last executing test programs:

13.910107665s ago: executing program 3 (id=931):
r0 = syz_io_uring_setup(0x6af, &(0x7f0000000000)={0x0, 0x6a3f, 0x200, 0x1, 0x1b4}, &(0x7f0000000080), &(0x7f00000000c0))
syz_io_uring_setup(0x2e6a, &(0x7f0000000100)={0x0, 0x69ef, 0x10, 0x0, 0x234, 0x0, r0}, &(0x7f0000000180), &(0x7f00000001c0))
r1 = openat$dlm_control(0xffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0xac, r2, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "0128b7b391ca654b0e092091e90123e2e24c2f3f91439a40"}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "0976f8a4f0f21b568167115dacfd167c9af09c3829922451"}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}], @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0xac}, 0x1, 0x0, 0x0, 0x18010}, 0x18090)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r1, 0x7a9, &(0x7f0000000440)={{@local, 0xfffffffa}, 0x4ae, 0x3, 0x33cf, 0x4fc, 0x5, 0x9, 0x7, 0xc000000000000000})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000600)={&(0x7f00000004c0)={0x110, r2, 0x8, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0x66}}}}, [@NL80211_ATTR_SCAN_SSIDS={0x6c, 0x2d, 0x0, 0x1, [{0x15, 0x0, @random="1b26f3eda39a5a28f2a51f36d8766c1177"}, {0x6, 0x0, @random="a2f6"}, {0x12, 0x0, @random="e42ba0c2c614ac6e9b48ef18c1f1"}, {0x9, 0x0, @random="417c439901"}, {0x1c, 0x0, @random="5248c45080e3a9418e3ece50e00f1ecd23df59ba99515904"}, {0xa, 0x0, @default_ap_ssid}]}, @NL80211_ATTR_IE={0x77, 0x2a, [@preq={0x82, 0x46, {{0x0, 0x0, 0x1}, 0x1, 0x1, 0x0, @device_a, 0x3, @void, 0x6, 0x8da8, 0x4, [{{0x0, 0x0, 0x1}, @device_a, 0x7}, {{0x1}, @broadcast, 0x4}, {{0x0, 0x0, 0x1}, @device_a, 0xf}, {{0x0, 0x0, 0x1}, @device_b, 0x40}]}}, @link_id={0x65, 0x12, {@random="97a30226d77e", @device_b, @device_b}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x4, 0xa9, 0x2}}, @supported_rates={0x1, 0x7, [{0x2, 0x1}, {0x16, 0x1}, {0x12, 0x1}, {0x6, 0x1}, {0x30}, {0xc, 0x1}, {0x14}]}, @cf={0x4, 0x6, {0x0, 0x8, 0x9, 0x4000}}]}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x3ff}]}, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x44091)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000006c0), r1)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r1, &(0x7f0000000800)={&(0x7f0000000680), 0xc, &(0x7f00000007c0)={&(0x7f0000000700)={0xb0, r4, 0x300, 0x70bd2a, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x16, 0x401}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x6}, {0x8, 0xb, 0xffffffff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x5}}, {0x8, 0xb, 0xf8a}, {0x6, 0x16, 0x5}, {0x5}, {0x6, 0x11, 0xaa}, {0x8, 0xb, 0x80}}]}, 0xb0}}, 0x40084)
syz_open_dev$vbi(&(0x7f0000000840), 0x3, 0x2)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000880), &(0x7f00000008c0)=0x14)
ioctl$TCSBRK(r1, 0x5409, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000900))
r5 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000ac0)={@cgroup=<r6=>r1, 0x13, 0x1, 0x1, &(0x7f00000009c0)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0}, 0x40)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000b40)={0x200, <r8=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b00)={@map=r1, r5, 0x26, 0x3a, r1, @void, @void, @void, @value=r8, r7}, 0x20)
ioctl$INCFS_IOC_CREATE_FILE(r6, 0xc058671e, &(0x7f0000000e80)={{'\x00', 0x2}, {0x5}, 0x1, 0x0, 0x0, &(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00)="253748a5181895823899ff719e5185f1986980b14b5a0dd0180c768049141c295d96536f2b328f2f2f858e76b72882ea53393ebdbd9353144f3dbb51c6abe836a25af886d011a91aa11fe30c53a099b67e5d9f43c40c5c7a8070ed9b385d826b992ab0510cdbe18da27bc488d406146dd193d422d48fc308ed027388e995c8217d4fe1c2e61ea60949236490b18cf263e72b5dadb5e32c277021993c8be78d29fbfd5d9362c6e28c187d0ea6ae0bfc59f857cc3e9df703bb6a8d177a2c6e0b15a244d0e1d5c8dda3cd7aa12a07fe9201e71d5b77b9261fb6b44a964bebd1447069380e6b16650e9ccac37c9d914c40f8d571", 0xf2, 0x0, &(0x7f0000000d00)={0x2, 0xef, {0x0, 0xc, 0x73, "6ff31abfacb613aa8c8a79f62b44e443cc0743d400e07aafeaf22219d361773b6687b4d34e63fa4d509d02d0e427ffcacc3771a3bc35f18115f9cc1355ccff0d4d7cd75f1e502c7df1f0b1a2d12dae8b7c5f6b6b29d877cfa455efdbf80e7e0e783fdbc8fbb7d35b0a685ebc875cd7b142ef0e", 0x6f, "6fdcf596e2f8c169cf6c74ab8dcbee5da30ed13a3a1e9e0e006b02019ece96fb0d4761ee0248b4efcd77cefb952c5767b02f3cb8b71f85fefbc879db08ead1859d6dc5bb7df69d45cb27176324978e85dcc9089164af36dfd1107e373eb51fc3480ce4bdfd0607da7941478ef6bbce"}, 0x55, "711c96fec30441f7d7cf2a817a3a91fb0994f367a880c45c48cccc1349755728bee77249d2f4641da39dc3cc80eb6179b3fbaf8a15f06b70e20390efaae6077875ee09e895e2dbb85adfa5956bf38218800e69dce0"}, 0x150})
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000f00)={0x4, @multicast2, 0x4e22, 0x2, 'lc\x00', 0x2, 0x2, 0x1a}, 0x2c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000f40), &(0x7f0000000f80)=0x4)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r9 = openat$ptmx(0xffffff9c, &(0x7f0000000fc0), 0x505800, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r9, 0x541c, &(0x7f0000001000))
syz_genetlink_get_family_id$nl80211(&(0x7f0000001040), r1)
r10 = syz_genetlink_get_family_id$fou(&(0x7f00000010c0), r1)
sendmsg$FOU_CMD_GET(r1, &(0x7f00000011c0)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001180)={&(0x7f0000001100)={0x58, r10, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast1}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @rand_addr=' \x01\x00'}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x240008c4}, 0x40080)
syz_open_pts(r9, 0x92200)
io_uring_enter(0xffffffffffffffff, 0x2366, 0x2d66, 0x9, &(0x7f0000001240)={[0xe9]}, 0x8)

13.651225954s ago: executing program 3 (id=933):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xffffffffffffffff)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x20000004})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
epoll_pwait(r3, &(0x7f0000000300), 0x1, 0xfffffffc, 0x0, 0xfffffffffffffff6)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000140)={0x7, 0x0, 0x0, 0xffff})
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000000)={0x0, 0x34325842, 0x0, @discrete={0x1, 0x900}})

12.745492747s ago: executing program 3 (id=935):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x13, r0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc})
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r3, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r2, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x1, &(0x7f0000000700)="85", 0x1})

12.533424081s ago: executing program 3 (id=937):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=ANY=[@ANYBLOB="02000000040000000400000022bf000000040000", @ANYRES32, @ANYBLOB="fc09000020d4ca07daf8ff010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mmap(&(0x7f0000fa2000/0x4000)=nil, 0x4000, 0x0, 0x82011, r0, 0x49e1a000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0) (async)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async, rerun: 32)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) (rerun: 32)
syz_emit_ethernet(0xfdef, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async, rerun: 64)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 64)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) (async, rerun: 64)
syz_open_procfs(0x0, 0x0) (async, rerun: 64)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, 0x0, 0x0) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
signalfd4(r1, 0x0, 0x0, 0x0) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4) (async, rerun: 64)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) (async, rerun: 64)
write$binfmt_script(r3, &(0x7f0000000080), 0x76e5467)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, 0x0)
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f0000000200))
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000280)=ANY=[], 0x8) (async)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r5 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140))
syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0xa3d, 0x0, 0x0, 0x0, 0xff39) (async)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, 0x0, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x841, &(0x7f000005ffe4)={0xa, 0x4e21, 0xfffffffe, @mcast1}, 0x1c)
socket(0x10, 0x0, 0x0) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)

12.423994091s ago: executing program 3 (id=938):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x490420}}, 0x50) (async)
syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
chdir(&(0x7f00000000c0)='./file0\x00') (async)
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
syz_fuse_handle_req(r1, &(0x7f0000006340)="7c7a6a069306f2c5ddf91f36944f207a1bd11284b4445fa3507bbc5def2e6fec4bb7c6001eafe381e277221f30085acd5d0c251f7c60c23874c04db6aa516f773dd2e57e746d1a085193c8b7664fceb1fe764d87f4395c66e5d4eee443a555692ebe80f3a11b8be74963f1a18c1d0cd71dec65e609e065e14615d2e8b283e55b4aa8b485f81ce52443d61fac9f08cf34f2997c05a63f98f988cfcea9a5650b37dff5817e5033b3912c226bd9bf68b528dec710584242fbdcf7dd0d55e394d3742039e6960bb589fb9ba18ac8e9e82cdbd08e9b584d0a8224cae3e9dd91e25699549007dc0d99165a73cda1c99fc48f6bfdb900c60e4481222505c58cc1108fbaf317d361d1f2d78f6db6e14b283ca9f1927f4f8a0f6f52818be03c7b257aec57f06a0a4279131a2bb0a13b23ab188ea50a686abb2f7e4d0f7a166f358e4cb886b7fbdf51cd9a153410dcc4cc5db7e8e94cc9ba2371a328480ad20f51d7fa012f367a0a8f9c882c47b5f714f0e1b35f72b2261989513c1428d648aa8ab8c12c87dfea38d5be0d49097fce804c9cd2ac8f61b68579853129351e3bcdbdae3371d2b12a150d94b3097161c226c50a1d2c1f8b4c10a986e21dbbb854ad1d26d0ce5d950835d14664ee8f58c537f5256b761b4707fe8d46cc1658798d285310a1cff127b1280cab3f1f633569391d5a7cc08aa1d108b93c38df397d90bbb81753930934df7dcaf8f960dff660fe239aa15cf48872668cacf4d664dc0809fe9d780ab202c3a968abb56655267c907eb3343809b2407105a5c14d53a3b17a9a1552314d27e13daf48a2bb7b2c9fc15aba9ae1d6325c11fbe8432c067efa72878ca56c6463b6cf4d29646905422908a4a1f7741d0049febed4fc2b7cc27154031e50a0ab297826383935bef6a0f968db92128e8a940509b5368146bdcacc852b9d0b4ae9624635f9e69f3a7bc8e6f3340c7de46f49feb20a46f11aef464fa6696a60865bdd0c40b1c411c9661fa9f6393a33a7eb4afaef3eb1ab4634a42baeea780ac6c0c4fc8cf7a92cf0592f993ac85bdfd6c18ba4b7cf4c4438a8330413de8365b4a080234f59edefca0c5ce9697b20cc7b71d04438c00cf3d557bd03b5e1b86e167d2d6e09714135ef720667d0f2e7ca54da419d1bf6722eda31381059216009cd8c99ba1d7f9ebc1bc021457a195fa5be2f0727a84cf4cac5e080f22c836a4955d5ed06bee2eec0d39abc5f459ac43596fee3b341dfbd7ce6f4e57ea42e1e8d4f65880b8b77d2ee27dc1efe95ff1bacf5aa14933456b68645380d0f2ef6284b9946857456d64f4cb656998e99e3e286f596b31c69a69d0ee8444ed838ca2f0ead1be9538e4e927239d0e65a3f871dcad33881f69592eed93a9fafc934aefa67bb87d582d0ae4cfbb5c50325774bbc259a277749751228d3610f95fd56e9fbccb288eca1b14c8255b6996a59c91efbb08440ed91cdd53b0aab82600906904cee2a117a06157e24fa822e1cf4f9db4c2e8a5e842cfc503e578e69002fbae194b6bc7c8b69aac7359292109b712eb49d21946f5ea2745ab77ef59950dcfd926df2aef20e85f2a14554aabb417f15c725c73edd4853926ad6c525afa2c65de213cee799c18d1ced9424d10d7076fc5862579702a5f91031381f41cb8d9899ab514cfa1c8c51437df9710271d8cf69e8900921cba296703f1a7b5234500c1625884fea594d836a930b06142a6e577cd9c2a32cae65e712624abeeffc423a5d5ed7bd75fcb1a82ecec8acd0da9918a5c7c189f14f8cdf37062f93b87f9188501556060ffc6eac435cb1624f2af688316366e03cfb869eacf83d9d45fce910c3347f810b614c2e4291e70471ca2b574241c3f3d9740c6a45c7296a2f275acbde72e513ef4e5a1123a57c2eb1bd023af716c16a7747204338f60b6e3ac514af50b21952c21592aefb6149828a5183ba581d5ee8647f374645ff941bab67bef760ce353b456c4b51c5d3a0c5372b1773b944ad67a92937dd838e1b6f550a1dca975d6230e430bcc278afed54e0621008b2f850107b0244359e3747be5282630452d432e5df0fd160795effed150f9396a7da5a1e4dce0c8f62280ff2fbfaa813859a671208b4b9f05fe450729b0efad83a790acd688a90e5fee5550de4ddeac70ecd125ad076c4e2b68652e6ea520e2b6b339b4b9dc219d853e06b9aa79d022e53607213fc254e15ec3e6b776d2b562997e0fe52b98c58e1c0316b22a4219460053da87e7baff7dc1892c2de2f324dd1169b977f3a6698d0234c78de3e46ba5824f3e373f264e8d28fbb4cc108a41fdecd4b629d92b0a65f84366bf504eb5a894ba40c89f9df854dc469fa174ac85cb8d2adfdc099ca9848a1032b2e2f375bd1544dfb69e33492e1a4b921ad7ff17c4c7e357ff69f42d2301c302ee2ed313f0e9a20ebfe028a8737d6e38bf179940179cb779b70c2276264cb4f23249db7d5f179baa842b70f5b287cf74ce1ff6b70a56be8f2fe15aeadca229804923d28a793838bc605eaf5dcd362f757577ebdac54b09fd73326720d3522d002a41a3b5f2450f48286a5ea45836b5ee77fc415f47e0716049ec2610d607737fd5a73b066b4876f9d744f6b3486b088dd3bfc3d393a27c6c799ce078e2ee348257b5ec1ba9de76da2a67ca912dc2dd5afc70834ceecbb8bd41f6e790294cacd5891bef1b4e2124dcd6dffdedee8f16b3bddc030429dcb0f98e6fe0649cb14eed3293fa4933b2ab8c0ec0ff4dbbced1e32dceb317252e715b872b00478cbd7b0275b7394a0ccfe9887410b32f1ce9266b3b83470ec982cf908507d3ad0cc366bff3759388b624701b3e0dc0e7928386b155b50b42a8e352622516beeeddfb79866a2eb1d360802cd19d62fd171267a0fece5f54e315a8cd49c41072f2a7a0baab5aadae2c1ff28e285b642f8d3869321bd18b4aed107feaa12d055b179a8ab7b50e2796d287a196e280d527b526c45c8aa98696d88a02d923d06fedf51336c0695c218e70448073921971093ea44b5352e10ce6cec26d082b93f69958165bd986f56650a62224c2d9fd044bd8fefd33544c6bd141b4cc211a087fa57c09e195c8edffe559048db738d1395f5e2625dd7cd035b8c76aad6c238fb52a7c5ff0965fc7122a5899746ca88abd699d6078623722fff92726e18613519f2b1927504fd5cb7a38ffa373c3883022f0387953530834affb5f05e0f44c24caa75561b2b63994493ab857fdc30900586fed09298d846e5936869b43d81c4b91902028e57a8f2da16355ccb7a77d29ecc8e66015e979b2f3edc5b8d77c45348dea55c9ed6b7465acf899f4bc1a7edcae0b0daf69ff85c504eea1294620b6d3dbb004575044a5ae7c110010c2cf39827fbdab3b42ac35d147fc53bb5e7de6c47091dc80c14b8da494b2e913d1a52085e29af19edc4a417346c5a896a3851cb6132511e0627d190b77623c8a3bb6085eff22ede7127f7988a1d388fb70ea20d5c1b2424c5aa83532bc5162a5d177968b4a46583f2d4b92d04a5f19145221aeaf724d92ea1d4dfb53021b47585bbe5ce35f8d09a83e13fdb1de8e52dc646d41e810879ce9c830959c3ee93f11a16d030d141863244395e3f847505fe6d9594a34009fec9a743c033b9793335684cc5c3d0eb0ad094f40a60264b02cd88c583c850d99c5b9c6c5dcef467ca3ea38f2aa42f5657cd940aeb12960efa18d571e4f958b9cd90918e069a486d84f214617ce29c0f2c26bf84f12f5036f26a8de0c8359f572654bf5ee06d38f741c464976d95ae3fdda45c2ed2d08ef71d3590e82d235e0fa357c568158791a195d4a2d9615e1edc85be64cfd169f925ffc4f636f86783cf43624a77bdb9b172228097f02f391df00668dafbd9932298b23cfadfd1b8d14a25cb408a440f930f0813de73c1eb2eb4b3c802d718a672453d0038965c6dc98db96fb4e06f1fda72782d0839d4e8b477ebdb2c73510db44f643ec7dc4fcb837806853caa35cf622aff9d44381d3f7adae00650cbb6f0334ceca14ec982dfb5817d7fd49251c203b6463a09c14885f754603291ccf0a7ceaa57284ee751774fa5ad72f9f7a32fa542947af40601e98057895f2869d4ec2db0d73930962535fc9e12ba7e6777cb458592bee505b367012ebd27b256fa0fac1452cf3b28eab573549b7c7a13752ca0189768f738d5f8030fe999f7bdc466d67bb32937ae469f1a1e21fac2ae2ab92a0a260bf0e9ce20625e82f88d0ed4d13876aed768765d77433bb9137d92d622df502aef574de82fe28063128fe5a1787ced99734c2f3f221e80d3baefd367d01d950ee1bc981b4b5ff86b2a96ab78fa3c1201303cab473103d89bb185afc77dd2cb7ac1564045036fe9fcf85af5d73a7553bc45bf5e221564540982db2f81e612e7c1715d3498b8d7851c0160146d6eaae9e30c81dedfca8e7122fcb69b26b396629b723f1e1822b8d5d8f2ac583728a5ab40010f88aa42f37f2031a3e99d8d6661e63f86f65af521066ea6af89c89e1748521b8368cd03409e895a941025ee777653f55e66cd1a0cca21308666260c3b9a306ddadb322eb1d09f7b27fd570cd35b6ec88bb391e3ae4745e17fb4dd7aef1d75b4ebb91e6e7789b241566d7c0cc97a3a126ed50b0cb621e015414f62641afd85bad78470463f86d8287aa56d331911c23c4cae8e5dfea33f3789c03d61f51c590417b5ff9f1aa35ab6a15364296c5f9399216ce565210a4075ac5e43e916850774a127f9174d95b43d839e056b4a7d679bb8804951ca171c0b59f4d6f32c4fe8f908b9a1614591f5d1e1cf3348e02317ec4655c693417a4c4e7007a8db02faa1634f8eea9c9bbe5b149ce2279953a54884392dc7251dd38670fd59d9d1da5203340909d50f779e864339014bcb545d825cdcccedc558a1d01a2784b8f499ce9fa2ddb0dd1dc0b93d1b282a96cb4ecf152474dbc4b2853b30c8e5fcea85bdab949f5eb1e98d81c102c349f680230082db5aba9e20209c35b16598507d28211b49763b598a7e60519d5b28b67c027cb2657cf2ac7c7455291fcfe63f0b43afcd3afaea934da97c209d02e5b47a686c1c284aeee5d662fd9d9be7c576259d9f1a36fc0f7fe329a1da1dbe078381233940745fc28a56db98b1a8442325168158e3f0b3cbf8a368d19dd20cdfc1c4f3893a30a49223050159b0bb8b7c59ca705ae25453988d87ca6cdd2bd2fe37847ba67cbcf7a494925a8598b7b50a741c9ced10ea08e35c422b79265561a07f40ebb89bc46069a1c1ad95949fe757a76ff6b5386a043abc967c367a9d86b54d374e573540dfc1f6d396f398abe9735f523b778fd124ac1e1eb832a66dd4b1838a50e6a4eb1b95b8a60a94f067b24d1194976c539d5ec287a261bf25904575be3ff49e7411a8dc09739649828124c14fc2b89dad1f3f5725db2e45f5a447cd3e4bdf9e1e95c5ad7c76fcf0c1021cb6c32e6985e1d113030d534eecb0dff2554183ee18da2da5d21a8b994a81f05e0e6ae89b20bffb4be333d1956270da23e9905830921b1f3d615a56a20b11d45ccd1d22b910e33f475a92c31fa5b4675ddee18336d0ee7b75c07df2a9d4ad53d83142219a00aef15e1e9dace0f039d63a530fdf671a54aba3882dad0d439632af5576726c3aa095cc1a0a03063e8a6581b78bef501acc24b05a0150d8f683c90e8e5e283a49f898906dab926e544ead48cb9bf9a6e1bf140b5273443b8cb8166b2d8a5464a3e9d9f4246ac81ea91b33a0b399dde9f5efaf792bb04cfa028f40b7c92db2d9c33e16ef58b9263350879ea94e581a1187b2d1931b1cd7606a76bd8943b7c3098a33bdf476960af7bdf2854b1336e72feb603b8bb2242df0839d157843d369a50a615068ff5d99ecebe8dc19158a6c654e853cedf860a727bf8140c062f5d307fdcd150ad0af03d2c3a913b91047858ed6382d2d2d30f5c0bd419c2cd4047f225107ea8bf4a3a69384f16b5b5bb2655bdb750db4e975794592987df95f6a90374b0a08769b2c957faa16a21270196afba76b4527f01f0c5db7fa16e2da81fc49336e20bc3ee1ccbcb62255c84513d9ceb706f03c25000517070c03b7bce838e6b6cbc7f767959fbd62e11ab7ea6d760cff674a4296e6185eb348028b472290922160f3ea36c22c8375a016f505017c0a0e041dd8e52b4f19ccfc701109a19391a059d77db239d40a06d84a6f0ccd08aaad764e53ad1da19ee825a4d25ca7cd538289bffe135486ec1614e28b3682c7081a1b0a2c7272f4e36f6d0d9e68d84209126dc59312d48eed1c63c90efeadd472259392c28746abf394c5c6c97d3fb00b70a74c313a817ee1719c33f16d58f297fc7eacbca5803df115745079c5434e851ad6c1f0e8ba0bdbb66cbb6789b89a23526b476ad0f2cea0907e72702f93d37bdfe7b39fb9b33fb1111e58f5c45db8cc38afe4e03a318aa0690afb870a67aeda7da9640fdad1e1f551dd4757c69b4f523b616e502514a2e35495916f2e5ddab1ad9534644d99ec56e818caba173773aa5e45104deb869b23063eaea5542d3bc503a6948b83779aa46879443cad02477451b46429f1f67560c31d4377f96031ab94866a73be753c4ab91cc6576c3991c3423103ebae604e887c56cbacb9e95b8b46300b62e698a6456a0d175cf682eacabbe301e0b0ea34f963daed0dc6c1b75fa5e3870959913e69e61911d9ff646e9c6bab33fe566871027e861577c4d7fdfdf94ce7ac1a3f6d29daf28d660431a89c0b56c4b95090e2ca5df62c1e5c5dbf98f067751819d4c5914aa33883b7b521aab30d14e1cfae74fcf3ad4b2cf9448009d3223ad984e0c50f92d465573a6fc2894f8a5d4e855316738ecfd6a6c157d39b5c44d80a7cba944cf9f7a701899859821cf2bc248459f7a350fefba53c1481a7197f024f2eb74251455c06f4b82dfcf3ccf3e3b98b898fa1b16c310125e5e9fd4019acccbe91b4d842ddd52ee56f6d3112dec80159d6d3ef93bca70e7afcccb223361c39addbe3c429934cd0ae35f36a8f6309f08e36b27341db1f21fd8a148b239361b31a85f53bd1ad49fadace6c64d5f4363427fb2f268e8aec6d81cdb7f1252baa4652dc55881661114bf98cdf17190379591f0e22dc97e790f53f463bbb0ad0ead78ddf7dfe2e26052acc31cfe52b822afd5ec5c75957106cb5c368c09252ff3e4f624d90e599279fb985ecdb7d8880dfe05ac2d2da83e34e2b9b88f5dd60107a4509902fcddf4a36605e5c7a2606a4aea9fd4b5b24ca6b67d6945d133869cf9276d8c30b08c2a9f4bf03f4e0b956fd5f3c80b958ac5c41e4115b6708799c3102bd8b6c7fe17ff8c3f89c7437255faf69d1e16074086dd44d038bc0211ac74743169b462dbc085d77bf45eea72bf8348308bf48feea02d739a0fee9fbf71023ef8c6828da1aec8618cc2345ff663f88bc52a990e6b9591425435b0c7900ea4068f5aa6345e94254e259a71290fa23281658a6a165d1dee10dcb355518264824665ff2c5538de9ae4487782911f79e0bb09bc2c2d8e0d91b33cbec839075c9b38c848e9d2fad7368e96c1932042c3e85fd95b7d4500e6cae9e649082e9d5ca6f2cf91fc7ecaccc1049525d4325003424cacbd6eb5b8cc30b6893bd1ef46a8e7cbcc87dc2dda5c802ef1f8bb607c7457eb161254dc0feb60ed5ed0383fdb4db91d7e41d45c8eb80c1981e801ef05703f97f8710a2e00eb0559f854f700f946937b9e68c75ad6d0015d5d79be5423d0d846bc76f92ea7ebb0302b3d3c695c0aafa83b2bf029a444709cbf2cefbdcc7eaf3dd7a16f8ca8c861e883db10d433f7fec547be45e6829962e430bb3c93e8cdfb342c1cb7e53d8a6ea625d5574c4b4303f61c4338a658e652ab2bc0029c0a78a5114f495a439956909cf42128cb4348affbecb20b7fea98e22160e9a58e7666a00e7b37fbec4bd3860d66a39d1232a57e8cc50710c5c666f7efa98f16f9a02d843c94b0842a383945d06899998ff2fd01ffb58ab53ea89b2c93634c48d0420edb9791b8e451b35b534b8b2874c4859c684cd14afb5335a2555c75ad9df018635bb7131a7ef204ccecfed33a675fc51687e3f8818406fbf58e7b5fde1ca96153817e1b632e89a78d967eb6a34af1dac0d9ffa448b7b9bac27afc305a7b47febbe0a37036c18aef6852b1b2759d67479f9edb169e796d949844a1624b1e832a2eee9be36dc5866d6fde431cfcbd4e305d322c9dd07f83b5b361daaa74bfc9fbce8b447210c327468659ecbb0a5fc20d0cb79de7d1d70bf251c81d5f38711f3f4bd4752685b077058beb465711b1359d2a7d2f59216c5a807121bb97e7ccacc46526e4072f1d6de3b487d492fed0995e2273fa3bb115bd08d32d8e57eb2aa8f9d3b81babd1b8334c3a5e69422b75502ced3793d07b9bdf38e9d9fa1d2e48c7886dfc41985e8ffc49f09c4ba58ddc3b4cbf562b591f8939ced5d18214a77cc753075334a157373cc33cbc07a731cd6342492f5e05f78108e627bc88777203c76632bbe0120924c7a51bbfc9dc789a5695b7c95ef544935032fb81d499c454a2d78727875c20bc8a48a9f23cf6595c17c9cdaa8d04bab8ac567ebd3bbcdb40e11f1893fea3970f176f75f38d17d6ee1bd4ab76c660723a776bc72319199ab82c40ac4a9f4f475e8fd4643a4be8601cb5172e112c236c7c430078601bf183a59a03885e994c1116a9d4ef275790ff2417ffd85b43274fc57654466fa394958aeb11f343c3439604af13997011af70b67df1a9dfa4cdb751a2dc3e5bbf42f7b9ebc6dcebb2dbdc57d7a2cef7409dba307b7cf6eab148a924566341d035cabc877c68d0fbfaebdd39c16304b63a1bae376fb4650708bf5695dfd7ffc01f43f0021f622de0b116ea494454497337a0ec469963de7f9d2b1d6c5a7a0a7835777a78a2b9e16eec696446981d2fea550f011419b96f7b2018d027b87fc715521b0302bd7b5b3bc5f033346029eced73df07dd1bb1f91848376b40b9e9da7233e7832edcc7b54ef6fd320d19efce78d58ea7020fbbdf77612dc8a4f3281915ac9706f346e405b9f489f8f2e9a2decb8d18bec1e5f735a4ec69bba4dc5d36c9c1cc50b92fe67b2cdd53fa671c0cbe331abdf46787e7c9912b951aa20700dba6cf5a209fe5c9c61ef62a8e2e572ec774b2d0f42d570633fc44d44826e848d47a8f386a5704e0a3eaf1d06617181aeb166334ab55d5aedccb27abf19a42a480930e25465721336c70a2ea7799d21a3659124ac9503efc99c1b13ca2b9723e3e338055f9b3cef7502017ebbb09a64b06462db353a5c562101cb7fbf29e056deeb1ff0c7bc877210c941c87401ceae52bcecc83e87655069ab931bd813c1a87d67554f5d2cf435e6dd92a515c22f5d5a9a44ebc81e9c4849104343b80824005619312a9e349d996e366d381da42edad1a560bf5e31ecd049e92ceaf42954958600a7868599fe10e9b34587368d3044250c3d1a8ba6c8dcb6d318d4f9e71c2d33fc74cb57620a8343258d072f3aa767b4b178f3f66d5a713dae2426296c12edf9ee37636869e30df64cd3855fae20bc7602c1b7e6c8246ed4be71231a5ec7b5e7a9ebb08bf8667d8f2900ecdb0a0addc14a2328eebc448db13013e6a3c1a661065e5ac0a04b5171bd84c9d9d947a6c31257ed13a966530c5e20168c100117cf82b4c00ea3ad00ea65e1af89535b3f11a1418ddad33db8cec281543732d2ff4eab54b12cc95f7d872e75bc01bf6c580540b0e26413c6c2321ddfb0447bdb6acf05ddf2bb92534a3a5f37d6da882289f6fefc6a213cdfcf34902137fa3b982b2b4c27c611f08909a18405482f1e3a2bf3635d3e970457541da16e37bb3c422cceeb484bb64c78724431a543ecf4ca851914c1555e3b785ec87bba3769927f6c29f80e7ae8632bdb9acdddf7c3b5580740d9b2bfc25086c9566844136f3fac74f429121f86c378c68c20a194b0c98b1e92991954cbf60477e217a2e25297fc7b18972e40c531ec19e1eea193bbc8893392d8528c6a0375bcb4b082d20d5c47cb330bbb4b74b91ab55d4a0d3e1dee8182c581e8e70ac30108eeb7185c6ea3f786881ad124e1404651ee95cdb0fbb0d0f4a2b43c795ec1cd4e46234a88862d57903ce878b641004fb637341e5d6bf5163f1a3467b828f6eea96c3c2bb79503687867e11eec32dec452e0fdd2eaacfc0a477ee839ef049855da734d18212142dfe2a95ab9ad9bc4f98c3bfa34134c7e6c9f8669303314d4e8c1bc5475e8fcf418cbdb3246ebf393d911cdfee8f2550dc1593ece59ced81a4ffb2484f9c8ebed0aed8d418138445c4e96b209adcc4afd70f09901662daa2c8c557d6039768d97e6b9518f0de4ac2e0187ba08a4a9128d3e632fca102137338b5e568f12c7bd28db772c800fb5f4d4e683b201840731bb7c034235cd73313cde88891bbb31597bb537696e6c987302297f9717b8053779aed447d33ef9129e84d3031fa9b453bd5731fb010ffd19a9133e0ccbec2461cdd31ba294d68c60a8535b15584bab6e6d0ce6c1cef4755bd5f7d90f4debb40af1437a19a96ef9c0709692156152091c7efb58f2d39a65b96416dc09e8091ae08d9be5235a3c1ec062862baa1aab788f28e83ba4635cecc6671f2320f42b4f711e7d0fcad89d6727d3630da1ef35e32dee39eda665946abe6224f17f2acc29e62518fd51eb7f193d9bb16c38204069098c293fdce24c1c79229fd08622a4256b581cffce12e46c20248dc902753f0e3c91f9685b3d45f984620e262b3487d67d152f1c50de3fd2067a9d3debf715f346dd2f712c55545336a9036ba82bb06cfae59a48d083c3388f77790c9639fa0a9c33f4c66c7513042bffb765c2a4b3657dddf0ea094d8d79018f66c8ef8e9df980a89906275edf4a467a5db0a623976899f0efd167aab6ff385cdde59027a95a570277cb94ebce503906c28527e3114eb9ed739d0c2f4cf82786b35c0054718f47381ed8ce9b107e1f1019be5fc877166da667036f0c1b84e2b5118b5f4babc052d997e5f1e8c4cf45eb26430b74d9e1df3735b8d5df559903143d983e974bed6cc608c2580a991bdd3628ec676d348de8752cafa80c1661f162e35c25fc0ba0198423f83214fed800f9355ac8ea67951cfeeb3736b50c1e14d45d33aa25fc72c38702bd5dd217842e54114f4799c45ff1b7cec9729382ff7fc3ff80cbe1a13d03e19eecd7de676f6791fe34143ae30c97da9623907d974a37b65d0ef5d46b718d58541c6b1902814de71218ca7396ceb5fdacdc3cf4d110862402e7cc6254f1e44e28593fd443290262db75fd482ce1d305d6bf9fd3e5e0efbedac5a4d097650b111e6e9e1b2c66a23ac5bf27ed78d25d1a54c16ca4287126736c2f17ab73e683798c29d16481775ada8e20d94b00b6b29654b18f60e2853fdc7d3ba55d7df660db90288b6f440efd19f0478047b12c7b07ab2b1c9529597e6462d20612e6c3b6d1b1d11305f8ddc811860450504b7cbf9794edd0d07c25ab6307d74afdce958355eb919dcb1fcb8038c6dd5e774ee398dc8553a9ddeb551f", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x1001}]) (async)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5) (async)
ptrace$getregset(0x4205, r5, 0x6, &(0x7f0000000080)={0x0})
dup3(r0, r1, 0x0)

