last executing test programs:

4m15.637450155s ago: executing program 1 (id=135):
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r0 = socket$netlink(0x10, 0x3, 0x2)
getpid()
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="a48f67ac8ba86b0519978e5cd2", @ANYRES32=0x0, @ANYBLOB="0000000000060000"], 0x20}}, 0x0)

4m15.543858304s ago: executing program 1 (id=136):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[@ANYBLOB="28fc000014001901000000000000000228"], 0x28}}, 0x0)

4m13.991050141s ago: executing program 1 (id=143):
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000300))
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x3f00)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
get_robust_list(0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x300000000000000)

4m12.922276641s ago: executing program 1 (id=145):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0)
syz_genetlink_get_family_id$tipc(&(0x7f0000001780), r0)
recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x105}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000001b40)=""/153, 0x99}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000000340)=""/196, 0xc4}], 0x3}, 0x7}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd404}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000004c40)=""/4098, 0x1002}, {&(0x7f0000000440)=""/160, 0xa0}, {&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f00000000c0)=""/18, 0x12}, {&(0x7f0000005c80)=""/4100, 0x1004}, {&(0x7f0000001840)=""/105, 0x69}, {&(0x7f00000018c0)=""/147, 0x93}, {&(0x7f0000000640)=""/4086, 0xff6}, {&(0x7f0000001640)=""/238, 0xee}], 0xa}, 0x80000000}], 0x4, 0x40008062, 0x0)

4m12.244583985s ago: executing program 1 (id=147):
socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x7ff)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_buf(r7, 0x6, 0x1f, &(0x7f0000000380)=""/248, &(0x7f00000000c0)=0xf8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c00000010000104000000000000000004000000", @ANYRES32=0x0, @ANYBLOB="76130000000000003c0012800b00010067656e65766500002c000280050004000300000005000a000100000005000300920000000500080001000000050009"], 0x5c}}, 0x40800)

4m11.090500531s ago: executing program 1 (id=148):
r0 = socket(0x10, 0x4, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x4)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f00000007c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
socket$inet(0x2, 0x4, 0xffff)
r3 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000100)={0x0, 0x0})
connect$tipc(r0, 0x0, 0xffffffffffffff5c)

3m55.59323721s ago: executing program 32 (id=148):
r0 = socket(0x10, 0x4, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x4)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f00000007c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
socket$inet(0x2, 0x4, 0xffff)
r3 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000100)={0x0, 0x0})
connect$tipc(r0, 0x0, 0xffffffffffffff5c)

1m53.583435283s ago: executing program 2 (id=142):
r0 = gettid()
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)="15", 0x1}, {&(0x7f0000000300)="f4378412bf691463b3ec3bd635a3e8bebf4265ac49da61b16e220cf69fb1713efe943ddbae2950b79cb33b00895cb6ea0239923768e4df2ee76ccd1b5fcac7fa0e5cc407f65ee256f7320b361c37d9d851a56b55134c16c992faeeac5b24c89aff0443d90d0d2d0d68acbe95", 0x6c}, {&(0x7f0000000380)="1dcfd56b96fe6888a210e303c71a490e022a2c1b78a23cee58d17aa225695fcdff4799bdd3513bcf79f15eadefed736174018cbb7a0fca74fa50e51bafe2040902218f9ddba3e3b36f65d8ebc1e1b185c74bd4d2d5425951e362917bf06c464c9a3a46271b0265a1098caf7d9358109dea69f27152d1620a7fbe67db00d89f633cba41cc36f21ce51ca70cd5dc4cf7ba201847287c1ed38e583d3cb3ce1c9ac216741a74d662456b551630872c", 0xad}], 0x3}}], 0x1, 0x8080)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x8000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000880)=""/4096)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r6)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000040)=""/47, 0x2f)
getdents64(r7, 0xfffffffffffffffe, 0x29)
recvmmsg(r5, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2b, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

1m29.903939744s ago: executing program 2 (id=142):
r0 = gettid()
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)="15", 0x1}, {&(0x7f0000000300)="f4378412bf691463b3ec3bd635a3e8bebf4265ac49da61b16e220cf69fb1713efe943ddbae2950b79cb33b00895cb6ea0239923768e4df2ee76ccd1b5fcac7fa0e5cc407f65ee256f7320b361c37d9d851a56b55134c16c992faeeac5b24c89aff0443d90d0d2d0d68acbe95", 0x6c}, {&(0x7f0000000380)="1dcfd56b96fe6888a210e303c71a490e022a2c1b78a23cee58d17aa225695fcdff4799bdd3513bcf79f15eadefed736174018cbb7a0fca74fa50e51bafe2040902218f9ddba3e3b36f65d8ebc1e1b185c74bd4d2d5425951e362917bf06c464c9a3a46271b0265a1098caf7d9358109dea69f27152d1620a7fbe67db00d89f633cba41cc36f21ce51ca70cd5dc4cf7ba201847287c1ed38e583d3cb3ce1c9ac216741a74d662456b551630872c", 0xad}], 0x3}}], 0x1, 0x8080)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x8000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000880)=""/4096)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r6)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000040)=""/47, 0x2f)
getdents64(r7, 0xfffffffffffffffe, 0x29)
recvmmsg(r5, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2b, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

