last executing test programs:

9.550556666s ago: executing program 2 (id=4913):
sendmmsg(0xffffffffffffffff, &(0x7f00000077c0)=[{{0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000000680)="16539615691fbe156725c0fdeb78cf6a4bc11eb1363a98e09a899ca9a2ab9ff4a2c31b177e0b699978e22279d41f0437d3dda72d144986315106bf118334f0d22cd265d315ac56ca66fd70b611c26fb99129597428b01925437b25ccd4aa9e2ab717346e41308bdb7fe63f7be47e014ff04f395ab231b4cd64a1bd8bdcdbd78dc70f34000fe656b95a6035564d23cc1969b9fb40edb134f906f195adaea7974c619c4e534871010a799dd3c0c10b5bde2834e35732a6d151bd09e9415e1c995602da53f350918def0e097fe1435332a159464b09a1c576af2b08231c62c2a5631bea48fc181a1efd64fec4ceeec9cf5419987abe0668f06cd2fa9915922795ef2b1abd46acb31fff79500f6e3bced3b1b89f5252f0b8fdc80c7fc2634a5984c12a0eb75f8d1fb95f04bcc5ceaef5424dfea1cde54cf7aeef4f62f267b60bc57b57dd3e77f6a00d2250ec4954da60e9aea7c373c86f8c89210b5a185dd175aba80f4de99c517677eeb44de838972006da31ecd0e32fc7b72042820a38c3ef8a4e712155f16a7918b3e2297c531131925fe036462386a7d8cd5cc621eb32268671cce83a82ac33589620e961d4f0cb9a0da9d96f75eb4f18b72335006ca1b221aeea21cca46ddb6bb6f400ec988879e96841737c65bfd6b4f762bab39769ff12d5b94b2b04e4becdeef9f7360b3fc348002b05f5d57de813691856e40682f0a4311fd794c43298d289a1fd565459f62db94339c133dfa4de68154a5464ac0f99d910ea4047f8a5708c52", 0x229}], 0x1}}], 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8.980685476s ago: executing program 1 (id=4916):
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x2})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000340)={0x3, 0x7e})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$vcsu(&(0x7f0000000080), 0x0, 0x480000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r7, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d5d549a, 0x0, [0x0, 0x7, 0x100000, 0x3]})
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r4)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)={0x48, r8, 0x2fef5244a503c3bd, 0x70bd2a, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x48}, 0x1, 0x0, 0x0, 0x440c1}, 0x20000840)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/71, 0xd000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000002c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000002300)='./file0\x00', &(0x7f0000002ac0), 0x0, &(0x7f0000002340)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]})

8.802747467s ago: executing program 2 (id=4917):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
r3 = signalfd4(r1, &(0x7f0000000300)={[0x8000007]}, 0x8, 0x80800)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22}, 0x48)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r5, &(0x7f0000000200)={0x2, 0x0, @empty}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r4, &(0x7f0000000600)="315ccc26a92619d15d3013b2dc1ab8ca40a0182d891a75d907e528a7a23ed1b7b48059df336346c9f171ae8aa0b023e119ff9507d1ba778211e578b4b3a5867ae9cbca9cbdc9d1cc5c6f60c099e2491bf6dbd148e62a6830b70052813c5650c51a2ea6b40b0ea00922b605c5b3892852e03c7a4421841f39e83367539089a39bc5ab07aca162f25b1a03303607006bbbe9aeeea30256cbf618a786c3202c53520f7e3118ad0ff12b3692179b40a1ba851498b4c9d66987dac514ac1786b03c52a1c1dd14e7c8246c6b09c2ec28bd8e5879", &(0x7f00000004c0)=@udp=r5}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r4, &(0x7f0000000000), &(0x7f0000000100)=@tcp=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x1e, &(0x7f0000000880)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @map_val={0x18, 0x7, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x8}, @generic={0x3f, 0x0, 0x0, 0x0, 0x6}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80}}], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000413b88400819151300000000000109022b0000100000000904"], 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, 0xffffffffffffffff)
fcntl$getownex(r8, 0x10, &(0x7f0000000140))
r9 = socket$inet6_sctp(0xa, 0x0, 0x84)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, 0x0, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x40084504, 0x0)

8.199411055s ago: executing program 1 (id=4921):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000340)={"0301bb47", 0x0, 0x0, 0x0, 0x0, 0x0, "b42ebfd32dd7da791c62270c902e9a", "7b7fc907", "e79112e5", "38c4da13", ["8185d3a8873d4b79a717fb97", "9b784e94f5a97578fce2dbce", "9909a1ea2df333a6a9334daa", "547013ca3319d99bbc64fd5e"]})

7.950838062s ago: executing program 1 (id=4922):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000180)={0x1f, 0x0, 0x4}, 0x6)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = fcntl$dupfd(r1, 0x0, r2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x9, 0x3ff}, 0x8)
ioctl$KDSIGACCEPT(r3, 0x400455c8, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SNDCTL_SEQ_RESETSAMPLES(r3, 0x40045109, &(0x7f0000000200)=0x5)
ioctl$USBDEVFS_RELEASE_PORT(r3, 0x80045519, &(0x7f0000000040)=0xffff)
getsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
sendmsg$nl_route(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_REPLAY_PROTECT={0x5, 0xc, 0x1}, @IFLA_MACSEC_WINDOW={0x8}]}}}]}, 0x44}}, 0x0)
fsetxattr(r4, &(0x7f0000000000)=@random={'osx.', 'macsec\x00'}, &(0x7f0000000100)='macsec\x00', 0xfffffffffffffdf3, 0x2)

5.795071712s ago: executing program 0 (id=4929):
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012"], 0x3}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) (fail_nth: 6)

4.972480024s ago: executing program 2 (id=4931):
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x2})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000340)={0x3, 0x7e})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$vcsu(&(0x7f0000000080), 0x0, 0x480000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r7, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d5d549a, 0x0, [0x0, 0x7, 0x100000, 0x3]})
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r4)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)={0x48, r8, 0x2fef5244a503c3bd, 0x70bd2a, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x48}, 0x1, 0x0, 0x0, 0x440c1}, 0x20000840)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, 0x0, &(0x7f0000000480)=""/71, 0xd000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000002c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000002300)='./file0\x00', &(0x7f0000002ac0), 0x0, &(0x7f0000002340)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]})

4.84127056s ago: executing program 0 (id=4932):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000340)={"0301bb47", 0x0, 0x0, 0x0, 0x0, 0x0, "b42ebfd32dd7da791c62270c902e9a", "7b7fc907", "e79112e5", "38c4da13", ["8185d3a8873d4b79a717fb97", "9b784e94f5a97578fce2dbce", "9909a1ea2df333a6a9334daa", "547013ca3319d99bbc64fd5e"]})

4.796070959s ago: executing program 1 (id=4933):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r3}, 0x10)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
r5 = socket(0x15, 0x5, 0x0)
setsockopt$sock_timeval(r5, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
recvmsg(r5, 0x0, 0x0)

4.579930837s ago: executing program 0 (id=4934):
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000180), 0x8)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000180)={&(0x7f00000016c0)={0x2, 0x0, @dev}, 0x10, 0x0}, 0x34060044)
socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, 0x0, 0x0)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x800}}, './file0\x00'})
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x2a8, 0xffffffff, 0x0, 0x98, 0x0, 0xffffffff, 0xffffffff, 0x210, 0x210, 0x210, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@ip={@private, @multicast1, 0x0, 0x0, 'ip6gre0\x00', 'ip6gre0\x00', {}, {}, 0x6, 0x0, 0x2c}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@private, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'wlan1\x00'}, 0x0, 0xb0, 0xe0, 0x0, {}, [@common=@set={{0x40}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x308)
recvmmsg(r4, 0x0, 0x0, 0xa002, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bind$netlink(r3, &(0x7f0000000080), 0xc)
r6 = socket$inet6(0xa, 0x3, 0x1)
accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x0)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x21, 0x0)

3.68704599s ago: executing program 1 (id=4935):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100f20000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000080)={0x0, [], 0xc})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
futex(0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f7, &(0x7f0000000000)={'bridge0\x00', 0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0)
getsockname(r3, &(0x7f0000000280)=@xdp={0x2c, 0x0, <r4=>0x0}, &(0x7f0000000040)=0x80)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newlink={0x34, 0x10, 0x581, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000070000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="0c00018008000100000000060c00018008000100000004000c0001800800010000000300e56dbc6c4f05353ad238d5838de9b321b73e47aec8d4488681f1aee84577407621f703430d69d35bee6fa88268a1d8e0817da0c748bd116ca5bd1d5ebee3a8a811cc46dc6533b16c28950027c94971b9516302a74cd7fe6c9d9804a4bde5d07615992e36eff7619659efd2a51fd11894808ac0eda1434d771ff21fa513ebd237db62dd4700bf083cc4c51495ff2df5855cc963815a3e6a2ec1edfc30f56c3cf02ffae709aa48fe372cb3ee8f897bee32"], 0x3c}, 0x1, 0x5502000000000000}, 0x0)
syz_usb_connect$uac1(0x0, 0x82, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000086b1d01014000010203010902700003010000000904000000010100000a240100fc816f91dd99422c24f4c500000201020624050202be0b2404"], 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)

3.419054227s ago: executing program 3 (id=4938):
sendmmsg(0xffffffffffffffff, &(0x7f00000077c0)=[{{0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000000680)="16539615691fbe156725c0fdeb78cf6a4bc11eb1363a98e09a899ca9a2ab9ff4a2c31b177e0b699978e22279d41f0437d3dda72d144986315106bf118334f0d22cd265d315ac56ca66fd70b611c26fb99129597428b01925437b25ccd4aa9e2ab717346e41308bdb7fe63f7be47e014ff04f395ab231b4cd64a1bd8bdcdbd78dc70f34000fe656b95a6035564d23cc1969b9fb40edb134f906f195adaea7974c619c4e534871010a799dd3c0c10b5bde2834e35732a6d151bd09e9415e1c995602da53f350918def0e097fe1435332a159464b09a1c576af2b08231c62c2a5631bea48fc181a1efd64fec4ceeec9cf5419987abe0668f06cd2fa9915922795ef2b1abd46acb31fff79500f6e3bced3b1b89f5252f0b8fdc80c7fc2634a5984c12a0eb75f8d1fb95f04bcc5ceaef5424dfea1cde54cf7aeef4f62f267b60bc57b57dd3e77f6a00d2250ec4954da60e9aea7c373c86f8c89210b5a185dd175aba80f4de99c517677eeb44de838972006da31ecd0e32fc7b72042820a38c3ef8a4e712155f16a7918b3e2297c531131925fe036462386a7d8cd5cc621eb32268671cce83a82ac33589620e961d4f0cb9a0da9d96f75eb4f18b72335006ca1b221aeea21cca46ddb6bb6f400ec988879e96841737c65bfd6b4f762bab39769ff12d5b94b2b04e4becdeef9f7360b3fc348002b05f5d57de813691856e40682f0a4311fd794c43298d289a1fd565459f62db94339c133dfa4de68154a5464ac0f99d910ea4047f8a5708c52", 0x229}], 0x1}}], 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.332053323s ago: executing program 3 (id=4939):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r0, &(0x7f0000000140)=ANY=[], 0xfffffecc)
ppoll(&(0x7f0000000180)=[{0xffffffffffffffff, 0x5049}, {r0, 0xc0ce}, {r1, 0xb8}, {0xffffffffffffffff, 0x460}, {0xffffffffffffffff, 0x4}, {r1}], 0x6, &(0x7f0000000200)={0x77359400}, &(0x7f0000000280)={[0x8]}, 0x8)