12.259774586s ago: executing program 3 (id=939):
syz_usb_connect(0x0, 0x24, &(0x7f0000002300)={{0x12, 0x1, 0x0, 0x29, 0xa8, 0x38, 0x40, 0xb48, 0x1009, 0xb580, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa5, 0x94, 0x24}}]}}]}}, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@getnexthop={0x18, 0x6a, 0xe976912f002a1383}, 0x18}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c0000002a00090000000000000000000400002c450011"], 0x5c}, 0x1, 0x3000000}, 0x0)
r3 = memfd_create(&(0x7f00000002c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xac \xe8\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6)\x9f\x9cR\xae\x12G\xd8\xa4y\xef\x02?\xf2\xe7}\ra\x97F', 0x3)
r4 = dup(r3)
write$cgroup_pid(r4, &(0x7f0000000280), 0x12)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2c, 0x2, 0xf1, 0x40, 0x7ca, 0xa801, 0xb7a7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xc7, 0x20, 0xcd}}]}}]}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x2a020400)
poll(&(0x7f00000004c0)=[{}], 0x20000000000000f3, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x11, r3, 0x0)
syz_open_dev$vbi(&(0x7f00000000c0), 0x0, 0x2)
sendfile(r3, r3, &(0x7f0000000100)=0x7fb, 0xb4d)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f00000002c0)={0x0, 0x1000}, &(0x7f0000000340)=0x8)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x25)
write(r0, &(0x7f0000000000)="2c434fbddeadca1ba97f7017ec41d281b26f635f9601a5521bbd29ba403fdba50fd3533824156f1f0388bdfa2d65fd97f062c270373d894f4d8edab1987705f965082468742b2a41b84a435e8b7911dd04e9db55ab5d097ed546e66ba4fef58c0adc22cd5e00e90f48bfe552a29ad159222f550320e2b87857eeb64266062943f4b39eda28b29b20bae3c698daf9aab5", 0x90)

11.192558108s ago: executing program 1 (id=946):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xffffffffffffffff)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x20000004})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
epoll_pwait(r3, &(0x7f0000000300), 0x1, 0xfffffffc, 0x0, 0xfffffffffffffff6)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000140)={0x7, 0x0, 0x0, 0xffff})
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000000)={0x0, 0x34325842, 0x0, @discrete={0x1, 0x900}})

10.871553821s ago: executing program 1 (id=950):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000001000)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f00000001c0))

7.604658447s ago: executing program 0 (id=967):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a3200000000140000001000010000000000000000000000000aa1ceebd01b8a6a7be816ed28709ae96bd657e7ad14403817c50be64c5b650e4602b1aa39074efb5aa3e2a221ad65f09d01ab83e2d67cf4b893c140980d2a629c4843d9272428ee22280da64d087e2fb23b1b005de7b1c0003401d55b2f25015fff8b59557692a8734fe6777b88680d6c7451fbf7eaef8b29ee6109da566926d1a3bcd0f732bf8cc3897262ca510d28124a49f986883f0404917577513ad215c4d28d14e3a85c13b06badb960dd8562d3dcd209626dff05a6f88593795428dbb8bce1c8bf599aafd3271f82e416074b3f2edb0930130a93c8c94768bc4c3907f092aa87d64fcc62bafbe16d7ad859ce2bd78a65b2bfb923"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x31, 0x4, 0x0, 0x0, 0xc4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0xf}}, {@remote}, {@multicast2}, {@private=0xa010100}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000004000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61143c00000000001d430000000000007a0a00fe00581c1f61149b0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

7.244272994s ago: executing program 4 (id=969):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000400)={0xf0f004, 0x105})
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000040)=0x20000001, 0x4)
shutdown(r3, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
write$vhost_msg_v2(r2, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000000)=""/106, 0xfe4e, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg(r2, &(0x7f0000000340)={0x1, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=@allocspi={0x144, 0x18, 0x1, 0x0, 0x0, {{{@in, @in6=@mcast1}, {}, @in6=@private2}}, [@algo_auth_trunc={0x4c, 0x15, {{'sha512-avx2\x00'}}}]}, 0x144}}, 0x0)

7.076291257s ago: executing program 4 (id=971):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, r1, 0x923, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1000}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r0}]}, 0x3c}}, 0x0)

7.032609642s ago: executing program 0 (id=972):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x26040800, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='wg1\x00', 0x10)
shutdown(r1, 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000340)={0xeeee5000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000080))
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000300), 0x8, 0x0)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_usb_connect(0x2, 0x1b, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x6b, 0x4b, 0x8, 0x40, 0x10c4, 0x8156, 0x9b88, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0xfc, 0x0, 0xf8}}]}}, 0x0)
close(r4)
splice(r3, 0x0, r5, 0x0, 0x81, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000040)={0xfffffffffffff001, 0xa000, 0x1})

6.970079222s ago: executing program 4 (id=973):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000001000)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f00000001c0))

6.00801635s ago: executing program 4 (id=974):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
socket$inet6(0xa, 0x3, 0x2c)
syz_usb_connect(0x4, 0x210, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a3d173085e040f04cee8010203010902fe0101000000020904b5000ee84ffc0009050e03100006e109072501010604000725018015070009050500400005ff0509050900000207dee107250180970900090507100002020ca3072501030bf9ff09050010ff036002030905040c08000c0a060725010205010409050602"], 0x0)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902380001000000000904000003"], 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x2000000)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
sendmsg$inet(r4, &(0x7f0000007940)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, 0x0, 0x0, &(0x7f0000007880)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x7, 0xc, 0x8, 0x0, 0x0, [0x0, 0x0]}]}}}], 0x20}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0xfffffffe}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}}, 0x0)
mount$fuse(0x0, &(0x7f0000001040)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=000000+000ser_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
pivot_root(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f00000002c0)='./file0/../file0\x00')
syz_io_uring_setup(0x6d58, &(0x7f0000000380)={0x0, 0x0, 0x10100, 0x0, 0x74}, &(0x7f0000000080)=<r9=>0x0, &(0x7f0000000400)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000000)=@in={0x2, 0x0, @multicast1}})

5.264135273s ago: executing program 0 (id=977):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19})
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xffd0}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
ioctl$FIOCLEX(r2, 0x5451)

5.066177931s ago: executing program 2 (id=978):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x6c, 0x24, 0x3fe3aa0262d8c583, 0x100000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x400007, "7718eff3a851893e633c901c7595f60b"}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x4}}]}]}, 0x6c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f00000001c0)={'sit0\x00', r3, 0x40, 0x20, 0x200, 0x1ff, {{0x3b, 0x4, 0x0, 0x4, 0xec, 0x65, 0x0, 0x6, 0x4, 0x0, @multicast1, @multicast2, {[@timestamp={0x44, 0x1c, 0xcc, 0x0, 0x4, [0x6, 0x15, 0xfffffffa, 0xc, 0x0, 0xa]}, @rr={0x7, 0xb, 0xd7, [@remote, @multicast1]}, @lsrr={0x83, 0xf, 0xa, [@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @noop, @ssrr={0x89, 0x1f, 0x20, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @local, @dev={0xac, 0x14, 0x14, 0x43}, @multicast1, @local]}, @cipso={0x86, 0x3e, 0x0, [{0x2, 0x10, "66de18176972d7b83a9a62e56829"}, {0x1, 0x3, "8b"}, {0x7, 0x7, "effa60fbf1"}, {0x7, 0x4, "efff"}, {0x2, 0xa, "b85616ea1d9d2542"}, {0x2, 0x10, "5aaa7a9a90ceafc15abf086a9a93"}]}, @ssrr={0x89, 0x27, 0xcd, [@remote, @private=0xa010102, @multicast2, @empty, @multicast2, @dev={0xac, 0x14, 0x14, 0x25}, @multicast2, @multicast1, @private=0xa010101]}, @lsrr={0x83, 0x1b, 0x38, [@private=0xa010100, @remote, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @rand_addr=0x64010100]}, @noop]}}}}})
r4 = socket$kcm(0x10, 0x3, 0x10)
r5 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(r5, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00dd0f207003000000000000ffdf0000000000f1ff0300"})
ioctl$EVIOCGEFFECTS(r5, 0x8000450a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x4}], 0x10, 0x0, @void, @value}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002680)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000003c0)="a4e5b02d1c7ffa7b68b5c942445bc327fb0283ec570f6b01c1a767b1b8acab91febb0760616d1e163fd58bcd74265405868f9299f0cbeb2d33c1d3bb97901a77f03d4af07dffc18482e604d26d48977724b274d9e046320dabcf3c71b6ab25cbb7605166c53f0d652bc08c6735fde42e69b31f589199aba1028e9b6ead6dd49db6259f5204ab946ab1d638db9fc0a2a3c9d245da78c300e9db57a87fa4015a3b841477616fb87111671981a5f6cb841503465f4c9a29e914a5826df91b2c1d0d130ff6e2ffd9589417d587ed3aa5ebb7c73af9ea33fc8ce2263514d7aea795c68e4f55389fc263ca28d515032b37e9ab6b9e0f4cc2f7e50c5856280989c0fc0ecb4a16b2417bee0606394ee20a76d64be08900eedf5ab1a004e382ba526ac9cce3b915a5a35ae7e93f3d10591f921f8503683451cbf8137d7564f0b2acc5f11df1629892ab7c926a97f66f02641287f950f0ac756c6d3377452fb5b495bc706c3f5b4b2e23ca1a2b84adb79ca73acce8d377a4d99c8f56b6f6b956dfb458e8eb96aa50cec11a90da84c9b6bb867c98d69a69ed5b4fbb069864a92ea9c9e885b21ccb120df669d4c9fd29e81ab3763001c1485be5d82cf46dd87c9ad36612f57b3ace8173a8dd455214f6cfab2cb7894a7f5d6bc08ef8e697ae86d076ba5a291b1fdee071b73c525c6de0e78580d7c6156a8f7b7fc4e236fb0d6aff75e10629fdc99d1ab3cfcb9b03f64653ecc8bb5b69eb57f90ce92cc30c6e3eb06fa984805cb35c841fad9f72b26cbc993dcb6bed925b0201f9ba482b7f9797f02441f9a5f36a285b8728b883fbc23c34eadca443f0a611b08034bb4896b8fad7f4357a032bde001dc8f467e99c2c0f72fa1059e36c6fc348a33e8eccdbd2ec5f6f4853cccaa3dbd70547bba6968c8187cb05095d6f7a29434099ac48c49b58854e4ba0f48813e4596a5b1140887f697b9bf2615fa96490a5f25328768099399a9fc6d942e86112af2024e5911f2d64e4cfd04a405e2f5a27120c547e48e1af647d19015540701faf706c2263976de6616f365cfef3ed64b85834b7252eb3165f8c86db134a2ae2f0ea3735f49d148f10f640661b2d4329eab4dcb9e04186643f6f18e5c96f79e139f8e541c1dbe2f62bea14953b4896ac46b81c3a8298e7819448e461317ce2b13aa0bc1e135355ad9a1c5c2ba410917a751d7e0dc4db52eb46bdaad9b20f3bbcc4f2fb23c24ed006dce16b0bc6e4b5deeffd22a607ed7fafc9c464d925c7268468ebfe25770b18e3457e0268d8cf32d82ca3fd5a391bfa7c333490f6264fd213bcefbd2b17dfbb0a5ae961d3994478bf5ac6d88e8986b8351d105862cd9f05b0bfc8bd6d54fb2d50d642da92c1165f06ec4baf7a9c87d984439927b835d7087f28e82d9d2e0312986beaf9b1d7efa95d7bff2c72bbc7419b902b58bb0f1bbf0071aec1098122579b301302b7ddd49385c7c9172ba3cc1aae62760836e156fbc59c9292220cf437550f6c27a23049cce5a2c8f1cbd86f61b26ce5453db05a26771efdf46e96ef78cf061520aa769b0b5d30ff83f31920be55227b2385286eaeac2d44e91a10bb22a5d80e7906439d6635c9ae1fbe30318c80758665eb68794039fe9d9d945874aa18ec942f526b81ca277e223329a50fa209088677a75c43f88e5f555b8156fc572f6710d8d4e6cd608294f0ab05c2d0d992ff8f6365ff784596874f2dc12ab6952a2f2d693ccf3d624d53fd56894826e78dc01f95a65d65f1370c330755112809604f48a28528b0004cc0c1957561ca5b97e6b68bed39ead403c8d6116cfb3a30bc37828cb76573ab65f2c4d738891a5cf23bf6ed449f3fe743a5ebaea84bd031fe7e32c1499510b123d7a9e6116beea49cd2286e7ce2a0687c560eeb55634655c322a34243319dbfdecf53b5199c4905d85c8cf133f5a17dfc48683578902eafcf4b63e13fb36c9798610afec95b961f6215f1f44275bd7ea02daeefe09a1227b86a891ba133ff2686f11ad71f2d40f53f61d0f561ce4d3305c83a41467dfabc3c2664b21cb8edbe6dabde62205ca8e79eec12ea8ae3228a25758f136d5492d6b6736a9b2a49b4563494aaf535afa9655eef94078f04f5c1cb385123ce95610a2d0bc2886e76903d1eda0a8e40710ba53d94df3ec8d4fac4bc3c7dedad541cd5b580478a2432b2aa2fcaa0649bf2b46f4ecd90e55a576a236b2daf322b33b76b32341589ae5aff45d48e55664a3025557497a6ebf6219d90da0b044615157d860f87cbd9466c8cfee47c8281a61ca4e2e6ee7a5e515ef19e308c915c363bf3e536ec5e44ce08892645c55f94d844abdd11455499c396af31342af32d0bbe93eb2ecf3c93258b41a220681f7ac84ffbc5939eb0c7cbfb59764484e5886e0fa50ffb55817b6cfcdaab64054b2d5a673b4fdeb849eadb8a6699ebb295f973db7f4ec0ac65182d284a5753d3954e439ee0124c3dd95603a389ee54d1313f4da95ac251f31fe77211ce1c3fee6c7bc8de376b12b4836ae4b26e1e9d73368be43cc93a0c4e6cb42596357d58ade783af7d2eaed445e4ac899c7749327ef8618f5187df9f7b37ccb497bab8776984397a521b442b51cabce7144c37520896aa77733a85a4bd3a2b13a721ea509ca17aa8df71156cc612b91330418fc6ba8eee7ce04d611a687a32c4c50a5690f564c9e65197e6212dd9a3e30eefcccc307407e0a975aa5b43069d2ed447d209dd110598f9622fbe573db976c5f4bef82f5474dd0ea5bfe736e0f3f969bb38469839ff24b7157e6b8846b4710d7ad7f3cc3ac3be89160b9b429a899d4722fefaf6b05e540afae163b1a1a88deba6ea8501c375e856c5997dd6587a8a02c910df6ea9516c8d9e9a2422e980b5c044d4e57a2fb3f8c39a749176669f22d270dbca7cd656e88d2467271e38f79748205af3e8c154d74253e5223fe00ef53df3acdddc732d1139b6e6ce3382c7d0aa5885f1c98c53cedc5c4850eed9393277516a125c96d61b8319771a83fb02ff0e6cde27ce894ecfc4b42695b45037ebc6db705a661e29e031509b2eaa4dd48a2fe9768440278ffd9dbdca1a36b788fee353c45b2197be3805feea42012efdbecc6521dd0e24271a16", 0x8a7}], 0x1}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e03002a000b05d25a806c8c6f94f90424fc601100077a0a000312050282c137153e370e0c1180fc0b0c000300", 0x33fe0}], 0x1}, 0x0)

4.811977758s ago: executing program 0 (id=979):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2aa001, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25090987f70e06d038e7ff7fc6e5539b3243078b089b3b08386e090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d306d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
set_mempolicy(0x3, &(0x7f0000000040)=0xfff, 0x200)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='comm\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
getpid()
write$P9_RWSTAT(r3, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x2, 0x10001)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$FIONREAD(r4, 0x541b, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000050000000900010073797a3100000000200000200b0a01080000000000000000050000000900010073797a3100000004000000001100010000000000000000000000000a"], 0x68}}, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x7}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r6}, {}, {0x46, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x5, 0x0, 0xb, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000000000000000d07148b29ff883c50073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021380000000c0a0101000000000000000007000000141f22cb25ea9844000000000400038008000440000000000900020073797a3000000000140000001000010000000000000000000084000acaf83f741ef402842464e656fb26700a87ad4320432656a6538f55f38c77f5f3c62324eeff77f8f36ab164a9bc43b493fcc194caa546a0d646c52ee96883ae6091fec5a117ae76248f3e55df789fe7157258b32fdde32ff29b4b04e3469c75f878361ccdd33e60a2ff0abdef89b7627c327efab5fef368ac2a1f9d3b552446c778d4cad2ff696a91e61a129e2567c4d96424e34635528cf2789951b020e8f8891edb804dffcf31d2e476eb72b59e7799b30737ac6667f36bf3699ad5a459725556da71aef555f620a81b9ac6964595930553bc686c7c1c78ecf07f6e13001fe1df32187c5c131fa842c02f4e35eb876697da0d50be0af5ea358fad659ee5aec6471a2fa52bc754a81a00515c70f9893a2cbe"], 0xbc}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011001f"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_NUM={0x6}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "dc"}]}], {0x14}}, 0x7c}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)

4.548236268s ago: executing program 2 (id=980):
io_setup(0x9, &(0x7f0000000100))
socket$packet(0x11, 0x2, 0x300)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x6)
write$FUSE_OPEN(r0, &(0x7f0000000080)={0x20, 0x8000000000000007, 0x0, {0x0, 0x8}}, 0x20)
r4 = openat$iommufd(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_COPY(r4, 0x3b83, &(0x7f0000000140)={0x28, 0xa})
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e6c1d0000147ea60864160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000400030011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

3.634188296s ago: executing program 1 (id=952):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_wait(r3, &(0x7f0000000240)=[{}], 0x1, 0x7ff)
ppoll(&(0x7f0000000080)=[{r3, 0x8201}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0x10000001})
read(r2, &(0x7f0000000580)=""/119, 0x77)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000034d564b"])
write$tun(r0, &(0x7f0000001140)=ANY=[@ANYBLOB="034886dd05000a000000000000006000000001002100fe880001000000000000060000007d01ff0200000000000000000000000000010000eca140"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r11=>0x0})
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in=@loopback, 0x0, 0x3c}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {0x3, 0x0, 0x0, 0x0, 0x1ff}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}}}]}, 0x13c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'macvlan0\x00', <r13=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r13], 0x90}}, 0x0)

3.309020391s ago: executing program 2 (id=981):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a3200000000140000001000010000000000000000000000000aa1ceebd01b8a6a7be816ed28709ae96bd657e7ad14403817c50be64c5b650e4602b1aa39074efb5aa3e2a221ad65f09d01ab83e2d67cf4b893c140980d2a629c4843d9272428ee22280da64d087e2fb23b1b005de7b1c0003401d55b2f25015fff8b59557692a8734fe6777b88680d6c7451fbf7eaef8b29ee6109da566926d1a3bcd0f732bf8cc3897262ca510d28124a49f986883f0404917577513ad215c4d28d14e3a85c13b06badb960dd8562d3dcd209626dff05a6f88593795428dbb8bce1c8bf599aafd3271f82e416074b3f2edb0930130a93c8c94768bc4c3907f092aa87d64fcc62bafbe16d7ad859ce2bd78a65b2bfb923"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x31, 0x4, 0x0, 0x0, 0xc4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x9, [0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0xf}}, {@remote}, {@multicast2}, {@private=0xa010100}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000004000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61143c00000000001d430000000000007a0a00fe00581c1f61149b0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

2.762544025s ago: executing program 4 (id=982):
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)="1c", 0x10002, 0x0, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x24044891)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) (async)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f00000002c0)={0x0, 0x6000000, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800070001040000080005000000000008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0xff, 0x7fffffff}]}) (async)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0xff, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x0)