1m9.609722397s ago: executing program 2 (id=142):
r0 = gettid()
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)="15", 0x1}, {&(0x7f0000000300)="f4378412bf691463b3ec3bd635a3e8bebf4265ac49da61b16e220cf69fb1713efe943ddbae2950b79cb33b00895cb6ea0239923768e4df2ee76ccd1b5fcac7fa0e5cc407f65ee256f7320b361c37d9d851a56b55134c16c992faeeac5b24c89aff0443d90d0d2d0d68acbe95", 0x6c}, {&(0x7f0000000380)="1dcfd56b96fe6888a210e303c71a490e022a2c1b78a23cee58d17aa225695fcdff4799bdd3513bcf79f15eadefed736174018cbb7a0fca74fa50e51bafe2040902218f9ddba3e3b36f65d8ebc1e1b185c74bd4d2d5425951e362917bf06c464c9a3a46271b0265a1098caf7d9358109dea69f27152d1620a7fbe67db00d89f633cba41cc36f21ce51ca70cd5dc4cf7ba201847287c1ed38e583d3cb3ce1c9ac216741a74d662456b551630872c", 0xad}], 0x3}}], 0x1, 0x8080)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x8000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000880)=""/4096)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r6)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000040)=""/47, 0x2f)
getdents64(r7, 0xfffffffffffffffe, 0x29)
recvmmsg(r5, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2b, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

49.476951429s ago: executing program 2 (id=142):
r0 = gettid()
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)="15", 0x1}, {&(0x7f0000000300)="f4378412bf691463b3ec3bd635a3e8bebf4265ac49da61b16e220cf69fb1713efe943ddbae2950b79cb33b00895cb6ea0239923768e4df2ee76ccd1b5fcac7fa0e5cc407f65ee256f7320b361c37d9d851a56b55134c16c992faeeac5b24c89aff0443d90d0d2d0d68acbe95", 0x6c}, {&(0x7f0000000380)="1dcfd56b96fe6888a210e303c71a490e022a2c1b78a23cee58d17aa225695fcdff4799bdd3513bcf79f15eadefed736174018cbb7a0fca74fa50e51bafe2040902218f9ddba3e3b36f65d8ebc1e1b185c74bd4d2d5425951e362917bf06c464c9a3a46271b0265a1098caf7d9358109dea69f27152d1620a7fbe67db00d89f633cba41cc36f21ce51ca70cd5dc4cf7ba201847287c1ed38e583d3cb3ce1c9ac216741a74d662456b551630872c", 0xad}], 0x3}}], 0x1, 0x8080)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x8000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000880)=""/4096)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r6)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000040)=""/47, 0x2f)
getdents64(r7, 0xfffffffffffffffe, 0x29)
recvmmsg(r5, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2b, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

29.594525668s ago: executing program 2 (id=142):
r0 = gettid()
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)="15", 0x1}, {&(0x7f0000000300)="f4378412bf691463b3ec3bd635a3e8bebf4265ac49da61b16e220cf69fb1713efe943ddbae2950b79cb33b00895cb6ea0239923768e4df2ee76ccd1b5fcac7fa0e5cc407f65ee256f7320b361c37d9d851a56b55134c16c992faeeac5b24c89aff0443d90d0d2d0d68acbe95", 0x6c}, {&(0x7f0000000380)="1dcfd56b96fe6888a210e303c71a490e022a2c1b78a23cee58d17aa225695fcdff4799bdd3513bcf79f15eadefed736174018cbb7a0fca74fa50e51bafe2040902218f9ddba3e3b36f65d8ebc1e1b185c74bd4d2d5425951e362917bf06c464c9a3a46271b0265a1098caf7d9358109dea69f27152d1620a7fbe67db00d89f633cba41cc36f21ce51ca70cd5dc4cf7ba201847287c1ed38e583d3cb3ce1c9ac216741a74d662456b551630872c", 0xad}], 0x3}}], 0x1, 0x8080)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x8000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000880)=""/4096)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r6)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000040)=""/47, 0x2f)
getdents64(r7, 0xfffffffffffffffe, 0x29)
recvmmsg(r5, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2b, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

9.554546712s ago: executing program 0 (id=792):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = accept$alg(r1, 0x0, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f0000000000)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r6, 0x200004)
read$FUSE(r5, &(0x7f00000023c0)={0x2020}, 0xfffffe9f)
sendmsg$tipc(r6, &(0x7f0000000940)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x2, {0x4e21, 0x1}}, 0x10, &(0x7f00000008c0)=[{&(0x7f0000000300)="072f1c1300423842d36daaf3bb5160926b857d8933d1535f181c0ba2d1baa5ecd83e1b722945881230e98571c3ecb1691c19f89d2060fabe40cc42d074df990d120bd0b2692656bf5cd853ce8160b1215f8313597322c42a7ed5c3d8e5651786e6f8d4be6e1d4abb39072fad5dc468d5fe08a16b081b1537e6eef41e33f3afe2b5d990551a24bd593d25a04240b47cce116ae12b292421c15c636cfc55ddf01ff4502f9a943b6efa18a9c2a663aaafe77858e7577b34f47c62aa1fd11e95b372900f3579e1006933710f3a4d44d89450956bcc7e00baef5e789714cafbc665bbb353a6", 0xe3}, {&(0x7f0000000400)="5b3f9fed373a49fb14e60cc598dd467373f83437fe3d05583c0766c6f1fd915d9a3ef5154fe64d9b9ca15282926a35f1ee599a9830c981214c93d048b0a613255130a6cc0bc08f7e0fca8d2925d83b171810c453dff51b42bc2df9932b71cbbc50c729b957b3624d2fca901f639855bbe7aa4003e4a4cdcae33cbb731b632288f5d1ba369c435229da173bc389af27ffc1f68f3b05895151e1c727aad6163289cb585c9d884f0fbcfafdb261738d85e12bde90dcc6e73301b596e5b34c50aad135305579f79e56f8fb7c7072c51bb34342c27d3a2c4e806d2ecf10866bacae180239", 0xe2}, {&(0x7f0000000500)="8c07217f67cf5de04f59a1a226f9c873bacf2e16bc6e48d93975e631419c0c282f5ebd28c57c6a6293a40a62deb701fca230df2da41a35dcf6c04c8ead36f6b3c40c427cfb767715f85d6a190063ada472", 0x51}, {&(0x7f0000000740)="002acb7c0d0f45ab391976f4ac8f420f38934da4bc4409dda68a4ba81a93caf2de4a7050a3508c8a8de26e84cd18f7979f0c025a955e907116551dee34598b3136f9ac3363da8dfebb18eaf79ff52e5c4fc239fc4e3476e80dedc6d86efdf816b3565735b2f4b011f1df14adc87603bbfde02047f6772c470b249e6dfc2fa8ca0d098314dcb4dba087b7e3", 0x8b}, {&(0x7f0000000580)="e522151af90cc0736efcb4061951dc036e7ee17445313338fdff7cc9ade88912e9422dd7b1f174c7c34fe92856ef857fb70434405fb3fa7316fbdf4c990bb46e4bfd27274f73025e", 0x48}, {&(0x7f0000000800)="a408087e0c4edc1d16ab05f6cf12057a877aa75f4ce0c7a6fc018d582bb5c8f15855c7d15abfb40d0aacf1f7f8c79d8a109efbe84b8ebe216cf7497dc7ffa323d02e41ef72f5fdc38b391b649ea0497d93c286f215a8b0ffa4e24e9617c484bec4e1ac8a2654fffd65fe00ecf3f8cf672ba5043bcff62c83b98c176854c9e6985348b478c142c22d9873df107485", 0x8e}], 0x6, 0x0, 0x0, 0x8000}, 0x4040000)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x40, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0xc, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "bb91"}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x0)
write$FUSE_NOTIFY_DELETE(r7, &(0x7f0000000280)=ANY=[@ANYBLOB="2900000006000000000000000000000005000000000000000600002100"/41], 0x29)