3.317472273s ago: executing program 2 (id=4940):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="18"], 0x0}, 0x90)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f00000006c0)={0x7e0, r1, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x138, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x28, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x7ff, 0x65, 0x8, 0xa, 0xc, 0x3, 0xf1d]}}]}, @NL80211_BAND_2GHZ={0x38, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x29, 0x2, [{0x5, 0x6}, {0x5, 0x9}, {0x6, 0x9}, {0x5, 0x9}, {0x1, 0x7}, {0x6, 0x6}, {0x1, 0x1}, {0x1, 0x1}, {0x4}, {0x6, 0x7}, {0x4, 0x2}, {0x3, 0x1}, {0x3, 0x6}, {0x0, 0x3}, {0x1, 0x7}, {0x5, 0x1}, {0x0, 0x8}, {0x1, 0x1}, {0x2}, {0x2, 0x1}, {0x3, 0x6}, {0x3, 0x9}, {0x6, 0x5}, {0x4, 0x4}, {0x7, 0x1}, {0x5, 0x7}, {0x6, 0x1}, {0x6, 0x2}, {0x1, 0x2}, {0x1, 0x1}, {0x1, 0x3}, {0x0, 0x1}, {0x4, 0x1}, {0x0, 0x4}, {0x7, 0x9}, {0x6, 0x6}, {0x4, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_2GHZ={0x60, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x44, 0x2, [{0x3, 0x3}, {0x2, 0x1}, {0x1, 0x5}, {0x2}, {0x3}, {0x6, 0x3}, {0x6, 0x6}, {}, {0x4, 0x9}, {0x3, 0x9}, {0x3, 0xa}, {0x0, 0xa}, {0x2, 0xa}, {0x6, 0x7}, {0x1, 0x1}, {0x0, 0x8}, {0x5}, {0x3, 0xa}, {0x0, 0x1}, {0x6, 0x7}, {0x6, 0x9}, {0x4, 0x9}, {0x2, 0x8}, {0x4, 0x2}, {0x0, 0x4}, {0x0, 0x1}, {0x2, 0x7}, {0x5, 0x9}, {0x7, 0x8}, {0x6}, {0x7, 0x3}, {0x3, 0x3}, {0x4}, {0x1, 0x4}, {0x4, 0x3}, {0x7, 0x6}, {0x4, 0x5}, {0x3, 0xa}, {0x0, 0x7}, {0x6, 0x7}, {0x1, 0x5}, {0x2}, {0x0, 0x1}, {0x0, 0x2}, {0x5, 0xa}, {0x0, 0x2}, {0x7, 0x1}, {0x0, 0x3}, {0x1, 0x6}, {0x4, 0x2}, {0x0, 0x7}, {0x7, 0x4}, {0x1, 0x2}, {0x6, 0x6}, {0x2, 0x8}, {0x0, 0x8}, {}, {0x1, 0x2}, {0x6, 0x5}, {0x6, 0x3}, {0x2, 0x7}, {0x7, 0x9}, {0x0, 0x1}, {0x1, 0x1}]}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x48, 0x0, 0x60, 0x12, 0x30, 0x60, 0x2, 0x30, 0x36, 0x1, 0x60, 0xc, 0x6c, 0x36, 0x9, 0x48, 0x6, 0x48, 0x88bb459e6982ed41]}]}, @NL80211_BAND_5GHZ={0x74, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8001, 0x26, 0x401, 0x4, 0x0, 0x1000, 0x2]}}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x6}, {0x3, 0xa}, {0x7, 0x8}, {0x6, 0x5}, {0x7, 0x5}, {0x0, 0x6}, {0x2, 0x7}, {0x7, 0x4}, {0x3, 0x1}, {0x2, 0x9}, {0x5, 0x2}, {0x6, 0x3}, {0x1, 0x1}, {0x3, 0x5}, {0x7, 0x4}, {0x2, 0x4}, {0x5, 0xa}, {0x0, 0x6}, {0x2, 0x3}, {0x1, 0x3}, {0x0, 0x3}, {0x2, 0x1}, {0x0, 0x3}, {0x4, 0x8}, {0x2, 0xa}, {0x2, 0x8}, {0x6, 0x1}, {0x1, 0x9}, {0x2, 0x3}, {0x7, 0x7}, {0x6, 0x5}, {0x1, 0x5}, {0x1, 0x5}, {0x3, 0x8}, {0x3, 0x7}, {0x5, 0xa}, {0x3}, {0x2, 0x6}, {0x4, 0x6}, {0x5, 0x4}, {0x6, 0x2}, {0x6, 0x4}, {0x0, 0x6}, {0x7, 0x5}, {0x1, 0x9}, {0x0, 0x9}, {0x1}, {0x1, 0x6}, {0x3, 0x9}, {0x7, 0x5}, {0x3, 0x7}, {0x7, 0x2}, {0x1, 0x8}, {0x4, 0x2}, {0x0, 0x3}, {0x7, 0x1}, {0x3, 0x1}, {0x5, 0x5}, {}, {0x1, 0x2}, {0x6, 0x1}, {0x1, 0x2}, {0x6, 0xa}, {0x7, 0xa}, {0x2, 0x1}, {0x7}, {0x2, 0x1}, {0x4, 0xa}, {0x6, 0x8}, {0x7, 0x5}, {0x6, 0x3}, {0x4, 0x5}]}]}]}, @NL80211_ATTR_TX_RATES={0x22c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4, 0x8, 0xfc00, 0x81, 0xa, 0x8, 0x4]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x6c]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xfffb, 0x3, 0x0, 0x9db8, 0xff, 0xa79, 0x1a]}}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x30, 0x24, 0x6c, 0x9]}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xffff, 0x2, 0xfff9, 0x0, 0x3, 0x3, 0x2, 0x2]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x3}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x5, 0x8, 0x3d, 0x2, 0xa, 0x5, 0x8000]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdd64, 0x9, 0x21, 0x200, 0xe7c8, 0x91, 0xc1ea, 0x6]}}]}, @NL80211_BAND_6GHZ={0xcc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x9, 0x1, [0x36, 0x24, 0x24, 0x6c, 0x16]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0xc, 0x6, 0xc, 0x0, 0x36, 0x1b, 0x6, 0xb, 0x48, 0xb12a2309b8eb292d, 0x24, 0x36, 0xc, 0x30, 0x4, 0x1b, 0x18, 0x1, 0x16, 0x1, 0x48]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x80, 0xfffd, 0x6b, 0x0, 0x1000, 0x80, 0x6a56, 0x8]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x30, 0x30, 0x60, 0x9, 0xb, 0xc, 0x30, 0x5, 0x60, 0x5, 0xc, 0xc, 0x30, 0x1, 0x1b, 0x36, 0x1b, 0x5, 0x12, 0xf, 0x12, 0x36, 0x9, 0x30, 0x3b, 0x4, 0x48, 0x16, 0x24]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x4, 0x1}, {0x0, 0x7}, {0x5, 0x1}, {0x1, 0xa}, {0x1, 0x8}, {0x5, 0x5}, {0x1, 0x9}, {0x3, 0x5}, {0x7, 0x9}, {0x0, 0x4}, {0x5, 0x7}, {0x4, 0x6}, {0x2, 0x3}, {0x0, 0x1}, {0x2, 0x3}, {0x1, 0x9}, {0x2, 0x6}, {0x0, 0x1}, {0x6}, {0x1, 0x1}, {0x2}, {0x0, 0x2}, {0x1, 0x1}, {0x1, 0xa}, {0x7, 0x8}, {0x0, 0x2}, {0x7}, {0x3, 0x7}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x4}, {0x3, 0x5}, {}, {0x7, 0x7}, {0x4, 0x2}, {0x3}, {0x3, 0x3}, {0x2, 0x6}, {0x5, 0x9}, {0x0, 0x2}, {0x1, 0x6}, {0x0, 0x4}, {0x5, 0x7}, {0x6, 0x1}, {0x5, 0x1}, {0x7, 0x8}, {0x2, 0x6}, {0x6, 0x7}, {0x4, 0x6}, {0x1, 0x7}, {0x6, 0x7}, {0x5, 0x4}, {0x3, 0x3}, {0x0, 0x9}, {0x3, 0xa}, {0x7, 0x3}, {0x4, 0xa}, {0x6, 0x3}, {0x0, 0x2}, {0x4, 0x4}, {0x7, 0x3}, {0x0, 0x8}, {0x7, 0x2}, {0x6, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x1, 0x8}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x7, 0xa}, {0x4, 0x7}, {0x4, 0x1}, {0x1, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_2GHZ={0x4}, @NL80211_BAND_6GHZ={0xb4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x4, 0x3, 0x5, 0x1, 0xfffa, 0x200, 0xfb]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1ff, 0x3, 0xcaf, 0x7, 0x1, 0x78, 0x4, 0xf000]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x5, 0xa}, {0x1, 0x7}, {0x7, 0x3}, {0x0, 0x1}, {0x1, 0x9}, {0x2, 0x6}, {0x3, 0x4}, {0x7, 0x1}]}, @NL80211_TXRATE_HT={0x34, 0x2, [{0x5, 0xa}, {0x5, 0x3}, {0x4, 0x4}, {0x7, 0x4}, {0x6, 0x5}, {0x6, 0x8}, {0x0, 0x3}, {0x0, 0x3}, {0x0, 0x4}, {0x5, 0x9}, {0x3, 0xa}, {0x2, 0x8}, {0x2, 0x3}, {0x3, 0x3}, {0x0, 0x3}, {0x5, 0x8}, {0x2, 0x2}, {0x4, 0xa}, {0x1}, {0x1, 0x2}, {0x1, 0x8}, {0x2, 0x8}, {0x7}, {0x6, 0x1}, {0x1, 0x5}, {0x4, 0x2}, {0x1, 0x8}, {0x2, 0xa}, {0x0, 0x2}, {0x2}, {0x5}, {0x6, 0x3}, {0x0, 0x4}, {0x5, 0x1}, {0x1}, {0x4, 0x6}, {0x4, 0x4}, {0x5, 0x7}, {0x2, 0x5}, {0x5}, {0x3, 0x5}, {0x4, 0x2}, {0x5, 0x5}, {0x6, 0x7}, {0x3, 0x4}, {0x2, 0x2}, {0x5, 0x5}, {0x1, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffb, 0x8, 0x9, 0xd98, 0x4, 0x20, 0x6, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x8, 0x2, 0x2, 0x9, 0x3, 0x9, 0x74]}}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x0, 0x80, 0x140, 0x10, 0x4, 0x7]}}]}]}, @NL80211_ATTR_TX_RATES={0x4}, @NL80211_ATTR_TX_RATES={0xe0, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x3c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x4, 0x3, 0xc96, 0x9, 0x3, 0xff, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x0, 0x6, 0xc6, 0x2161, 0x0, 0x2, 0x5]}}]}, @NL80211_BAND_60GHZ={0xa0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0xc, 0x12, 0x18, 0x5, 0x53, 0x1, 0xc, 0xc, 0x3]}, @NL80211_TXRATE_HT={0x19, 0x2, [{0x3, 0xa}, {0x6, 0x9}, {0x2, 0x9}, {0x0, 0xa}, {0x7, 0x4}, {0x7, 0x3}, {0x3, 0x5}, {0x1, 0x7}, {0x1, 0x9}, {0x1, 0x9}, {0x0, 0x4}, {0x7, 0x9}, {0x0, 0x3}, {0x2, 0x7}, {0x5, 0x5}, {0x0, 0x2}, {0x5, 0x8}, {0x6, 0x7}, {0x1, 0x7}, {0x1, 0xa}, {0x6, 0x6}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x3b, 0x2, [{0x4, 0x4}, {0x5, 0x8}, {0x2}, {0x2, 0x2}, {0x3}, {0x7, 0x3}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x8}, {0x0, 0x7}, {}, {0x7, 0x7}, {0x5, 0x2}, {0x6, 0x3}, {0x4, 0x8}, {0x5, 0x4}, {0x1, 0x3}, {0x1, 0x4}, {0x6, 0x4}, {0x5, 0x7}, {0x0, 0xa}, {0x6, 0x7}, {0x5, 0x8}, {0x4, 0x9}, {0x5, 0x3}, {0x4, 0xa}, {0x0, 0x4}, {0x7, 0x5}, {0x2, 0x1}, {0x4, 0x7}, {0x1, 0x4}, {0x3, 0x1}, {0x3, 0x8}, {0x4, 0x2}, {0x3, 0x8}, {0x1, 0x2}, {0x2, 0x6}, {0x3, 0x7}, {0x5, 0x5}, {0x5, 0x6}, {0x2, 0x3}, {0x1, 0x8}, {0x2, 0x7}, {0x3, 0xa}, {0x6, 0x8}, {0x0, 0x1}, {0x2, 0x4}, {0x1, 0x4}, {0x0, 0x2}, {0x3, 0x3}, {0x4, 0x6}, {0x5, 0x4}, {0x1, 0x2}, {0x3, 0x7}, {0x2, 0x2}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x4, 0x6, 0x8, 0x3, 0x2, 0x1, 0x7f]}}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x38, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x34, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x1, 0xb, 0x12, 0xb, 0x4, 0x9, 0x48, 0x24, 0x2, 0x1, 0x60, 0x48, 0x9, 0xb, 0xc, 0x3, 0x4, 0x36, 0x12, 0xc, 0x18, 0x60]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xffff, 0x232, 0x7, 0xff, 0x5, 0xff, 0xc3, 0xc3]}}]}]}, @NL80211_ATTR_TX_RATES={0xbc, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x544f, 0x5, 0x5, 0x17, 0x0, 0x5d3c, 0x5, 0xffb7]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x9, 0xf, 0x2, 0x4, 0xff51, 0x5, 0x6b48]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x30, 0x30, 0x30, 0xb, 0x60, 0x3, 0x36, 0x12, 0x1b, 0x18, 0x6c, 0x6, 0x24, 0x3, 0x9, 0x6e, 0x30, 0x1, 0x36, 0x1, 0x60, 0x2f, 0x9, 0x4, 0x3, 0x18, 0x1b, 0x30]}]}, @NL80211_BAND_5GHZ={0x38, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x2, 0x2, 0x507, 0x8242, 0x45ec, 0x3]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x3, 0x2, 0x1d, 0x60, 0x30, 0x1b, 0x12]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x0, 0x0, 0x7fff, 0xf1, 0x3, 0x7, 0x267]}}]}]}, @NL80211_ATTR_TX_RATES={0x8c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x88, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x6, 0xb, 0x400, 0x4, 0x365, 0xe, 0x7ab]}}, @NL80211_TXRATE_HT={0x2f, 0x2, [{0x6, 0x5}, {0x3, 0xa}, {0x1, 0x2}, {0x7, 0xa}, {0x5, 0x2}, {0x0, 0x7}, {0x5, 0x8}, {0x4, 0xa}, {0x1}, {0x0, 0x9}, {0x6, 0x9}, {0x5, 0x4}, {0x5, 0x6}, {0x1, 0x8}, {0x1, 0x5}, {0x0, 0xa}, {0x1, 0x6}, {0x0, 0xa}, {0x5, 0x5}, {0x0, 0x6}, {0x6, 0x6}, {0x5, 0x5}, {0x1}, {0x0, 0x9}, {0x4, 0x3}, {0x0, 0x5}, {0x2, 0x3}, {0x5, 0x7}, {0x7, 0x2}, {0x0, 0x8}, {0x4, 0x6}, {0x6, 0x9}, {0x7}, {0x4, 0x4}, {0x7, 0x9}, {0x7, 0x8}, {0x0, 0x9}, {0x0, 0x9}, {0x3, 0x3}, {0x6, 0x5}, {0x4, 0x9}, {0x2, 0x2}, {0x6, 0x6}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x1, 0x4, 0x6, 0x1b, 0x24, 0x5, 0x6c, 0x9, 0x5, 0x1b, 0x3, 0xb, 0x12, 0x1b, 0x30, 0x4b, 0x4, 0x12, 0x30, 0x5]}]}]}, @NL80211_ATTR_TX_RATES={0x1fc, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x24, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x1b, 0xc3a3a0c0cba4bc30, 0x6c, 0x6c, 0x16, 0x4, 0x12, 0x36, 0x18, 0x9, 0x24, 0x1b, 0x10, 0x1, 0x6, 0x1]}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x5, 0xf800, 0xb6c, 0xd8, 0x2, 0x8, 0x10]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x9c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x30, 0x12, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x40, 0x1, 0x81, 0xd, 0x8001, 0x1, 0x5, 0x7f]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x5, 0x60, 0x12, 0x60, 0x4, 0x60, 0x60, 0x16, 0x4, 0x36, 0x60, 0x6c, 0x4, 0xc, 0x16, 0x52, 0x5d, 0xb, 0x12, 0xb, 0x2, 0x5, 0x40, 0x9, 0x30, 0x6, 0xb, 0x1b, 0x9, 0x6c, 0x48]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x3, 0xba4c, 0x6, 0xa0df, 0x7f, 0xfffd, 0x502b]}}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x7, 0x69, 0x9, 0xc, 0x36, 0x1b, 0x5, 0x1, 0x6, 0x30, 0xc, 0x5, 0x4, 0x1, 0x60, 0x2, 0x48, 0x3, 0x24, 0x6c]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x1, 0xc1, 0xe0, 0xfeff, 0x8, 0x8, 0xe20f]}}]}, @NL80211_BAND_2GHZ={0x40, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x21, 0x2, [{0x4, 0x5}, {0x3, 0x3}, {0x0, 0x4}, {0x5, 0xa}, {0x7, 0x4}, {0x6, 0xa}, {0x3, 0x8}, {0x0, 0x6}, {0x1, 0x6}, {0x4, 0x3}, {0x4, 0x9}, {0x3, 0x7}, {0x6, 0x4}, {0x4, 0x1}, {0x3, 0x9}, {}, {0x0, 0x8}, {0x3, 0x1e}, {0x5, 0x3}, {0x5, 0x6}, {0x6, 0x9}, {0x1, 0x1}, {0x1, 0x2}, {0x5, 0x2}, {0x0, 0x1}, {0x5, 0x5}, {0x6, 0x7}, {0x3, 0x4}, {0x5, 0x2}]}]}, @NL80211_BAND_6GHZ={0x80, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x2e, 0x2, [{0x7, 0x2}, {0x7, 0x3}, {0x1, 0xa}, {0x6, 0x1}, {0x0, 0x4}, {0x1, 0x2}, {0x0, 0x1}, {0x2, 0x8}, {0x5, 0x8}, {0x0, 0x4}, {0x4, 0x6}, {0x7, 0xa}, {0x3, 0x7}, {0x3, 0x3}, {0x0, 0x7}, {0x4, 0x6}, {0x0, 0x9}, {0x2, 0x8}, {0x1, 0x1}, {0x6}, {0x2, 0x13}, {0x0, 0x6}, {0x7, 0x6}, {0x1, 0x8}, {0x2}, {0x0, 0xa}, {0x5, 0x7}, {0x3, 0x4}, {0x5, 0x3}, {0x0, 0x5}, {0x7, 0x4}, {0x3, 0xa}, {0x1, 0x3}, {0x4, 0x2}, {0x1}, {0x0, 0x4}, {0x0, 0x5}, {0x3, 0x4}, {0x5, 0x8}, {0x4, 0x9}, {0x0, 0x6}, {0x3, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe400, 0x80, 0x9, 0x7f, 0x400, 0x7, 0x2, 0x8000]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x0, 0x9, 0x2, 0x5, 0x9326, 0x6, 0xad]}}, @NL80211_TXRATE_LEGACY={0x9, 0x1, [0x1b, 0x3, 0x3, 0xc, 0x4]}]}, @NL80211_BAND_6GHZ={0x48, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x400, 0x506, 0x7f, 0x800, 0x1, 0x0, 0xe9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x79, 0x8, 0x0, 0x9, 0x80, 0x9, 0x0, 0x5]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x984, 0x9, 0xb59, 0x1, 0x7f, 0xbc, 0xfff3, 0x7f]}}]}]}]}, 0x7e0}, 0x1, 0x0, 0x0, 0x20000040}, 0x80)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xa, 0x0, &(0x7f0000000200)="a99335b3db68ab7e2501", 0x0, 0x6fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04050400c80020"], 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6d}, "0b17f979b05a4b28a118c62ba9f8c041e98d091c5dfa2b31112c8c834b138ad369631615781a7eafd6579f7dc8327c58c8e1136f5542e2832b944571839fd9e9f5b579af61c4739516c521de16030d96f8a6e010ef50a9856b9700e21f8a23b203d04c2b49f76202c2c69aa3e8"}, 0x71)
socket$inet6_sctp(0xa, 0x0, 0x84)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x8000)
ioctl$EVIOCSABS2F(r4, 0x401845ef, &(0x7f0000000180)={0x53, 0xa738, 0xe2, 0x576, 0x501, 0x101})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r5, &(0x7f0000006280)={0x2020, 0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r6, {0x7, 0x1f}}, 0x50)
chmod(&(0x7f0000000040)='./file0\x00', 0x0)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB='trev/f5se\x00\x00\x00\x00\x00\x00\x00\x00\x00'])
syz_fuse_handle_req(r5, &(0x7f0000004280)="746742ca1b148a3d4a1d266df0e05721d3b36ffebab0a9750bf000dbdd0e2400445d3671239cb6e17c4e73c69319ff1319860a6a935682a8864763ca0fc3bb37a2570d6015d8148f349d76492ea77fa9c64f9a8d5f6f97ffcec860277cc20118c8ee9c18356b8b0c7182ae1b94c02875db65b3cda135a4be464f474d055a181153444cf6bf7c65c6cea7e9faf223a0aa9eecfeebef4a53414f7bbf33b238dd348197b7b645843b9c61e24b2dc115cf829b59eeba3bfb077434af9e8ce746957cb083b09b21a72d1c7a898b074710106196a1ac73f08bdd5c3f6eb270182fee4eb2a59512c8ac969aaae92b6b72d870e62d95c5ac3be4e987a8e0126ad9b8a72e737654c6637d55aabfd59949fe8962f61a42084cb4b381c7e845d36c9719dde0c21b1bf087d11ac73dec59d59492afdbe4560e4073e591b03f36ca7b674b2ecc29963626770c7e1c90cc7a9d5709e10c6d5414405c50dfe1c165a2b5aa99a4e50c854aeeac2a756ea6ca14bb68536476ec0397811f0b9e4759b2934cbb4cfc13cded31863c39633c3d79d11fecd01d831c1cb089d518500733b702627c48b9fa0202783896b267b22e84ee7ce3492ec5f212ba60c119a408cd9ba2a95c5bfd233e518a5f10ed6acc504b65592f1f43927b57e1deea98e4a1ac6ada92cd74afa7da3f4ab8f3947f69dceacffa4328ee06aebcbfaa0116f247c830d72e2cd7c03b011a374eeffffea06d6558026531e312a2e67da6fd9b5db77fa5e2583f5c0dbde326d9ad1c8c1bbe063a622781c8472583fc63edf049a93a27eec6422f31cbc7b9593b478648a51d6a2e96d6ce3949cced10708d432c73544023a9a3fceee55574af1e3054e68e2afee8d3939601ba78987c84059f559f815fa7a6f1ca8d54a9d32375ba1dd6ec1b95cd782666bb60169ad758c5dcbfe1e983a043e0e2a707bfdb297cc562e9a784a4a901310afcf27f499c90d7a82eb2367a8eab6b3fe461f7b48e2bf0cb4d26168a7cb6366a84d1d889f21e2b95b5acb01c98996ab4483197d6c84ea15a505fb3499664cdb66d1e4d94d92b390247d5cfe49c1e8233215d709e6573052f3cb35429145e9943fb595c95efd5734af77333500bf14049faad939553829e4e2ab8d7400aad2a6850bea35f909aca38fae95a2cb8ab7b567017f9cb190e2c9987e353235259391a9f18f85d7e06772b70cf4efe7c99708e7568bc4242d6d40b98d7322ada6da82d5ee5ff977dfbd3e4d6ae776fd1546aad74e27d93b46c0cd6b91ddd6db97c3a8479683800e163e89faf862c516048df71958789add1fecfd25bdb72b6fe3e9be9c4b47414ef69d81642ca69ea475fabcbaee1fe05948b3c021d9d59008e4a13bea45b4efa4b104afb6a947fc81ec8728366989fc6ba785b64f8f1e92aeeb8853ad2cb4db3875124b9ab57926a4bf9e0156f6821500c12c1ec6af90353d31801cb61e64f8258c5351ed34581f0cbbebbf4411f98ad1f4ee660b4c4c47fb56521608c8c29eb77316d3633cc65411b9d7a9f17f798e3aa498d5eb863c545fbb3efa34576c5b68bc410438cceac84fb808510dbdb191295cdf6762a103cb3567efea172870ba2bfe9d370685056d80c32ac053a1cc926712a185fff94b4b2d2f8d533f499667af7a15d5580f444cb34fbab6b4f4121923c29e93145cdf05be7361619ba6175991e5e41fb45af1b965fa13a89ce192923331fbebea46cc951bddaf6ad86277a7b8a992a92a29ffc00a68014a1134d2f716f062e20e7852a4c40442f2de37d32771f80551a46e2758a6dce9b2c4191a7772f4cb40d612ffc3c6c7d03dc08efb2bee1e4baef9ea07391fe3e57e62d589adeae48918244eacffda6022840c619a88acc4ae49b0d65e05d181f1969912363f13a188cbd96e615fca6e853e8be658c720ee34bd433874762637ee61000b5142a2990f34cf6e0f8c1e294c4816a377008e80817edea5d6048a497c8f84f061d5e255d37fe293f916086379afdc3de7b59c03b6312485ac16c5e4e4f454aed657f88243be439d31797246d164b83479f9f99b354590193cb6df458c58c8276a3b870f269dad278d9f50308ce996eceb1a61f0703946c1cdc9ba528876a8f03ba2fe7966fe4af800cb57ce1048e094b4d11d458a5dea614d68a9420b6c4b46d2a0375ee52b1f6b89873c808b85fe1b6a697e10762f6d8ca1a449c1848b2be07f446491ee7d88cf7a102dc12fdfb417b53e6eff843fb17c4b2eec619858ed866e0630327aedc8cf68fce159d5aeb35dfd6ea435ed13715285161f586fec250dfb69984d0cfb5ce36da1b7a654a47f750386df05fafc79277d0c47f9d8905a103e59057ce69cbb1aedd16adc6f7548579f2949092946bcb8e81acfd00d6b1f45cc226a24e991b760e9fbd1f4df195bc10a3f0439967c7b2e5571218aa7ef1269c5a346c8f2a7f6a3d4722ecf3fa37138d1963a14463d12a2851e628b00d09b537f422d13767032921ceaf947b5b7b04f67db2d044ecefd8f34b40b1284d54d02ade8a3abe89ebab9770bec1ab3a712529074862b6ea9861124ff815039287790bdadab79fc60762a11bd71e92c5cfd938827edf74b0897789f84883f0b3104970edc2ec1e192b804210f333f546680c0bddffe45942f5bf0281fc9db1ca9c7ddd570636f76c32671265bddef96307b1029e977e3ec06e5642c8d959d14b77a0922fe6b581e1f3b1627577c6a7de4f1f498eb1da3b697630920cf536c72f8978e86b2cac1d502a51e08b279551e9941781ced109ee23cca3be70033b065df24bd13bcd8136e65da8aaa63aa6dc2ce92996a5433d847d14dccb86ecb9b4eb493d31ec3ec0d9438c11bb89d71dc2add1e73191b55d344ab05eea8d2cfde3c1a5696a7506d60c2925c3ef8a70aec773d09c6fca773d8e178a7f760564178637bce8c8e1783bcb90bc113a085201e39d01552ab1f9e1bb3433233f3cc1ffa5fd55d294676a154f595f09833e7529887fbd5c9782c11b92fcc04057cda413e9b9fad6360f52ee370a38ae58754a055510ac522474380e99ee44fc815601d527ab220ea648e7b665164c66f744a4ec57cd8df3f3781edff97cf9b863503b904b36b7b500ad91d98918f66dc061219390b265694fd3ae8b7d546553a24281ae93133974cd1b52a1d9a4f2037ed9eb68854e5542833e2b2c30fd78d5796f26d82fe2cdec0e27fd11a7502fc3b9e133b2b00970c330c57cd154440f1b936887d8f474a22da9573403f650c0bffda8ad79ef797db60c5bb99f3dd3dc0b1b02a21b2db9996df7a43706680d82c8c698f15711be4a4a022b83bd9e9dbbe5622130030fed5239494d833149be5d54f2eed03c5a21024b504638af013f315255c4ef9d76dc4fe83a21bc7fa47ea758b0158e4f4d5bdf24dd7f7109d8cf6b4bfd518a4e98dc8ab72dff2bd8d4a050e5185975949bf7855a9125275c66ef8ed55e40c895a06716fee0b6653df925fd3bc8568331d7b442c2930092eb1b7ed8f8efbdfed25d2d3042c0550aa6f7afbc78b960217a119ac53c126499916147fb34cb5732bdb4fdeee7716af4ad0e24afda4af135cdb67f01177ac001387b1e81c1cfaf17fae23a81592e5c7199217f95efa7bafed8c1888b24fc7a612327c3f37e3000e3b3d7e1c44ef1dadcf0869b7b87b255a87f4716e230133ae2bc837cea4d4eb251a6435bfc7b3641ec5c002bae776f393ff2b0e0d484cbfeaab77bf91c48e11eecb4fd008a6cc1571d44d8270221ddc673b6104779beb3b15f4b972ffd1e5d152c15870a43a80655ba3d9a95e1a65350526eeb9932b56826e1e60c07c49022d9581a92f1ca19c2fb3b77b6c6f81114d36a50145dc4ae80a2d1f839b96555086d6a6debd28a79d2e6eec9f5542d306e39c254e3098055b6f863a3943bac3dcebb35482633a96c84fa1bfea8aeaef3796f448a8a42f0e25f904aee2907dc122a868280036d3502c50c998b51718c4123f142a8ad47a3d12cdce8efee86d33831286991ecfbfc583f4e1c3bc719c672571b6968012c24488d1d070ceefe71f4f6d82dd8611503f157104c890cb240a42f826502afb31e2c41b21241a10f4742e0f6123466530e7edcff02a1083bb81af08f98db2e7bb797c77bf75a18b5321d2480e1a06fa9b57063ebb8c7591af7c4b74f6d3ed3d25446d48a1259da567b43c88353625b3ed27b02eb572aa56a5bb67ef316b33b943d1a60fbaa3db6e8194ed60371e12d6345fecf3d227676e112156a97bdb8c8caf668f843f0c799619f2a82f8875b316ec1ad54e2d03844e521c596444fd140ab8e3a92ac5682ed36830c334104e4f2a141d099c5cd44132742a468aeb759344630c80257f7b50a2a6a7bfe22c4a0d6de8a63263683df9faaff8c9852a27b2cb1370fbdd8e07d82c24e92c98ad81d65f01396b381ca15309dd8bbe52ba6e458632c7eb15849c8a88d740f53477d473c310c4c89b24c33c137ffeefddecfd4bcf2770af93e222a65fcbae81bd44270bcf2c9a871a36b7df6943ce573cdff29b752d9c8ab45a73c434368467708f5b099cf4e8a87c0e7138589cdea7d0776034330c29d7aada3d324c2b33dd46ba714b4c600ff717d408364b809f61549ba8128a621f8b02e88baa574ff6f2a97ac44c20c72fdbdb3808a5c7a07f37ad56772f463232ad435c9dd3f0875449eef5ee1c30ac55135cd230d48e64898e09d911941b64fc1736bbd07fe787c4b11d21ba22bbebf02aff020ed09375bd8b5c176a7aa5633415c8ad9171b4ce7ce47ce9bc9afd61ebb09d8d6892c31b5c7020e14635f56d37326fe6ff41c0caf034267aba9518d66f18b4ae49b3a34ce970095f02b8fe002392971a23aba946f31166670bbcfb94ab6591679ea442b6e1104843d449ce13b57c678b05a7b678832bea1a5613eba4331d9f8cfb3ef84e897c9dc0ba464b8fc8f3d99028823cdcbade18f3bdd5751af9f9d7d4eac0edcdca3cd6d46d58f6b5dc87a68d8593897d62e77f6e92a2add1784e369f5e1d49d39b6be97d67f1616524687d00d5be0d8bdcf77cd37c2b1c7df25162c5f6e479bbef437b5a29a750024264de00adaf561351e9c517ebe7c87b51ffe95e133e8108de7e2cf8ae36c2226b8469fb7ba4ea961ddd13d1ca8166b0488232cc21dfd3d117e1297a0db743e10b068605ac4bfb03de90807f20604a0276c39f442831b5fb118b1f9c1e0f08156684882ffeec5a4b0cdbac536c6091943296fac5041e5b9200884b9e19d6d06c8088e3994fcad92be389bdca1a234b077eed8908ee1f754236e5e6485fdc56a39f48a22c0774063933bdf462448d5710485428acdc3bf23bbc88bb163f8cfce5ba8ddc0a8b3a8c8c5f77710dd03c85914ce6be6e5cfed757c4afb7720a17d04a6c2ca8ba539253ce4b0bfb4486f4f64a1da076ee492e4aec23bd7eed17bf274655ad2b9ff8430fad9935fdfca576076ff96a38e646f92ff584a6857d3a7659e80664d874f87a8e87fb87f8e134df0df20e46cc62a1434559ddcb338b0110c3995d8bdec0a02267381af6d707863e53a90467d8c6da3ab08481e869a2034bc54629ad7f6fb40fb98aac3ebcc9cec9fb084055869700925207d658e306de01d3d5a9fb348c46b8dcd8768d7208290738bc2d2e065c3c02d6359c046b03f01f908249eec4884aaeea75766d6090ed68b2b5cc43f6ebdfaab0ffb94d1cf72b328d8aa2df6e4c487572f54d22efc6d33b21a84b5bf57abecdf16dac97bb4547ae403b0da471c40613776a83beba0d95e5cc0357fbb993e95bd0dd4ad8dcb58ac274bf3df7309f7075faf5ba4cb13cb28cca11303d821660e600d9ea601a6b459c3be3e7aff7ce79d06692dd0415281fd857c2264cf43682424e19f3e50550d2a644325a7b579210aecf22514aaebfa61d9eb5fab051d5b519ee567b865100bee630a60dd2788666205e026e47005599cbb72736130b92ae45089808c9275b0080fc668caa51023beb386fe4ea2abd9834b22c57ecc7666c1a99e4b99ff77fcf7cf833c2b323b2a83706b4c62c738b744a120745d922fcba0099fc0085f97e9fe58e194a5473f5c839e5bdcb55907967ccd6c0119da4626aa407838d98c1099da397b2213ee5353587e9d4f76a61d57892a5cf2896bd5fd38b55be4069f709e9ec995b5bfa17b107ff95148b3f3b2142e1d2cd0366940ccb72b1b77e7562f0c9bf7284af1c480d50ed7260516b6dea97db3d88daa60e54cd51283b3284761f3fe022b3fedef757d8d6108915ff298c55d8e051d2d16990c06b8af2dfc027b66edd53f46326504a18c4c7779c7972f686c6563a0046c8cf7f9615e2a8f3b43acbe3a3bd8c0e88040d2cdd041ff1aa6c3a1e82faad590cf2457145062b18752bce5bce1fb836bd6798d342a4eb90a78dae2325fcabab79fdfd58bb889d3fde76c739804ba4c548e6fc739b463abd5fb8489aedce7ec0eb74881a41cc16ae6c6e8b3b9280cb5629eb2b477c8e10ff90fa10c66fc4d0378b21380bcd85e9526e61e51914ffadfd2ef80ebe00dc1bb0fad4729ca265af42e5f75bc8ef4e51a8366653c06c759c71a2ec824e67feea6e3c362beb67bdd09486f6db425b1f081cb0b588e8063b2d5c6a146834bbbbe9fc920c04fbf38aafa862d0a3b9a36b51f2b4b44eda882e491360da16cb51454f810cea4328ee9421e53cb13029aeb1d7a6d4c892b2aa3dd9f815329fe638e2e6be1bd41313a5d9fa80451a464b46d0f925528d027e40ed6604eb2da104939650d9c81b496d11b8d00a1c72817729ce3b4ca15673eec933cf1421e01e4b5b29dfad8568428e60b65ea057f72c050b940f6218604934f17a68cfd3175fc08a26a6416c04933d67fa6d92bc9605b52c361e086f5077090a3277f3fa23584eb083a25cedd2ac07106ad8c0e9e908a8ba0162053f9ab9f0b5ecba1348ae314186baa3f221ae232a907e0340d41d8099c1e597bb77c9e9b39d98ecc5d9cc8eb527428979e229483ea73ed1daac4d9fcde30c15e0f67bf8ae575f84c7596ad038de3eaa9d13f7a621979b94ed103c4cc882dfcaa271c6a9b5ad9da079f29daea299f01d45917c93c03b84d3e84cd283c8117b676cdd4bc435d7a4a8e1d82de066d45cd022a1a855f2c013bedfa5bb992c077366888026f89d5174df2044253758fec647be33282cca18d98a97d39176342e041d93d8515bf63becc4e6a4551409192b95b9de427ecc2faec375c2189894c6b54f1b6d2a50615d10312afa5569586a17c6c5960d73acf5a5ddf1e1e77c03d75db370d3b51c3c42c52011a7e65c93eef4beb1cd7825a7cf34bd9587c0c8730d9d691060ace9c5ab5bd43d2c0f54fd17e2e528a5889059887dc077e701c84c4b0094f7dbc7326d2e452c00d2bb0b9099febd00b57918ab03f6926aceb533cf873fe6d0f377c80297340d47c9a27ab4c76d3df6d89da201738e323760cdeff9c1920ccdfb1a64aa0b68d14dfcb5074f740b680968d247b7c0874d1bc28be793c2365f84e6f082ee2119271fa9bc76ea7147046362d35fe721836a1be1745ed60ac66d2c86c5ead707f2d19fca7377bf1714c22967fb7501c0267d19f0faa05aea0240f846d0b0bfa995a3bea3632d3c3b278f1736a687721a2d1a4d9d8bcc93169554782c09ec4cd0c4c9ffd20032d72da6fb48e916338cf2a1758808d3eb6837fe56c71206bd271237f490bce79152a9a3dec514f3ea41c018ee90c321c4712335eb44892c919a8bf061ca9b3f5088dffd6d82da87de52c7f71615e9eb53b591fc03fcab7f69ce97be09eb18fff6ba7a3b22087f26a25880aa74e1554a3c4caa5f18b5c0c2514f9a50440bf3ff73073c4b0bfef743590bd8dd438d8b9c72fa4b89ec6e7561809f07454e968692b4b5d26cd3738c8d121a89b5f6474bf68509ba3be9762a0c990d74d1fd5ca98026e8d6281c0e992a96265bdbdb2e625e4b992a8e71af652c314ca679184547e16184b7ba34f2a09cd380d36865497a3c9f24af91a01f4e2f43d8e6f94d6e72c4e4cb595e53979048d405165b5cad91583460eb4b3ad3aa351c6f69b78829ed2cecf493cda8250990d2ecc5e5adc6b9457c5807e8cf4bef75653751f133e8e62c7a3e98f9fb81520cc9874059e253b2173327d6937e4137f6b41117e818bdfc467f42aa50bdc174d1173903555391bbd162f457e34b82a558ec5db454d7a0f0aa47542f8f87ce3e511bd9bd6ad82b1dcc3bce17d132e7c639a0775104de2638873d1ce9089aa1d79e1c8485a9a01d4bba624be5b94dd6eb449fb94e86fdcff9c6bb5c76f832c213dc0e0c8ba7195e1a8989e88ae2f607290dc4918f2d29d7d3799dbfa49287ea71ace3f1c3e384dad12f8523cb174f1be3238b04aa0a781f05f127106ba3f502f29e06756c51153ed2d1aaff91c67ada6d8b2fdc07f7eb271119075b75ad6492cf1f36dc95d6d189149d87c706d4c5ef05ca408c8269a45129d671a77f96f005f276e78f646c4ec174b2cf90d3ed62279b3e499a5c0a59c463e4fe60ced1dc57676b73b6b28d701191e7beb7310117dfd821f83960f7e600794d240ca836a860869f9aac66a2e5aad2c52b7a8a1ad410eacffba7da2f25736a6e450bbb85540d6f949c687e671ac8018c4cdf18fcf54611416ca4429f84b90d4274ec7707b1ccfd9dad2063c378530a260355bb9fbe0384751ba86ccfb31d4d9d90c62386d1fd4a7219ad7ed2aaa5745663e94990f10d4bf24bfb37128a0b7d95d567909e8acb99053e04caa051c4159afae14c552a2f1f8b9b8b5759adcebef9ba7117add513f4f3a17bb7d3165d855ca231d9e74cd9cef06bdd55ae2c197a76124f713bc7668be94b23e4f7b31e9dc90b21391fb63e25465fde78b1cac196597e28ff278502707f436fe5b8a7eb1c9845d9ac09a5869c73caed6e3aa75d4e7edc4284e9262160bb1ece2f1ece9f55e5953bf5777297e5ebd6ecadaa9bdbd75cf3b464859c261da4573bf1bc72d78aad962b9f29c68c0423a5a4508725171e80def72fd6be6a27387a60099621309a7046cccfc29a6715e9eb61754b6468fd517a22e5335dec64a04ed90334fac0e9895bb897666e9826eaf96ab25cf8e33ca1735ce1e432c8ab6886c194e72fd5c5efd1bb10de65761038be8c9bc8604b9ac0e761e98f273e0b2d88173270a7b85848e235541db4fe11c98530a8d1baf9d7231c56c461c1ce86a2e23fc0da88fd38ffa9dd66c047ba8a16edf53e6d06b90fb4d976d53e22a8dc3bbbbc3f9de0ad9341590fff6a01e28d904b4b57d0dfc8f423f3bb8710ac74a5c34050c44fc3cbead645e3274ac83bfbb1379127c37ff875d79d14d2f57d751edd6b3b58fc7c008e96edc7a1d6ad3764574eb3365b80e6cc891e650d7b812de777da6831c0a8b6fecd380ff847b6969c2f61eb67efa69a8dce8ceef368232106b08652046ae6372e18cc043db94448bc604828f828a8653f2e95073dfb73de3cb35377d1cd150a7f79708c49d73a441a081cc95129a02d183acc58c2d29b6303bd592240041b7a719e1692f19792bba316c5e4e6e58df545e90f15cc360aff603b77040353872f504b0c65e7b56f1dc0c29e29524ae606830e673a6be18be0bfb82bb89580312c53faa625dbff6d322467b70305dd5cafa75dc270adc48e06d62f1c032e7e3e5525a655cda2d3ea7b6511a0a60ee0593e41fd15b71efea1541546e52c88ead20db180f8d634893392bb6eabe3ed13be1269fccfdcff26d91da6a7c7246bee369d8f0262ca6ea3021d91b2554892e91df735cb1fbce92e692741aaed80fa268efc70130a725675f0191cddad340c9036bd8421dd2089d9df61ed139c49d57b003302c55a2431048777f1d267a3fef6d4338b4e60a0630841517c8478166f726a4aad5ef78c1b6d49b14cff2ede6db47d18cbebc10bd65f84075bf1ffc929e1b6677ea1a1a67c3ade31ea69a629510c36c3d0c397ee5a1a8e1a76578433107220bbe664c97808d167ac197e44b780f5dbcbed3b6c8fb4f33d685fac8ee983bd95a4e88993168e52b2afc06b5fc4e4d978157841fd1a3f64a2611e5741618097ed923dfbda7c8766a92b6b033c13899fa3d1c28b07de1467220fde772aeb81cdc15153c30cbf47011956bde1f31f053bb73ab172cdf9db0b17a7d0e213198866b4f8cd7bbe36f7b15a54d8893c05446a2ef4c41d37dd77d3eb1ee68809062078a0c55471f98f07370143b92bc6d2956651ccbc112a57afb2227eefdc3a9974a7bdd2f0b34e68e8199edd70ee6fd006060ce8092a4dfae44e8e4061c341233953fb9b3187effeb52a983067a41ae7e1c246e59613a8ef91f0090ae54dd177f67606a63d415fe1c5846e98129310e56cc0af38e6a2bd9c5aa4347b59629094cb9c704d5a03de5e1747aee08f159175df01b2eb9de79f5f5c895222db476f63186c08c85084a7d4df9e827333bc8093bc669e70a09526466e035768e386bbc193cabbf7dc68b0d3dd71995677857a30b8de6d68af1633aa73c507ef75c9f5119d4390dcd1173060cdc5768cb971881209e1a4f6f5e332cd3599056f9bcda5c4f02677d075cce37c66ab66a67d926be619de9b1ac2144ee8b5d054a7fb805022c0dbf3d0df2edb990aa1cfc4214514dd82929ef39e007037875130e0785e7f6a0685028d0b13aca460e4579b1e1f075dc370017fcd1eb879d8948c8553f3fdf062f1f559baf037d9e429780aed5cf1d07edaa991f4adf1c2ea16d5eb2c8aa98067c70b4c97ee2ec8f99455716a8840fe4938b53c291b0fb4bd9b4f0ae27eeebb578579318d3f8e1b8a2acb4c8c7160c06f5f2fd99bf872f1ff5da908cac7ff9115dd2274d56a1d3f17d5af60d7284e4cc76f86a93338e865c70ae9f8f3067efdee4e8345f2323cb20d3674d85ad58ed9fb0559191ece216fd5603694d40ae308b9e773d2e2d05fba33dec47062d7d13f5494083a6b7daaf7d398bb351da87dfdb3eb2feeddced395f9cf370299ee9f656e7806b5439d18b6a42259a0b6445ead44379b5c6f5c4767e8d1a61979b463c3c42579c6aa42f114785bf33e13271527c6743565e1b69dbfb0d9e845b11ad69356b4beb16ad557e79c169867e727f666783cadaa554316d9dc88e446d99c6aaf8674af0476e5d9131787d4c744bbbb7a4234d3e6c41919c4ef45dba6aefd66c08dae7b0f45261f200b9335a08a6df9674676056d2afbda48866df5cb9bebad5c51b5160927930667d35c4108d367bd09d937ace0ad11970fad75fb691e947c5e0fa12a113d8191894b6f59401fba38a73603dda99dc6a3010e57e36a5154ae9f7f486814781916cdcd8b47b7f72e9974fa108bd4931c5178797cef32ca97d926cc2143df050179475af1bebcdc8f003ca90f44e7cc840de67c2aaf13223e66689ee93e913fa2197d00fe3141d72f7953ea4c05ff938dbf57cfeef270c08f1d3f06618f078a30af53900581d3c6014d976f5a958de0467e52995bdac9ad0c05790907204bbac57a9e2b1d796ca548f661348901ba28138a49f76f22f2d64c098efa53b490f58c92f2697bdb2faaacfdc9b282f8360f8", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x5, 0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x6f}, @l2cap_cid_signaling={{0x6b}, [@l2cap_info_rsp={{0xb, 0x0, 0x67}, {0x6, 0xd8e, "619bf5504cdaffa8a2e1d5c4887feeb409c676a2c457ae969c72d5d1115b1ae0eadc46da395f16c72b369e3db0903060f6eb596f6e377b3eaa8c53bd123410a1d24d526dbd1827ae0d08105affb7a875ef1a881641f5585dda5109d0716b267cd00594"}}]}}, 0x74)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x2, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a32000000001400078008000640000000000800084000000000050005000a0000000500010006feff000d000300686173683a6e6574"], 0x5c}}, 0x0)
r8 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x200000, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000640)={0xffffffffffffffff, &(0x7f0000000340)="7957bf6a46", &(0x7f0000000300)=""/9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x6800, 0xf, 0x10}, [@ldst={0x2, 0x0, 0x3}], {0x95, 0x0, 0x5}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x77, &(0x7f000000cf3d)=""/186, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x3a)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={r8, r8}, 0xc)
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x74, r9, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x17}}}}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x401}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x32f}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1000}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xe7a3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xf}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_HE_OBSS_PD={0x10, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_SR_CTRL={0x5, 0x6, 0xb}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x24040044}, 0x71)

