last executing test programs:

12.848386993s ago: executing program 0 (id=1569):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000180)="6203a105d755af176510122f1eafbcf72be12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e24732faf215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7dfd652684d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f00000014c0)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44cb2e32e2bf367e9d01a5e7380cc4fc8e7c9044cc4750b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a36a8b449955e83e91b379c179017f8f4657d1b22eca6bca33036d33e1a684059c53cea91c8f637ac780ab2bcf85f774b0d4e5876fe9aee4724b7cb59731c97e70ebd70600", 0xa7}, {&(0x7f0000000040)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb48bbd3b52d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000440)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a4e", 0x358}, {&(0x7f0000000280)="b8d35a42b724f5117efd3ff06558a16b478b", 0x12}, {&(0x7f000001f4c0)="550c6d32758c9c16ffa4f109b112c633892f8bee461d1744b4bf458233d3294ababe6c28c97e2640f849c401a026827bfb3d48b3b006ca", 0x37}, {&(0x7f0000000340)="87a3ec9a1f2c062344c32d723e509529b7d74109fc61f9db8b0cba55c7d4924c795715c66ce41fc8cad02e9542c6d8cbad891da12ba8837e5c65977e46c4dbec1bd1bbe39159d298ab", 0x49}, {&(0x7f0000001580)="ad6af12c03cdb303b5d935253e1200f84956b1c024fe160e42e54f67ab5cd7cc9fbeb42c9935f477642758d5c406be361302b8ffe9b87acf3aeacdad8ace6307bbd9e047f7ce4241871b59dc5abccc9cd4854df0b0a38bcd59020c8400a4f87e21a1d88247139f5ae3436a7d503898a56d39a23b35b82f23576342f8509aa577624de0cae23f00da7b812f66c5a02fd239e04494a7e4e6af8598f8d3e813f969476a09f923a4e1fcde5fa5f50d70ece3ff0fdaf03ad528013557b8719d137a8f10013c6d3af3b51d64e8a3c738c0e5efa0fe29325181a00e777cd4e13e58c474ec14a19d37f24fdd4221c598da93a2a382ed990407ed3763c102038e25870826f560760e1df44fc41663156fc2e318a11150c35390bd24a273773aa0dffe409eebf46ccdbb2e92a3f0f0febaaaebfe2155a9e2788d576cd638574963ecf57fc2822a39557abafd176a8cfafa96cbae576bee01cd6d9e186908433edf330edb6108ff927ed2b564ba7c2047f33936036b771129eafef781d65b0cfded4f2cdc1b41b525f271b4775a1f38503d12451bb7183be337e4c24d52c8967c16435550a71e6904848716dfeb22b37687e7b0c1902eb96000def74294467a8f7fb4ed90fb9553392f429e5f35d8347f6d04d1ed096fa64c29727b2c6b9ad65d6a916e772c079fcf246a1f3c88df4b7d00678eef3960ca56c1180178a9c400db7e13b0286a22955ecff46707f3af1a40694f3e84e6f053aafeb2098e6ef11c875932ef5556f1a67a7a2bd2c720036c52c5ac9a5308737e40e625d0f5fe8810b9c98bd98141e72e749002abf8977ebbd5a6c98373c6865e165426369e8e713c25a563ce425bc25c1a059a20a1ce423e687cf1330624b7b9bfb77ce8c4a7a0cc87f2501102a2292c3ec31ff36ee5feb3e2c1f40d62f01dfab40eaaec84b245ece6db0b764cd791f883db052704d46e2273d7d20ff2242d6c59b52813e438ed2e37762ce02ee331073ba7137e5226d7b0f8e0b74d93fd35378e6fe871c1b6981a2dcf08aa48505650712f697256a8ecc93d220bc041b00c4b34760851cec221d81f651361f737a46ac47965f9fd57096af6e8ee00932779fc8599a41d683d4a678cdd7ccacd94e72cc1e4f16726f25695e4bf1a18dff6551bd9cbfccbe03e9dd74d901e710e401d151b78d874ad38204ea8935c2d7c032f81337b7e390fba998249fb2dd1a96927fd6d334976fbb4f286abe7897c6f53ac85b0abc2bec314467dde487b32d1f21923877be60e8bb4989f8732dd4e32584c0ba5cc1a8bc9a63c4817ceb774d0e51a574f2fc9a703ee3f3fe77ca7bacdb7c593c5f0791e900c18ad01a6e5ad71fa24bfea2b6a8dce6058342270ad2f4ba6f55bf13a9f9454ad32d59e470c9468d5b35b29002360cce1eee9583f142362618b3a8756f2b6c51f3e69df81785b68601911d0bc8de73cf176975f0616d5f126f0046aa371a88e44d199e9abd67ffc287ab32cc83703534172c9d590af6ad33d3b345633601ed2c0c9b400762e9244e796253f44ea3954c08a1ad8b41f0eaa6f0b73d63479511d7239fcccbc4385979f998d5028e3852cbed4daeb993ab1b799bcd2fb1f3dd7e4ecd179e0ded6dfd361fa2600db7d89dec68098438be2cf3a45705a09ac4bdb0d13c55168120b5f901a87c19ba7781323486211eee0512b3a564431ac75666736752b64e54b4be9158f14e09860111bedd34b812af2d9ecd228b4e47766132f346e2de0277281b0d274d2341e102e0e795361159693546f8486cf686ad3eca71212ced4c464b661fbf45a0e158d7df68b3342b141b2906a8095cc73c6f9d071202a20ad0d8be644b8232d2cac7e21c4cf66f5c979a1f9697c32600922153af9baeb5b9f98dd3bf8ba2a8dad63bfa6b7c6bf8a06d60b376f435133ca9b4895b9fb7598a980eb1517454fd9cfec3c2e77a827dd2fe4babcd7ac109c1e27f5454cc2772660b8686307469fc67db6ed8764ca3b81b539fbf6b6d5297dd4f2fca75ec87c9ece2962fcf10f575a8cd2e220f9142d616de4c53f8863bf9cba3d19e087cdbdcaac0d1cb1fb946254b165f5eb611b28fcd64b6ec8bb3dc215c48c5b1ed42f335129c9a524abdeeb4c3c5f5d759fe4cc0eb41205c1b4081e807700399cf7b4b69b78e34e0724559fdd1e97337af0965252b5516b1e8319c0871ffe8fab0d03a3e14357275f0165a455b69e31869ed2795f421ebbba32eaad7e1f664b127671013b93108635623e308d8909467507daa9d5b4dead019d594664150355766bd705296a884e679fd05c6203872930d2ab710cf7b096c0073d355343735de5bcbb79c0c7dbba39b90027c3c9e75ef9988d3440fbf167d2364582d31db1170b5a2593ef812c678e3b9d6c4ebc18dd35fb1e539676824870a7601aca30c04b343e6b4d292e2a284ad628fc4dece2209f0d45a297b54548ce699551344fd1a2ccd04deca2ddb5224d9b1c37e915a00ae5fd9ab0cc94b5ac745ff04e4556e8ab3882b3a91e76c71e6451cf8fe01c1f784cc03f17c78a583579427b99d08a94fd9ab165c1b637009d5534132da120800faa99e14e240b363113322a1a89cc1db260bb0dff5986b5a06b8da7bde29d2f95598cc9d316d12665f5bae80e98f75cf6ee8819a87d9a18940ffc91b3547aa2804c019f19b66a1c18b9e7359cd028fc579b50fccb1f1a8397da792a6b61ffc19421b422b0423968d424b6eb6031e6de2158b384e9d4d9d82d5f8c60d32f36dc57cfd11aaf9ac58d63d7d18cd036ea05ad963171b6fc1662985fb5f639eab76deec2dc65497d0ee9e7fff7e7c41b74e2276c62846b03501da85015085bcfeb3d5906960ccfa2dbd8acd823c5990bdb124768ae79397ef5f7b19d84b74bdb173809a44cb01517023c06a6c7116b4a1d360000197d0ac4d5a709300ea4cf4b357f805fb6d9619801a6c85892f629f22d7c9ee4d9cc3277eeb15bdcf21d7656e829935145881bb46c8b765574ac2735e2d6cc8c0e42654bfa202e8a4b59c62d302ad7e684da6c5ecf05361828bc19d353094e8e4fa5805d0e927c1a1e8c8a536e5983f56dc95b0d3ed53ec9c527a98ac84bd40a93b65d4453bf9e3663e779ea3a2d5328325c5a9db387d9cab9d2c5e8328c52c2a6d6431a2214f403a72eeed4bd13358042a37daeadac229f9deb4a7d5d1552aa7e56251058c923a0001fab8e02d3dbc0f997c467f5b8f0df9598db79800248b32b2afb50ce4367e7758f135623b84743860110af013e6759fe9f827b9b636c48109ada43412a87ddcfc45e582c3ed50d45bc15bf0a1d7673c65fd8", 0x930}], 0x8}, 0x0)

12.463045335s ago: executing program 0 (id=1571):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000100000000000000000000faff0928000000140a010400000000000000000000000008000340000000140000001100010000000000000000000000000a"], 0x50}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0)
r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18)
writev(r1, &(0x7f0000000240)=[{0x0}], 0x1)
openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x3, {}, 0xff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0)

11.875736941s ago: executing program 0 (id=1574):
syz_emit_vhci(&(0x7f0000000300)=ANY=[], 0x15)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="04310600eeff000000"], 0x9)
preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/81, 0x51}, {&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f0000000200)=""/73, 0x49}, {&(0x7f0000000280)=""/25, 0x19}], 0x4, 0x337070cc, 0x9)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="042ffb03ffffffffffff9a04e670b5000007709d61a33823e2b6d7852bcc5976c4f4d1af24885cf83fa596c49e0755d164502406be0372a4e48f12acd8cc7f7143b1ceb560b3f6cedf60c07a68e9b50a0b85fc16c1490a3d122c8026b65b4909023a11b9cdaee2e749bd2e5071cff25964124fb4e7ff9771bad77c009836a7cd2b2a07eddba6d1b532e7adcf9decaf71966bea908a5b69a11c905948161ee64e5981c3fe4f2ceb3ee2f8a30aa41b0028f9fbaaa8fd1c7e2f482eafd6e8e8ce2e2f95d77c4e7728e65458224f9a63ddd3cb629d0f908b867bfdf92f5a3e8b9edc9771acd88f0f384653d268ccee43b53c4da52a9a639c7810897ebfe9ffffffffffff0501f8ba14ff0301b779576776e4805321e0d0cfa7bd3c1dae0196c78bbb274a8ae92e960ddfcb518a6be690064aa0e4728e31b31d05df18f497c402cb60c6aa405ab09887a05b6c2fa6fe15bd6de68171edaa68c3dcb987c18ff69a9d25cfdf5c471d6625d4fccb4228ba92c1ab1ea394caaed4e8dce4be0026e18587e7cf889613941d3bb02cef50613dd2ce1161604c47a364ba3de44970abaff444f7b061691647c4c8a4f60e6456f995ef9b8e27e0b0abb8050f11bc5096b5b43cb41e5b161b2a1328f8bafed714db3bc659f3c9961fa4e099bcbd541a9e27daacac3194639f115dc783501a9c71fd0c8cbf47df4ffd634d26387ad3f98d0977e822fd92992784613b8b1840819778c144adcaf0e5207567686efe974f41ab1930e9f73c274a3d5684f2bc932be27e34b82ff36e76fac07618570845d246af61be7a4f9d58f71876c139a1ad5870b47f5d30d4097620e624bcf7384defa2e7bd3e99779d15d87c7d8a4890db8ce086a200f0d08593a2999133fdfa362c628ebef88582f95aff34dbdd6b3c57becbf4b9f77e08692f17f92e0d85d3467f344952f902eb420fe0481c72dd8bdc54873e83dc67bc0b37bdeddf4410a58a9cc4c34dd232438354f28846ed2916056a3885753426702fe3908b4f40bf265abfb77125058869efdd6c7f9396552800"/760], 0x2fe)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket(0xa, 0x6, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x14, &(0x7f0000000040), 0x50)
listen(0xffffffffffffffff, 0x0)
accept$inet6(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="0c010010", @ANYRES16=0x0, @ANYBLOB="000300000000fbdbdf256700000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990009000000070000000800c400080000000800c300090000000800c300000000200800c300800000004400c5001fd355f7f0d979bb6d12b597509c451bf04f25fda8c09b5e9e48d0413a0f02befe6e019bd4adc9fb80c31a1120e0151e9d023e03b85f1fd99672a8061d8566dbf000c5002cf63e876057421211e5dea968676e1380e149becd172604d623eb0cb7c8821e91fb541f9e8fc38f31b1a50058f2036cf058667956e2e182a1e70a8e17849decf6b6cf3e5f510f5b2d7db664e6fd684a5f5ba41cad65dcfd904597b183305ca572e7c9a96f8f7c57626a52d786568609fc06a753ec050ba364bcf82c4a36b37a296e26ffefbd18e14a285b729b781a9104ae02200edcd26dba5c2872d87ddb08d57997f70cc2247fcc0e86e2fea9ea2eb36f0ebc1328bfc996661cbec24c6351e78201c694140b429ace4d6dd2532e4cd29845c3d4c452642c94f0e5d2fa46c21a511da11d62dba92e5d337c0800c4001f000000"], 0x184}, 0x1, 0x0, 0x0, 0x400}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
ioctl$EXT4_IOC_GETFSUUID(0xffffffffffffffff, 0x8008662c, &(0x7f0000000280))
sendmsg$NFT_BATCH(r3, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc080}, 0x4004040)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000002a00090000000000000000000400002c2500118043027c2bc882152f038733a7725526362062ce174f160f6fb82027a031c2a97c79000000c2b79c50b9980e4a1bc46d21028f5d890f09e8a430c544cc6afbf3496e17d1bb08ac13e20b02929cc44c149439b1c062326022ec419a07d4603f4be9be5bd56cdf3e595cf14d1c2ab09c949c568673b13db82ff46df5cc259cae73d9a232dadad9251dd9d260f480c1c897a92df1eb146d53e1bbb8f2956e40e979521d31eb2805"], 0x3c}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
flock(0xffffffffffffffff, 0x0)

11.590913323s ago: executing program 1 (id=1575):
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000000c0)={0x28, 0x0, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000})
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2, &(0x7f00000000c0)=""/156, &(0x7f0000000040)=0x28) (fail_nth: 1)

10.491004217s ago: executing program 1 (id=1579):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r3, &(0x7f0000001340)=[{&(0x7f0000001280)=""/151, 0x97}], 0x1)
ioctl$TCSETS(r3, 0x5402, &(0x7f00000014c0)={0x0, 0xfffffff7, 0x0, 0x0, 0x0, "076ac74d00"})

8.09885194s ago: executing program 1 (id=1584):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000100000000000000000000faff0928000000140a010400000000000000000000000008000340000000140000001100010000000000000000000000000a"], 0x50}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0)
r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18)
writev(r1, &(0x7f0000000240)=[{}], 0x1)
openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x3, {}, 0xff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0)

7.712281295s ago: executing program 2 (id=1585):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x100000000011, 0x2, 0x0) (async, rerun: 64)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 64)
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r1, 0x0) (async, rerun: 64)
sendto$inet6(r1, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (rerun: 64)
sendto$inet6(r1, &(0x7f0000000300)="c20f0d278934358545ad914303ca8e5623f4e94f7757310aeb9be547737e99f4d69e56a1b04760ce19b9c49cf49899da97f06ed548da74c59c3b2b4accc8ab42b6692fd338754fa39cf2b1b3023087f14795eb9428d6b88dbcad93e31f408f29794fdd045cb7d20b50c90faf7c88f2d810cdf1f8a844ce26c88d35ffe1db7a32ed6414244405f5554171e7d8641ade39454166936a84fa7f36e277ce1c53f4078dfe0bde514650611ce4c369ecc034f452eff839a6d4ed0e75c47fbb9a865eaf3d464c10fb5ec0873cda96608db92b5cb5691303f236e4200628056c30a501276567fb2ea522967d39c4b463622152dd8b6ca76c9192998eaeafd36fb07caeee73a4a311f9b24a1004ec9d3625b0b79060199c9b4849e912b7c63fcb85f3ecd752425fc8afb417394ed9cecc4cd51eefb1f6304aecb16fd328d1cc98223b2a34a8392383ec2781d766e674333bdb08dcfbada438217fbd1a133bd484cc8690f197784a09937b2b14e2d5472c7e6ce53745768bf229d3049d79ba2df079f57223773abe9d54c27c6464b59a0936b03b3c01b388d47fdf657357cca707d72a4c679c33d8b8edadecbbd72a9baa6f146c84e924db435186cc135a9c1343d248132e38c6ee52909bd989f8116bebbc271f0513af53e4354c719380625dbd5e89264dc9716fa64db17807f2f72d6fa8b58360c372f3a6e8d22c18b4b1c5de94ea4917ba8dae90a8b0c72d3629cb72bd96748803a61b66f4064c9090354352b054e29a97342704393033429211d51c491cc1d8e34b27a3d526f31dd3d4fd21e782698efcbd0e2e8c55e28ed06e1064d0170a33587aacf8effd7d36ae9451caa541a9cbeb08d52d6d560403c7a57ed74f5bdcb3e580c7c261c58517afc81cbbab1861bcd69c183b398aa11d573e57218912d00914e50f0777c887199f90ff67d1e1f3f1a63086c14acf830165097faa385e1b94fd87c8018fa53ba8696b0ebaebfe3ee6d4c62937fa24921ddc6a4c8fcbc42023fb29bf96975fc1a2172e114dc7365a0d6a27d497ea2ba1b304673ac2d83dc26c8e3005da2b4730afea6ac54ac29cbd115fce5144ed383348fd781ab19ec9de9c07b2c6556596be3df2b5e465f91c46b2cf50b717c5b58d886b2695d10cdbb09803ab381a3a1d513a6a977d05c24a44263fde79cd466ca32ce2883760433a5ff4faa329a0c126e4903ea3dec1e07e057dd8fb8ba5ab390e81234bca767a5dd209e588a41d765668bcca077003cb3b332ef54549777678fed3f17d946990ca0812b207e704eda95dcaee23d6795db34779433869fb2ef9a0eeff13c43a42dabeee9f4a69a74008ea973c3a8e4c30c850b30d48915b7cbbba1e7db1988d27d036845c5fb8520bfec10bd70a5bc5853ee8985db9c7135813c32657b13747fd02735bc0f3fc54774f9ef97fac6f12ec24a55fa066e8f387170208da8615355e2e21a7363b11a3cab94b8ee411bbecf9b1f71662f50557f03e1fb64e5da0a18c18225a612235ed6337480debc9e4f45a32297a09735285cbb3254431980626bb46ab07993284629ff28558dea766cc4a8c511982a934d25088531aba09169c5855070924f36180abf8ca9fb6669e7bca5df76a3e0d8ddd4eaa99fbce9f24b91f8d1316791de91f9d6a96d2a8ee9f7bebf95804d0c136745acf372e38ff88a69167e79ff3ef3058f9ab2f4e8250de697ceca6a9f67477d6fe450bb23cba11dda80c7b3634d50bf22002d269e69a6c43a6888d0d20759bf2dcac1c18492f2ce4d85547fd7e6dc03fdbe02c63b656190929f1f4198b46b44623fa500402ff56a87107b9a3e668687899c3c06b73e94000349c14f56d5f730cc75cd628f931a187b11ad4f240218c9cb6b1e036e560aa68d8e7258d8236ba1f1805ea4d75258bbc321c9eb7aa0f4d7eccfb630faff7e3c8c278570bd5ea77719bd33b83d1f8580496282859cc48fe99680ec546cf9f6e10b89f08d659dc0b2636398135c64c37aa567bf5fb157627c8fa9fe404924ba4e60363b353f4f3eaaf8b4197785ae04ee3b64aee53a8f961f79a3e6076d217c1692596e5bf9a7f94dc92072c53994dc658c74ff68c329a92ee2d6602d6b9acbedd19db3b717b7d4c816b1fd6c3e77a03fd0eae9a40140779899b3a770b3c20a889971fce8b35e768ef387cce2c777b915ce4e7df9463f5eef54e0e918d3e904c8770c1bbc6eb77c3e43353e13d1c0b7667d06b20715526b17e0b8968ae3254f626c59ab232ac0835e5b07ad838e81ca7a86a4b42e5807e8a316eb7fe6afae53877e1d87b3e1e9302d595cf033e95c42d42f7e31f8d46e78d412be66120948ce552b68d3f8b4fd1a0eed888c514a37040fb28dbf96af88ec96e5d7e476cfeaa4092dd80f5fe6f67fbf27c20e3169d9971602caf6a4d8679558aa2119a751fc1ad9870086370fcdcccb280ee591a7fe8b319be2d9f0ab3fb0040d45ca6e3b938c991b5beb93499bf77e098c662d075dd66dd6a2df2b48f649ce9ec01f17eb287f6eef766b26b014a7cd459d368b00bc4c73af17fbec17b663f619b68ca517d55e50e498b91d609dbcbec3a5ac0cd47506ef493ecf7ef9bf66ae3e706bcc7d8894f1cf05e7841e6f1198e2b27a1b2dd5e39cf7b0d97319f6d4711c6ddde8f8e0226d19a5f65ce2c35c5ae2bbfbb016a518ea97f9a7b62a7860b9c98563b7727d6c462df0cd98dedb9f3559e020f5b513513976c8a8080addb6e57a0b9beaa744ed818e24e687ca0b3aee27448ccbd918a6773ae7c37a00ebce5c8eee030930e806234d884ba4038feebf05ddd946b6d78c543c198612fb9fa7634c1463428b9eef86cb9c703f9e6be22367a55926c2ff1e31f0caabaceaac08872807dcbf41c1ac46a411e80e7a87a14282b837a4c5e016aac38e5ba5a6463421612ba493ac7cd2decd0d63e58410f43d169c8bb649f44aeac5d3f17c3709bc9f9533d307a7a062d87d0ce5e726de778d502bdcaa441db875dcb8a9e8c49607ab5c8a233ded286e8d1ee4a98cd18085c808d9409560a205f0bb979f3c9c31b2a13bcbd4cfa91b6d8fe6a3a6167da6a6b3eef799358829e3e95cd007d2eb49e38fede07b042b0485bd9311fbd2c89e3c11ed179f1a7c71cf743642533e9fa2ae41d9972b2c6a3ca01484c2abb563311927b97f21ec6573bc25918f8110028c63f16d7bffd29f753cb7bd00124b00159e94ebd875ad899f9e92148b331fc88b02d80b5c1c290177083c0a002a92936a6b304936393688e8e7af019ac6b0760fd04b63ac5f89a0d0b99dab49c56b6373116c2056bd4c9227be7ec1970e1f2544150172d10ab759c68d5646b1673b083e87b62c0b60da658e0e397b4c283edd70ad164d7f43c7c2b38ca7ec47df6a0d7c534d48931523fa29ac0d950ac0c13335769f8e957e686abf02fa8974a4ffca48f08656e7d8a944affab6beb622afc5e444e5345ac416ce1d2ba2ef34641641fcd2d632680b98ea1e917d7e6c9505c99d0f487fcb00880a9eeee91a2c9f3601fbfd810dc55731d17317381e3c78c62dc3fad2ad1d269469c1b9da265f185feba1c1bde19e71a4e5e0bea38065081d28c6fb189087c32cf277212cc6fb12fd1af3692a1c9817f531b7ee4323cd7a3b8e61c6ea2e4c3f6a1e8f0c35374d3eda3054bee6293ce306613d24f5b7316cc10b1ae66d70839948eb71be7a0b31d69c7b07777cb6dc07ddb667f88e20f25e51e710c5bfbdf8baa2ac11c4a25b635a92b68eb32fce851409b7d96e403647ed85a0419db468ed36b1a0cd08691b08f054d237629d3c1a4bb85ca5a9c8ce7ae0ec0976e885ca29ff7049a77867b3a49d597e4d71a50110f508247682f85b992d38bc49982f6065a5e8c1589bb05227f966964f651811c050613a109faa70b9593b77c4ad395cd294f05d3ef30debb452f67cc487e9da4652aebe4dbb06ba2e320399df21bfae5c929ca97bae41b58c37d0ab54d8e8303f923faec1eb576f2a39b29fc94532c147c48221e1cc7305df72ed7c97897059403894eddab4adc4b86d415694562c62191f827b9de4e1f5c98c7cd6a9afc235e63112e88a13c2f53e419f277def82d8d2f51944bea4028e5b84f1cc42510ee5f73f339b83b0d64d1213c0a296da16dc1e0ec4ea71770999fba35108b1adce0b2639c8e95f3bca00191815a8e748e57e36d1958eda0be07a35b5f92a913d04812b0454fe57e0f3b3ebd37aca1b53cf2454d8c7cbb12e7f303af33aa50f96e0c2758990126d6630bb22e93cac0ceef3ad9028cb203d0b191f25a92384684b0421258be9a057f5b1b40e6418dac1b9bc349e5d20cbe9e0aa4b1e4483f07cb55417b9f58cbb4ae92cbe5a81f17dba9d48a330b7acde8dab0583fe603bae9d5a5308287996053919eabf8ea5a0a1677a269d8fd4926697a4eb0ced0858e3185247bad3be05733a4165470de6a533d1b24059f913339a09a6eace182b6c9280a7fc1af0c836c132f1d7dff8871353832c7f5b25614dc2a7c8e8237bec5425618cf353cf146ff21f672e4b06ccbe6bef2f2e51a47f153a97c9370be6b5832d2063ffc17614880d87682cd2d897ad19e040eb0d3bddb066c30a3c670e8e9a097d4b2244485e90912a0154b72db0a37c42c3ffcdf9272a5d2ad68139bb87cb641eaa1b0df9588570ca05c9840011b29a6cfe053e1095d59128bfb9665157d2665c66cacd39a681975ed24c336856f0cd98ac15c9cda2b6e556fb4b54b7b11840e2d2bf190391f1bd6e381bbeed39d8005bd6b725ad18c6d50836f5af027512753941447cf02e92d011ae6f094ee0a23804c800945d706771218bf6e18eee81fa1cb9e27fec38b1f575610604f7cacb35d7c37933df72fa189db607a752d5f3badd0385bf93ca4f2887458da090cd42f87b8def0c6341900dd6f16cf7c77393581ba1551482c757af4e6ace754d75dd010ca34cc2b68f6946b189e67867ca53ef6aff36e23c7f694427a9475e8acf2130d3841730530d49021833ab506a7eb9652a10df25f7b2007998e4e6aa41d130b2bcf41851df9ed76f8cba800f4a093c43c7717f204275942d822c739539dc11fdca1b9b1fa5f17232c5ce12873692fbf054796e9b435db5145b87b67e3de45d252fd6805f31dec22eb88757316800be404b5ff7dcb196c92ecab9fb04032b5fd42ef585e2ca10f109ddabf0941017747d39cdc65717f4ca7cc0bbe98d5dc2d11eed68efba99ea2ba26a4e3a5173805c4c97656d233799174f908ae50465337968903adb91bd658833327865865cf3875b2503a105942620e6dd62526aa8e9a05b5ab348b2ca68b4ca4f4c487ade7ca7650a6bfb4e27b65161462928d6a0ba186db908be3d8afd409c489969ef0f8b1dd71bea5a5c438a32010d1fccc34adee482bdc6d7d654b2ff5879467ea22d18da9884486273a51ceca842cfe0cd6fd50e5116acb58e7657ac6ec7b99d58a6e7232c84b28ebafdf2ec5737ce837223d3d59f48ec5fd37e36929c342a853047ea1f4eb4543757b27dbadfeadcc16205f9486bcf4ad479a7c75f8c34820b57431aab2b4e509e18728727e1de74104c5be581ac4ae9b2bf894bb8495f1cff51d44e9079cb0332ad5d40df729da592e2029bc13f1f467e70c529467577ac39c24e4d33c53f476078ba843a807a281767fb6f68c0ac79709134270642853c7b914b5b21b5235b57a63331e9d646463dc7595066c42efcebe786d9abd6c25c3e10a16beff021223c9db08505de524040bcc4f335faeaa199fe1692a2c9568ab06d908dd76", 0x1000, 0x0, 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000280)=0x40) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
ioctl$HIDIOCSFEATURE(r3, 0xc0404806, &(0x7f00000002c0)) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f00000002c0), 0x80000075, r4}, 0x38) (async, rerun: 64)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async, rerun: 64)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="d40000000008010100000000000000797a30000000002c0004800000000000000004080001400000000208000140000000030800024000000002080001400000000206000240001c00000900010073797a300000000005000300880000000900010073797a31000000000b00010073797a3100000000500500000000000000005d3608000540000000060800034000007fff0800024000000008080006400000010108000540000000020800034000000005080008400000ffff0800034000000002"], 0xd4}, 0x1, 0x0, 0x0, 0x40040}, 0x4012) (async, rerun: 32)
r6 = socket$inet(0x2, 0x0, 0x0) (rerun: 32)
setsockopt$inet_opts(r6, 0x0, 0x4, 0x0, 0x0) (async)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000000080)={'bridge0\x00', 0x0})
getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, 0x0, &(0x7f0000000200)=0xfffffffffffffcc3) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r8}, &(0x7f0000000040)=0x18, &(0x7f0000000380)}, 0x20) (async, rerun: 64)
syslog(0x9, &(0x7f0000000000)=""/178, 0xb2)
syslog(0x2, &(0x7f0000002640)=""/243, 0xf3) (async)
syslog(0x1, &(0x7f0000000400)=""/19, 0xfdd1)