8.394135595s ago: executing program 0 (id=797):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000480), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
r3 = open(&(0x7f0000000280)='.\x00', 0x551620, 0x0)
fcntl$notify(r3, 0x402, 0x8000003d)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000020b7080000000a00007baaf8ff00000000b5080200000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000a3d0b9fea1a9059825d6897d45a3e6765295fc2c88a2a52d1104dd870daf8f698fb1e980cb0bf0a7fd4105a15810c79f95b179bb832e", @ANYRES32, @ANYBLOB="0000000064000000b705000008000000850000000c0000009500000000000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda000020"], 0x69)
close(r3)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
sendmsg$can_bcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0500"/15, @ANYRES64=<r6=>0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="2ce8"], 0x48}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=ANY=[@ANYRESDEC=r6], 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x40845)
sendmsg$can_bcm(r1, &(0x7f00000002c0)={&(0x7f0000000880)={0x1d, r2}, 0x10, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYRES8=r6, @ANYRES64=0x0, @ANYRESOCT=r4, @ANYRESHEX=r6, @ANYRES64=0x0, @ANYBLOB="e80000000100000000000000fe0000001d0b6382974b8f00"], 0x48}}, 0x0)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r7, 0x8008af26, &(0x7f0000000000)=0x1)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a000000161d0000b30000007f00000000a94b00", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYRES32=r8, @ANYBLOB="00000000000000006608000000000000180000000800000000000000000000009500000000000000c60a000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b502000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = syz_io_uring_setup(0x416d, &(0x7f00000001c0)={0x0, 0xea90, 0x8, 0x20000, 0x139}, &(0x7f0000000100)=<r11=>0x0, &(0x7f0000000040)=<r12=>0x0)
preadv2(r9, &(0x7f0000000680)=[{&(0x7f0000000500)=""/92, 0x5c}, {&(0x7f0000000340)=""/52, 0x34}, {&(0x7f0000000580)=""/228, 0xe4}], 0x3, 0x7, 0x7d, 0x1)
r13 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
r14 = eventfd(0x0)
connect$netlink(r13, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfe, 0x800}, 0xa)
syz_usb_disconnect(r0)
syz_io_uring_submit(r11, r12, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r14, 0x0, &(0x7f00000004c0)})
r15 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f00000008c0)={{0x1, 0x1, 0x18, r15}, './file1\x00'})
io_uring_enter(r10, 0x567, 0x3f00, 0x0, 0x0, 0x59)

7.656608615s ago: executing program 4 (id=798):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount$cgroup2(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x100008, &(0x7f0000000180)={[{@favordynmods}, {@memory_localevents}], [{@permit_directio}, {@smackfsdef}, {@fsmagic={'fsmagic', 0x3d, 0x6cbed925}}, {@fsmagic={'fsmagic', 0x3d, 0x10f9}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@appraise_type}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}]})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000000206030300000000000000000000000005000100070000000900020073797a31000000001400078008001340000000000800124000000000050005000a000000050004000000000016000300686173683a6e6574"], 0x64}}, 0x0)