2.740973649s ago: executing program 2 (id=983):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x83, 0x66, 0x7d, 0x10, 0x2040, 0x264, 0x4ed1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x90, 0xf1, 0x9c}}]}}]}}, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r0 = socket$inet6(0xa, 0x3, 0xff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "8647e2b7f43be400"}, 0x28)
write$binfmt_script(r1, &(0x7f0000001300), 0x8f)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000200)={&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000740)=0x40)
writev(r1, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000180)=0x40)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000240)="12", 0x1}], 0x1)
connect$inet6(r0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x655e, 0x4)
r2 = dup2(r0, r0)
writev(r2, &(0x7f0000000400)=[{&(0x7f00000001c0)="d848aa11ee80a1e8f7d33041fc", 0xd}, {&(0x7f0000000240)="fe8ba6b8618d6af85d99dffda44fb2718ec16e2d6531c85f679c95", 0x1b}], 0x2)
setsockopt$inet6_int(r2, 0x29, 0x4a, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x1, 0x2000, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x3d)
syz_usb_connect$cdc_ecm(0x2, 0x96, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x84, 0x1, 0x1, 0x7f, 0xe0, 0xe, [{{0x9, 0x4, 0x0, 0x7, 0x2, 0x2, 0x6, 0x0, 0x5, {{0xb, 0x24, 0x6, 0x0, 0x0, "0e74165d1998"}, {0x5, 0x24, 0x0, 0x3ff}, {0xd, 0x24, 0xf, 0x1, 0xfffffff9, 0x50fe, 0x1, 0xfa}, [@mdlm={0x15, 0x24, 0x12, 0x2ddb}, @mdlm={0x15, 0x24, 0x12, 0x3}, @ncm={0x6, 0x24, 0x1a, 0x8}, @obex={0x5, 0x24, 0x15, 0x9}, @country_functional={0xe, 0x24, 0x7, 0xc, 0x101, [0x1, 0x8001, 0x7ff, 0x8]}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x0, 0xf6, 0x80, 0x5}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x6, 0xb, 0x80}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x40, 0x1, 0x3, 0xff, 0x5}, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="087b54d563"], 0x6, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x414}}, {0xa0, &(0x7f0000000280)=@string={0xa0, 0x3, "01a083b8053d766a219edf858918d8f1503aa89cb3a7149b679501479db07bf55f0de6910a601f8f247d4c92f7e514dc12917b959f29d895d01523b2a9ff445c7f1dc86d4980f7c061fac127f87664e41e8377c7f23868af9a9eaa6b80b2df216bd6f2e1dbc374b50b30404daf6d223ec471e4c9aa183af4e31dc36e4a720227a98a26d4884fcbd750a87f0573a34faaa3cb3b885f024684035f64d8ae83"}}, {0xe9, &(0x7f0000000340)=@string={0xe9, 0x3, "440afd68cab186088df34c609e7b2b0ffb7b985fa9a469f49c12a61ea560247a4f419a5b661ce54ab0963e9a4a19c70b76fc394fc2cb413a4e57bcec7025f62a2b2e53c81f49a1980d61b0652296b62de6ba43274eae7102874fced4366bf2f328083aaa9e0bae347e6363d39a8019f6b375d5da7fbeed19933e1ae662f4cd54198e5e59ad785f38f663070b6117b0d4cef1b07ff637cf4bfab0feba893c3bfa4ddd63f3afadd7086f86892c146c6d569b5e77dcf49c5554c1c6d9178ebff034f9044d6a8db030f4488e12fe6404bca68c2a5e2a5f8228bc660f3e0fdb9facd34a472a9c1d72fc"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x41e}}, {0x92, &(0x7f0000000600)=ANY=[@ANYBLOB="9203f22191c8cd17c1706704bb0764ccaf9ebd4cf93fa384aafd52848ac5da8e243f9d52a44d8d075186c5771bb47dc4b46eb5f1a9e7f5335db1b4d12700fe2db4f0255cd8d5e2fe937bdadeda9ecb67c8688ce8a119e8d222b27891f809085d72ea4eb0ec49ee4edccebab44b231a214d1a4173741fbf6d3395af954d6b3d1a5721827d2254d24b859015177ec02a08fc30"]}, {0x80, &(0x7f0000000440)=@string={0x80, 0x3, "5b46ea79b918e299a2f824704d7c114f7853d32985498454f835b0345bbd4fabd6404efd759de2aaf26723b8d57e69b4f5a0fb6c7db6e24efe38cada4e4b46aff6168d7de3e2054752d6e8399e17559ce4997e689450356fd483a7238ae6b38c86cd02054fa9d9ff29c7fb2bc42a4e8c5f6bb9c0c9140b88e406724b5f89"}}]})
pwritev2(r3, &(0x7f0000000200)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x1400, 0x0, 0x1f)

2.667013566s ago: executing program 0 (id=984):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes-aesni)\x00'}, 0x58) (async)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000640)="ab553fec94c3248c32e27d04110000288a178a7e8bf753685facd3e2fb08223943bd7892f1c41a2ae0e5a3221a226922e6948308c574c7ff5918bae306521c7dd44b3d0ca2386725a4a36aa9605b299a3ce96f84d43339896b49dfe2ef5825fc40f1a0ddfe03c5f0d79aa41c6ff515cdd9c9b731828caaed4f29860c07cc55a605807825aa9a997224a0dd851d5be821b70475eb4c7afdd23da8081b02939ff86ccddccf3591993fdfb3d3902d68bb28f4368212ce1b634b91c59c8d500212bc76b6185740", 0xc5)
accept$alg(r0, 0x0, 0x0) (async)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000480), 0x4) (async)
write$binfmt_script(r1, &(0x7f0000000480), 0x4)
recvmmsg(r1, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000780)}}], 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=r1, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES16=r0, @ANYRES64, @ANYRESDEC=r0], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth1_to_bond\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth1_to_bond\x00', <r4=>0x0})
r5 = socket(0x1, 0x5, 0x0)
getsockopt(r5, 0x1, 0x8, &(0x7f00000032c0)=""/12, &(0x7f0000003300)=0xc) (async)
getsockopt(r5, 0x1, 0x8, &(0x7f00000032c0)=""/12, &(0x7f0000003300)=0xc)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES64], 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) (async)
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
openat$nvram(0xffffff9c, &(0x7f00000003c0), 0x40000, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e24, @loopback}, 0x10) (async)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e24, @loopback}, 0x10)
connect$inet(r7, &(0x7f0000000240)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) (async)
connect$inet(r7, &(0x7f0000000240)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendmmsg$inet(r7, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) (async)
sendmmsg$inet(r7, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0}, 0x0)
r8 = pidfd_getfd(0xffffffffffffffff, r2, 0x0)
ioctl$BLKTRACESTART(r8, 0x1274, 0x0)
r9 = syz_open_dev$hiddev(&(0x7f0000000300), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r9, 0x400c4808, &(0x7f00000000c0)={0x2})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001500010000000000000000001d01e0ff08000a00", @ANYRES32=r4, @ANYBLOB='\b\x00\t\x00', @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)=r2}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)=r2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r2, &(0x7f0000000180)="c7815df54938a1f6b50a", &(0x7f0000000140)=""/23, 0x2}, 0x20)
syz_usb_connect$cdc_ecm(0x4, 0x56, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000102505a1a4400001020301090244000101003000090400200002060000052406000005240000000d240f01000c00000000000000090581030000050081090582020000000000090503020000000000"], &(0x7f0000000300)={0x0, 0x0, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="050f0f00010a100300000000140000"]})
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f00000002c0)=""/62, 0x3e}], 0x1, 0x1000, 0x7)

2.540126196s ago: executing program 4 (id=985):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff})
fstatfs(r0, &(0x7f0000000380)=""/31)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r0, 0x4068aea3, &(0x7f0000000480)={0x9f, 0x0, 0x1})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000440)={0x4, 0x4, 0x7fff, 0x4000})
sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYRES64], 0x40}}, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9001)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000400)={0x0, 0x4, 0x5, 0x12cc})
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_dccp(0x2, 0x6, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
r4 = dup(r3)
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f0000000640)={0x14, &(0x7f0000000500)={0x40, 0x23, 0x84, {0x84, 0x36, "f9b8117140cacd122e5774a2552734998101b52df18fd1a1229cca1e0715f103699fb1184e3e234612fc6e8fb1f283ec61b8276fb75fe9b85a979c03d6b99cb7e90b591b88126d45d835309bf6cbac94af2614f9e8d95371e0fcfb85e8196671d0e1f1b3b700287ef814803c45d51177a55ed560a663dca7565ef2798c7c8dc49cfe"}}, &(0x7f00000005c0)=ANY=[@ANYBLOB="00030a0000000a034500e06b588ed7c8"]}, &(0x7f0000000980)={0x44, &(0x7f00000006c0)={0x0, 0x13, 0xd9, "e39d77bea497905dc200a86b030bc21bbd80e506073ecb56580ee4ca7a45fd1d9e75b4b66ab104bd84cc9f05fc5368eef1ef7714c20fb025c2c7fc755112e5ca5fc6df05b4d617c087b577bc594c1e509a0ee159e013dfe38f6818c0706915704eca9b9370047f65b539ea1f2183a6bc678a66680aa5f44b8c511ffd246dbf0b069edbc2fd96f0f9300801c7b86c8def48dd66fa86526327f739fde314ec4040d0285f075de56cad0ad4c76bd8f07ffb5ecf1bd037a9369a521e047a2eb189ce01ddc31d0eaf2b07938c3ee702c7232a10bfe496c9b254b373"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000840)={0x20, 0x81, 0x3, "ff0bd9"}, &(0x7f0000000880)={0x20, 0x82, 0x3, "5a6380"}, &(0x7f00000008c0)={0x20, 0x83, 0x1, "dc"}, &(0x7f0000000900)={0x20, 0x84, 0x3, "910963"}, &(0x7f0000000940)={0x20, 0x85, 0x3, 'sOI'}})
inotify_init1(0x800)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
socket$kcm(0x29, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0)
r5 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)='\x00', 0x1, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r5}, &(0x7f0000000040)=""/79, 0x4f, &(0x7f0000000140)={&(0x7f0000000180)={'streebog256-generic\x00'}})

2.256468135s ago: executing program 0 (id=987):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r0=>0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmsg$can_bcm(r1, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x40012100) (fail_nth: 2)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

637.36059ms ago: executing program 2 (id=989):
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
r1 = openat$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', 0x20000, 0x4)
move_mount(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x6)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r1)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x138, r2, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xc8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK={0x5c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xb}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3ff}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x30}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2a4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x101}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xdc}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xe}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)
r3 = geteuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000440)=0xc)
mount$fuseblk(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x8, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r3}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@default_permissions}, {@max_read={'max_read', 0x3d, 0xe}}], [{@mask={'mask', 0x3d, 'MAY_EXEC'}}]}})
r5 = syz_io_uring_setup(0x2747, &(0x7f0000000540)={0x0, 0x505, 0x4, 0x3, 0x20a}, &(0x7f00000005c0), &(0x7f0000000600))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000640)=""/208, 0xd0}], &(0x7f0000000780)=[0x0, 0x1ff, 0x0, 0x10000, 0xff, 0x0, 0x5], 0x1}, 0x20)
clock_gettime(0x0, &(0x7f0000000840)={<r6=>0x0, <r7=>0x0})
mq_timedsend(r0, &(0x7f0000000800)="bf0e706f225032329c", 0x9, 0x4, &(0x7f0000000880)={r6, r7+60000000})
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0)=0x1, 0x4)
socket$alg(0x26, 0x5, 0x0)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE_wg(r8, 0x1, 0x19, &(0x7f0000000900)='wg0\x00', 0x4)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$sndseq(0xffffff9c, &(0x7f0000000940), 0x80080)
semget$private(0x0, 0x3, 0xe89)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
read$alg(r0, &(0x7f0000000980)=""/153, 0x99)
r10 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r10, 0x10e, 0x1, &(0x7f0000000a40)=0x16, 0x4)
r11 = socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$nl_xfrm(r10, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000ac0)=@flushpolicy={0xac, 0x1d, 0x125, 0x70bd2c, 0x25dfdbfe, "", [@user_kmaddress={0x2c, 0x13, {@in6=@loopback, @in6=@dev={0xfe, 0x80, '\x00', 0x1e}, 0x0, 0x2}}, @replay_thresh={0x8, 0xb, 0x8}, @replay_thresh={0x8}, @user_kmaddress={0x2c, 0x13, {@in6=@mcast1, @in=@broadcast, 0x0, 0x8}}, @user_kmaddress={0x2c, 0x13, {@in=@rand_addr=0x64010102, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x2}}, @extra_flags={0x8, 0x18, 0x3}]}, 0xac}, 0x1, 0x0, 0x0, 0x10}, 0x4081)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), r10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000c80)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x1c, r12, 0x10, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r13}, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x4014)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000dc0), r9)
sendmsg$NL80211_CMD_SET_INTERFACE(r10, &(0x7f0000000f80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000f40)={&(0x7f0000000e00)={0x120, r14, 0x4, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x62}}}}, [@mon_options, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MNTR_FLAGS={0x18, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "1c0d3e6427a02097346b0f8e04d1c584d3a805179b76ea6f"}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x28, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}], @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "ed41657cfb2163faf1ca5a2d0f17976d1ef6c080dd5dfb85"}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x120}, 0x1, 0x0, 0x0, 0x20040000}, 0x20008000)

508.050204ms ago: executing program 1 (id=990):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000880)={@flat=@handle={0x73682a85, 0x0, 0x1}, @ptr={0x70742a85, 0x0, &(0x7f0000000900)=""/206, 0x14}, @fda={0x66646185, 0x5, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps_rollup\x00')
pread64(r4, &(0x7f0000002180)=""/4105, 0x137, 0x0)

351.934331ms ago: executing program 2 (id=991):
io_setup(0x9, &(0x7f0000000100))
socket$packet(0x11, 0x2, 0x300)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x6)
write$FUSE_OPEN(r0, &(0x7f0000000080)={0x20, 0x8000000000000007, 0x0, {0x0, 0x8}}, 0x20)
r4 = openat$iommufd(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_COPY(r4, 0x3b83, &(0x7f0000000140)={0x28, 0xa})
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e6c1d0000147ea60864160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000400030011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

222.618389ms ago: executing program 1 (id=992):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8000000000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000ff020000bfa300000000000007030000f0ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc303000050000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6b7db8bf277ebee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72fff6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074640c00438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba0008000000000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca9988ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f00000010c0)=ANY=[], 0x1a3)
write$binfmt_misc(r1, &(0x7f00000012c0), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

0s ago: executing program 1 (id=993):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xb, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) (fail_nth: 14)

kernel console output (not intermixed with test programs):