7.317841704s ago: executing program 1 (id=1586):
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000680)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
tee(r0, r1, 0xaf5, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
preadv(r2, &(0x7f0000000000), 0x3f, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0)
recvmmsg(r4, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)=""/32, 0x10b8c}], 0x1}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000c80)=""/4096, 0x1000}], 0x1}}], 0x2, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r5, 0x4b4a, 0x10000000000004)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000080)={0x4000000})
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='jfs\x00', 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYRES8=0x0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000000), 0xffffffffffffffff)

6.963219522s ago: executing program 2 (id=1589):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x20000088b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x1)
socket$caif_stream(0x25, 0x1, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000080)={'ip6erspan0\x00', @random="201a4847569b"})
socket$tipc(0x1e, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00')
read$FUSE(r0, &(0x7f00000082c0)={0x2020}, 0x2020)
ioperm(0x7, 0x81, 0x2)
futex_waitv(0x0, 0x0, 0x2, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x2004c840}, 0x4000044)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x40000000015, 0x5, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x74)
bind$nfc_llcp(r5, &(0x7f0000000280)={0x27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, "d929849825e6573561bd1ca44c226af5160e000000007760760beeab91e81597c80004da0000000200000000d2b6b9c2000000000000000000000000004000", 0x200000000000003}, 0x60)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r3, 0x0, &(0x7f0000000000), 0x0, 0x4)
listen(r2, 0x0)

6.741164326s ago: executing program 0 (id=1590):
shmget$private(0x0, 0x13000, 0x0, &(0x7f0000feb000/0x13000)=nil)
r0 = shmat(0x0, &(0x7f0000fed000/0x1000)=nil, 0x4000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000280)=0x5)
setuid(r6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x4, &(0x7f0000000080)=@framed={{}, [@jmp={0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
shmdt(r0)

6.046769711s ago: executing program 1 (id=1592):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1872360611f2a5176b", @ANYRES32, @ANYBLOB="0000000000000000b708"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="010000000000000000003b0000000800", @ANYRES32, @ANYBLOB="6100330080000000ffffffffffff0802110000005050505050500000000000000000000064000000000602020202020201000406000000000000050400000063bf03"], 0x80}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000a50000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x8040001)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000001c0))
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r6, 0x0, 0xc8)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f00000005c0)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/62, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/73, &(0x7f0000000880)=""/72})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

5.955756025s ago: executing program 4 (id=1593):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000180)="6203a105d755af176510122f1eafbcf72be12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e24732faf215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7dfd652684d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f00000014c0)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44cb2e32e2bf367e9d01a5e7380cc4fc8e7c9044cc4750b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a36a8b449955e83e91b379c179017f8f4657d1b22eca6bca33036d33e1a684059c53cea91c8f637ac780ab2bcf85f774b0d4e5876fe9aee4724b7cb59731c97e70ebd706003994eb07de2f3c6a9448c320", 0xb3}, {&(0x7f0000000040)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb48bbd3b52d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000440)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a4e", 0x358}, {&(0x7f0000000280)="b8d35a42b724f5117efd3ff06558a16b478b", 0x12}, {&(0x7f000001f4c0)="550c6d32758c9c16ffa4f109b112c633892f8bee461d1744b4bf458233d3294ababe6c28c97e2640f849c401a026827bfb3d48b3b006ca", 0x37}, {&(0x7f0000000340)="87a3ec9a1f2c062344c32d723e509529b7d74109fc61f9db8b0cba55c7d4924c795715c66ce41fc8cad02e9542c6d8cbad891da12ba8837e5c65977e46c4dbec1bd1bbe39159d298ab", 0x49}, {&(0x7f0000001580)="ad6af12c03cdb303b5d935253e1200f84956b1c024fe160e42e54f67ab5cd7cc9fbeb42c9935f477642758d5c406be361302b8ffe9b87acf3aeacdad8ace6307bbd9e047f7ce4241871b59dc5abccc9cd4854df0b0a38bcd59020c8400a4f87e21a1d88247139f5ae3436a7d503898a56d39a23b35b82f23576342f8509aa577624de0cae23f00da7b812f66c5a02fd239e04494a7e4e6af8598f8d3e813f969476a09f923a4e1fcde5fa5f50d70ece3ff0fdaf03ad528013557b8719d137a8f10013c6d3af3b51d64e8a3c738c0e5efa0fe29325181a00e777cd4e13e58c474ec14a19d37f24fdd4221c598da93a2a382ed990407ed3763c102038e25870826f560760e1df44fc41663156fc2e318a11150c35390bd24a273773aa0dffe409eebf46ccdbb2e92a3f0f0febaaaebfe2155a9e2788d576cd638574963ecf57fc2822a39557abafd176a8cfafa96cbae576bee01cd6d9e186908433edf330edb6108ff927ed2b564ba7c2047f33936036b771129eafef781d65b0cfded4f2cdc1b41b525f271b4775a1f38503d12451bb7183be337e4c24d52c8967c16435550a71e6904848716dfeb22b37687e7b0c1902eb96000def74294467a8f7fb4ed90fb9553392f429e5f35d8347f6d04d1ed096fa64c29727b2c6b9ad65d6a916e772c079fcf246a1f3c88df4b7d00678eef3960ca56c1180178a9c400db7e13b0286a22955ecff46707f3af1a40694f3e84e6f053aafeb2098e6ef11c875932ef5556f1a67a7a2bd2c720036c52c5ac9a5308737e40e625d0f5fe8810b9c98bd98141e72e749002abf8977ebbd5a6c98373c6865e165426369e8e713c25a563ce425bc25c1a059a20a1ce423e687cf1330624b7b9bfb77ce8c4a7a0cc87f2501102a2292c3ec31ff36ee5feb3e2c1f40d62f01dfab40eaaec84b245ece6db0b764cd791f883db052704d46e2273d7d20ff2242d6c59b52813e438ed2e37762ce02ee331073ba7137e5226d7b0f8e0b74d93fd35378e6fe871c1b6981a2dcf08aa48505650712f697256a8ecc93d220bc041b00c4b34760851cec221d81f651361f737a46ac47965f9fd57096af6e8ee00932779fc8599a41d683d4a678cdd7ccacd94e72cc1e4f16726f25695e4bf1a18dff6551bd9cbfccbe03e9dd74d901e710e401d151b78d874ad38204ea8935c2d7c032f81337b7e390fba998249fb2dd1a96927fd6d334976fbb4f286abe7897c6f53ac85b0abc2bec314467dde487b32d1f21923877be60e8bb4989f8732dd4e32584c0ba5cc1a8bc9a63c4817ceb774d0e51a574f2fc9a703ee3f3fe77ca7bacdb7c593c5f0791e900c18ad01a6e5ad71fa24bfea2b6a8dce6058342270ad2f4ba6f55bf13a9f9454ad32d59e470c9468d5b35b29002360cce1eee9583f142362618b3a8756f2b6c51f3e69df81785b68601911d0bc8de73cf176975f0616d5f126f0046aa371a88e44d199e9abd67ffc287ab32cc83703534172c9d590af6ad33d3b345633601ed2c0c9b400762e9244e796253f44ea3954c08a1ad8b41f0eaa6f0b73d63479511d7239fcccbc4385979f998d5028e3852cbed4daeb993ab1b799bcd2fb1f3dd7e4ecd179e0ded6dfd361fa2600db7d89dec68098438be2cf3a45705a09ac4bdb0d13c55168120b5f901a87c19ba7781323486211eee0512b3a564431ac75666736752b64e54b4be9158f14e09860111bedd34b812af2d9ecd228b4e47766132f346e2de0277281b0d274d2341e102e0e795361159693546f8486cf686ad3eca71212ced4c464b661fbf45a0e158d7df68b3342b141b2906a8095cc73c6f9d071202a20ad0d8be644b8232d2cac7e21c4cf66f5c979a1f9697c32600922153af9baeb5b9f98dd3bf8ba2a8dad63bfa6b7c6bf8a06d60b376f435133ca9b4895b9fb7598a980eb1517454fd9cfec3c2e77a827dd2fe4babcd7ac109c1e27f5454cc2772660b8686307469fc67db6ed8764ca3b81b539fbf6b6d5297dd4f2fca75ec87c9ece2962fcf10f575a8cd2e220f9142d616de4c53f8863bf9cba3d19e087cdbdcaac0d1cb1fb946254b165f5eb611b28fcd64b6ec8bb3dc215c48c5b1ed42f335129c9a524abdeeb4c3c5f5d759fe4cc0eb41205c1b4081e807700399cf7b4b69b78e34e0724559fdd1e97337af0965252b5516b1e8319c0871ffe8fab0d03a3e14357275f0165a455b69e31869ed2795f421ebbba32eaad7e1f664b127671013b93108635623e308d8909467507daa9d5b4dead019d594664150355766bd705296a884e679fd05c6203872930d2ab710cf7b096c0073d355343735de5bcbb79c0c7dbba39b90027c3c9e75ef9988d3440fbf167d2364582d31db1170b5a2593ef812c678e3b9d6c4ebc18dd35fb1e539676824870a7601aca30c04b343e6b4d292e2a284ad628fc4dece2209f0d45a297b54548ce699551344fd1a2ccd04deca2ddb5224d9b1c37e915a00ae5fd9ab0cc94b5ac745ff04e4556e8ab3882b3a91e76c71e6451cf8fe01c1f784cc03f17c78a583579427b99d08a94fd9ab165c1b637009d5534132da120800faa99e14e240b363113322a1a89cc1db260bb0dff5986b5a06b8da7bde29d2f95598cc9d316d12665f5bae80e98f75cf6ee8819a87d9a18940ffc91b3547aa2804c019f19b66a1c18b9e7359cd028fc579b50fccb1f1a8397da792a6b61ffc19421b422b0423968d424b6eb6031e6de2158b384e9d4d9d82d5f8c60d32f36dc57cfd11aaf9ac58d63d7d18cd036ea05ad963171b6fc1662985fb5f639eab76deec2dc65497d0ee9e7fff7e7c41b74e2276c62846b03501da85015085bcfeb3d5906960ccfa2dbd8acd823c5990bdb124768ae79397ef5f7b19d84b74bdb173809a44cb01517023c06a6c7116b4a1d360000197d0ac4d5a709300ea4cf4b357f805fb6d9619801a6c85892f629f22d7c9ee4d9cc3277eeb15bdcf21d7656e829935145881bb46c8b765574ac2735e2d6cc8c0e42654bfa202e8a4b59c62d302ad7e684da6c5ecf05361828bc19d353094e8e4fa5805d0e927c1a1e8c8a536e5983f56dc95b0d3ed53ec9c527a98ac84bd40a93b65d4453bf9e3663e779ea3a2d5328325c5a9db387d9cab9d2c5e8328c52c2a6d6431a2214f403a72eeed4bd13358042a37daeadac229f9deb4a7d5d1552aa7e56251058c923a0001fab8e02d3dbc0f997c467f5b8f0df9598db79800248b32b2afb50ce4367e7758f135623b84743860110af013e6759fe9f827b9b636c48109ada43412a87ddcfc45e582c3ed50d45bc15bf0a1d7673c65fd8", 0x930}], 0x8}, 0x0)

5.259324703s ago: executing program 4 (id=1594):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r3, &(0x7f0000001340)=[{&(0x7f0000001280)=""/151, 0x97}], 0x1)
ioctl$TCSETS(r3, 0x5402, &(0x7f00000014c0)={0x0, 0xfffffff7, 0x0, 0x0, 0x0, "076ac74d00"})

4.910283055s ago: executing program 3 (id=1595):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f00000015c0)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
recvmmsg(r1, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000d40)=""/149, 0x95}], 0x1}}], 0x1, 0x0, 0x0)

4.549908775s ago: executing program 2 (id=1596):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000100000000000000000000faff0928000000140a010400000000000000000000000008000340000000140000001100010000000000000000000000000a"], 0x50}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0)
r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18)
writev(r1, &(0x7f0000000240)=[{}], 0x1)
openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x3, {}, 0xff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0)

3.539181403s ago: executing program 4 (id=1597):
syz_open_dev$sndpcmp(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_FORWARD(0xffffffffffffffff, 0xc0844123, 0xfffffffffffffffd)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8fff8ffffffb7fd6f560800456eba64687403a6f003000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305839, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mount$bind(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
stat(&(0x7f0000005280)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
sendto$inet(r3, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
write$UHID_INPUT(r2, &(0x7f0000001980)={0x765, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3245078b089b39353b0e1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b33300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
open(0x0, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaa2f8a46faa8ab250805000d172bd5ca9202719ef0d6acabb81f24a9d827fe054b58d79d767c063149df12c738dec9fa626362957cb6b3fe3c5ea8217832a5f6293509d0838a"], 0x0)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x60)
sendto(r3, &(0x7f00000004c0)="5189a40fc343867c92c0507f27b79bb8b418296fec48685420dae23a23600706d4aa20f9a86fdb52d956c68dccce6e24bf5d00a43113c6ea924143e4e9870e646e3911eec459210fbcc75d436f3bb5b98d7402507a61", 0x56, 0x10040885, &(0x7f0000000600)=@in6={0xa, 0x4e24, 0xe, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x14}, 0x80)
socket$inet_dccp(0x2, 0x6, 0x0)

3.352324571s ago: executing program 0 (id=1598):
mount$fuse(0x0, 0x0, &(0x7f0000000180), 0x800, &(0x7f00000005c0)=ANY=[@ANYBLOB='Xd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC, @ANYBLOB=',@\x00\x00\x00\x00\x00\x00\f=', @ANYRESHEX, @ANYRES16])
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[], 0x6)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c8001e794e4cee84d39856f4752833767be125637ee49dc79a52f2f9465718460cd05feda51bbf4206b5e7325945e5f819bbace34f7d33b43908e14fa05a0f06d9dccb7f0580fe9d42d7bf6530f1a2d22cfd5396c3c67afcdc34613911e96affd46ebd4aa6c60ca02f7648783a10deccc27340c4f24ed37dd6563758d14f732e63a853a4c71c356a6309a485ed"], 0x22)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="89070404", 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866b2ba0cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b0400000000000000000200000014000480100001800700010063740000040002800900010073797a30000000000900020073797a320000000014000000110001000000000000003a44c0c7283e00000000000a"], 0x68}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ppoll(&(0x7f0000000100)=[{r4}], 0x1, &(0x7f0000000140), 0x0, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = io_uring_setup(0x15ae, &(0x7f0000000080))
openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x121301, 0x0)
write$dsp(r0, &(0x7f00000003c0)="f9718f6099ae991ae709000c", 0xc)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES8=r6], 0x22)
socket$key(0xf, 0x3, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.352052573s ago: executing program 3 (id=1599):
r0 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r0, 0x41045508, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 1)

3.167712147s ago: executing program 2 (id=1600):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='uid_map\x00')
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
madvise(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x15)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x8)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000007c0)=@filter={'filter\x00', 0xe, 0x1, 0x12e, [0x0, 0x20000680, 0x200006b0, 0x2000077e], 0x0, &(0x7f0000000640), &(0x7f0000000680)=[{0x0, '\x00', 0x0, 0xfffffffffffffffd}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{0x11, 0x5c, 0x1, 'veth1_to_team\x00', 'ip6gretap0\x00', 'dvmrp1\x00', 'veth1_vlan\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0x0, 0x0, 0x0, 0xff], @empty, [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], 0x6e, 0x6e, 0x9e, [], [], @common=@AUDIT={'AUDIT\x00', 0x8, {{0x1}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}]}, 0x1a6)
preadv(r0, &(0x7f0000000040)=[{&(0x7f00000022c0)=""/4096, 0x1000}], 0x1, 0x25, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'})
tkill(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0x408c5333, &(0x7f0000000080))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="d4010000", @ANYRES16=r6, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r7, @ANYBLOB="0400ec000400870088002d800a"], 0x1d4}}, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x1a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000cb001b000000000000000000000000000000000000000100000000000000000000ffffffff0000000000000000000000000600000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000086dd6361696630000000000000000000000076657468315f746f5f7465616d00000073797a6b616c6c657231000000000000766574684e5f746f5f7465616d000000aaaaaaaaaabb0000000000000180c20000000000000000000000e8000000e80000001801000069703600000000110000000009000000000000000000000000000000000000005000000000000000fe80000000000000000000000400000000000000000000000000ffffac1e000000000000000000000000400000000000000000008000000000f55d227a622d003ff11a6200000000000063662100000000000006364d715600803e0049040010005f608b540000001d000000000000000028e807cc51aa2c0000000000000000"]}, 0x220)
splice(r0, &(0x7f0000000400)=0x3, r1, &(0x7f0000000480)=0x2, 0x2, 0x5)
io_uring_enter(r0, 0x471e, 0x1ed8, 0x0, &(0x7f0000000840)={[0x8000000000000000]}, 0x8)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
write$binfmt_aout(r8, 0x0, 0xc1)
readv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/134, 0x86}, {&(0x7f0000000180)=""/208, 0xd0}, {&(0x7f0000000280)=""/220, 0xdc}, {&(0x7f0000000380)=""/77, 0x4d}], 0x4)

3.031773102s ago: executing program 3 (id=1601):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000280)='./file1\x00')
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

2.685536399s ago: executing program 1 (id=1602):
socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0xfffffffe, 0x0, 0x8, 0x34c}, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r1, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$nfc_llcp(r2, 0x6, 0xc, 0x0, 0x2000e881)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000080)={{@host, 0x80000000}, @host, 0x9, 0x0, 0x2, 0x0, 0x2, 0x3})
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_tx_power}}, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_QUERYMENU(r5, 0xc040564a, &(0x7f0000000140)={0x0, 0x1, @value=0x89bb})
r6 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x505e03)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x10000000000001dd)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000200000000000000020000000c0099005e5a10002100000008002600c8140000050019010d000000"], 0x30}}, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000300)={{@host}, @host, 0x0, 0x0, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000000)={{@my=0x1, 0x4}, @my=0x1, 0x0, 0x0, 0x421, 0x0, 0x4})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r3, 0x7a9, &(0x7f00000003c0)={{@host}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8, 0x4})
socket$nl_route(0x10, 0x3, 0x0)

2.643640934s ago: executing program 3 (id=1603):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r1=>0x0})
r2 = socket(0x1, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000300)={'erspan0\x00', &(0x7f0000000000)={'gre0\x00', 0x0, 0x0, 0x8000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @empty}}}})
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000340)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x23, 0x71b, 0x100, 0x8, 0x40, 0x0, "7536aa633b9c1e81237b5580b0b9eb238137c0c9495f92169dd27ad590c601751e35f7"}}, 0x13b)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000080)={@empty, @empty, 0x0, "662a47efb7afa8d9fa55bb9d354c74fd391b1d786a74f1aef2669e00"}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500"}, 0x3c)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000040)={@remote, @empty, 0x0, "005c2beeb0801bd73c676461644cf36dfc15ea56886fff778a41757aa3ae714d"}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000200)={@dev, @multicast1, 0x0, "05888ee9654ce5db9229e6a1f0a3c9505e2ebbbc3d341ad6ad352965b867e20b"}, 0x3c)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000240)=0xa, 0x4)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000240)={0x28, 0x0, r1, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x0, r1, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x0, r1, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000})
ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x1)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000480)={0x28, 0x0, r1, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000})
pipe(&(0x7f00000045c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000003c0)=[{&(0x7f00000004c0)="17", 0x1}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15)
move_pages(0x0, 0x10, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], &(0x7f0000000040)=[0x1], 0x0, 0x0)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff2f00000000000001"])