7.591882369s ago: executing program 5 (id=799):
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@broadcast, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0xd1e8044c8d0bde74, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xffff}}}}}}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x57e, 0x2009, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x880)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0000, 0x5, 0xa0000001, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x6, 0x114b6000, 0xfffffffe, 0x2a70, 0xffff73cc, 0x81, 0x5, 0x0, 0xa, 0x45, 0x0, 0x8, 0x5, 0xba44, 0x3, 0xe, 0x80000000, 0x2, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xfffffff8, 0x5, 0x8, 0x1a0055ee, 0x1, 0x1, 0xffff4226, 0x200000, 0x0, 0x22cc, 0x101, 0x4, 0x1, 0x1, 0x800, 0xf9, 0x9, 0x8, 0x2, 0x8, 0x2f, 0xfffffff8, 0x0, 0x101, 0x9, 0x7, 0xc5, 0x4, 0x5, 0xffffffff, 0x6, 0x5, 0x5, 0x5, 0x2, 0x9b58, 0x4, 0xb, 0x4be, 0x4, 0x100, 0xa, 0xca6, 0x9fa7, 0xfffeffff, 0x38, 0x4, 0xfffffffe, 0x7, 0x44d, 0x7, 0x200, 0x8, 0x401, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x46, 0x9, 0x3, 0x7, 0x4, 0x6, 0x7, 0x8002, 0x7, 0x7, 0x1902, 0xc3c, 0x3, 0x28000000, 0x4000000, 0x30c6, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x10, 0x400, 0xd58, 0x4, 0x422dd3f4, 0x4, 0x8, 0x2, 0x8, 0x8, 0xea, 0x0, 0x45ba, 0x9, 0x864b, 0xfffffffc, 0x7, 0x9, 0x8001, 0x7, 0x81, 0x3, 0x800, 0x7, 0xffffff80, 0x43, 0x8, 0x1, 0x6, 0x5, 0x9, 0x7fffffff, 0x4, 0x324f035, 0x6, 0x0, 0x7c1, 0x136, 0x6, 0x5, 0x4, 0x3ff, 0x4, 0xb, 0x2, 0x10001, 0xfffffffc, 0x5, 0x4, 0x400, 0x101, 0xffffffff, 0x1b, 0xd589, 0xffffff81, 0x0, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd3d, 0x0, 0xfffffffe, 0x0, 0x81, 0x2, 0x55, 0x4000004, 0xbc6, 0x8, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b6, 0x0, 0x4, 0x9, 0x7, 0x4, 0x8, 0x0, 0x6, 0x8, 0x3, 0x7, 0x4, 0x9, 0x8, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff00, 0x894, 0x7, 0xfb3, 0x6, 0x6, 0x2, 0x9, 0x10001, 0x9, 0x4, 0x8, 0x5d, 0x1000000, 0x7, 0x656, 0x8008, 0x80000001, 0x384, 0x9, 0x58a, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0xfff, 0x0, 0x6, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xff, 0x1, 0x0, 0x5, 0x5e1d, 0x8}, 0x3ff, 0x8, 0x99}}]}}]}, 0x45c}}, 0x8840)
write$P9_RLINK(r2, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7)
syz_usb_control_io$hid(r1, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="002204ffffe4c59eb1d664"], 0x0}, 0x0)

7.54703416s ago: executing program 4 (id=800):
fanotify_init(0x4, 0x8000)
fallocate(0xffffffffffffffff, 0x0, 0xb7d4, 0x1001f0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000003c0)={@in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2a}}}, 0x0, 0x0, 0x46, 0x0, "2d4f0746eb5f5c1e5a9b5cd40bf0fc6c43e4f0aac95feae8a1712ecadc137f83e517e15be25024c186280418e123637db39c12c7c041570d130397290b19c5da54d7d91f656359c6ed2dd8411be0b64c"}, 0xd8)
prlimit64(r0, 0xe, 0x0, 0x0)
timer_create(0x7, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
memfd_secret(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61124c000000000161138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e00000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000600)=ANY=[@ANYRES16, @ANYBLOB="070600000000000000002d0000000c000500000000000000000008002f000000000005002b00030000000a0001007770616e3100000005002e00000000000c00"], 0x50}}, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000004c0)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_vlan\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)

6.70057087s ago: executing program 2 (id=142):
r0 = gettid()
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)="15", 0x1}, {&(0x7f0000000300)="f4378412bf691463b3ec3bd635a3e8bebf4265ac49da61b16e220cf69fb1713efe943ddbae2950b79cb33b00895cb6ea0239923768e4df2ee76ccd1b5fcac7fa0e5cc407f65ee256f7320b361c37d9d851a56b55134c16c992faeeac5b24c89aff0443d90d0d2d0d68acbe95", 0x6c}, {&(0x7f0000000380)="1dcfd56b96fe6888a210e303c71a490e022a2c1b78a23cee58d17aa225695fcdff4799bdd3513bcf79f15eadefed736174018cbb7a0fca74fa50e51bafe2040902218f9ddba3e3b36f65d8ebc1e1b185c74bd4d2d5425951e362917bf06c464c9a3a46271b0265a1098caf7d9358109dea69f27152d1620a7fbe67db00d89f633cba41cc36f21ce51ca70cd5dc4cf7ba201847287c1ed38e583d3cb3ce1c9ac216741a74d662456b551630872c", 0xad}], 0x3}}], 0x1, 0x8080)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x8000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000880)=""/4096)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r6)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000040)=""/47, 0x2f)
getdents64(r7, 0xfffffffffffffffe, 0x29)
recvmmsg(r5, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2b, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

5.372479758s ago: executing program 5 (id=801):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={<r1=>0x0, @in6={{0xa, 0x4e21, 0xd, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x417}}}, &(0x7f0000000000)=0x84)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000180)={r1, 0x2}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b897e73752fc7d1e4b0f4c5967eefd7448d5fde5841fa464a672"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f00000002c0)='./file0\x00', 0x600010c)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000100)=@ethtool_coalesce={0xe, 0x80, 0x4, 0x8, 0x9, 0x3, 0x401, 0x4d7, 0x3, 0x9, 0x10001, 0x1, 0x2, 0xa, 0x7, 0x3, 0x5, 0x400000, 0x6c52, 0x1, 0x8, 0x81, 0x200}})

5.371943471s ago: executing program 4 (id=803):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x2000, @ipv4={'\x00', '\xff\xff', @remote}, 0xffffffff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000b00}, 0xa}], 0x400000000000172, 0x4000300)