istering): Released all slaves
[  277.376881][ T9676] team0: Port device team_slave_0 added
[  277.523945][ T5255] Bluetooth: hci0: command tx timeout
[  277.541950][ T9676] team0: Port device team_slave_1 added
[  277.550806][ T9762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.597029][ T9762] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.727387][ T9676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  277.743354][ T9676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.769424][    C0] vkms_vblank_simulate: vblank timer overrun
[  277.776104][ T9676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  277.791299][ T9676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  277.799020][ T9676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.828522][ T9676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  277.970765][ T3011] hsr_slave_0: left promiscuous mode
[  277.984913][ T3011] hsr_slave_1: left promiscuous mode
[  277.990753][ T3011] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  277.999324][ T3011] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.017518][ T3011] veth1_macvtap: left promiscuous mode
[  278.024371][ T3011] veth0_macvtap: left promiscuous mode
[  278.030077][ T3011] veth1_vlan: left promiscuous mode
[  278.035470][ T3011] veth0_vlan: left promiscuous mode
[  278.210390][   T29] audit: type=1326 audit(1727599239.856:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.0.745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4fdb7dff9 code=0x0
[  278.403460][ T5255] Bluetooth: hci3: command tx timeout
[  278.717428][ T3011] team0 (unregistering): Port device team_slave_1 removed
[  278.765368][ T3011] team0 (unregistering): Port device team_slave_0 removed
[  278.863432][ T1171] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  279.023414][ T1171] usb 1-1: Using ep0 maxpacket: 32
[  279.032452][ T1171] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  279.050442][ T1171] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  279.060757][ T1171] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  279.076486][ T1171] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  279.087891][ T1171] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  279.100731][ T1171] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  279.121456][ T1171] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  279.132137][ T1171] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.159609][ T1171] usb 1-1: config 0 descriptor??
[  279.328437][ T9676] hsr_slave_0: entered promiscuous mode
[  279.336622][ T9676] hsr_slave_1: entered promiscuous mode
[  279.337216][ T9786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  279.350974][ T9676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  279.361193][ T9676] Cannot create hsr debugfs directory
[  279.367104][ T9786] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.378688][ T9475] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  279.398411][ T9475] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  279.399189][ T1171] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 31 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  279.511624][ T9786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.748'.
[  279.522029][ T9787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.748'.
[  279.543955][ T9790] netlink: 'syz.3.748': attribute type 10 has an invalid length.
[  279.565034][ T9790] bond0: (slave bond_slave_0): Releasing backup interface
[  279.617306][ T5255] Bluetooth: hci0: command tx timeout
[  279.664529][    C0] usblp0: nonzero read bulk status received: -71
[  279.671829][    T8] usb 1-1: USB disconnect, device number 31
[  279.690327][ T9475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.881242][ T9623] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  279.904357][ T9783] usblp0: removed
[  279.908767][ T9623] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  279.942359][ T9623] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  279.975195][ T9623] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  279.991663][ T9475] veth0_vlan: entered promiscuous mode
[  280.086220][ T9475] veth1_vlan: entered promiscuous mode
[  280.241850][ T9475] veth0_macvtap: entered promiscuous mode
[  280.297158][ T9475] veth1_macvtap: entered promiscuous mode
[  280.342129][ T9475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.369884][ T9475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.393320][ T9475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.433320][ T9475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.482343][ T9475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.494287][ T9475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.506078][ T9475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.561448][ T9623] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.578913][ T9475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.590208][ T9475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.611009][ T9475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.633303][ T9475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.643175][ T9475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.685083][ T9475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.696846][ T9475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.719524][ T9623] 8021q: adding VLAN 0 to HW filter on device team0
[  280.762167][ T9475] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.784226][ T9833] loop8: detected capacity change from 0 to 7
[  280.803425][ T9833] Dev loop8: unable to read RDB block 7
[  280.807891][ T9475] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.809095][ T9833]  loop8: unable to read partition table
[  280.825399][ T9833] loop8: partition table beyond EOD, truncated
[  280.832889][ T9475] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.836565][ T9833] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  280.836565][ T9833] 
) failed (rc=-5)
[  280.842542][ T9475] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.866769][ T9835] netlink: 'syz.3.754': attribute type 1 has an invalid length.
[  280.874683][ T9835] netlink: 8 bytes leftover after parsing attributes in process `syz.3.754'.
[  281.115717][ T2573] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.122876][ T2573] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.144651][ T2573] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.151839][ T2573] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.424460][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  281.427562][ T9676] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  281.463279][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  281.495909][ T9676] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  281.624980][ T9676] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  281.646134][ T9676] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  281.681950][ T8633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  281.693517][ T5255] Bluetooth: hci0: command tx timeout
[  281.752713][ T8633] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  281.788025][ T9872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.808552][ T9872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.834985][ T3123] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.892229][ T9623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.007598][ T3123] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.194160][ T3123] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.339466][ T9890] loop8: detected capacity change from 0 to 7
[  282.343013][ T3123] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.379080][ T9890] Dev loop8: unable to read RDB block 7
[  282.404414][ T9890]  loop8: unable to read partition table
[  282.438797][ T9890] loop8: partition table beyond EOD, truncated
[  282.456141][ T9623] veth0_vlan: entered promiscuous mode
[  282.486652][ T9623] veth1_vlan: entered promiscuous mode
[  282.502804][ T9890] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  282.502804][ T9890] 
) failed (rc=-5)
[  282.536672][ T9676] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.622386][ T9676] 8021q: adding VLAN 0 to HW filter on device team0
[  282.631755][ T9623] veth0_macvtap: entered promiscuous mode
[  282.667473][ T5249] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  282.687588][ T5249] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  282.700222][ T5249] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  282.708862][ T5249] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  282.718174][ T5249] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  282.731445][ T5249] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  282.769614][ T9623] veth1_macvtap: entered promiscuous mode
[  282.786290][ T9901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.903874][ T3040] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.911039][ T3040] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.960889][ T9901] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.011361][ T3123] bridge_slave_1: left allmulticast mode
[  283.019141][ T3123] bridge_slave_1: left promiscuous mode
[  283.035855][ T3123] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.060324][ T3123] bridge_slave_0: left allmulticast mode
[  283.067373][ T3123] bridge_slave_0: left promiscuous mode
[  283.073063][ T3123] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.079503][ T3123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.100630][ T3123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.111533][ T3123] bond0 (unregistering): Released all slaves
[  284.214361][ T2573] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.221487][ T2573] bridge0: port 2(bridge_slave_1) entered forwarding state
[  284.479082][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.557914][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.568009][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.579019][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.589130][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.599781][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.609701][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.620467][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.632085][ T9623] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.735449][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.762059][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.785677][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.807870][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.822890][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.834968][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.845493][ T9623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.857459][ T9623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.887652][ T9623] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.963601][ T5249] Bluetooth: hci1: command tx timeout
[  285.050094][ T9623] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.081537][ T9623] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.098112][ T9623] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.110599][ T9623] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.155242][ T3123] hsr_slave_0: left promiscuous mode
[  285.162741][ T3123] hsr_slave_1: left promiscuous mode
[  285.168996][ T3123] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.177102][ T3123] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.189297][ T3123] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.198859][ T3123] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.224294][ T3123] veth1_macvtap: left promiscuous mode
[  285.229922][ T3123] veth0_macvtap: left promiscuous mode
[  285.238877][ T3123] veth1_vlan: left promiscuous mode
[  285.244772][ T3123] veth0_vlan: left promiscuous mode
[  285.724474][ T9962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.740780][ T9962] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.871150][ T3123] team0 (unregistering): Port device team_slave_1 removed
[  285.917714][ T3123] team0 (unregistering): Port device team_slave_0 removed
[  286.013793][ T5294] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  286.181644][ T5294] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  286.192215][ T5294] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  286.209786][ T5294] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  286.222457][ T5294] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.235209][ T5294] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  286.244630][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  286.252716][ T5294] usb 3-1: Product: syz
[  286.269432][ T5294] usb 3-1: Manufacturer: syz
[  286.278813][ T5294] cdc_wdm 3-1:1.0: skipping garbage
[  286.285345][ T5294] cdc_wdm 3-1:1.0: skipping garbage
[  286.296039][ T5294] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  286.302050][ T5294] cdc_wdm 3-1:1.0: Unknown control protocol
[  286.516937][ T5294] usb 3-1: USB disconnect, device number 41
[  286.623680][ T9902] chnl_net:caif_netlink_parms(): no params data found
[  286.668925][ T9676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.761211][ T3040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.769771][ T3040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.839059][ T3037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.901363][ T3037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.960605][ T9902] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.002547][ T9902] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.025489][ T9902] bridge_slave_0: entered allmulticast mode
[  287.041224][ T9902] bridge_slave_0: entered promiscuous mode
[  287.047701][ T5249] Bluetooth: hci1: command tx timeout
[  287.066384][ T9902] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.079032][ T9902] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.089246][ T9902] bridge_slave_1: entered allmulticast mode
[  287.097952][ T9902] bridge_slave_1: entered promiscuous mode
[  287.181858][ T9902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  287.233486][ T1171] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  287.247511][ T9902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  287.270284][ T9676] veth0_vlan: entered promiscuous mode
[  287.290109][ T9676] veth1_vlan: entered promiscuous mode
[  287.348251][ T9902] team0: Port device team_slave_0 added
[  287.371381][ T9902] team0: Port device team_slave_1 added
[  287.403338][ T1171] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  287.412404][ T1171] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.459990][ T1171] usb 5-1: config 0 descriptor??
[  287.472872][ T9902] batman_adv: batadv0: Adding interface: batadv_slave_0
[  287.480477][ T9902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.509057][ T9902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  287.569115][ T9902] batman_adv: batadv0: Adding interface: batadv_slave_1
[  287.579237][ T9902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.609939][ T9902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  287.725015][ T9991] loop8: detected capacity change from 0 to 7
[  287.732374][ T9991] Dev loop8: unable to read RDB block 7
[  287.735045][ T9902] hsr_slave_0: entered promiscuous mode
[  287.738496][ T9991]  loop8: unable to read partition table
[  287.752850][ T9902] hsr_slave_1: entered promiscuous mode
[  287.753523][ T9991] loop8: partition table beyond EOD, truncated
[  287.766275][ T9991] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  287.766275][ T9991] 
) failed (rc=-5)
[  287.795786][ T9902] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  287.813363][ T9902] Cannot create hsr debugfs directory
[  287.840122][ T9676] veth0_macvtap: entered promiscuous mode
[  287.910847][ T1171] pegasus 5-1:0.0: probe with driver pegasus failed with error -71
[  287.942563][ T1171] usb 5-1: USB disconnect, device number 67
[  287.945089][ T9676] veth1_macvtap: entered promiscuous mode
[  288.030995][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.051695][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.068882][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.080453][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.091100][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.101811][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.111726][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.124751][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.136424][ T9676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.190589][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.210592][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.220712][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.238482][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.252588][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.264863][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.274820][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.291625][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.305112][ T9676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.369986][ T9676] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.379992][ T9676] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.392330][ T9676] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.409585][ T9676] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  288.925429][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.961169][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.134566][ T5249] Bluetooth: hci1: command tx timeout
[  289.195762][ T3037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.212518][ T3037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.452819][T10032] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  289.814510][T10056] program syz.1.728 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  289.816876][ T9902] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  289.854778][ T9902] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  289.873130][ T9902] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  289.903051][ T9902] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  290.023336][ T5295] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  290.061295][T10070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.099876][T10070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.171307][ T9902] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.196974][ T5295] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  290.209421][ T9902] 8021q: adding VLAN 0 to HW filter on device team0
[  290.228001][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  290.245281][ T5294] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  290.259508][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  290.278107][ T3040] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.285228][ T3040] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.309440][ T5295] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  290.334675][ T5291] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  290.341017][ T5295] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  290.359529][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.378472][ T5295] usb 3-1: config 0 descriptor??
[  290.378993][ T2573] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.390620][ T2573] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.421774][ T5294] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  290.433650][ T5294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  290.452099][ T5294] usb 5-1: Product: syz
[  290.458147][ T5294] usb 5-1: Manufacturer: syz
[  290.472113][ T5294] usb 5-1: SerialNumber: syz
[  290.501306][ T5294] usb 5-1: config 0 descriptor??
[  290.519610][ T5294] ch341 5-1:0.0: ch341-uart converter detected
[  290.555330][ T5291] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  290.580833][ T5291] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  290.592281][T10083] syzkaller0: entered promiscuous mode
[  290.598544][ T5291] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  290.610231][T10083] syzkaller0: entered allmulticast mode
[  290.618437][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.652220][T10071] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  290.664930][ T5291] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  290.745872][ T5294] usb 5-1: failed to receive control message: -121
[  290.762793][ T5294] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121
[  290.814786][ T5295] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  290.831017][ T5295] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  290.840163][ T5295] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  290.862147][ T5295] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  290.962040][T10068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.993677][T10068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.002015][ T5295] usb 2-1: USB disconnect, device number 51
[  291.039437][ T5244] usb 5-1: USB disconnect, device number 68
[  291.046209][T10058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.065660][ T5244] ch341 5-1:0.0: device disconnected
[  291.084742][T10098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.121218][T10058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.135718][T10098] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.215199][ T5249] Bluetooth: hci1: command tx timeout
[  291.484430][ T5295] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  291.644298][ T5295] usb 2-1: Using ep0 maxpacket: 16
[  291.657007][ T5295] usb 2-1: unable to get BOS descriptor or descriptor too short
[  291.672605][ T5295] usb 2-1: unable to read config index 0 descriptor/start: -71
[  291.681068][ T5295] usb 2-1: can't read configurations, error -71
[  291.906484][ T5294] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  292.099679][ T5294] usb 5-1: Using ep0 maxpacket: 16
[  292.113273][ T5294] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  292.130908][ T5294] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  292.142136][ T5294] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  292.160000][ T5294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.169005][ T5294] usb 5-1: Product: syz
[  292.173335][ T5294] usb 5-1: Manufacturer: syz
[  292.178027][ T5294] usb 5-1: SerialNumber: syz
[  292.538603][ T5294] usb 3-1: reset high-speed USB device number 42 using dummy_hcd
[  292.574565][ T5296] usb 5-1: USB disconnect, device number 69
[  293.284895][ T5249] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  293.296479][ T5249] Bluetooth: hci3: Injecting HCI hardware error event
[  293.308670][ T5255] Bluetooth: hci3: hardware error 0x00
[  293.445706][ T5296] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  293.613599][ T5296] usb 5-1: Using ep0 maxpacket: 8
[  293.630733][ T5296] usb 5-1: config 2 has an invalid interface descriptor of length 8, skipping
[  293.650646][ T5296] usb 5-1: config 2 descriptor has 1 excess byte, ignoring
[  293.665687][T10058] veth0: entered promiscuous mode
[  293.670988][ T5296] usb 5-1: config 2 has 0 interfaces, different from the descriptor's value: 1
[  293.680672][T10058] vlan2: entered promiscuous mode
[  293.713690][T10058] vlan2: entered allmulticast mode
[  293.720102][ T5296] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  293.733675][T10058] veth0: entered allmulticast mode
[  293.760023][ T5296] usb 5-1: New USB device strings: Mfr=0, Product=228, SerialNumber=0
[  293.784413][T10058] veth0: left allmulticast mode
[  293.789474][T10058] veth0: left promiscuous mode
[  293.803708][ T5296] usb 5-1: Product: syz
[  293.900383][ T9902] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.058090][ T9902] veth0_vlan: entered promiscuous mode
[  294.082673][ T9902] veth1_vlan: entered promiscuous mode
[  294.191772][ T9902] veth0_macvtap: entered promiscuous mode
[  294.238105][ T9902] veth1_macvtap: entered promiscuous mode
[  294.261716][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.272440][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.297896][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.337385][ T5249] Bluetooth: hci2: Malformed HCI Event: 0x22
[  294.344052][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.355022][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.362409][T10144] fuse: Bad value for 'fd'
[  294.365550][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.365581][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.365598][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.365614][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.365629][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.366968][ T9902] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.438762][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.449980][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.485881][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.518046][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.542924][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.565937][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.579652][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.608387][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.620331][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.641822][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.654714][ T9902] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.689401][ T9902] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.700819][ T9902] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.715355][ T9902] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.732408][ T9902] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.765252][ T1847] usb 5-1: USB disconnect, device number 70
[  294.816884][ T5291] usb 3-1: USB disconnect, device number 42
[  294.892679][T10150] syzkaller0: tun_chr_ioctl cmd 1074025677
[  294.921672][T10150] syzkaller0: linktype set to 65535
[  294.956475][T10155] netlink: 4096 bytes leftover after parsing attributes in process `syz.4.804'.
[  294.988120][T10155] openvswitch: netlink: Actions may not be safe on all matching packets
[  295.152467][ T3011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.179890][ T3011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.194838][ T5294] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  295.210176][ T8633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.224807][ T8633] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.276827][ T5291] usb 4-1: USB disconnect, device number 22
[  295.371890][ T5294] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02
[  295.386389][ T5294] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.413934][ T5255] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  295.425369][ T5294] usb 2-1: Product: syz
[  295.430319][ T5294] usb 2-1: Manufacturer: syz
[  295.435061][ T5294] usb 2-1: SerialNumber: syz
[  295.451722][ T5294] usb 2-1: config 0 descriptor??
[  295.496833][ T8633] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.662225][ T8633] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.785777][ T8633] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.814788][T10179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.833329][   T25] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  295.841930][T10179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.871871][ T1847] usb 2-1: USB disconnect, device number 54
[  295.883071][ T5249] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  295.904516][ T5249] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  295.912457][ T5249] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  295.929153][ T5249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  295.943144][ T5249] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  295.950872][ T5249] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  295.973363][   T25] usb 5-1: device descriptor read/64, error -71
[  296.021703][ T8633] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.044088][ T5291] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  296.176001][ T8633] bridge_slave_1: left allmulticast mode
[  296.181907][ T8633] bridge_slave_1: left promiscuous mode
[  296.187716][ T5291] usb 3-1: device descriptor read/64, error -71
[  296.202826][ T8633] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.215103][ T8633] bridge_slave_0: left allmulticast mode
[  296.220799][ T8633] bridge_slave_0: left promiscuous mode
[  296.226840][   T25] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  296.235411][ T8633] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.283387][    T8] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  296.365405][   T25] usb 5-1: device descriptor read/64, error -71
[  296.433672][ T5291] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  296.453640][    T8] usb 1-1: Using ep0 maxpacket: 32
[  296.460234][    T8] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  296.471921][    T8] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  296.475214][   T25] usb usb5-port1: attempt power cycle
[  296.482181][    T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  296.523751][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  296.540793][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  296.572038][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  296.582848][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  296.599921][ T5291] usb 3-1: device descriptor read/64, error -71
[  296.609288][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  296.628928][    T8] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  296.638182][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.669681][    T8] usb 1-1: config 0 descriptor??
[  296.726073][ T5291] usb usb3-port1: attempt power cycle
[  296.759098][T10190] netlink: 36 bytes leftover after parsing attributes in process `syz.1.815'.
[  296.770148][T10190] netlink: 16 bytes leftover after parsing attributes in process `syz.1.815'.
[  296.781297][T10190] netlink: 36 bytes leftover after parsing attributes in process `syz.1.815'.
[  296.790412][T10190] netlink: 36 bytes leftover after parsing attributes in process `syz.1.815'.
[  296.821908][ T8633] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.833563][   T25] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  296.855523][ T8633] bond0 (unregistering): Released all slaves
[  296.869151][   T25] usb 5-1: device descriptor read/8, error -71
[  296.902486][T10190] ip6gretap1: entered promiscuous mode
[  296.914550][T10190] ip6gretap1: entered allmulticast mode
[  296.998902][T10182] chnl_net:caif_netlink_parms(): no params data found
[  297.083317][ T5291] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  297.124755][ T5291] usb 3-1: device descriptor read/8, error -71
[  297.142021][   T25] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  297.196069][   T25] usb 5-1: device descriptor read/8, error -71
[  297.200877][    T8] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  297.250857][    T8] usb 1-1: USB disconnect, device number 32
[  297.263977][    T8] usblp0: removed
[  297.315192][   T25] usb usb5-port1: unable to enumerate USB device
[  297.373584][ T5291] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  297.414994][ T5291] usb 3-1: device descriptor read/8, error -71
[  297.449537][T10182] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.484301][T10182] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.500373][T10182] bridge_slave_0: entered allmulticast mode
[  297.530900][T10182] bridge_slave_0: entered promiscuous mode
[  297.548067][ T5291] usb usb3-port1: unable to enumerate USB device
[  297.565450][T10182] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.597304][T10182] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.607403][T10182] bridge_slave_1: entered allmulticast mode
[  297.638367][T10182] bridge_slave_1: entered promiscuous mode
[  297.734645][T10182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.756823][ T8633] hsr_slave_0: left promiscuous mode
[  297.781550][ T8633] hsr_slave_1: left promiscuous mode
[  297.804412][ T8633] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  297.821178][ T8633] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.829290][ T8633] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.837221][ T8633] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.856502][ T8633] veth1_macvtap: left promiscuous mode
[  297.862038][ T8633] veth0_macvtap: left promiscuous mode
[  297.868130][ T8633] veth1_vlan: left promiscuous mode
[  297.874647][ T8633] veth0_vlan: left promiscuous mode
[  298.003545][ T5255] Bluetooth: hci4: command tx timeout
[  298.843342][   T25] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  299.015872][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.044859][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.093823][   T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  299.137576][ T8633] team0 (unregistering): Port device team_slave_1 removed
[  299.143387][   T25] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  299.180775][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.213489][ T8633] team0 (unregistering): Port device team_slave_0 removed
[  299.224717][   T25] usb 1-1: config 0 descriptor??
[  299.441586][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  299.773475][   T25] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[  299.795559][   T25] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  300.072851][T10182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  300.083788][ T5255] Bluetooth: hci4: command tx timeout
[  300.107774][ T5295] usb 1-1: USB disconnect, device number 33
[  300.123694][   T25] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  300.220272][T10182] team0: Port device team_slave_0 added
[  300.262940][T10182] team0: Port device team_slave_1 added
[  300.293374][   T25] usb 5-1: Using ep0 maxpacket: 8
[  300.305169][   T25] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  300.319787][   T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  300.332421][   T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  300.345392][T10182] batman_adv: batadv0: Adding interface: batadv_slave_0
[  300.356333][T10182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.382315][    C1] vkms_vblank_simulate: vblank timer overrun
[  300.388874][   T25] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  300.403819][   T25] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  300.413039][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.422940][T10182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  300.464212][ T5244] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  300.491561][T10182] batman_adv: batadv0: Adding interface: batadv_slave_1
[  300.512032][T10182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.540127][T10182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  300.614357][ T5244] usb 3-1: Using ep0 maxpacket: 32
[  300.622522][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.634331][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.647506][   T25] usb 5-1: GET_CAPABILITIES returned 0
[  300.654829][   T25] usbtmc 5-1:16.0: can't read capabilities
[  300.685710][ T5244] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  300.713615][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.755113][ T5244] usb 3-1: config 0 descriptor??
[  300.755455][T10182] hsr_slave_0: entered promiscuous mode
[  300.766749][ T5244] hub 3-1:0.0: USB hub found
[  300.803025][T10182] hsr_slave_1: entered promiscuous mode
[  300.854497][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  300.865703][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  300.874840][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  300.883953][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  300.893250][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  300.902589][    C1] vkms_vblank_simulate: vblank timer overrun
[  300.924767][   T25] usb 5-1: USB disconnect, device number 75
[  300.967823][ T5244] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  301.001940][ T5244] usbhid 3-1:0.0: can't add hid device: -71
[  301.008282][ T5244] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  301.054407][ T5244] usb 3-1: USB disconnect, device number 47
[  301.523464][   T25] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  301.703372][   T25] usb 1-1: Using ep0 maxpacket: 32
[  301.731448][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  301.753707][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  301.789720][   T25] usb 1-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  301.863482][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.910274][   T25] usb 1-1: config 0 descriptor??
[  301.933382][T10298] mmap: syz.2.832 (10298) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  302.038101][T10301] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  302.143798][T10182] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  302.186181][ T5255] Bluetooth: hci4: command tx timeout
[  302.329512][T10182] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  302.379509][T10182] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  302.412568][   T25] hkems 0003:2006:0118.001A: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.0-1/input0
[  302.424905][   T25] hkems 0003:2006:0118.001A: no inputs found
[  302.430914][   T25] hkems 0003:2006:0118.001A: force feedback init failed
[  302.495235][T10182] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  302.643971][ T5244] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  302.656487][T10182] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.681554][T10182] 8021q: adding VLAN 0 to HW filter on device team0
[  302.694969][ T8633] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.702176][ T8633] bridge0: port 1(bridge_slave_0) entered forwarding state
[  302.726268][ T8633] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.733476][ T8633] bridge0: port 2(bridge_slave_1) entered forwarding state
[  302.793741][ T5244] usb 5-1: device descriptor read/64, error -71
[  302.878556][T10182] 8021q: adding VLAN 0 to HW filter on device batadv0
[  302.913161][T10182] veth0_vlan: entered promiscuous mode
[  302.936085][T10182] veth1_vlan: entered promiscuous mode
[  303.005009][T10182] veth0_macvtap: entered promiscuous mode
[  303.043502][ T5244] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  303.048048][T10182] veth1_macvtap: entered promiscuous mode
[  303.123103][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.135569][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.145902][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.156771][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.173253][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.174127][ T5244] usb 5-1: device descriptor read/64, error -71
[  303.203446][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.222290][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.237708][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.256204][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.256246][T10344] program syz.2.841 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  303.267687][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.295214][T10182] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.303654][ T5244] usb usb5-port1: attempt power cycle
[  303.305399][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.319908][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.330132][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.334585][ T5295] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  303.340783][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.358256][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.368852][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.378830][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.389331][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.399266][T10182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.409799][T10182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.421657][T10182] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.440324][T10182] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.450638][T10182] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.459941][T10182] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.477041][T10182] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  303.495822][ T5295] usb 2-1: config 5 has an invalid interface number: 241 but max is 2
[  303.515884][ T5295] usb 2-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  303.546350][ T5295] usb 2-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  303.571784][ T5295] usb 2-1: config 5 has an invalid interface number: 9 but max is 2
[  303.599746][ T5295] usb 2-1: config 5 has an invalid interface number: 158 but max is 2
[  303.633914][ T5295] usb 2-1: config 5 has an invalid descriptor of length 36, skipping remainder of the config
[  303.660416][ T3011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.660416][ T5295] usb 2-1: config 5 has no interface number 0
[  303.660442][ T5295] usb 2-1: config 5 has no interface number 1
[  303.675606][ T5244] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  303.695940][ T3011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.722652][ T5295] usb 2-1: config 5 has no interface number 2
[  303.734392][ T5244] usb 5-1: device descriptor read/8, error -71
[  303.753171][ T5295] usb 2-1: config 5 interface 241 altsetting 3 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  303.761115][ T3040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.772096][ T5295] usb 2-1: config 5 interface 241 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  303.782741][ T3040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.799144][ T5295] usb 2-1: config 5 interface 241 altsetting 3 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  303.823644][ T5295] usb 2-1: config 5 interface 9 altsetting 7 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  303.847220][ T5295] usb 2-1: config 5 interface 9 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  303.873340][ T5295] usb 2-1: config 5 interface 9 altsetting 7 has an endpoint descriptor with address 0xA9, changing to 0x89
[  303.903621][ T5295] usb 2-1: config 5 interface 9 altsetting 7 has a duplicate endpoint with address 0x89, skipping
[  303.933491][ T5295] usb 2-1: config 5 interface 9 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[  303.973343][ T5244] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  303.981379][ T5295] usb 2-1: config 5 interface 9 altsetting 7 has 10 endpoint descriptors, different from the interface descriptor's value: 9
[  303.999349][ T5244] usb 5-1: device descriptor read/8, error -71
[  304.017028][ T5295] usb 2-1: config 5 interface 241 has no altsetting 0
[  304.024664][ T5295] usb 2-1: config 5 interface 9 has no altsetting 0
[  304.043665][ T5295] usb 2-1: config 5 interface 158 has no altsetting 0
[  304.055181][ T5295] usb 2-1: New USB device found, idVendor=174c, idProduct=55aa, bcdDevice= 1.00
[  304.065225][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.073825][ T5295] usb 2-1: Product: ц
[  304.080685][ T5295] usb 2-1: SerialNumber: Ñ„
[  304.123576][ T5244] usb usb5-port1: unable to enumerate USB device
[  304.244416][ T5255] Bluetooth: hci4: command tx timeout
[  304.253322][    T8] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  304.256432][ T3040] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.302987][ T5296] usb 1-1: USB disconnect, device number 34
[  304.384474][    T8] usb 4-1: device descriptor read/64, error -71
[  304.410657][ T3040] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.546341][ T3040] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.633350][    T8] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  304.674595][ T3040] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.793324][    T8] usb 4-1: device descriptor read/64, error -71
[  304.916281][ T5249] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  304.933974][    T8] usb usb4-port1: attempt power cycle
[  304.934176][ T5249] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  304.950182][ T5249] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  304.958284][ T3040] bridge_slave_1: left allmulticast mode
[  304.970044][ T5249] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  304.982980][ T5249] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  304.987329][ T3040] bridge_slave_1: left promiscuous mode
[  304.993472][ T5295] usb-storage 2-1:5.241: USB Mass Storage device detected
[  305.008771][ T5249] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  305.023811][ T5295] usb-storage 2-1:5.241: Quirks match for vid 174c pid 55aa: 400000
[  305.096218][ T3040] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.146564][ T3040] bridge_slave_0: left allmulticast mode
[  305.173953][ T5295] usb-storage 2-1:5.9: USB Mass Storage device detected
[  305.183461][ T3040] bridge_slave_0: left promiscuous mode
[  305.189324][ T3040] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.229205][ T5295] usb-storage 2-1:5.9: Quirks match for vid 174c pid 55aa: 400000
[  305.332259][ T5295] usb-storage 2-1:5.158: USB Mass Storage device detected
[  305.344627][    T8] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  305.378950][    T8] usb 4-1: device descriptor read/8, error -71
[  305.390463][ T5295] usb-storage 2-1:5.158: Quirks match for vid 174c pid 55aa: 400000
[  305.489973][ T5295] usb 2-1: USB disconnect, device number 55
[  305.644189][    T8] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  305.679095][    T8] usb 4-1: device descriptor read/8, error -71
[  305.807154][    T8] usb usb4-port1: unable to enumerate USB device
[  305.826549][ T5295] usb 2-1: new full-speed USB device number 56 using dummy_hcd
[  305.874234][ T1171] usb 5-1: new low-speed USB device number 80 using dummy_hcd
[  305.943633][ T3040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  305.956532][ T3040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  305.968184][ T3040] bond0 (unregistering): Released all slaves
[  305.985517][ T5295] usb 2-1: unable to read config index 0 descriptor/start: -61
[  306.000329][ T5295] usb 2-1: can't read configurations, error -61
[  306.013467][ T1171] usb 5-1: device descriptor read/64, error -71
[  306.133420][ T5295] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[  306.155280][T10413] program syz.0.851 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  306.273909][ T1171] usb 5-1: new low-speed USB device number 81 using dummy_hcd
[  306.338594][ T5295] usb 2-1: unable to read config index 0 descriptor/start: -61
[  306.352200][T10422] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  306.366269][ T5295] usb 2-1: can't read configurations, error -61
[  306.376427][T10387] chnl_net:caif_netlink_parms(): no params data found
[  306.378898][T10422] [U] J"—e:ÀÆ"