2.895866065s ago: executing program 2 (id=4943):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x4, 0x8}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x0, 0x2, 0x0, r0}, @call]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xd2, &(0x7f0000000040)=""/210}, 0x21)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xb, &(0x7f0000000500)=@framed={{0x18, 0x2}, [@printk={@d}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r4, 0x2275, &(0x7f00000000c0))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
dup2(r4, r5)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r9=>0x0})
sendmsg$GTP_CMD_GETPDP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r7, 0x1, 0x0, 0x0, {}, [@GTPA_VERSION={0x8}, @GTPA_LINK={0x8, 0x1, r9}]}, 0x24}}, 0x0)
sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, r7, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_TID={0xc}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @local}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20040840)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000880)={'bridge_slave_0\x00', <r10=>0x0})
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1d, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r10, 0x0, 0x2}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r12=>r1, {0x5}}, './file0\x00'})
write$cgroup_type(r12, &(0x7f0000000200), 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x8b}}]}, &(0x7f00000005c0)='syzkaller\x00', 0x1, 0x88, &(0x7f0000000600)=""/136}, 0x90)

2.895582119s ago: executing program 4 (id=4944):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000140)={"90125830", 0x0, 0x0, 0x9, 0x0, 0x6, "471d85552605000000000000001ff3", '\x00', "e1aa6045", "41f336e7", ["c81de44b0091fb7ce7442d42", "6d5eb3eec70d84000c00b4bd", "34334e40c300e1a48d9d3300", "e996c9c4d21135876ea2fff7"]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000340)={"0301bb47", 0x0, 0x0, 0x0, 0x0, 0x0, "b42ebfd32dd7da791c62270c902e9a", "7b7fc907", "e79112e5", "38c4da13", ["8185d3a8873d4b79a717fb97", "9b784e94f5a97578fce2dbce", "9909a1ea2df333a6a9334daa", "547013ca3319d99bbc64fd5e"]})

2.707942349s ago: executing program 4 (id=4945):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x20)
r0 = socket(0x15, 0x0, 0x0)
ioctl$SIOCRSGCAUSE(r0, 0x89e0, &(0x7f0000000000))

2.613785013s ago: executing program 0 (id=4946):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000000)={{0x6, @netrom={0xbb, 0xbb, 0x2, 0xbb, 0xbb, 0x0, 0x0}}, [@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast]}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="580000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d0000000014000280080002000000e3b60800010001000000140003007866726d30"], 0x58}}, 0x0)
r7 = semget$private(0x0, 0x6, 0x0)
semtimedop(r7, &(0x7f0000000340)=[{0x0, 0x1}], 0x1, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x400448ca, 0x0)
ioctl$sock_SIOCINQ(r8, 0x541b, &(0x7f0000000200))
semctl$IPC_RMID(r7, 0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r9, 0x80046402, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(0xffffffffffffffff, 0x80046402, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r3, 0x402c5342, &(0x7f00000003c0)={0x40, 0x59, 0x4923e, {0x8, 0xffffffff}, 0xffff, 0x6})
close(r9)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x50, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}]}, 0x50}}, 0x0)

2.584293903s ago: executing program 2 (id=4947):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chroot(&(0x7f0000000200)='./file0\x00')
syz_fuse_handle_req(r0, &(0x7f0000004140)="d93720db4195e1a34be0ad2f56793935d453c377b35280952f39a19a1c8aacd2cc08dadc1451ecf3ea5602c4fa11e48f06f5c22319277e0ecdb53e2eda975d8b0c0703a4299a9ea93c68dafd02607b4a3fe826919b5010e88399105cacd421aa27d0544308c67ddcc8ff8517d764ffdad87a0dbe21d14a2503d0e96b506de87ea8c0540d52272460cdacaa16211442539f7fe78e5bb111ee23ff07f71a84f64490211f584aebce5979ffc51196826d5688fd197222f5b5b97cff2009a2845c699caa42420e8cea4ea07953369cd8e1f641273236d745f419b4d9922155209b212331da3aa5f73672aa21bb2d574372fa957b3a287d6ebe921bef5b55428bfd6460032889d75a3ee4018353773d52124165020d2eb95dd39e04b2a74886ab6fffd382297d01fb2cb60a978968975d54c66c3912fb40a0e8aa264da07aa9be4f0e01b94446266c4521aa9bbfd034e158a7c7a20a2ba328cc054088bd3f88cc921fecb6e81d83cf43616a7240f76ef1da19cfec4207aa8998417e7dc568719ca154ae9bb38ad2fadddaa995de3a7073c53bcb05a4a13e0ad1d4ffdef949549081819986e07d150e5a000e0fe4d80544732dd3cfe0c9922f4f1773a55c5957e4788eb54d9299456b2c67d353fcd06a8ee6c679013ecbbc9690a22483bd7201c6582d97c1064beadceb37fa5ecbcce3589e1981e0ab13a5a1c9d4433ed3ad5aa23c38e5ec3628c75801d783ac39db125db8d9b6179ec9fa898140c07e30ba85b7e570c5ea1e8cab93586bb5f21918bda1fc4e3966276b736ab987fedca531c81ec0d1b833db24f54751d2d0c28ba9afd26e570cd35a02a4ccdcf9f8ff3a637befb831dee77d4cc084cc17e6eeb813b9c2016672b02e9c6f0364729b0b0c5d821bc4a621a9c95658967c83978042c07a562ca74971bfcdb25109aa90e7c3b8d1ceffd243cfa9cd3bdcb40e3cdadcfcaad0dac169c0187cce25f7de991f6c90ac27ee9bfd2713e88f100b1716f8bd33bd56be5109c20bb36a8f913037bcbe4c3e530d8e87ce0f90f2e0f75d4ece99de86441af8ad7f4f61fcfbcb0f370255e651d99c2f3ba139f6fe73fa43d3084f6930c7f8c436ff5e591d7c117dd7a4b6db5f6ec75484f859ac56e5d721b914b4cc9266ad2797f721f6d2a0ac0c4547136f3959c21f7f13a1cc62a9dc64a9b90afd753b18554cf35c5892b4da6cc12c17ce35ac37cf5b355d325de3b1dd7c4c7777b58e301e33ec1637a99423d1c98e363fbf28c1d4e99c2d2f979cba6f092574a4bad6e231df33a509f74140a3d038fbec7ec9642d618eb8e539f872b3464fb8f79a2975c6744dfa4cf607e2f497f91965c83cf0c77752dd9b4b12876150d916da828640be87402ebd7228518995dc612ed05faa6decbc4ddeae47693ac515f62fc0038ed9942c6f4d9bc4b5f73c4818ee6f08c6b37e8efd647057fbd91e1bdb5b2bc4076fff1b6bcc254d8a6ee92f61a74da856ae11c898a3c44ae3e4d1d375216a46354055c3c41642e687fca57686b592eb9444e89e420bd2bdd7a76a1113f7c7d77244002b26466d2c7d20a27d67649fb174fe42821c23b1938b5e19fa07292bed86eee6f9ff58bcdf23715cac06fc2f9bfef5085279c1ca0200d8c3e2a6f3e0bb77fa3b1007a0995124b94baf563dc27aa79a65bb589a51481311655ce2aabfec217101bc915cb215f16bb380b233e7535b54aef19abbd1c31fc9e3500dd227caa36377a5ef4d9fb085226c5d3798f6462d616751978753efabe90ad79cdc85fc06f4dfab89002fb7f2fa2189cec8fdc0d6d2a83df9aa2a4fd3f1d11944c2bf49c92f73970acb8a673595f88bab87821a5f05971204fbdc3065a167a6631ffd0cfa5f701d7c0332557b1ba18f20b37478d5bd0e6554b6f73944d6ca3f550dfaace341c437003f079dcc0eaac0f764d16307ade63a2125ba686f5028f2e6972c9875abfda0dc3aa0c2116202d0d66798f2410be640a5553d9400dd8510799963dcc296ec29484b61770e4520d752e04da3dbf60ddcdc6a4976b5ce7356accc79dbd0f48ec114ea4f2cb5d53e7d2a1757f6bc7ca65eeeee3f63f36db72af868c117718f41c428444ff494e857198fccfbe89e8cffa5d587ea59208e47e002f16fd8770d950c5a8ec894927b2105c41aa5e92a68829791c2f8a16a3949da8168f173864a20a389f0b20c446aebea7e0cffaf114182513256de11c8866e0f652d0ec2d8e745c6cf76232dbafa7dc9d5337fa87ae61bbefb2a4b9c90403198bfe1b7035169e97eb2ef7bac31801ee32dc415c06062d0c19c70960377ea2a851b2229d8d306c95106477245d758808a993440834687739543a08484a7e23678f141adce3397ceab56e83cc490a6530cc60c84f721aa342f351b08391e795633cf19b7bfe8dc2233234a96c796584bdaba4c7eedda1277aae5c57eda8acfd046a75604dee4a275a6b6abcd63d54f1abe272703c00d79e1ba85f3464fcd58cbfe0d6f8872e3d99c06456fd80e126b3e9e1dc46b1773dcc9eda7acd7dba6f7d703b08307c75a2b2413f443d7e90c1dbafb0d68bb4dc8353cba5e5bb3d1d527baf9bda6d7a21288e7719ed106633435e3a6a85c743c243f38dc4d2365ce16c5d21aa55a30869c5992a5be2ae13d96b2caff60bca18dd5faa6e329dc3f4e9e029963a6ec0edff0d4f9da8c27d7cc987076d50d9e3d88dd6a18ce4de277d8e73efee3aa97413ae2b7a4ef9875f6ffa04872572b65ba828c42fd23614d22809b5be5a91ac0b96839e5e2346e3cb8d448c93a4d98a07dbf6dce164459deb30518bf4b3272e7e4f499d7b253e486878f3d8d9fa7ad404946e9cbe31bfcf43fce405a5f93588a04c656faa32a05e66a5595ed301dde5a126469f0b679708fe58edd86c2eb6b97a03c0b019eddd7f6d88db1e475021b0879c344018a130233a7ca57c448b263cf802cdc09f965fead4f48ba2d4049c6b88f752f112dbcf8882b26f27b15e5971834ec4ab94c936b15b8f74a38cb96344a445aee1ff02467b6cb4c76df8c4b68523028d7f59d30d4dbe984b989ed1870a59b202072252c306b38a0530780dc031c6015702230e744701032d36507d417293fbb21fe75a01ae3128640d1e03138e2680bec75c0af12ddf95300ba3f126e2f8019ca09a67ea5053f30bf724e5670c17851c537201c8bcb248a5e9849e467b26a2a7b0c6cf6f4690b2e72740591e85b0e7cdeb876390338b8cf74946726a0dd8226718b29d8450e2089cfeb21ff37961afb408c24dac407567ce728607d37e9847a4e82ac84a256d1625d812a1c581fe65e66baa741bed0977c1a728370da67908ea6bec47f5845fd1da0862b4eb94e2b724fcc18732bd1973e92301a33aa022fa7c913a7f43f43f15eef223c7b193c129f861232e4683fa0d86a31db99b4239ff85d14b0fb8b87adbfab7383aabe4748aea807e4c3fe37ce6cd536ad283878598455a9ff7d0baa3f27f7a57fac2f47afdc14b4a334cafb21a8380ad141eeda6f3e069359e98c522c97559a1de5ff7d0f71edc4e433a57dd2d7a035485cf4ad4a55bbdd056dfe03a30bc85c7cf47ba8ed4de220fc056cea68ab77e5cc30f6a2de9abfdbdbd88725b8542b593d81e65945bb0b53bf9815fee368520939ba9fb55588c956d07db9770c6e3b325bd2641cdd1e5201d6910b2ae50feffd28d85ca166cf2949d5a335fd9fd7d77906dbfade2ee6884ae8ca66c39a920ad0a309a8ccb2956306458902116074c4541c85ca4b3e3ba968f17feb17d1a2436424578393ff56a0112635180f0af89db2e33e6935507b025779aea9dbd067edecbd49634ebc77c0d6c4dd4c295dc0e8eb1c44406c64a33ea23c6a93c3a2895fc23cb4f773a29efb05d90beb96479888c55639931e024733a4c32dc576d6e52142b38d8a9b9d2fe312f0159ede1d25df20114b7955c3bb78ecc54add0f357670d031931dbb640f4b57c017e97e71a97c571605125faeca107f8beeb58079b90e6a6cabb1677210c5b2d2659d552fa2daa15faa7b17061abfea725b49dd016a078517c285cf47592bbff7cafa16595884f48e11346b1e4588a083d9dceecd146b3ea0a6b87d049f71b1222ed8864c697e2ccfdb9fc3c7f22187e10a91598e479d25d1546e4fc68dbe56ec94d5bc792e246e817d7769f166104853e405b08b246a2022bda6f9c3f739c6d6d2f3a7f870ee183a76978ec00c43d94aefafe468f0f1021fc74770142db7e5967bae852291ab9c3e56f00a1229b12eea414b8b6fb2c9635f0b5d32175f5be4a04fb572368258a4ed72d4d3494637c8d6ee4c6d4bf35c8c494ac4d2da1864786ad0f41d362d1cf07d60dacd9779c3ef8b8b120b27aab34d9805df829db55e6a691740e118cf542b4f6b28c0d860d4aae677e2702dcfd822fe5457c66dc2f8c457715eede8cac7837a936b731c297927c463b463c1d03d502485b41306dd2063780afe9543f96da9c086fffe3910f2314a382dbbee9f72b7e66e90f44b9049f1059a819ec8ca7af8f836704c6d188e94e7f8bebacc682c4c46de1fde391ab0e5ec89e2a488639e70fc1d9cd5e04c4122903d958d3a03419121e3424a23231289634d010f582c440d87e91286abbe95a86481927f2765f6d0f3c2e9ef60b33ad763035055840c64ada2c841adad19b7d5924a2b86da236f15ee50c0914a0a1cfba62317aa2d33de78d08ab6287618bba0e3fe9496a695f059a475d37c6c937e9dfa77215aa3af6f0a862c23e1c9d15921982e8e17c63a1208b9da06c5f0bc72c4bf855600950cf0ea6e77a91b81e6aebe0e35809464599bf916984ecf8268813a3faee2260c3e28545637e463de165dac512e8b784e5163da5471ee710ffec3c496e78d5c5ec941d2616286960f0a7bbc4d4f778309cf5091ba7e05b7a598d7865ee10e1813515dba5e7b4a3e23c1ba33bec878b0b8f3a13e17b59aa07452fe645069c4e2f7b82f106dc1a6093d45abf393f4a68f57f6521662f639d8136914823c393e0cae4bd3784e6b2bda5671fc8ebc68b3dc7aee2d876a48c205a4e7df8ea786f124f6c83baa8b85df819e8ee366eb5507809a1e36fd3f17facb562dfe511b9183b62852312eaf947fe6a61dc168de4602910c6d12ce15e35e3b4125b5f9714ea1c49a1fdfff7a8ead500b288549b30bf2a1f4f198393432498334e65e198f0352b6c181491859f166e64846570dc551b909d1bf8bc15935ba82183c81c6c49210a347a37db3467c32c7d1e3a8aa3c7957ba2c37eb3f27b928f45908cfd22dab3c604dd053ca2425f122e11fc09cea1344d0e850a28240128e501b4425333dbd5dbba9269d62c516b4d3b16783489c7e25b2816a6f167ffeb6f19a8636b18e15926f5ad1ee4a4dd242a7f1a2fdfc7bfbf40b75da981a566d4965f50657e8179e0d3b40185f29a5061ea351e60970cb3d142c28375a5d8dced003a5b01846b4ed6460acdf2cbde7529da68aecd562d3ae10aa1c1e2325f09884df99e0f4246b2f9b879d711ab49757910c54f8fa48439dd47ce70935cd4f3b1ff85a28232b6ccbb51fd5d36a69c4eb5abf9cef8642172399f94cb2daed8d2d6ed279c6e35284e7ac5db840ca12ed7d168454725e19f552aad7de59ab368e4d42238444a8672f937aedc61c2159b6d1d4aada07c6de08ae40a1bae8ca696273f5748a6259ff4bcc39510e11a5f8ba25766c6779f07761c936ac0d0d01f1d4b488c3d2742c1a3029da837cc33dd1780695c5fc1542830006989b3faa62a9c8538ae840c8285cde8a13085cd295f695a0ab6d27b03a16b1904fc62fe25776df3fa792f54f4a5ad98f1f0be45848c81e34d70d4850a4ac3a5a7dbc56fff68eb4212bb1109f6f129c12babef6ef9671901c73da50966fb18d1f0c1575cbf985fd5a5c36f33386a1ce35c2ca4422b3c0522fbcbd873d8f0f80734b4f3e0bd1aa80beb6b1ec9a40a2d39adac14b7de089820c1314ef3b2fc2988778b9cbca0fe0f64cb858a90a6bcf67961644f6bd5825c43c9d4d4b0a8e5c7321346edf5f56558c00550891392055e15a6402220301235ac8593dbbe26f1f5105d50b1199d2fe2d74a78ea8e83fb409716c7d508ac1476d067c5aa77b1f689488e406bb6702648aa1faeecdcce8702f3d66e66c927487cfba756c070065126f225afc58fe54d50923f1c7b14ce478d40f4bf9eccc441c8c931359f97898e6d8fe42a175546ec8c6d52672947e0233c1cccad78d44494361f6c81c530e9bea0e911d30998f0aeddeda8269e1a87e86509a5a4c2ed5f49e8b1bfdae1cfda352dee261ea029f80418e2232616e9f8443fce5d3f82e6bc8b8fc1e65419dc2fd1451e445f6e06ea3d12206ecadf4e45f9bf1340e162be57ea63787580c50a452af6d3b12fe4e2b8aa861e435f7766f35fa272841094149c81a40e7bff1f7177c38787b53b1b4fcf18e50c89ad3049f35f306fe628d4bdbacc07c44f8fc0006023407b4484ad6fbc15094b02a009f50e34efc0e75ab23dcc1b8355f4cd5f693aaf01e6fde20ce36fbd7fac42e00ce6100b0dfa974680dfef60ffa7f905840a2c345410abc5907edbd18d01556e6ce2593c910b282be64b225e6ce5b9b2388d602023959680981f0ee1296ecdf08e57c6a797421997a022e869f8e8a48a91a1bbe30169f608a2e854bd4de33adf2fe67577de2feee46424a679f7666307ab2134bbe9e79a12af724f97dda27d075e00cd59a260ca33be676df34ee96e13d436395edbafe4a83e1246b7b0194bd4c40d74521e52f06572102ecddd71da2bc35057eb66e7278801512f349d9f798ac8c38ba4fd2523d9f2f9586749b64dc8a0e3461cd7b7fb82e575bbba20c359ca2076cd669cb1ef83f082f21868c31fd750a2dac5670317c550a79324db88b68dd0f16e98c4b83710024d059569f5402eae23e8052b5b4b48502e0fc2483a20e38417f57cdb7ae870ce3c8352b1f4c6ffd61ed8e2751f5b93e266617b087c94a68ef704731409f3fd49bf677bdcc0c58e6094a8fd99cce1df278570390c37f51faf6fe93923f62984d5672a2d867f18ca76b964e2f7c259f639ab1122e749dd9c4f9b4470d8b68502f6f40685b74a24323837cf7e32b433c3ccbf064be0e70ffc2e5c2eae587154a7958d6c3f696fe42da49e4292404461908f7a1437b000a7f115cba487a9b426aa6ebdecbf0673e39356f894c0b3417491d0dd266a97b8711d16e6ed053028995e414d602f3296542ed46591c44a5dd1c466a92d8826bc12973e44028d37fb13bbe9ed2947334787c60f48b4f61089e3425fd165eaa1e3a2707891732875018420060afa179687c9e0f3f43b45e81fff95e07a518c9db494d0e4e453b8a35c7a0dd1ae81f4c0fd49f40fc9a6165a01ec00e0a97cd7282fb0c264709fa6e8310372bf06f66fd0f53d7919cba43d59cfcbb9f3b148b73edbdd75acdfe5f5fe2ffe40416c097e18a0fc0619bfbb78066f372d21f5d52fe4753ab29a0edf66b05c5bd3e6a5190f248561919dea3f20185e89f79fea4aaa12a44f14041a0620b23f28d5c535f40bae130843125a879e7f33d6c61cbe55ba51837b3194245237317d8532f94ed06543f5cc55535045b8b514c0d76097f520387e7b182c48c7b0173ac353d48566fafa00e7e5f7962f79645f73150d1921b6d6bcd240898aedb21b4453d63ba838bf90efbc5363beae5ad0609469a5b1c51aeae051fa57b16ad7f7c7a3f018e292ca5fbd9be583cfa9babbbb21caa574d35d8d778b1ae56e627ace9121fe5de64ed6dc684e5ee65c85baf2237953a0ced94eaa01e8c1911f487fb8324089f687040aac05dbb39475b26b1549c3d0a6b2d701fabd478b0d2e22cf720a6c80dc8971b1f0a9f39b4732fc7923a23b736966ee1537199511018723632631d36f6eca17c1192b6ec5cd68fd0de31c256270d668db457bbf57de66cb5054f446cdba23440cf485c5b379639284fb653141e20f8ab14c43f1faa181feae3a09cc6654ccc76e901c9c2fa67eeb17f488db52cde8cd26fba1f20db19c1dd92d9b09d1d2e9c8383aca4029492e5b91039fe624b35212c068120cd33a40b3ee7369bed5a705e0f7b13f0f266ff985a535d99c0a99366ab9767254da39964cd1a5df670bb7cebc06a5054d8a63aa5472f4a1d381cfc3d0e0ca8ee8c6f06974facc76538f6eaad66fc673f2dcc5cc65309fa7c821045813a1cf30d6b0a7e83e65b78f47957f28a7a80f34a14754b3347cd16e1b4d2a596099d1a17c681be6d9e4aa3724ea8a6fd6cf1a7492bedca5b47d22f1fbd710a77146acf6a11b95b36eeb2dd15c76ce7a54817c4181c90799ded1cf8c1168b39f5338822f485fc258ca42e1474927f6fb0ebf46bde59fe4e0b216fcb4015c40af76da02ef309039bc9fad472d5e9088b1f47b4a03e50458392a9d1cf4612690289429bbb60be45d9b658d1e88c2df6383c766b6246760238ff968f344311f6d9c3619763c573b7f27b99cdff92d6090003164ca5e684c60690fb13118f46424e98592b37755d715416c7fc758881f29f87371d086d24c759eb4455b50eff93123b5b150186e5a9e20945d0833a7d1039712736f5b266a7041a2ea20e959ed0a5286352f9a5f96b5b72df30df35c693379304d02200052b491a1dc18239ad5b953ae70c0f33623de25256cbf637bf25e24b21d4c78ba4591481e8424f1a1f329958c5f3ec3cc8ee72a6950dc2c1cfdf2354143e285ca9f82bec1fdf51ccab28ee51035c8dbcef7170843e858d01360266860800571a4fe0936ba82b97c8fcf76f19d49f6f95bc37b23997f8153c22b49d43598af71797547e02050f24fdaa4defe4513aab82f18e2223e2372cfaa95ec24fac636025bfdba5a4fbe25bb4beb596d272d06bc5c19e88e323d4c3afac75ded11b05cf3a0aef570e2700fad7d4b714cc8db83ed5a1c8d398d37bf1a3686ff122b76f06f4ece5413c5da26944e31177e5088e5b4255ff0cd2358b997f511bbc6593b3a6d14b3411a3a22a4e1751c3d0459fadbeae6f0bc399c7e526ba309708fc374e4c3dffbf03355b5147794704a71d6714e2329523dcfbdd6137c87212bc13d9b83d00b11422ba73abee769374762df22f55efde6766ca37c351a07552255a42aba6b9aab9ccb8576da44a7341797af0d86b68d3ab17821e86405e34e49cb73198b78b2536d49f5590ba2cc75ba9d0cb7b7f7c13bce023301a84b67d1afddad8bd1904803f9a4392ae7742bfb35530f0da566a295ba5a0786db745bd4ad5de86120fbc0b453131b4f21bd519aefe216cd7658d80e3a6afdf0f8c28ce0df38a38f0ffb5d7dac8692808be0299423253b91a347aabdf60db0a5c35404ee4148d31ae75e0095b8f07e6471be0c19fb41591cb290342a04ad89f17b3d00af14a0763a71ae376c9f707ee7cf3254e42d2641239d531e7e1c94805df8bc58a8075ce535cc648da9a3e0a9decf6d699173b1f65d25e366b0c8701eb53e0b509ca077bfd142f5a1b2782838bbafcfffb0b8c0d6751de09f68d0b23834ea46370568c9a4fb7630fc1e82dffc56da06090ce3d61aa1dd5807a98dc6aac17518a0cebb0bd0ff4d828743fa9ff0381e730df6c6b0137667a0875f1c4d8c820b0ae44253a5e3047f4a64bbcc64dcb1035b43c2c63a97df5a8cbf3be7ec92ac92e3d8ab7f257ab63eefde2ffe5abbf040d3776bef144c5e372f044fafdaba0540368615c92dfb61a3ff45651835bbd6610f4f6e5b7875d9c74367e913fb2dca9f6c755a070d01a600633f399af71d99aef87871ebdd8c0a27dbbab4961ca83df205c9440658ad3192dc116281e26eb6f236fd701667d5dae9f1c48e66c7396366b48f2557dcfd30ca4a96a7daf292c3a6b3278d910a728bcc39e66dec14969b1742d960307c45bb38fdec8f9c26775cbc7ec671873f4af31eaf9339de30b60fc3613724de2171ae81d86949c534f169b8ee5fe8318a2ec64e3b690da09e0c355225c8205c6adacde1f25c242aa1b456d6b23f0bda02b369bb0c751623fe4d40c6e6999d9e494423481ce01c85dd45ae4f6f6993388bdd32bdf01b9c22215c644ba8b517498ca02dee7f32fde3d8f591896c21cb68c82b90d84694ffbf2fcc875abce3ecbc33d9a6c58807cb0c2f3a5f77f107653c1dca780ee861799498e8165c2be957ba9f6c8bf57549674b389d341e2b99fc7931ea40793d9a17604298220af7254eb8e972cd28ea877d8ed52bab1162de7a66a0e9afd10e649b5554f41df0a7623c3e1744f439f39685de6afc65dd6c37069681afd30e476c09142c8460191526ddde6c651767ac59371a881f757d3cf2bae6d48ea781e89931b9e3ea3f65097b006fe15b61cbefede125e949abf541d670f122eff8be716b2cd662d69ead1dc797d58efe39aab72af7e610452746cff38d63b8eb217b4fc66de320aebac6e02e149f197b1ab53544162c22597ad7499f7bd75d0307ce75ce5f3b606b009c7dae85615bccaadb3cf261549be0cfe29e8faa175403342384b3efb79ecbdd4350ac768ab6d40957dd185fc4509938f9d387c86c06ed93baf9b4f931f53ded6aa431531a64a39e4fbe92b25d2c28f9314a5570b72ec33a0080d3ab68bc9fcb1786ccd5876856fa1310480f8272ee931679195e19ba116ccfe4b82c928698fe6b96b03d5f33b332bf2fb9fdfb82e386a716853d35a4374f092c2ab00e43fb8639fc525a87d41548e2289074345ca780e29c871c1ae27d27abb25dc9f5cc7460fedea216fd36ee28f69b00f7535dbf931d638f4ed710720cd94de10938ac2018888df4d1aee5676d09e4999b92d48a579916d86faebdefb9562e32e4a43857ab90af69ebd6b22ae50a1a99f8f0ffc731b2db79889824b587b75043265fa1dca7b68c2c2df36b774b5103a149bcfd4d1b3cbce3e4f257f981f973693a8120c4d4d1aefad1451c24dc12fdf798c23786c7498c6faa2b46057bd4d4be51d219a373a6153711a490c588c2085befdaa31c17cc1efc08e341e065e27489ec987a994aceffc0d3ed764606e2195bf3553fbab72a0583396f49743c7059371a3083a4fe7dcc553e26a871503990a9b99539ff0cf90866b90b6183e65756c3f5c9387aa83854c8b5335fd6a71b32383c34f22241cd25d538989d19ec7052a41523d7bdd8a834315dab3c27d9b92274fb9148119d458b38eba62d8cf955a326437f7d13ff61142748410a2fbba9341f58ddfdd45cfd77106b1ec6bae9666537705bd79e645f7a735f07865e603ed2583936a4c92377ba099fd6de8cf29b1761846a6bb803fb6ad1830e6d72beb73d89956ceaab9c2e711ac22e5823e341e14d33093d382344f811c105e7e0e0a8d73602edb2e9860235cf5e65a7c4f91d85f8038ea6706f68688576bfb75b4832fad45e4d31a3832e56b83cdacb09f10097028de8931d155b6b68adae12d7c3fb030b9436697ce648d33d0c6ce9d281e11d4c126634f50693b5edee21526b96f69f565668b7cb811151a2d27f44cca69bc36edab2cdf09de88d53246c5bcfd91c2a409f98075e64ff2d716701e28b30f5e3e2834f8cce5b8", 0x2000, &(0x7f0000000300)={&(0x7f0000000240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
pivot_root(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00')
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000400000000000000000000009500000000000000"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x40842, 0x0)
r4 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r4, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.467044372s ago: executing program 4 (id=4948):
syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_IIF={0x8}}]}, 0x30}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)