5.140025509s ago: executing program 0 (id=804):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = getpgrp(0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/power/pm_freeze_timeout', 0x169a82, 0x80)
sendfile(r4, r4, 0x0, 0xb)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$tipc(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1428437b3c8026bdfeb6db4ee9bcb25b1811d40a203bf40b3a7da5a8a64db04ed6dd26eea2a37229c339b1f91201c2796", 0x3d}], 0x1}, 0x0)
recvmsg(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
recvmmsg(r6, &(0x7f0000001dc0)=[{{&(0x7f0000000480)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000600)=""/200, 0xc8}], 0x1, &(0x7f0000000540)}, 0xffff92d6}, {{&(0x7f0000000700)=@tipc=@id, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000780)=""/61, 0x3d}, {&(0x7f0000000800)=""/121, 0x79}, {&(0x7f0000000880)=""/136, 0x88}, {&(0x7f0000000940)=""/111, 0x6f}, {&(0x7f00000009c0)=""/93, 0x5d}, {&(0x7f0000000580)=""/50, 0x32}, {&(0x7f0000000a40)=""/99, 0x63}, {&(0x7f0000000b40)=""/162, 0xa2}, {&(0x7f0000000c00)=""/78, 0x4e}], 0x9, &(0x7f0000000d40)=""/134, 0x86}, 0x5}, {{&(0x7f0000000e00)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000001380)=[{&(0x7f0000000ac0)}, {&(0x7f0000000e80)=""/170, 0xaa}, {&(0x7f0000000f40)=""/159, 0x9f}, {&(0x7f0000001000)=""/61, 0x3d}, {&(0x7f0000001040)=""/129, 0x81}, {&(0x7f0000001100)=""/203, 0xcb}, {&(0x7f0000001200)=""/79, 0x4f}, {&(0x7f0000001280)=""/238, 0xee}], 0x8, &(0x7f0000001400)=""/200, 0xc8}, 0x2}, {{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001500)=""/184, 0xb8}], 0x1, &(0x7f0000001600)=""/62, 0x3e}, 0xd}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001640)=""/191, 0xbf}, {&(0x7f0000001700)=""/202, 0xca}], 0x2, &(0x7f0000001840)=""/141, 0x8d}, 0xffffffff}, {{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f0000001900)=""/6, 0x6}, {&(0x7f0000001940)=""/70, 0x46}, {&(0x7f00000019c0)=""/235, 0xeb}, {&(0x7f0000001ac0)=""/248, 0xf8}, {&(0x7f0000001bc0)=""/143, 0x8f}, {&(0x7f0000001c80)=""/122, 0x7a}], 0x6, &(0x7f0000001d80)=""/4, 0x4}, 0xffffff00}], 0x6, 0x2002, &(0x7f0000001f40)={0x0, 0x3938700})
close(r5)
fcntl$setownex(r2, 0xf, &(0x7f0000000100)={0x2, r3})
sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="b5", 0x1}], 0x1}, 0x24008881)
r7 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, 0x0, 0x0)
connect$inet6(r7, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000100)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x20)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x21, &(0x7f00000001c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x31}, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, 0x0, 0xee01}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x5}}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, 0x0, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r0, &(0x7f0000001480)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_mreqsrc(r8, 0x0, 0x28, &(0x7f0000000000)={@rand_addr=0x64010101, @rand_addr=0x64010100, @multicast2}, 0xc)

3.738272014s ago: executing program 5 (id=806):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x501, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x4, @loopback}, 0x1c)
sendmmsg(r3, 0x0, 0x0, 0xfc)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$kcm(0x2, 0x7, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000019780)=ANY=[@ANYBLOB="00070004ffffffffffffaaaaaaaaaabb08004500ec637d001c0000000000299078ac1e0001ac1414aa0000000100"], 0x2e)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r7=>0x0})
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
munlock(&(0x7f0000611000/0x2000)=nil, 0x2000)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0)
connect$can_bcm(r8, &(0x7f00000000c0), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000200)={'vxcan0\x00', <r9=>0x0})
sendmsg$can_bcm(r8, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r9}, 0x10, 0x0}, 0x0)
sendmsg$can_bcm(r8, &(0x7f0000000480)={&(0x7f0000000280)={0x1d, r9}, 0x10, &(0x7f0000000300)={&(0x7f00000003c0)={0x1, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "000066a100"}}, 0x48}}, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000040)={0x48, 0x2, r7})
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r0, 0x3b8c, &(0x7f0000000100)={0x30, 0x0, 0x1, 0x0, 0x1000, 0x4, 0x9326, 0x0})

3.640040187s ago: executing program 3 (id=807):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010024000000000000000000000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a30000000007c000000060a010400000000000000000100000008000b40000000000900010073797a3000000000540004802c0001800e000100696d6d6564696174650000001800028008000140000000010c000280050001004c00000024000180090001006d657461"], 0xf0}}, 0x0)

3.539206608s ago: executing program 4 (id=808):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
io_setup(0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f00000002c0)="e8", 0xfffffffffffffd8b, 0x2000c850, 0x0, 0x4d)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x811)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000840)=@newqdisc={0x80, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{}, [@TCA_NETEM_LOSS={0x34, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GI={0x4}]}]}}}]}, 0x80}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000044}, 0x24020000)
sendmmsg(r1, &(0x7f0000000180), 0x400008a, 0xff80)

3.466816487s ago: executing program 0 (id=809):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x24}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x49d0, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @local}, 0x1c)
syz_open_dev$video4linux(&(0x7f0000000480), 0x7, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x40)