2.461239778s ago: executing program 4 (id=1604):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000180)="6203a105d755af176510122f1eafbcf72be12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e24732faf215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7dfd652684d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f00000014c0)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44cb2e32e2bf367e9d01a5e7380cc4fc8e7c9044cc4750b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a36a8b449955e83e91b379c179017f8f4657d1b22eca6bca33036d33e1a684059c53cea91c8f637ac780ab2bcf85f774b0d4e5876fe9aee4724b7cb59731c97e70ebd706003994eb07de2f3c6a9448c320", 0xb3}, {&(0x7f0000000040)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb48bbd3b52d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000440)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a4e", 0x358}, {&(0x7f0000000280)="b8d35a42b724f5117efd3ff06558a16b478b", 0x12}, {&(0x7f000001f4c0)="550c6d32758c9c16ffa4f109b112c633892f8bee461d1744b4bf458233d3294ababe6c28c97e2640f849c401a026827bfb3d48b3b006ca", 0x37}, {&(0x7f0000000340)="87a3ec9a1f2c062344c32d723e509529b7d74109fc61f9db8b0cba55c7d4924c795715c66ce41fc8cad02e9542c6d8cbad891da12ba8837e5c65977e46c4dbec1bd1bbe39159d298ab", 0x49}, {&(0x7f0000001580)="ad6af12c03cdb303b5d935253e1200f84956b1c024fe160e42e54f67ab5cd7cc9fbeb42c9935f477642758d5c406be361302b8ffe9b87acf3aeacdad8ace6307bbd9e047f7ce4241871b59dc5abccc9cd4854df0b0a38bcd59020c8400a4f87e21a1d88247139f5ae3436a7d503898a56d39a23b35b82f23576342f8509aa577624de0cae23f00da7b812f66c5a02fd239e04494a7e4e6af8598f8d3e813f969476a09f923a4e1fcde5fa5f50d70ece3ff0fdaf03ad528013557b8719d137a8f10013c6d3af3b51d64e8a3c738c0e5efa0fe29325181a00e777cd4e13e58c474ec14a19d37f24fdd4221c598da93a2a382ed990407ed3763c102038e25870826f560760e1df44fc41663156fc2e318a11150c35390bd24a273773aa0dffe409eebf46ccdbb2e92a3f0f0febaaaebfe2155a9e2788d576cd638574963ecf57fc2822a39557abafd176a8cfafa96cbae576bee01cd6d9e186908433edf330edb6108ff927ed2b564ba7c2047f33936036b771129eafef781d65b0cfded4f2cdc1b41b525f271b4775a1f38503d12451bb7183be337e4c24d52c8967c16435550a71e6904848716dfeb22b37687e7b0c1902eb96000def74294467a8f7fb4ed90fb9553392f429e5f35d8347f6d04d1ed096fa64c29727b2c6b9ad65d6a916e772c079fcf246a1f3c88df4b7d00678eef3960ca56c1180178a9c400db7e13b0286a22955ecff46707f3af1a40694f3e84e6f053aafeb2098e6ef11c875932ef5556f1a67a7a2bd2c720036c52c5ac9a5308737e40e625d0f5fe8810b9c98bd98141e72e749002abf8977ebbd5a6c98373c6865e165426369e8e713c25a563ce425bc25c1a059a20a1ce423e687cf1330624b7b9bfb77ce8c4a7a0cc87f2501102a2292c3ec31ff36ee5feb3e2c1f40d62f01dfab40eaaec84b245ece6db0b764cd791f883db052704d46e2273d7d20ff2242d6c59b52813e438ed2e37762ce02ee331073ba7137e5226d7b0f8e0b74d93fd35378e6fe871c1b6981a2dcf08aa48505650712f697256a8ecc93d220bc041b00c4b34760851cec221d81f651361f737a46ac47965f9fd57096af6e8ee00932779fc8599a41d683d4a678cdd7ccacd94e72cc1e4f16726f25695e4bf1a18dff6551bd9cbfccbe03e9dd74d901e710e401d151b78d874ad38204ea8935c2d7c032f81337b7e390fba998249fb2dd1a96927fd6d334976fbb4f286abe7897c6f53ac85b0abc2bec314467dde487b32d1f21923877be60e8bb4989f8732dd4e32584c0ba5cc1a8bc9a63c4817ceb774d0e51a574f2fc9a703ee3f3fe77ca7bacdb7c593c5f0791e900c18ad01a6e5ad71fa24bfea2b6a8dce6058342270ad2f4ba6f55bf13a9f9454ad32d59e470c9468d5b35b29002360cce1eee9583f142362618b3a8756f2b6c51f3e69df81785b68601911d0bc8de73cf176975f0616d5f126f0046aa371a88e44d199e9abd67ffc287ab32cc83703534172c9d590af6ad33d3b345633601ed2c0c9b400762e9244e796253f44ea3954c08a1ad8b41f0eaa6f0b73d63479511d7239fcccbc4385979f998d5028e3852cbed4daeb993ab1b799bcd2fb1f3dd7e4ecd179e0ded6dfd361fa2600db7d89dec68098438be2cf3a45705a09ac4bdb0d13c55168120b5f901a87c19ba7781323486211eee0512b3a564431ac75666736752b64e54b4be9158f14e09860111bedd34b812af2d9ecd228b4e47766132f346e2de0277281b0d274d2341e102e0e795361159693546f8486cf686ad3eca71212ced4c464b661fbf45a0e158d7df68b3342b141b2906a8095cc73c6f9d071202a20ad0d8be644b8232d2cac7e21c4cf66f5c979a1f9697c32600922153af9baeb5b9f98dd3bf8ba2a8dad63bfa6b7c6bf8a06d60b376f435133ca9b4895b9fb7598a980eb1517454fd9cfec3c2e77a827dd2fe4babcd7ac109c1e27f5454cc2772660b8686307469fc67db6ed8764ca3b81b539fbf6b6d5297dd4f2fca75ec87c9ece2962fcf10f575a8cd2e220f9142d616de4c53f8863bf9cba3d19e087cdbdcaac0d1cb1fb946254b165f5eb611b28fcd64b6ec8bb3dc215c48c5b1ed42f335129c9a524abdeeb4c3c5f5d759fe4cc0eb41205c1b4081e807700399cf7b4b69b78e34e0724559fdd1e97337af0965252b5516b1e8319c0871ffe8fab0d03a3e14357275f0165a455b69e31869ed2795f421ebbba32eaad7e1f664b127671013b93108635623e308d8909467507daa9d5b4dead019d594664150355766bd705296a884e679fd05c6203872930d2ab710cf7b096c0073d355343735de5bcbb79c0c7dbba39b90027c3c9e75ef9988d3440fbf167d2364582d31db1170b5a2593ef812c678e3b9d6c4ebc18dd35fb1e539676824870a7601aca30c04b343e6b4d292e2a284ad628fc4dece2209f0d45a297b54548ce699551344fd1a2ccd04deca2ddb5224d9b1c37e915a00ae5fd9ab0cc94b5ac745ff04e4556e8ab3882b3a91e76c71e6451cf8fe01c1f784cc03f17c78a583579427b99d08a94fd9ab165c1b637009d5534132da120800faa99e14e240b363113322a1a89cc1db260bb0dff5986b5a06b8da7bde29d2f95598cc9d316d12665f5bae80e98f75cf6ee8819a87d9a18940ffc91b3547aa2804c019f19b66a1c18b9e7359cd028fc579b50fccb1f1a8397da792a6b61ffc19421b422b0423968d424b6eb6031e6de2158b384e9d4d9d82d5f8c60d32f36dc57cfd11aaf9ac58d63d7d18cd036ea05ad963171b6fc1662985fb5f639eab76deec2dc65497d0ee9e7fff7e7c41b74e2276c62846b03501da85015085bcfeb3d5906960ccfa2dbd8acd823c5990bdb124768ae79397ef5f7b19d84b74bdb173809a44cb01517023c06a6c7116b4a1d360000197d0ac4d5a709300ea4cf4b357f805fb6d9619801a6c85892f629f22d7c9ee4d9cc3277eeb15bdcf21d7656e829935145881bb46c8b765574ac2735e2d6cc8c0e42654bfa202e8a4b59c62d302ad7e684da6c5ecf05361828bc19d353094e8e4fa5805d0e927c1a1e8c8a536e5983f56dc95b0d3ed53ec9c527a98ac84bd40a93b65d4453bf9e3663e779ea3a2d5328325c5a9db387d9cab9d2c5e8328c52c2a6d6431a2214f403a72eeed4bd13358042a37daeadac229f9deb4a7d5d1552aa7e56251058c923a0001fab8e02d3dbc0f997c467f5b8f0df9598db79800248b32b2afb50ce4367e7758f135623b84743860110af013e6759fe9f827b9b636c48109ada43412a87ddcfc45e582c3ed50d45bc15bf0a1d7673c65fd8", 0x930}], 0x8}, 0x0)

2.357692107s ago: executing program 2 (id=1605):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f0000000580)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000280)={@flat=@weak_handle={0x77682a85, 0x0, 0x1}, @flat=@weak_handle, @fda}, &(0x7f0000000140)={0x0, 0x18, 0x5c}}}], 0x0, 0x0, 0x0})
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000440), 0x4, 0x2)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r6, 0xc0405602, &(0x7f00000001c0)=@fd={0x5, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x82, ';\'S;'}})

2.232985393s ago: executing program 4 (id=1606):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x20000088b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x1)
socket$caif_stream(0x25, 0x1, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000080)={'ip6erspan0\x00', @random="201a4847569b"})
socket$tipc(0x1e, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00')
read$FUSE(r0, &(0x7f00000082c0)={0x2020}, 0x2020)
ioperm(0x7, 0x81, 0x2)
futex_waitv(0x0, 0x0, 0x2, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x2004c840}, 0x4000044)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x40000000015, 0x5, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x74)
bind$nfc_llcp(r5, &(0x7f0000000280)={0x27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, "d929849825e6573561bd1ca44c226af5160e000000007760760beeab91e81597c80004da0000000200000000d2b6b9c2000000000000000000000000004000", 0x200000000000003}, 0x60)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r3, 0x0, &(0x7f0000000000), 0x0, 0x4)
listen(r2, 0x0)

2.232725276s ago: executing program 3 (id=1607):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r3, &(0x7f0000001340)=[{&(0x7f0000001280)=""/151, 0x97}], 0x1)
ioctl$TCSETS(r3, 0x5402, &(0x7f00000014c0)={0x0, 0xfffffff7, 0x0, 0x0, 0x0, "076ac74d00"})

1.284997273s ago: executing program 2 (id=1608):
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c80010000c000100030508000000000004fc000061b71808419bd7b9166299d65da957dfa518f797dc651316c182f93a2563ffb1ad684c557aef73142c3508ae9b84dfc88ea0bfcdc86d86eec53f9fdb9a001165a5b4c540d8e9862867f80f14551240c05a"], 0x15)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="04310600eeff000000"], 0x9)
preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/81, 0x51}, {&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f0000000200)=""/73, 0x49}, {&(0x7f0000000280)=""/25, 0x19}], 0x4, 0x337070cc, 0x9)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="042ffb03ffffffffffff9a04e670b5000007709d61a33823e2b6d7852bcc5976c4f4d1af24885cf83fa596c49e0755d164502406be0372a4e48f12acd8cc7f7143b1ceb560b3f6cedf60c07a68e9b50a0b85fc16c1490a3d122c8026b65b4909023a11b9cdaee2e749bd2e5071cff25964124fb4e7ff9771bad77c009836a7cd2b2a07eddba6d1b532e7adcf9decaf71966bea908a5b69a11c905948161ee64e5981c3fe4f2ceb3ee2f8a30aa41b0028f9fbaaa8fd1c7e2f482eafd6e8e8ce2e2f95d77c4e7728e65458224f9a63ddd3cb629d0f908b867bfdf92f5a3e8b9edc9771acd88f0f384653d268ccee43b53c4da52a9a639c7810897ebfe9ffffffffffff0501f8ba14ff0301b779576776e4805321e0d0cfa7bd3c1dae0196c78bbb274a8ae92e960ddfcb518a6be690064aa0e4728e31b31d05df18f497c402cb60c6aa405ab09887a05b6c2fa6fe15bd6de68171edaa68c3dcb987c18ff69a9d25cfdf5c471d6625d4fccb4228ba92c1ab1ea394caaed4e8dce4be0026e18587e7cf889613941d3bb02cef50613dd2ce1161604c47a364ba3de44970abaff444f7b061691647c4c8a4f60e6456f995ef9b8e27e0b0abb8050f11bc5096b5b43cb41e5b161b2a1328f8bafed714db3bc659f3c9961fa4e099bcbd541a9e27daacac3194639f115dc783501a9c71fd0c8cbf47df4ffd634d26387ad3f98d0977e822fd92992784613b8b1840819778c144adcaf0e5207567686efe974f41ab1930e9f73c274a3d5684f2bc932be27e34b82ff36e76fac07618570845d246af61be7a4f9d58f71876c139a1ad5870b47f5d30d4097620e624bcf7384defa2e7bd3e99779d15d87c7d8a4890db8ce086a200f0d08593a2999133fdfa362c628ebef88582f95aff34dbdd6b3c57becbf4b9f77e08692f17f92e0d85d3467f344952f902eb420fe0481c72dd8bdc54873e83dc67bc0b37bdeddf4410a58a9cc4c34dd232438354f28846ed2916056a3885753426702fe3908b4f40bf265abfb77125058869efdd6c7f9396552800"/760], 0x2fe)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket(0xa, 0x6, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x14, &(0x7f0000000040), 0x50)
listen(0xffffffffffffffff, 0x0)
accept$inet6(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="0c010010", @ANYRES16=0x0, @ANYBLOB="000300000000fbdbdf256700000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990009000000070000000800c400080000000800c300090000000800c300000000200800c300800000004400c5001fd355f7f0d979bb6d12b597509c451bf04f25fda8c09b5e9e48d0413a0f02befe6e019bd4adc9fb80c31a1120e0151e9d023e03b85f1fd99672a8061d8566dbf000c5002cf63e876057421211e5dea968676e1380e149becd172604d623eb0cb7c8821e91fb541f9e8fc38f31b1a50058f2036cf058667956e2e182a1e70a8e17849decf6b6cf3e5f510f5b2d7db664e6fd684a5f5ba41cad65dcfd904597b183305ca572e7c9a96f8f7c57626a52d786568609fc06a753ec050ba364bcf82c4a36b37a296e26ffefbd18e14a285b729b781a9104ae02200edcd26dba5c2872d87ddb08d57997f70cc2247fcc0e86e2fea9ea2eb36f0ebc1328bfc996661cbec24c6351e78201c694140b429ace4d6dd2532e4cd29845c3d4c452642c94f0e5d2fa46c21a511da11d62dba92e5d337c0800c4001f000000"], 0x184}, 0x1, 0x0, 0x0, 0x400}, 0x4040014)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1a, 0x0, 0x0, 0x8}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
ioctl$EXT4_IOC_GETFSUUID(0xffffffffffffffff, 0x8008662c, &(0x7f0000000280))
sendmsg$NFT_BATCH(r3, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc080}, 0x4004040)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000002a00090000000000000000000400002c2500118043027c2bc882152f038733a7725526362062ce174f160f6fb82027a031c2a97c79000000c2b79c50b9980e4a1bc46d21028f5d890f09e8a430c544cc6afbf3496e17d1bb08ac13e20b02929cc44c149439b1c062326022ec419a07d4603f4be9be5bd56cdf3e595cf14d1c2ab09c949c568673b13db82ff46df5cc259cae73d9a232dadad9251dd9d260f480c1c897a92df1eb146d53e1bbb8f2956e40e979521d31eb2805"], 0x3c}}, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
flock(0xffffffffffffffff, 0x0)

433.764638ms ago: executing program 3 (id=1609):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000200)={'ip_vti0\x00', 0x0, 0x0, 0x80, 0x0, 0x1e0b, {{0x20, 0x4, 0x0, 0xc, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=0x64010101, @broadcast, {[@cipso={0x86, 0x31, 0xffffffffffffffff, [{0x0, 0x2}, {0x5, 0x2}, {0x7, 0xd, "de75d7fe874c932e18c1fe"}, {0x1, 0xd, "4bf483537c5d6cad1693e6"}, {0x7, 0x4, "55fa"}, {0x5, 0x9, "6d11843ebe7c54"}]}, @cipso={0x86, 0x3b, 0x0, [{0x5, 0x10, "b842ed86dd26c0abd7762afd7f83"}, {0x7, 0x4, "bcf3"}, {0x1, 0xd, "5a99d4c9e3856b95ebd6c1"}, {0x6, 0xf, "f2e66eadf67dc49874bca46be6"}, {0x0, 0x3, 'c'}, {0x1, 0x2}]}]}}}}})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=0xffffffffffffffff, 0x4)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/vlan/config\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='GPL\x00'}, 0x90)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/kexec_crash_size', 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='afs_flock_ev\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
write$cgroup_int(r0, &(0x7f00000001c0)=0x8000, 0x12)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f00000008c0)=@broute={'broute\x00', 0x20, 0x0, 0x0, [], 0x0, 0x0, 0x0}, 0x78)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000080)={0x0, 0x0, "00fa00"})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r5, &(0x7f0000000240)=ANY=[@ANYBLOB="080386dd0a00100000004000000060ec97000fc88900fe8000400000000000000000000000aaff0200"/51], 0xffe)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000083}]})
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='ns\x00')
fchdir(r7)
socket$inet(0x2, 0x4000000805, 0x0)

8.336918ms ago: executing program 0 (id=1610):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000100000000000000000000faff0928000000140a010400000000000000000000000008000340000000140000001100010000000000000000000000000a"], 0x50}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0)
r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18)
writev(r1, &(0x7f0000000240)=[{}], 0x1)
openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x3, {}, 0xff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0)