2.350310011s ago: executing program 3 (id=4949):
sendmmsg(0xffffffffffffffff, &(0x7f00000077c0)=[{{0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000000680)="16539615691fbe156725c0fdeb78cf6a4bc11eb1363a98e09a899ca9a2ab9ff4a2c31b177e0b699978e22279d41f0437d3dda72d144986315106bf118334f0d22cd265d315ac56ca66fd70b611c26fb99129597428b01925437b25ccd4aa9e2ab717346e41308bdb7fe63f7be47e014ff04f395ab231b4cd64a1bd8bdcdbd78dc70f34000fe656b95a6035564d23cc1969b9fb40edb134f906f195adaea7974c619c4e534871010a799dd3c0c10b5bde2834e35732a6d151bd09e9415e1c995602da53f350918def0e097fe1435332a159464b09a1c576af2b08231c62c2a5631bea48fc181a1efd64fec4ceeec9cf5419987abe0668f06cd2fa9915922795ef2b1abd46acb31fff79500f6e3bced3b1b89f5252f0b8fdc80c7fc2634a5984c12a0eb75f8d1fb95f04bcc5ceaef5424dfea1cde54cf7aeef4f62f267b60bc57b57dd3e77f6a00d2250ec4954da60e9aea7c373c86f8c89210b5a185dd175aba80f4de99c517677eeb44de838972006da31ecd0e32fc7b72042820a38c3ef8a4e712155f16a7918b3e2297c531131925fe036462386a7d8cd5cc621eb32268671cce83a82ac33589620e961d4f0cb9a0da9d96f75eb4f18b72335006ca1b221aeea21cca46ddb6bb6f400ec988879e96841737c65bfd6b4f762bab39769ff12d5b94b2b04e4becdeef9f7360b3fc348002b05f5d57de813691856e40682f0a4311fd794c43298d289a1fd565459f62db94339c133dfa4de68154a5464ac0f99d910ea4047f8a5708c52", 0x229}], 0x1}}], 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.43851706s ago: executing program 4 (id=4950):
dup(0xffffffffffffffff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
recvmmsg(r1, &(0x7f0000005280)=[{{0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000002cc0)=""/152, 0x98}], 0x1}}], 0x2, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xffefffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)

1.210825602s ago: executing program 3 (id=4951):
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x2})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000340)={0x3, 0x7e})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$vcsu(&(0x7f0000000080), 0x0, 0x480000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r7, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d5d549a, 0x0, [0x0, 0x7, 0x100000, 0x3]})
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r4)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)={0x48, r8, 0x2fef5244a503c3bd, 0x70bd2a, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x48}, 0x1, 0x0, 0x0, 0x440c1}, 0x20000840)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, 0x0, &(0x7f0000000480)=""/71, 0xd000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000002c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000002300)='./file0\x00', &(0x7f0000002ac0), 0x0, &(0x7f0000002340)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]})

1.179014779s ago: executing program 1 (id=4952):
semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040), 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa"], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11}}}}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x194, r2, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3, 0x63}}}}, [@NL80211_ATTR_QOS_MAP={0x36, 0xc7, {[{0x81}, {0x28, 0x1}, {0x1f, 0x1}, {0xff, 0x2}, {0x5, 0x2}, {0x40, 0x7}, {0x1}, {0x8, 0x1}, {0x1, 0x6}, {0xff}, {0x1, 0x1}, {0x3, 0x6}, {0x3f, 0x4}, {0x81, 0x6}, {0x3f, 0x4}, {0x99, 0x6}, {0x20, 0x5}, {0x2, 0x5}, {0x4, 0x7}, {0x2, 0x2}, {0x1, 0x6}], "99856f6978d15eb8"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x2, 0x5}, {0x1f, 0x4}, {0x53, 0x6}, {0x8, 0x6}, {0x22}, {0x1, 0x7}, {0x80, 0x5}, {0x6, 0x5}, {0x6}, {0x80, 0x6}, {0x6, 0x6}], "94a687c04f898d8e"}}, @NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0x8, 0x1}], "e404eb17382999e3"}}, @NL80211_ATTR_QOS_MAP={0x2c, 0xc7, {[{0x8}, {0x7}, {0x3, 0x6}, {0x0, 0x6}, {0x0, 0x1}, {0x7, 0x1}, {0x5, 0x4}, {0x5, 0x9f}, {0x5, 0x2}, {0x0, 0x2}, {0x2, 0x5}, {0x20, 0x7}, {0x0, 0x3}, {0x80}, {0x1, 0x2}, {0x3, 0x7}], "aac9e298883e977f"}}, @NL80211_ATTR_QOS_MAP={0xc, 0xc7, {[], "8f2eea2a3ca16bc9"}}, @NL80211_ATTR_QOS_MAP={0x36, 0xc7, {[{0xff, 0x3}, {0x1, 0x1}, {}, {0x8d, 0x6}, {0x2, 0x5}, {0x7}, {0x7f, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x1c, 0x7}, {0x4a}, {0x0, 0x1}, {0x6, 0x4}, {0xff}, {0xfb, 0x2}, {0x3, 0x6}, {0x8, 0x6}, {0x79, 0x2}, {0x92, 0x5}, {0x0, 0x2}, {0x8e, 0x6}], "d28963d5e6ffed56"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x2, 0x3}, {0x7, 0x2}, {0x7f, 0x1}, {0x4, 0x1}, {0x8, 0x5}, {0x81, 0x1}, {0x6, 0x3}, {0xfa, 0x6}, {0x1, 0x4}, {0x1f, 0x3}, {0x9, 0x7}, {0x0, 0x3}, {0x0, 0x1}], "e9b5a6e80a935ac9"}}, @NL80211_ATTR_QOS_MAP={0x1a, 0xc7, {[{0x94}, {0x2, 0x4}, {0x9, 0x6}, {0x0, 0x7}, {0x80, 0x7}, {0x40, 0x6}, {0xc0, 0x5}], "3930825925ce6456"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x5, 0x1}, {0xb6, 0x1}, {0x7f}, {0x0, 0x6}, {}, {0x2, 0x4}, {0x9, 0x5}, {0x9, 0x5}, {0x9}, {0x8, 0x1}, {0x4e, 0x4}, {0x2, 0x4}, {0x0, 0x2}, {0x6, 0x1}, {0x0, 0x3}, {0x7, 0x6}, {0x6, 0x7}, {0x80, 0x3}], "dbd02c1b781a5f22"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x9, 0x5}, {0x3, 0x3}, {0x9a, 0x4}, {0x4, 0x6}, {0x2, 0x5}, {0x9}, {0x8, 0x4}, {0x80, 0x6}, {0x1, 0x3}, {0x8, 0x5}, {0x1, 0x3}], "e77d305425262b9f"}}]}, 0x194}, 0x1, 0x0, 0x0, 0x20004004}, 0x40044)
syz_usbip_server_init(0x3)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000740)=@multiplanar_fd={0x0, 0x0, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "97a909ec"}, 0x0, 0x4, {0x0}})
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r5, 0x10f, 0x83, 0x0, 0x0)
syz_emit_ethernet(0x4e, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000240)=@sack_info={0x0, 0x6e8b, 0x8c}, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c1000003e0007012ebd700004101c000100000004000002041001"], 0x101c}}, 0x0)
futex(&(0x7f0000000400)=0x1, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x989680}, &(0x7f00000004c0), 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="02c90012000e000500142f0a0018f719bf9a"], 0x17)

1.165560227s ago: executing program 0 (id=4953):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=@md5={0x1, "223c2c4f0f534aa78371ca1327cf5eb1"}, 0x11, 0x0)
open$dir(&(0x7f0000001640)='./file0\x00', 0x37, 0x0)

682.226179ms ago: executing program 0 (id=4954):
io_uring_setup(0x497c, &(0x7f00000001c0))
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x1de)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000000010001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000300)=ANY=[], 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_CMP_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc0}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='map_files\x00')
fchdir(r2)
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f00000003c0), &(0x7f0000000400)=0x8)
writev(r5, &(0x7f0000000040)=[{&(0x7f00000000c0)='X', 0x1}], 0x1)
shutdown(r5, 0x1)
recvmmsg(r5, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f0000003bc0)=[{&(0x7f0000000200)=""/217, 0xd9}], 0x1}}], 0x1, 0x40000163, 0x0)
ioctl$I2C_PEC(r4, 0x708, 0x6)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000000)={0x0, 0x4, 0x5, &(0x7f0000000100)={0x0, "fd5a44512b7e1b0020ed2abb4301002700"}})
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)

498.096149ms ago: executing program 3 (id=4955):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000140)={"90125830", 0x0, 0x0, 0x9, 0x0, 0x6, "471d85552605000000000000001ff3", '\x00', "e1aa6045", "41f336e7", ["c81de44b0091fb7ce7442d42", "6d5eb3eec70d84000c00b4bd", "34334e40c300e1a48d9d3300", "e996c9c4d21135876ea2fff7"]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000340)={"0301bb47", 0x0, 0x0, 0x0, 0x0, 0x0, "b42ebfd32dd7da791c62270c902e9a", "7b7fc907", "e79112e5", "38c4da13", ["8185d3a8873d4b79a717fb97", "9b784e94f5a97578fce2dbce", "9909a1ea2df333a6a9334daa", "547013ca3319d99bbc64fd5e"]})

436.415641ms ago: executing program 4 (id=4956):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d01000000520655a8056085f4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891e7d87a79d6fce424c2200af6cb784a1975fa657de38a3a32a4fd67ce446adb431d07db79240aca1dd9ba02450500000000000000e645f091231b986e77d05d988d6edc6f9b4eb883ec8f878300cabf2b5543ffc1bdb92618242852e6e8b3e56fefbfff81669557b3809d8c396d2c0361629d1822f722ec23812770d72cd0010000007889b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b0a0ae6feb6737c275dc2740f742b5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fe7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff251845d0fff45bdbaeba4d4e3c6f7f623579435b2c505fb711300000000040000000000000000000000004c00e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7611589906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6cfa4966e5937562a5649a1a0000a042a7097ddefe0671a5767014b09b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7be49833f3c435f9700bc84680549f9eb16682ecb72277ffaca907a3eac4bfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c5a87013b98649805216631e20d07dff3ae567ca0d38a828542625fc6096aedc0ac5c144f0965071274bea051007e398cf9090c53d4b8b7dc784e3d83b78b007a43d744aa99d6a7c576e20b4281eff511122ccb399bcef0a0471639c81aab7445cebfc9b00b31fcbaf63086b3c16f51b593acee0b3a4830dd6af1accb15cc6163cabc01442527aa10000000000000000a4ba25997affe74ec552bf9deafb"], &(0x7f0000000140)='GPL\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfed1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)

298.699755ms ago: executing program 3 (id=4957):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x13, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb54604067da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c19d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d9000000000162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000002a3069f58bf721bdd1dfb7440000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae4784624d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e50000000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x40000}, 0x10}, 0x90)
r1 = epoll_create(0x10000e9)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
r4 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000100)={r3, 0x0, 0x0, 0x4000})
r5 = fcntl$dupfd(r4, 0x0, r1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x10013, r5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "64f9ff", 0x30, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, {[@dstopts={0x0, 0x4, '\x00', [@hao={0xc9, 0x10, @mcast1}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}}}}}, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x4}]}, 0x38}, 0x1, 0x2}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r11=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r9, r11, 0x25, 0x0, @void}, 0x10)
r12 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r13 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00', <r14=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r12, r14}, 0x10)

0s ago: executing program 4 (id=4958):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x5460, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

kernel console output (not intermixed with test programs):