2.440053351s ago: executing program 3 (id=810):
r0 = memfd_secret(0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000580)=ANY=[@ANYRESDEC=r0, @ANYRES16=r0, @ANYBLOB="d9c7f33fc7a5afac2bef1cf49c6435f93603022fd1aeeaf5e221e95bf9a2c44c2cfd3ff63cc29c1434290f69821903478be0af0fe9af0a258bde61dfeef6b9adf7b381251032916c0daaf6abf7a8bb6229e7828e9e67e8a33b6d795181802c02b7456c830083eaad47c979b023320a9cb6facbff061e4048b39c8227d7db7d32d4bb9e0d7d0483d1654efd0d7ff0576ab0d6cd2210ae3c71a8a79cc9be9945a5fbf45dd47022d418f3b409ba2e24d6730adc54e46e43401f4f4b3b9fd66018e9dcc75d87cc052c3367b8993b38fba889aff388fe7d50a329672786fa8df9b359c071d6dc30a2f9b1a53dbf4feadba3da360f"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
getsockopt(r3, 0x1, 0x2, &(0x7f0000000000)=""/242, &(0x7f0000000100)=0xf2)
ioctl$VIDIOC_S_CROP(r2, 0x4014563c, &(0x7f0000000080)={0x7})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x18)
r4 = syz_open_dev$midi(&(0x7f0000000140), 0xa, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r4, 0x40045731, &(0x7f00000001c0)=0x8)
getrusage(0x0, &(0x7f00000004c0))

1.83760877s ago: executing program 5 (id=811):
pipe2$watch_queue(&(0x7f00000002c0), 0x80)
r0 = add_key(&(0x7f0000000140)='cifs.spnego\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x2f)
keyctl$invalidate(0x15, r0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
eventfd2(0x0, 0x0)
io_setup(0x81, &(0x7f0000000400)=<r4=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
io_submit(r4, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
close(r6)
syz_clone3(&(0x7f0000000340)={0x200000000, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r6, 0x80045530, &(0x7f0000000000)=""/90)
sendmmsg$inet(r3, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f00000005c0)="96a6", 0x2}], 0x1}}], 0x1, 0x8050)
sendmsg$nl_generic(r3, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={0x0}}, 0x0)

1.781397258s ago: executing program 3 (id=812):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000240)="480000001400190d09004beafd0d8c562c84ed7a80ffe05e959126dda8900db462060f000000000000a2bc5603ca00000f7f8900000ec00000000101ff0000000309ff5bffff00c7", 0x48}], 0x1) (fail_nth: 7)

1.498345519s ago: executing program 0 (id=813):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000040)=0x200000000)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x11000) (async)
poll(&(0x7f0000000100)=[{r2}], 0x1, 0x80003fb) (async)
vmsplice(r1, &(0x7f0000000340)=[{&(0x7f0000000380)="dadd29c1e83d8c1a23d91e7274faefc03d2f63133ccf386fe517ce8fb8521849ad11b59f533740b7b65eef1761f72e3140815b4e958bec67ae8176fa86a485887459a7b34080bb705c043a528400df8df5a12fab915dc1b61a0a4ffc7eb58709411ae841aabc2e58139e75ed8e4b485d9f3642657b174b32b2aca1180b125dba4c0b5b7b51083d9103", 0x89}, {&(0x7f0000000240)="270a3450016970379c611c1c24d94d34950a762bdcabca9b3f082b5ff7fd2b7c707468b21df5ddee0e272020624a76340d847e0ae39eb39e9aba2249add8cdb93e423627db22cee190a6defd457363ae8a8eb192755a543addeab379b97b669e1f9e696cd696cb045105ed2ebd21b83fbbcfa65ecea508a8e5834a50869ae76c1b62db313403ba80ad07ad8236c8eb0a64655d876b08dafd6ee0aaca90437130817a2ed45b84f631f2758ef041a2aa3dbca2278a769404b27f306c5274383d72d1f30a1ddff03476a8ff74f2f5e096e186baba89", 0xd4}], 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x98, 0x0, 0x1, 0x301, 0x0, 0x0, {0x1, 0x0, 0x5}, [@CTA_NAT_SRC={0x7c, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x44, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e03}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4a22}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @mcast2}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x20}}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x1}]}, 0x98}}, 0x4040014)

1.45316163s ago: executing program 4 (id=814):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r2=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000680)={r0, r2, 0x25, 0x8, @val=@tracing={0x0, 0x8}}, 0x20)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0xffffffffffffffb2, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a20000000000a01020000000000000000070000000c00044000000000000000014c000000090a010400000000000000000a00000008000a40000000020d00020073797a30000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038580000000c0a01010000000000000000070004000900020073797a31000000000900010073797a30000000002c000380280000800800034000000002040002800c00044000000000000000000c0005400000000000000003140000001000010000000000000000000084000a"], 0xec}, 0x1, 0x0, 0x0, 0x4008880}, 0x0)
r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r4)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)

944.068968ms ago: executing program 3 (id=815):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000000c0))
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0, 0x22008080, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x40000)

883.138274ms ago: executing program 4 (id=816):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={<r1=>0x0, @in6={{0xa, 0x4e21, 0xd, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x417}}}, &(0x7f0000000000)=0x84)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000180)={r1, 0x2}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b897e73752fc7d1e4b0f4c5967eefd7448d5fde5841fa464a672"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f00000002c0)='./file0\x00', 0x600010c)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000100)=@ethtool_coalesce={0xe, 0x80, 0x4, 0x8, 0x9, 0x3, 0x401, 0x4d7, 0x3, 0x9, 0x10001, 0x1, 0x2, 0xa, 0x7, 0x3, 0x5, 0x400000, 0x6c52, 0x1, 0x8, 0x81, 0x200}})

160.086578ms ago: executing program 3 (id=817):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2'])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

88.059152ms ago: executing program 5 (id=818):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x2, 0x400000000000003, 0x20, 0x6, 0xd, 0x0, 0x0, 0x0, [@sadb_ident={0x2, 0xf32d5662c1e093e4, 0x401, 0x0, 0x10000}, @sadb_lifetime={0x4, 0x4, 0x0, 0x200}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x3}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @broadcast}}]}, 0x68}}, 0x0)

85.939199ms ago: executing program 3 (id=819):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$inet(0xa, 0x801, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000c000500ff000000000000000c0002000000020000000000040007800c000800000000000000000008000a00000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r3, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r0], 0x90}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb2}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)