0s ago: executing program 4 (id=1611):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffee}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x4, '\x00', 0x80000000, 0x3, 0x41}}}}]}, 0x48}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000800)={0x98c, r3, 0x4, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x30, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x94}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}]}]}, @NL80211_ATTR_TID_CONFIG={0x4ec, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x3b}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0x4d4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4c4, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8000, 0x4000, 0x401, 0x0, 0x34, 0x7, 0xfc76, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x8, 0x2, 0x0, 0x0, 0xfffa, 0x2, 0x5]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x5, 0x1000, 0x8001, 0x5b, 0x8, 0x6, 0x49c]}}]}, @NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x400, 0x4, 0xcaa5, 0x6f00, 0x1, 0x4, 0x4, 0xfffc]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x2, 0xb, 0x60, 0x9, 0x5, 0x9, 0x5, 0xb, 0x16, 0x6, 0x4, 0xb, 0x3, 0x6c, 0x48, 0x1b, 0x2, 0x6c, 0x48, 0xc, 0x0, 0x16]}]}, @NL80211_BAND_6GHZ={0x74, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4b, 0x2, [{0x2, 0xa}, {0x4, 0x2}, {0x4, 0x7}, {0x2, 0x7}, {0x4, 0x4}, {0x0, 0x9}, {0x2, 0x6}, {0x1, 0x5}, {0x3, 0x1b}, {0x7, 0x6}, {0x2, 0x6}, {0x1, 0x5}, {0x1, 0x3}, {0x7, 0x7}, {0x0, 0x4}, {0x5, 0x9}, {0x1, 0x9}, {0x0, 0x4}, {0x0, 0x5}, {0x1, 0x6}, {0x7, 0x4}, {0x0, 0x1}, {0x0, 0xa}, {0x5, 0x1}, {0x5, 0x5}, {0x3, 0x4}, {0x2, 0x4}, {0x1, 0x1}, {0x5, 0x7}, {0x0, 0xa}, {0x3, 0x9}, {0x0, 0x8}, {0x5, 0x1}, {0x7, 0x3}, {0x5, 0x4}, {0x1}, {0x0, 0x7}, {0x6}, {0x6, 0x6}, {0x2, 0x6}, {0x1, 0x2}, {0x1, 0x9}, {0x3}, {0x1, 0x19}, {0x0, 0x7}, {0x0, 0x7}, {0x1, 0x1}, {0x0, 0x2}, {0x4, 0x7}, {0x7}, {0x4, 0x6}, {0x4, 0x5}, {0x1, 0x9}, {0x2, 0x1}, {}, {0x2, 0x6}, {0x7, 0x8}, {0x5, 0x7}, {0x2, 0x6}, {0x5, 0x4}, {0x5}, {0x1}, {0x1, 0x3}, {0x1, 0xa}, {0x5, 0x9}, {0x6, 0x8}, {0x6}, {0x1, 0x6}, {0x1, 0x7}, {0x4, 0x8}, {0x2, 0x8}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x7ff, 0x9, 0xbcc8, 0x6, 0x2, 0x4, 0x5214]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3e, 0x2, [{0x1}, {0x6}, {0x5, 0x1}, {0x3, 0x6}, {0x5, 0x9}, {0x5, 0x1}, {0x3, 0x5}, {0x6, 0x5}, {0x5, 0x1}, {0x0, 0x5}, {0x4, 0x9}, {0x4, 0x7}, {0x2, 0x6}, {0x1}, {0x0, 0x8}, {0x4, 0x7}, {0x2, 0x4}, {0x1, 0x9}, {0x0, 0x5}, {0x6, 0x3}, {0x1, 0xa}, {0x1, 0x3}, {0x5, 0x18}, {0x1, 0x3}, {0x5, 0x9}, {0x2, 0x4}, {0x3, 0xa}, {0x2, 0x1}, {0x4, 0x2}, {0x1, 0x8}, {0x1, 0x9}, {0x1, 0x5}, {0x4, 0x6}, {0x5, 0x9}, {0x6, 0x4}, {0x7, 0x8}, {0x1, 0x8}, {0x5, 0xa}, {0x5, 0xa}, {0x6, 0x5}, {0x2, 0x9}, {0x1, 0x9}, {0x2, 0xa}, {0x1, 0x3}, {0x7, 0x3}, {0x5, 0x4}, {0x6}, {0x5, 0x6}, {0x1}, {0x7, 0x6}, {0x1, 0x4}, {0x0, 0x5}, {0x7, 0x5}, {0x2, 0x7}, {0x5}, {0x0, 0xa}, {0x1, 0x3}, {0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x9, 0x24, 0x12, 0x5, 0x16, 0xb, 0x1b, 0xc, 0xb, 0x9, 0x4, 0x24, 0x2, 0x2, 0xc, 0x1, 0x9, 0x16, 0x18, 0x36, 0x60, 0x5, 0x2, 0x5e64999f98b447ba, 0x36, 0x30, 0xc, 0x48, 0x60, 0x12, 0x9]}]}, @NL80211_BAND_2GHZ={0xb4, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffe, 0x370d, 0xa03d, 0x0, 0xff00, 0x400, 0x5, 0x2]}}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x6d, 0x1c, 0x1b, 0x1, 0x18, 0x5, 0x16, 0x3, 0xc, 0x24, 0x9, 0x12, 0x3, 0x16, 0x6, 0x9, 0x6b, 0xcb7491b471e97784, 0x0, 0x3, 0x30, 0x9, 0x12, 0x60, 0x4]}, @NL80211_TXRATE_HT={0x4e, 0x2, [{0x0, 0x9}, {0x4, 0x9}, {0x2, 0xa}, {}, {0x3, 0x3}, {0x5, 0x3}, {0x4, 0x8}, {0x2, 0x3}, {0x1, 0x3}, {0x2, 0x7}, {0x7, 0x4}, {0x6, 0x8}, {0x0, 0x9}, {0x7, 0x8}, {0x4, 0x8}, {0x4, 0xa}, {0x6, 0x7}, {0x7, 0x2}, {0x3, 0xa}, {0x7, 0x3}, {0x7, 0x1}, {0x1, 0x4}, {0x3, 0x4}, {0x0, 0x5}, {0x3, 0x5}, {0x6, 0x6}, {0x0, 0xa}, {0x7, 0x1}, {0x1, 0xa}, {0x0, 0x5}, {0x3, 0x5}, {0x1, 0x8}, {0x1, 0x4}, {0x7, 0x3}, {0x5, 0x1}, {0x5, 0x2}, {0x0, 0x5}, {0x0, 0x4}, {0x4, 0x1}, {0x6}, {0x3, 0x2}, {0x4, 0x5}, {0x6, 0x9}, {0x7, 0x1}, {0x3, 0x6}, {0x0, 0x6}, {0x0, 0x3}, {0x7, 0x5}, {0x1, 0x3}, {0x0, 0x1}, {0x5, 0xa}, {0x6, 0x2}, {0x0, 0x6}, {0x6, 0x2}, {0x2, 0x7}, {0x1, 0x8}, {0x4, 0x2}, {0x0, 0x9}, {0x4, 0x8}, {0x1, 0x6}, {0x4, 0x9}, {0x3, 0x1}, {0x4, 0x4}, {0x3, 0x7}, {0x0, 0x6}, {0x6, 0x9}, {0x5}, {0x1, 0x3}, {0x7, 0x6}, {0x7}, {0x6, 0x9}, {0x5, 0xa}, {0x3, 0x6}, {0x5, 0xa}]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x1b, 0x60, 0x60, 0x30, 0x5, 0x6, 0x6, 0x48, 0x5, 0x12, 0x9, 0x5, 0x6, 0x48, 0x6, 0xc, 0x9, 0x5, 0x16, 0x6c, 0x2, 0x6, 0x36, 0xb, 0x16, 0x5, 0x12, 0x3, 0x18, 0x4]}]}, @NL80211_BAND_2GHZ={0xcc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x101, 0xa, 0x3, 0x4, 0xf, 0x7, 0x101, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x0, 0x2}, {0x0, 0x9}, {0x5, 0x3}, {0x1, 0x2}, {0x5, 0x6}, {0x7, 0x8}, {0x3, 0x4}, {0x2, 0x3}, {0x4, 0x1}, {0x1, 0x4}, {0x0, 0x2}, {0x0, 0x9}, {0x2, 0x7}, {0x1, 0x2}, {0x1, 0xa}, {0x6, 0x4}, {0x1, 0x6}, {0x7, 0x1}, {0x0, 0x8}, {0x1, 0x1}, {0x2}, {0x3, 0x3}, {0x7, 0xa}, {0x2, 0x8}, {0x5, 0x7}, {0x2, 0x1}, {0x0, 0x5}, {}, {0x2, 0x3}, {0x0, 0x2}, {0x6}, {0x7, 0x9}, {0x0, 0x8}, {0x3, 0x3}, {0x6, 0x5}, {0x7, 0x7}, {0x3, 0x5}, {0x0, 0x1}, {0x0, 0x7}, {0x1, 0x8}, {0x6, 0x8}, {0x0, 0x3}, {0x6, 0x3}, {0x2, 0x6}, {0x2, 0x3}, {0x5, 0xa}, {0x0, 0x8}, {0x5, 0x8}, {0x3, 0xa}, {0x6, 0xa}, {0x5, 0x3}, {0x6, 0x4}, {0x3, 0x5}, {0x0, 0x6}, {0x0, 0x8}, {0x2, 0x9}, {0x7, 0x3}, {0x4, 0x5}, {0x3, 0x2}, {0x7, 0x9}, {0x1, 0x5}, {0x6, 0x7}, {0x7, 0x3}, {0x1, 0x2}, {0x0, 0x9}, {0x4, 0xa}, {0x3, 0x6}]}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0xb, 0x6c, 0x24, 0x1, 0x60, 0x2, 0x18, 0x2, 0x9, 0x48, 0x60, 0x36, 0xfccfb09a2932f0a1, 0xb, 0x12, 0x1]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3e7c, 0xf, 0x2, 0x6, 0x4, 0x6, 0x13, 0x54c3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6d, 0x0, 0x8, 0x9, 0x2, 0x5, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x10, 0x1, [0x9, 0x14, 0x24, 0x4, 0xc, 0x5, 0xc, 0x5, 0x36, 0x6, 0x18, 0xc]}]}, @NL80211_BAND_6GHZ={0x84, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x4, 0x1, 0x1, 0x9, 0x1b, 0x1b, 0x24, 0x7a, 0x9, 0x48]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0xa, 0x9, 0x7f, 0x4, 0x9, 0xffff, 0x1]}}, @NL80211_TXRATE_HT={0x37, 0x2, [{0x3, 0xa}, {0x4, 0x4}, {0x6, 0x1}, {0x7, 0x9}, {0x3, 0x5}, {0x4, 0x2}, {0x3, 0x6}, {0x1, 0x5}, {0x3, 0x2}, {0x7, 0x3}, {0x4, 0x8}, {0x3, 0x7}, {0x6, 0x8}, {0x7, 0x7}, {0x2, 0x8}, {0x4}, {0x5, 0x2}, {0x2, 0x4}, {0x2, 0x1}, {0x2, 0x7}, {0x2, 0x3}, {0x1, 0x4}, {0x0, 0x8}, {0x7, 0x6}, {0x7}, {0x6, 0xa}, {0x2, 0x6}, {0x4}, {0x0, 0x1}, {0x3}, {0x7, 0x2}, {0x4, 0x6}, {0x4, 0xa}, {0x0, 0x5}, {0x1, 0x2}, {0x6, 0x8}, {0x4, 0x3}, {0x3, 0x8}, {0x6, 0x5}, {0x7, 0x4}, {0x0, 0x5}, {0x7, 0x6}, {0x5, 0xa}, {0x5, 0x9}, {0x1, 0x9}, {0x1, 0x3}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x2}, {0x1, 0xa}, {0x0, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x8, 0xe, 0x0, 0x8, 0x40, 0x7f, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0xf0, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2e8, 0x7f, 0x9, 0x7, 0x7, 0x17, 0x2, 0x7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x101, 0x4, 0x3, 0xb17, 0x5, 0xec, 0x7a25, 0x4]}}, @NL80211_TXRATE_HT={0x21, 0x2, [{0x3, 0x4}, {0x6}, {0x2, 0x8}, {0x4}, {0x6, 0x6}, {0x1, 0x1}, {0x0, 0x8}, {0x7, 0x5}, {0x5, 0x8}, {}, {0x5, 0x3}, {0x3}, {0x5, 0x4}, {0x5, 0x2}, {0x1, 0x7}, {0x7, 0x6}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x4, 0x2}, {0x3, 0x4}, {0x0, 0x4}, {0x0, 0x5}, {0x2, 0x9}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x9}, {0x1, 0x7}, {0x3, 0x6}]}, @NL80211_TXRATE_HT={0x20, 0x2, [{0x0, 0x2}, {0x5, 0x3}, {0x3, 0x8}, {0x5, 0x2}, {0x0, 0x1}, {0x1}, {0x3, 0x9}, {0x7}, {0x0, 0x2}, {0x5, 0x1}, {0x7, 0x7}, {0x0, 0xa}, {0x3, 0x9}, {0x3, 0x5}, {0x2, 0x7}, {0x0, 0x6}, {0x6, 0xa}, {0x5, 0x1}, {0x3}, {0x6, 0xa}, {0x2, 0x4}, {0x5, 0x6}, {0x4, 0x8}, {0x7, 0x5}, {0x6}, {0x4, 0x4}, {0x6, 0x5}, {0x3}]}, @NL80211_TXRATE_HT={0x2e, 0x2, [{0x3, 0x4}, {0x3, 0x9}, {0x4, 0x1}, {0x1}, {0x3, 0x4}, {0x0, 0x3}, {0x5}, {0x7, 0x9}, {0x6, 0x2}, {0x3}, {0x1, 0x3}, {0x6, 0x5}, {0x4, 0x2}, {0x7, 0x1}, {0x3, 0x7}, {0x1, 0x9}, {0x4, 0x8}, {0x1, 0x3}, {0x2}, {0x4, 0x8}, {0x2, 0x7}, {0x4, 0x5}, {0x2, 0x7}, {0x6, 0x5}, {0x0, 0x2}, {0x3, 0x3}, {0x1, 0x6}, {0x2, 0x6}, {0x6, 0x7}, {0x1, 0x9}, {0x1, 0x5}, {0x0, 0x1}, {}, {0x3, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {0x0, 0x3}, {0x5, 0x3}, {0x2, 0xa}, {0x5, 0x3}, {0x4}, {0x0, 0x5}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x1, 0xc, 0x1b, 0x60, 0x18, 0x1b, 0x9, 0xb, 0x48, 0x30, 0x4, 0x4, 0x9, 0x24, 0x30, 0x3, 0x1b, 0x12, 0x6c, 0x48, 0x12, 0x0, 0x36, 0x6c, 0x3, 0x48, 0x60, 0x33, 0xb, 0x6, 0x30, 0x5]}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x2, 0x1]}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x0, 0x3, 0xb, 0x6, 0x1b, 0x2f, 0x5, 0x12, 0x30, 0x3f, 0x6, 0x2, 0x1, 0x48, 0x1a, 0x9, 0x6c, 0x39, 0x24, 0xc, 0xc, 0x41, 0x2]}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5f5f, 0x4ac, 0x8, 0x3, 0x4e, 0x100, 0x5, 0x5]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xa}]}]}, @NL80211_ATTR_TID_CONFIG={0x1c, 0x11d, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x506}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x89}]}]}, @NL80211_ATTR_TID_CONFIG={0x70, 0x11d, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xfffffffffffffffb}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x2b}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xd4}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x184, 0x11d, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x100000001}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x4}, {0xdc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xc0, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x84, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x800, 0x3, 0x40, 0x10, 0x6, 0x1ff, 0xffff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe87, 0x8, 0x7, 0x4, 0xd, 0x8601, 0xe, 0x7]}}, @NL80211_TXRATE_HT={0x1f, 0x2, [{0x7, 0x3}, {0x3, 0x4}, {0x5, 0x8}, {0x4, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {0x4, 0x3}, {0x7, 0x9}, {0x1, 0x5}, {0x2, 0x8}, {0x5, 0x6}, {0x6, 0x1}, {0x0, 0x4}, {0x1, 0x4}, {0x2}, {0x7, 0xa}, {0x5, 0x1}, {0x2, 0xa}, {0x7, 0xa}, {0x4, 0x3}, {0x7}, {0x7, 0x6}, {0x3, 0xa}, {0x0, 0x6}, {0x7, 0x1}, {0x4}]}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x18, 0x48, 0x60, 0x60, 0xc, 0xc, 0x18, 0xc, 0x6c, 0x1b, 0xb, 0x6c, 0x12, 0x3, 0x60]}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x12, 0x16, 0x36, 0xb, 0x30, 0x6c, 0x3, 0x30, 0x6c, 0x5, 0x4, 0x3, 0x2, 0x1, 0x48, 0x1b, 0x5e, 0x24, 0x5, 0x6c, 0x6c, 0x1, 0x9, 0x1]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x30, 0x6c, 0x4, 0x0, 0x18, 0xc, 0x60, 0x36, 0x6, 0x5, 0x6, 0x9, 0xb, 0x6c, 0x30, 0x36, 0x4d, 0x4, 0x1b, 0x6, 0x0, 0xc, 0x3c, 0x2f, 0x1, 0x12, 0x18, 0x60, 0x9, 0x36, 0x5, 0x16]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x49}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xeb}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xe0}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xe0}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}, @NL80211_ATTR_TID_CONFIG={0x30, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7fffffffffffffff}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x1c4, 0x11d, 0x0, 0x1, [{0x150, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x118, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x64, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x45, 0x2, [{0x4, 0x7}, {0x7, 0x1}, {0x0, 0x3}, {0x1}, {0x0, 0x4}, {0x6, 0x1}, {0x2, 0x7}, {0x1, 0x7}, {0x1, 0xa}, {0x1}, {0x6, 0x5}, {0x5, 0xa}, {0x1, 0x7}, {0x3, 0x1}, {0x5, 0x3}, {0x6, 0x3}, {0x4, 0x4}, {0x7}, {0x1, 0x7}, {0x2, 0x6}, {0x4}, {0x4, 0x6}, {0x5, 0x4}, {0x4, 0x6}, {0x6, 0x3}, {0x5, 0x5}, {0x6, 0x7}, {0x7, 0x4}, {0x1}, {0x7, 0x2}, {}, {0x0, 0x6}, {0x7, 0x9}, {0x3, 0x7}, {0x7, 0x8}, {0x1, 0x8}, {0x0, 0x5}, {0x7, 0x8}, {0x2, 0x1}, {0x7, 0x9}, {0x7}, {0x1, 0xa}, {0x6, 0x7}, {0x0, 0x4}, {0x0, 0x5}, {0x5, 0x5}, {0x3, 0x9}, {0x3, 0x7}, {0x2, 0x3}, {0x4}, {0x2, 0x5}, {0x6, 0xa}, {0x6, 0x6}, {0x6, 0x8}, {0x4, 0x2}, {0x6, 0x2}, {0x6, 0x1}, {0x4, 0x4}, {0x5, 0x5}, {0x4, 0xa}, {0x7, 0x6}, {0x2, 0x8}, {0x1, 0x4}, {0x1}, {0x4, 0x8}]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x5e, 0x9, 0x3, 0xe, 0x6, 0x800, 0x8]}}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x731, 0x1000, 0xf, 0x5, 0x4, 0xfff, 0x2, 0x4]}}, @NL80211_TXRATE_HT={0x2f, 0x2, [{0x4}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x1}, {0x3, 0x9}, {0x1}, {0x6, 0x5}, {0x2, 0x2}, {0x0, 0x9}, {0x5, 0x1}, {0x4, 0x4}, {0x2, 0x4}, {0x7, 0x9}, {0x7, 0xa}, {0x4, 0x4}, {0x7, 0x7}, {0x1, 0x3}, {0x5, 0x7}, {0x2, 0x1}, {0x7}, {0x3, 0xa}, {0x5, 0x7}, {0x0, 0x1}, {0x2, 0x8}, {0x6, 0x9}, {0x1, 0x4}, {0x0, 0x3}, {0x1, 0x2}, {0x4, 0x2}, {0x4}, {0x0, 0x8}, {0x6, 0x6}, {0x6, 0x9}, {0x1, 0x6}, {0x1}, {0x2, 0x7}, {0x6, 0x8}, {0x1, 0x5}, {0x4, 0x9}, {0x4, 0x6}, {0x1, 0x8}, {0x5, 0x8}, {0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x8, 0x32f4, 0xff68, 0x200, 0x100, 0x6, 0x2]}}]}, @NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x10, 0x2, 0x6, 0x204, 0x31, 0x1, 0x9, 0xc778]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfe00, 0x9, 0x9, 0x81, 0x1, 0xc, 0x1, 0xd]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}]}]}]}, {0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x48, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x199}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6f}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x72}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x58, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xa6}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5e}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x14}]}]}]}, 0x98c}, 0x1, 0x0, 0x0, 0x4}, 0x14)

kernel console output (not intermixed with test programs):