 1228.626010][ T5131] cdc_acm 3-1:1.0: This needs exactly 3 endpoints
[ 1228.634536][ T5131] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -22
[ 1228.856734][T22276] tmpfs: Bad value for 'nr_inodes'
[ 1228.986035][ T5164] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[ 1229.015378][ T5164] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[ 1229.035450][ T5164] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[ 1229.052396][ T5164] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[ 1229.068930][ T5164] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[ 1229.086566][ T5164] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[ 1229.113696][ T5164] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[ 1229.153735][ T5164] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1229.249031][T22264] Falling back ldisc for ttyS3.
[ 1229.265563][ T5164] usb 1-1: USB disconnect, device number 111
[ 1229.943524][T22282] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1229.963967][T22282] cramfs: wrong magic
[ 1230.664114][  T786] usbhid 2-1:0.0: can't add hid device: -71
[ 1230.698080][  T786] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1230.751375][  T786] usb 2-1: USB disconnect, device number 97
[ 1230.778302][ T5134] usb 3-1: USB disconnect, device number 93
[ 1230.994364][T22291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4413'.
[ 1231.661790][T22310] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1231.672220][T22310] cramfs: wrong magic
[ 1232.719777][T22319] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4425'.
[ 1232.997656][  T786] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[ 1233.211798][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1233.248702][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1233.260828][  T786] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1233.284214][  T786] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1233.312324][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1233.351829][  T786] usb 2-1: config 0 descriptor??
[ 1233.364341][T22318] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1234.474880][  T786] usbhid 2-1:0.0: can't add hid device: -71
[ 1234.519102][  T786] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1234.551482][  T786] usb 2-1: USB disconnect, device number 98
[ 1234.618749][T22350] netlink: zone id is out of range
[ 1234.639435][T22350] netlink: zone id is out of range
[ 1234.654892][T22350] netlink: zone id is out of range
[ 1234.675520][T22350] netlink: zone id is out of range
[ 1234.701672][T22350] netlink: zone id is out of range
[ 1234.703319][T22356] netlink: 'syz.3.4436': attribute type 5 has an invalid length.
[ 1234.715092][T22350] netlink: zone id is out of range
[ 1234.752425][T22350] netlink: zone id is out of range
[ 1234.790525][T22350] netlink: zone id is out of range
[ 1234.795807][T22357] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4436'.
[ 1234.854064][T22359] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4438'.
[ 1234.876957][T22350] netlink: zone id is out of range
[ 1234.888310][T22359] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4438'.
[ 1234.892107][T22356] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4436'.
[ 1234.926407][T22362] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4439'.
[ 1234.929849][T22350] netlink: zone id is out of range
[ 1235.187252][T22366] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4440'.
[ 1236.671709][T22401] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4455'.
[ 1237.302614][ T5086] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1237.327216][ T5086] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1237.390991][T22417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4461'.
[ 1237.400552][ T5086] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1237.439519][ T5086] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1237.453634][ T5086] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1237.461419][ T5086] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1237.486553][T22422] netlink: 'syz.4.4462': attribute type 3 has an invalid length.
[ 1238.086067][T22427] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1238.096802][T22427] cramfs: wrong magic
[ 1238.957813][T22429] FAULT_INJECTION: forcing a failure.
[ 1238.957813][T22429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1239.027847][T22429] CPU: 1 PID: 22429 Comm: syz.3.4464 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1239.038075][T22429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1239.048170][T22429] Call Trace:
[ 1239.051471][T22429]  <TASK>
[ 1239.054422][T22429]  dump_stack_lvl+0x241/0x360
[ 1239.059145][T22429]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1239.064382][T22429]  ? __pfx__printk+0x10/0x10
[ 1239.069019][T22429]  ? snprintf+0xda/0x120
[ 1239.073302][T22429]  should_fail_ex+0x3b0/0x4e0
[ 1239.078037][T22429]  _copy_to_user+0x2f/0xb0
[ 1239.082498][T22429]  simple_read_from_buffer+0xca/0x150
[ 1239.087920][T22429]  proc_fail_nth_read+0x1e9/0x250
[ 1239.093007][T22429]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1239.098602][T22429]  ? rw_verify_area+0x520/0x6b0
[ 1239.103517][T22429]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1239.109118][T22429]  vfs_read+0x204/0xbc0
[ 1239.113312][T22429]  ? __pfx_lock_release+0x10/0x10
[ 1239.118391][T22429]  ? __pfx_vfs_read+0x10/0x10
[ 1239.123116][T22429]  ? __fget_files+0x29/0x470
[ 1239.127741][T22429]  ? __fget_files+0x3f6/0x470
[ 1239.132469][T22429]  ksys_read+0x1a0/0x2c0
[ 1239.136766][T22429]  ? __pfx_ksys_read+0x10/0x10
[ 1239.141570][T22429]  ? do_syscall_64+0x100/0x230
[ 1239.146380][T22429]  ? do_syscall_64+0xb6/0x230
[ 1239.151131][T22429]  do_syscall_64+0xf3/0x230
[ 1239.155677][T22429]  ? clear_bhb_loop+0x35/0x90
[ 1239.160406][T22429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1239.166344][T22429] RIP: 0033:0x7f030557467c
[ 1239.170792][T22429] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 1239.190434][T22429] RSP: 002b:00007f03062f1040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1239.198890][T22429] RAX: ffffffffffffffda RBX: 00007f0305703f60 RCX: 00007f030557467c
[ 1239.206904][T22429] RDX: 000000000000000f RSI: 00007f03062f10b0 RDI: 0000000000000005
[ 1239.214912][T22429] RBP: 00007f03062f10a0 R08: 0000000000000000 R09: 0000000000000000
[ 1239.222921][T22429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1239.230927][T22429] R13: 000000000000000b R14: 00007f0305703f60 R15: 00007fff613d8698
[ 1239.231912][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.238926][T22429]  </TASK>
[ 1239.238977][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1239.245576][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.517633][ T5086] Bluetooth: hci6: command tx timeout
[ 1239.574630][ T5086] Bluetooth: hci2: SCO packet for unknown connection handle 200
[ 1239.634317][T22418] chnl_net:caif_netlink_parms(): no params data found
[ 1240.238356][T22457] tmpfs: Bad value for 'nr_inodes'
[ 1240.496660][T22463] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1240.507167][T22463] cramfs: wrong magic
[ 1241.234225][T22418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1241.307126][T22468] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4475'.
[ 1241.307580][T22418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1241.365613][T22471] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4477'.
[ 1241.394958][T22418] bridge_slave_0: entered allmulticast mode
[ 1241.430310][T22418] bridge_slave_0: entered promiscuous mode
[ 1241.445786][T22418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1241.452168][T22471] netlink: 'syz.4.4477': attribute type 30 has an invalid length.
[ 1241.507687][T22418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1241.525439][T22418] bridge_slave_1: entered allmulticast mode
[ 1241.552759][T22418] bridge_slave_1: entered promiscuous mode
[ 1241.570664][T22468] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4475'.
[ 1241.597731][ T5086] Bluetooth: hci6: command tx timeout
[ 1241.791164][T22418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1241.880064][T22418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1242.047688][T22418] team0: Port device team_slave_0 added
[ 1242.072987][T22418] team0: Port device team_slave_1 added
[ 1242.343305][ T2435] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.384766][ T2435] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 45347 - 0
[ 1242.447104][ T2435] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 35845 - 0
[ 1242.557508][T22418] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1242.617505][T22418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1242.721487][T22492] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1242.735201][T22492] cramfs: wrong magic
[ 1242.794913][T22418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1243.355901][ T2435] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1243.422682][ T2435] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 45347 - 0
[ 1243.485899][ T2435] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 35845 - 0
[ 1243.551272][T22418] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1243.591603][T22418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1243.632155][T22418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1243.678100][ T5086] Bluetooth: hci6: command tx timeout
[ 1243.750685][T22499] netlink: 'syz.1.4486': attribute type 6 has an invalid length.
[ 1243.779146][T22505] trusted_key: encrypted_key: key user:syz not found
[ 1244.186194][ T2435] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.558705][ T2435] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 45347 - 0
[ 1244.657496][ T2435] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 35845 - 0
[ 1244.831645][ T2435] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[ 1244.882348][ T2435] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[ 1244.979340][ T2435] tipc: Resetting bearer <eth:netdevsim0>
[ 1245.010329][ T2435] team0: Port device netdevsim0 removed
[ 1245.039934][ T2435] tipc: Disabling bearer <eth:netdevsim0>
[ 1245.046886][ T2435] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1245.067639][ T2435] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 45347 - 0
[ 1245.087725][ T2435] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 35845 - 0
[ 1245.340207][T22418] hsr_slave_0: entered promiscuous mode
[ 1245.417953][T22418] hsr_slave_1: entered promiscuous mode
[ 1245.458684][T22418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1245.470891][T22418] Cannot create hsr debugfs directory
[ 1245.551668][T22531] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1245.562313][T22531] cramfs: wrong magic
[ 1245.857693][ T5086] Bluetooth: hci6: command tx timeout
[ 1246.375276][   T29] audit: type=1326 audit(1719993937.316:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22532 comm="syz.0.4497" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27b9375b99 code=0x0
[ 1246.396441][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1246.605786][T22551] fuse: Unknown parameter '0x0000000000000004'
[ 1246.857578][ T5134] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[ 1246.919567][ T2435] team0: left allmulticast mode
[ 1246.943545][ T2435] team_slave_0: left allmulticast mode
[ 1246.970897][ T2435] team_slave_1: left allmulticast mode
[ 1246.996682][ T2435] bridge4: left allmulticast mode
[ 1247.012677][ T2435] bridge5: left allmulticast mode
[ 1247.032826][ T2435] bridge0: port 3(team0) entered disabled state
[ 1247.053968][ T2435] bridge_slave_1: left allmulticast mode
[ 1247.064486][ T2435] bridge_slave_1: left promiscuous mode
[ 1247.087798][ T2435] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1247.108794][T22557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4503'.
[ 1247.123238][ T2435] bridge_slave_0: left allmulticast mode
[ 1247.132501][ T5134] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1247.143232][ T2435] bridge_slave_0: left promiscuous mode
[ 1247.159293][ T2435] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1247.179791][ T5134] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1247.216562][ T5134] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1247.262680][ T5134] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1247.285885][ T5134] usb 4-1: SerialNumber: syz
[ 1247.561874][T22565] tmpfs: Bad value for 'huge'
[ 1248.825546][ T2435] bridge4 (unregistering): left promiscuous mode
[ 1248.854958][ T2435] team0: Port device bridge4 removed
[ 1248.954459][ T2435] bridge5 (unregistering): left promiscuous mode
[ 1248.966528][ T2435] team0: Port device bridge5 removed
[ 1249.052925][ T2435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1249.069000][ T2435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1249.093294][ T2435] bond0 (unregistering): Released all slaves
[ 1249.115909][ T2435] bond1 (unregistering): Released all slaves
[ 1249.385402][ T5134] usb 4-1: 0:2 : does not exist
[ 1249.396589][T22582] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1249.404425][ T5134] usb 4-1: unit 5 not found!
[ 1249.428246][ T5134] usb 4-1: USB disconnect, device number 102
[ 1249.553607][T22584] batadv_slave_0: entered promiscuous mode
[ 1249.607846][ T2435] tipc: Left network mode
[ 1249.639824][T22580] batadv_slave_0: left promiscuous mode
[ 1249.692307][T20507] udevd[20507]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1249.729732][T22587] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1249.742440][T22587] cramfs: wrong magic
[ 1250.388401][T22590] fuse: Unknown parameter '0x0000000000000004'
[ 1251.259094][ T2435] hsr_slave_0: left promiscuous mode
[ 1251.291324][ T2435] hsr_slave_1: left promiscuous mode
[ 1251.311340][ T2435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1251.330193][ T2435] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1251.362047][ T2435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1251.389732][ T2435] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1251.521895][ T2435] veth1_macvtap: left promiscuous mode
[ 1251.550744][ T2435] veth0_macvtap: left promiscuous mode
[ 1251.586268][ T2435] veth1_vlan: left promiscuous mode
[ 1251.601456][ T2435] veth0_vlan: left promiscuous mode
[ 1252.000021][T22641] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1252.011546][T22641] cramfs: wrong magic
[ 1252.822439][T22643] fuse: Unknown parameter '0x0000000000000004'
[ 1253.100019][T22650] FAULT_INJECTION: forcing a failure.
[ 1253.100019][T22650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1253.139495][T22650] CPU: 1 PID: 22650 Comm: syz.4.4527 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1253.149713][T22650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1253.159802][T22650] Call Trace:
[ 1253.163108][T22650]  <TASK>
[ 1253.166069][T22650]  dump_stack_lvl+0x241/0x360
[ 1253.170797][T22650]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1253.176050][T22650]  ? __pfx__printk+0x10/0x10
[ 1253.180691][T22650]  ? bpf_cgroup_storage_free+0x8f/0xb0
[ 1253.186189][T22650]  ? __pfx_lock_release+0x10/0x10
[ 1253.191241][T22650]  ? bpf_test_run+0x840/0x910
[ 1253.195957][T22650]  should_fail_ex+0x3b0/0x4e0
[ 1253.200680][T22650]  _copy_to_user+0x2f/0xb0
[ 1253.205138][T22650]  bpf_test_finish+0x30f/0x8b0
[ 1253.209961][T22650]  ? __pfx_bpf_test_finish+0x10/0x10
[ 1253.215299][T22650]  ? convert___skb_to_skb+0x41/0x620
[ 1253.220619][T22650]  ? convert_skb_to___skb+0x2d3/0x510
[ 1253.226034][T22650]  bpf_prog_test_run_skb+0xd06/0x13a0
[ 1253.231450][T22650]  ? __pfx_lock_release+0x10/0x10
[ 1253.236524][T22650]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1253.242375][T22650]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1253.248214][T22650]  bpf_prog_test_run+0x33a/0x3b0
[ 1253.253162][T22650]  __sys_bpf+0x48d/0x810
[ 1253.257421][T22650]  ? __pfx___sys_bpf+0x10/0x10
[ 1253.262209][T22650]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1253.268201][T22650]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1253.274538][T22650]  ? do_syscall_64+0x100/0x230
[ 1253.279323][T22650]  __x64_sys_bpf+0x7c/0x90
[ 1253.283753][T22650]  do_syscall_64+0xf3/0x230
[ 1253.288275][T22650]  ? clear_bhb_loop+0x35/0x90
[ 1253.292976][T22650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1253.298887][T22650] RIP: 0033:0x7f3898f75b99
[ 1253.303321][T22650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1253.322939][T22650] RSP: 002b:00007f3899cc3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1253.331362][T22650] RAX: ffffffffffffffda RBX: 00007f3899103f60 RCX: 00007f3898f75b99
[ 1253.339340][T22650] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[ 1253.347315][T22650] RBP: 00007f3899cc30a0 R08: 0000000000000000 R09: 0000000000000000
[ 1253.355301][T22650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1253.363383][T22650] R13: 000000000000000b R14: 00007f3899103f60 R15: 00007ffc95c429f8
[ 1253.371374][T22650]  </TASK>
[ 1254.126988][ T2435] team_slave_1 (unregistering): left promiscuous mode
[ 1254.139208][ T2435] team0 (unregistering): Port device team_slave_1 removed
[ 1254.237949][ T2435] team_slave_0 (unregistering): left promiscuous mode
[ 1254.246877][ T2435] team0 (unregistering): Port device team_slave_0 removed
[ 1255.516760][T22669] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4532'.
[ 1255.717771][T22673] fuse: Bad value for 'fd'
[ 1255.758774][T22418] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1256.048718][T22681] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1256.056353][T22681] cramfs: wrong magic
[ 1256.247069][T22683] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1256.258062][T22683] cramfs: wrong magic
[ 1256.752754][T22418] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1256.887926][T22418] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1256.924467][T22418] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1257.110778][T22700] ubi0: attaching mtd0
[ 1257.116954][T22700] ubi0: scanning is finished
[ 1257.185901][T22700] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1257.193729][T22700] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1257.201265][T22700] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1257.211024][T22700] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 1257.218517][T22700] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1257.225327][T22700] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1257.233480][T22700] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 842012303
[ 1257.243584][T22700] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1257.253769][T22701] ubi0: background thread "ubi_bgt0d" started, PID 22701
[ 1257.346676][T22706] fuse: Unknown parameter '0x0000000000000004'
[ 1257.420301][T22418] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1257.532243][T22418] 8021q: adding VLAN 0 to HW filter on device team0
[ 1257.585886][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1257.593138][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1257.665935][ T2435] IPVS: stop unused estimator thread 0...
[ 1257.674535][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1257.681749][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1257.843716][T22720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4545'.
[ 1257.980269][ T2435] bridge_slave_1: left allmulticast mode
[ 1257.986077][ T2435] bridge_slave_1: left promiscuous mode
[ 1258.013558][ T2435] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1258.058528][ T2435] bridge_slave_0: left allmulticast mode
[ 1258.064238][ T2435] bridge_slave_0: left promiscuous mode
[ 1258.088421][ T2435] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1259.031393][T22733] ubi0: detaching mtd0
[ 1259.087295][T22734] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1259.094993][T22734] cramfs: wrong magic
[ 1259.121551][T22733] ubi0: mtd0 is detached
[ 1260.235140][ T2435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1260.314883][ T2435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1260.333950][ T2435] bond0 (unregistering): Released all slaves
[ 1260.357884][T22727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4546'.
[ 1260.721919][T22767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4556'.
[ 1260.956822][T22769] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1260.968583][T22769] cramfs: wrong magic
[ 1261.823363][T22418] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1261.972153][ T2435] hsr_slave_0: left promiscuous mode
[ 1262.008305][ T2435] hsr_slave_1: left promiscuous mode
[ 1262.032055][ T2435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1262.055214][ T2435] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1262.080538][ T2435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1262.109461][ T2435] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1262.277272][ T2435] veth1_macvtap: left promiscuous mode
[ 1262.310642][ T2435] veth0_macvtap: left promiscuous mode
[ 1262.345416][ T2435] veth1_vlan: left promiscuous mode
[ 1262.359250][ T2435] veth0_vlan: left promiscuous mode
[ 1264.484848][ T2435] team0 (unregistering): Port device team_slave_1 removed
[ 1264.585723][ T2435] team0 (unregistering): Port device team_slave_0 removed
[ 1264.779931][T22809] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1264.791734][T22809] cramfs: wrong magic
[ 1266.613887][T22793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4567'.
[ 1266.813907][T22805] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4570'.
[ 1267.056554][T22418] veth0_vlan: entered promiscuous mode
[ 1267.389949][T22829] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4575'.
[ 1267.738065][T22418] veth1_vlan: entered promiscuous mode
[ 1268.031727][T22418] veth0_macvtap: entered promiscuous mode
[ 1268.063380][T22418] veth1_macvtap: entered promiscuous mode
[ 1268.310107][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1268.353164][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.394738][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1268.424257][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.450819][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1268.476713][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.492197][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1268.503123][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.521040][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1268.548203][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.608836][T22418] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1268.651212][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1268.667138][T17336] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1268.680322][T17336] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1268.692783][T17336] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1268.707811][T17336] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1268.718138][T17336] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1268.725333][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.735594][T17336] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1268.766023][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1268.844259][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.898094][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1268.934626][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1268.973295][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1268.998742][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1269.017395][T22418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1269.032942][T22418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1269.058398][T22418] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1269.165716][T22845] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4584'.
[ 1269.223589][ T2435] IPVS: stop unused estimator thread 0...
[ 1269.231374][T22418] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1269.265626][T22418] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1269.310316][T22418] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1269.344433][T22418] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1269.417950][T22851] FAULT_INJECTION: forcing a failure.
[ 1269.417950][T22851] name failslab, interval 1, probability 0, space 0, times 0
[ 1269.477433][T22851] CPU: 0 PID: 22851 Comm: syz.4.4585 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1269.487663][T22851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1269.497849][T22851] Call Trace:
[ 1269.501157][T22851]  <TASK>
[ 1269.504112][T22851]  dump_stack_lvl+0x241/0x360
[ 1269.508846][T22851]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1269.514093][T22851]  ? __pfx__printk+0x10/0x10
[ 1269.518728][T22851]  ? vfs_write+0x7c4/0xc90
[ 1269.523203][T22851]  should_fail_ex+0x3b0/0x4e0
[ 1269.527932][T22851]  ? getname_flags+0xbd/0x4f0
[ 1269.532645][T22851]  should_failslab+0x9/0x20
[ 1269.537179][T22851]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 1269.542596][T22851]  getname_flags+0xbd/0x4f0
[ 1269.547143][T22851]  user_path_at_empty+0x2c/0x60
[ 1269.552041][T22851]  __x64_sys_chmod+0xd8/0x1b0
[ 1269.556757][T22851]  ? __pfx___x64_sys_chmod+0x10/0x10
[ 1269.562089][T22851]  ? do_syscall_64+0x100/0x230
[ 1269.566911][T22851]  ? do_syscall_64+0xb6/0x230
[ 1269.571647][T22851]  do_syscall_64+0xf3/0x230
[ 1269.576198][T22851]  ? clear_bhb_loop+0x35/0x90
[ 1269.580932][T22851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.586870][T22851] RIP: 0033:0x7f3898f75b99
[ 1269.591328][T22851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1269.610982][T22851] RSP: 002b:00007f3899cc3048 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[ 1269.619878][T22851] RAX: ffffffffffffffda RBX: 00007f3899103f60 RCX: 00007f3898f75b99
[ 1269.628338][T22851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[ 1269.636341][T22851] RBP: 00007f3899cc30a0 R08: 0000000000000000 R09: 0000000000000000
[ 1269.644347][T22851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1269.652347][T22851] R13: 000000000000000b R14: 00007f3899103f60 R15: 00007ffc95c429f8
[ 1269.660373][T22851]  </TASK>
[ 1270.158522][ T2435] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.190406][ T2435] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 51158 - 0
[ 1270.227665][ T2435] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 42965 - 0
[ 1270.357647][ T5133] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 1270.448045][T22860] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4586'.
[ 1270.506365][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1270.514545][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1270.538809][ T5133] usb 5-1: device descriptor read/64, error -71
[ 1270.680176][ T2435] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.697791][ T2435] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 51158 - 0
[ 1270.720086][ T2435] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 42965 - 0
[ 1270.807555][ T5133] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1270.830858][ T2435] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.868524][ T2435] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 51158 - 0
[ 1270.889113][T17336] Bluetooth: hci1: command tx timeout
[ 1270.913510][ T2435] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 42965 - 0
[ 1270.957547][ T5133] usb 5-1: device descriptor read/64, error -71
[ 1271.055023][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1271.086458][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1271.091040][ T5133] usb usb5-port1: attempt power cycle
[ 1271.164530][ T2435] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[ 1271.200095][ T2435] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode
[ 1271.250521][ T2435] team0: Port device netdevsim0 removed
[ 1271.269198][ T2435] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1271.280451][ T2435] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 51158 - 0
[ 1271.311454][ T2435] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 42965 - 0
[ 1271.528434][ T5133] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1271.568303][ T5133] usb 5-1: device descriptor read/8, error -71
[ 1271.791351][T22838] chnl_net:caif_netlink_parms(): no params data found
[ 1271.837597][ T5133] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1271.913558][ T5133] usb 5-1: device descriptor read/8, error -71
[ 1271.993965][T22884] jfs: Unrecognized mount option "gid=" or missing value
[ 1272.042536][ T2435] team0: left allmulticast mode
[ 1272.048300][ T5133] usb usb5-port1: unable to enumerate USB device
[ 1272.059964][ T2435] team_slave_0: left allmulticast mode
[ 1272.065495][ T2435] team_slave_1: left allmulticast mode
[ 1272.078830][T22884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4593'.
[ 1272.088751][ T2435] bridge1: left allmulticast mode
[ 1272.093852][ T2435] bridge2: left allmulticast mode
[ 1272.101084][ T2435] bridge3: left allmulticast mode
[ 1272.106285][ T2435] bridge6: left allmulticast mode
[ 1272.112075][ T2435] bridge0: port 3(team0) entered disabled state
[ 1272.159526][ T2435] bridge_slave_1: left allmulticast mode
[ 1272.175664][ T2435] bridge_slave_1: left promiscuous mode
[ 1272.187447][ T2435] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1272.242140][ T2435] bridge_slave_0: left allmulticast mode
[ 1272.267787][ T2435] bridge_slave_0: left promiscuous mode
[ 1272.280062][ T2435] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1272.971396][T17336] Bluetooth: hci1: command tx timeout
[ 1273.958739][T22909] net_ratelimit: 318 callbacks suppressed
[ 1273.958764][T22909] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[ 1274.198357][ T2435] bridge1 (unregistering): left promiscuous mode
[ 1274.231385][ T2435] team0: Port device bridge1 removed
[ 1274.339342][ T2435] bridge2 (unregistering): left promiscuous mode
[ 1274.358512][ T2435] team0: Port device bridge2 removed
[ 1274.377756][  T785] usb 1-1: new full-speed USB device number 112 using dummy_hcd
[ 1274.438376][ T2435] bridge3 (unregistering): left promiscuous mode
[ 1274.459473][ T2435] team0: Port device bridge3 removed
[ 1274.606355][  T785] usb 1-1: not running at top speed; connect to a high speed hub
[ 1274.626365][  T785] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1274.644753][  T785] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1274.656126][  T785] usb 1-1: config 1 interface 0 has no altsetting 0