85.747631ms ago: executing program 0 (id=820):
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x20340, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
socket$netlink(0x10, 0x3, 0xf)
socket$netlink(0x10, 0x3, 0xf)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x803, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$rds(0x15, 0x5, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0xffef, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_MASTER={0x8, 0xa, r1}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}]}, 0x44}}, 0x0)

0s ago: executing program 5 (id=821):
r0 = timerfd_create(0x1, 0x80000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
keyctl$get_keyring_id(0x0, 0x0, 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fdinfo/4\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x9003000000000000, 0x40, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r6 = fanotify_init(0x200, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="180000e4010f010300fcffffff002000070000075bfe59cd8f143b7b5feec12b194330f1fc620304000580dd1bff65fb3d"], 0x18}, 0x1, 0x0, 0x0, 0xc808}, 0x1)
syz_io_uring_setup(0xd2, 0x0, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace0000"], 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r13 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000004", @ANYRES32, @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000040000aa0000000000000000850000000700000018110000", @ANYRES32=r13, @ANYRES8=r6], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="cf000000000068df20000040"])
sched_rr_get_interval(0x0, &(0x7f0000000100))
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x9})
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x800008, &(0x7f0000000200)=ANY=[@ANYBLOB="747235cf72", @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',\x00'])
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000170000004c0006803c0004c067"], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)

kernel console output (not intermixed with test programs):