[  306.387890][ T5295] usb usb2-port1: attempt power cycle
[  306.403419][ T1171] usb 5-1: device descriptor read/64, error -71
[  306.466625][ T3040] hsr_slave_0: left promiscuous mode
[  306.476240][ T3040] hsr_slave_1: left promiscuous mode
[  306.489456][ T3040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  306.503735][ T3040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  306.513669][ T1171] usb usb5-port1: attempt power cycle
[  306.530704][ T3040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  306.559989][ T3040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  306.635129][ T3040] veth1_macvtap: left promiscuous mode
[  306.640702][ T3040] veth0_macvtap: left promiscuous mode
[  306.653579][ T3040] veth1_vlan: left promiscuous mode
[  306.658908][ T3040] veth0_vlan: left promiscuous mode
[  306.733434][ T5295] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[  306.785389][ T5295] usb 2-1: unable to read config index 0 descriptor/start: -61
[  306.804112][ T5295] usb 2-1: can't read configurations, error -61
[  306.863389][ T1171] usb 5-1: new low-speed USB device number 82 using dummy_hcd
[  306.885798][ T1171] usb 5-1: device descriptor read/8, error -71
[  306.943541][ T5295] usb 2-1: new full-speed USB device number 59 using dummy_hcd
[  306.976889][ T5295] usb 2-1: unable to read config index 0 descriptor/start: -61
[  306.996658][ T5295] usb 2-1: can't read configurations, error -61
[  307.014773][ T5295] usb usb2-port1: unable to enumerate USB device
[  307.050818][ T5255] Bluetooth: hci2: command tx timeout
[  307.133435][ T1171] usb 5-1: new low-speed USB device number 83 using dummy_hcd
[  307.165047][ T1171] usb 5-1: device descriptor read/8, error -71
[  307.283671][ T1171] usb usb5-port1: unable to enumerate USB device
[  307.303509][ T5295] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  307.314943][ T3040] team0 (unregistering): Port device team_slave_1 removed
[  307.362503][ T3040] team0 (unregistering): Port device team_slave_0 removed
[  307.443745][ T5295] usb 1-1: device descriptor read/64, error -71
[  307.683769][ T5295] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  307.813443][ T5295] usb 1-1: device descriptor read/64, error -71
[  307.864723][T10387] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.881052][T10387] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.889061][T10387] bridge_slave_0: entered allmulticast mode
[  307.902593][T10387] bridge_slave_0: entered promiscuous mode
[  307.910903][T10387] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.918747][T10387] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.927134][T10387] bridge_slave_1: entered allmulticast mode
[  307.933635][ T5295] usb usb1-port1: attempt power cycle
[  307.941760][T10387] bridge_slave_1: entered promiscuous mode
[  307.999800][T10387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.050826][T10387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.130943][T10387] team0: Port device team_slave_0 added
[  308.157835][T10387] team0: Port device team_slave_1 added
[  308.204226][ T1171] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  308.235927][T10387] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.243121][T10387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.274402][ T5295] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  308.276665][T10387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.298870][T10387] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.308016][ T5295] usb 1-1: device descriptor read/8, error -71
[  308.319418][T10387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.347536][T10387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.363393][ T1171] usb 4-1: Using ep0 maxpacket: 8
[  308.376114][ T1171] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  308.386908][ T1171] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  308.409693][ T1171] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  308.420083][ T1171] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  308.436503][ T1171] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  308.448374][ T1171] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.459129][T10387] hsr_slave_0: entered promiscuous mode
[  308.484866][T10387] hsr_slave_1: entered promiscuous mode
[  308.500498][T10387] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  308.508462][T10387] Cannot create hsr debugfs directory
[  308.523350][   T25] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  308.566126][ T5295] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  308.602742][ T5295] usb 1-1: device descriptor read/8, error -71
[  308.683632][   T25] usb 2-1: Using ep0 maxpacket: 32
[  308.710257][ T1171] usb 4-1: GET_CAPABILITIES returned 0
[  308.721891][ T5295] usb usb1-port1: unable to enumerate USB device
[  308.731482][   T25] usb 2-1: config 0 has an invalid interface number: 202 but max is 0
[  308.742191][ T1171] usbtmc 4-1:16.0: can't read capabilities
[  308.749955][   T25] usb 2-1: config 0 has no interface number 0
[  308.763998][   T25] usb 2-1: config 0 interface 202 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  308.782925][   T25] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  308.792559][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.805034][   T25] usb 2-1: Product: syz
[  308.814228][   T25] usb 2-1: Manufacturer: syz
[  308.819263][   T25] usb 2-1: SerialNumber: syz
[  308.839383][   T25] usb 2-1: config 0 descriptor??
[  308.881435][   T25] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  309.133797][ T5255] Bluetooth: hci2: command tx timeout
[  309.263070][T10481] usb 4-1: usbtmc_ioctl_clear_in_halt returned -32
[  309.596076][T10387] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  309.636290][T10387] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  309.673033][T10387] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  309.693496][T10387] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  309.927764][ T3011] usb 2-1: Failed to submit usb control message: -110
[  309.977639][ T3011] usb 2-1: unable to send the bmi data to the device: -110
[  310.005993][T10387] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.026353][ T3011] usb 2-1: unable to get target info from device
[  310.051528][ T3011] usb 2-1: could not get target info (-110)
[  310.060526][T10387] 8021q: adding VLAN 0 to HW filter on device team0
[  310.088602][ T3011] usb 2-1: could not probe fw (-110)
[  310.110845][ T8633] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.117986][ T8633] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.139209][T10495] program syz.0.861 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  310.201907][ T3011] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.209162][ T3011] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.306300][T10498] netlink: 'syz.0.862': attribute type 1 has an invalid length.
[  310.322631][T10498] netlink: 8 bytes leftover after parsing attributes in process `syz.0.862'.
[  310.393345][ T1171] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  310.458304][T10387] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.555904][ T1171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  310.586725][ T1171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  310.607603][ T1171] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  310.620220][T10387] veth0_vlan: entered promiscuous mode
[  310.646252][ T1171] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  310.669729][ T1171] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.696937][ T1171] usb 5-1: config 0 descriptor??
[  310.709295][T10387] veth1_vlan: entered promiscuous mode
[  310.826705][T10387] veth0_macvtap: entered promiscuous mode
[  310.843021][T10387] veth1_macvtap: entered promiscuous mode
[  310.871421][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.892288][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.912008][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.935912][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.952126][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.983308][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.017551][ T5244] usb 4-1: USB disconnect, device number 27
[  311.033392][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.058391][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.073019][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.100122][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.123816][ T1171] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x4
[  311.144396][ T1171] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  311.152028][ T1171] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  311.159801][ T1171] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  311.169159][ T1171] plantronics 0003:047F:FFFF.001B: No inputs registered, leaving
[  311.191037][T10387] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.203988][ T5255] Bluetooth: hci2: command tx timeout
[  311.213077][ T1171] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  311.291685][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.299435][   T29] audit: type=1326 audit(1727599272.936:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  311.357655][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.392003][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.410865][   T29] audit: type=1326 audit(1727599272.986:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  311.415345][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.450925][ T5294] usb 2-1: USB disconnect, device number 60
[  311.483006][   T29] audit: type=1326 audit(1727599272.996:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  311.483912][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.536987][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.547418][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.559152][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.569905][T10387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.583157][T10529] tipc: Failed to remove unknown binding: 66,1,1/0:301151170/301151172
[  311.593855][T10529] tipc: Failed to remove unknown binding: 66,1,1/0:301151170/301151172
[  311.610234][T10387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.625416][T10529] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.638879][T10387] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.695554][T10529] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.723328][ T1171] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  311.741979][T10387] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.783154][T10387] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.802360][T10387] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.824310][T10537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.836768][T10387] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.875869][T10537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.907161][ T1171] usb 4-1: unable to get BOS descriptor or descriptor too short
[  311.930223][ T1171] usb 4-1: config 3 has an invalid interface number: 137 but max is 0
[  311.946472][ T1171] usb 4-1: config 3 has no interface number 0
[  311.965564][T10539] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  311.993569][ T1171] usb 4-1: config 3 interface 137 has no altsetting 0
[  312.007783][T10539] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  312.022369][ T1171] usb 4-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=78.12
[  312.067044][ T1171] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.097572][   T29] audit: type=1326 audit(1727599273.746:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.114799][ T1171] usb 4-1: Product: syz
[  312.141774][   T29] audit: type=1326 audit(1727599273.766:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.154416][ T1171] usb 4-1: Manufacturer: syz
[  312.179488][ T1171] usb 4-1: SerialNumber: syz
[  312.189120][ T3040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.236847][ T3040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.333014][ T3011] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.358497][ T3011] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.481988][T10493] usb 5-1: string descriptor 0 read error: -71
[  312.517430][   T29] audit: type=1326 audit(1727599274.156:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.521409][T10521] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.604334][   T29] audit: type=1326 audit(1727599274.156:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.627968][T10521] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.693316][   T29] audit: type=1326 audit(1727599274.156:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.693492][ T5244] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  312.804356][   T29] audit: type=1326 audit(1727599274.156:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.849683][   T29] audit: type=1326 audit(1727599274.156:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19ed57dff9 code=0x7ffc0000
[  312.876577][ T1171] ldusb 4-1:3.137: Interrupt in endpoint not found
[  312.903521][ T5244] usb 1-1: Using ep0 maxpacket: 16
[  312.914980][ T1171] usb 4-1: USB disconnect, device number 28
[  312.921422][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.966032][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.976040][   T25] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  312.984965][ T5244] usb 1-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  312.994421][ T5244] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.006855][ T5244] usb 1-1: config 0 descriptor??
[  313.165875][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.177166][   T25] usb 3-1: config 0 has no interfaces?
[  313.189991][   T25] usb 3-1: New USB device found, idVendor=44b7, idProduct=0000, bcdDevice= 0.00
[  313.219300][ T5244] usb 1-1: string descriptor 0 read error: -71
[  313.230467][ T5244] usbhid 1-1:0.0: can't add hid device: -71
[  313.243540][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  313.254532][ T5244] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  313.267141][ T6346] usb 5-1: USB disconnect, device number 84
[  313.276389][   T25] usb 3-1: SerialNumber: syz
[  313.284634][ T5255] Bluetooth: hci2: command tx timeout
[  313.295918][ T5244] usb 1-1: USB disconnect, device number 39
[  313.322861][   T25] usb 3-1: config 0 descriptor??
[  313.805146][T10596] netlink: 'syz.1.876': attribute type 12 has an invalid length.
[  313.814839][    T8] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  313.839044][T10596] netlink: 'syz.1.876': attribute type 11 has an invalid length.
[  313.883934][T10596] netlink: 190580 bytes leftover after parsing attributes in process `syz.1.876'.
[  313.983403][    T8] usb 4-1: Using ep0 maxpacket: 8
[  313.994163][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.023081][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.062036][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  314.085126][    T8] usb 4-1: New USB device found, idVendor=1b96, idProduct=0010, bcdDevice= 0.00
[  314.094614][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.105037][ T5296] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  314.116815][ T6346] usb 3-1: USB disconnect, device number 48
[  314.137521][    T8] usb 4-1: config 0 descriptor??
[  314.183394][ T5244] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  314.293588][ T5296] usb 2-1: Using ep0 maxpacket: 16
[  314.307792][ T5296] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  314.329856][ T5296] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  314.339101][ T5296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.364605][ T5244] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  314.366606][ T5296] usb 2-1: config 0 descriptor??
[  314.377394][ T5244] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  314.383794][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.402675][ T5244] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  314.412405][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.427723][T10602] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  314.449973][ T5244] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  314.457289][   T25] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  314.466329][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.483316][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.491587][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.514744][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.546457][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.560569][    T8] ntrig 0003:1B96:0010.001C: unknown main item tag 0x0
[  314.575505][    T8] ntrig 0003:1B96:0010.001C: hidraw0: USB HID v0.00 Device [HID 1b96:0010] on usb-dummy_hcd.3-1/input0
[  314.597703][    T8] ntrig 0003:1B96:0010.001C: Firmware version: 1.10.3.62.2 (e8d3 c277)
[  314.615044][   T25] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  314.633311][   T25] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  314.669328][ T5244] usb 5-1: USB disconnect, device number 85
[  314.681191][   T25] usb 1-1: New USB device found, idVendor=44b7, idProduct=0000, bcdDevice= 0.00
[  314.762568][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  314.805161][ T6346] usb 4-1: USB disconnect, device number 29
[  314.828515][ T5296] usbhid 2-1:0.0: can't add hid device: -71
[  314.834537][   T25] usb 1-1: SerialNumber: syz
[  314.864199][ T5296] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  314.906865][ T5296] usb 2-1: USB disconnect, device number 61
[  314.986035][T10615] netlink: 'syz.2.880': attribute type 1 has an invalid length.
[  314.998940][T10615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.880'.
[  315.015087][T10614] netlink: 16 bytes leftover after parsing attributes in process `syz.1.881'.
[  315.109529][T10614] REæ6G: entered promiscuous mode
[  315.122937][T10618] netlink: 20 bytes leftover after parsing attributes in process `syz.2.882'.
[  315.146075][T10618] vlan2: entered promiscuous mode
[  315.151188][T10618] vlan2: entered allmulticast mode
[  315.233957][ T5244] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  315.347293][T10621] bond1: entered promiscuous mode
[  315.352586][T10621] bond1: entered allmulticast mode
[  315.358224][T10621] 8021q: adding VLAN 0 to HW filter on device bond1
[  315.416623][ T5244] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  315.428694][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  315.439944][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  315.454696][ T5244] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  315.468063][ T5244] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  315.520969][T10627] delete_channel: no stack
[  315.557769][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.649747][ T5244] usb 5-1: config 0 descriptor??
[  315.812917][T10621] bond1 (unregistering): Released all slaves
[  316.117945][ T5244] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[  316.152502][ T5244] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[  316.244542][ T5244] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  316.763577][ T5244] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  316.843863][ T6346] usb 5-1: USB disconnect, device number 86
[  316.946671][ T5244] usb 3-1: Using ep0 maxpacket: 16
[  317.091706][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.102951][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  317.112956][ T5244] usb 3-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  317.122203][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.146956][ T5244] usb 3-1: config 0 descriptor??
[  317.154407][   T25] usb 1-1: USB disconnect, device number 40
[  317.381463][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  317.396859][T10657] loop8: detected capacity change from 0 to 7
[  317.400372][ T5244] usb 3-1: string descriptor 0 read error: -71
[  317.423542][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  317.463173][ T5244] usbhid 3-1:0.0: can't add hid device: -71
[  317.479397][ T5244] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  317.495705][ T7454] udevd[7454]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  317.526334][T10657] Dev loop8: unable to read RDB block 7
[  317.532045][T10657]  loop8: unable to read partition table
[  317.538669][T10657] loop8: partition table beyond EOD, truncated
[  317.545313][T10657] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  317.545313][T10657] 
) failed (rc=-5)
[  317.630766][ T5244] usb 3-1: USB disconnect, device number 49
[  318.643943][ T1171] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  318.813734][ T1171] usb 5-1: Using ep0 maxpacket: 8
[  318.837581][ T1171] usb 5-1: config 150 has an invalid interface number: 204 but max is 1
[  318.865640][ T1171] usb 5-1: config 150 has no interface number 0
[  318.891235][ T1171] usb 5-1: config 150 interface 204 has no altsetting 0
[  318.937504][ T1171] usb 5-1: config 150 interface 1 has no altsetting 0
[  318.975589][ T1171] usb 5-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  319.057815][ T1171] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.095391][ T1171] usb 5-1: Product: syz
[  319.099610][ T1171] usb 5-1: Manufacturer: syz
[  319.125851][ T1171] usb 5-1: SerialNumber: syz
[  319.328659][ T5296] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  319.364515][T10718] netlink: 4 bytes leftover after parsing attributes in process `syz.0.914'.
[  319.404709][ T1171] xr_serial 5-1:150.204: xr_serial converter detected
[  319.473379][ T6346] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  319.555920][ T5296] usb 4-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  319.568280][ T5296] usb 4-1: config 36 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  319.593102][ T5296] usb 4-1: config 36 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  319.623291][ T6346] usb 3-1: Using ep0 maxpacket: 16
[  319.635628][ T6346] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.636628][ T5296] usb 4-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  319.669004][ T6346] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.669014][ T5296] usb 4-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  319.669037][ T5296] usb 4-1: Manufacturer: syz
[  319.707983][ T5296] usb 4-1: SerialNumber: syz
[  319.751018][ T6346] usb 3-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  319.773100][ T6346] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.806488][ T6346] usb 3-1: config 0 descriptor??
[  319.941901][ T5296] yealink 4-1:36.0: invalid payload size 0, expected 16
[  319.953687][ T5296] input: Yealink usb-p1k as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:36.0/input/input19
[  319.963547][   T25] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  320.022355][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.029394][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.036598][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.043622][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.050610][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.057659][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.064661][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.071678][    C0] yealink 4-1:36.0: urb_ctl_callback - urb status -71
[  320.078448][    C0] yealink 4-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  320.093491][ T5296] usb 4-1: USB disconnect, device number 30
[  320.125076][ T6346] usb 3-1: string descriptor 0 read error: -71
[  320.173696][ T6346] usbhid 3-1:0.0: can't add hid device: -71
[  320.184105][ T6346] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  320.197158][   T25] usb 1-1: Using ep0 maxpacket: 8
[  320.213169][   T25] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  320.229753][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  320.245175][T10685] binder: 10684:10685 ioctl 4008ae9c 20000040 returned -22
[  320.249671][   T25] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  320.268376][ T6346] usb 3-1: USB disconnect, device number 50
[  320.274784][ T1171] xr_serial ttyUSB0: Failed to set reg 0x0e: -71
[  320.284094][ T1171] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  320.292524][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  320.306053][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  320.321508][ T1171] usb 5-1: USB disconnect, device number 87
[  320.337369][ T1171] xr_serial 5-1:150.204: device disconnected
[  320.350270][   T25] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  320.358538][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  320.370088][   T25] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  320.382063][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  320.393409][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  320.433118][   T25] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  320.440597][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  320.451897][   T25] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  320.466904][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  320.479470][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  320.522801][   T25] usb 1-1: string descriptor 0 read error: -22
[  320.529458][   T25] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  320.539995][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.560212][   T25] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  320.710827][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4d00000000
[  320.720183][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4e00000080
[  320.737358][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0xa900000000
[  320.749509][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0xfe00000000
[  320.761111][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x12a00000080
[  320.773902][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x13200000080
[  320.793401][ T6346] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  320.808495][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x16a00000080
[  320.829077][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x18a00000000
[  320.846761][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x1c600000080
[  320.858217][T10735] kvm: kvm [10732]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x1c700000000
[  321.004798][ T6346] usb 2-1: Using ep0 maxpacket: 8
[  321.012731][ T6346] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  321.029989][ T6346] usb 2-1: config 0 interface 0 altsetting 128 bulk endpoint 0x81 has invalid maxpacket 0
[  321.040128][ T6346] usb 2-1: config 0 interface 0 has no altsetting 0
[  321.044750][T10741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.060283][ T6346] usb 2-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00
[  321.069453][ T6346] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.078884][ T6346] usb 2-1: config 0 descriptor??
[  321.091287][ T6346] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  321.108561][T10741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.295782][T10731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.321815][T10731] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.842715][T10750] netlink: 44 bytes leftover after parsing attributes in process `syz.4.923'.
[  322.153308][ T6346] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  322.335969][ T6346] usb 4-1: Using ep0 maxpacket: 8
[  322.350690][ T6346] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  322.365953][ T6346] usb 4-1: config 179 has no interface number 0
[  322.372396][ T6346] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  322.384838][ T6346] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  322.408660][ T6346] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  322.423337][ T6346] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  322.435332][ T6346] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  322.457549][ T6346] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  322.471151][ T6346] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.495116][T10753] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22
[  322.515559][ T5296] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  322.685526][ T5296] usb 5-1: Using ep0 maxpacket: 32
[  322.723583][ T5296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.733933][ T6346] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input20
[  322.767836][ T5296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  322.789093][ T5296] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  322.806103][ T5291] usb 1-1: USB disconnect, device number 41
[  322.874117][ T5296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.919824][ T5296] usb 5-1: config 0 descriptor??
[  322.935498][ T5296] hub 5-1:0.0: USB hub found
[  322.938566][ T6346] usb 4-1: USB disconnect, device number 31
[  322.940159][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  322.940201][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  322.997914][ T6346] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  323.136625][ T5296] hub 5-1:0.0: 1 port detected
[  323.363567][   T25] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  323.513845][   T25] usb 1-1: Using ep0 maxpacket: 16
[  323.520373][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.520408][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.520443][   T25] usb 1-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  323.520469][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.522161][   T25] usb 1-1: config 0 descriptor??
[  323.523436][    T8] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  323.580476][ T5296] usb 2-1: USB disconnect, device number 62
[  323.703661][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  323.727579][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  323.742175][   T25] usb 1-1: string descriptor 0 read error: -71
[  323.749243][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  323.775962][    T8] usb 3-1: New USB device found, idVendor=707f, idProduct=133b, bcdDevice= 0.cd
[  323.778755][   T25] usbhid 1-1:0.0: can't add hid device: -71
[  323.792334][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.796355][   T25] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  323.803895][    T8] usb 3-1: config 0 descriptor??
[  323.814885][T10774] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  323.825741][    T8] usbhid 3-1:0.0: can't add hid device: -22
[  323.831821][    T8] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  323.862620][   T25] usb 1-1: USB disconnect, device number 42
[  323.908858][T10785] netlink: 4 bytes leftover after parsing attributes in process `syz.1.932'.
[  323.918770][T10785] netlink: 'syz.1.932': attribute type 14 has an invalid length.
[  323.927099][T10785] netlink: 'syz.1.932': attribute type 11 has an invalid length.
[  323.942031][T10785] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  323.951089][T10785] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  323.959876][T10785] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  323.968642][T10785] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  323.984265][T10785] vxlan0: entered promiscuous mode
[  324.724570][ T1847] hub 5-1:0.0: hub_ext_port_status failed (err = -32)
[  324.807365][ T5291] usb 5-1: USB disconnect, device number 88
[  325.593539][ T6346] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  325.764570][ T6346] usb 5-1: Using ep0 maxpacket: 16
[  325.774299][ T6346] usb 5-1: config 0 interface 0 has no altsetting 0
[  325.783839][ T6346] usb 5-1: New USB device found, idVendor=05ac, idProduct=abdf, bcdDevice=3d.49
[  325.796615][ T6346] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.807527][ T6346] usb 5-1: Product: syz
[  325.811815][ T6346] usb 5-1: Manufacturer: syz
[  325.817420][ T6346] usb 5-1: SerialNumber: syz
[  325.827477][ T6346] usb 5-1: config 0 descriptor??
[  325.836758][ T6346] ipheth 5-1:0.0: Unable to find endpoints
[  325.878133][T10822] netlink: 96 bytes leftover after parsing attributes in process `syz.0.944'.
[  326.142982][ T6346] usb 5-1: USB disconnect, device number 89
[  326.385829][ T5291] usb 3-1: USB disconnect, device number 51
[  326.638984][T10842] netlink: 12 bytes leftover after parsing attributes in process `syz.0.951'.
[  326.644023][ T2573] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  326.673316][ T2573] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.855019][ T2573] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  326.887704][ T2573] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.010826][ T2573] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.043679][ T2573] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.142788][ T5249] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  327.161462][ T5249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  327.175414][ T5249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  327.185023][ T5249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  327.211852][ T5249] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  327.219518][ T5249] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  327.261599][    T8] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  327.281695][ T2573] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.292403][ T2573] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.403363][    T8] usb 5-1: device descriptor read/64, error -71
[  327.453309][ T5296] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  327.623352][ T5296] usb 1-1: Using ep0 maxpacket: 32
[  327.634887][ T5296] usb 1-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  327.649114][    T8] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  327.657956][ T2573] bridge_slave_1: left allmulticast mode
[  327.674603][ T5296] usb 1-1: New USB device found, idVendor=041e, idProduct=3f19, bcdDevice=a7.3a
[  327.681723][ T2573] bridge_slave_1: left promiscuous mode
[  327.690483][ T2573] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.703257][ T5296] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.723596][ T5296] usb 1-1: Product: syz
[  327.727890][ T5296] usb 1-1: Manufacturer: syz
[  327.732512][ T5296] usb 1-1: SerialNumber: syz
[  327.741695][ T2573] bridge_slave_0: left allmulticast mode
[  327.745003][ T5296] usb 1-1: config 0 descriptor??
[  327.761698][ T2573] bridge_slave_0: left promiscuous mode
[  327.783954][ T2573] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.813738][    T8] usb 5-1: device descriptor read/64, error -71
[  327.924241][    T8] usb usb5-port1: attempt power cycle
[  327.960658][ T5296] usb 1-1: unknown interface protocol 0x71, assuming v1
[  327.974615][ T5296] usb 1-1: 0:2 : does not exist
[  328.005308][ T5296] usb 1-1: USB disconnect, device number 43
[  328.080615][ T7454] udevd[7454]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  328.281904][    T8] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  328.314252][    T8] usb 5-1: device descriptor read/8, error -71
[  328.508095][ T2573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.520911][ T2573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.534585][ T2573] bond0 (unregistering): Released all slaves
[  328.551435][T10863] chnl_net:caif_netlink_parms(): no params data found
[  328.557069][    T8] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[  328.600648][ T2573] REæ6G: left promiscuous mode
[  328.603951][    T8] usb 5-1: device descriptor read/8, error -71
[  328.733632][    T8] usb usb5-port1: unable to enumerate USB device
[  328.882363][T10863] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.882433][T10863] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.882622][T10863] bridge_slave_0: entered allmulticast mode
[  328.887032][T10863] bridge_slave_0: entered promiscuous mode
[  328.920140][T10912] netlink: 24 bytes leftover after parsing attributes in process `syz.2.966'.
[  328.943881][T10863] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.944012][T10863] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.944209][T10863] bridge_slave_1: entered allmulticast mode
[  328.945866][T10863] bridge_slave_1: entered promiscuous mode
[  329.070213][T10863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.072879][T10863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.143913][ T2573] hsr_slave_0: left promiscuous mode
[  329.144527][ T2573] hsr_slave_1: left promiscuous mode
[  329.151256][ T2573] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  329.151307][ T2573] batman_adv: batadv0: Removing interface: batadv_slave_0
[  329.177645][ T2573] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  329.177680][ T2573] batman_adv: batadv0: Removing interface: batadv_slave_1
[  329.238326][   T25] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  329.243464][ T2573] veth1_macvtap: left promiscuous mode
[  329.264321][ T2573] veth0_macvtap: left promiscuous mode
[  329.264465][ T2573] veth1_vlan: left promiscuous mode
[  329.264557][ T2573] veth0_vlan: left promiscuous mode
[  329.290889][ T5249] Bluetooth: hci0: command tx timeout
[  329.405171][   T25] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  329.405217][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895
[  329.405244][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  329.405267][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  329.406133][   T25] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00
[  329.406163][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  329.406184][   T25] usb 3-1: SerialNumber: syz
[  329.408126][   T25] usb 3-1: config 0 descriptor??
[  329.408789][T10912] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  329.412307][    C1] port100 3-1:0.0: NFC: Urb failure (status -71)
[  329.412439][   T25] port100 3-1:0.0: NFC: Could not get supported command types
[  329.644849][ T1171] usb 3-1: USB disconnect, device number 52
[  330.181597][ T2573] team0 (unregistering): Port device team_slave_1 removed
[  330.316392][ T2573] team0 (unregistering): Port device team_slave_0 removed
[  330.563638][ T1171] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  330.643537][   T25] usb 1-1: new full-speed USB device number 44 using dummy_hcd
[  330.733461][ T1171] usb 3-1: Using ep0 maxpacket: 16
[  330.758765][ T1171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.772983][ T1171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.785961][ T1171] usb 3-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  330.799789][ T1171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.831438][ T1171] usb 3-1: config 0 descriptor??
[  330.837290][   T25] usb 1-1: config 252 has no interfaces?
[  330.863802][   T25] usb 1-1: New USB device found, idVendor=10c4, idProduct=8156, bcdDevice=9b.88
[  330.881350][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.893462][   T25] usb 1-1: Product: syz
[  330.897835][   T25] usb 1-1: Manufacturer: syz
[  330.912663][   T25] usb 1-1: SerialNumber: syz
[  331.018448][T10863] team0: Port device team_slave_0 added
[  331.036065][T10863] team0: Port device team_slave_1 added
[  331.079494][ T1171] usb 3-1: string descriptor 0 read error: -71
[  331.104176][ T1171] usbhid 3-1:0.0: can't add hid device: -71
[  331.110452][ T1171] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  331.120870][ T1171] usb 3-1: USB disconnect, device number 53