[ 1274.673982][  T785] usb 1-1: New USB device found, idVendor=05ac, idProduct=0221, bcdDevice= 0.40
[ 1274.685147][  T785] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.693570][  T785] usb 1-1: Product: syz
[ 1274.703004][  T785] usb 1-1: Manufacturer: syz
[ 1274.726525][  T785] usb 1-1: SerialNumber: syz
[ 1274.733847][ T2435] bridge6 (unregistering): left promiscuous mode
[ 1274.742842][T22909] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1274.755986][T22909] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1274.764972][ T2435] team0: Port device bridge6 removed
[ 1274.984399][T22909] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4597'.
[ 1275.038516][T17336] Bluetooth: hci1: command tx timeout
[ 1275.073081][ T2435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1275.115361][ T2435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1275.130530][ T2435] bond0 (unregistering): Released all slaves
[ 1275.191169][T22903] bridge_slave_0: default FDB implementation only supports local addresses
[ 1275.202156][T22907] bridge_slave_0: left allmulticast mode
[ 1275.209559][T22907] bridge_slave_0: left promiscuous mode
[ 1275.217105][T22907] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1275.338412][T22917] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1275.452209][T22921] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4598'.
[ 1275.781986][T22838] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1275.826021][T22838] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1275.858791][T22838] bridge_slave_0: entered allmulticast mode
[ 1275.880231][T22838] bridge_slave_0: entered promiscuous mode
[ 1275.997590][T17336] Bluetooth: hci0: command 0x080f tx timeout
[ 1276.033952][  T785] usbhid 1-1:1.0: can't add hid device: -71
[ 1276.061732][T22838] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1276.086626][  T785] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[ 1276.108991][T22838] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1276.147238][T22838] bridge_slave_1: entered allmulticast mode
[ 1276.155885][  T785] usb 1-1: USB disconnect, device number 112
[ 1276.215318][T22838] bridge_slave_1: entered promiscuous mode
[ 1276.553617][ T2435] hsr_slave_0: left promiscuous mode
[ 1276.587762][ T2435] hsr_slave_1: left promiscuous mode
[ 1276.643126][ T2435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1276.667511][ T2435] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1276.692940][ T2435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1276.731188][ T2435] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1276.816782][ T2435] veth1_macvtap: left promiscuous mode
[ 1276.851742][ T2435] veth0_macvtap: left promiscuous mode
[ 1276.863905][ T2435] veth1_vlan: left promiscuous mode
[ 1276.878710][ T2435] veth0_vlan: left promiscuous mode
[ 1277.117665][T17336] Bluetooth: hci1: command tx timeout
[ 1279.245830][ T2435] team_slave_1 (unregistering): left promiscuous mode
[ 1279.263897][ T2435] team0 (unregistering): Port device team_slave_1 removed
[ 1279.427850][ T2435] team_slave_0 (unregistering): left promiscuous mode
[ 1279.447666][ T2435] team0 (unregistering): Port device team_slave_0 removed
[ 1281.260473][T22943] netlink: 'syz.2.4604': attribute type 10 has an invalid length.
[ 1281.310178][T22943] batman_adv: batadv0: Adding interface: team0
[ 1281.316440][T22943] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1281.350558][T22943] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1281.361797][T22945] netlink: 'syz.2.4604': attribute type 10 has an invalid length.
[ 1281.370117][T22945] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4604'.
[ 1281.381357][T22945] team0: entered promiscuous mode
[ 1281.386407][T22945] team_slave_0: entered promiscuous mode
[ 1281.392320][T22945] team_slave_1: entered promiscuous mode
[ 1281.400306][T22945] 8021q: adding VLAN 0 to HW filter on device team0
[ 1281.407199][T22945] batman_adv: batadv0: Interface activated: team0
[ 1281.413875][T22945] batman_adv: batadv0: Interface deactivated: team0
[ 1281.420585][T22945] batman_adv: batadv0: Removing interface: team0
[ 1281.428075][T22945] bridge0: port 3(team0) entered blocking state
[ 1281.434558][T22945] bridge0: port 3(team0) entered disabled state
[ 1281.441777][T22945] team0: entered allmulticast mode
[ 1281.446931][T22945] team_slave_0: entered allmulticast mode
[ 1281.452794][T22945] team_slave_1: entered allmulticast mode
[ 1281.461589][T22945] bridge0: port 3(team0) entered blocking state
[ 1281.468052][T22945] bridge0: port 3(team0) entered forwarding state
[ 1281.486159][T22838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1281.535651][T22980] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4611'.
[ 1281.618794][T22838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1281.855821][T22838] team0: Port device team_slave_0 added
[ 1281.882420][T22838] team0: Port device team_slave_1 added
[ 1282.047104][T22838] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1282.064463][T22838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1282.090556][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.137432][T22838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1282.178560][T22838] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1282.195902][T22838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1282.221867][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.267418][T22838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1282.310793][  T785] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 1282.877260][ T2435] IPVS: stop unused estimator thread 0...
[ 1283.030378][T22838] hsr_slave_0: entered promiscuous mode
[ 1283.085270][T22838] hsr_slave_1: entered promiscuous mode
[ 1283.143322][T22838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1283.170262][T22838] Cannot create hsr debugfs directory
[ 1283.277511][  T785] usb 3-1: Using ep0 maxpacket: 8
[ 1283.287622][  T785] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1283.306627][  T785] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1283.334520][  T785] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1283.393916][  T785] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1283.473174][  T785] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1283.808195][  T785] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1283.887144][T23019] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1283.897659][T23019] cramfs: wrong magic
[ 1285.035831][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1285.204364][T23029] netlink: 'syz.1.4624': attribute type 10 has an invalid length.
[ 1285.314369][T23029] batman_adv: batadv0: Adding interface: team0
[ 1285.350607][  T785] usb 3-1: can't set config #16, error -71
[ 1285.359764][  T785] usb 3-1: USB disconnect, device number 94
[ 1285.387189][T23029] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1285.467729][T23029] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1285.551883][T23032] netlink: 'syz.1.4624': attribute type 10 has an invalid length.
[ 1285.578372][T23032] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4624'.
[ 1285.601545][T23032] team0: entered promiscuous mode
[ 1285.614455][T23032] team_slave_0: entered promiscuous mode
[ 1285.633058][T23032] team_slave_1: entered promiscuous mode
[ 1285.646531][T23032] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1285.657261][T23032] bridge1: entered promiscuous mode
[ 1285.684785][T23032] 8021q: adding VLAN 0 to HW filter on device team0
[ 1285.696360][T23032] batman_adv: batadv0: Interface activated: team0
[ 1285.706822][T23032] batman_adv: batadv0: Interface deactivated: team0
[ 1285.721394][T23032] batman_adv: batadv0: Removing interface: team0
[ 1285.734193][T23032] bridge0: port 3(team0) entered blocking state
[ 1285.751476][T23032] bridge0: port 3(team0) entered disabled state
[ 1285.760155][T23032] team0: entered allmulticast mode
[ 1285.765598][T23032] team_slave_0: entered allmulticast mode
[ 1285.772169][T23032] team_slave_1: entered allmulticast mode
[ 1285.782081][T23032] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 1285.791553][T23032] bridge1: entered allmulticast mode
[ 1285.806564][T23032] bridge0: port 3(team0) entered blocking state
[ 1285.813109][T23032] bridge0: port 3(team0) entered forwarding state
[ 1285.828453][T23040] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4625'.
[ 1286.518709][T23065] netlink: 9412 bytes leftover after parsing attributes in process `syz.4.4632'.
[ 1287.133299][T23077] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1287.141040][T23077] cramfs: wrong magic
[ 1289.147840][T23095] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4640'.
[ 1289.193548][T23096] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4639'.
[ 1289.689300][T22838] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1289.762947][T22838] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1289.806735][T22838] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1289.867007][T22838] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1290.396381][T23122] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1290.408666][T23122] cramfs: wrong magic
[ 1290.534701][T22838] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1290.969622][T22838] 8021q: adding VLAN 0 to HW filter on device team0
[ 1291.029668][  T786] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1291.036902][  T786] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1291.163825][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1291.171085][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1291.991668][T23132] netlink: 'syz.0.4648': attribute type 10 has an invalid length.
[ 1292.096778][T23132] team0: Port device netdevsim0 added
[ 1292.117015][T23137] FAULT_INJECTION: forcing a failure.
[ 1292.117015][T23137] name failslab, interval 1, probability 0, space 0, times 0
[ 1292.221622][T23137] CPU: 0 PID: 23137 Comm: syz.1.4650 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1292.231858][T23137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1292.241959][T23137] Call Trace:
[ 1292.245277][T23137]  <TASK>
[ 1292.248242][T23137]  dump_stack_lvl+0x241/0x360
[ 1292.252977][T23137]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1292.258223][T23137]  ? __pfx__printk+0x10/0x10
[ 1292.262870][T23137]  should_fail_ex+0x3b0/0x4e0
[ 1292.267601][T23137]  ? nf_tables_newtable+0x52e/0x1dc0
[ 1292.272929][T23137]  should_failslab+0x9/0x20
[ 1292.277475][T23137]  kmalloc_trace_noprof+0x6c/0x2c0
[ 1292.282661][T23137]  ? nft_pernet+0x23/0x240
[ 1292.287166][T23137]  nf_tables_newtable+0x52e/0x1dc0
[ 1292.292327][T23137]  ? nfnl_pernet+0x23/0x240
[ 1292.296878][T23137]  ? __pfx_nf_tables_newtable+0x10/0x10
[ 1292.302475][T23137]  ? __nla_parse+0x40/0x60
[ 1292.306945][T23137]  nfnetlink_rcv+0x1427/0x2a80
[ 1292.311763][T23137]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1292.318182][T23137]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1292.323348][T23137]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1292.328515][T23137]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1292.333822][T23137]  ? skb_clone+0x240/0x390
[ 1292.338266][T23137]  ? __pfx_lock_release+0x10/0x10
[ 1292.343323][T23137]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1292.348560][T23137]  netlink_unicast+0x7ea/0x980
[ 1292.353355][T23137]  ? __pfx_netlink_unicast+0x10/0x10
[ 1292.358658][T23137]  ? __virt_addr_valid+0x183/0x520
[ 1292.363815][T23137]  ? __check_object_size+0x49c/0x900
[ 1292.369116][T23137]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1292.374247][T23137]  netlink_sendmsg+0x8db/0xcb0
[ 1292.379060][T23137]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1292.384364][T23137]  ? __import_iovec+0x536/0x820
[ 1292.389243][T23137]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1292.394533][T23137]  ? security_socket_sendmsg+0x87/0xb0
[ 1292.400027][T23137]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1292.405415][T23137]  __sock_sendmsg+0x221/0x270
[ 1292.410110][T23137]  ____sys_sendmsg+0x525/0x7d0
[ 1292.414918][T23137]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1292.420254][T23137]  __sys_sendmsg+0x2b0/0x3a0
[ 1292.424864][T23137]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1292.429991][T23137]  ? vfs_write+0x7c4/0xc90
[ 1292.434473][T23137]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1292.440821][T23137]  ? do_syscall_64+0x100/0x230
[ 1292.445623][T23137]  ? do_syscall_64+0xb6/0x230
[ 1292.450319][T23137]  do_syscall_64+0xf3/0x230
[ 1292.454842][T23137]  ? clear_bhb_loop+0x35/0x90
[ 1292.459538][T23137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1292.465447][T23137] RIP: 0033:0x7f2e26375b99
[ 1292.469903][T23137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1292.489524][T23137] RSP: 002b:00007f2e27120048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1292.497970][T23137] RAX: ffffffffffffffda RBX: 00007f2e26503f60 RCX: 00007f2e26375b99
[ 1292.505948][T23137] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[ 1292.513930][T23137] RBP: 00007f2e271200a0 R08: 0000000000000000 R09: 0000000000000000
[ 1292.521908][T23137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1292.529888][T23137] R13: 000000000000000b R14: 00007f2e26503f60 R15: 00007fff5f9a7a18
[ 1292.537913][T23137]  </TASK>
[ 1292.852254][T23152] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4654'.
[ 1292.877694][ T5133] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1292.899408][T23155] tmpfs: Bad value for 'nr_inodes'
[ 1293.081002][ T5133] usb 3-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1293.120911][ T5133] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1293.163350][T22838] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1293.185905][ T5133] usb 3-1: config 0 descriptor??
[ 1293.428803][T22838] veth0_vlan: entered promiscuous mode
[ 1293.494618][T22838] veth1_vlan: entered promiscuous mode
[ 1293.633671][T22838] veth0_macvtap: entered promiscuous mode
[ 1293.670731][T22838] veth1_macvtap: entered promiscuous mode
[ 1293.979588][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1294.065645][T23176] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1294.076057][T23176] cramfs: wrong magic
[ 1294.117577][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1294.205732][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1294.408055][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1294.623861][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1294.673912][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1294.728661][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1294.789544][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1294.840790][ T5133] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1294.848965][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1294.857453][ T5133] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1294.889886][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1294.969826][T22838] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1295.041971][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1295.049711][ T5133] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1295.084654][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1295.100043][ T5133] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1295.106133][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1295.177429][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1295.187317][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1295.613869][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1295.866485][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1296.057982][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1296.127493][T22838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1296.167926][T22838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1296.207238][T22838] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1296.243707][T23210] netlink: 'syz.2.4665': attribute type 10 has an invalid length.
[ 1296.260148][ T5133] asix 3-1:0.0 eth1: register 'asix' at usb-dummy_hcd.2-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 1296.293907][ T5133] usb 3-1: USB disconnect, device number 95
[ 1296.305042][ T5133] asix 3-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.2-1, ASIX AX88178 USB 2.0 Ethernet
[ 1296.352449][T23210] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1296.367761][T23210] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 1296.394451][T23210] team0: Port device netdevsim0 added
[ 1296.473333][T22838] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1296.515330][T22838] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1296.552900][T23219] tmpfs: Bad value for 'nr_inodes'
[ 1296.562733][T22838] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1296.575546][ T5086] Bluetooth: hci0: unexpected event for opcode 0x0c05
[ 1296.621536][T22838] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1296.640078][T23221] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4667'.
[ 1296.912738][ T2435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1296.962784][ T2435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1297.107319][ T2435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1297.151472][ T2435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1297.369218][T23230] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4670'.
[ 1297.474080][  T786] IPVS: starting estimator thread 0...
[ 1297.491085][T23237] IPVS: rr: SCTP 127.0.0.1:0 - no destination available
[ 1297.597885][T23238] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1298.146986][  T786] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[ 1298.398039][T17336] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[ 1298.407457][T17336] Bluetooth: hci6: Injecting HCI hardware error event
[ 1298.418515][ T5086] Bluetooth: hci6: hardware error 0x00
[ 1298.637237][  T786] usb 2-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1298.762132][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1299.000024][  T786] usb 2-1: config 0 descriptor??
[ 1299.227804][T23268] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4678'.
[ 1299.374005][T23272] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4679'.
[ 1299.485018][T23275] tmpfs: Bad value for 'nr_inodes'
[ 1299.667243][  T786] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1299.679296][ T5133] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 1299.720639][  T786] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1299.897622][ T5133] usb 1-1: Using ep0 maxpacket: 8
[ 1299.913363][  T786] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1299.932622][ T5133] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1299.966739][  T786] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1299.990295][ T5133] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1300.013095][ T5133] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1300.024129][ T5133] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1300.032797][ T5133] usb 1-1: Product: syz
[ 1300.037221][ T5133] usb 1-1: Manufacturer: syz
[ 1300.050704][ T5133] usb 1-1: SerialNumber: syz
[ 1300.206228][  T786] asix 2-1:0.0 eth1: register 'asix' at usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 1300.284610][  T786] usb 2-1: USB disconnect, device number 99
[ 1300.332312][ T5133] usb 1-1: invalid UAC_HEADER (v1)
[ 1300.361642][  T786] asix 2-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet
[ 1300.456387][ T5133] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1300.494867][ T5133] usb 1-1: USB disconnect, device number 113
[ 1300.661413][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.671646][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.711926][T23297] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4686'.
[ 1300.769575][T20516] udevd[20516]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1301.118134][ T5086] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[ 1301.287479][    T8] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1301.444958][T23328] ptm ptm1: ldisc open failed (-12), clearing slot 1
[ 1301.517734][    T8] usb 4-1: Using ep0 maxpacket: 32
[ 1301.546377][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1301.591693][    T8] usb 4-1: New USB device found, idVendor=056a, idProduct=010e, bcdDevice= 0.00
[ 1301.619991][T23334] tmpfs: Bad value for 'nr_inodes'
[ 1301.632036][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1301.718286][    T8] usb 4-1: config 0 descriptor??
[ 1301.721510][T23337] netlink: 'syz.4.4695': attribute type 10 has an invalid length.
[ 1301.773599][    T8] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1301.832349][T23337] team0: Port device netdevsim0 added
[ 1303.613366][T23360] FAULT_INJECTION: forcing a failure.
[ 1303.613366][T23360] name failslab, interval 1, probability 0, space 0, times 0
[ 1303.652920][T23360] CPU: 1 PID: 23360 Comm: syz.4.4701 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1303.663161][T23360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1303.673250][T23360] Call Trace:
[ 1303.676618][T23360]  <TASK>
[ 1303.679580][T23360]  dump_stack_lvl+0x241/0x360
[ 1303.684313][T23360]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1303.689647][T23360]  ? __pfx__printk+0x10/0x10
[ 1303.694286][T23360]  ? __pfx___might_resched+0x10/0x10
[ 1303.699600][T23360]  ? find_mergeable_anon_vma+0x673/0x870
[ 1303.705260][T23360]  should_fail_ex+0x3b0/0x4e0
[ 1303.709967][T23360]  ? __anon_vma_prepare+0x117/0x4a0
[ 1303.715233][T23360]  should_failslab+0x9/0x20
[ 1303.719774][T23360]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 1303.725190][T23360]  __anon_vma_prepare+0x117/0x4a0
[ 1303.730272][T23360]  handle_pte_fault+0x57d7/0x7090
[ 1303.735387][T23360]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1303.740816][T23360]  ? __pfx_lock_acquire+0x10/0x10
[ 1303.745889][T23360]  ? __pmd_alloc+0x50b/0x630
[ 1303.750524][T23360]  ? __pfx_lock_release+0x10/0x10
[ 1303.755586][T23360]  ? do_raw_spin_lock+0x14f/0x370
[ 1303.760646][T23360]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1303.765903][T23360]  ? _raw_spin_unlock+0x28/0x50
[ 1303.770879][T23360]  ? __pmd_alloc+0x50b/0x630
[ 1303.773896][T23367] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4700'.
[ 1303.775495][T23360]  ? __pfx___pmd_alloc+0x10/0x10
[ 1303.789549][T23360]  handle_mm_fault+0xfb0/0x19d0
[ 1303.794473][T23360]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1303.799846][T23360]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1303.806289][T23360]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1303.811636][T23360]  exc_page_fault+0x2b9/0x8c0
[ 1303.816372][T23360]  asm_exc_page_fault+0x26/0x30
[ 1303.821269][T23360] RIP: 0010:__put_user_4+0x11/0x20
[ 1303.826426][T23360] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 1303.846078][T23360] RSP: 0018:ffffc90009687498 EFLAGS: 00050202
[ 1303.852196][T23360] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020000140
[ 1303.860207][T23360] RDX: 0000000000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f1580
[ 1303.868218][T23360] RBP: ffffc90009687610 R08: ffffffff8fac216f R09: 1ffffffff1f5842d
[ 1303.876233][T23360] R10: dffffc0000000000 R11: fffffbfff1f5842e R12: ffffc900096874e0
[ 1303.884250][T23360] R13: 1ffff920012d0e9c R14: dffffc0000000000 R15: 1ffff920012d0e98
[ 1303.892369][T23360]  sk_ioctl+0x369/0x680
[ 1303.896592][T23360]  ? __pfx_sk_ioctl+0x10/0x10
[ 1303.901336][T23360]  ? __pfx_lock_acquire+0x10/0x10
[ 1303.906409][T23360]  inet6_ioctl+0x203/0x280
[ 1303.910884][T23360]  ? __pfx_inet6_ioctl+0x10/0x10
[ 1303.915881][T23360]  ? 0xffffffffa00041c0
[ 1303.920079][T23360]  ? 0xffffffffa00041c0
[ 1303.924275][T23360]  ? is_bpf_text_address+0x285/0x2a0
[ 1303.929630][T23360]  sock_do_ioctl+0x158/0x460
[ 1303.934280][T23360]  ? __kernel_text_address+0xd/0x40
[ 1303.939543][T23360]  ? unwind_get_return_address+0x91/0xc0
[ 1303.945234][T23360]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1303.950425][T23360]  ? stack_trace_save+0x118/0x1d0
[ 1303.955516][T23360]  sock_ioctl+0x629/0x8e0
[ 1303.959909][T23360]  ? __pfx_sock_ioctl+0x10/0x10
[ 1303.964828][T23360]  ? kasan_save_track+0x51/0x80
[ 1303.969736][T23360]  ? kasan_save_track+0x3f/0x80
[ 1303.974637][T23360]  ? kasan_save_free_info+0x40/0x50
[ 1303.979883][T23360]  ? poison_slab_object+0xe0/0x150
[ 1303.985049][T23360]  ? __kasan_slab_free+0x37/0x60
[ 1303.990032][T23360]  ? kfree+0x149/0x360
[ 1303.994144][T23360]  ? tomoyo_path_number_perm+0x68d/0x880
[ 1303.999832][T23360]  ? __se_sys_ioctl+0x47/0x170
[ 1304.004670][T23360]  ? do_syscall_64+0xf3/0x230
[ 1304.009396][T23360]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1304.015512][T23360]  ? __pfx_sock_ioctl+0x10/0x10
[ 1304.020417][T23360]  do_vfs_ioctl+0xece/0x2e50
[ 1304.025071][T23360]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1304.030169][T23360]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1304.036562][T23360]  ? tomoyo_path_number_perm+0x208/0x880
[ 1304.042253][T23360]  ? __pfx_lock_release+0x10/0x10
[ 1304.047340][T23360]  ? kfree+0x149/0x360
[ 1304.051552][T23360]  ? tomoyo_path_number_perm+0x71a/0x880
[ 1304.057250][T23360]  ? tomoyo_path_number_perm+0x208/0x880
[ 1304.062946][T23360]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1304.069003][T23360]  ? __asan_memset+0x23/0x50
[ 1304.073640][T23360]  ? smack_file_ioctl+0x2a1/0x3a0
[ 1304.078730][T23360]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1304.084161][T23360]  ? __fget_files+0x3f6/0x470
[ 1304.088873][T23360]  ? __fget_files+0x29/0x470
[ 1304.093507][T23360]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1304.098480][T23360]  ? security_file_ioctl+0x87/0xb0
[ 1304.103644][T23360]  __se_sys_ioctl+0x81/0x170
[ 1304.108281][T23360]  do_syscall_64+0xf3/0x230
[ 1304.112822][T23360]  ? clear_bhb_loop+0x35/0x90
[ 1304.117553][T23360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1304.123493][T23360] RIP: 0033:0x7f3898f75b99
[ 1304.127565][  T785] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[ 1304.127927][T23360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1304.127952][T23360] RSP: 002b:00007f3899cc3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1304.163782][T23360] RAX: ffffffffffffffda RBX: 00007f3899103f60 RCX: 00007f3898f75b99
[ 1304.171792][T23360] RDX: 0000000020000140 RSI: 000000000000541b RDI: 0000000000000003
[ 1304.179802][T23360] RBP: 00007f3899cc30a0 R08: 0000000000000000 R09: 0000000000000000
[ 1304.187811][T23360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1304.195817][T23360] R13: 000000000000000b R14: 00007f3899103f60 R15: 00007ffc95c429f8
[ 1304.203943][T23360]  </TASK>
[ 1304.207133][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1304.220581][    T8] usb 4-1: USB disconnect, device number 103
[ 1304.299686][  T785] usb 2-1: Using ep0 maxpacket: 8
[ 1304.346445][  T785] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1304.367225][  T785] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1304.428567][  T785] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1304.450274][T23378] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4704'.
[ 1304.485455][  T785] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1304.536451][  T785] usb 2-1: Product: syz
[ 1304.542465][  T785] usb 2-1: Manufacturer: syz
[ 1304.547131][  T785] usb 2-1: SerialNumber: syz
[ 1304.788978][ T5086] Bluetooth: hci2: unknown advertising packet type: 0x65
[ 1304.789140][ T5086] Bluetooth: hci2: Malformed LE Event: 0x02
[ 1304.826951][  T785] usb 2-1: invalid UAC_HEADER (v1)
[ 1304.889414][ T5133] IPVS: starting estimator thread 0...
[ 1304.912422][T23392] IPVS: rr: SCTP 127.0.0.1:0 - no destination available
[ 1304.972481][  T785] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1304.992964][T23393] IPVS: using max 18 ests per chain, 43200 per kthread
[ 1305.039980][  T785] usb 2-1: USB disconnect, device number 100
[ 1305.354324][T20507] udevd[20507]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1305.575630][T23409] tmpfs: Bad value for 'nr_inodes'
[ 1306.053560][T23431] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4717'.
[ 1306.228100][ T5133] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1306.442282][ T5133] usb 4-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1306.479075][ T5133] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.509296][ T5133] usb 4-1: config 0 descriptor??
[ 1307.271610][ T5133] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1307.324087][ T5133] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1307.557638][ T5133] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1307.586734][ T5133] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1307.806590][ T5133] asix 4-1:0.0 eth1: register 'asix' at usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 1307.847786][  T785] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[ 1307.856820][ T5133] usb 4-1: USB disconnect, device number 104
[ 1307.881066][ T5133] asix 4-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet
[ 1308.077691][  T785] usb 2-1: Using ep0 maxpacket: 16
[ 1308.085195][  T785] usb 2-1: config 8 has an invalid interface number: 88 but max is 2
[ 1308.110181][  T785] usb 2-1: config 8 has an invalid interface number: 101 but max is 2
[ 1308.141810][  T785] usb 2-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[ 1308.173382][  T785] usb 2-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[ 1308.199259][  T785] usb 2-1: config 8 has an invalid interface number: 182 but max is 2
[ 1308.235372][  T785] usb 2-1: config 8 has no interface number 0
[ 1308.262290][  T785] usb 2-1: config 8 has no interface number 1
[ 1308.281767][  T785] usb 2-1: config 8 has no interface number 2
[ 1308.300938][  T785] usb 2-1: config 8 interface 88 altsetting 3 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[ 1308.333510][  T785] usb 2-1: config 8 interface 88 altsetting 3 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1308.385756][  T785] usb 2-1: config 8 interface 88 altsetting 3 endpoint 0x5 has an invalid bInterval 105, changing to 10
[ 1308.416957][  T785] usb 2-1: config 8 interface 101 altsetting 3 endpoint 0xC has invalid maxpacket 512, setting to 64