10
[  834.640565][T10576]  netlink_sendmsg+0x8b8/0xd70
[  834.645388][T10576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  834.650814][T10576]  ? __import_iovec+0x1fd/0x6e0
[  834.655948][T10576]  ____sys_sendmsg+0xab5/0xc90
[  834.660749][T10576]  ? copy_msghdr_from_user+0x10b/0x160
[  834.666959][T10576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  834.672373][T10576]  ? __pfx___futex_wait+0x10/0x10
[  834.677433][T10576]  ? __pfx___lock_acquire+0x10/0x10
[  834.682954][T10576]  ___sys_sendmsg+0x135/0x1e0
[  834.687900][T10576]  ? __pfx____sys_sendmsg+0x10/0x10
[  834.693154][T10576]  ? __fget_light+0x173/0x210
[  834.697865][T10576]  __sys_sendmsg+0x117/0x1f0
[  834.702514][T10576]  ? __pfx___sys_sendmsg+0x10/0x10
[  834.707683][T10576]  ? __x64_sys_futex+0x1e1/0x4c0
[  834.712750][T10576]  do_syscall_64+0xcd/0x250
[  834.717306][T10576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.723258][T10576] RIP: 0033:0x7fe54fd75bd9
[  834.727700][T10576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  834.747354][T10576] RSP: 002b:00007fe54f7de048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  834.755895][T10576] RAX: ffffffffffffffda RBX: 00007fe54ff04038 RCX: 00007fe54fd75bd9
[  834.763892][T10576] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007
[  834.772162][T10576] RBP: 00007fe54fde4aa1 R08: 0000000000000000 R09: 0000000000000000
[  834.780696][T10576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  834.788899][T10576] R13: 000000000000006e R14: 00007fe54ff04038 R15: 00007fffbf7a0098
[  834.797606][T10576]  </TASK>
[  834.963042][T10586] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  834.969618][T10586] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  835.012441][T10586] vhci_hcd vhci_hcd.0: Device attached
[  835.051410][T10360] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  835.167607][T10590] vhci_hcd: connection closed
[  835.176186][   T51] vhci_hcd: stop threads
[  835.198614][T10360] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  835.234732][   T51] vhci_hcd: release socket
[  835.239490][   T51] vhci_hcd: disconnect device
[  835.254350][    T8] vhci_hcd: vhci_device speed not set
[  835.321223][T10360] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  835.371654][T10360] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  835.902933][T10149] 8021q: adding VLAN 0 to HW filter on device batadv0
[  836.581271][T10360] 8021q: adding VLAN 0 to HW filter on device bond0
[  836.638408][T10360] 8021q: adding VLAN 0 to HW filter on device team0
[  836.662852][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  836.670443][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  836.747087][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  836.755158][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  836.974297][T10360] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  836.990060][T10360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  838.850888][T10631] binder: BINDER_SET_CONTEXT_MGR already set
[  838.857804][T10631] binder: 10623:10631 ioctl 4018620d 20000040 returned -16
[  840.090551][ T4479] Bluetooth: hci6: SCO packet for unknown connection handle 200
[  840.638442][T10360] 8021q: adding VLAN 0 to HW filter on device batadv0
[  841.037422][T10649] netlink: 'syz.2.1273': attribute type 5 has an invalid length.
[  841.127548][T10360] veth0_vlan: entered promiscuous mode
[  841.197607][T10360] veth1_vlan: entered promiscuous mode
[  841.325174][T10649] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  841.331769][T10649] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  841.354919][T10649] vhci_hcd vhci_hcd.0: Device attached
[  841.433509][ T5093] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  841.444799][ T5093] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  841.454765][ T5093] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  841.470917][ T5093] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  841.486447][ T5093] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  841.495969][ T5093] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  841.679632][    T9] vhci_hcd: vhci_device speed not set
[  841.813688][    T9] usb 13-1: new full-speed USB device number 3 using vhci_hcd
[  841.832121][T10654] vhci_hcd: connection closed
[  841.834927][ T2470] vhci_hcd: stop threads
[  841.867268][ T2470] vhci_hcd: release socket
[  841.887186][ T2470] vhci_hcd: disconnect device
[  842.811295][T10360] veth0_macvtap: entered promiscuous mode
[  843.570341][ T5093] Bluetooth: hci1: command tx timeout
[  844.204952][T10360] veth1_macvtap: entered promiscuous mode
[  844.471539][ T5093] Bluetooth: hci7: unexpected event 0x2f length: 763 > 260
[  844.476824][T10360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  844.530029][T10360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  844.550256][T10360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  844.561210][T10360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  844.573408][T10360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  844.584307][T10360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  844.606516][T10360] batman_adv: batadv0: Interface activated: batadv_slave_0
[  844.674361][T10360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  844.714787][T10360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  844.726908][T10360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  844.737849][T10360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  844.756644][T10360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  844.770846][T10360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  844.796372][T10360] batman_adv: batadv0: Interface activated: batadv_slave_1
[  845.243894][T10360] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  845.260161][T10360] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  845.286876][T10360] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  845.309675][T10360] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  845.563290][T10674] sysfs: cannot create duplicate filename '/class/ieee80211/C|+È‚!‡3§rU&6 bÎOo¸ ' 1©|y'
[  845.576313][T10674] CPU: 0 PID: 10674 Comm: syz.2.1276 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  845.586541][T10674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  845.596725][T10674] Call Trace:
[  845.596741][T10674]  <TASK>
[  845.596754][T10674]  dump_stack_lvl+0x16c/0x1f0
[  845.596802][T10674]  sysfs_warn_dup+0x7f/0xa0
[  845.612382][T10674]  sysfs_do_create_link_sd+0x124/0x140
[  845.617944][T10674]  sysfs_create_link+0x61/0xc0
[  845.622864][T10674]  device_add+0x62e/0x1a70
[  845.627443][T10674]  ? __pfx_device_add+0x10/0x10
[  845.632456][T10674]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  845.638424][T10674]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  845.644534][T10674]  wiphy_register+0x2101/0x2d00
[  845.649473][T10674]  ? __pfx_wiphy_register+0x10/0x10
[  845.654828][T10674]  ieee80211_register_hw+0x2683/0x43b0
[  845.660546][T10674]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  845.666406][T10674]  ? lockdep_init_map_type+0x16d/0x7d0
[  845.671921][T10674]  ? __asan_memset+0x23/0x50
[  845.676551][T10674]  ? __hrtimer_init+0x106/0x2c0
[  845.681436][T10674]  mac80211_hwsim_new_radio+0x22f6/0x4e50
[  845.687240][T10674]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  845.693403][T10674]  ? hwsim_new_radio_nl+0x9b6/0x1240
[  845.698734][T10674]  ? __asan_memcpy+0x3c/0x60
[  845.703371][T10674]  hwsim_new_radio_nl+0xaf9/0x1240
[  845.708617][T10674]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  845.714207][T10674]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  845.721636][T10674]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  845.729056][T10674]  genl_family_rcv_msg_doit+0x202/0x2f0
[  845.734650][T10674]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  845.740774][T10674]  ? ns_capable+0xd7/0x110
[  845.745232][T10674]  genl_rcv_msg+0x565/0x800
[  845.749786][T10674]  ? __pfx_genl_rcv_msg+0x10/0x10
[  845.754852][T10674]  ? __pfx___lock_acquire+0x10/0x10
[  845.760116][T10674]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  845.765792][T10674]  netlink_rcv_skb+0x16b/0x440
[  845.770601][T10674]  ? __pfx_genl_rcv_msg+0x10/0x10
[  845.775758][T10674]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  845.781097][T10674]  ? down_read+0xc9/0x330
[  845.785472][T10674]  ? __pfx_down_read+0x10/0x10
[  845.790367][T10674]  ? netlink_deliver_tap+0x1ae/0xd90
[  845.795693][T10674]  genl_rcv+0x28/0x40
[  845.799719][T10674]  netlink_unicast+0x542/0x820
[  845.804526][T10674]  ? __pfx_netlink_unicast+0x10/0x10
[  845.809850][T10674]  netlink_sendmsg+0x8b8/0xd70
[  845.814657][T10674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  845.820077][T10674]  ____sys_sendmsg+0xab5/0xc90
[  845.824968][T10674]  ? copy_msghdr_from_user+0x10b/0x160
[  845.830482][T10674]  ? __pfx_____sys_sendmsg+0x10/0x10
[  845.835799][T10674]  ? __pfx___futex_wait+0x10/0x10
[  845.840857][T10674]  ? __pfx___lock_acquire+0x10/0x10
[  845.846098][T10674]  ? try_to_wake_up+0x14b/0x13e0
[  845.851076][T10674]  ___sys_sendmsg+0x135/0x1e0
[  845.855798][T10674]  ? __pfx____sys_sendmsg+0x10/0x10
[  845.861050][T10674]  ? __fget_light+0x173/0x210
[  845.865858][T10674]  __sys_sendmsg+0x117/0x1f0
[  845.870488][T10674]  ? __pfx___sys_sendmsg+0x10/0x10
[  845.875724][T10674]  ? __x64_sys_futex+0x1e1/0x4c0
[  845.880796][T10674]  do_syscall_64+0xcd/0x250
[  845.885347][T10674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.891288][T10674] RIP: 0033:0x7ff732b75bd9
[  845.895731][T10674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  845.915633][T10674] RSP: 002b:00007ff73399a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  845.924274][T10674] RAX: ffffffffffffffda RBX: 00007ff732d04110 RCX: 00007ff732b75bd9
[  845.932278][T10674] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007
[  845.940275][T10674] RBP: 00007ff732be4aa1 R08: 0000000000000000 R09: 0000000000000000
[  845.948285][T10674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  845.956383][T10674] R13: 000000000000006e R14: 00007ff732d04110 R15: 00007ffd9842e908
[  845.964482][T10674]  </TASK>
[  845.990193][ T5093] Bluetooth: hci1: command tx timeout
[  846.175719][   T61] bridge_slave_1: left allmulticast mode
[  846.211863][   T61] bridge_slave_1: left promiscuous mode
[  846.236317][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  846.285967][   T61] bridge_slave_0: left allmulticast mode
[  846.539755][   T61] bridge_slave_0: left promiscuous mode
[  846.570583][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  846.982648][    T9] vhci_hcd: vhci_device speed not set
[  848.010953][ T5093] Bluetooth: hci1: command tx timeout
[  850.461105][ T5093] Bluetooth: hci1: command tx timeout
[  856.874260][ T5093] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  857.497046][ T4479] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  857.552956][ T4479] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  857.570274][ T4479] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  857.603011][ T4479] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  857.613853][ T4479] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  857.630500][ T4479] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  857.772477][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  857.809736][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  857.826523][   T61] bond0 (unregistering): Released all slaves
[  858.169571][ T5093] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  858.251270][T10653] chnl_net:caif_netlink_parms(): no params data found
[  858.391766][T10712] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  858.426345][T10712] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  858.489125][   T61] hsr_slave_0: left promiscuous mode
[  858.522762][   T61] hsr_slave_1: left promiscuous mode
[  858.543053][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  858.565720][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  859.690434][ T5093] Bluetooth: hci3: command tx timeout
[  859.791334][   T61] team0 (unregistering): Port device team_slave_1 removed
[  859.982656][   T61] team0 (unregistering): Port device team_slave_0 removed
[  860.095095][ T5093] Bluetooth: hci6: command 0x0406 tx timeout
[  862.056186][T10741] binder: BINDER_SET_CONTEXT_MGR already set
[  862.062771][T10741] binder: 10738:10741 ioctl 4018620d 20000040 returned -16
[  862.354727][ T5093] Bluetooth: hci3: command tx timeout
[  863.172456][ T2451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  863.187383][ T2451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  863.220166][ T2451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  863.257533][ T2451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  863.368961][T10653] bridge0: port 1(bridge_slave_0) entered blocking state
[  863.387562][T10653] bridge0: port 1(bridge_slave_0) entered disabled state
[  863.398196][T10653] bridge_slave_0: entered allmulticast mode
[  863.406684][T10653] bridge_slave_0: entered promiscuous mode
[  863.495140][T10754] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[  863.495140][T10754]    program syz.0.1292 not setting count and/or reply_len properly
[  864.347630][T10653] bridge0: port 2(bridge_slave_1) entered blocking state
[  864.394091][T10653] bridge0: port 2(bridge_slave_1) entered disabled state
[  864.422100][ T5093] Bluetooth: hci3: command tx timeout
[  864.432465][T10653] bridge_slave_1: entered allmulticast mode
[  864.476682][T10653] bridge_slave_1: entered promiscuous mode
[  865.224186][T10653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  865.291280][T10653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  865.914032][T10653] team0: Port device team_slave_0 added
[  865.952374][T10653] team0: Port device team_slave_1 added
[  866.032975][ T5093] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  866.490169][ T5093] Bluetooth: hci3: command tx timeout
[  867.049051][T10774] netdevsim netdevsim0: Direct firmware load for ng failed with error -2
[  867.059475][T10653] batman_adv: batadv0: Adding interface: batadv_slave_0
[  867.080808][T10774] netdevsim netdevsim0: Falling back to sysfs fallback for: ng
[  867.090295][T10653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  867.177108][T10653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  867.505515][ T2892] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.615347][T10653] batman_adv: batadv0: Adding interface: batadv_slave_1
[  867.651370][T10653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  867.695452][ T5093] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  867.704463][ T5093] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  867.790238][T10653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  867.921610][ T5093] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  867.930699][ T5093] Bluetooth: hci0: command 0x0406 tx timeout
[  867.946364][ T2892] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.279851][ T2892] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.350459][T10705] chnl_net:caif_netlink_parms(): no params data found
[  868.809093][T10799] binder: BINDER_SET_CONTEXT_MGR already set
[  868.816003][T10799] binder: 10796:10799 ioctl 4018620d 20000040 returned -16
[  869.824046][ T2892] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  869.920274][ T5093] Bluetooth: hci6: SCO packet for unknown connection handle 200
[  869.942972][T10653] hsr_slave_0: entered promiscuous mode
[  869.968500][T10653] hsr_slave_1: entered promiscuous mode
[  869.976832][T10653] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  870.008540][T10653] Cannot create hsr debugfs directory
[  870.504413][T10804] netlink: 'syz.3.1300': attribute type 5 has an invalid length.
[  870.604643][T10804] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  870.611251][T10804] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  870.649099][T10804] vhci_hcd vhci_hcd.0: Device attached
[  870.767940][T10811] vhci_hcd: connection closed
[  870.768502][   T61] vhci_hcd: stop threads
[  870.801079][   T61] vhci_hcd: release socket
[  870.838717][   T61] vhci_hcd: disconnect device
[  870.843816][ T5172] vhci_hcd: vhci_device speed not set
[  870.857784][T10705] bridge0: port 1(bridge_slave_0) entered blocking state
[  870.868293][T10705] bridge0: port 1(bridge_slave_0) entered disabled state
[  870.885606][T10705] bridge_slave_0: entered allmulticast mode
[  870.909066][T10705] bridge_slave_0: entered promiscuous mode
[  870.972043][T10705] bridge0: port 2(bridge_slave_1) entered blocking state
[  870.984835][T10705] bridge0: port 2(bridge_slave_1) entered disabled state
[  871.002204][T10705] bridge_slave_1: entered allmulticast mode
[  871.033459][T10705] bridge_slave_1: entered promiscuous mode
[  871.179120][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807f569400: rx timeout, send abort
[  871.191582][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807f56a800: rx timeout, send abort
[  871.335276][T10705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  871.403179][T10705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  871.689683][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807f569400: abort rx timeout. Force session deactivation
[  871.710101][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807f56a800: abort rx timeout. Force session deactivation
[  872.027015][T10831] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[  872.027015][T10831]    program syz.0.1302 not setting count and/or reply_len properly
[  872.655735][T10705] team0: Port device team_slave_0 added
[  872.679369][T10705] team0: Port device team_slave_1 added
[  873.166418][ T2892] bridge_slave_1: left allmulticast mode
[  873.180015][ T2892] bridge_slave_1: left promiscuous mode
[  873.189891][ T2892] bridge0: port 2(bridge_slave_1) entered disabled state
[  873.229001][ T2892] bridge_slave_0: left allmulticast mode
[  873.256772][ T2892] bridge_slave_0: left promiscuous mode
[  873.267491][ T2892] bridge0: port 1(bridge_slave_0) entered disabled state
[  873.277418][ T5093] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  874.339646][   T29] audit: type=1400 audit(1720210700.533:751): avc:  denied  { ioctl } for  pid=10844 comm="syz.1.1305" path="/dev/vhost-net" dev="devtmpfs" ino=1084 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  874.678391][ T2892] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  874.718855][ T2892] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  874.741933][ T2892] bond0 (unregistering): Released all slaves
[  874.854553][T10841] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  874.877971][T10841] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  875.130151][ T5093] Bluetooth: hci6: command 0x0406 tx timeout
[  875.214799][T10705] batman_adv: batadv0: Adding interface: batadv_slave_0
[  875.455606][T10705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  875.499546][T10705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  875.663551][T10862] binder: BINDER_SET_CONTEXT_MGR already set
[  875.673665][T10862] binder: 10857:10862 ioctl 4018620d 20000040 returned -16
[  875.857021][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  875.863645][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  876.281780][T10705] batman_adv: batadv0: Adding interface: batadv_slave_1
[  876.338557][T10705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  876.476631][T10705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  876.674317][ T5093] Bluetooth: hci6: SCO packet for unknown connection handle 200
[  876.971255][T10705] hsr_slave_0: entered promiscuous mode
[  877.010918][T10705] hsr_slave_1: entered promiscuous mode
[  877.030586][T10705] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  877.047621][T10705] Cannot create hsr debugfs directory
[  878.242545][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88802a4fa800: rx timeout, send abort
[  878.459625][T10890] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1312'.
[  878.516951][ T2892] hsr_slave_0: left promiscuous mode
[  878.522451][   T29] audit: type=1326 audit(1720210704.713:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  878.549335][ T2892] hsr_slave_1: left promiscuous mode
[  878.557095][ T2892] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  878.564653][ T2892] batman_adv: batadv0: Removing interface: batadv_slave_0
[  878.572313][   T29] audit: type=1326 audit(1720210704.743:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  878.600690][ T2892] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  878.608172][ T2892] batman_adv: batadv0: Removing interface: batadv_slave_1
[  878.630196][   T29] audit: type=1326 audit(1720210704.823:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  878.671179][ T2892] veth0_macvtap: left promiscuous mode
[  878.676947][ T2892] veth1_vlan: left promiscuous mode
[  878.682296][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88802a4fb800: rx timeout, send abort
[  878.694587][   T29] audit: type=1326 audit(1720210704.823:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  878.726528][ T2892] veth0_vlan: left promiscuous mode
[  878.734703][   T29] audit: type=1326 audit(1720210704.823:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  878.758687][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88802a4fa800: abort rx timeout. Force session deactivation
[  878.811296][   T29] audit: type=1326 audit(1720210704.923:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  878.934533][   T29] audit: type=1326 audit(1720210704.933:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  879.019640][   T29] audit: type=1326 audit(1720210704.933:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  879.190689][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88802a4fb800: abort rx timeout. Force session deactivation
[  879.310193][   T29] audit: type=1326 audit(1720210704.943:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10888 comm="syz.0.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  881.596476][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x10
[  881.603620][ T5093] Bluetooth: Wrong link type (-22)
[  881.608904][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x11
[  881.615863][ T5093] Bluetooth: Wrong link type (-22)
[  881.621715][ T5093] Bluetooth: hci2: link tx timeout
[  881.628117][ T5093] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  882.057072][ T2892] team0 (unregistering): Port device team_slave_1 removed
[  882.246951][T10912] binder: BINDER_SET_CONTEXT_MGR already set
[  882.253764][T10912] binder: 10909:10912 ioctl 4018620d 20000040 returned -16
[  883.026301][ T2892] team0 (unregistering): Port device team_slave_0 removed
[  883.456219][ T5093] Bluetooth: hci2: command tx timeout
[  883.946426][T10907] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  883.971083][T10907] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  884.850382][T10653] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  884.960983][T10653] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  885.104042][T10653] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  885.180970][T10653] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  885.530571][ T4479] Bluetooth: hci2: command 0x0406 tx timeout
[  886.038132][T10653] 8021q: adding VLAN 0 to HW filter on device bond0
[  886.133894][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88807f07f800: rx timeout, send abort
[  886.142562][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88807f07e400: rx timeout, send abort
[  886.222641][T10705] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  886.312457][T10705] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  886.342834][T10653] 8021q: adding VLAN 0 to HW filter on device team0
[  886.364345][T10705] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  886.397818][T10705] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  886.438770][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  886.446224][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  886.555874][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  886.563251][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  886.642306][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88807f07f800: abort rx timeout. Force session deactivation
[  886.656250][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88807f07e400: abort rx timeout. Force session deactivation
[  889.305852][T10966] binder: BINDER_SET_CONTEXT_MGR already set
[  889.312418][T10966] binder: 10959:10966 ioctl 4018620d 20000040 returned -16
[  890.016605][T10705] 8021q: adding VLAN 0 to HW filter on device bond0
[  890.243341][T10705] 8021q: adding VLAN 0 to HW filter on device team0
[  890.295661][ T5172] bridge0: port 1(bridge_slave_0) entered blocking state
[  890.302968][ T5172] bridge0: port 1(bridge_slave_0) entered forwarding state
[  890.372929][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state
[  890.380793][ T5172] bridge0: port 2(bridge_slave_1) entered forwarding state
[  890.964851][T10653] 8021q: adding VLAN 0 to HW filter on device batadv0
[  891.673856][T10705] 8021q: adding VLAN 0 to HW filter on device batadv0
[  891.789997][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  891.790022][   T29] audit: type=1326 audit(1720210717.983:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  891.947636][   T29] audit: type=1326 audit(1720210718.033:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.048292][T10705] veth0_vlan: entered promiscuous mode
[  892.124759][T10705] veth1_vlan: entered promiscuous mode
[  892.140094][   T29] audit: type=1326 audit(1720210718.033:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.215994][   T29] audit: type=1326 audit(1720210718.053:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.296230][   T29] audit: type=1326 audit(1720210718.053:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.498084][   T29] audit: type=1326 audit(1720210718.053:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.510528][T10705] veth0_macvtap: entered promiscuous mode
[  892.596493][T10705] veth1_macvtap: entered promiscuous mode
[  892.631733][   T29] audit: type=1326 audit(1720210718.093:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.750202][   T29] audit: type=1326 audit(1720210718.093:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.835631][   T29] audit: type=1326 audit(1720210718.093:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.839788][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  892.902817][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.919290][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  892.932037][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.942736][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  892.953338][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.967529][   T29] audit: type=1326 audit(1720210718.093:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.3.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe54fd75bd9 code=0x7ffc0000
[  892.992570][T10705] batman_adv: batadv0: Interface activated: batadv_slave_0
[  893.018261][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.151120][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x10
[  893.157714][ T5093] Bluetooth: Wrong link type (-22)
[  893.163764][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x11
[  893.170800][ T5093] Bluetooth: Wrong link type (-22)
[  893.183629][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.207876][ T5093] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  893.289069][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.382030][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.406377][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.492993][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.597806][T10705] batman_adv: batadv0: Interface activated: batadv_slave_1
[  893.681684][T10705] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  893.717184][T10705] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  893.742468][T10705] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  893.789806][T10705] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  893.862375][T11009] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  893.887730][T11009] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  894.144219][T10653] veth0_vlan: entered promiscuous mode
[  894.373835][T10653] veth1_vlan: entered promiscuous mode
[  894.639432][   T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  894.680968][   T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  894.827143][T10653] veth0_macvtap: entered promiscuous mode
[  894.973211][ T4479] Bluetooth: hci6: command 0x0406 tx timeout
[  894.990692][T10653] veth1_macvtap: entered promiscuous mode
[  894.990700][ T5093] Bluetooth: hci2: command 0x0406 tx timeout
[  895.510915][ T8830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  895.694396][ T8830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  895.890158][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  895.949714][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  895.977657][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.009879][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.038042][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.062325][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.094033][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.170036][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.213972][T10653] batman_adv: batadv0: Interface activated: batadv_slave_0
[  896.249501][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.624690][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.659244][T11054] binder: BINDER_SET_CONTEXT_MGR already set
[  896.665535][T11054] binder: 11049:11054 ioctl 4018620d 20000040 returned -16
[  896.761343][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.872983][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  897.010451][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  897.145962][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  897.206802][T10653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  897.273644][T10653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  897.523090][T10653] batman_adv: batadv0: Interface activated: batadv_slave_1