[  331.135991][   T25] usb 1-1: USB disconnect, device number 44
[  331.137300][T10863] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.168995][T10863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.205404][T10863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.240831][T10863] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.250620][T10863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.287958][T10863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.367653][ T5249] Bluetooth: hci0: command tx timeout
[  331.442004][T10863] hsr_slave_0: entered promiscuous mode
[  331.462179][T10863] hsr_slave_1: entered promiscuous mode
[  331.478299][T10863] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  331.503302][T10863] Cannot create hsr debugfs directory
[  331.724976][   T25] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[  331.888492][T10966] FAULT_INJECTION: forcing a failure.
[  331.888492][T10966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.909525][T10966] CPU: 0 UID: 0 PID: 10966 Comm: syz.2.976 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0
[  331.920017][T10966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  331.930070][T10966] Call Trace:
[  331.933336][T10966]  <TASK>
[  331.936250][T10966]  dump_stack_lvl+0x241/0x360
[  331.940923][T10966]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.946109][T10966]  ? __pfx__printk+0x10/0x10
[  331.950687][T10966]  ? __pfx_lock_release+0x10/0x10
[  331.955719][T10966]  should_fail_ex+0x3b0/0x4e0
[  331.960476][T10966]  _copy_from_user+0x2f/0xe0
[  331.965057][T10966]  copy_msghdr_from_user+0xae/0x680
[  331.970261][T10966]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  331.976063][T10966]  __sys_recvmsg+0x24c/0x3d0
[  331.980901][T10966]  ? __pfx___sys_recvmsg+0x10/0x10
[  331.986001][T10966]  ? __mutex_unlock_slowpath+0x21d/0x750
[  331.991745][T10966]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.998088][T10966]  ? arch_syscall_is_vdso_sigreturn+0x125/0x1a0
[  332.004340][T10966]  ? syscall_user_dispatch+0x4e/0x90
[  332.009621][T10966]  do_syscall_64+0xf3/0x230
[  332.014203][T10966]  ? clear_bhb_loop+0x35/0x90
[  332.018872][T10966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.024766][T10966] RIP: 0033:0x7f01f617dff9
[  332.029166][T10966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.048764][T10966] RSP: 002b:00007f01f703b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  332.057166][T10966] RAX: ffffffffffffffda RBX: 00007f01f6335f80 RCX: 00007f01f617dff9
[  332.065125][T10966] RDX: 0000000040012100 RSI: 0000000020000640 RDI: 0000000000000003
[  332.073104][T10966] RBP: 00007f01f703b090 R08: 0000000000000000 R09: 0000000000000000
[  332.081071][T10966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.089039][T10966] R13: 0000000000000000 R14: 00007f01f6335f80 R15: 00007f01f645fa28
[  332.097024][T10966]  </TASK>
[  332.196051][   T25] usb 5-1: Using ep0 maxpacket: 16
[  332.212368][   T25] usb 5-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  332.224119][   T25] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  332.258890][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 28005, setting to 1024
[  332.270253][   T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  332.312454][   T25] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  332.368859][   T25] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  332.402937][T10975] netlink: 'syz.2.978': attribute type 12 has an invalid length.
[  332.423337][   T25] usb 5-1: Manufacturer: syz
[  332.478461][   T25] usb 5-1: config 0 descriptor??
[  332.493356][T10975] netlink: 'syz.2.978': attribute type 11 has an invalid length.
[  332.513715][T10975] netlink: 190580 bytes leftover after parsing attributes in process `syz.2.978'.
[  332.533886][T10953] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  332.766054][T10863] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  332.781072][T10863] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  332.807992][T10863] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  332.809010][T10953] fuse: Bad value for 'rootmode'
[  332.818941][T10863] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  332.847351][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  332.847386][   T29] audit: type=1326 audit(1727599294.486:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10976 comm="syz.0.979" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed8ef7dff9 code=0x0
[  332.945309][T10863] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.980281][T10983] netlink: 12 bytes leftover after parsing attributes in process `syz.0.979'.
[  332.980363][T10983] netlink: 36 bytes leftover after parsing attributes in process `syz.0.979'.
[  332.982789][T10863] 8021q: adding VLAN 0 to HW filter on device team0
[  333.000233][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.000300][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  333.038861][ T2573] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.038912][ T2573] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.099722][T10863] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  333.099764][T10863] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  333.239391][T10863] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.346463][T10863] veth0_vlan: entered promiscuous mode
[  333.358775][T10863] veth1_vlan: entered promiscuous mode
[  333.430582][T10863] veth0_macvtap: entered promiscuous mode
[  333.443431][ T5249] Bluetooth: hci0: command tx timeout
[  333.449344][T10863] veth1_macvtap: entered promiscuous mode
[  333.470199][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.470225][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.470239][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.470280][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.470293][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.470307][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.470319][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.470333][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.470346][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.470361][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.474278][T10863] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.480047][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.480064][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.480072][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.480081][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.480088][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.480096][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.480103][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.480112][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.480120][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.480128][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.481109][T10863] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.486542][T10863] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.486654][T10863] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.486677][T10863] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.486694][T10863] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.599949][ T3011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.599975][ T3011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.663993][ T3011] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.664019][ T3011] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.043721][T10996] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  334.064641][T10996] netlink: 28 bytes leftover after parsing attributes in process `syz.1.952'.
[  334.064674][T10996] netlink: 28 bytes leftover after parsing attributes in process `syz.1.952'.
[  334.125413][T10996] macvlan0: entered promiscuous mode
[  334.142402][T10996] batadv_slave_0: entered promiscuous mode
[  334.494742][   T25] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  334.499018][   T25] usb 5-1: USB disconnect, device number 94
[  334.923524][ T5296] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  334.936178][ T3123] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.057058][ T3123] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.128465][ T5296] usb 3-1: Using ep0 maxpacket: 16
[  335.195324][ T5296] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  335.214260][ T5296] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.248111][ T5296] usb 3-1: Product: syz
[  335.252328][ T5296] usb 3-1: Manufacturer: syz
[  335.258096][ T5296] usb 3-1: SerialNumber: syz
[  335.275295][ T3123] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.281704][ T5296] usb 3-1: config 0 descriptor??
[  335.291795][T11035] FAULT_INJECTION: forcing a failure.
[  335.291795][T11035] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  335.333538][T11035] CPU: 0 UID: 0 PID: 11035 Comm: syz.0.987 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0
[  335.344008][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  335.354089][T11035] Call Trace:
[  335.357394][T11035]  <TASK>
[  335.360431][T11035]  dump_stack_lvl+0x241/0x360
[  335.365137][T11035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.370363][T11035]  ? __pfx__printk+0x10/0x10
[  335.375029][T11035]  should_fail_ex+0x3b0/0x4e0
[  335.379736][T11035]  prepare_alloc_pages+0x1da/0x5d0
[  335.384882][T11035]  __alloc_pages_noprof+0x166/0x6c0
[  335.390116][T11035]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  335.395876][T11035]  alloc_pages_mpol_noprof+0x3e8/0x680
[  335.401720][T11035]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  335.407743][T11035]  ? do_raw_spin_unlock+0x13c/0x8b0
[  335.412976][T11035]  folio_alloc_mpol_noprof+0x36/0x50
[  335.418298][T11035]  __read_swap_cache_async+0x250/0x8e0
[  335.423797][T11035]  ? __pfx___read_swap_cache_async+0x10/0x10
[  335.429816][T11035]  swap_cluster_readahead+0x674/0x7f0
[  335.435220][T11035]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  335.441140][T11035]  ? xas_load+0x59b/0x5c0
[  335.445591][T11035]  swapin_readahead+0x1bb/0xdf0
[  335.450452][T11035]  ? filemap_get_entry+0x123/0x3b0
[  335.455566][T11035]  ? __pfx_swapin_readahead+0x10/0x10
[  335.461082][T11035]  ? __filemap_get_folio+0x949/0xbd0
[  335.466368][T11035]  ? swap_cache_get_folio+0xa6/0x570
[  335.471656][T11035]  do_swap_page+0x584/0x7b30
[  335.476264][T11035]  ? do_swap_page+0x15e/0x7b30
[  335.481026][T11035]  ? __pfx_do_swap_page+0x10/0x10
[  335.486048][T11035]  ? __pfx___pte_offset_map+0x10/0x10
[  335.491420][T11035]  ? __pfx_validate_chain+0x10/0x10
[  335.496615][T11035]  ? pte_offset_map_nolock+0x137/0x1f0
[  335.502090][T11035]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[  335.507905][T11035]  ? __pfx_lock_acquire+0x10/0x10
[  335.512937][T11035]  handle_pte_fault+0x61d/0x6800
[  335.517884][T11035]  ? finish_task_switch+0x1e5/0x870
[  335.523087][T11035]  ? mark_lock+0x9a/0x360
[  335.527423][T11035]  ? __pfx_handle_pte_fault+0x10/0x10
[  335.532802][T11035]  ? __lock_acquire+0x1384/0x2050
[  335.537940][T11035]  ? mt_find+0x2a9/0x920
[  335.542178][T11035]  ? __pfx_lock_release+0x10/0x10
[  335.547213][T11035]  handle_mm_fault+0x1106/0x1bb0
[  335.552151][T11035]  ? mt_find+0x2a9/0x920
[  335.556406][T11035]  ? __pfx_handle_mm_fault+0x10/0x10
[  335.561701][T11035]  ? __pfx_get_signal+0x10/0x10
[  335.566551][T11035]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  335.571840][T11035]  exc_page_fault+0x2b9/0x8c0
[  335.576528][T11035]  asm_exc_page_fault+0x26/0x30
[  335.581470][T11035] RIP: 0010:__get_user_nocheck_1+0xa/0x20
[  335.587447][T11035] Code: cb 48 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb 0f ae e8 <0f> b6 10 31 c0 0f 01 ca c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00
[  335.607141][T11035] RSP: 0018:ffffc9000495fec0 EFLAGS: 00050202
[  335.613211][T11035] RAX: 0000000020006680 RBX: ffff888025f98000 RCX: ffff888025f98000
[  335.621183][T11035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  335.629149][T11035] RBP: ffffc9000495ff48 R08: ffffffff81008a93 R09: 1ffffffff2039c7d
[  335.637118][T11035] R10: dffffc0000000000 R11: fffffbfff2039c7e R12: ffff888025f98000
[  335.645085][T11035] R13: 0000000000000000 R14: ffffc9000495ff58 R15: 0000000000000020
[  335.653055][T11035]  ? arch_syscall_is_vdso_sigreturn+0xb3/0x1a0
[  335.659218][T11035]  syscall_user_dispatch+0x4e/0x90
[  335.664331][T11035]  syscall_trace_enter+0x20/0x150
[  335.669356][T11035]  do_syscall_64+0xcc/0x230
[  335.673858][T11035]  ? clear_bhb_loop+0x35/0x90
[  335.678548][T11035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.684443][T11035] RIP: 0033:0x7fed8ef7dff9
[  335.688851][T11035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.708449][T11035] RSP: 002b:00007fed8fca9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  335.716866][T11035] RAX: ffffffffffffffda RBX: 00007fed8f135f80 RCX: 00007fed8ef7dff9
[  335.724834][T11035] RDX: 0000000040012100 RSI: 0000000020000640 RDI: 0000000000000003
[  335.732800][T11035] RBP: 00007fed8fca9090 R08: 0000000000000000 R09: 0000000000000000
[  335.740859][T11035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.748833][T11035] R13: 0000000000000000 R14: 00007fed8f135f80 R15: 00007fed8f25fa28
[  335.757342][T11035]  </TASK>
[  335.767059][ T5249] Bluetooth: hci0: command tx timeout
[  335.824887][T11013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  335.922742][T11013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  335.955554][ T5246] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  335.968317][ T5246] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  335.985411][ T5246] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  335.993669][ T5246] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  336.007140][ T5291] usb 3-1: USB disconnect, device number 54
[  336.009398][ T4626] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  336.013639][ T5246] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  336.031344][ T5246] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  336.039398][ T5246] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  336.049287][ T5246] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  336.056768][ T5246] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  336.066119][ T5249] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  336.075253][ T5249] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  336.234995][ T3123] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.616189][T11048] chnl_net:caif_netlink_parms(): no params data found
[  337.012772][ T3123] bridge_slave_1: left allmulticast mode
[  337.046127][ T3123] bridge_slave_1: left promiscuous mode
[  337.074051][ T3123] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.104426][ T3123] bridge_slave_0: left allmulticast mode
[  337.131194][ T3123] bridge_slave_0: left promiscuous mode
[  337.176989][ T3123] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.216904][T11080] loop8: detected capacity change from 0 to 7
[  337.225142][T11080] Dev loop8: unable to read RDB block 7
[  337.230918][T11080]  loop8: unable to read partition table
[  337.243451][T11080] loop8: partition table beyond EOD, truncated
[  337.243481][T11080] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  337.243481][T11080] 
) failed (rc=-5)
[  337.422159][T11082] FAULT_INJECTION: forcing a failure.
[  337.422159][T11082] name failslab, interval 1, probability 0, space 0, times 1
[  337.466898][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.1.993 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0
[  337.477293][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  337.487379][T11082] Call Trace:
[  337.490680][T11082]  <TASK>
[  337.493641][T11082]  dump_stack_lvl+0x241/0x360
[  337.498351][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.503585][T11082]  ? __pfx__printk+0x10/0x10
[  337.508209][T11082]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  337.513795][T11082]  ? __pfx___might_resched+0x10/0x10
[  337.519118][T11082]  should_fail_ex+0x3b0/0x4e0
[  337.523849][T11082]  ? mas_alloc_nodes+0x26c/0x840
[  337.528819][T11082]  should_failslab+0xac/0x100
[  337.533526][T11082]  ? mas_alloc_nodes+0x26c/0x840
[  337.538490][T11082]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  337.543897][T11082]  mas_alloc_nodes+0x26c/0x840
[  337.548699][T11082]  mas_preallocate+0x554/0x8c0
[  337.553501][T11082]  ? shmem_get_inode+0xad5/0xd70
[  337.558475][T11082]  ? __pfx_mas_preallocate+0x10/0x10
[  337.563801][T11082]  ? __shmem_file_setup+0x263/0x2c0
[  337.569028][T11082]  ? shmem_zero_setup+0x12b/0x140
[  337.574080][T11082]  mmap_region+0x1ea1/0x2990
[  337.578727][T11082]  ? __pfx_mmap_region+0x10/0x10
[  337.583713][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  337.588780][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  337.594017][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  337.598890][T11082]  ? security_mmap_addr+0x6f/0x250
[  337.604030][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  337.609333][T11082]  do_mmap+0x8f0/0x1000
[  337.613505][T11082]  ? __pfx_do_mmap+0x10/0x10
[  337.618120][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  337.623763][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  337.628836][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  337.633438][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  337.638565][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  337.644930][T11082]  ? do_syscall_64+0x100/0x230
[  337.649711][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  337.654669][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  337.659460][T11082]  do_syscall_64+0xf3/0x230
[  337.663984][T11082]  ? clear_bhb_loop+0x35/0x90
[  337.668688][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.674602][T11082] RIP: 0033:0x7f0cab37dff9
[  337.679037][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.698828][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  337.707240][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  337.715210][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  337.723286][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  337.731267][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  337.739231][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  337.747207][T11082]  </TASK>
[  337.774454][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049000225 pmd:774e5067
[  337.784442][T11082] addr:0000000020000000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:0
[  337.795565][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  337.802539][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0
[  337.812877][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  337.822947][T11082] Call Trace:
[  337.826250][T11082]  <TASK>
[  337.829196][T11082]  dump_stack_lvl+0x241/0x360
[  337.833885][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.839096][T11082]  ? __pfx__printk+0x10/0x10
[  337.843703][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  337.849195][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  337.854162][T11082]  print_bad_pte+0x511/0x530
[  337.858787][T11082]  vm_normal_page+0x155/0x200
[  337.863507][T11082]  unmap_page_range+0xac6/0x40e0
[  337.868484][T11082]  ? __pfx_validate_chain+0x10/0x10
[  337.873727][T11082]  ? __lock_acquire+0x1384/0x2050
[  337.878886][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  337.884299][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  337.889392][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  337.893918][T11082]  ? __pfx_lock_release+0x10/0x10
[  337.898974][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  337.904028][T11082]  unmap_vmas+0x3cc/0x5f0
[  337.908397][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  337.913289][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  337.918168][T11082]  unmap_region+0x214/0x380
[  337.922708][T11082]  ? __pfx_unmap_region+0x10/0x10
[  337.927952][T11082]  ? __mas_set_range+0x133/0x3c0
[  337.932918][T11082]  ? fput+0x1af/0x230
[  337.936928][T11082]  mmap_region+0x22f9/0x2990
[  337.941577][T11082]  ? __pfx_mmap_region+0x10/0x10
[  337.946566][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  337.951731][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  337.957318][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  337.962195][T11082]  ? security_mmap_addr+0x6f/0x250
[  337.967351][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  337.972719][T11082]  do_mmap+0x8f0/0x1000
[  337.976917][T11082]  ? __pfx_do_mmap+0x10/0x10
[  337.981535][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  337.987190][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  337.992254][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  337.996888][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  338.002026][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  338.008394][T11082]  ? do_syscall_64+0x100/0x230
[  338.013180][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  338.018053][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  338.022931][T11082]  do_syscall_64+0xf3/0x230
[  338.027473][T11082]  ? clear_bhb_loop+0x35/0x90
[  338.032268][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.038202][T11082] RIP: 0033:0x7f0cab37dff9
[  338.042650][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.062382][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  338.070924][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  338.078932][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  338.086943][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  338.094952][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  338.102958][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  338.110985][T11082]  </TASK>
[  338.116201][T11082] Disabling lock debugging due to kernel taint
[  338.126583][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049001225 pmd:774e5067
[  338.135812][T11082] addr:0000000020001000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:1
[  338.147057][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  338.154342][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  338.166173][T11082] Tainted: [B]=BAD_PAGE
[  338.170336][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.175493][ T5255] Bluetooth: hci5: command tx timeout
[  338.180382][T11082] Call Trace:
[  338.180394][T11082]  <TASK>
[  338.180403][T11082]  dump_stack_lvl+0x241/0x360
[  338.180430][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.185983][ T5249] Bluetooth: hci3: command tx timeout
[  338.189030][T11082]  ? __pfx__printk+0x10/0x10
[  338.189062][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  338.217224][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  338.222182][T11082]  print_bad_pte+0x511/0x530
[  338.226794][T11082]  vm_normal_page+0x155/0x200
[  338.231494][T11082]  unmap_page_range+0xac6/0x40e0
[  338.236444][T11082]  ? __pfx_validate_chain+0x10/0x10
[  338.241644][T11082]  ? __lock_acquire+0x1384/0x2050
[  338.246666][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  338.252039][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  338.257057][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  338.261563][T11082]  ? __pfx_lock_release+0x10/0x10
[  338.266612][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  338.271644][T11082]  unmap_vmas+0x3cc/0x5f0
[  338.275973][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  338.280823][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  338.285670][T11082]  unmap_region+0x214/0x380
[  338.290187][T11082]  ? __pfx_unmap_region+0x10/0x10
[  338.295208][T11082]  ? __mas_set_range+0x133/0x3c0
[  338.300136][T11082]  ? fput+0x1af/0x230
[  338.304113][T11082]  mmap_region+0x22f9/0x2990
[  338.308702][T11082]  ? __pfx_mmap_region+0x10/0x10
[  338.313634][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  338.318656][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  338.323858][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  338.328795][T11082]  ? security_mmap_addr+0x6f/0x250
[  338.333910][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  338.339205][T11082]  do_mmap+0x8f0/0x1000
[  338.343365][T11082]  ? __pfx_do_mmap+0x10/0x10
[  338.347960][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  338.353586][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  338.358608][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  338.363186][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  338.368289][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  338.374608][T11082]  ? do_syscall_64+0x100/0x230
[  338.379364][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  338.384206][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  338.388958][T11082]  do_syscall_64+0xf3/0x230
[  338.393463][T11082]  ? clear_bhb_loop+0x35/0x90
[  338.398140][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.404032][T11082] RIP: 0033:0x7f0cab37dff9
[  338.408442][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.428043][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  338.436473][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  338.444445][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  338.452406][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  338.460367][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  338.468351][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  338.476401][T11082]  </TASK>
[  338.493659][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049002225 pmd:774e5067
[  338.502406][T11082] addr:0000000020002000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:2
[  338.513707][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  338.520678][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  338.532473][T11082] Tainted: [B]=BAD_PAGE
[  338.536616][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.546677][T11082] Call Trace:
[  338.549941][T11082]  <TASK>
[  338.552856][T11082]  dump_stack_lvl+0x241/0x360
[  338.557532][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.562732][T11082]  ? __pfx__printk+0x10/0x10
[  338.567327][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  338.572780][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  338.577707][T11082]  print_bad_pte+0x511/0x530
[  338.582289][T11082]  vm_normal_page+0x155/0x200
[  338.586957][T11082]  unmap_page_range+0xac6/0x40e0
[  338.591891][T11082]  ? __pfx_validate_chain+0x10/0x10
[  338.597092][T11082]  ? __lock_acquire+0x1384/0x2050
[  338.602110][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  338.607478][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  338.612493][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  338.616981][T11082]  ? __pfx_lock_release+0x10/0x10
[  338.621995][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  338.627009][T11082]  unmap_vmas+0x3cc/0x5f0
[  338.631329][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  338.636172][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  338.641011][T11082]  unmap_region+0x214/0x380
[  338.645514][T11082]  ? __pfx_unmap_region+0x10/0x10
[  338.650546][T11082]  ? __mas_set_range+0x133/0x3c0
[  338.655471][T11082]  ? fput+0x1af/0x230
[  338.659445][T11082]  mmap_region+0x22f9/0x2990
[  338.664043][T11082]  ? __pfx_mmap_region+0x10/0x10
[  338.668991][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  338.674006][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  338.679202][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  338.684043][T11082]  ? security_mmap_addr+0x6f/0x250
[  338.689160][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  338.694446][T11082]  do_mmap+0x8f0/0x1000
[  338.698599][T11082]  ? __pfx_do_mmap+0x10/0x10
[  338.703201][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  338.708835][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  338.713855][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  338.718433][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  338.723538][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  338.729883][T11082]  ? do_syscall_64+0x100/0x230
[  338.734645][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  338.739515][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  338.744373][T11082]  do_syscall_64+0xf3/0x230
[  338.748888][T11082]  ? clear_bhb_loop+0x35/0x90
[  338.753566][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.759460][T11082] RIP: 0033:0x7f0cab37dff9
[  338.763880][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.783590][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  338.792022][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  338.800097][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  338.808083][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  338.816060][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  338.824028][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  338.832017][T11082]  </TASK>
[  338.838527][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049003225 pmd:774e5067
[  338.847763][T11082] addr:0000000020003000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:3
[  338.858794][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  338.865777][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  338.877620][T11082] Tainted: [B]=BAD_PAGE
[  338.881755][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.891809][T11082] Call Trace:
[  338.895088][T11082]  <TASK>
[  338.898019][T11082]  dump_stack_lvl+0x241/0x360
[  338.902871][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.908062][T11082]  ? __pfx__printk+0x10/0x10
[  338.912645][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  338.918112][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  338.923051][T11082]  print_bad_pte+0x511/0x530
[  338.927667][T11082]  vm_normal_page+0x155/0x200
[  338.932341][T11082]  unmap_page_range+0xac6/0x40e0
[  338.937278][T11082]  ? __pfx_validate_chain+0x10/0x10
[  338.942469][T11082]  ? __lock_acquire+0x1384/0x2050
[  338.947492][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  338.952868][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  338.957895][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  338.962395][T11082]  ? __pfx_lock_release+0x10/0x10
[  338.967426][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  338.972443][T11082]  unmap_vmas+0x3cc/0x5f0
[  338.976764][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  338.981609][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  338.986458][T11082]  unmap_region+0x214/0x380
[  338.990950][T11082]  ? __pfx_unmap_region+0x10/0x10
[  338.995968][T11082]  ? __mas_set_range+0x133/0x3c0
[  339.000891][T11082]  ? fput+0x1af/0x230
[  339.004869][T11082]  mmap_region+0x22f9/0x2990
[  339.009459][T11082]  ? __pfx_mmap_region+0x10/0x10
[  339.014569][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  339.019594][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  339.024785][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  339.029646][T11082]  ? security_mmap_addr+0x6f/0x250
[  339.034777][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  339.040088][T11082]  do_mmap+0x8f0/0x1000
[  339.044267][T11082]  ? __pfx_do_mmap+0x10/0x10
[  339.048861][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  339.054582][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  339.059605][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  339.064238][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  339.069343][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  339.075665][T11082]  ? do_syscall_64+0x100/0x230
[  339.080420][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  339.085265][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  339.090014][T11082]  do_syscall_64+0xf3/0x230
[  339.094503][T11082]  ? clear_bhb_loop+0x35/0x90
[  339.099167][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.105060][T11082] RIP: 0033:0x7f0cab37dff9
[  339.109461][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.129147][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  339.137648][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  339.145611][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  339.153574][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  339.161554][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  339.169518][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  339.177489][T11082]  </TASK>
[  339.185780][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049004225 pmd:774e5067
[  339.194596][T11082] addr:0000000020004000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:4
[  339.205976][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  339.212943][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  339.224752][T11082] Tainted: [B]=BAD_PAGE
[  339.228907][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.238972][T11082] Call Trace:
[  339.242264][T11082]  <TASK>
[  339.245205][T11082]  dump_stack_lvl+0x241/0x360
[  339.249899][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.255121][T11082]  ? __pfx__printk+0x10/0x10
[  339.259793][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  339.265281][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  339.270410][T11082]  print_bad_pte+0x511/0x530
[  339.275005][T11082]  vm_normal_page+0x155/0x200
[  339.279692][T11082]  unmap_page_range+0xac6/0x40e0
[  339.284638][T11082]  ? __pfx_validate_chain+0x10/0x10
[  339.289847][T11082]  ? __lock_acquire+0x1384/0x2050
[  339.294865][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  339.300244][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  339.305370][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  339.309885][T11082]  ? __pfx_lock_release+0x10/0x10
[  339.315096][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  339.320137][T11082]  unmap_vmas+0x3cc/0x5f0
[  339.324525][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  339.329418][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  339.334266][T11082]  unmap_region+0x214/0x380
[  339.338764][T11082]  ? __pfx_unmap_region+0x10/0x10
[  339.343819][T11082]  ? __mas_set_range+0x133/0x3c0
[  339.348776][T11082]  ? fput+0x1af/0x230
[  339.352777][T11082]  mmap_region+0x22f9/0x2990
[  339.357395][T11082]  ? __pfx_mmap_region+0x10/0x10
[  339.362595][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  339.367655][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  339.372888][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  339.378000][T11082]  ? security_mmap_addr+0x6f/0x250
[  339.383331][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  339.388631][T11082]  do_mmap+0x8f0/0x1000
[  339.392811][T11082]  ? __pfx_do_mmap+0x10/0x10
[  339.397399][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  339.403030][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  339.408119][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  339.412808][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  339.417926][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  339.424258][T11082]  ? do_syscall_64+0x100/0x230
[  339.429026][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  339.433870][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  339.438625][T11082]  do_syscall_64+0xf3/0x230
[  339.443145][T11082]  ? clear_bhb_loop+0x35/0x90
[  339.447815][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.453703][T11082] RIP: 0033:0x7f0cab37dff9
[  339.458109][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.477723][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  339.486190][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  339.494177][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  339.502142][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  339.510217][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  339.518177][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  339.526141][T11082]  </TASK>
[  339.543577][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049005225 pmd:774e5067
[  339.552281][T11082] addr:0000000020005000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:5
[  339.563889][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  339.570858][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  339.582738][T11082] Tainted: [B]=BAD_PAGE
[  339.586882][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.596934][T11082] Call Trace:
[  339.600208][T11082]  <TASK>
[  339.603134][T11082]  dump_stack_lvl+0x241/0x360
[  339.607928][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.613561][T11082]  ? __pfx__printk+0x10/0x10
[  339.618518][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  339.623981][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  339.628908][T11082]  print_bad_pte+0x511/0x530
[  339.633488][T11082]  vm_normal_page+0x155/0x200
[  339.638152][T11082]  unmap_page_range+0xac6/0x40e0
[  339.643076][T11082]  ? __pfx_validate_chain+0x10/0x10
[  339.648261][T11082]  ? __lock_acquire+0x1384/0x2050
[  339.653278][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  339.658638][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  339.663661][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  339.668175][T11082]  ? __pfx_lock_release+0x10/0x10
[  339.673205][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  339.678222][T11082]  unmap_vmas+0x3cc/0x5f0
[  339.682541][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  339.687385][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  339.692411][T11082]  unmap_region+0x214/0x380
[  339.696906][T11082]  ? __pfx_unmap_region+0x10/0x10
[  339.701923][T11082]  ? __mas_set_range+0x133/0x3c0
[  339.706879][T11082]  ? fput+0x1af/0x230
[  339.710911][T11082]  mmap_region+0x22f9/0x2990
[  339.715501][T11082]  ? __pfx_mmap_region+0x10/0x10
[  339.720440][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  339.725590][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  339.730882][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  339.735721][T11082]  ? security_mmap_addr+0x6f/0x250
[  339.740914][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  339.746388][T11082]  do_mmap+0x8f0/0x1000
[  339.750631][T11082]  ? __pfx_do_mmap+0x10/0x10
[  339.755212][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  339.760834][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  339.765948][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  339.770621][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  339.775723][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  339.782048][T11082]  ? do_syscall_64+0x100/0x230
[  339.786799][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  339.791642][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  339.796399][T11082]  do_syscall_64+0xf3/0x230
[  339.800974][T11082]  ? clear_bhb_loop+0x35/0x90
[  339.805634][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.811517][T11082] RIP: 0033:0x7f0cab37dff9
[  339.815923][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.835520][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  339.843921][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  339.851877][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  339.859834][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  339.867791][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  339.875754][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  339.883740][T11082]  </TASK>
[  339.893349][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049006225 pmd:774e5067