[ 1308.469709][  T785] usb 2-1: config 8 interface 101 altsetting 3 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1308.498765][  T785] usb 2-1: config 8 interface 101 altsetting 3 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1308.529778][  T785] usb 2-1: config 8 interface 101 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[ 1308.547068][  T785] usb 2-1: config 8 interface 101 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[ 1308.588660][  T785] usb 2-1: config 8 interface 101 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1308.607947][  T785] usb 2-1: config 8 interface 101 altsetting 3 has a duplicate endpoint with address 0xE, skipping
[ 1308.635204][  T785] usb 2-1: config 8 interface 101 altsetting 3 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1308.656309][  T785] usb 2-1: config 8 interface 101 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1308.678751][  T785] usb 2-1: config 8 interface 182 altsetting 8 has a duplicate endpoint with address 0x7, skipping
[ 1308.730876][T23471] IPVS: rr: SCTP 127.0.0.1:0 - no destination available
[ 1308.734352][  T785] usb 2-1: config 8 interface 182 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[ 1308.760380][  T785] usb 2-1: config 8 interface 182 altsetting 8 has a duplicate endpoint with address 0x3, skipping
[ 1308.783849][  T785] usb 2-1: config 8 interface 182 altsetting 8 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 1308.799301][  T785] usb 2-1: config 8 interface 182 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1308.830554][  T785] usb 2-1: config 8 interface 88 has no altsetting 0
[ 1308.842847][  T785] usb 2-1: config 8 interface 101 has no altsetting 0
[ 1308.854728][  T785] usb 2-1: config 8 interface 182 has no altsetting 0
[ 1308.897901][  T785] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=49.4f
[ 1308.910812][  T785] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1308.933612][  T785] usb 2-1: Product: 뛪쩄⢐脔䟉鴊Ẹᡦ댎ꗟᖛۮ㾥䱮┓°͗ꝃទᗇ껅덁搈릁틼卝璠䛲켍窠餼ꭻ鮀
[ 1308.956273][  T785] usb 2-1: Manufacturer: 녻앜砂
[ 1308.970025][  T785] usb 2-1: SerialNumber: syz
[ 1309.384051][T23483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4728'.
[ 1309.554430][T23488] tmpfs: Bad value for 'nr_inodes'
[ 1309.746532][T23453] could not allocate digest TFM handle poly1305-neon
[ 1309.968032][  T785] usb 2-1: USB disconnect, device number 101
[ 1310.543883][ T5086] Bluetooth: hci1: unknown advertising packet type: 0x65
[ 1310.544101][ T5086] Bluetooth: hci1: Malformed LE Event: 0x02
[ 1311.540209][T23521] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4740'.
[ 1311.622049][T23523] IPVS: rr: SCTP 127.0.0.1:0 - no destination available
[ 1312.303838][T23526] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 33867 - 0
[ 1312.314685][T23526] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 33867 - 0
[ 1312.326950][T23526] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 33867 - 0
[ 1312.339322][T23526] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 33867 - 0
[ 1312.374153][T23526] netdevsim netdevsim3 netdevsim0: set [1, 2] type 2 family 0 port 41648 - 0
[ 1312.395567][T23526] netdevsim netdevsim3 netdevsim1: set [1, 2] type 2 family 0 port 41648 - 0
[ 1312.406365][T23526] netdevsim netdevsim3 netdevsim2: set [1, 2] type 2 family 0 port 41648 - 0
[ 1312.416450][T23526] netdevsim netdevsim3 netdevsim3: set [1, 2] type 2 family 0 port 41648 - 0
[ 1312.432169][T23526] geneve2: entered promiscuous mode
[ 1312.438829][T23526] geneve2: entered allmulticast mode
[ 1312.688390][T23535] tmpfs: Bad value for 'nr_inodes'
[ 1313.228805][T23541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4744'.
[ 1314.244676][T23548] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1314.251262][T23548] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1314.317532][T23548] vhci_hcd vhci_hcd.0: Device attached
[ 1314.360114][T23549] tmpfs: Bad value for 'mpol'
[ 1314.392544][T23548] netlink: zone id is out of range
[ 1314.401399][T23548] netlink: zone id is out of range
[ 1314.433916][T23548] netlink: zone id is out of range
[ 1314.451400][T23548] netlink: zone id is out of range
[ 1314.471451][T23548] netlink: zone id is out of range
[ 1314.476697][T23548] netlink: zone id is out of range
[ 1314.493915][T23548] netlink: zone id is out of range
[ 1314.507493][T23548] netlink: zone id is out of range
[ 1314.523640][T23548] netlink: zone id is out of range
[ 1314.587467][ T5164] usb 13-1: new high-speed USB device number 4 using vhci_hcd
[ 1314.617496][T23551] vhci_hcd: connection reset by peer
[ 1314.634496][   T61] vhci_hcd: stop threads
[ 1314.660118][   T61] vhci_hcd: release socket
[ 1314.677820][   T61] vhci_hcd: disconnect device
[ 1315.229253][T23567] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1315.261685][T23567] cramfs: wrong magic
[ 1315.868290][T23571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4751'.
[ 1317.023634][T23585] tmpfs: Bad value for 'nr_inodes'
[ 1317.668179][T23593] tmpfs: Bad value for 'mpol'
[ 1317.749792][T17336] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1317.766506][T17336] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1317.779751][T17336] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1317.809028][T17336] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1317.817775][T17336] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1317.829295][T17336] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1317.987591][ T5133] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[ 1317.992461][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1318.074440][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 38232 - 0
[ 1318.117605][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 43818 - 0
[ 1318.362154][ T5133] usb 1-1: device descriptor read/64, error -71
[ 1318.448662][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1318.479959][T23610] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1318.490723][T23610] cramfs: wrong magic
[ 1318.623095][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 38232 - 0
[ 1318.828255][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 43818 - 0
[ 1319.050027][T23612] netlink: 'syz.2.4764': attribute type 10 has an invalid length.
[ 1319.290709][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1319.337579][ T5133] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[ 1319.355680][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 38232 - 0
[ 1319.401220][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 43818 - 0
[ 1319.507565][ T5133] usb 1-1: device descriptor read/64, error -71
[ 1319.628086][ T5133] usb usb1-port1: attempt power cycle
[ 1319.666154][T23619] IPVS: set_ctl: invalid protocol: 58 10.1.1.2:20000
[ 1319.685754][   T35] team0: Port device netdevsim0 removed
[ 1319.692487][ T5164] vhci_hcd: vhci_device speed not set
[ 1319.736795][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1319.789358][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 38232 - 0
[ 1319.801640][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 43818 - 0
[ 1319.917819][T17336] Bluetooth: hci0: command tx timeout
[ 1320.047634][ T5133] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[ 1320.108192][ T5133] usb 1-1: device descriptor read/8, error -71
[ 1320.152942][T23629] tmpfs: Bad value for 'nr_inodes'
[ 1320.398972][ T5133] usb 1-1: new high-speed USB device number 117 using dummy_hcd
[ 1320.444995][T23636] Cannot find set identified by id 0 to match
[ 1320.465106][   T35] bridge_slave_1: left allmulticast mode
[ 1320.484440][   T35] bridge_slave_1: left promiscuous mode
[ 1320.512649][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1320.531471][ T5133] usb 1-1: device descriptor read/8, error -71
[ 1320.658719][ T5133] usb usb1-port1: unable to enumerate USB device
[ 1321.326832][T23641] tmpfs: Bad value for 'mpol'
[ 1321.377141][T23650] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1321.388694][T23650] cramfs: wrong magic
[ 1322.037448][T17336] Bluetooth: hci0: command tx timeout
[ 1322.495117][ T5133] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[ 1322.698983][ T5133] usb 2-1: Using ep0 maxpacket: 8
[ 1322.725274][ T5133] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1322.775096][ T5133] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[ 1322.812234][ T5133] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[ 1322.837248][ T5133] usb 2-1: SerialNumber: syz
[ 1322.873179][ T5133] usb 2-1: config 0 descriptor??
[ 1322.904942][ T5133] usb 2-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[ 1322.912835][ T5133] usb 2-1: Failed to create links for entity 255
[ 1323.125853][T23666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4779'.
[ 1323.802180][ T5133] usb 2-1: Failed to register entities (-22).
[ 1323.812617][ T5133] usb 2-1: USB disconnect, device number 102
[ 1323.828799][T20507] udevd[20507]: setting owner of /dev/bus/usb/002/102 to uid=0, gid=0 failed: No such file or directory
[ 1323.953306][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1323.968561][   T29] audit: type=1326 audit(1719994014.916:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23669 comm="syz.0.4781" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27b9375b99 code=0x0
[ 1324.008406][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1324.026468][   T35] bond0 (unregistering): Released all slaves
[ 1324.062357][T23600] chnl_net:caif_netlink_parms(): no params data found
[ 1324.077604][T17336] Bluetooth: hci0: command tx timeout
[ 1324.614718][T23687] tmpfs: Bad value for 'nr_inodes'
[ 1324.716119][T23600] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1324.754234][T23600] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1324.780660][T23600] bridge_slave_0: entered allmulticast mode
[ 1324.818053][T23600] bridge_slave_0: entered promiscuous mode
[ 1324.874965][   T35] hsr_slave_0: left promiscuous mode
[ 1324.908048][   T35] hsr_slave_1: left promiscuous mode
[ 1325.090545][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1325.105975][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1325.147549][    T8] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1325.184317][T23699] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1325.195059][T23699] cramfs: wrong magic
[ 1325.885281][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1325.917738][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1326.059957][   T35] veth1_macvtap: left promiscuous mode
[ 1326.085070][   T35] veth0_macvtap: left promiscuous mode
[ 1326.101526][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 52, changing to 7
[ 1326.101643][   T35] veth1_vlan: left promiscuous mode
[ 1326.132566][   T29] audit: type=1326 audit(1719994017.076:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23705 comm="syz.1.4789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e26375b99 code=0x0
[ 1326.136348][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 9272, setting to 1024
[ 1326.157596][T17336] Bluetooth: hci0: command tx timeout
[ 1326.178611][    T8] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1326.201084][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.292459][    T8] usb 3-1: config 0 descriptor??
[ 1326.338097][T16521] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[ 1326.428530][T23717] tmpfs: Bad value for 'mpol'
[ 1326.559749][T16521] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[ 1326.580510][T16521] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[ 1326.609598][T16521] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1326.623626][T16521] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1326.635308][T16521] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.650475][T16521] usb 1-1: config 0 descriptor??
[ 1326.660300][T23703] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1327.841230][    T8] ath6kl: Failed to submit usb control message: -71
[ 1327.851017][T16521] plantronics 0003:047F:FFFF.001E: unknown main item tag 0xd
[ 1327.864223][    T8] ath6kl: unable to send the bmi data to the device: -71
[ 1327.874852][T16521] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving
[ 1327.883034][    T8] ath6kl: Unable to send get target info: -71
[ 1327.891363][    T8] ath6kl: Failed to init ath6kl core: -71
[ 1327.905388][    T8] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1327.917993][T16521] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1327.942638][    T8] usb 3-1: USB disconnect, device number 96
[ 1327.968551][T16521] usb 1-1: USB disconnect, device number 118
[ 1328.167569][   T29] audit: type=1326 audit(1719994019.076:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23732 comm="syz.1.4795" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e26375b99 code=0x0
[ 1329.001107][T23744] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1329.007700][T23744] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1329.043713][T23744] vhci_hcd vhci_hcd.0: Device attached
[ 1329.111064][T23753] net_ratelimit: 28 callbacks suppressed
[ 1329.111101][T23753] netlink: zone id is out of range
[ 1329.148586][T23753] netlink: zone id is out of range
[ 1329.164103][T23753] netlink: zone id is out of range
[ 1329.201496][T23753] netlink: zone id is out of range
[ 1329.216670][T23753] netlink: zone id is out of range
[ 1329.247760][T23753] netlink: zone id is out of range
[ 1329.253221][T23753] netlink: zone id is out of range
[ 1329.260066][T23753] netlink: zone id is out of range
[ 1329.277959][T23753] netlink: zone id is out of range
[ 1329.287857][T23753] netlink: zone id is out of range
[ 1329.365469][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1329.368948][T23751] tmpfs: Bad value for 'mpol'
[ 1329.453048][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1329.530811][T23747] vhci_hcd: connection closed
[ 1329.532850][ T8668] vhci_hcd: stop threads
[ 1329.556815][ T8668] vhci_hcd: release socket
[ 1329.567130][ T8668] vhci_hcd: disconnect device
[ 1330.253155][T23600] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1330.260600][T23600] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1330.272914][T23600] bridge_slave_1: entered allmulticast mode
[ 1330.283947][T23600] bridge_slave_1: entered promiscuous mode
[ 1330.457630][T23761] netlink: 'syz.1.4800': attribute type 6 has an invalid length.
[ 1330.510025][T19722] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1330.554928][T23774] netlink: 207496 bytes leftover after parsing attributes in process `syz.3.4804'.
[ 1330.569815][T23600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1330.627747][T23600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1330.664849][T23777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4805'.
[ 1330.671605][   T29] audit: type=1326 audit(1719994021.616:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23776 comm="syz.1.4806" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e26375b99 code=0x0
[ 1330.693402][T23777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4805'.
[ 1330.749164][T19722] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 52, changing to 7
[ 1330.785083][T19722] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 9272, setting to 1024
[ 1330.822617][T19722] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1331.291305][T23600] team0: Port device team_slave_0 added
[ 1331.602753][T23600] team0: Port device team_slave_1 added
[ 1331.753752][T19722] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1331.764519][T19722] usb 3-1: config 0 descriptor??
[ 1331.990084][T23600] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1332.012089][T23600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1332.043447][T23600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1332.092174][T23600] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1332.127586][T23600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1332.188088][T23600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1332.551686][T23600] hsr_slave_0: entered promiscuous mode
[ 1332.559393][T23600] hsr_slave_1: entered promiscuous mode
[ 1332.833530][T23817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4813'.
[ 1332.897531][T19722] ath6kl: Failed to submit usb control message: -110
[ 1332.948863][T23600] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1333.228554][T19722] ath6kl: unable to send the bmi data to the device: -110
[ 1333.235759][T19722] ath6kl: Unable to send get target info: -110
[ 1333.247626][T23600] Cannot create hsr debugfs directory
[ 1333.316160][T19722] ath6kl: Failed to init ath6kl core: -110
[ 1333.414836][T23798] tmpfs: Bad value for 'mpol'
[ 1333.424378][T19722] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 1333.464633][T23820] netlink: 'syz.2.4815': attribute type 6 has an invalid length.
[ 1333.475906][T19722] usb 3-1: USB disconnect, device number 97
[ 1334.704527][   T29] audit: type=1804 audit(1719994025.636:745): pid=23831 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.4817" name="/newroot/43/file1/bus/file1" dev="overlay" ino=264 res=1 errno=0
[ 1334.849569][T23836] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4819'.
[ 1334.864789][T23837] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1334.902115][T23836] FAULT_INJECTION: forcing a failure.
[ 1334.902115][T23836] name failslab, interval 1, probability 0, space 0, times 0
[ 1334.945444][T23836] CPU: 0 PID: 23836 Comm: syz.0.4819 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1334.955717][T23836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1334.965812][T23836] Call Trace:
[ 1334.969128][T23836]  <TASK>
[ 1334.972096][T23836]  dump_stack_lvl+0x241/0x360
[ 1334.976823][T23836]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1334.982042][T23836]  ? __pfx__printk+0x10/0x10
[ 1334.986653][T23836]  should_fail_ex+0x3b0/0x4e0
[ 1334.991346][T23836]  ? __alloc_skb+0x1c3/0x440
[ 1334.995952][T23836]  should_failslab+0x9/0x20
[ 1335.000466][T23836]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1335.006287][T23836]  __alloc_skb+0x1c3/0x440
[ 1335.010713][T23836]  ? __pfx_lock_release+0x10/0x10
[ 1335.015750][T23836]  ? __pfx___alloc_skb+0x10/0x10
[ 1335.020727][T23836]  ? __nla_parse+0x40/0x60
[ 1335.025162][T23836]  inet_rtm_getroute+0x82d/0x2d60
[ 1335.030199][T23836]  ? is_bpf_text_address+0x26/0x2a0
[ 1335.035411][T23836]  ? kernel_text_address+0xa7/0xe0
[ 1335.040541][T23836]  ? __kernel_text_address+0xd/0x40
[ 1335.045756][T23836]  ? arch_stack_walk+0x16d/0x1b0
[ 1335.050715][T23836]  ? __pfx_inet_rtm_getroute+0x10/0x10
[ 1335.056217][T23836]  ? rtnl_prop_list_size+0x1d1/0x1e0
[ 1335.061515][T23836]  ? do_syscall_64+0xf3/0x230
[ 1335.066231][T23836]  ? __pfx_inet_rtm_getroute+0x10/0x10
[ 1335.071699][T23836]  rtnetlink_rcv_msg+0x8f0/0x1180
[ 1335.076746][T23836]  ? rtnetlink_rcv_msg+0x208/0x1180
[ 1335.081964][T23836]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1335.087447][T23836]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1335.093435][T23836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1335.099772][T23836]  ? __local_bh_enable_ip+0x168/0x200
[ 1335.105150][T23836]  ? lockdep_hardirqs_on+0x99/0x150
[ 1335.110379][T23836]  ? __local_bh_enable_ip+0x168/0x200
[ 1335.115756][T23836]  ? dev_hard_start_xmit+0x773/0x7e0
[ 1335.121099][T23836]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1335.126220][T23836]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1335.131952][T23836]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1335.137076][T23836]  ? __dev_queue_xmit+0x16c9/0x3d30
[ 1335.142301][T23836]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1335.147438][T23836]  ? ref_tracker_free+0x643/0x7e0
[ 1335.152486][T23836]  netlink_rcv_skb+0x1e3/0x430
[ 1335.157276][T23836]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1335.162783][T23836]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1335.168097][T23836]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1335.173314][T23836]  netlink_unicast+0x7ea/0x980
[ 1335.178105][T23836]  ? __pfx_netlink_unicast+0x10/0x10
[ 1335.183401][T23836]  ? __virt_addr_valid+0x183/0x520
[ 1335.188546][T23836]  ? __check_object_size+0x49c/0x900
[ 1335.193842][T23836]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1335.198971][T23836]  netlink_sendmsg+0x8db/0xcb0
[ 1335.203758][T23836]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1335.209059][T23836]  ? __import_iovec+0x536/0x820
[ 1335.213930][T23836]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1335.219221][T23836]  ? security_socket_sendmsg+0x87/0xb0
[ 1335.224695][T23836]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1335.229992][T23836]  __sock_sendmsg+0x221/0x270
[ 1335.234682][T23836]  ____sys_sendmsg+0x525/0x7d0
[ 1335.239470][T23836]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1335.244801][T23836]  __sys_sendmsg+0x2b0/0x3a0
[ 1335.249409][T23836]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1335.254529][T23836]  ? vfs_write+0x7c4/0xc90
[ 1335.259001][T23836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1335.265337][T23836]  ? do_syscall_64+0x100/0x230
[ 1335.270122][T23836]  ? do_syscall_64+0xb6/0x230
[ 1335.274817][T23836]  do_syscall_64+0xf3/0x230
[ 1335.279340][T23836]  ? clear_bhb_loop+0x35/0x90
[ 1335.284039][T23836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1335.289946][T23836] RIP: 0033:0x7f27b9375b99
[ 1335.294377][T23836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1335.313997][T23836] RSP: 002b:00007f27ba17a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1335.322425][T23836] RAX: ffffffffffffffda RBX: 00007f27b9503f60 RCX: 00007f27b9375b99
[ 1335.330419][T23836] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[ 1335.338402][T23836] RBP: 00007f27ba17a0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1335.346469][T23836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1335.354444][T23836] R13: 000000000000000b R14: 00007f27b9503f60 R15: 00007ffc2669bbf8
[ 1335.362440][T23836]  </TASK>
[ 1336.407730][  T785] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 1336.433623][T23600] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1336.469218][T23600] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1336.509149][T23600] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1336.545605][T23600] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1336.640555][  T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 52, changing to 7
[ 1336.662273][  T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 9272, setting to 1024
[ 1336.694471][  T785] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1336.731337][  T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1336.762360][  T785] usb 4-1: config 0 descriptor??
[ 1337.046612][T23600] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1337.126133][T23600] 8021q: adding VLAN 0 to HW filter on device team0
[ 1337.137638][ T5164] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[ 1337.176401][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1337.183721][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1337.236023][ T5134] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1337.243334][ T5134] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1337.294680][T23885] tmpfs: Bad value for 'mpol'
[ 1337.341724][ T5164] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1337.366682][ T5164] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.413530][ T5164] usb 1-1: config 0 descriptor??
[ 1337.461290][T23600] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1337.661394][ T5164] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1337.702815][ T5164] asix 1-1:0.0: probe with driver asix failed with error -71
[ 1337.738726][ T5164] usb 1-1: USB disconnect, device number 119
[ 1337.843999][  T785] ath6kl: Failed to submit usb control message: -110
[ 1337.875791][  T785] ath6kl: unable to send the bmi data to the device: -110
[ 1337.926913][  T785] ath6kl: Unable to send get target info: -110
[ 1337.987594][  T785] ath6kl: Failed to init ath6kl core: -110
[ 1338.024337][  T785] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 1339.377961][  T785] usb 4-1: USB disconnect, device number 105
[ 1339.456768][T23600] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1340.593673][T23940] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1340.628886][T23945] overlayfs: missing 'lowerdir'
[ 1341.192936][T23600] veth0_vlan: entered promiscuous mode
[ 1341.271882][T23600] veth1_vlan: entered promiscuous mode
[ 1341.285441][T23944] tmpfs: Bad value for 'mpol'
[ 1341.431655][T23600] veth0_macvtap: entered promiscuous mode
[ 1341.507967][T23600] veth1_macvtap: entered promiscuous mode
[ 1341.650166][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1341.694764][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1341.740052][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1341.798641][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1341.834851][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1341.858085][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1341.885253][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1341.928539][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1341.979251][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1342.027804][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1342.049551][T23600] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1342.940209][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1342.979695][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1343.007360][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1343.041005][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1343.077531][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1343.107563][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1343.147413][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1343.171825][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1343.185560][T23600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1343.202490][T23600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1343.219279][T23600] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1343.283255][T23600] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1343.303461][T23600] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1343.322583][T23600] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1343.362456][T23600] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1343.406011][T17336] Bluetooth: hci1: SCO packet for unknown connection handle 200
[ 1343.609758][ T5133] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 1343.663657][ T2435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1343.700280][ T2435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1343.807873][ T5133] usb 1-1: Using ep0 maxpacket: 32
[ 1343.820294][ T5133] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1343.828673][ T2435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1343.837161][ T5133] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1343.862396][ T2435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1343.885416][ T5133] usb 1-1: config 0 descriptor??
[ 1343.906354][ T5133] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1343.914520][T24017] overlayfs: missing 'lowerdir'
[ 1344.285962][T24027] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4753'.
[ 1344.343746][T24027] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4753'.
[ 1344.478153][ T5133] gspca_nw80x: reg_w err -110
[ 1344.483078][ T5133] nw80x 1-1:0.0: probe with driver nw80x failed with error -110
[ 1345.702317][ T5133] usb 1-1: USB disconnect, device number 120
[ 1346.523984][T24042] tmpfs: Bad value for 'mpol'
[ 1346.752408][  T785] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1346.987449][  T785] usb 3-1: Using ep0 maxpacket: 16
[ 1346.999562][  T785] usb 3-1: config 8 has an invalid interface number: 88 but max is 2
[ 1347.015893][  T785] usb 3-1: config 8 has an invalid interface number: 101 but max is 2
[ 1347.037882][  T785] usb 3-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[ 1347.052848][  T785] usb 3-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[ 1347.069330][  T785] usb 3-1: config 8 has an invalid interface number: 182 but max is 2
[ 1347.090817][  T785] usb 3-1: config 8 has no interface number 0
[ 1347.102616][  T785] usb 3-1: config 8 has no interface number 1
[ 1347.116829][  T785] usb 3-1: config 8 has no interface number 2
[ 1347.132457][  T785] usb 3-1: config 8 interface 88 altsetting 3 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[ 1347.171065][  T785] usb 3-1: config 8 interface 88 altsetting 3 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1347.220799][  T785] usb 3-1: config 8 interface 88 altsetting 3 endpoint 0x5 has an invalid bInterval 105, changing to 10
[ 1347.289916][  T785] usb 3-1: config 8 interface 101 altsetting 3 endpoint 0xC has invalid maxpacket 512, setting to 64
[ 1347.306309][  T785] usb 3-1: config 8 interface 101 altsetting 3 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1347.346606][  T785] usb 3-1: config 8 interface 101 altsetting 3 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1347.400023][  T785] usb 3-1: config 8 interface 101 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[ 1347.456657][T24078] overlayfs: missing 'lowerdir'
[ 1347.465777][  T785] usb 3-1: config 8 interface 101 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[ 1347.556244][  T785] usb 3-1: config 8 interface 101 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1347.958033][T24081] ubi0: attaching mtd0
[ 1347.991825][T24081] ubi0: scanning is finished
[ 1348.404936][  T785] usb 3-1: config 8 interface 101 altsetting 3 has a duplicate endpoint with address 0xE, skipping
[ 1348.416232][  T785] usb 3-1: config 8 interface 101 altsetting 3 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1348.416244][T24081] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1348.416279][  T785] usb 3-1: config 8 interface 101 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1348.427502][T24081] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1348.434848][  T785] usb 3-1: config 8 interface 182 altsetting 8 has a duplicate endpoint with address 0x7, skipping
[ 1348.447372][T24081] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1348.471745][T24081] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 1348.473695][  T785] usb 3-1: config 8 interface 182 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[ 1348.479241][T24081] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1348.479266][T24081] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1348.479288][T24081] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 842012303