[  897.660190][T11059] netlink: 'syz.2.1282': attribute type 5 has an invalid length.
[  897.689207][T10653] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  897.752036][T10653] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  897.787418][T10653] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  897.820011][T10653] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  898.151230][T11059] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  898.157836][T11059] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  898.531864][T11072] binder: BINDER_SET_CONTEXT_MGR already set
[  898.537952][T11072] binder: 11065:11072 ioctl 4018620d 20000040 returned -16
[  899.358526][T11059] vhci_hcd vhci_hcd.0: Device attached
[  899.559225][T11069] vhci_hcd: connection closed
[  899.560553][ T8830] vhci_hcd: stop threads
[  899.603200][ T8830] vhci_hcd: release socket
[  899.612326][ T8830] vhci_hcd: disconnect device
[  899.630603][    T8] vhci_hcd: vhci_device speed not set
[  899.849333][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  899.849366][   T29] audit: type=1326 audit(1720210726.043:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  899.892575][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  899.944989][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  899.953179][   T29] audit: type=1326 audit(1720210726.063:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.100833][   T29] audit: type=1326 audit(1720210726.293:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.176383][   T29] audit: type=1326 audit(1720210726.303:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.286879][   T29] audit: type=1326 audit(1720210726.323:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.385169][   T29] audit: type=1326 audit(1720210726.343:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.467922][   T29] audit: type=1326 audit(1720210726.343:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.522336][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  900.550554][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  900.571680][   T29] audit: type=1326 audit(1720210726.343:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  900.730697][   T29] audit: type=1326 audit(1720210726.463:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  901.106335][   T29] audit: type=1326 audit(1720210726.463:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb698175bd9 code=0x7ffc0000
[  901.326332][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x10
[  901.333329][ T5093] Bluetooth: Wrong link type (-22)
[  901.338725][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x11
[  901.345870][ T5093] Bluetooth: Wrong link type (-22)
[  901.463282][T11091] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[  901.571150][T11091] netdevsim netdevsim2: Falling back to sysfs fallback for: ng
[  902.121692][ T4479] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  902.152385][ T4479] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  902.174039][ T4479] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  902.200783][ T4479] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  902.214445][ T4479] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  902.230714][ T4479] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  902.825806][ T5093] Bluetooth: hci3: command tx timeout
[  903.520307][   T61] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.974762][T11125] binder: BINDER_SET_CONTEXT_MGR already set
[  903.982913][T11125] binder: 11120:11125 ioctl 4018620d 20000040 returned -16
[  904.340978][ T5093] Bluetooth: hci4: command tx timeout
[  905.119865][   T61] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  905.443764][   T61] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  905.886096][   T61] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  906.410430][ T5093] Bluetooth: hci4: command tx timeout
[  906.689455][T11103] chnl_net:caif_netlink_parms(): no params data found
[  906.905365][   T61] bridge_slave_1: left allmulticast mode
[  906.917968][   T61] bridge_slave_1: left promiscuous mode
[  906.947074][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  907.041476][   T61] bridge_slave_0: left allmulticast mode
[  907.062300][   T61] bridge_slave_0: left promiscuous mode
[  907.068294][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  908.509687][ T5093] Bluetooth: hci4: command tx timeout
[  909.237552][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  909.269465][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  909.300712][   T61] bond0 (unregistering): Released all slaves
[  909.373343][T11186] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[  909.373343][T11186]    program syz.0.1352 not setting count and/or reply_len properly
[  910.570834][ T5093] Bluetooth: hci4: command tx timeout
[  912.303057][T11203] binder: BINDER_SET_CONTEXT_MGR already set
[  912.309119][T11203] binder: 11197:11203 ioctl 4018620d 20000040 returned -16
[  913.250389][T11103] bridge0: port 1(bridge_slave_0) entered blocking state
[  913.263710][T11103] bridge0: port 1(bridge_slave_0) entered disabled state
[  913.280638][T11103] bridge_slave_0: entered allmulticast mode
[  913.289377][T11103] bridge_slave_0: entered promiscuous mode
[  913.622872][T11103] bridge0: port 2(bridge_slave_1) entered blocking state
[  913.657317][T11103] bridge0: port 2(bridge_slave_1) entered disabled state
[  913.687646][T11103] bridge_slave_1: entered allmulticast mode
[  913.703274][T11103] bridge_slave_1: entered promiscuous mode
[  914.269887][T11103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  914.348721][T11103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  914.830127][   T61] hsr_slave_0: left promiscuous mode
[  914.879669][   T61] hsr_slave_1: left promiscuous mode
[  914.902871][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  914.962273][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  914.977947][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  915.016112][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  915.285796][   T61] veth1_macvtap: left promiscuous mode
[  915.292707][   T61] veth0_macvtap: left promiscuous mode
[  915.298600][   T61] veth1_vlan: left promiscuous mode
[  915.313029][   T61] veth0_vlan: left promiscuous mode
[  916.177984][T11249] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[  916.177984][T11249]    program syz.0.1363 not setting count and/or reply_len properly
[  918.757190][   T61] team0 (unregistering): Port device team_slave_1 removed
[  918.887154][   T61] team0 (unregistering): Port device team_slave_0 removed
[  921.950327][T11271] binder: BINDER_SET_CONTEXT_MGR already set
[  921.956892][T11271] binder: 11267:11271 ioctl 4018620d 20000040 returned -16
[  924.031816][ T4479] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  924.056617][ T4479] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  924.077207][ T4479] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  924.099157][ T4479] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  924.114416][ T4479] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  924.130983][ T4479] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  924.392827][T11103] team0: Port device team_slave_0 added
[  924.760252][T11103] team0: Port device team_slave_1 added
[  925.386657][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  925.386684][   T29] audit: type=1400 audit(1720210751.583:841): avc:  denied  { setopt } for  pid=11294 comm="syz.2.1374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  925.500415][T11103] batman_adv: batadv0: Adding interface: batadv_slave_0
[  925.545479][T11103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  925.673439][T11103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  925.739123][T11103] batman_adv: batadv0: Adding interface: batadv_slave_1
[  925.762408][T11103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  925.856659][   T29] audit: type=1400 audit(1720210752.033:842): avc:  denied  { setopt } for  pid=11298 comm="syz.2.1376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  925.885491][T11103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  926.171034][ T5093] Bluetooth: hci1: command tx timeout
[  926.441724][T11103] hsr_slave_0: entered promiscuous mode
[  926.470613][T11103] hsr_slave_1: entered promiscuous mode
[  926.488206][T11103] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  926.512832][T11103] Cannot create hsr debugfs directory
[  927.774145][   T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  928.254403][ T5093] Bluetooth: hci1: command tx timeout
[  929.093591][   T61] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  930.030803][   T61] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  930.262416][   T61] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  930.330372][ T5093] Bluetooth: hci1: command tx timeout
[  930.507348][   T29] audit: type=1400 audit(1720210756.703:843): avc:  denied  { listen } for  pid=11342 comm="syz.0.1383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  930.532977][   T29] audit: type=1400 audit(1720210756.723:844): avc:  denied  { getopt } for  pid=11342 comm="syz.0.1383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  930.583884][   T29] audit: type=1400 audit(1720210756.783:845): avc:  denied  { setopt } for  pid=11342 comm="syz.0.1383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  931.317055][T11284] chnl_net:caif_netlink_parms(): no params data found
[  931.713526][   T61] bridge_slave_1: left allmulticast mode
[  931.740528][   T61] bridge_slave_1: left promiscuous mode
[  931.757197][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  931.889727][   T61] bridge_slave_0: left allmulticast mode
[  931.932648][   T61] bridge_slave_0: left promiscuous mode
[  931.978508][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.410278][ T5093] Bluetooth: hci1: command tx timeout
[  933.961854][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  934.010425][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  934.274144][   T61] bond0 (unregistering): Released all slaves
[  936.446731][T11103] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  936.773277][T11103] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  936.865899][T11406] sp0: Synchronizing with TNC
[  937.034074][T11284] bridge0: port 1(bridge_slave_0) entered blocking state
[  937.051384][T11284] bridge0: port 1(bridge_slave_0) entered disabled state
[  937.080812][T11284] bridge_slave_0: entered allmulticast mode
[  937.089382][T11284] bridge_slave_0: entered promiscuous mode
[  937.100017][T11103] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  937.119876][T11103] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  937.204600][   T61] hsr_slave_0: left promiscuous mode
[  937.219446][   T61] hsr_slave_1: left promiscuous mode
[  937.231819][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  937.268240][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  937.298483][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  937.299437][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  937.320237][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  937.320788][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  937.421775][   T61] veth1_macvtap: left promiscuous mode
[  937.427527][   T61] veth0_macvtap: left promiscuous mode
[  937.440285][   T61] veth1_vlan: left promiscuous mode
[  937.448235][   T61] veth0_vlan: left promiscuous mode
[  941.582717][   T29] audit: type=1400 audit(1720210767.773:846): avc:  denied  { ioctl } for  pid=11436 comm="syz.2.1402" path="socket:[41206]" dev="sockfs" ino=41206 ioctlcmd=0x891c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  941.640281][   T61] team0 (unregistering): Port device team_slave_1 removed
[  941.704694][   T61] team0 (unregistering): Port device team_slave_0 removed
[  942.439381][T11284] bridge0: port 2(bridge_slave_1) entered blocking state
[  942.446931][T11284] bridge0: port 2(bridge_slave_1) entered disabled state
[  942.459021][T11284] bridge_slave_1: entered allmulticast mode
[  942.481716][T11284] bridge_slave_1: entered promiscuous mode
[  942.715242][T11284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  942.978560][T11446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1405'.
[  943.076073][T11284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  943.473139][   T29] audit: type=1400 audit(1720210769.663:847): avc:  denied  { setopt } for  pid=11443 comm="syz.0.1405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  943.505062][T11284] team0: Port device team_slave_0 added
[  943.578496][T11284] team0: Port device team_slave_1 added
[  943.884658][T11284] batman_adv: batadv0: Adding interface: batadv_slave_0
[  943.910002][T11284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  944.010368][T11284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  944.067320][T11284] batman_adv: batadv0: Adding interface: batadv_slave_1
[  944.100169][T11284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  944.192339][T11284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  944.530906][T11284] hsr_slave_0: entered promiscuous mode
[  944.600832][T11284] hsr_slave_1: entered promiscuous mode
[  945.858036][T11103] 8021q: adding VLAN 0 to HW filter on device bond0
[  946.157827][T11103] 8021q: adding VLAN 0 to HW filter on device team0
[  947.659313][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state
[  947.666680][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  947.717076][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state
[  947.724356][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  947.735534][ T5093] Bluetooth: hci6: SCO packet for unknown connection handle 200
[  947.780102][  T929] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  948.020589][  T929] usb 3-1: Using ep0 maxpacket: 16
[  948.062352][  T929] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  948.092305][  T929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  948.119561][  T929] usb 3-1: Product: syz
[  948.135952][  T929] usb 3-1: Manufacturer: syz
[  948.149686][  T929] usb 3-1: SerialNumber: syz
[  948.220700][T11495] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[  948.220700][T11495]    program syz.0.1413 not setting count and/or reply_len properly
[  948.304662][  T929] usb 3-1: config 0 descriptor??
[  949.166926][  T929] usb 3-1: USB disconnect, device number 8
[  949.215358][T11103] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  949.789165][T11284] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  949.843518][T11284] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  949.920860][T11284] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  950.011740][T11331] udevd[11331]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  950.079445][T11284] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  950.432781][T11103] 8021q: adding VLAN 0 to HW filter on device batadv0
[  951.322972][T11284] 8021q: adding VLAN 0 to HW filter on device bond0
[  951.584103][T11284] 8021q: adding VLAN 0 to HW filter on device team0
[  951.737993][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state
[  951.745306][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  951.841641][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state
[  951.849600][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  952.514131][T11103] veth0_vlan: entered promiscuous mode
[  952.658488][T11103] veth1_vlan: entered promiscuous mode
[  952.937635][T11103] veth0_macvtap: entered promiscuous mode
[  952.988684][T11103] veth1_macvtap: entered promiscuous mode
[  953.845638][T11103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  953.957290][T11103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  954.020002][T11103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  954.090099][T11103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  954.138840][T11103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  954.202280][T11103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  954.256894][T11103] batman_adv: batadv0: Interface activated: batadv_slave_0
[  954.415525][T11103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  954.452834][T11103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  954.505702][T11103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  954.533380][T11103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  954.549960][T11103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  954.573269][T11103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  954.603160][T11103] batman_adv: batadv0: Interface activated: batadv_slave_1
[  954.735167][T11103] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  954.770000][T11103] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  954.800163][T11103] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  954.808945][T11103] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  954.991065][T11284] 8021q: adding VLAN 0 to HW filter on device batadv0
[  955.537799][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  955.640179][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  955.824865][T11284] veth0_vlan: entered promiscuous mode
[  955.950146][ T8632] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  955.968450][T11284] veth1_vlan: entered promiscuous mode
[  955.990455][ T8632] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.246626][T11284] veth0_macvtap: entered promiscuous mode
[  956.313697][T11284] veth1_macvtap: entered promiscuous mode
[  956.532885][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  956.636685][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  956.676610][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  956.730723][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  956.772509][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  956.846361][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  956.919195][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  956.931323][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  956.954732][T11284] batman_adv: batadv0: Interface activated: batadv_slave_0
[  957.035213][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.095874][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.168156][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.217322][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.270697][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.303445][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.363948][T11284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.410002][T11284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.444090][T11284] batman_adv: batadv0: Interface activated: batadv_slave_1
[  957.561658][T11284] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  957.615781][T11284] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  957.650165][T11284] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  957.690235][T11284] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  958.328363][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  958.393260][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  958.647315][ T5093] Bluetooth: hci6: command 0x0406 tx timeout
[  960.170185][T11630] binder: BINDER_SET_CONTEXT_MGR already set
[  960.176242][T11630] binder: 11624:11630 ioctl 4018620d 20000040 returned -16
[  960.862279][ T8830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  960.930086][ T8830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  961.113872][   T29] audit: type=1400 audit(1720210787.283:848): avc:  denied  { append } for  pid=11643 comm="syz.0.1431" name="rtc0" dev="devtmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  961.240073][   T29] audit: type=1400 audit(1720210787.363:849): avc:  denied  { setopt } for  pid=11643 comm="syz.0.1431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  962.296472][   T29] audit: type=1400 audit(1720210788.493:850): avc:  denied  { accept } for  pid=11657 comm="syz.3.1434" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  964.540680][T11693] binder: BINDER_SET_CONTEXT_MGR already set
[  964.546981][T11693] binder: 11687:11693 ioctl 4018620d 20000040 returned -16
[  965.504263][   T29] audit: type=1400 audit(1720210791.703:851): avc:  denied  { write } for  pid=11695 comm="syz.2.1441" name="nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  965.648007][   T29] audit: type=1400 audit(1720210791.743:852): avc:  denied  { map } for  pid=11695 comm="syz.2.1441" path="/dev/nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  965.797294][   T29] audit: type=1400 audit(1720210791.743:853): avc:  denied  { execute } for  pid=11695 comm="syz.2.1441" path="/dev/nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  965.890908][T11701] FAULT_INJECTION: forcing a failure.
[  965.890908][T11701] name failslab, interval 1, probability 0, space 0, times 0
[  965.963363][T11701] CPU: 0 PID: 11701 Comm: syz.3.1443 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  965.973602][T11701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  965.983703][T11701] Call Trace:
[  965.987029][T11701]  <TASK>
[  965.990023][T11701]  dump_stack_lvl+0x16c/0x1f0
[  965.994765][T11701]  should_fail_ex+0x497/0x5b0
[  965.999503][T11701]  should_failslab+0x9/0x20
[  966.004076][T11701]  __kmalloc_node_noprof+0xd5/0x440
[  966.009335][T11701]  ? kvmalloc_node_noprof+0x9d/0x1a0
[  966.014789][T11701]  kvmalloc_node_noprof+0x9d/0x1a0
[  966.020066][T11701]  file_tty_write.constprop.0+0x6ef/0x9b0
[  966.025854][T11701]  vfs_write+0x6b6/0x1140
[  966.030269][T11701]  ? __pfx_tty_write+0x10/0x10
[  966.035187][T11701]  ? __pfx_vfs_write+0x10/0x10
[  966.040027][T11701]  ? __fget_files+0x256/0x400
[  966.044820][T11701]  ? __fget_light+0x173/0x210
[  966.049554][T11701]  ksys_write+0x12f/0x260
[  966.053972][T11701]  ? __pfx_ksys_write+0x10/0x10
[  966.058898][T11701]  do_syscall_64+0xcd/0x250
[  966.063463][T11701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.069518][T11701] RIP: 0033:0x7fe54fd75bd9
[  966.073987][T11701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  966.093739][T11701] RSP: 002b:00007fe54f7ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  966.102192][T11701] RAX: ffffffffffffffda RBX: 00007fe54ff03f60 RCX: 00007fe54fd75bd9
[  966.110187][T11701] RDX: 0000000000001006 RSI: 0000000020002080 RDI: 0000000000000004
[  966.118180][T11701] RBP: 00007fe54f7ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  966.126270][T11701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.134460][T11701] R13: 000000000000000b R14: 00007fe54ff03f60 R15: 00007fffbf7a0098
[  966.142469][T11701]  </TASK>
[  966.303196][T11707] team0: entered promiscuous mode
[  966.383662][ T5074] IPVS: starting estimator thread 0...
[  966.395938][   T29] audit: type=1400 audit(1720210792.363:854): avc:  denied  { ioctl } for  pid=11695 comm="syz.2.1441" path="/dev/nullb0" dev="devtmpfs" ino=681 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  966.422453][T11707] team_slave_0: entered promiscuous mode
[  966.428466][T11707] team_slave_1: entered promiscuous mode
[  966.510326][T11708] IPVS: using max 14 ests per chain, 33600 per kthread
[  966.708161][ T5093] Bluetooth: hci6: unexpected event 0x2f length: 763 > 260
[  967.118303][T11714] sysfs: cannot create duplicate filename '/class/ieee80211/C|+È‚!‡3§rU&6 bÎOo¸ ' 1©|y'
[  967.240039][T11714] CPU: 1 PID: 11714 Comm: syz.3.1446 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  967.250287][T11714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  967.260404][T11714] Call Trace:
[  967.263725][T11714]  <TASK>
[  967.266695][T11714]  dump_stack_lvl+0x16c/0x1f0
[  967.271447][T11714]  sysfs_warn_dup+0x7f/0xa0
[  967.276031][T11714]  sysfs_do_create_link_sd+0x124/0x140
[  967.281670][T11714]  sysfs_create_link+0x61/0xc0
[  967.286603][T11714]  device_add+0x62e/0x1a70
[  967.291119][T11714]  ? __pfx_device_add+0x10/0x10
[  967.296046][T11714]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  967.302011][T11714]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  967.308098][T11714]  wiphy_register+0x2101/0x2d00
[  967.313108][T11714]  ? __pfx_wiphy_register+0x10/0x10
[  967.318908][T11714]  ieee80211_register_hw+0x2683/0x43b0
[  967.324446][T11714]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  967.330326][T11714]  ? lockdep_init_map_type+0x16d/0x7d0
[  967.335899][T11714]  ? __asan_memset+0x23/0x50
[  967.340563][T11714]  ? __hrtimer_init+0x106/0x2c0
[  967.345567][T11714]  mac80211_hwsim_new_radio+0x22f6/0x4e50
[  967.351360][T11714]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  967.357476][T11714]  ? hwsim_new_radio_nl+0x9b6/0x1240
[  967.362804][T11714]  ? __asan_memcpy+0x3c/0x60
[  967.367532][T11714]  hwsim_new_radio_nl+0xaf9/0x1240
[  967.372721][T11714]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  967.378412][T11714]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  967.385836][T11714]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  967.393263][T11714]  genl_family_rcv_msg_doit+0x202/0x2f0
[  967.398856][T11714]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  967.404981][T11714]  ? ns_capable+0xd7/0x110
[  967.409434][T11714]  genl_rcv_msg+0x565/0x800
[  967.413984][T11714]  ? __pfx_genl_rcv_msg+0x10/0x10
[  967.419079][T11714]  ? __pfx___lock_acquire+0x10/0x10
[  967.424327][T11714]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  967.429924][T11714]  netlink_rcv_skb+0x16b/0x440
[  967.434730][T11714]  ? __pfx_genl_rcv_msg+0x10/0x10
[  967.439800][T11714]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  967.445220][T11714]  ? down_read+0xc9/0x330
[  967.449589][T11714]  ? __pfx_down_read+0x10/0x10
[  967.454402][T11714]  ? netlink_deliver_tap+0x1ae/0xd90
[  967.459739][T11714]  genl_rcv+0x28/0x40
[  967.463803][T11714]  netlink_unicast+0x542/0x820
[  967.468609][T11714]  ? __pfx_netlink_unicast+0x10/0x10
[  967.473937][T11714]  netlink_sendmsg+0x8b8/0xd70
[  967.478831][T11714]  ? __pfx_netlink_sendmsg+0x10/0x10
[  967.484162][T11714]  ? __import_iovec+0x1fd/0x6e0
[  967.489055][T11714]  ____sys_sendmsg+0xab5/0xc90
[  967.493848][T11714]  ? copy_msghdr_from_user+0x10b/0x160
[  967.499341][T11714]  ? __pfx_____sys_sendmsg+0x10/0x10
[  967.504658][T11714]  ? __pfx___futex_wait+0x10/0x10
[  967.509711][T11714]  ? __pfx___lock_acquire+0x10/0x10
[  967.514953][T11714]  ___sys_sendmsg+0x135/0x1e0
[  967.519670][T11714]  ? __pfx____sys_sendmsg+0x10/0x10
[  967.524914][T11714]  ? __fget_light+0x173/0x210
[  967.529627][T11714]  __sys_sendmsg+0x117/0x1f0
[  967.534258][T11714]  ? __pfx___sys_sendmsg+0x10/0x10
[  967.539413][T11714]  ? __x64_sys_futex+0x1e1/0x4c0
[  967.544394][T11714]  do_syscall_64+0xcd/0x250
[  967.548942][T11714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  967.554882][T11714] RIP: 0033:0x7fe54fd75bd9
[  967.559319][T11714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  967.578955][T11714] RSP: 002b:00007fe54f7ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  967.587409][T11714] RAX: ffffffffffffffda RBX: 00007fe54ff03f60 RCX: 00007fe54fd75bd9
[  967.595415][T11714] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007
[  967.603499][T11714] RBP: 00007fe54fde4aa1 R08: 0000000000000000 R09: 0000000000000000
[  967.611492][T11714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  967.619658][T11714] R13: 000000000000000b R14: 00007fe54ff03f60 R15: 00007fffbf7a0098
[  967.627745][T11714]  </TASK>
[  967.929623][T11703] team0: left promiscuous mode
[  967.954541][T11703] team_slave_0: left promiscuous mode
[  967.973540][T11703] team_slave_1: left promiscuous mode
[  969.713692][   T29] audit: type=1400 audit(1720210795.903:855): avc:  denied  { call } for  pid=11731 comm="syz.3.1451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  970.000090][   T29] audit: type=1400 audit(1720210795.913:856): avc:  denied  { transfer } for  pid=11731 comm="syz.3.1451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  971.711839][T11757] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1457'.
[  973.750153][ T4479] Bluetooth: hci4: command 0x0406 tx timeout
[  973.874589][   T29] audit: type=1400 audit(1720210800.073:857): avc:  denied  { create } for  pid=11752 comm="syz.1.1457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  974.398843][T11783] FAULT_INJECTION: forcing a failure.
[  974.398843][T11783] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  974.413960][T11783] CPU: 0 PID: 11783 Comm: syz.2.1461 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  974.424363][T11783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  974.434469][T11783] Call Trace:
[  974.437876][T11783]  <TASK>
[  974.440837][T11783]  dump_stack_lvl+0x16c/0x1f0
[  974.445706][T11783]  should_fail_ex+0x497/0x5b0
[  974.450462][T11783]  _copy_from_user+0x30/0xf0
[  974.455107][T11783]  copy_msghdr_from_user+0x99/0x160
[  974.460369][T11783]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  974.466330][T11783]  ? __pfx___lock_acquire+0x10/0x10
[  974.471592][T11783]  ? finish_task_switch.isra.0+0x212/0xcc0
[  974.477449][T11783]  ? __pfx_lock_release+0x10/0x10
[  974.482537][T11783]  ___sys_sendmsg+0xff/0x1e0
[  974.487190][T11783]  ? __pfx____sys_sendmsg+0x10/0x10
[  974.492458][T11783]  ? __fget_light+0x173/0x210
[  974.497188][T11783]  __sys_sendmsg+0x117/0x1f0
[  974.501833][T11783]  ? __pfx___sys_sendmsg+0x10/0x10
[  974.507016][T11783]  do_syscall_64+0xcd/0x250
[  974.511584][T11783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.517557][T11783] RIP: 0033:0x7f3fee375bd9
[  974.522012][T11783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  974.541936][T11783] RSP: 002b:00007f3fef192048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  974.550402][T11783] RAX: ffffffffffffffda RBX: 00007f3fee504110 RCX: 00007f3fee375bd9
[  974.558411][T11783] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000004
[  974.566421][T11783] RBP: 00007f3fef1920a0 R08: 0000000000000000 R09: 0000000000000000
[  974.574451][T11783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  974.582459][T11783] R13: 000000000000006e R14: 00007f3fee504110 R15: 00007ffef14b0608