[  339.902053][T11082] addr:0000000020006000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:6
[  339.913064][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  339.920056][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  339.932043][T11082] Tainted: [B]=BAD_PAGE
[  339.936213][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.946275][T11082] Call Trace:
[  339.949579][T11082]  <TASK>
[  339.952498][T11082]  dump_stack_lvl+0x241/0x360
[  339.957172][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.962355][T11082]  ? __pfx__printk+0x10/0x10
[  339.966941][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  339.972405][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  339.977354][T11082]  print_bad_pte+0x511/0x530
[  339.981942][T11082]  vm_normal_page+0x155/0x200
[  339.986614][T11082]  unmap_page_range+0xac6/0x40e0
[  339.991540][T11082]  ? __pfx_validate_chain+0x10/0x10
[  339.996821][T11082]  ? __lock_acquire+0x1384/0x2050
[  340.001872][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  340.007251][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  340.012288][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  340.016787][T11082]  ? __pfx_lock_release+0x10/0x10
[  340.021812][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  340.026830][T11082]  unmap_vmas+0x3cc/0x5f0
[  340.031185][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  340.036212][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  340.041139][T11082]  unmap_region+0x214/0x380
[  340.045648][T11082]  ? __pfx_unmap_region+0x10/0x10
[  340.050664][T11082]  ? __mas_set_range+0x133/0x3c0
[  340.055704][T11082]  ? fput+0x1af/0x230
[  340.059782][T11082]  mmap_region+0x22f9/0x2990
[  340.064403][T11082]  ? __pfx_mmap_region+0x10/0x10
[  340.069446][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  340.074473][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  340.079679][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  340.084534][T11082]  ? security_mmap_addr+0x6f/0x250
[  340.089651][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  340.094936][T11082]  do_mmap+0x8f0/0x1000
[  340.099095][T11082]  ? __pfx_do_mmap+0x10/0x10
[  340.103681][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  340.109306][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  340.114330][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  340.118913][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  340.124025][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.130430][T11082]  ? do_syscall_64+0x100/0x230
[  340.135356][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  340.140217][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  340.145147][T11082]  do_syscall_64+0xf3/0x230
[  340.149649][T11082]  ? clear_bhb_loop+0x35/0x90
[  340.154407][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.160293][T11082] RIP: 0033:0x7f0cab37dff9
[  340.164698][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.184387][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  340.192881][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  340.200841][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  340.208801][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  340.216756][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  340.224714][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  340.232767][T11082]  </TASK>
[  340.237452][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049007225 pmd:774e5067
[  340.246235][T11082] addr:0000000020007000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:7
[  340.251371][ T5255] Bluetooth: hci5: command tx timeout
[  340.257169][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  340.257212][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  340.262618][ T5249] Bluetooth: hci3: command tx timeout
[  340.269464][T11082] Tainted: [B]=BAD_PAGE
[  340.269473][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  340.269484][T11082] Call Trace:
[  340.269492][T11082]  <TASK>
[  340.269499][T11082]  dump_stack_lvl+0x241/0x360
[  340.269522][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.269540][T11082]  ? __pfx__printk+0x10/0x10
[  340.321505][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  340.326970][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  340.331900][T11082]  print_bad_pte+0x511/0x530
[  340.336482][T11082]  vm_normal_page+0x155/0x200
[  340.341234][T11082]  unmap_page_range+0xac6/0x40e0
[  340.346165][T11082]  ? __pfx_validate_chain+0x10/0x10
[  340.351354][T11082]  ? __lock_acquire+0x1384/0x2050
[  340.356372][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  340.361735][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  340.366778][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  340.371273][T11082]  ? __pfx_lock_release+0x10/0x10
[  340.376329][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  340.381361][T11082]  unmap_vmas+0x3cc/0x5f0
[  340.385694][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  340.390546][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  340.395387][T11082]  unmap_region+0x214/0x380
[  340.399880][T11082]  ? __pfx_unmap_region+0x10/0x10
[  340.404904][T11082]  ? __mas_set_range+0x133/0x3c0
[  340.409829][T11082]  ? fput+0x1af/0x230
[  340.413804][T11082]  mmap_region+0x22f9/0x2990
[  340.418395][T11082]  ? __pfx_mmap_region+0x10/0x10
[  340.423330][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  340.428350][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  340.433544][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  340.438380][T11082]  ? security_mmap_addr+0x6f/0x250
[  340.443484][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  340.448765][T11082]  do_mmap+0x8f0/0x1000
[  340.452921][T11082]  ? __pfx_do_mmap+0x10/0x10
[  340.457508][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  340.463141][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  340.468261][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  340.472847][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  340.477945][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.484268][T11082]  ? do_syscall_64+0x100/0x230
[  340.489024][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  340.493878][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  340.498642][T11082]  do_syscall_64+0xf3/0x230
[  340.503147][T11082]  ? clear_bhb_loop+0x35/0x90
[  340.507816][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.513717][T11082] RIP: 0033:0x7f0cab37dff9
[  340.518131][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.537731][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  340.546139][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  340.554103][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  340.562068][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  340.570028][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  340.578036][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  340.586005][T11082]  </TASK>
[  340.595134][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049008225 pmd:774e5067
[  340.603909][T11082] addr:0000000020008000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:8
[  340.614803][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  340.621760][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  340.633569][T11082] Tainted: [B]=BAD_PAGE
[  340.637721][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  340.647768][T11082] Call Trace:
[  340.651044][T11082]  <TASK>
[  340.653975][T11082]  dump_stack_lvl+0x241/0x360
[  340.658681][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.663890][T11082]  ? __pfx__printk+0x10/0x10
[  340.668592][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  340.674110][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  340.679060][T11082]  print_bad_pte+0x511/0x530
[  340.683654][T11082]  vm_normal_page+0x155/0x200
[  340.688341][T11082]  unmap_page_range+0xac6/0x40e0
[  340.693286][T11082]  ? __pfx_validate_chain+0x10/0x10
[  340.698500][T11082]  ? __lock_acquire+0x1384/0x2050
[  340.703540][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  340.708919][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  340.713946][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  340.718456][T11082]  ? __pfx_lock_release+0x10/0x10
[  340.723485][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  340.728517][T11082]  unmap_vmas+0x3cc/0x5f0
[  340.732849][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  340.737889][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  340.742737][T11082]  unmap_region+0x214/0x380
[  340.747411][T11082]  ? __pfx_unmap_region+0x10/0x10
[  340.752435][T11082]  ? __mas_set_range+0x133/0x3c0
[  340.757370][T11082]  ? fput+0x1af/0x230
[  340.761465][T11082]  mmap_region+0x22f9/0x2990
[  340.766060][T11082]  ? __pfx_mmap_region+0x10/0x10
[  340.771001][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  340.776037][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  340.781234][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  340.786088][T11082]  ? security_mmap_addr+0x6f/0x250
[  340.791219][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  340.796503][T11082]  do_mmap+0x8f0/0x1000
[  340.800658][T11082]  ? __pfx_do_mmap+0x10/0x10
[  340.805255][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  340.810897][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  340.815924][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  340.820529][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  340.825642][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.831993][T11082]  ? do_syscall_64+0x100/0x230
[  340.836762][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  340.841856][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  340.846716][T11082]  do_syscall_64+0xf3/0x230
[  340.851298][T11082]  ? clear_bhb_loop+0x35/0x90
[  340.855972][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.861867][T11082] RIP: 0033:0x7f0cab37dff9
[  340.866276][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.885876][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  340.894301][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  340.902286][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  340.910253][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  340.918219][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  340.926192][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  340.934201][T11082]  </TASK>
[  340.939704][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049009225 pmd:774e5067
[  340.948667][T11082] addr:0000000020009000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:9
[  340.960191][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  340.967403][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  340.979220][T11082] Tainted: [B]=BAD_PAGE
[  340.983453][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  340.993518][T11082] Call Trace:
[  340.996807][T11082]  <TASK>
[  340.999743][T11082]  dump_stack_lvl+0x241/0x360
[  341.004421][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.009624][T11082]  ? __pfx__printk+0x10/0x10
[  341.014224][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  341.019712][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  341.024666][T11082]  print_bad_pte+0x511/0x530
[  341.029258][T11082]  vm_normal_page+0x155/0x200
[  341.033936][T11082]  unmap_page_range+0xac6/0x40e0
[  341.038885][T11082]  ? __pfx_validate_chain+0x10/0x10
[  341.044096][T11082]  ? __lock_acquire+0x1384/0x2050
[  341.049153][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  341.054627][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  341.059673][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  341.064283][T11082]  ? __pfx_lock_release+0x10/0x10
[  341.069413][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  341.074528][T11082]  unmap_vmas+0x3cc/0x5f0
[  341.078863][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  341.083799][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  341.088641][T11082]  unmap_region+0x214/0x380
[  341.093310][T11082]  ? __pfx_unmap_region+0x10/0x10
[  341.098330][T11082]  ? __mas_set_range+0x133/0x3c0
[  341.103269][T11082]  ? fput+0x1af/0x230
[  341.107259][T11082]  mmap_region+0x22f9/0x2990
[  341.111855][T11082]  ? __pfx_mmap_region+0x10/0x10
[  341.116793][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  341.121820][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  341.127016][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  341.131946][T11082]  ? security_mmap_addr+0x6f/0x250
[  341.137142][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  341.142512][T11082]  do_mmap+0x8f0/0x1000
[  341.146664][T11082]  ? __pfx_do_mmap+0x10/0x10
[  341.151244][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  341.156912][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  341.161974][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  341.166560][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  341.171660][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  341.178076][T11082]  ? do_syscall_64+0x100/0x230
[  341.182831][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  341.187680][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  341.192435][T11082]  do_syscall_64+0xf3/0x230
[  341.196929][T11082]  ? clear_bhb_loop+0x35/0x90
[  341.201604][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.207603][T11082] RIP: 0033:0x7f0cab37dff9
[  341.212032][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.231641][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  341.240055][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  341.248132][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  341.256098][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  341.264151][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  341.272143][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  341.280125][T11082]  </TASK>
[  341.290166][T11082] BUG: Bad page map in process syz.1.993  pte:800000004900a225 pmd:774e5067
[  341.298969][T11082] addr:000000002000a000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:a
[  341.310356][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  341.317517][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  341.329432][T11082] Tainted: [B]=BAD_PAGE
[  341.333668][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.343736][T11082] Call Trace:
[  341.347025][T11082]  <TASK>
[  341.349948][T11082]  dump_stack_lvl+0x241/0x360
[  341.354623][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.359812][T11082]  ? __pfx__printk+0x10/0x10
[  341.364405][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  341.369900][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  341.374936][T11082]  print_bad_pte+0x511/0x530
[  341.379519][T11082]  vm_normal_page+0x155/0x200
[  341.384201][T11082]  unmap_page_range+0xac6/0x40e0
[  341.389257][T11082]  ? __pfx_validate_chain+0x10/0x10
[  341.394453][T11082]  ? __lock_acquire+0x1384/0x2050
[  341.399484][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  341.404858][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  341.409897][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  341.414394][T11082]  ? __pfx_lock_release+0x10/0x10
[  341.419425][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  341.424455][T11082]  unmap_vmas+0x3cc/0x5f0
[  341.428822][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  341.433679][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  341.438543][T11082]  unmap_region+0x214/0x380
[  341.443052][T11082]  ? __pfx_unmap_region+0x10/0x10
[  341.448083][T11082]  ? __mas_set_range+0x133/0x3c0
[  341.453051][T11082]  ? fput+0x1af/0x230
[  341.457062][T11082]  mmap_region+0x22f9/0x2990
[  341.461656][T11082]  ? __pfx_mmap_region+0x10/0x10
[  341.466614][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  341.471648][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  341.476951][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  341.481824][T11082]  ? security_mmap_addr+0x6f/0x250
[  341.486947][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  341.492269][T11082]  do_mmap+0x8f0/0x1000
[  341.496426][T11082]  ? __pfx_do_mmap+0x10/0x10
[  341.501027][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  341.506651][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  341.511672][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  341.516265][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  341.521369][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  341.527690][T11082]  ? do_syscall_64+0x100/0x230
[  341.532471][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  341.537321][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  341.542179][T11082]  do_syscall_64+0xf3/0x230
[  341.546767][T11082]  ? clear_bhb_loop+0x35/0x90
[  341.551436][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.557325][T11082] RIP: 0033:0x7f0cab37dff9
[  341.561741][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.581365][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  341.589794][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  341.597776][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  341.605748][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  341.613743][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  341.621720][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  341.629690][T11082]  </TASK>
[  341.635532][T11082] BUG: Bad page map in process syz.1.993  pte:800000004900b225 pmd:774e5067
[  341.644602][T11082] addr:000000002000b000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:b
[  341.655717][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  341.662656][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  341.674456][T11082] Tainted: [B]=BAD_PAGE
[  341.678606][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.688651][T11082] Call Trace:
[  341.691917][T11082]  <TASK>
[  341.694832][T11082]  dump_stack_lvl+0x241/0x360
[  341.699500][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.704701][T11082]  ? __pfx__printk+0x10/0x10
[  341.709369][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  341.714834][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  341.719778][T11082]  print_bad_pte+0x511/0x530
[  341.724359][T11082]  vm_normal_page+0x155/0x200
[  341.729023][T11082]  unmap_page_range+0xac6/0x40e0
[  341.733971][T11082]  ? __pfx_validate_chain+0x10/0x10
[  341.739160][T11082]  ? __lock_acquire+0x1384/0x2050
[  341.744173][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  341.749543][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  341.754563][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  341.759152][T11082]  ? __pfx_lock_release+0x10/0x10
[  341.764198][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  341.769236][T11082]  unmap_vmas+0x3cc/0x5f0
[  341.773566][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  341.778408][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  341.783336][T11082]  unmap_region+0x214/0x380
[  341.787826][T11082]  ? __pfx_unmap_region+0x10/0x10
[  341.792836][T11082]  ? __mas_set_range+0x133/0x3c0
[  341.797757][T11082]  ? fput+0x1af/0x230
[  341.801754][T11082]  mmap_region+0x22f9/0x2990
[  341.806435][T11082]  ? __pfx_mmap_region+0x10/0x10
[  341.811372][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  341.816400][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  341.821609][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  341.826445][T11082]  ? security_mmap_addr+0x6f/0x250
[  341.831546][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  341.836822][T11082]  do_mmap+0x8f0/0x1000
[  341.840979][T11082]  ? __pfx_do_mmap+0x10/0x10
[  341.845555][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  341.851261][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  341.856276][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  341.860853][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  341.865954][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  341.872283][T11082]  ? do_syscall_64+0x100/0x230
[  341.877058][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  341.881928][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  341.886703][T11082]  do_syscall_64+0xf3/0x230
[  341.891232][T11082]  ? clear_bhb_loop+0x35/0x90
[  341.895915][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.901820][T11082] RIP: 0033:0x7f0cab37dff9
[  341.906235][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.925848][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  341.934275][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  341.942352][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  341.950418][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  341.958398][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  341.966372][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  341.974394][T11082]  </TASK>
[  341.981189][T11082] BUG: Bad page map in process syz.1.993  pte:800000004900c225 pmd:774e5067
[  341.989992][T11082] addr:000000002000c000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:c
[  342.000892][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  342.008147][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  342.019971][T11082] Tainted: [B]=BAD_PAGE
[  342.024110][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.034165][T11082] Call Trace:
[  342.037452][T11082]  <TASK>
[  342.040386][T11082]  dump_stack_lvl+0x241/0x360
[  342.045127][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.050332][T11082]  ? __pfx__printk+0x10/0x10
[  342.054918][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  342.060371][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  342.065313][T11082]  print_bad_pte+0x511/0x530
[  342.069915][T11082]  vm_normal_page+0x155/0x200
[  342.074583][T11082]  unmap_page_range+0xac6/0x40e0
[  342.079569][T11082]  ? __pfx_validate_chain+0x10/0x10
[  342.084778][T11082]  ? __lock_acquire+0x1384/0x2050
[  342.089806][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  342.095180][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  342.100218][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  342.104780][T11082]  ? __pfx_lock_release+0x10/0x10
[  342.109811][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  342.114844][T11082]  unmap_vmas+0x3cc/0x5f0
[  342.119269][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  342.124123][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  342.128973][T11082]  unmap_region+0x214/0x380
[  342.133470][T11082]  ? __pfx_unmap_region+0x10/0x10
[  342.138545][T11082]  ? __mas_set_range+0x133/0x3c0
[  342.143489][T11082]  ? fput+0x1af/0x230
[  342.147474][T11082]  mmap_region+0x22f9/0x2990
[  342.152074][T11082]  ? __pfx_mmap_region+0x10/0x10
[  342.157017][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  342.162045][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  342.167245][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  342.172094][T11082]  ? security_mmap_addr+0x6f/0x250
[  342.177202][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  342.182483][T11082]  do_mmap+0x8f0/0x1000
[  342.186633][T11082]  ? __pfx_do_mmap+0x10/0x10
[  342.191212][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  342.196833][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  342.201852][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  342.206432][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  342.211530][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  342.217851][T11082]  ? do_syscall_64+0x100/0x230
[  342.222671][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  342.227529][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  342.232309][T11082]  do_syscall_64+0xf3/0x230
[  342.236904][T11082]  ? clear_bhb_loop+0x35/0x90
[  342.241582][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.247472][T11082] RIP: 0033:0x7f0cab37dff9
[  342.251880][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.271496][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  342.279914][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  342.287900][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  342.295862][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  342.303822][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  342.311783][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  342.319748][T11082]  </TASK>
[  342.324899][ T5249] Bluetooth: hci3: command tx timeout
[  342.330665][ T5249] Bluetooth: hci5: command tx timeout
[  342.373472][T11082] BUG: Bad page map in process syz.1.993  pte:800000004900d225 pmd:774e5067
[  342.382191][T11082] addr:000000002000d000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:d
[  342.393347][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  342.400332][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  342.412130][T11082] Tainted: [B]=BAD_PAGE
[  342.416365][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.426425][T11082] Call Trace:
[  342.429698][T11082]  <TASK>
[  342.432639][T11082]  dump_stack_lvl+0x241/0x360
[  342.437323][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.442613][T11082]  ? __pfx__printk+0x10/0x10
[  342.447203][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  342.452665][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  342.457609][T11082]  print_bad_pte+0x511/0x530
[  342.462217][T11082]  vm_normal_page+0x155/0x200
[  342.466886][T11082]  unmap_page_range+0xac6/0x40e0
[  342.471813][T11082]  ? __pfx_validate_chain+0x10/0x10
[  342.477015][T11082]  ? __lock_acquire+0x1384/0x2050
[  342.482034][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  342.487399][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  342.492414][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  342.496914][T11082]  ? __pfx_lock_release+0x10/0x10
[  342.501938][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  342.506962][T11082]  unmap_vmas+0x3cc/0x5f0
[  342.511287][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  342.516144][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  342.521070][T11082]  unmap_region+0x214/0x380
[  342.525562][T11082]  ? __pfx_unmap_region+0x10/0x10
[  342.530578][T11082]  ? __mas_set_range+0x133/0x3c0
[  342.535512][T11082]  ? fput+0x1af/0x230
[  342.539492][T11082]  mmap_region+0x22f9/0x2990
[  342.544091][T11082]  ? __pfx_mmap_region+0x10/0x10
[  342.549121][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  342.554332][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  342.559533][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  342.564369][T11082]  ? security_mmap_addr+0x6f/0x250
[  342.569479][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  342.574937][T11082]  do_mmap+0x8f0/0x1000
[  342.579088][T11082]  ? __pfx_do_mmap+0x10/0x10
[  342.583759][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  342.589380][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  342.594397][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  342.599246][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  342.604345][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  342.611104][T11082]  ? do_syscall_64+0x100/0x230
[  342.615872][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  342.620844][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  342.625610][T11082]  do_syscall_64+0xf3/0x230
[  342.630106][T11082]  ? clear_bhb_loop+0x35/0x90
[  342.634798][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.640704][T11082] RIP: 0033:0x7f0cab37dff9
[  342.645114][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.664722][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  342.673150][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  342.681148][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  342.689125][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  342.697087][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  342.705135][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  342.713099][T11082]  </TASK>
[  342.723783][T11082] BUG: Bad page map in process syz.1.993  pte:800000004900e225 pmd:774e5067
[  342.732538][T11082] addr:000000002000e000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:e
[  342.743629][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  342.750597][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  342.762596][T11082] Tainted: [B]=BAD_PAGE
[  342.766734][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.776778][T11082] Call Trace:
[  342.780045][T11082]  <TASK>
[  342.782961][T11082]  dump_stack_lvl+0x241/0x360
[  342.787654][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.792893][T11082]  ? __pfx__printk+0x10/0x10
[  342.797479][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  342.802940][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  342.807873][T11082]  print_bad_pte+0x511/0x530
[  342.812463][T11082]  vm_normal_page+0x155/0x200
[  342.817148][T11082]  unmap_page_range+0xac6/0x40e0
[  342.822077][T11082]  ? __pfx_validate_chain+0x10/0x10
[  342.827509][T11082]  ? __lock_acquire+0x1384/0x2050
[  342.832620][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  342.837999][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  342.843055][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  342.847568][T11082]  ? __pfx_lock_release+0x10/0x10
[  342.852594][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  342.857615][T11082]  unmap_vmas+0x3cc/0x5f0
[  342.861940][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  342.866917][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  342.871753][T11082]  unmap_region+0x214/0x380
[  342.876249][T11082]  ? __pfx_unmap_region+0x10/0x10
[  342.881263][T11082]  ? __mas_set_range+0x133/0x3c0
[  342.886207][T11082]  ? fput+0x1af/0x230
[  342.890192][T11082]  mmap_region+0x22f9/0x2990
[  342.894813][T11082]  ? __pfx_mmap_region+0x10/0x10
[  342.899781][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  342.904863][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  342.910056][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  342.914911][T11082]  ? security_mmap_addr+0x6f/0x250
[  342.920034][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  342.925324][T11082]  do_mmap+0x8f0/0x1000
[  342.929485][T11082]  ? __pfx_do_mmap+0x10/0x10
[  342.934071][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  342.939715][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  342.944740][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  342.949323][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  342.954436][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  342.960773][T11082]  ? do_syscall_64+0x100/0x230
[  342.965535][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  342.970563][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  342.975344][T11082]  do_syscall_64+0xf3/0x230
[  342.979869][T11082]  ? clear_bhb_loop+0x35/0x90
[  342.984545][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.990428][T11082] RIP: 0033:0x7f0cab37dff9
[  342.994878][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.014787][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  343.023225][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  343.031205][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  343.039171][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  343.047240][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  343.055222][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  343.063215][T11082]  </TASK>
[  343.072623][T11082] BUG: Bad page map in process syz.1.993  pte:800000004900f225 pmd:774e5067
[  343.081381][T11082] addr:000000002000f000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:f
[  343.092271][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  343.099275][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  343.111101][T11082] Tainted: [B]=BAD_PAGE
[  343.115251][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  343.125407][T11082] Call Trace:
[  343.128681][T11082]  <TASK>
[  343.131599][T11082]  dump_stack_lvl+0x241/0x360
[  343.136268][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.141456][T11082]  ? __pfx__printk+0x10/0x10
[  343.146043][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  343.151498][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  343.156441][T11082]  print_bad_pte+0x511/0x530
[  343.161037][T11082]  vm_normal_page+0x155/0x200
[  343.165702][T11082]  unmap_page_range+0xac6/0x40e0
[  343.170625][T11082]  ? __pfx_validate_chain+0x10/0x10
[  343.175827][T11082]  ? __lock_acquire+0x1384/0x2050
[  343.180851][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  343.186218][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  343.191235][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  343.195726][T11082]  ? __pfx_lock_release+0x10/0x10
[  343.200746][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  343.205776][T11082]  unmap_vmas+0x3cc/0x5f0
[  343.210112][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  343.214964][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  343.219815][T11082]  unmap_region+0x214/0x380
[  343.224318][T11082]  ? __pfx_unmap_region+0x10/0x10
[  343.229425][T11082]  ? __mas_set_range+0x133/0x3c0
[  343.234355][T11082]  ? fput+0x1af/0x230
[  343.238333][T11082]  mmap_region+0x22f9/0x2990
[  343.242938][T11082]  ? __pfx_mmap_region+0x10/0x10
[  343.247875][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  343.253045][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  343.258256][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  343.263210][T11082]  ? security_mmap_addr+0x6f/0x250
[  343.268333][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  343.273622][T11082]  do_mmap+0x8f0/0x1000
[  343.277777][T11082]  ? __pfx_do_mmap+0x10/0x10
[  343.282363][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  343.287987][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  343.293009][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  343.297606][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  343.302792][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  343.309115][T11082]  ? do_syscall_64+0x100/0x230
[  343.313869][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  343.318717][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  343.323559][T11082]  do_syscall_64+0xf3/0x230
[  343.328054][T11082]  ? clear_bhb_loop+0x35/0x90
[  343.332750][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.338643][T11082] RIP: 0033:0x7f0cab37dff9
[  343.343054][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.362847][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  343.371529][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  343.379582][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  343.387546][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  343.395507][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  343.403463][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  343.411426][T11082]  </TASK>
[  343.419648][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049010225 pmd:774e5067
[  343.428619][T11082] addr:0000000020010000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:10
[  343.439700][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  343.446738][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  343.459126][T11082] Tainted: [B]=BAD_PAGE
[  343.463277][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  343.473341][T11082] Call Trace:
[  343.476619][T11082]  <TASK>
[  343.479535][T11082]  dump_stack_lvl+0x241/0x360
[  343.484212][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.489410][T11082]  ? __pfx__printk+0x10/0x10
[  343.494011][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  343.499487][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  343.504415][T11082]  print_bad_pte+0x511/0x530
[  343.509086][T11082]  vm_normal_page+0x155/0x200
[  343.513819][T11082]  unmap_page_range+0xac6/0x40e0
[  343.518773][T11082]  ? __pfx_validate_chain+0x10/0x10
[  343.523971][T11082]  ? __lock_acquire+0x1384/0x2050
[  343.529016][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  343.534408][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  343.539437][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  343.543928][T11082]  ? __pfx_lock_release+0x10/0x10
[  343.548941][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  343.553962][T11082]  unmap_vmas+0x3cc/0x5f0
[  343.558298][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  343.563151][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  343.568002][T11082]  unmap_region+0x214/0x380
[  343.572490][T11082]  ? __pfx_unmap_region+0x10/0x10
[  343.577504][T11082]  ? __mas_set_range+0x133/0x3c0
[  343.582433][T11082]  ? fput+0x1af/0x230
[  343.586409][T11082]  mmap_region+0x22f9/0x2990
[  343.591093][T11082]  ? __pfx_mmap_region+0x10/0x10
[  343.596060][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  343.601093][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  343.606296][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  343.611138][T11082]  ? security_mmap_addr+0x6f/0x250
[  343.616246][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  343.621523][T11082]  do_mmap+0x8f0/0x1000
[  343.625672][T11082]  ? __pfx_do_mmap+0x10/0x10
[  343.630255][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  343.635887][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  343.640921][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  343.645503][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  343.650605][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  343.656925][T11082]  ? do_syscall_64+0x100/0x230
[  343.661683][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  343.666529][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  343.671281][T11082]  do_syscall_64+0xf3/0x230
[  343.675794][T11082]  ? clear_bhb_loop+0x35/0x90
[  343.680458][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.686437][T11082] RIP: 0033:0x7f0cab37dff9
[  343.690836][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.710515][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  343.718937][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  343.726901][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  343.734876][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  343.742850][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  343.750821][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  343.758877][T11082]  </TASK>
[  343.768674][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049011225 pmd:774e5067
[  343.777432][T11082] addr:0000000020011000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:11
[  343.788658][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  343.795662][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  343.807493][T11082] Tainted: [B]=BAD_PAGE
[  343.811633][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  343.821685][T11082] Call Trace:
[  343.824972][T11082]  <TASK>
[  343.827909][T11082]  dump_stack_lvl+0x241/0x360
[  343.832574][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.837851][T11082]  ? __pfx__printk+0x10/0x10
[  343.842527][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  343.847979][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  343.852907][T11082]  print_bad_pte+0x511/0x530
[  343.857579][T11082]  vm_normal_page+0x155/0x200
[  343.862247][T11082]  unmap_page_range+0xac6/0x40e0