[ 1348.514932][T24081] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1348.526415][T24086] ubi0: background thread "ubi_bgt0d" started, PID 24086
[ 1348.577256][  T785] usb 3-1: config 8 interface 182 altsetting 8 has a duplicate endpoint with address 0x3, skipping
[ 1348.623177][  T785] usb 3-1: config 8 interface 182 altsetting 8 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 1348.639444][T24091] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1348.671524][  T785] usb 3-1: config 8 interface 182 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1348.719109][T24095] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4867'.
[ 1348.737422][  T785] usb 3-1: config 8 interface 88 has no altsetting 0
[ 1348.757487][T24095] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4867'.
[ 1348.766673][  T785] usb 3-1: config 8 interface 101 has no altsetting 0
[ 1348.800468][  T785] usb 3-1: config 8 interface 182 has no altsetting 0
[ 1348.835010][  T785] usb 3-1: string descriptor 0 read error: -71
[ 1348.852030][  T785] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=49.4f
[ 1348.879470][  T785] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1348.927829][  T785] usb 3-1: can't set config #8, error -71
[ 1348.964839][  T785] usb 3-1: USB disconnect, device number 98
[ 1351.507503][  T785] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1351.974050][T24125] tmpfs: Bad value for 'mpol'
[ 1352.478157][  T785] usb 3-1: device descriptor read/64, error -71
[ 1352.498295][T24136] netlink: 'syz.1.4875': attribute type 10 has an invalid length.
[ 1352.854268][T24143] net_ratelimit: 27 callbacks suppressed
[ 1352.854320][T24143] openvswitch: netlink: Key type 6406 is out of range max 32
[ 1353.527491][  T785] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1353.651187][T24146] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4877'.
[ 1353.714953][T24149] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4878'.
[ 1353.737972][T24149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4878'.
[ 1353.757950][  T785] usb 3-1: Using ep0 maxpacket: 32
[ 1353.775686][  T785] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1353.825927][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.039585][T24157] FAULT_INJECTION: forcing a failure.
[ 1354.039585][T24157] name failslab, interval 1, probability 0, space 0, times 0
[ 1354.210102][T24157] CPU: 1 PID: 24157 Comm: syz.1.4881 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1354.220328][T24157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1354.230513][T24157] Call Trace:
[ 1354.233824][T24157]  <TASK>
[ 1354.236803][T24157]  dump_stack_lvl+0x241/0x360
[ 1354.241528][T24157]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1354.246764][T24157]  ? __pfx__printk+0x10/0x10
[ 1354.251391][T24157]  ? __pfx___might_resched+0x10/0x10
[ 1354.256727][T24157]  should_fail_ex+0x3b0/0x4e0
[ 1354.261454][T24157]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1354.267212][T24157]  should_failslab+0x9/0x20
[ 1354.271748][T24157]  __kmalloc_noprof+0xd8/0x400
[ 1354.276574][T24157]  ? kfree+0x4e/0x360
[ 1354.280599][T24157]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1354.286288][T24157]  tomoyo_path_number_perm+0x23a/0x880
[ 1354.291803][T24157]  ? tomoyo_path_number_perm+0x208/0x880
[ 1354.297483][T24157]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1354.303566][T24157]  ? __fget_files+0x29/0x470
[ 1354.308190][T24157]  ? __fget_files+0x3f6/0x470
[ 1354.312898][T24157]  ? __fget_files+0x29/0x470
[ 1354.317525][T24157]  security_file_ioctl+0x75/0xb0
[ 1354.322518][T24157]  __se_sys_ioctl+0x47/0x170
[ 1354.327152][T24157]  do_syscall_64+0xf3/0x230
[ 1354.331701][T24157]  ? clear_bhb_loop+0x35/0x90
[ 1354.336422][T24157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1354.342365][T24157] RIP: 0033:0x7f2e26375b99
[ 1354.346811][T24157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1354.366460][T24157] RSP: 002b:00007f2e27120048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1354.374938][T24157] RAX: ffffffffffffffda RBX: 00007f2e26503f60 RCX: 00007f2e26375b99
[ 1354.382941][T24157] RDX: 0000000020001900 RSI: 000000000000541c RDI: 0000000000000004
[ 1354.390944][T24157] RBP: 00007f2e271200a0 R08: 0000000000000000 R09: 0000000000000000
[ 1354.398948][T24157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1354.406950][T24157] R13: 000000000000000b R14: 00007f2e26503f60 R15: 00007fff5f9a7a18
[ 1354.414984][T24157]  </TASK>
[ 1354.618972][T24157] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1354.703754][  T785] usb 3-1: config 0 descriptor??
[ 1354.723020][  T785] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1355.049151][ T5131] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 1355.258193][  T785] gspca_nw80x: reg_w err -110
[ 1355.270861][  T785] nw80x 3-1:0.0: probe with driver nw80x failed with error -110
[ 1355.292667][ T5131] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1355.326494][T24174] tmpfs: Bad value for 'mpol'
[ 1355.369961][ T5131] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1355.382995][  T785] usb 3-1: USB disconnect, device number 100
[ 1355.431975][ T5131] usb 1-1: config 0 descriptor??
[ 1355.749770][ T5131] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1355.904098][T24185] openvswitch: netlink: Key type 6406 is out of range max 32
[ 1356.121479][ T5131] asix 1-1:0.0: probe with driver asix failed with error -71
[ 1356.364806][ T5131] usb 1-1: USB disconnect, device number 121
[ 1356.816782][T24199] ubi: mtd0 is already attached to ubi0
[ 1356.856617][T24200] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4891'.
[ 1356.876959][T24200] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4891'.
[ 1357.690013][  T785] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[ 1357.924542][  T785] usb 4-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[ 1357.970435][  T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1358.008416][  T785] usb 4-1: config 0 descriptor??
[ 1358.242717][T24212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1358.285956][T24212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1358.325289][T24212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1358.372122][T24212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1358.415142][T24212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1358.458100][T24212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1358.504827][T24212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1358.546181][T24212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1358.614067][T24212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1358.650382][T24212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1358.761764][T24230] tmpfs: Bad value for 'mpol'
[ 1358.762354][  T785] hackrf 4-1:0.0: Board ID: 00
[ 1358.781684][  T785] hackrf 4-1:0.0: Firmware version: 
[ 1358.857883][  T785] hackrf 4-1:0.0: Registered as swradio16
[ 1358.952941][  T785] hackrf 4-1:0.0: Registered as swradio17
[ 1358.963066][  T785] hackrf 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[ 1358.991514][T24242] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4903'.
[ 1358.994012][  T785] usb 4-1: USB disconnect, device number 106
[ 1359.065857][T24242] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4903'.
[ 1359.216917][T24235] tmpfs: Bad value for 'mpol'
[ 1362.094670][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.101282][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.542226][T24271] FAULT_INJECTION: forcing a failure.
[ 1362.542226][T24271] name failslab, interval 1, probability 0, space 0, times 0
[ 1362.623470][T24271] CPU: 0 PID: 24271 Comm: syz.4.4910 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1362.633872][T24271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1362.643954][T24271] Call Trace:
[ 1362.647254][T24271]  <TASK>
[ 1362.650207][T24271]  dump_stack_lvl+0x241/0x360
[ 1362.654931][T24271]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1362.660172][T24271]  ? __pfx__printk+0x10/0x10
[ 1362.664816][T24271]  should_fail_ex+0x3b0/0x4e0
[ 1362.669537][T24271]  ? rtnl_newlink+0xf2/0x20a0
[ 1362.674254][T24271]  should_failslab+0x9/0x20
[ 1362.678800][T24271]  kmalloc_trace_noprof+0x6c/0x2c0
[ 1362.683955][T24271]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1362.689019][T24271]  rtnl_newlink+0xf2/0x20a0
[ 1362.693558][T24271]  ? __kernel_text_address+0xd/0x40
[ 1362.698852][T24271]  ? __mutex_trylock_common+0x183/0x2e0
[ 1362.704440][T24271]  ? __pfx___might_resched+0x10/0x10
[ 1362.709770][T24271]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1362.714835][T24271]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1362.720780][T24271]  ? rcu_is_watching+0x15/0xb0
[ 1362.725589][T24271]  ? trace_contention_end+0x3c/0x120
[ 1362.730957][T24271]  ? __mutex_lock+0x2ef/0xd70
[ 1362.735706][T24271]  ? rcu_read_unlock+0x87/0xa0
[ 1362.740563][T24271]  ? do_syscall_64+0xf3/0x230
[ 1362.745302][T24271]  ? rtnetlink_rcv_msg+0x842/0x1180
[ 1362.750548][T24271]  ? __pfx_lock_release+0x10/0x10
[ 1362.755621][T24271]  ? __pfx___mutex_lock+0x10/0x10
[ 1362.760707][T24271]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1362.765823][T24271]  rtnetlink_rcv_msg+0x89b/0x1180
[ 1362.770901][T24271]  ? rtnetlink_rcv_msg+0x208/0x1180
[ 1362.776153][T24271]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1362.781664][T24271]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1362.787689][T24271]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1362.794064][T24271]  ? __local_bh_enable_ip+0x168/0x200
[ 1362.799472][T24271]  ? lockdep_hardirqs_on+0x99/0x150
[ 1362.804733][T24271]  ? __local_bh_enable_ip+0x168/0x200
[ 1362.810164][T24271]  ? dev_hard_start_xmit+0x773/0x7e0
[ 1362.815506][T24271]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1362.820668][T24271]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1362.826435][T24271]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1362.831615][T24271]  ? __dev_queue_xmit+0x16c9/0x3d30
[ 1362.836967][T24271]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1362.842138][T24271]  ? ref_tracker_free+0x643/0x7e0
[ 1362.847222][T24271]  netlink_rcv_skb+0x1e3/0x430
[ 1362.852036][T24271]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1362.857556][T24271]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1362.862915][T24271]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1362.868164][T24271]  netlink_unicast+0x7ea/0x980
[ 1362.872978][T24271]  ? __pfx_netlink_unicast+0x10/0x10
[ 1362.878307][T24271]  ? __virt_addr_valid+0x183/0x520
[ 1362.883474][T24271]  ? __check_object_size+0x49c/0x900
[ 1362.888803][T24271]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1362.893967][T24271]  netlink_sendmsg+0x8db/0xcb0
[ 1362.898888][T24271]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1362.904227][T24271]  ? __import_iovec+0x536/0x820
[ 1362.909137][T24271]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1362.914487][T24271]  ? security_socket_sendmsg+0x87/0xb0
[ 1362.920006][T24271]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1362.925344][T24271]  __sock_sendmsg+0x221/0x270
[ 1362.930074][T24271]  ____sys_sendmsg+0x525/0x7d0
[ 1362.934902][T24271]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1362.940248][T24271]  __sys_sendmsg+0x2b0/0x3a0
[ 1362.944888][T24271]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1362.950048][T24271]  ? vfs_write+0x7c4/0xc90
[ 1362.954575][T24271]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1362.960946][T24271]  ? do_syscall_64+0x100/0x230
[ 1362.965767][T24271]  ? do_syscall_64+0xb6/0x230
[ 1362.970498][T24271]  do_syscall_64+0xf3/0x230
[ 1362.975059][T24271]  ? clear_bhb_loop+0x35/0x90
[ 1362.979801][T24271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.985747][T24271] RIP: 0033:0x7faa97f75b99
[ 1362.990221][T24271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1363.009999][T24271] RSP: 002b:00007faa98c88048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1363.018476][T24271] RAX: ffffffffffffffda RBX: 00007faa98103f60 RCX: 00007faa97f75b99
[ 1363.026497][T24271] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003
[ 1363.034500][T24271] RBP: 00007faa98c880a0 R08: 0000000000000000 R09: 0000000000000000
[ 1363.042490][T24271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1363.050477][T24271] R13: 000000000000000b R14: 00007faa98103f60 R15: 00007fff1f53c328
[ 1363.058489][T24271]  </TASK>
[ 1363.276847][T24294] fuse: Bad value for 'user_id'
[ 1363.317713][T24293] tmpfs: Bad value for 'mpol'
[ 1363.547463][    T8] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1363.629471][T24297] netlink: 1032 bytes leftover after parsing attributes in process `syz.3.4919'.
[ 1363.760104][    T8] usb 3-1: config 16 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[ 1363.790460][    T8] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1363.832706][    T8] usb 3-1: config 16 has no interfaces?
[ 1363.858544][    T8] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[ 1363.887576][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1364.867758][ T1108] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1366.175039][ T5086] Bluetooth: hci1: SCO packet for unknown connection handle 200
[ 1366.214204][T24336] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4929'.
[ 1366.263931][T24336] FAULT_INJECTION: forcing a failure.
[ 1366.263931][T24336] name failslab, interval 1, probability 0, space 0, times 0
[ 1366.287890][T24336] CPU: 0 PID: 24336 Comm: syz.0.4929 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1366.298115][T24336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1366.308190][T24336] Call Trace:
[ 1366.311510][T24336]  <TASK>
[ 1366.314471][T24336]  dump_stack_lvl+0x241/0x360
[ 1366.319200][T24336]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1366.324438][T24336]  ? __pfx__printk+0x10/0x10
[ 1366.329078][T24336]  ? __pfx___might_resched+0x10/0x10
[ 1366.334411][T24336]  should_fail_ex+0x3b0/0x4e0
[ 1366.339139][T24336]  should_failslab+0x9/0x20
[ 1366.343686][T24336]  kmalloc_node_track_caller_noprof+0xda/0x440
[ 1366.349881][T24336]  ? __request_module+0x2d5/0x650
[ 1366.354946][T24336]  ? __request_module+0x2b9/0x650
[ 1366.360010][T24336]  kstrdup+0x3a/0x80
[ 1366.363937][T24336]  __request_module+0x2d5/0x650
[ 1366.368825][T24336]  ? __pfx___request_module+0x10/0x10
[ 1366.374215][T24336]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1366.380233][T24336]  ? __asan_memset+0x23/0x50
[ 1366.384838][T24336]  ? nla_strscpy+0x113/0x180
[ 1366.389473][T24336]  rtnl_newlink+0xaa7/0x20a0
[ 1366.394091][T24336]  ? rtnl_newlink+0xb01/0x20a0
[ 1366.398891][T24336]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1366.403931][T24336]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1366.409854][T24336]  ? rcu_is_watching+0x15/0xb0
[ 1366.414633][T24336]  ? trace_contention_end+0x3c/0x120
[ 1366.419939][T24336]  ? __mutex_lock+0x2ef/0xd70
[ 1366.424637][T24336]  ? __pfx_lock_release+0x10/0x10
[ 1366.429694][T24336]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1366.434733][T24336]  rtnetlink_rcv_msg+0x89b/0x1180
[ 1366.439782][T24336]  ? rtnetlink_rcv_msg+0x208/0x1180
[ 1366.445001][T24336]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1366.450482][T24336]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1366.456473][T24336]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1366.462815][T24336]  ? __local_bh_enable_ip+0x168/0x200
[ 1366.468205][T24336]  ? lockdep_hardirqs_on+0x99/0x150
[ 1366.473430][T24336]  ? __local_bh_enable_ip+0x168/0x200
[ 1366.478824][T24336]  ? dev_hard_start_xmit+0x773/0x7e0
[ 1366.484125][T24336]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1366.489340][T24336]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1366.495078][T24336]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1366.500208][T24336]  ? __dev_queue_xmit+0x16c9/0x3d30
[ 1366.505418][T24336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1366.511515][T24336]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1366.516654][T24336]  ? ref_tracker_free+0x643/0x7e0
[ 1366.521710][T24336]  netlink_rcv_skb+0x1e3/0x430
[ 1366.526490][T24336]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1366.531978][T24336]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1366.537308][T24336]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1366.542537][T24336]  netlink_unicast+0x7ea/0x980
[ 1366.547330][T24336]  ? __pfx_netlink_unicast+0x10/0x10
[ 1366.552637][T24336]  ? __virt_addr_valid+0x183/0x520
[ 1366.557786][T24336]  ? __check_object_size+0x49c/0x900
[ 1366.563104][T24336]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1366.568235][T24336]  netlink_sendmsg+0x8db/0xcb0
[ 1366.573027][T24336]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1366.578343][T24336]  ? __mutex_trylock_common+0x183/0x2e0
[ 1366.583939][T24336]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1366.589334][T24336]  ? security_socket_sendmsg+0x87/0xb0
[ 1366.594841][T24336]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1366.600152][T24336]  __sock_sendmsg+0x221/0x270
[ 1366.604851][T24336]  sock_sendmsg+0x134/0x200
[ 1366.609374][T24336]  ? __pfx_sock_sendmsg+0x10/0x10
[ 1366.614443][T24336]  ? iov_iter_bvec+0x4e/0x180
[ 1366.619135][T24336]  splice_to_socket+0xa13/0x10b0
[ 1366.624128][T24336]  ? __pfx_splice_to_socket+0x10/0x10
[ 1366.629538][T24336]  ? __lock_acquire+0x1346/0x1fd0
[ 1366.634593][T24336]  ? bpf_lsm_file_permission+0x9/0x10
[ 1366.639979][T24336]  ? security_file_permission+0x7f/0xa0
[ 1366.645537][T24336]  ? rw_verify_area+0x1d2/0x6b0
[ 1366.650411][T24336]  ? __pfx_splice_to_socket+0x10/0x10
[ 1366.655814][T24336]  do_splice+0xd77/0x1900
[ 1366.660167][T24336]  ? __pfx_lock_release+0x10/0x10
[ 1366.665198][T24336]  ? vfs_write+0x7c4/0xc90
[ 1366.669635][T24336]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1366.675372][T24336]  ? pipe_clear_nowait+0x196/0x220
[ 1366.680538][T24336]  ? __pfx_do_splice+0x10/0x10
[ 1366.685329][T24336]  __se_sys_splice+0x331/0x4a0
[ 1366.690139][T24336]  ? __pfx___se_sys_splice+0x10/0x10
[ 1366.695444][T24336]  ? do_syscall_64+0x100/0x230
[ 1366.700229][T24336]  ? __x64_sys_splice+0x21/0xf0
[ 1366.705111][T24336]  do_syscall_64+0xf3/0x230
[ 1366.709638][T24336]  ? clear_bhb_loop+0x35/0x90
[ 1366.714427][T24336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1366.720340][T24336] RIP: 0033:0x7f27b9375b99
[ 1366.724766][T24336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1366.744476][T24336] RSP: 002b:00007f27ba159048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[ 1366.752908][T24336] RAX: ffffffffffffffda RBX: 00007f27b9504038 RCX: 00007f27b9375b99
[ 1366.760915][T24336] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[ 1366.768912][T24336] RBP: 00007f27ba1590a0 R08: 000000000004ffe6 R09: 0000000000000000
[ 1366.776907][T24336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1366.784913][T24336] R13: 000000000000006e R14: 00007f27b9504038 R15: 00007ffc2669bbf8
[ 1366.792937][T24336]  </TASK>
[ 1366.878323][ T5086] Bluetooth: hci3: command 0x1003 tx timeout
[ 1366.894718][T24004] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1366.982521][ T5164] usb 3-1: USB disconnect, device number 101
[ 1368.315483][T24349] tmpfs: Bad value for 'mpol'
[ 1368.700279][  T785] usb 2-1: new high-speed USB device number 103 using dummy_hcd
[ 1368.917539][  T785] usb 2-1: Using ep0 maxpacket: 8
[ 1368.938437][  T785] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1368.949962][  T785] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1368.984377][  T785] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1369.000705][  T785] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1369.013584][  T785] usb 2-1: Product: syz
[ 1369.040755][  T785] usb 2-1: Manufacturer: syz
[ 1369.054550][  T785] usb 2-1: SerialNumber: syz
[ 1369.303393][T24004] Bluetooth: hci2: unknown advertising packet type: 0x65
[ 1369.303448][T24004] Bluetooth: hci2: Malformed LE Event: 0x02
[ 1369.329266][  T785] usb 2-1: invalid UAC_HEADER (v1)
[ 1369.396301][  T785] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1369.413414][  T785] usb 2-1: USB disconnect, device number 103
[ 1369.438888][T24388] fuse: Bad value for 'user_id'
[ 1369.508059][T24392] netlink: 'syz.4.4948': attribute type 6 has an invalid length.
[ 1370.531847][T20507] udevd[20507]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1370.879682][T24405] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1370.886284][T24405] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1370.924533][T24405] vhci_hcd vhci_hcd.0: Device attached
[ 1370.936333][T24411] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1370.989410][T24405] netlink: zone id is out of range
[ 1370.996479][T24411] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1371.016255][T24405] netlink: zone id is out of range
[ 1371.045601][T24405] netlink: zone id is out of range
[ 1371.061534][T24004] Bluetooth: Unexpected start frame (len 18)
[ 1371.069130][T24405] netlink: zone id is out of range
[ 1371.069763][T24004] Bluetooth: Wrong link type (-71)
[ 1371.097744][T24402] tmpfs: Bad value for 'mpol'
[ 1371.108137][T24405] netlink: zone id is out of range
[ 1371.134504][T24405] netlink: zone id is out of range
[ 1371.187700][T24405] netlink: zone id is out of range
[ 1371.208211][ T5126] usb 11-1: new high-speed USB device number 6 using vhci_hcd
[ 1371.215890][T24405] netlink: zone id is out of range
[ 1371.235636][T24405] netlink: zone id is out of range
[ 1371.267470][T24405] netlink: zone id is out of range
[ 1371.312564][T24408] vhci_hcd: connection reset by peer
[ 1371.326472][   T11] vhci_hcd: stop threads
[ 1371.343263][   T11] vhci_hcd: release socket
[ 1371.352953][   T11] vhci_hcd: disconnect device
[ 1371.835704][T24426] page: refcount:4 mapcount:1 mapping:ffff88806f3d3eb8 index:0x0 pfn:0x738b3
[ 1371.846441][T24426] memcg:ffff88807eb02000
[ 1371.850713][T24426] aops:shmem_aops ino:658
[ 1371.855077][T24426] flags: 0xfff00000040029(locked|uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[ 1371.864918][T24426] raw: 00fff00000040029 ffffea000153fd88 ffffea0001080708 ffff88806f3d3eb8
[ 1371.873533][T24426] raw: 0000000000000000 0000000000000000 0000000400000000 ffff88807eb02000
[ 1371.882138][T24426] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[ 1371.889469][T24426] page_owner tracks the page as allocated
[ 1371.896999][T24426] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 24429, tgid 24426 (syz.3.4957), ts 1371742434288, free_ts 1371545633384
[ 1371.914168][T24426]  post_alloc_hook+0x1f3/0x230
[ 1371.918987][T24426]  get_page_from_freelist+0x2e4c/0x2f10
[ 1371.924578][T24426]  __alloc_pages_noprof+0x256/0x6c0
[ 1371.929816][T24426]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1371.935311][T24426]  shmem_alloc_and_add_folio+0x24d/0xdb0
[ 1371.941031][T24426]  shmem_get_folio_gfp+0x82d/0x1f50
[ 1371.946271][T24426]  shmem_read_mapping_page_gfp+0xda/0x350
[ 1371.952033][T24426]  udmabuf_create+0x510/0xa10
[ 1371.956748][T24426]  udmabuf_ioctl+0x304/0x4f0
[ 1371.961398][T24426]  __se_sys_ioctl+0xfc/0x170
[ 1371.966029][T24426]  do_syscall_64+0xf3/0x230
[ 1371.970573][T24426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1371.976507][T24426] page last free pid 23600 tgid 23600 stack trace:
[ 1371.983033][T24426]  free_unref_folios+0xf12/0x19c0
[ 1371.988094][T24426]  folios_put_refs+0x93a/0xa60
[ 1371.992995][T24426]  shmem_undo_range+0x6de/0x1df0
[ 1371.997981][T24426]  shmem_evict_inode+0x29b/0xa60
[ 1372.003048][T24426]  evict+0x2a8/0x630
[ 1372.007000][T24426]  do_unlinkat+0x512/0x830
[ 1372.011504][T24426]  __x64_sys_unlink+0x49/0x60
[ 1372.016178][T24426]  do_syscall_64+0xf3/0x230
[ 1372.020686][T24426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.026711][T24426] ------------[ cut here ]------------
[ 1372.032183][T24426] kernel BUG at mm/filemap.c:162!
[ 1372.037257][T24426] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[ 1372.044230][T24426] CPU: 1 PID: 24426 Comm: syz.3.4957 Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1372.054405][T24426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1372.064486][T24426] RIP: 0010:filemap_unaccount_folio+0x85d/0xe90
[ 1372.070770][T24426] Code: 25 ff 0f 00 00 0f 84 f0 00 00 00 e8 0d 84 ca ff e9 1c f8 ff ff e8 03 84 ca ff 4c 89 ef 48 c7 c6 20 94 d3 8b e8 24 6e 11 00 90 <0f> 0b e8 ec 83 ca ff 4c 89 ef 48 c7 c6 60 95 d3 8b e8 0d 6e 11 00
[ 1372.090428][T24426] RSP: 0018:ffffc9000b2d7558 EFLAGS: 00010046
[ 1372.096522][T24426] RAX: d015c94a1ed63600 RBX: 0000000000000000 RCX: ffffc9000b2d7103
[ 1372.104556][T24426] RDX: 0000000000000002 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f1580
[ 1372.112553][T24426] RBP: 0000000000000001 R08: ffffffff8fac216f R09: 1ffffffff1f5842d
[ 1372.120549][T24426] R10: dffffc0000000000 R11: fffffbfff1f5842e R12: 1ffffd400039c598
[ 1372.128543][T24426] R13: ffffea0001ce2cc0 R14: 1ffffd400039c599 R15: ffffea0001ce2cc8
[ 1372.136539][T24426] FS:  0000555594057500(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 1372.145485][T24426] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1372.152087][T24426] CR2: 000000110c36bcbb CR3: 000000004f4ae000 CR4: 00000000003506f0
[ 1372.160078][T24426] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1372.168068][T24426] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1372.176078][T24426] Call Trace:
[ 1372.179377][T24426]  <TASK>
[ 1372.182332][T24426]  ? __die_body+0x88/0xe0
[ 1372.186697][T24426]  ? die+0xcf/0x110
[ 1372.190544][T24426]  ? do_trap+0x15a/0x3a0
[ 1372.194818][T24426]  ? filemap_unaccount_folio+0x85d/0xe90
[ 1372.200482][T24426]  ? do_error_trap+0x1dc/0x2c0
[ 1372.205272][T24426]  ? filemap_unaccount_folio+0x85d/0xe90
[ 1372.210947][T24426]  ? __pfx_do_error_trap+0x10/0x10
[ 1372.216088][T24426]  ? report_bug+0x3cd/0x500
[ 1372.220627][T24426]  ? handle_invalid_op+0x34/0x40
[ 1372.225588][T24426]  ? filemap_unaccount_folio+0x85d/0xe90
[ 1372.231248][T24426]  ? exc_invalid_op+0x38/0x50
[ 1372.235948][T24426]  ? asm_exc_invalid_op+0x1a/0x20
[ 1372.241008][T24426]  ? filemap_unaccount_folio+0x85d/0xe90
[ 1372.246673][T24426]  ? filemap_unaccount_folio+0x85c/0xe90
[ 1372.252333][T24426]  ? rcu_is_watching+0x15/0xb0
[ 1372.257125][T24426]  __filemap_remove_folio+0xc4/0x9e0
[ 1372.262443][T24426]  ? __pfx___filemap_remove_folio+0x10/0x10
[ 1372.268362][T24426]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1372.273505][T24426]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 1372.279092][T24426]  filemap_remove_folio+0x109/0x2e0
[ 1372.284329][T24426]  truncate_inode_folio+0x5d/0x70
[ 1372.289382][T24426]  shmem_undo_range+0x45d/0x1df0
[ 1372.294358][T24426]  ? __pfx_validate_chain+0x10/0x10
[ 1372.299627][T24426]  ? __pfx_shmem_undo_range+0x10/0x10
[ 1372.305063][T24426]  ? inode_wait_for_writeback+0x224/0x290
[ 1372.310818][T24426]  ? __pfx_lock_release+0x10/0x10
[ 1372.315846][T24426]  ? do_raw_spin_lock+0x14f/0x370
[ 1372.320880][T24426]  shmem_evict_inode+0x29b/0xa60
[ 1372.325819][T24426]  ? inode_wait_for_writeback+0x224/0x290
[ 1372.331550][T24426]  ? __pfx_shmem_evict_inode+0x10/0x10
[ 1372.337039][T24426]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[ 1372.343125][T24426]  ? __pfx_wake_bit_function+0x10/0x10
[ 1372.348585][T24426]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1372.353793][T24426]  ? __pfx_shmem_evict_inode+0x10/0x10
[ 1372.359259][T24426]  evict+0x2a8/0x630
[ 1372.363187][T24426]  __dentry_kill+0x20d/0x630
[ 1372.367794][T24426]  ? dput+0x37/0x2b0
[ 1372.371692][T24426]  dput+0x19f/0x2b0
[ 1372.375510][T24426]  __fput+0x5f8/0x8a0
[ 1372.379526][T24426]  task_work_run+0x24f/0x310
[ 1372.384141][T24426]  ? __pfx_task_work_run+0x10/0x10
[ 1372.389274][T24426]  ? syscall_exit_to_user_mode+0xa3/0x360
[ 1372.395009][T24426]  syscall_exit_to_user_mode+0x168/0x360
[ 1372.400663][T24426]  do_syscall_64+0x100/0x230
[ 1372.405271][T24426]  ? clear_bhb_loop+0x35/0x90
[ 1372.409979][T24426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.415878][T24426] RIP: 0033:0x7fc967375b99
[ 1372.420289][T24426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1372.439907][T24426] RSP: 002b:00007fffd7c064a8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1372.448332][T24426] RAX: 0000000000000000 RBX: 00007fc967505a60 RCX: 00007fc967375b99
[ 1372.456306][T24426] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1372.464304][T24426] RBP: 00007fc967505a60 R08: 0000000000000006 R09: 0000001ed7c067df
[ 1372.472276][T24426] R10: 00000000003ffbe0 R11: 0000000000000246 R12: 000000000014f138
[ 1372.480260][T24426] R13: 0000000000000032 R14: 00007fc967505a60 R15: 00007fc967504038
[ 1372.488262][T24426]  </TASK>
[ 1372.491278][T24426] Modules linked in:
[ 1372.495205][T24426] ---[ end trace 0000000000000000 ]---
[ 1372.500652][T24426] RIP: 0010:filemap_unaccount_folio+0x85d/0xe90
[ 1372.506922][T24426] Code: 25 ff 0f 00 00 0f 84 f0 00 00 00 e8 0d 84 ca ff e9 1c f8 ff ff e8 03 84 ca ff 4c 89 ef 48 c7 c6 20 94 d3 8b e8 24 6e 11 00 90 <0f> 0b e8 ec 83 ca ff 4c 89 ef 48 c7 c6 60 95 d3 8b e8 0d 6e 11 00
[ 1372.526568][T24426] RSP: 0018:ffffc9000b2d7558 EFLAGS: 00010046
[ 1372.532658][T24426] RAX: d015c94a1ed63600 RBX: 0000000000000000 RCX: ffffc9000b2d7103
[ 1372.540630][T24426] RDX: 0000000000000002 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f1580
[ 1372.548603][T24426] RBP: 0000000000000001 R08: ffffffff8fac216f R09: 1ffffffff1f5842d
[ 1372.556582][T24426] R10: dffffc0000000000 R11: fffffbfff1f5842e R12: 1ffffd400039c598
[ 1372.564599][T24426] R13: ffffea0001ce2cc0 R14: 1ffffd400039c599 R15: ffffea0001ce2cc8
[ 1372.572575][T24426] FS:  0000555594057500(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 1372.581515][T24426] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1372.588119][T24426] CR2: 000000110c36bcbb CR3: 000000004f4ae000 CR4: 00000000003506f0
[ 1372.596119][T24426] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1372.604101][T24426] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1372.612079][T24426] Kernel panic - not syncing: Fatal exception
[ 1372.618480][T24426] Kernel Offset: disabled
[ 1372.622890][T24426] Rebooting in 86400 seconds..