[  974.590566][T11783]  </TASK>
[  975.417240][T11785] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1463'.
[  975.501010][   T29] audit: type=1400 audit(1720210801.703:858): avc:  denied  { getopt } for  pid=11789 comm="syz.1.1464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  975.967430][ T5093] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  975.978963][ T5093] Bluetooth: hci1: Injecting HCI hardware error event
[  975.993803][ T5093] Bluetooth: hci1: hardware error 0x00
[  977.938702][ T5138] IPVS: starting estimator thread 0...
[  978.090335][T11820] IPVS: using max 14 ests per chain, 33600 per kthread
[  978.327152][T11822] FAULT_INJECTION: forcing a failure.
[  978.327152][T11822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  978.418313][T11822] CPU: 1 PID: 11822 Comm: syz.1.1473 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  978.428553][T11822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  978.438833][T11822] Call Trace:
[  978.442154][T11822]  <TASK>
[  978.445209][T11822]  dump_stack_lvl+0x16c/0x1f0
[  978.450031][T11822]  should_fail_ex+0x497/0x5b0
[  978.454774][T11822]  _copy_to_user+0x30/0xc0
[  978.459252][T11822]  simple_read_from_buffer+0xd0/0x160
[  978.464706][T11822]  proc_fail_nth_read+0x1b0/0x290
[  978.469809][T11822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  978.475520][T11822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  978.481132][T11822]  vfs_read+0x1d4/0xbd0
[  978.485363][T11822]  ? __pfx_lock_release+0x10/0x10
[  978.490562][T11822]  ? __fdget_pos+0xeb/0x180
[  978.495134][T11822]  ? __pfx_vfs_read+0x10/0x10
[  978.499877][T11822]  ? __pfx___mutex_lock+0x10/0x10
[  978.504969][T11822]  ? __fget_files+0x256/0x400
[  978.509752][T11822]  ksys_read+0x12f/0x260
[  978.514328][T11822]  ? __pfx_ksys_read+0x10/0x10
[  978.519168][T11822]  do_syscall_64+0xcd/0x250
[  978.524041][T11822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.530085][T11822] RIP: 0033:0x7f486dd746bc
[  978.534533][T11822] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  978.554272][T11822] RSP: 002b:00007f486ec36040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  978.562714][T11822] RAX: ffffffffffffffda RBX: 00007f486df03f60 RCX: 00007f486dd746bc
[  978.570718][T11822] RDX: 000000000000000f RSI: 00007f486ec360b0 RDI: 0000000000000004
[  978.578795][T11822] RBP: 00007f486ec360a0 R08: 0000000000000000 R09: 0000000000000000
[  978.586876][T11822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  978.594869][T11822] R13: 000000000000000b R14: 00007f486df03f60 R15: 00007ffc1df5a728
[  978.602866][T11822]  </TASK>
[  978.688729][T11825] tipc: Started in network mode
[  978.701010][T11825] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  978.731390][ T5093] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  978.746363][   T29] audit: type=1400 audit(1720210804.943:859): avc:  denied  { unmount } for  pid=11284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  978.776458][T11825] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  979.892886][ T5074] tipc: Node number set to 10136234
[  980.040740][T11834] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  980.156916][T11834] kvm: pic: non byte read
[  980.420226][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  980.643521][    T9] usb 2-1: Using ep0 maxpacket: 32
[  980.651700][T11852] FAULT_INJECTION: forcing a failure.
[  980.651700][T11852] name failslab, interval 1, probability 0, space 0, times 0
[  980.676255][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  980.699213][T11852] CPU: 0 PID: 11852 Comm: syz.2.1481 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  980.709461][T11852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  980.719653][T11852] Call Trace:
[  980.722971][T11852]  <TASK>
[  980.725936][T11852]  dump_stack_lvl+0x16c/0x1f0
[  980.730694][T11852]  should_fail_ex+0x497/0x5b0
[  980.735427][T11852]  should_failslab+0x9/0x20
[  980.740000][T11852]  __kmalloc_noprof+0xcf/0x410
[  980.744811][T11852]  ? __pfx_lock_acquire+0x10/0x10
[  980.749909][T11852]  tomoyo_realpath_from_path+0xb9/0x720
[  980.755512][T11852]  ? tomoyo_profile+0x47/0x60
[  980.760258][T11852]  tomoyo_path_number_perm+0x245/0x590
[  980.765964][T11852]  ? tomoyo_path_number_perm+0x232/0x590
[  980.772119][T11852]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  980.778195][T11852]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  980.784334][T11852]  ? __fget_files+0x256/0x400
[  980.789077][T11852]  security_file_ioctl+0x75/0xc0
[  980.794086][T11852]  __x64_sys_ioctl+0xbb/0x220
[  980.798824][T11852]  do_syscall_64+0xcd/0x250
[  980.803393][T11852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.809395][T11852] RIP: 0033:0x7f3fee375bd9
[  980.813834][T11852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.833577][T11852] RSP: 002b:00007f3fef1d4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  980.842018][T11852] RAX: ffffffffffffffda RBX: 00007f3fee503f60 RCX: 00007f3fee375bd9
[  980.850108][T11852] RDX: 0000000020000180 RSI: 00000000000007aa RDI: 0000000000000003
[  980.858100][T11852] RBP: 00007f3fef1d40a0 R08: 0000000000000000 R09: 0000000000000000
[  980.866100][T11852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  980.874090][T11852] R13: 000000000000000b R14: 00007f3fee503f60 R15: 00007ffef14b0608
[  980.882122][T11852]  </TASK>
[  980.889653][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  980.909648][ T5172] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  980.910097][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  980.941385][    T9] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  980.960805][    T9] usb 2-1: Product: syz
[  980.965039][    T9] usb 2-1: Manufacturer: syz
[  980.969792][T11852] ERROR: Out of memory at tomoyo_realpath_from_path.
[  980.996299][    T9] hub 2-1:4.0: USB hub found
[  981.140317][ T5172] usb 5-1: Using ep0 maxpacket: 8
[  981.166073][ T5172] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  981.229758][ T5172] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  981.229808][ T5172] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  981.230211][ T5172] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  981.230287][ T5172] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  981.230364][ T5172] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  981.230441][ T5172] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  981.363242][T11861] team0: entered promiscuous mode
[  981.363277][T11861] team_slave_0: entered promiscuous mode
[  981.363622][T11861] team_slave_1: entered promiscuous mode
[  981.548271][ T5172] usb 5-1: usb_control_msg returned -32
[  981.554237][ T5172] usbtmc 5-1:16.0: can't read capabilities
[  981.635448][   T29] audit: type=1400 audit(1720210807.833:860): avc:  denied  { ioctl } for  pid=11844 comm="syz.1.1478" path="socket:[43814]" dev="sockfs" ino=43814 ioctlcmd=0x6628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  981.662945][T11845] syz.1.1478 uses old SIOCAX25GETINFO
[  981.698933][ T5152] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  981.898075][    T9] hub 2-1:4.0: config failed, can't read hub descriptor (err -22)
[  981.912663][   T29] audit: type=1400 audit(1720210808.113:861): avc:  denied  { write } for  pid=11847 comm="syz.4.1479" name="usbtmc0" dev="devtmpfs" ino=2609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  981.936313][ T5152] usb 1-1: Using ep0 maxpacket: 16
[  982.007601][ T5152] usb 1-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  982.031270][    T9] usb 2-1: USB disconnect, device number 4
[  982.049242][ T5152] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.066159][ T5152] usb 1-1: Product: syz
[  982.068106][T11869] usbtmc 5-1:16.0: control status returned 0
[  982.079948][ T5152] usb 1-1: Manufacturer: syz
[  982.085007][ T5152] usb 1-1: SerialNumber: syz
[  982.131748][ T5152] usb 1-1: config 0 descriptor??
[  982.155346][ T5152] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  982.273674][ T5172] usb 5-1: USB disconnect, device number 7
[  982.397073][ T5093] Bluetooth: hci0: Unknown advertising packet type: 0x74
[  982.473309][T11876] input: syz0 as /devices/virtual/input/input26
[  982.688612][T11858] team0: left promiscuous mode
[  982.715003][T11858] team_slave_0: left promiscuous mode
[  982.748235][T11858] team_slave_1: left promiscuous mode
[  983.755823][   T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  984.140628][   T25] usb 2-1: Using ep0 maxpacket: 8
[  984.172195][   T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  984.251977][ T5152] gp8psk: usb in 128 operation failed.
[  984.268339][   T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  984.288702][ T5152] gp8psk: usb in 137 operation failed.
[  984.295145][ T5152] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  984.305330][   T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  984.316257][   T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  984.331520][ T5152] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[  984.351213][   T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  984.377970][ T5152] usb 1-1: media controller created
[  984.387607][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  984.659485][   T25] usb 2-1: GET_CAPABILITIES returned 0
[  984.696027][ T5152] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  984.757306][   T25] usbtmc 2-1:16.0: can't read capabilities
[  984.925183][   T25] usb 2-1: USB disconnect, device number 5
[  985.047077][ T5152] gp8psk_fe: Frontend revision 1 attached
[  985.072523][ T5152] usb 1-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  985.110252][ T5152] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  985.561031][ T5152] gp8psk: usb in 138 operation failed.
[  985.566618][ T5152] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[  985.579044][T11898] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  985.659235][ T5152] gp8psk: found Genpix USB device pID = 201 (hex)
[  985.662099][T11898] kvm: pic: non byte read
[  985.728763][ T5152] usb 1-1: USB disconnect, device number 8
[  986.191999][ T5152] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[  986.702918][T11918] FAULT_INJECTION: forcing a failure.
[  986.702918][T11918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  986.750159][T11918] CPU: 0 PID: 11918 Comm: syz.1.1497 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  986.760394][T11918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  986.770498][T11918] Call Trace:
[  986.773820][T11918]  <TASK>
[  986.776788][T11918]  dump_stack_lvl+0x16c/0x1f0
[  986.781510][T11918]  should_fail_ex+0x497/0x5b0
[  986.786246][T11918]  _copy_from_user+0x30/0xf0
[  986.790870][T11918]  copy_msghdr_from_user+0x99/0x160
[  986.796107][T11918]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  986.801952][T11918]  ? __pfx___lock_acquire+0x10/0x10
[  986.807192][T11918]  ___sys_sendmsg+0xff/0x1e0
[  986.811818][T11918]  ? __pfx____sys_sendmsg+0x10/0x10
[  986.817057][T11918]  ? __pfx_lock_release+0x10/0x10
[  986.822118][T11918]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  986.827883][T11918]  ? __fget_light+0x173/0x210
[  986.832688][T11918]  __sys_sendmmsg+0x1a1/0x450
[  986.837404][T11918]  ? __pfx___sys_sendmmsg+0x10/0x10
[  986.842638][T11918]  ? vfs_write+0x14d/0x1140
[  986.847179][T11918]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  986.853200][T11918]  ? xfd_validate_state+0x5d/0x180
[  986.858355][T11918]  __x64_sys_sendmmsg+0x9c/0x100
[  986.863343][T11918]  ? lockdep_hardirqs_on+0x7c/0x110
[  986.868574][T11918]  do_syscall_64+0xcd/0x250
[  986.873122][T11918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  986.879055][T11918] RIP: 0033:0x7f486dd75bd9
[  986.883680][T11918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  986.903335][T11918] RSP: 002b:00007f486ec36048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  986.911779][T11918] RAX: ffffffffffffffda RBX: 00007f486df03f60 RCX: 00007f486dd75bd9
[  986.919784][T11918] RDX: 0000000000000001 RSI: 0000000020007c40 RDI: 0000000000000004
[  986.927789][T11918] RBP: 00007f486ec360a0 R08: 0000000000000000 R09: 0000000000000000
[  986.935791][T11918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  986.943789][T11918] R13: 000000000000000b R14: 00007f486df03f60 R15: 00007ffc1df5a728
[  986.951877][T11918]  </TASK>
[  987.521367][ T5172] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  987.529012][   T29] audit: type=1400 audit(1720210813.713:862): avc:  denied  { create } for  pid=11927 comm="syz.3.1500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  987.584660][   T29] audit: type=1400 audit(1720210813.713:863): avc:  denied  { listen } for  pid=11927 comm="syz.3.1500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  987.882816][   T29] audit: type=1400 audit(1720210813.753:864): avc:  denied  { ioctl } for  pid=11927 comm="syz.3.1500" path="socket:[44291]" dev="sockfs" ino=44291 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  987.933497][T11931] binder: BINDER_SET_CONTEXT_MGR already set
[  987.939568][T11931] binder: 11929:11931 ioctl 4018620d 20000040 returned -16
[  987.964399][ T5172] usb 2-1: Using ep0 maxpacket: 32
[  987.984311][ T5172] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  987.996048][ T5172] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  988.010140][ T5172] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  988.020574][ T5172] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  988.029074][ T5172] usb 2-1: Product: syz
[  988.034014][ T5172] usb 2-1: Manufacturer: syz
[  988.049592][ T5172] hub 2-1:4.0: USB hub found
[  988.403632][   T29] audit: type=1400 audit(1720210814.593:865): avc:  denied  { create } for  pid=11938 comm="syz.4.1504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  988.579274][   T29] audit: type=1400 audit(1720210814.673:866): avc:  denied  { bind } for  pid=11938 comm="syz.4.1504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  988.613087][   T29] audit: type=1400 audit(1720210814.763:867): avc:  denied  { connect } for  pid=11938 comm="syz.4.1504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  988.687621][   T29] audit: type=1400 audit(1720210814.773:868): avc:  denied  { write } for  pid=11938 comm="syz.4.1504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  988.866424][T11946] FAULT_INJECTION: forcing a failure.
[  988.866424][T11946] name failslab, interval 1, probability 0, space 0, times 0
[  988.914100][ T5172] hub 2-1:4.0: config failed, can't read hub descriptor (err -22)
[  988.956631][T11946] CPU: 1 PID: 11946 Comm: syz.0.1507 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  988.966868][T11946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  988.977068][T11946] Call Trace:
[  988.980397][T11946]  <TASK>
[  988.983371][T11946]  dump_stack_lvl+0x16c/0x1f0
[  988.988124][T11946]  should_fail_ex+0x497/0x5b0
[  988.992867][T11946]  should_failslab+0x9/0x20
[  988.997491][T11946]  __kmalloc_noprof+0xcf/0x410
[  989.002479][T11946]  ? __pfx_lock_acquire+0x10/0x10
[  989.007677][T11946]  tomoyo_realpath_from_path+0xb9/0x720
[  989.013277][T11946]  ? tomoyo_profile+0x47/0x60
[  989.017998][T11946]  tomoyo_path_number_perm+0x245/0x590
[  989.023517][T11946]  ? tomoyo_path_number_perm+0x232/0x590
[  989.029194][T11946]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  989.035225][T11946]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  989.041247][T11946]  ? __fget_files+0x256/0x400
[  989.045961][T11946]  security_file_ioctl+0x75/0xc0
[  989.050927][T11946]  __x64_sys_ioctl+0xbb/0x220
[  989.055642][T11946]  do_syscall_64+0xcd/0x250
[  989.060212][T11946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.066162][T11946] RIP: 0033:0x7fb698175bd9
[  989.070601][T11946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  989.090338][T11946] RSP: 002b:00007fb698ee8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  989.098872][T11946] RAX: ffffffffffffffda RBX: 00007fb698303f60 RCX: 00007fb698175bd9
[  989.106864][T11946] RDX: 0000000020000100 RSI: 00000000c0305615 RDI: 0000000000000003
[  989.114946][T11946] RBP: 00007fb698ee80a0 R08: 0000000000000000 R09: 0000000000000000
[  989.122951][T11946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  989.130967][T11946] R13: 000000000000000b R14: 00007fb698303f60 R15: 00007ffd127d9db8
[  989.138982][T11946]  </TASK>
[  989.142181][    C1] vkms_vblank_simulate: vblank timer overrun
[  989.728998][T11956] FAULT_INJECTION: forcing a failure.
[  989.728998][T11956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  989.742240][T11956] CPU: 1 PID: 11956 Comm: syz.2.1509 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  989.752468][T11956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  989.762566][T11956] Call Trace:
[  989.765882][T11956]  <TASK>
[  989.768932][T11956]  dump_stack_lvl+0x16c/0x1f0
[  989.773668][T11956]  should_fail_ex+0x497/0x5b0
[  989.778399][T11956]  strncpy_from_user+0x38/0x300
[  989.783299][T11956]  strncpy_from_sockptr+0x161/0x1a0
[  989.788565][T11956]  ? __pfx_strncpy_from_sockptr+0x10/0x10
[  989.794419][T11956]  ? avc_has_perm+0x11b/0x1c0
[  989.799146][T11956]  do_tcp_setsockopt+0x4c7/0x2660
[  989.804198][T11956]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  989.809708][T11956]  ? sock_has_perm+0x25a/0x2f0
[  989.814500][T11956]  ? __pfx_sock_has_perm+0x10/0x10
[  989.819639][T11956]  ? selinux_netlbl_socket_setsockopt+0x142/0x440
[  989.826068][T11956]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  989.832845][T11956]  ? find_held_lock+0x2d/0x110
[  989.837631][T11956]  tcp_setsockopt+0xe2/0x100
[  989.842240][T11956]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  989.848249][T11956]  do_sock_setsockopt+0x222/0x480
[  989.853300][T11956]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  989.858873][T11956]  ? __fget_light+0x173/0x210
[  989.863658][T11956]  __sys_setsockopt+0x1a4/0x270
[  989.868530][T11956]  ? __pfx___sys_setsockopt+0x10/0x10
[  989.873920][T11956]  ? fput+0x32/0x390
[  989.877828][T11956]  ? ksys_write+0x1ab/0x260
[  989.882362][T11956]  ? __pfx_ksys_write+0x10/0x10
[  989.887267][T11956]  __x64_sys_setsockopt+0xbd/0x160
[  989.892412][T11956]  ? do_syscall_64+0x91/0x250
[  989.897123][T11956]  ? lockdep_hardirqs_on+0x7c/0x110
[  989.902344][T11956]  do_syscall_64+0xcd/0x250
[  989.906959][T11956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.912878][T11956] RIP: 0033:0x7f3fee375bd9
[  989.917316][T11956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  989.936956][T11956] RSP: 002b:00007f3fef192048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  989.945386][T11956] RAX: ffffffffffffffda RBX: 00007f3fee504110 RCX: 00007f3fee375bd9
[  989.953368][T11956] RDX: 000000000000001f RSI: 0000000000000006 RDI: 0000000000000003
[  989.961346][T11956] RBP: 00007f3fef1920a0 R08: 0000000000000004 R09: 0000000000000000
[  989.969322][T11956] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  989.977301][T11956] R13: 000000000000006e R14: 00007f3fee504110 R15: 00007ffef14b0608
[  989.985283][T11956]  </TASK>
[  989.988410][    C1] vkms_vblank_simulate: vblank timer overrun
[  990.011324][T11946] ERROR: Out of memory at tomoyo_realpath_from_path.
[  990.037563][ T5172] usb 2-1: USB disconnect, device number 6
[  990.464845][   T29] audit: type=1400 audit(1720210816.663:869): avc:  denied  { execute } for  pid=11958 comm="syz.0.1511" dev="tmpfs" ino=206 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  990.486661][T11959] process 'syz.0.1511' launched '/dev/fd/7' with NULL argv: empty string added
[  990.568450][   T29] audit: type=1400 audit(1720210816.713:870): avc:  denied  { execute_no_trans } for  pid=11958 comm="syz.0.1511" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=206 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  992.264922][ T5093] Bluetooth: hci4: unexpected event for opcode 0x0000
[  992.300368][   T29] audit: type=1400 audit(1720210818.493:871): avc:  denied  { create } for  pid=11983 comm="syz.3.1520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  992.331696][T11986] FAULT_INJECTION: forcing a failure.
[  992.331696][T11986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  992.377565][T11986] CPU: 1 PID: 11986 Comm: syz.3.1520 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  992.387800][T11986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  992.397906][T11986] Call Trace:
[  992.401275][T11986]  <TASK>
[  992.404253][T11986]  dump_stack_lvl+0x16c/0x1f0
[  992.408997][T11986]  should_fail_ex+0x497/0x5b0
[  992.413740][T11986]  _copy_from_user+0x30/0xf0
[  992.418387][T11986]  copy_msghdr_from_user+0x99/0x160
[  992.423744][T11986]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  992.429619][T11986]  ? find_held_lock+0x2d/0x110
[  992.434446][T11986]  ? __pfx___lock_acquire+0x10/0x10
[  992.439717][T11986]  ___sys_sendmsg+0xff/0x1e0
[  992.444458][T11986]  ? __pfx____sys_sendmsg+0x10/0x10
[  992.449730][T11986]  ? ksys_write+0x21c/0x260
[  992.454306][T11986]  ? __fget_light+0x173/0x210
[  992.459047][T11986]  __sys_sendmsg+0x117/0x1f0
[  992.463706][T11986]  ? __pfx___sys_sendmsg+0x10/0x10
[  992.468894][T11986]  do_syscall_64+0xcd/0x250
[  992.473466][T11986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.479445][T11986] RIP: 0033:0x7fe54fd75bd9
[  992.483905][T11986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  992.503561][T11986] RSP: 002b:00007fe54f7ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  992.512024][T11986] RAX: ffffffffffffffda RBX: 00007fe54ff03f60 RCX: 00007fe54fd75bd9
[  992.520026][T11986] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003
[  992.528106][T11986] RBP: 00007fe54f7ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  992.536098][T11986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  992.544096][T11986] R13: 000000000000000b R14: 00007fe54ff03f60 R15: 00007fffbf7a0098
[  992.552097][T11986]  </TASK>
[  992.610544][ T5093] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  992.622684][T11989] capability: warning: `syz.0.1523' uses deprecated v2 capabilities in a way that may be insecure
[  992.730276][ T5093] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  992.740366][ T5093] Bluetooth: hci3: Injecting HCI hardware error event
[  992.749468][ T4479] Bluetooth: hci3: hardware error 0x00
[  994.128189][   T29] audit: type=1400 audit(1720210820.323:872): avc:  denied  { ioctl } for  pid=11994 comm="syz.0.1525" path="socket:[45139]" dev="sockfs" ino=45139 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  994.449262][T11992] FAULT_INJECTION: forcing a failure.
[  994.449262][T11992] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  994.485486][T11992] CPU: 0 PID: 11992 Comm: syz.4.1522 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  994.495793][T11992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  994.505890][T11992] Call Trace:
[  994.509232][T11992]  <TASK>
[  994.512221][T11992]  dump_stack_lvl+0x16c/0x1f0
[  994.516928][T11992]  should_fail_ex+0x497/0x5b0
[  994.521639][T11992]  _copy_from_user+0x30/0xf0
[  994.526371][T11992]  copy_msghdr_from_user+0x99/0x160
[  994.531619][T11992]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  994.537471][T11992]  ? find_held_lock+0x2d/0x110
[  994.542268][T11992]  ? __pfx___lock_acquire+0x10/0x10
[  994.547517][T11992]  ___sys_sendmsg+0xff/0x1e0
[  994.552172][T11992]  ? __pfx____sys_sendmsg+0x10/0x10
[  994.557438][T11992]  ? ksys_write+0x21c/0x260
[  994.562008][T11992]  ? __fget_light+0x173/0x210
[  994.566730][T11992]  __sys_sendmsg+0x117/0x1f0
[  994.571366][T11992]  ? __pfx___sys_sendmsg+0x10/0x10
[  994.576539][T11992]  do_syscall_64+0xcd/0x250
[  994.581103][T11992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  994.587061][T11992] RIP: 0033:0x7f47b8d75bd9
[  994.591492][T11992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  994.611127][T11992] RSP: 002b:00007f47b87ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  994.619560][T11992] RAX: ffffffffffffffda RBX: 00007f47b8f03f60 RCX: 00007f47b8d75bd9
[  994.627547][T11992] RDX: 0000000000000000 RSI: 00000000200015c0 RDI: 0000000000000003
[  994.635532][T11992] RBP: 00007f47b87ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  994.643515][T11992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  994.651497][T11992] R13: 000000000000000b R14: 00007f47b8f03f60 R15: 00007fffd87031a8
[  994.659482][T11992]  </TASK>
[  994.813150][ T4479] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  996.360377][ T4479] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  996.371427][ T4479] Bluetooth: hci4: Injecting HCI hardware error event
[  996.380951][ T5093] Bluetooth: hci4: hardware error 0x00
[  997.056879][T12036] binder: BINDER_SET_CONTEXT_MGR already set
[  997.065860][T12036] binder: 12031:12036 ioctl 4018620d 20000040 returned -16
[  998.737930][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  998.747871][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  998.827221][T12061] FAULT_INJECTION: forcing a failure.
[  998.827221][T12061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  998.840734][T12061] CPU: 1 PID: 12061 Comm: syz.2.1537 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  998.850942][T12061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  998.861037][T12061] Call Trace:
[  998.864347][T12061]  <TASK>
[  998.867322][T12061]  dump_stack_lvl+0x16c/0x1f0
[  998.872058][T12061]  should_fail_ex+0x497/0x5b0
[  998.876794][T12061]  _copy_from_user+0x30/0xf0
[  998.881439][T12061]  copy_msghdr_from_user+0x99/0x160
[  998.886731][T12061]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  998.892597][T12061]  ? find_held_lock+0x2d/0x110
[  998.897415][T12061]  ___sys_recvmsg+0xdc/0x1a0
[  998.902067][T12061]  ? __pfx____sys_recvmsg+0x10/0x10
[  998.907420][T12061]  ? __fget_light+0x173/0x210
[  998.912161][T12061]  __sys_recvmsg+0x114/0x1e0
[  998.916814][T12061]  ? __pfx___sys_recvmsg+0x10/0x10
[  998.922016][T12061]  do_syscall_64+0xcd/0x250
[  998.926578][T12061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  998.932564][T12061] RIP: 0033:0x7f3fee375bd9
[  998.937014][T12061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  998.956940][T12061] RSP: 002b:00007f3fef192048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  998.965402][T12061] RAX: ffffffffffffffda RBX: 00007f3fee504110 RCX: 00007f3fee375bd9
[  998.973411][T12061] RDX: 0000000000000000 RSI: 0000000020002940 RDI: 0000000000000003
[  998.981429][T12061] RBP: 00007f3fef1920a0 R08: 0000000000000000 R09: 0000000000000000
[  998.989525][T12061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  998.997529][T12061] R13: 000000000000006e R14: 00007f3fee504110 R15: 00007ffef14b0608
[  999.005549][T12061]  </TASK>
[  999.012047][ T5093] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  999.072735][   T29] audit: type=1400 audit(1720210825.023:873): avc:  denied  { ioctl } for  pid=12037 comm="syz.2.1537" path="socket:[45258]" dev="sockfs" ino=45258 ioctlcmd=0x89e5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1000.984738][T12093] binder: BINDER_SET_CONTEXT_MGR already set
[ 1000.991073][T12093] binder: 12085:12093 ioctl 4018620d 20000040 returned -16
[ 1002.195248][   T29] audit: type=1400 audit(1720210828.393:874): avc:  denied  { unmount } for  pid=11103 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1002.596156][T12111] FAULT_INJECTION: forcing a failure.
[ 1002.596156][T12111] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.608951][T12111] CPU: 0 PID: 12111 Comm: syz.2.1547 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1002.619231][T12111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1002.629414][T12111] Call Trace:
[ 1002.632740][T12111]  <TASK>
[ 1002.635695][T12111]  dump_stack_lvl+0x16c/0x1f0
[ 1002.640500][T12111]  should_fail_ex+0x497/0x5b0
[ 1002.645228][T12111]  should_failslab+0x9/0x20
[ 1002.649794][T12111]  kmalloc_trace_noprof+0x6b/0x300
[ 1002.654949][T12111]  ? alloc_pipe_info+0x10e/0x590
[ 1002.659935][T12111]  alloc_pipe_info+0x10e/0x590
[ 1002.664769][T12111]  ? __pfx___lock_acquire+0x10/0x10
[ 1002.670026][T12111]  splice_direct_to_actor+0x79c/0xa40
[ 1002.675460][T12111]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1002.681389][T12111]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1002.687319][T12111]  ? __pfx___might_resched+0x10/0x10
[ 1002.692721][T12111]  ? __pfx_lock_release+0x10/0x10
[ 1002.697798][T12111]  do_splice_direct+0x17e/0x250
[ 1002.702788][T12111]  ? __pfx_do_splice_direct+0x10/0x10
[ 1002.708182][T12111]  ? avc_policy_seqno+0x9/0x20
[ 1002.712992][T12111]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1002.719036][T12111]  do_sendfile+0xb1e/0xe50
[ 1002.723490][T12111]  ? __pfx_do_sendfile+0x10/0x10
[ 1002.728468][T12111]  __x64_sys_sendfile64+0x1da/0x220
[ 1002.733785][T12111]  ? ksys_write+0x1ab/0x260
[ 1002.738406][T12111]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1002.744149][T12111]  do_syscall_64+0xcd/0x250
[ 1002.748694][T12111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1002.754620][T12111] RIP: 0033:0x7f3fee375bd9
[ 1002.759045][T12111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1002.778675][T12111] RSP: 002b:00007f3fef091048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1002.787193][T12111] RAX: ffffffffffffffda RBX: 00007f3fee504110 RCX: 00007f3fee375bd9
[ 1002.795199][T12111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000009
[ 1002.803209][T12111] RBP: 00007f3fef0910a0 R08: 0000000000000000 R09: 0000000000000000
[ 1002.811192][T12111] R10: 0000000080000000 R11: 0000000000000246 R12: 0000000000000001
[ 1002.819209][T12111] R13: 000000000000006e R14: 00007f3fee504110 R15: 00007ffef14b0608
[ 1002.827215][T12111]  </TASK>
[ 1002.989077][T12113] FAULT_INJECTION: forcing a failure.
[ 1002.989077][T12113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1003.047591][T12113] CPU: 1 PID: 12113 Comm: syz.4.1561 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1003.057847][T12113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1003.068127][T12113] Call Trace:
[ 1003.071485][T12113]  <TASK>
[ 1003.074457][T12113]  dump_stack_lvl+0x16c/0x1f0