[  343.867180][T11082]  ? __pfx_validate_chain+0x10/0x10
[  343.872543][T11082]  ? __lock_acquire+0x1384/0x2050
[  343.877579][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  343.882957][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  343.887975][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  343.892469][T11082]  ? __pfx_lock_release+0x10/0x10
[  343.897488][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  343.902507][T11082]  unmap_vmas+0x3cc/0x5f0
[  343.906830][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  343.911673][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  343.916514][T11082]  unmap_region+0x214/0x380
[  343.921016][T11082]  ? __pfx_unmap_region+0x10/0x10
[  343.926070][T11082]  ? __mas_set_range+0x133/0x3c0
[  343.930998][T11082]  ? fput+0x1af/0x230
[  343.935063][T11082]  mmap_region+0x22f9/0x2990
[  343.939657][T11082]  ? __pfx_mmap_region+0x10/0x10
[  343.944767][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  343.949790][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  343.954986][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  343.959825][T11082]  ? security_mmap_addr+0x6f/0x250
[  343.965107][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  343.970475][T11082]  do_mmap+0x8f0/0x1000
[  343.974631][T11082]  ? __pfx_do_mmap+0x10/0x10
[  343.979224][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  343.984933][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  343.989948][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  343.994529][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  343.999624][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  344.006044][T11082]  ? do_syscall_64+0x100/0x230
[  344.010797][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  344.015645][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  344.020398][T11082]  do_syscall_64+0xf3/0x230
[  344.024915][T11082]  ? clear_bhb_loop+0x35/0x90
[  344.029582][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.035470][T11082] RIP: 0033:0x7f0cab37dff9
[  344.039972][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.059569][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  344.067975][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  344.075948][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  344.083924][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  344.091929][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  344.099916][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  344.108200][T11082]  </TASK>
[  344.114351][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049012225 pmd:774e5067
[  344.123058][T11082] addr:0000000020012000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:12
[  344.134258][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  344.141227][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  344.153227][T11082] Tainted: [B]=BAD_PAGE
[  344.157476][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  344.167525][T11082] Call Trace:
[  344.170796][T11082]  <TASK>
[  344.173737][T11082]  dump_stack_lvl+0x241/0x360
[  344.178422][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.183615][T11082]  ? __pfx__printk+0x10/0x10
[  344.188220][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  344.193682][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  344.198630][T11082]  print_bad_pte+0x511/0x530
[  344.203221][T11082]  vm_normal_page+0x155/0x200
[  344.207901][T11082]  unmap_page_range+0xac6/0x40e0
[  344.212838][T11082]  ? __pfx_validate_chain+0x10/0x10
[  344.218124][T11082]  ? __lock_acquire+0x1384/0x2050
[  344.223146][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  344.228515][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  344.233552][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  344.238063][T11082]  ? __pfx_lock_release+0x10/0x10
[  344.243079][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  344.248095][T11082]  unmap_vmas+0x3cc/0x5f0
[  344.252446][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  344.257292][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  344.262164][T11082]  unmap_region+0x214/0x380
[  344.266658][T11082]  ? __pfx_unmap_region+0x10/0x10
[  344.271671][T11082]  ? __mas_set_range+0x133/0x3c0
[  344.276752][T11082]  ? fput+0x1af/0x230
[  344.280854][T11082]  mmap_region+0x22f9/0x2990
[  344.285442][T11082]  ? __pfx_mmap_region+0x10/0x10
[  344.290375][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  344.295405][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  344.300598][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  344.305520][T11082]  ? security_mmap_addr+0x6f/0x250
[  344.310624][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  344.315911][T11082]  do_mmap+0x8f0/0x1000
[  344.320066][T11082]  ? __pfx_do_mmap+0x10/0x10
[  344.324643][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  344.330288][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  344.335313][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  344.339894][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  344.345005][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  344.351369][T11082]  ? do_syscall_64+0x100/0x230
[  344.356135][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  344.360976][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  344.365731][T11082]  do_syscall_64+0xf3/0x230
[  344.370222][T11082]  ? clear_bhb_loop+0x35/0x90
[  344.374891][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.380783][T11082] RIP: 0033:0x7f0cab37dff9
[  344.385197][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.404898][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  344.413406][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  344.421390][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  344.423313][ T5249] Bluetooth: hci3: command tx timeout
[  344.429345][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  344.429362][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  344.450672][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  344.458643][T11082]  </TASK>
[  344.464093][ T5249] Bluetooth: hci5: command tx timeout
[  344.482499][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049013225 pmd:774e5067
[  344.491324][T11082] addr:0000000020013000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:13
[  344.502541][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  344.509535][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  344.521357][T11082] Tainted: [B]=BAD_PAGE
[  344.525493][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  344.535538][T11082] Call Trace:
[  344.538804][T11082]  <TASK>
[  344.541721][T11082]  dump_stack_lvl+0x241/0x360
[  344.546396][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.551580][T11082]  ? __pfx__printk+0x10/0x10
[  344.556159][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  344.561607][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  344.566551][T11082]  print_bad_pte+0x511/0x530
[  344.571134][T11082]  vm_normal_page+0x155/0x200
[  344.575889][T11082]  unmap_page_range+0xac6/0x40e0
[  344.580917][T11082]  ? __pfx_validate_chain+0x10/0x10
[  344.586119][T11082]  ? __lock_acquire+0x1384/0x2050
[  344.591145][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  344.596518][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  344.601534][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  344.606029][T11082]  ? __pfx_lock_release+0x10/0x10
[  344.611043][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  344.616055][T11082]  unmap_vmas+0x3cc/0x5f0
[  344.620375][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  344.625221][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  344.630076][T11082]  unmap_region+0x214/0x380
[  344.634570][T11082]  ? __pfx_unmap_region+0x10/0x10
[  344.639587][T11082]  ? __mas_set_range+0x133/0x3c0
[  344.644510][T11082]  ? fput+0x1af/0x230
[  344.648480][T11082]  mmap_region+0x22f9/0x2990
[  344.653073][T11082]  ? __pfx_mmap_region+0x10/0x10
[  344.658006][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  344.663027][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  344.668222][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  344.673058][T11082]  ? security_mmap_addr+0x6f/0x250
[  344.678161][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  344.683442][T11082]  do_mmap+0x8f0/0x1000
[  344.687594][T11082]  ? __pfx_do_mmap+0x10/0x10
[  344.692269][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  344.697985][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  344.703005][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  344.707586][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  344.712689][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  344.719015][T11082]  ? do_syscall_64+0x100/0x230
[  344.723771][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  344.728619][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  344.733368][T11082]  do_syscall_64+0xf3/0x230
[  344.737857][T11082]  ? clear_bhb_loop+0x35/0x90
[  344.742532][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.748420][T11082] RIP: 0033:0x7f0cab37dff9
[  344.752824][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.772417][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  344.780819][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  344.788779][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  344.796738][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  344.804700][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  344.812657][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  344.820618][T11082]  </TASK>
[  344.828760][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049014225 pmd:774e5067
[  344.837519][T11082] addr:0000000020014000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:14
[  344.848485][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  344.855494][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  344.867298][T11082] Tainted: [B]=BAD_PAGE
[  344.871433][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  344.881905][T11082] Call Trace:
[  344.885183][T11082]  <TASK>
[  344.888123][T11082]  dump_stack_lvl+0x241/0x360
[  344.892806][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.897993][T11082]  ? __pfx__printk+0x10/0x10
[  344.902572][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  344.908022][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  344.912952][T11082]  print_bad_pte+0x511/0x530
[  344.917530][T11082]  vm_normal_page+0x155/0x200
[  344.922194][T11082]  unmap_page_range+0xac6/0x40e0
[  344.927120][T11082]  ? __pfx_validate_chain+0x10/0x10
[  344.932313][T11082]  ? __lock_acquire+0x1384/0x2050
[  344.937326][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  344.942691][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  344.947720][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  344.952210][T11082]  ? __pfx_lock_release+0x10/0x10
[  344.957226][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  344.962254][T11082]  unmap_vmas+0x3cc/0x5f0
[  344.966571][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  344.971410][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  344.976247][T11082]  unmap_region+0x214/0x380
[  344.980747][T11082]  ? __pfx_unmap_region+0x10/0x10
[  344.985766][T11082]  ? __mas_set_range+0x133/0x3c0
[  344.990696][T11082]  ? fput+0x1af/0x230
[  344.994691][T11082]  mmap_region+0x22f9/0x2990
[  344.999275][T11082]  ? __pfx_mmap_region+0x10/0x10
[  345.004216][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  345.009332][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  345.014519][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  345.019350][T11082]  ? security_mmap_addr+0x6f/0x250
[  345.024456][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  345.029753][T11082]  do_mmap+0x8f0/0x1000
[  345.033904][T11082]  ? __pfx_do_mmap+0x10/0x10
[  345.038499][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  345.044151][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  345.049198][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  345.053794][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  345.058908][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  345.065236][T11082]  ? do_syscall_64+0x100/0x230
[  345.070000][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  345.074838][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  345.079685][T11082]  do_syscall_64+0xf3/0x230
[  345.084197][T11082]  ? clear_bhb_loop+0x35/0x90
[  345.088963][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.094856][T11082] RIP: 0033:0x7f0cab37dff9
[  345.099262][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.118870][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  345.127294][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  345.135279][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  345.143243][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  345.151213][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  345.159172][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  345.167136][T11082]  </TASK>
[  345.173094][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049015225 pmd:774e5067
[  345.181901][T11082] addr:0000000020015000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:15
[  345.192953][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  345.200294][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  345.212203][T11082] Tainted: [B]=BAD_PAGE
[  345.216337][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  345.226469][T11082] Call Trace:
[  345.229743][T11082]  <TASK>
[  345.232692][T11082]  dump_stack_lvl+0x241/0x360
[  345.237454][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.242652][T11082]  ? __pfx__printk+0x10/0x10
[  345.247238][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  345.252699][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  345.257642][T11082]  print_bad_pte+0x511/0x530
[  345.262245][T11082]  vm_normal_page+0x155/0x200
[  345.266916][T11082]  unmap_page_range+0xac6/0x40e0
[  345.271867][T11082]  ? __pfx_validate_chain+0x10/0x10
[  345.277063][T11082]  ? __lock_acquire+0x1384/0x2050
[  345.282103][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  345.287483][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  345.292507][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  345.297016][T11082]  ? __pfx_lock_release+0x10/0x10
[  345.302044][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  345.307074][T11082]  unmap_vmas+0x3cc/0x5f0
[  345.311406][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  345.316253][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  345.321098][T11082]  unmap_region+0x214/0x380
[  345.325608][T11082]  ? __pfx_unmap_region+0x10/0x10
[  345.330637][T11082]  ? __mas_set_range+0x133/0x3c0
[  345.335576][T11082]  ? fput+0x1af/0x230
[  345.339558][T11082]  mmap_region+0x22f9/0x2990
[  345.344161][T11082]  ? __pfx_mmap_region+0x10/0x10
[  345.349108][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  345.354139][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  345.359336][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  345.364345][T11082]  ? security_mmap_addr+0x6f/0x250
[  345.369450][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  345.374726][T11082]  do_mmap+0x8f0/0x1000
[  345.378873][T11082]  ? __pfx_do_mmap+0x10/0x10
[  345.383456][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  345.389077][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  345.394094][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  345.398672][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  345.403795][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  345.410118][T11082]  ? do_syscall_64+0x100/0x230
[  345.414871][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  345.419718][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  345.424470][T11082]  do_syscall_64+0xf3/0x230
[  345.428959][T11082]  ? clear_bhb_loop+0x35/0x90
[  345.433627][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.439514][T11082] RIP: 0033:0x7f0cab37dff9
[  345.443915][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.463507][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  345.471906][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  345.479866][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  345.487827][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  345.495871][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  345.503836][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  345.511797][T11082]  </TASK>
[  345.518821][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049016225 pmd:774e5067
[  345.527583][T11082] addr:0000000020016000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:16
[  345.539116][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  345.546314][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  345.558124][T11082] Tainted: [B]=BAD_PAGE
[  345.562261][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  345.572301][T11082] Call Trace:
[  345.575594][T11082]  <TASK>
[  345.578513][T11082]  dump_stack_lvl+0x241/0x360
[  345.583191][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.588469][T11082]  ? __pfx__printk+0x10/0x10
[  345.593056][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  345.598509][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  345.603435][T11082]  print_bad_pte+0x511/0x530
[  345.608018][T11082]  vm_normal_page+0x155/0x200
[  345.612684][T11082]  unmap_page_range+0xac6/0x40e0
[  345.617613][T11082]  ? __pfx_validate_chain+0x10/0x10
[  345.622802][T11082]  ? __lock_acquire+0x1384/0x2050
[  345.627821][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  345.633183][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  345.638204][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  345.642694][T11082]  ? __pfx_lock_release+0x10/0x10
[  345.647708][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  345.652734][T11082]  unmap_vmas+0x3cc/0x5f0
[  345.657053][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  345.661896][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  345.666735][T11082]  unmap_region+0x214/0x380
[  345.671226][T11082]  ? __pfx_unmap_region+0x10/0x10
[  345.676240][T11082]  ? __mas_set_range+0x133/0x3c0
[  345.681162][T11082]  ? fput+0x1af/0x230
[  345.685140][T11082]  mmap_region+0x22f9/0x2990
[  345.689731][T11082]  ? __pfx_mmap_region+0x10/0x10
[  345.694751][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  345.699769][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  345.704963][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  345.709802][T11082]  ? security_mmap_addr+0x6f/0x250
[  345.714915][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  345.720626][T11082]  do_mmap+0x8f0/0x1000
[  345.724799][T11082]  ? __pfx_do_mmap+0x10/0x10
[  345.729377][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  345.735005][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  345.740022][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  345.744599][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  345.749698][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  345.756021][T11082]  ? do_syscall_64+0x100/0x230
[  345.760773][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  345.765615][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  345.770363][T11082]  do_syscall_64+0xf3/0x230
[  345.774939][T11082]  ? clear_bhb_loop+0x35/0x90
[  345.779604][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.785487][T11082] RIP: 0033:0x7f0cab37dff9
[  345.789888][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.809490][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  345.817929][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  345.825913][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  345.833873][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  345.841832][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  345.849792][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  345.857758][T11082]  </TASK>
[  345.882583][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049017225 pmd:774e5067
[  345.891327][T11082] addr:0000000020017000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:17
[  345.902473][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  345.909449][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  345.921245][T11082] Tainted: [B]=BAD_PAGE
[  345.925383][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  345.935432][T11082] Call Trace:
[  345.938717][T11082]  <TASK>
[  345.941655][T11082]  dump_stack_lvl+0x241/0x360
[  345.946338][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.951520][T11082]  ? __pfx__printk+0x10/0x10
[  345.956116][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  345.961572][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  345.966511][T11082]  print_bad_pte+0x511/0x530
[  345.971086][T11082]  vm_normal_page+0x155/0x200
[  345.975772][T11082]  unmap_page_range+0xac6/0x40e0
[  345.980723][T11082]  ? __pfx_validate_chain+0x10/0x10
[  345.985924][T11082]  ? __lock_acquire+0x1384/0x2050
[  345.990942][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  345.996304][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  346.001315][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  346.005818][T11082]  ? __pfx_lock_release+0x10/0x10
[  346.010859][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  346.015896][T11082]  unmap_vmas+0x3cc/0x5f0
[  346.020235][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  346.025087][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  346.029932][T11082]  unmap_region+0x214/0x380
[  346.034426][T11082]  ? __pfx_unmap_region+0x10/0x10
[  346.039448][T11082]  ? __mas_set_range+0x133/0x3c0
[  346.044391][T11082]  ? fput+0x1af/0x230
[  346.048362][T11082]  mmap_region+0x22f9/0x2990
[  346.052953][T11082]  ? __pfx_mmap_region+0x10/0x10
[  346.058083][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  346.063104][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  346.068299][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  346.073133][T11082]  ? security_mmap_addr+0x6f/0x250
[  346.078242][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  346.083522][T11082]  do_mmap+0x8f0/0x1000
[  346.087673][T11082]  ? __pfx_do_mmap+0x10/0x10
[  346.092254][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  346.097884][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  346.102901][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  346.107482][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  346.112579][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  346.118904][T11082]  ? do_syscall_64+0x100/0x230
[  346.123658][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  346.128502][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  346.133251][T11082]  do_syscall_64+0xf3/0x230
[  346.137740][T11082]  ? clear_bhb_loop+0x35/0x90
[  346.142401][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.148288][T11082] RIP: 0033:0x7f0cab37dff9
[  346.152690][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.172375][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  346.180957][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  346.188935][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  346.196916][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  346.204885][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  346.212853][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  346.220830][T11082]  </TASK>
[  346.232616][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049018225 pmd:774e5067
[  346.241428][T11082] addr:0000000020018000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:18
[  346.252647][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  346.259680][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  346.271502][T11082] Tainted: [B]=BAD_PAGE
[  346.275647][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  346.285808][T11082] Call Trace:
[  346.289077][T11082]  <TASK>
[  346.292001][T11082]  dump_stack_lvl+0x241/0x360
[  346.296683][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.301869][T11082]  ? __pfx__printk+0x10/0x10
[  346.306514][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  346.311972][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  346.316908][T11082]  print_bad_pte+0x511/0x530
[  346.321520][T11082]  vm_normal_page+0x155/0x200
[  346.326207][T11082]  unmap_page_range+0xac6/0x40e0
[  346.331142][T11082]  ? __pfx_validate_chain+0x10/0x10
[  346.336337][T11082]  ? __lock_acquire+0x1384/0x2050
[  346.341371][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  346.346747][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  346.351779][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  346.356298][T11082]  ? __pfx_lock_release+0x10/0x10
[  346.361316][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  346.366337][T11082]  unmap_vmas+0x3cc/0x5f0
[  346.370664][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  346.375514][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  346.380377][T11082]  unmap_region+0x214/0x380
[  346.384887][T11082]  ? __pfx_unmap_region+0x10/0x10
[  346.390008][T11082]  ? __mas_set_range+0x133/0x3c0
[  346.394935][T11082]  ? fput+0x1af/0x230
[  346.398908][T11082]  mmap_region+0x22f9/0x2990
[  346.403512][T11082]  ? __pfx_mmap_region+0x10/0x10
[  346.408468][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  346.413575][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  346.418774][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  346.423623][T11082]  ? security_mmap_addr+0x6f/0x250
[  346.428746][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  346.434050][T11082]  do_mmap+0x8f0/0x1000
[  346.438201][T11082]  ? __pfx_do_mmap+0x10/0x10
[  346.442781][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  346.448408][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  346.453451][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  346.458029][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  346.463123][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  346.469449][T11082]  ? do_syscall_64+0x100/0x230
[  346.474284][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  346.479127][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  346.483889][T11082]  do_syscall_64+0xf3/0x230
[  346.488399][T11082]  ? clear_bhb_loop+0x35/0x90
[  346.493067][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.498964][T11082] RIP: 0033:0x7f0cab37dff9
[  346.503380][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.523021][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  346.531516][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  346.539482][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  346.547447][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  346.555412][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  346.563394][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  346.571375][T11082]  </TASK>
[  346.576190][T11082] BUG: Bad page map in process syz.1.993  pte:8000000049019225 pmd:774e5067
[  346.584930][T11082] addr:0000000020019000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:19
[  346.596473][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  346.603473][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  346.615389][T11082] Tainted: [B]=BAD_PAGE
[  346.619531][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  346.629588][T11082] Call Trace:
[  346.632874][T11082]  <TASK>
[  346.635802][T11082]  dump_stack_lvl+0x241/0x360
[  346.640497][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.645701][T11082]  ? __pfx__printk+0x10/0x10
[  346.650294][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  346.655754][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  346.660689][T11082]  print_bad_pte+0x511/0x530
[  346.665283][T11082]  vm_normal_page+0x155/0x200
[  346.669968][T11082]  unmap_page_range+0xac6/0x40e0
[  346.675030][T11082]  ? __pfx_validate_chain+0x10/0x10
[  346.680215][T11082]  ? __lock_acquire+0x1384/0x2050
[  346.685246][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  346.690615][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  346.696072][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  346.700570][T11082]  ? __pfx_lock_release+0x10/0x10
[  346.705593][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  346.710611][T11082]  unmap_vmas+0x3cc/0x5f0
[  346.714933][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  346.719868][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  346.724712][T11082]  unmap_region+0x214/0x380
[  346.729206][T11082]  ? __pfx_unmap_region+0x10/0x10
[  346.734233][T11082]  ? __mas_set_range+0x133/0x3c0
[  346.739175][T11082]  ? fput+0x1af/0x230
[  346.743155][T11082]  mmap_region+0x22f9/0x2990
[  346.747756][T11082]  ? __pfx_mmap_region+0x10/0x10
[  346.752698][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  346.757726][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  346.762931][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  346.767772][T11082]  ? security_mmap_addr+0x6f/0x250
[  346.772971][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  346.778344][T11082]  do_mmap+0x8f0/0x1000
[  346.782502][T11082]  ? __pfx_do_mmap+0x10/0x10
[  346.787086][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  346.792711][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  346.797754][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  346.802352][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  346.807455][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  346.813876][T11082]  ? do_syscall_64+0x100/0x230
[  346.818642][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  346.823490][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  346.828243][T11082]  do_syscall_64+0xf3/0x230
[  346.832774][T11082]  ? clear_bhb_loop+0x35/0x90
[  346.837446][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.843340][T11082] RIP: 0033:0x7f0cab37dff9
[  346.847754][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.867435][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  346.875845][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  346.883899][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  346.891975][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  346.900024][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  346.908075][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  346.916058][T11082]  </TASK>
[  346.925388][T11082] BUG: Bad page map in process syz.1.993  pte:800000004901a225 pmd:774e5067
[  346.929605][ T3123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  346.934127][T11082] addr:000000002001a000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:1a
[  346.934149][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  346.934188][T11082] CPU: 1 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  346.934215][T11082] Tainted: [B]=BAD_PAGE
[  346.934222][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  346.934233][T11082] Call Trace:
[  346.934240][T11082]  <TASK>
[  346.934248][T11082]  dump_stack_lvl+0x241/0x360
[  346.934269][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.934287][T11082]  ? __pfx__printk+0x10/0x10
[  346.934312][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  346.934335][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  346.934355][T11082]  print_bad_pte+0x511/0x530
[  346.934378][T11082]  vm_normal_page+0x155/0x200
[  346.934398][T11082]  unmap_page_range+0xac6/0x40e0
[  347.031856][T11082]  ? __pfx_validate_chain+0x10/0x10
[  347.037081][T11082]  ? __lock_acquire+0x1384/0x2050
[  347.042203][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  347.047682][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  347.052706][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  347.057206][T11082]  ? __pfx_lock_release+0x10/0x10
[  347.062232][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  347.067256][T11082]  unmap_vmas+0x3cc/0x5f0
[  347.071588][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  347.076448][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  347.081390][T11082]  unmap_region+0x214/0x380
[  347.085891][T11082]  ? __pfx_unmap_region+0x10/0x10
[  347.090913][T11082]  ? __mas_set_range+0x133/0x3c0
[  347.095846][T11082]  ? fput+0x1af/0x230
[  347.099827][T11082]  mmap_region+0x22f9/0x2990
[  347.104516][T11082]  ? __pfx_mmap_region+0x10/0x10
[  347.109468][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  347.114511][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  347.119809][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  347.124667][T11082]  ? security_mmap_addr+0x6f/0x250
[  347.129797][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  347.135111][T11082]  do_mmap+0x8f0/0x1000
[  347.139267][T11082]  ? __pfx_do_mmap+0x10/0x10
[  347.143863][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  347.149512][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  347.154532][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  347.159134][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  347.164242][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  347.170583][T11082]  ? do_syscall_64+0x100/0x230
[  347.175359][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  347.180205][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  347.184968][T11082]  do_syscall_64+0xf3/0x230
[  347.189469][T11082]  ? clear_bhb_loop+0x35/0x90
[  347.194132][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.200015][T11082] RIP: 0033:0x7f0cab37dff9
[  347.204431][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.224058][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  347.232488][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  347.240470][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  347.248446][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  347.256465][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  347.264483][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  347.272464][T11082]  </TASK>
[  347.276932][T11082] BUG: Bad page map in process syz.1.993  pte:800000004901b225 pmd:774e5067
[  347.285888][T11082] addr:000000002001b000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:1b
[  347.296962][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  347.303979][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  347.315785][T11082] Tainted: [B]=BAD_PAGE
[  347.319917][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  347.329954][T11082] Call Trace:
[  347.333223][T11082]  <TASK>
[  347.336181][T11082]  dump_stack_lvl+0x241/0x360
[  347.340863][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.346055][T11082]  ? __pfx__printk+0x10/0x10
[  347.350674][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  347.356147][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  347.361195][T11082]  print_bad_pte+0x511/0x530
[  347.365781][T11082]  vm_normal_page+0x155/0x200
[  347.370451][T11082]  unmap_page_range+0xac6/0x40e0
[  347.375463][T11082]  ? __pfx_validate_chain+0x10/0x10
[  347.380828][T11082]  ? __lock_acquire+0x1384/0x2050
[  347.385849][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  347.391211][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  347.396227][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  347.400729][T11082]  ? __pfx_lock_release+0x10/0x10
[  347.405802][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  347.410813][T11082]  unmap_vmas+0x3cc/0x5f0
[  347.415137][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  347.420002][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  347.424847][T11082]  unmap_region+0x214/0x380
[  347.429338][T11082]  ? __pfx_unmap_region+0x10/0x10
[  347.434353][T11082]  ? __mas_set_range+0x133/0x3c0
[  347.439364][T11082]  ? fput+0x1af/0x230
[  347.443338][T11082]  mmap_region+0x22f9/0x2990
[  347.447929][T11082]  ? __pfx_mmap_region+0x10/0x10
[  347.452868][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  347.457892][T11082]  ? mm_get_unmapped_area+0xa8/0xd0
[  347.463085][T11082]  ? bpf_lsm_mmap_addr+0x9/0x10
[  347.467930][T11082]  ? security_mmap_addr+0x6f/0x250
[  347.473039][T11082]  ? __get_unmapped_area+0x2ed/0x350
[  347.478324][T11082]  do_mmap+0x8f0/0x1000
[  347.482510][T11082]  ? __pfx_do_mmap+0x10/0x10
[  347.487093][T11082]  ? __pfx_down_write_killable+0x10/0x10
[  347.492716][T11082]  ? apparmor_mmap_file+0xc3/0xe0
[  347.497734][T11082]  vm_mmap_pgoff+0x1dd/0x3d0
[  347.502316][T11082]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  347.507412][T11082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  347.513738][T11082]  ? do_syscall_64+0x100/0x230
[  347.518490][T11082]  ? ksys_mmap_pgoff+0xdf/0x720
[  347.523330][T11082]  ? __x64_sys_mmap+0x7f/0x140
[  347.528080][T11082]  do_syscall_64+0xf3/0x230
[  347.532569][T11082]  ? clear_bhb_loop+0x35/0x90
[  347.537234][T11082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.543122][T11082] RIP: 0033:0x7f0cab37dff9
[  347.547528][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.567129][T11082] RSP: 002b:00007f0cac189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  347.575554][T11082] RAX: ffffffffffffffda RBX: 00007f0cab535f80 RCX: 00007f0cab37dff9
[  347.583801][T11082] RDX: 000000000200000d RSI: 0000000000b36000 RDI: 0000000020000000
[  347.591767][T11082] RBP: 00007f0cac189090 R08: ffffffffffffffff R09: 0000000000000000
[  347.599913][T11082] R10: 0000000004008031 R11: 0000000000000246 R12: 0000000000000002
[  347.607910][T11082] R13: 0000000000000000 R14: 00007f0cab535f80 R15: 00007f0cab65fa28
[  347.615899][T11082]  </TASK>
[  347.624364][T11082] BUG: Bad page map in process syz.1.993  pte:800000004901c225 pmd:774e5067
[  347.626456][ T3123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  347.633086][T11082] addr:000000002001c000 vm_flags:000000fd anon_vma:0000000000000000 mapping:0000000000000000 index:1c
[  347.633108][T11082] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[  347.660468][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.1.993 Tainted: G    B              6.11.0-syzkaller-11993-g3efc57369a0c #0
[  347.672438][T11082] Tainted: [B]=BAD_PAGE
[  347.676590][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  347.686673][T11082] Call Trace:
[  347.689941][T11082]  <TASK>
[  347.692884][T11082]  dump_stack_lvl+0x241/0x360
[  347.697560][T11082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.702765][T11082]  ? __pfx__printk+0x10/0x10
[  347.707352][T11082]  ? __pte_offset_map_lock+0x273/0x300
[  347.712823][T11082]  ? __pfx_shmem_fault+0x10/0x10
[  347.717769][T11082]  print_bad_pte+0x511/0x530
[  347.722538][T11082]  vm_normal_page+0x155/0x200
[  347.727212][T11082]  unmap_page_range+0xac6/0x40e0
[  347.732252][T11082]  ? __pfx_validate_chain+0x10/0x10
[  347.737467][T11082]  ? __lock_acquire+0x1384/0x2050
[  347.742495][T11082]  ? __pfx_unmap_page_range+0x10/0x10
[  347.747886][T11082]  ? __pfx_lock_acquire+0x10/0x10
[  347.752909][T11082]  ? unmap_vmas+0x1f1/0x5f0
[  347.757437][T11082]  ? __pfx_lock_release+0x10/0x10
[  347.762464][T11082]  ? unmap_single_vma+0x1bd/0x2b0
[  347.767483][T11082]  unmap_vmas+0x3cc/0x5f0
[  347.771802][T11082]  ? __pfx_unmap_vmas+0x10/0x10
[  347.776652][T11082]  ? tlb_gather_mmu+0x24e/0x310
[  347.781491][T11082]  unmap_region+0x214/0x380
[  347.785983][T11082]  ? __pfx_unmap_region+0x10/0x10