  cfg80211_inform_bss_data+0x3dd/0x5a70
[  193.287093][    C0]  ? __pfx_validate_chain+0x10/0x10
[  193.292276][    C0]  ? validate_chain+0x11e/0x5900
[  193.297202][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  193.303253][    C0]  ? __pfx_validate_chain+0x10/0x10
[  193.308429][    C0]  ? mark_lock+0x9a/0x350
[  193.312747][    C0]  ? mark_lock+0x9a/0x350
[  193.317060][    C0]  ? __lock_acquire+0x137a/0x2040
[  193.322079][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  193.327088][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  193.332881][    C0]  cfg80211_inform_bss_frame_data+0x3b8/0x720
[  193.338937][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  193.344726][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[  193.350346][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  193.356489][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  193.362805][    C0]  ? ieee80211_get_channel_khz+0x173/0x920
[  193.368597][    C0]  ieee80211_scan_rx+0x526/0x9c0
[  193.373546][    C0]  ieee80211_rx_list+0x2b02/0x3780
[  193.378672][    C0]  ? __lock_acquire+0x137a/0x2040
[  193.383689][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  193.389133][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  193.394147][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  193.400110][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  193.406426][    C0]  ? ieee80211_rx_napi+0xd6/0x3c0
[  193.411429][    C0]  ieee80211_rx_napi+0x18a/0x3c0
[  193.416349][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  193.422661][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  193.428103][    C0]  ? skb_dequeue+0x113/0x150
[  193.432680][    C0]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  193.438647][    C0]  tasklet_action_common+0x321/0x4d0
[  193.443920][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[  193.449708][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  193.456022][    C0]  ? workqueue_softirq_action+0xce/0x140
[  193.461640][    C0]  handle_softirqs+0x2c4/0x970
[  193.466389][    C0]  ? do_softirq+0x11b/0x1e0
[  193.470878][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  193.476170][    C0]  do_softirq+0x11b/0x1e0
[  193.480514][    C0]  </IRQ>
[  193.483428][    C0]  <TASK>
[  193.486341][    C0]  ? __pfx_do_softirq+0x10/0x10
[  193.491171][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  193.496789][    C0]  ? rcu_is_watching+0x15/0xb0
[  193.501534][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  193.506714][    C0]  ? ieee80211_xmit+0x30f/0x3f0
[  193.511547][    C0]  ? __ieee80211_tx_skb_tid_band+0x49e/0x610
[  193.517511][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  193.523213][    C0]  ? __ieee80211_tx_skb_tid_band+0x4e2/0x610
[  193.529174][    C0]  ? ieee80211_tx_skb_tid+0x30/0x420
[  193.534440][    C0]  ieee80211_tx_skb_tid+0x264/0x420
[  193.539622][    C0]  ? ieee80211_tx_skb_tid+0x30/0x420
[  193.544894][    C0]  ieee80211_mgmt_tx+0x1b46/0x2180
[  193.549999][    C0]  ? ieee80211_mgmt_tx+0xa2e/0x2180
[  193.555185][    C0]  cfg80211_mlme_mgmt_tx+0x950/0x16a0
[  193.560549][    C0]  nl80211_tx_mgmt+0xb0d/0x1190
[  193.565392][    C0]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  193.570659][    C0]  ? __pfx_netdev_run_todo+0x10/0x10
[  193.575937][    C0]  genl_rcv_msg+0xb14/0xec0
[  193.580427][    C0]  ? mark_lock+0x9a/0x350
[  193.584748][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  193.589768][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  193.594773][    C0]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  193.600124][    C0]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  193.605392][    C0]  ? __pfx_nl80211_post_doit+0x10/0x10
[  193.610834][    C0]  ? __pfx___might_resched+0x10/0x10
[  193.616105][    C0]  netlink_rcv_skb+0x1e3/0x430
[  193.620854][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  193.625860][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  193.631135][    C0]  ? __netlink_deliver_tap+0x77e/0x7c0
[  193.636584][    C0]  genl_rcv+0x28/0x40
[  193.640544][    C0]  netlink_unicast+0x7f0/0x990
[  193.645295][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[  193.650559][    C0]  ? __virt_addr_valid+0x183/0x530
[  193.655651][    C0]  ? __check_object_size+0x49c/0x900
[  193.660919][    C0]  ? bpf_lsm_netlink_send+0x9/0x10
[  193.666013][    C0]  netlink_sendmsg+0x8e4/0xcb0
[  193.670761][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  193.676029][    C0]  ? __import_iovec+0x536/0x820
[  193.680885][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  193.686183][    C0]  ? security_socket_sendmsg+0x87/0xb0
[  193.691624][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  193.696888][    C0]  __sock_sendmsg+0x221/0x270
[  193.701549][    C0]  ____sys_sendmsg+0x525/0x7d0
[  193.706304][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[  193.711575][    C0]  __sys_sendmsg+0x2b0/0x3a0
[  193.716146][    C0]  ? __pfx___sys_sendmsg+0x10/0x10
[  193.721236][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  193.727135][    C0]  ? __secure_computing+0x125/0x370
[  193.732318][    C0]  do_syscall_64+0xf3/0x230
[  193.736808][    C0]  ? clear_bhb_loop+0x35/0x90
[  193.741465][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.747348][    C0] RIP: 0033:0x7f72f83779f9
[  193.751742][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.771331][    C0] RSP: 002b:00007f72f90c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  193.779729][    C0] RAX: ffffffffffffffda RBX: 00007f72f8506130 RCX: 00007f72f83779f9
[  193.787684][    C0] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005
[  193.795638][    C0] RBP: 00007f72f83e58ee R08: 0000000000000000 R09: 0000000000000000
[  193.803591][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  193.811543][    C0] R13: 0000000000000000 R14: 00007f72f8506130 R15: 00007ffe81508808
[  193.819506][    C0]  </TASK>
[  193.822743][    C0] Kernel Offset: disabled
[  193.827116][    C0] Rebooting in 86400 seconds..