[ 1003.079366][T12113]  should_fail_ex+0x497/0x5b0
[ 1003.084111][T12113]  _copy_from_user+0x30/0xf0
[ 1003.088766][T12113]  copy_msghdr_from_user+0x99/0x160
[ 1003.094027][T12113]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1003.099887][T12113]  ? find_held_lock+0x2d/0x110
[ 1003.104707][T12113]  ? __pfx___lock_acquire+0x10/0x10
[ 1003.109983][T12113]  ___sys_sendmsg+0xff/0x1e0
[ 1003.114668][T12113]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1003.119931][T12113]  ? ksys_write+0x21c/0x260
[ 1003.124504][T12113]  ? __fget_light+0x173/0x210
[ 1003.129248][T12113]  __sys_sendmsg+0x117/0x1f0
[ 1003.133902][T12113]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1003.139092][T12113]  do_syscall_64+0xcd/0x250
[ 1003.143665][T12113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.149726][T12113] RIP: 0033:0x7f47b8d75bd9
[ 1003.154370][T12113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1003.174040][T12113] RSP: 002b:00007f47b87ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1003.182509][T12113] RAX: ffffffffffffffda RBX: 00007f47b8f03f60 RCX: 00007f47b8d75bd9
[ 1003.190525][T12113] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000003
[ 1003.198551][T12113] RBP: 00007f47b87ff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1003.206573][T12113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1003.214600][T12113] R13: 000000000000000b R14: 00007f47b8f03f60 R15: 00007fffd87031a8
[ 1003.222621][T12113]  </TASK>
[ 1003.550115][ T5140] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1003.599525][T12121] FAULT_INJECTION: forcing a failure.
[ 1003.599525][T12121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1003.613047][T12121] CPU: 0 PID: 12121 Comm: syz.1.1562 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1003.623255][T12121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1003.633367][T12121] Call Trace:
[ 1003.636669][T12121]  <TASK>
[ 1003.639617][T12121]  dump_stack_lvl+0x16c/0x1f0
[ 1003.644377][T12121]  should_fail_ex+0x497/0x5b0
[ 1003.649092][T12121]  _copy_from_user+0x30/0xf0
[ 1003.653804][T12121]  copy_msghdr_from_user+0x99/0x160
[ 1003.659038][T12121]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1003.664882][T12121]  ? find_held_lock+0x2d/0x110
[ 1003.669682][T12121]  ? __pfx___lock_acquire+0x10/0x10
[ 1003.674921][T12121]  ___sys_sendmsg+0xff/0x1e0
[ 1003.679546][T12121]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1003.684783][T12121]  ? ksys_write+0x21c/0x260
[ 1003.689326][T12121]  ? __fget_light+0x173/0x210
[ 1003.694038][T12121]  __sys_sendmsg+0x117/0x1f0
[ 1003.698663][T12121]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1003.703818][T12121]  do_syscall_64+0xcd/0x250
[ 1003.708392][T12121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.714347][T12121] RIP: 0033:0x7f486dd75bd9
[ 1003.718788][T12121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1003.738441][T12121] RSP: 002b:00007f486ec15048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1003.746894][T12121] RAX: ffffffffffffffda RBX: 00007f486df04038 RCX: 00007f486dd75bd9
[ 1003.754886][T12121] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005
[ 1003.762880][T12121] RBP: 00007f486ec150a0 R08: 0000000000000000 R09: 0000000000000000
[ 1003.770872][T12121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1003.778862][T12121] R13: 000000000000006e R14: 00007f486df04038 R15: 00007ffc1df5a728
[ 1003.786858][T12121]  </TASK>
[ 1003.920104][ T5140] usb 4-1: Using ep0 maxpacket: 16
[ 1003.954360][ T5140] usb 4-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[ 1003.963834][ T5140] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1003.979848][ T5140] usb 4-1: Product: syz
[ 1003.989517][ T5140] usb 4-1: Manufacturer: syz
[ 1003.998655][ T5140] usb 4-1: SerialNumber: syz
[ 1004.041240][ T5140] usb 4-1: config 0 descriptor??
[ 1004.056858][ T5140] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[ 1004.393980][ T5093] Bluetooth: hci6: Unknown advertising packet type: 0x74
[ 1004.876363][T12131] binder: BINDER_SET_CONTEXT_MGR already set
[ 1004.889837][T12131] binder: 12125:12131 ioctl 4018620d 20000040 returned -16
[ 1005.494000][T12129] input: syz0 as /devices/virtual/input/input27
[ 1006.212781][ T5140] gp8psk: usb in 128 operation failed.
[ 1006.221803][ T5140] gp8psk: usb in 137 operation failed.
[ 1006.235389][ T5140] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1006.251001][ T5140] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[ 1006.274474][ T5140] usb 4-1: media controller created
[ 1006.423956][ T5140] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1006.991117][ T5140] gp8psk_fe: Frontend revision 1 attached
[ 1007.027922][ T5140] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[ 1007.056417][ T5140] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[ 1007.602271][ T5140] gp8psk: usb in 138 operation failed.
[ 1007.664092][ T5140] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[ 1007.744855][ T5140] gp8psk: found Genpix USB device pID = 201 (hex)
[ 1008.094969][ T5093] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260
[ 1008.254990][T12169] FAULT_INJECTION: forcing a failure.
[ 1008.254990][T12169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1008.316815][T12169] CPU: 1 PID: 12169 Comm: syz.1.1575 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1008.327043][T12169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1008.337137][T12169] Call Trace:
[ 1008.340431][T12169]  <TASK>
[ 1008.343370][T12169]  dump_stack_lvl+0x16c/0x1f0
[ 1008.348087][T12169]  should_fail_ex+0x497/0x5b0
[ 1008.352802][T12169]  _copy_from_user+0x30/0xf0
[ 1008.357412][T12169]  mptcp_get_subflow_data+0x82/0x230
[ 1008.362731][T12169]  mptcp_getsockopt_tcpinfo+0xb9/0x360
[ 1008.368223][T12169]  ? __pfx___lock_acquire+0x10/0x10
[ 1008.373461][T12169]  ? __pfx_mptcp_getsockopt_tcpinfo+0x10/0x10
[ 1008.379566][T12169]  ? release_sock+0x21/0x220
[ 1008.384187][T12169]  ? reacquire_held_locks+0x20b/0x4c0
[ 1008.389688][T12169]  ? release_sock+0x21/0x220
[ 1008.394410][T12169]  ? find_held_lock+0x59/0x110
[ 1008.399193][T12169]  ? find_held_lock+0x2d/0x110
[ 1008.403981][T12169]  ? mptcp_getsockopt+0x16b/0xba0
[ 1008.409044][T12169]  ? __pfx_lock_release+0x10/0x10
[ 1008.414115][T12169]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1008.419510][T12169]  ? mptcp_getsockopt+0x16b/0xba0
[ 1008.424634][T12169]  ? __local_bh_enable_ip+0xa4/0x120
[ 1008.429983][T12169]  mptcp_getsockopt+0x20a/0xba0
[ 1008.434923][T12169]  ? __pfx_mptcp_getsockopt+0x10/0x10
[ 1008.440331][T12169]  ? find_held_lock+0x2d/0x110
[ 1008.445122][T12169]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1008.451135][T12169]  do_sock_getsockopt+0x2e5/0x760
[ 1008.456199][T12169]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1008.461775][T12169]  ? __fget_files+0x256/0x400
[ 1008.466482][T12169]  ? __fget_light+0x173/0x210
[ 1008.471278][T12169]  __sys_getsockopt+0x1a1/0x270
[ 1008.476181][T12169]  ? __pfx___sys_getsockopt+0x10/0x10
[ 1008.481602][T12169]  ? xfd_validate_state+0x5d/0x180
[ 1008.486747][T12169]  __x64_sys_getsockopt+0xbd/0x160
[ 1008.491884][T12169]  ? do_syscall_64+0x91/0x250
[ 1008.496765][T12169]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1008.501998][T12169]  do_syscall_64+0xcd/0x250
[ 1008.506634][T12169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.512567][T12169] RIP: 0033:0x7f486dd75bd9
[ 1008.517017][T12169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1008.536734][T12169] RSP: 002b:00007f486ec36048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1008.545251][T12169] RAX: ffffffffffffffda RBX: 00007f486df03f60 RCX: 00007f486dd75bd9
[ 1008.553234][T12169] RDX: 0000000000000002 RSI: 000000000000011c RDI: 0000000000000003
[ 1008.561222][T12169] RBP: 00007f486ec360a0 R08: 0000000020000040 R09: 0000000000000000
[ 1008.569209][T12169] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[ 1008.577191][T12169] R13: 000000000000000b R14: 00007f486df03f60 R15: 00007ffc1df5a728
[ 1008.585178][T12169]  </TASK>
[ 1008.657203][T12172] sysfs: cannot create duplicate filename '/class/ieee80211/C|+È‚!‡3§rU&6 bÎOo¸ ' 1©|y'
[ 1008.687831][ T5074] usb 4-1: USB disconnect, device number 12
[ 1008.757985][T12172] CPU: 1 PID: 12172 Comm: syz.0.1574 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1008.768216][T12172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1008.778297][T12172] Call Trace:
[ 1008.781918][T12172]  <TASK>
[ 1008.784866][T12172]  dump_stack_lvl+0x16c/0x1f0
[ 1008.789667][T12172]  sysfs_warn_dup+0x7f/0xa0
[ 1008.794221][T12172]  sysfs_do_create_link_sd+0x124/0x140
[ 1008.799760][T12172]  sysfs_create_link+0x61/0xc0
[ 1008.804601][T12172]  device_add+0x62e/0x1a70
[ 1008.809111][T12172]  ? __pfx_device_add+0x10/0x10
[ 1008.814047][T12172]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1008.820009][T12172]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[ 1008.826155][T12172]  wiphy_register+0x2101/0x2d00
[ 1008.831070][T12172]  ? __pfx_wiphy_register+0x10/0x10
[ 1008.836336][T12172]  ieee80211_register_hw+0x2683/0x43b0
[ 1008.841926][T12172]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1008.847817][T12172]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1008.853365][T12172]  ? __asan_memset+0x23/0x50
[ 1008.858027][T12172]  ? __hrtimer_init+0x106/0x2c0
[ 1008.862978][T12172]  mac80211_hwsim_new_radio+0x22f6/0x4e50
[ 1008.868780][T12172]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1008.874929][T12172]  ? hwsim_new_radio_nl+0x9b6/0x1240
[ 1008.880298][T12172]  ? __asan_memcpy+0x3c/0x60
[ 1008.884972][T12172]  hwsim_new_radio_nl+0xaf9/0x1240
[ 1008.890169][T12172]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1008.895802][T12172]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1008.903352][T12172]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1008.910902][T12172]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1008.916543][T12172]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1008.922705][T12172]  ? ns_capable+0xd7/0x110
[ 1008.927185][T12172]  genl_rcv_msg+0x565/0x800
[ 1008.931770][T12172]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1008.936878][T12172]  ? __pfx___lock_acquire+0x10/0x10
[ 1008.942160][T12172]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1008.947875][T12172]  netlink_rcv_skb+0x16b/0x440
[ 1008.952720][T12172]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1008.957827][T12172]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1008.963189][T12172]  ? down_read+0xc9/0x330
[ 1008.967591][T12172]  ? __pfx_down_read+0x10/0x10
[ 1008.972521][T12172]  ? netlink_deliver_tap+0x1ae/0xd90
[ 1008.977877][T12172]  genl_rcv+0x28/0x40
[ 1008.981931][T12172]  netlink_unicast+0x542/0x820
[ 1008.986784][T12172]  ? __pfx_netlink_unicast+0x10/0x10
[ 1008.992234][T12172]  netlink_sendmsg+0x8b8/0xd70
[ 1008.997070][T12172]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1009.002419][T12172]  ? __import_iovec+0x1fd/0x6e0
[ 1009.007340][T12172]  ____sys_sendmsg+0xab5/0xc90
[ 1009.012169][T12172]  ? copy_msghdr_from_user+0x10b/0x160
[ 1009.017706][T12172]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1009.023053][T12172]  ? __pfx___futex_wait+0x10/0x10
[ 1009.028140][T12172]  ? __pfx___lock_acquire+0x10/0x10
[ 1009.033516][T12172]  ? try_to_wake_up+0x14b/0x13e0
[ 1009.038709][T12172]  ___sys_sendmsg+0x135/0x1e0
[ 1009.043469][T12172]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1009.048763][T12172]  ? __fget_light+0x173/0x210
[ 1009.053628][T12172]  __sys_sendmsg+0x117/0x1f0
[ 1009.058329][T12172]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1009.064299][T12172]  ? __x64_sys_futex+0x1e1/0x4c0
[ 1009.069323][T12172]  do_syscall_64+0xcd/0x250
[ 1009.074151][T12172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.080237][T12172] RIP: 0033:0x7fb698175bd9
[ 1009.084719][T12172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1009.105797][T12172] RSP: 002b:00007fb698ec7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1009.114465][T12172] RAX: ffffffffffffffda RBX: 00007fb698304038 RCX: 00007fb698175bd9
[ 1009.122765][T12172] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007
[ 1009.131074][T12172] RBP: 00007fb6981e4aa1 R08: 0000000000000000 R09: 0000000000000000
[ 1009.139199][T12172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1009.147235][T12172] R13: 000000000000006e R14: 00007fb698304038 R15: 00007ffd127d9db8
[ 1009.155279][T12172]  </TASK>
[ 1009.518184][T12186] binder: BINDER_SET_CONTEXT_MGR already set
[ 1009.524361][T12186] binder: 12175:12186 ioctl 4018620d 20000040 returned -16
[ 1010.156837][ T5074] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[ 1012.323798][   T29] audit: type=1400 audit(1720210838.513:875): avc:  denied  { map } for  pid=12207 comm="syz.2.1585" path="socket:[45660]" dev="sockfs" ino=45660 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[ 1012.775021][T12220] FAULT_INJECTION: forcing a failure.
[ 1012.775021][T12220] name failslab, interval 1, probability 0, space 0, times 0
[ 1012.845806][   T29] audit: type=1400 audit(1720210839.023:876): avc:  denied  { unlink } for  pid=12215 comm="syz.3.1587" name="#1" dev="tmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1012.879653][T12220] CPU: 0 PID: 12220 Comm: syz.3.1587 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1012.889987][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1012.900277][T12220] Call Trace:
[ 1012.903623][T12220]  <TASK>
[ 1012.906682][T12220]  dump_stack_lvl+0x16c/0x1f0
[ 1012.911427][T12220]  should_fail_ex+0x497/0x5b0
[ 1012.916216][T12220]  should_failslab+0x9/0x20
[ 1012.920891][T12220]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1012.926357][T12220]  ? getname_flags.part.0+0x50/0x4f0
[ 1012.931715][T12220]  getname_flags.part.0+0x50/0x4f0
[ 1012.937010][T12220]  getname_flags+0x9b/0xf0
[ 1012.941497][T12220]  user_path_at_empty+0x2c/0x60
[ 1012.946420][T12220]  inotify_find_inode+0x31/0x170
[ 1012.951428][T12220]  ? __fget_light+0x173/0x210
[ 1012.956171][T12220]  __x64_sys_inotify_add_watch+0x21b/0x380
[ 1012.962055][T12220]  ? __pfx___x64_sys_inotify_add_watch+0x10/0x10
[ 1012.968460][T12220]  do_syscall_64+0xcd/0x250
[ 1012.973035][T12220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1012.979004][T12220] RIP: 0033:0x7fe54fd75bd9
[ 1012.983467][T12220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1013.003311][T12220] RSP: 002b:00007fe54f7de048 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[ 1013.011878][T12220] RAX: ffffffffffffffda RBX: 00007fe54ff04038 RCX: 00007fe54fd75bd9
[ 1013.019900][T12220] RDX: 00000000a50003f1 RSI: 0000000020000340 RDI: 0000000000000004
[ 1013.025865][   T29] audit: type=1400 audit(1720210839.223:877): avc:  denied  { mount } for  pid=12215 comm="syz.3.1587" name="/" dev="overlay" ino=762 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1013.027982][T12220] RBP: 00007fe54f7de0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1013.058136][T12220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1013.066156][T12220] R13: 000000000000006e R14: 00007fe54ff04038 R15: 00007fffbf7a0098
[ 1013.074277][T12220]  </TASK>
[ 1013.077445][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1013.787846][   T29] audit: type=1326 audit(1720210839.983:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.059684][   T29] audit: type=1326 audit(1720210839.983:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.203872][   T29] audit: type=1326 audit(1720210840.403:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.230448][T12245] binder: BINDER_SET_CONTEXT_MGR already set
[ 1014.236561][T12245] binder: 12240:12245 ioctl 4018620d 20000040 returned -16
[ 1014.328621][   T29] audit: type=1326 audit(1720210840.513:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.599037][   T29] audit: type=1326 audit(1720210840.513:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.624654][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1014.738607][   T29] audit: type=1326 audit(1720210840.573:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.766730][   T29] audit: type=1326 audit(1720210840.573:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12238 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486dd75bd9 code=0x7ffc0000
[ 1014.790306][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1016.415057][ T5093] Bluetooth: hci0: SCO packet for unknown connection handle 200
[ 1016.433265][T12264] FAULT_INJECTION: forcing a failure.
[ 1016.433265][T12264] name failslab, interval 1, probability 0, space 0, times 0
[ 1016.553224][T12264] CPU: 0 PID: 12264 Comm: syz.3.1599 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1016.553316][T12264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1016.553338][T12264] Call Trace:
[ 1016.553352][T12264]  <TASK>
[ 1016.553366][T12264]  dump_stack_lvl+0x16c/0x1f0
[ 1016.553418][T12264]  should_fail_ex+0x497/0x5b0
[ 1016.553462][T12264]  should_failslab+0x9/0x20
[ 1016.553516][T12264]  __kmalloc_noprof+0xcf/0x410
[ 1016.553549][T12264]  ? __pfx_lock_acquire+0x10/0x10
[ 1016.553605][T12264]  tomoyo_realpath_from_path+0xb9/0x720
[ 1016.553647][T12264]  ? tomoyo_profile+0x47/0x60
[ 1016.553689][T12264]  tomoyo_path_number_perm+0x245/0x590
[ 1016.553741][T12264]  ? tomoyo_path_number_perm+0x232/0x590
[ 1016.553795][T12264]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1016.553862][T12264]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1016.553912][T12264]  ? __fget_files+0x256/0x400
[ 1016.553959][T12264]  security_file_ioctl+0x75/0xc0
[ 1016.553997][T12264]  __x64_sys_ioctl+0xbb/0x220
[ 1016.554040][T12264]  do_syscall_64+0xcd/0x250
[ 1016.554089][T12264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1016.554146][T12264] RIP: 0033:0x7fe54fd75bd9
[ 1016.554172][T12264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1016.554207][T12264] RSP: 002b:00007fe54f7ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1016.554248][T12264] RAX: ffffffffffffffda RBX: 00007fe54ff03f60 RCX: 00007fe54fd75bd9
[ 1016.554273][T12264] RDX: 0000000020000140 RSI: 0000000041045508 RDI: 0000000000000003
[ 1016.554298][T12264] RBP: 00007fe54f7ff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1016.554321][T12264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1016.554345][T12264] R13: 000000000000000b R14: 00007fe54ff03f60 R15: 00007fffbf7a0098
[ 1016.554375][T12264]  </TASK>
[ 1016.554465][T12264] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1016.989401][T12273] netlink: 296 bytes leftover after parsing attributes in process `syz.2.1600'.
[ 1017.197934][ T5152] hid (null): unknown global tag 0xc
[ 1017.275724][ T5152] hid-generic 071B:0100:0008.0003: unknown global tag 0xc
[ 1017.301341][ T5152] hid-generic 071B:0100:0008.0003: item 0 2 1 12 parsing failed
[ 1017.316323][ T5152] hid-generic 071B:0100:0008.0003: probe with driver hid-generic failed with error -22
[ 1017.787270][T12288] binder: BINDER_SET_CONTEXT_MGR already set
[ 1017.793371][T12288] binder: 12285:12288 ioctl 4018620d 20000040 returned -16
[ 1019.750051][T12302] ==================================================================
[ 1019.758181][T12302] BUG: KASAN: slab-use-after-free in skb_release_head_state+0x283/0x2b0
[ 1019.766555][T12302] Read of size 8 at addr ffff8880648e9a58 by task syz.3.1609/12302
[ 1019.774532][T12302] 
[ 1019.776864][T12302] CPU: 0 PID: 12302 Comm: syz.3.1609 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1019.787038][T12302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1019.797127][T12302] Call Trace:
[ 1019.800445][T12302]  <TASK>
[ 1019.803413][T12302]  dump_stack_lvl+0x116/0x1f0
[ 1019.808158][T12302]  print_report+0xc3/0x620
[ 1019.812829][T12302]  ? __virt_addr_valid+0x5e/0x580
[ 1019.817918][T12302]  ? __phys_addr+0xc6/0x150
[ 1019.822477][T12302]  kasan_report+0xd9/0x110
[ 1019.826971][T12302]  ? skb_release_head_state+0x283/0x2b0
[ 1019.832575][T12302]  ? skb_release_head_state+0x283/0x2b0
[ 1019.838162][T12302]  skb_release_head_state+0x283/0x2b0
[ 1019.843574][T12302]  kfree_skb_reason+0xed/0x210
[ 1019.848378][T12302]  __hci_req_sync+0x61d/0x980
[ 1019.853121][T12302]  ? __pfx___hci_req_sync+0x10/0x10
[ 1019.858440][T12302]  ? hci_req_sync+0x3f/0xd0
[ 1019.862976][T12302]  ? kfree+0x12a/0x3b0
[ 1019.867099][T12302]  hci_req_sync+0x97/0xd0
[ 1019.871459][T12302]  ? __pfx_hci_inq_req+0x10/0x10
[ 1019.876431][T12302]  hci_inquiry+0x3ea/0x950
[ 1019.880885][T12302]  ? __pfx_lock_release+0x10/0x10
[ 1019.885947][T12302]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1019.891347][T12302]  ? __pfx_hci_inquiry+0x10/0x10
[ 1019.896838][T12302]  ? hci_sock_recvmsg+0x7a0/0x13c0
[ 1019.901982][T12302]  ? __local_bh_enable_ip+0xa4/0x120
[ 1019.907319][T12302]  hci_sock_ioctl+0x2bb/0x880
[ 1019.912042][T12302]  ? __pfx_hci_sock_ioctl+0x10/0x10
[ 1019.917283][T12302]  sock_do_ioctl+0x116/0x280
[ 1019.921909][T12302]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1019.927050][T12302]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[ 1019.933589][T12302]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1019.940474][T12302]  sock_ioctl+0x22e/0x6c0
[ 1019.944832][T12302]  ? __pfx_sock_ioctl+0x10/0x10
[ 1019.949713][T12302]  ? selinux_file_ioctl+0x180/0x270
[ 1019.954936][T12302]  ? selinux_file_ioctl+0xb4/0x270
[ 1019.960079][T12302]  ? __pfx_sock_ioctl+0x10/0x10
[ 1019.964957][T12302]  __x64_sys_ioctl+0x193/0x220
[ 1019.969762][T12302]  do_syscall_64+0xcd/0x250
[ 1019.974302][T12302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1019.980240][T12302] RIP: 0033:0x7fe54fd75bd9
[ 1019.984673][T12302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1020.004401][T12302] RSP: 002b:00007fe54f7ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1020.012841][T12302] RAX: ffffffffffffffda RBX: 00007fe54ff03f60 RCX: 00007fe54fd75bd9
[ 1020.020833][T12302] RDX: 0000000020000080 RSI: 00000000800448f0 RDI: 0000000000000007
[ 1020.028823][T12302] RBP: 00007fe54fde4aa1 R08: 0000000000000000 R09: 0000000000000000
[ 1020.036905][T12302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1020.044907][T12302] R13: 000000000000000b R14: 00007fe54ff03f60 R15: 00007fffbf7a0098
[ 1020.053012][T12302]  </TASK>
[ 1020.056046][T12302] 
[ 1020.058376][T12302] Allocated by task 5093:
[ 1020.062799][T12302]  kasan_save_stack+0x33/0x60
[ 1020.067526][T12302]  kasan_save_track+0x14/0x30
[ 1020.072425][T12302]  __kasan_slab_alloc+0x89/0x90
[ 1020.077314][T12302]  kmem_cache_alloc_noprof+0x121/0x2f0
[ 1020.082848][T12302]  skb_clone+0x190/0x3f0
[ 1020.087119][T12302]  hci_cmd_work+0x66a/0x710
[ 1020.091648][T12302]  process_one_work+0x9c5/0x1b40
[ 1020.096608][T12302]  worker_thread+0x6c8/0xf30
[ 1020.101226][T12302]  kthread+0x2c1/0x3a0
[ 1020.105336][T12302]  ret_from_fork+0x45/0x80
[ 1020.109884][T12302]  ret_from_fork_asm+0x1a/0x30
[ 1020.114700][T12302] 
[ 1020.117032][T12302] Freed by task 5093:
[ 1020.121020][T12302]  kasan_save_stack+0x33/0x60
[ 1020.125733][T12302]  kasan_save_track+0x14/0x30
[ 1020.130442][T12302]  kasan_save_free_info+0x3b/0x60
[ 1020.135492][T12302]  poison_slab_object+0xf7/0x160
[ 1020.140463][T12302]  __kasan_slab_free+0x32/0x50
[ 1020.145260][T12302]  kmem_cache_free+0x12f/0x3a0
[ 1020.150093][T12302]  kfree_skbmem+0x10e/0x200
[ 1020.154624][T12302]  kfree_skb_reason+0x138/0x210
[ 1020.159668][T12302]  hci_cmd_work+0x63e/0x710
[ 1020.164215][T12302]  process_one_work+0x9c5/0x1b40
[ 1020.169186][T12302]  worker_thread+0x6c8/0xf30
[ 1020.173802][T12302]  kthread+0x2c1/0x3a0
[ 1020.177900][T12302]  ret_from_fork+0x45/0x80
[ 1020.182351][T12302]  ret_from_fork_asm+0x1a/0x30
[ 1020.187154][T12302] 
[ 1020.189498][T12302] The buggy address belongs to the object at ffff8880648e9a00
[ 1020.189498][T12302]  which belongs to the cache skbuff_head_cache of size 240
[ 1020.204104][T12302] The buggy address is located 88 bytes inside of
[ 1020.204104][T12302]  freed 240-byte region [ffff8880648e9a00, ffff8880648e9af0)
[ 1020.218106][T12302] 
[ 1020.220445][T12302] The buggy address belongs to the physical page:
[ 1020.226863][T12302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x648e9
[ 1020.235744][T12302] memcg:ffff88802274ce81
[ 1020.239999][T12302] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1020.247129][T12302] page_type: 0xffffefff(slab)
[ 1020.251864][T12302] raw: 00fff00000000000 ffff88801929c780 ffffea0000a57340 dead000000000002
[ 1020.260556][T12302] raw: 0000000000000000 00000000000c000c 00000001ffffefff ffff88802274ce81
[ 1020.269151][T12302] page dumped because: kasan: bad access detected
[ 1020.275602][T12302] page_owner tracks the page as allocated
[ 1020.281327][T12302] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5172, tgid 5172 (kworker/0:7), ts 666872744943, free_ts 666677443524
[ 1020.302130][T12302]  post_alloc_hook+0x2d1/0x350
[ 1020.306935][T12302]  get_page_from_freelist+0x1353/0x2e50
[ 1020.312520][T12302]  __alloc_pages_noprof+0x22b/0x2460
[ 1020.317841][T12302]  alloc_slab_page+0x56/0x110
[ 1020.322553][T12302]  new_slab+0x84/0x260
[ 1020.326664][T12302]  ___slab_alloc+0xdac/0x1870
[ 1020.331389][T12302]  __slab_alloc.constprop.0+0x56/0xb0
[ 1020.336805][T12302]  kmem_cache_alloc_node_noprof+0xed/0x310
[ 1020.342657][T12302]  __alloc_skb+0x2b1/0x380
[ 1020.347101][T12302]  nsim_dev_trap_report_work+0x2a4/0xc80
[ 1020.352772][T12302]  process_one_work+0x9c5/0x1b40
[ 1020.357752][T12302]  worker_thread+0x6c8/0xf30
[ 1020.362458][T12302]  kthread+0x2c1/0x3a0
[ 1020.366655][T12302]  ret_from_fork+0x45/0x80
[ 1020.371109][T12302]  ret_from_fork_asm+0x1a/0x30
[ 1020.375911][T12302] page last free pid 9347 tgid 9346 stack trace:
[ 1020.382252][T12302]  free_unref_page+0x64a/0xe40
[ 1020.387059][T12302]  qlist_free_all+0x4e/0x140
[ 1020.391679][T12302]  kasan_quarantine_reduce+0x192/0x1e0
[ 1020.397175][T12302]  __kasan_slab_alloc+0x69/0x90
[ 1020.402063][T12302]  kmem_cache_alloc_node_noprof+0x153/0x310
[ 1020.408107][T12302]  __alloc_skb+0x2b1/0x380
[ 1020.412546][T12302]  sock_wmalloc+0xd4/0x120
[ 1020.416988][T12302]  l2tp_ip_sendmsg+0x1ae/0x14e0
[ 1020.421878][T12302]  inet_sendmsg+0x119/0x140
[ 1020.426423][T12302]  ____sys_sendmsg+0xa09/0xc90
[ 1020.431210][T12302]  ___sys_sendmsg+0x135/0x1e0
[ 1020.435913][T12302]  __sys_sendmmsg+0x1a1/0x450
[ 1020.440622][T12302]  __x64_sys_sendmmsg+0x9c/0x100
[ 1020.445596][T12302]  do_syscall_64+0xcd/0x250
[ 1020.450131][T12302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.456066][T12302] 
[ 1020.458393][T12302] Memory state around the buggy address:
[ 1020.464032][T12302]  ffff8880648e9900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1020.472117][T12302]  ffff8880648e9980: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 1020.480197][T12302] >ffff8880648e9a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1020.488269][T12302]                                                     ^
[ 1020.495227][T12302]  ffff8880648e9a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[ 1020.503309][T12302]  ffff8880648e9b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 1020.511395][T12302] ==================================================================
[ 1020.643959][T12302] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1020.651201][T12302] CPU: 1 PID: 12302 Comm: syz.3.1609 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[ 1020.661366][T12302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1020.671545][T12302] Call Trace:
[ 1020.674829][T12302]  <TASK>
[ 1020.677760][T12302]  dump_stack_lvl+0x3d/0x1f0
[ 1020.682372][T12302]  panic+0x6f5/0x7a0
[ 1020.686302][T12302]  ? __pfx_panic+0x10/0x10
[ 1020.690744][T12302]  ? irqentry_exit+0x3b/0x90
[ 1020.695355][T12302]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1020.700581][T12302]  ? preempt_schedule_thunk+0x1a/0x30
[ 1020.705990][T12302]  ? preempt_schedule_common+0x44/0xc0
[ 1020.711495][T12302]  check_panic_on_warn+0xab/0xb0
[ 1020.716473][T12302]  end_report+0x117/0x180
[ 1020.720847][T12302]  kasan_report+0xe9/0x110
[ 1020.726003][T12302]  ? skb_release_head_state+0x283/0x2b0
[ 1020.731588][T12302]  ? skb_release_head_state+0x283/0x2b0
[ 1020.737169][T12302]  skb_release_head_state+0x283/0x2b0
[ 1020.742573][T12302]  kfree_skb_reason+0xed/0x210
[ 1020.747383][T12302]  __hci_req_sync+0x61d/0x980
[ 1020.752092][T12302]  ? __pfx___hci_req_sync+0x10/0x10
[ 1020.757316][T12302]  ? hci_req_sync+0x3f/0xd0
[ 1020.761849][T12302]  ? kfree+0x12a/0x3b0
[ 1020.765955][T12302]  hci_req_sync+0x97/0xd0
[ 1020.770309][T12302]  ? __pfx_hci_inq_req+0x10/0x10
[ 1020.775272][T12302]  hci_inquiry+0x3ea/0x950
[ 1020.779720][T12302]  ? __pfx_lock_release+0x10/0x10
[ 1020.784786][T12302]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1020.790193][T12302]  ? __pfx_hci_inquiry+0x10/0x10
[ 1020.795163][T12302]  ? hci_sock_recvmsg+0x7a0/0x13c0
[ 1020.800304][T12302]  ? __local_bh_enable_ip+0xa4/0x120
[ 1020.805623][T12302]  hci_sock_ioctl+0x2bb/0x880
[ 1020.810413][T12302]  ? __pfx_hci_sock_ioctl+0x10/0x10
[ 1020.815638][T12302]  sock_do_ioctl+0x116/0x280
[ 1020.820254][T12302]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1020.825402][T12302]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[ 1020.831935][T12302]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1020.838816][T12302]  sock_ioctl+0x22e/0x6c0
[ 1020.843170][T12302]  ? __pfx_sock_ioctl+0x10/0x10
[ 1020.848051][T12302]  ? selinux_file_ioctl+0x180/0x270
[ 1020.853279][T12302]  ? selinux_file_ioctl+0xb4/0x270
[ 1020.858447][T12302]  ? __pfx_sock_ioctl+0x10/0x10
[ 1020.863324][T12302]  __x64_sys_ioctl+0x193/0x220
[ 1020.868116][T12302]  do_syscall_64+0xcd/0x250
[ 1020.872653][T12302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.878677][T12302] RIP: 0033:0x7fe54fd75bd9
[ 1020.883134][T12302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1020.902791][T12302] RSP: 002b:00007fe54f7ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1020.911228][T12302] RAX: ffffffffffffffda RBX: 00007fe54ff03f60 RCX: 00007fe54fd75bd9
[ 1020.919217][T12302] RDX: 0000000020000080 RSI: 00000000800448f0 RDI: 0000000000000007
[ 1020.927206][T12302] RBP: 00007fe54fde4aa1 R08: 0000000000000000 R09: 0000000000000000
[ 1020.935196][T12302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1020.943185][T12302] R13: 000000000000000b R14: 00007fe54ff03f60 R15: 00007fffbf7a0098
[ 1020.951183][T12302]  </TASK>
[ 1020.954505][T12302] Kernel Offset: disabled
[ 1020.958838][T12302] Rebooting in 86400 seconds..