.727678][ T8030] serio: Serial port ptm0
[  239.793219][ T8033] netlink: 8 bytes leftover after parsing attributes in process `syz.3.462'.
[  240.303370][ T8038] netlink: 96 bytes leftover after parsing attributes in process `syz.4.464'.
[  240.345458][ T8038] FAULT_INJECTION: forcing a failure.
[  240.345458][ T8038] name failslab, interval 1, probability 0, space 0, times 0
[  240.365436][ T8038] CPU: 0 UID: 0 PID: 8038 Comm: syz.4.464 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  240.376096][ T8038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  240.383993][ T7861] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.386180][ T8038] Call Trace:
[  240.386225][ T8038]  <TASK>
[  240.386245][ T8038]  dump_stack_lvl+0x241/0x360
[  240.386278][ T8038]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.386300][ T8038]  ? __pfx__printk+0x10/0x10
[  240.386330][ T8038]  ? fs_reclaim_acquire+0x93/0x130
[  240.386351][ T8038]  ? __pfx___might_resched+0x10/0x10
[  240.386381][ T8038]  should_fail_ex+0x3b0/0x4e0
[  240.386404][ T8038]  should_failslab+0xac/0x100
[  240.386431][ T8038]  __kmalloc_cache_noprof+0x70/0x390
[  240.402501][ T7861] 8021q: adding VLAN 0 to HW filter on device team0
[  240.404184][ T8038]  ? nbd_alloc_and_init_config+0x88/0x260
[  240.433385][ T7861] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  240.433695][ T8038]  nbd_alloc_and_init_config+0x88/0x260
[  240.439141][ T7861] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  240.445534][ T8038]  nbd_genl_connect+0xcba/0x1c80
[  240.445575][ T8038]  ? __pfx_nbd_genl_connect+0x10/0x10
[  240.445610][ T8038]  ? __nla_parse+0x40/0x60
[  240.459232][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.461621][ T8038]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  240.467305][ T5957] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.477465][ T8038]  genl_rcv_msg+0xb14/0xec0
[  240.477506][ T8038]  ? __pfx_genl_rcv_msg+0x10/0x10
[  240.484102][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.487816][ T8038]  ? __pfx_lock_acquire+0x10/0x10
[  240.487845][ T8038]  ? __pfx_nbd_genl_connect+0x10/0x10
[  240.487869][ T8038]  ? __pfx___might_resched+0x10/0x10
[  240.492316][ T5957] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.499292][ T8038]  netlink_rcv_skb+0x1e3/0x430
[  240.499319][ T8038]  ? __pfx_genl_rcv_msg+0x10/0x10
[  240.499345][ T8038]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  240.567728][ T8038]  genl_rcv+0x28/0x40
[  240.571721][ T8038]  netlink_unicast+0x7f6/0x990
[  240.576489][ T8038]  ? __pfx_netlink_unicast+0x10/0x10
[  240.581770][ T8038]  ? __virt_addr_valid+0x45f/0x530
[  240.586880][ T8038]  ? __phys_addr_symbol+0x2f/0x70
[  240.591993][ T8038]  ? __check_object_size+0x47a/0x730
[  240.597322][ T8038]  netlink_sendmsg+0x8e4/0xcb0
[  240.602123][ T8038]  ? __pfx_netlink_sendmsg+0x10/0x10
[  240.607457][ T8038]  ? __pfx_netlink_sendmsg+0x10/0x10
[  240.612762][ T8038]  __sock_sendmsg+0x221/0x270
[  240.617463][ T8038]  ____sys_sendmsg+0x52a/0x7e0
[  240.622250][ T8038]  ? __pfx_____sys_sendmsg+0x10/0x10
[  240.627558][ T8038]  ? __fget_files+0x2a/0x410
[  240.632192][ T8038]  ? __fget_files+0x2a/0x410
[  240.636813][ T8038]  __sys_sendmsg+0x269/0x350
[  240.641430][ T8038]  ? __pfx_lock_release+0x10/0x10
[  240.646568][ T8038]  ? __pfx___sys_sendmsg+0x10/0x10
[  240.651711][ T8038]  ? __pfx_vfs_write+0x10/0x10
[  240.656518][ T8038]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  240.662864][ T8038]  ? do_syscall_64+0x100/0x230
[  240.667654][ T8038]  ? do_syscall_64+0xb6/0x230
[  240.672336][ T8038]  do_syscall_64+0xf3/0x230
[  240.676842][ T8038]  ? clear_bhb_loop+0x35/0x90
[  240.681526][ T8038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.686828][ T8042] 9pnet_fd: Insufficient options for proto=fd
[  240.687421][ T8038] RIP: 0033:0x7f853c585d29
[  240.697939][ T8038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.701417][ T8043] 9pnet_fd: Insufficient options for proto=fd
[  240.717672][ T8038] RSP: 002b:00007f853d3d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  240.717705][ T8038] RAX: ffffffffffffffda RBX: 00007f853c775fa0 RCX: 00007f853c585d29
[  240.717718][ T8038] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005
[  240.717730][ T8038] RBP: 00007f853d3d6090 R08: 0000000000000000 R09: 0000000000000000
[  240.717742][ T8038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.717753][ T8038] R13: 0000000000000000 R14: 00007f853c775fa0 R15: 00007ffd3521c828
[  240.717781][ T8038]  </TASK>
[  240.717823][    C0] vkms_vblank_simulate: vblank timer overrun
[  240.762035][ T8038] nbd: couldn't allocate config
[  241.467630][ T7861] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.921529][ T7861] veth0_vlan: entered promiscuous mode
[  242.601642][ T7861] veth1_vlan: entered promiscuous mode
[  242.772372][ T7861] veth0_macvtap: entered promiscuous mode
[  242.813340][ T7861] veth1_macvtap: entered promiscuous mode
[  242.884426][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.909587][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.938661][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.957617][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.982631][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.002678][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.013626][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.045205][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.118862][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.205421][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.337985][ T8082] ax25_connect(): syz.0.474 uses autobind, please contact jreuter@yaina.de
[  243.994034][ T7861] batman_adv: batadv0: Interface activated: batadv_slave_0
[  244.008013][ T8071] vlan2: entered promiscuous mode
[  244.013720][ T8071] vlan0: entered promiscuous mode
[  244.098691][ T8085] netlink: 252 bytes leftover after parsing attributes in process `syz.5.475'.
[  244.107889][ T8085] netlink: 24 bytes leftover after parsing attributes in process `syz.5.475'.
[  244.449696][ T8071] vlan0: left promiscuous mode
[  244.988478][ T8089] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  245.038279][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.050069][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.060968][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.071811][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.082560][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.094825][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.104786][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.117324][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.134204][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.146989][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.330539][ T7861] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.353979][ T8094] dvmrp0: entered allmulticast mode
[  245.384384][ T7861] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.393641][ T7861] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.410929][ T7861] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.419907][ T7861] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.017626][ T8086] dvmrp0: left allmulticast mode
[  246.281965][ T8103] blktrace: Concurrent blktraces are not allowed on sg0
[  246.722223][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.734406][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.161111][ T8110] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.290482][ T5957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.290511][ T5957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.717020][ T8109] tty tty30: ldisc open failed (-12), clearing slot 29
[  248.639839][ T8119] netlink: 104 bytes leftover after parsing attributes in process `syz.5.486'.
[  248.721946][ T5957] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.481065][ T5957] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.793483][ T5957] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.835522][ T8133] FAULT_INJECTION: forcing a failure.
[  249.835522][ T8133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.947115][ T8133] CPU: 1 UID: 0 PID: 8133 Comm: syz.4.490 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  249.957867][ T8133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  249.967951][ T8133] Call Trace:
[  249.971268][ T8133]  <TASK>
[  249.974214][ T8133]  dump_stack_lvl+0x241/0x360
[  249.978985][ T8133]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.984205][ T8133]  ? __pfx__printk+0x10/0x10
[  249.988830][ T8133]  ? snprintf+0xda/0x120
[  249.993097][ T8133]  should_fail_ex+0x3b0/0x4e0
[  249.997808][ T8133]  _copy_to_user+0x31/0xb0
[  250.002294][ T8133]  simple_read_from_buffer+0xca/0x150
[  250.007791][ T8133]  proc_fail_nth_read+0x1e9/0x250
[  250.012936][ T8133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  250.018513][ T8133]  ? rw_verify_area+0x55e/0x6f0
[  250.023383][ T8133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  250.028955][ T8133]  vfs_read+0x1fc/0xb70
[  250.033146][ T8133]  ? __pfx___mutex_lock+0x10/0x10
[  250.038194][ T8133]  ? __pfx_vfs_read+0x10/0x10
[  250.042899][ T8133]  ? __fget_files+0x2a/0x410
[  250.047530][ T8133]  ? __fget_files+0x395/0x410
[  250.052223][ T8133]  ? __fget_files+0x2a/0x410
[  250.056849][ T8133]  ksys_read+0x18f/0x2b0
[  250.061117][ T8133]  ? __pfx_ksys_read+0x10/0x10
[  250.065899][ T8133]  ? do_syscall_64+0x100/0x230
[  250.070685][ T8133]  ? do_syscall_64+0xb6/0x230
[  250.075959][ T8133]  do_syscall_64+0xf3/0x230
[  250.080585][ T8133]  ? clear_bhb_loop+0x35/0x90
[  250.085291][ T8133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.091577][ T8133] RIP: 0033:0x7f853c58473c
[  250.096046][ T8133] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  250.116114][ T8133] RSP: 002b:00007f853d3d6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  250.124562][ T8133] RAX: ffffffffffffffda RBX: 00007f853c775fa0 RCX: 00007f853c58473c
[  250.132660][ T8133] RDX: 000000000000000f RSI: 00007f853d3d60a0 RDI: 000000000000000a
[  250.141281][ T8133] RBP: 00007f853d3d6090 R08: 0000000000000000 R09: 0000000000000000
[  250.149292][ T8133] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  250.157293][ T8133] R13: 0000000000000000 R14: 00007f853c775fa0 R15: 00007ffd3521c828
[  250.165311][ T8133]  </TASK>
[  250.168555][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.183632][ T5957] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.641256][ T8144] binder: 8134:8144 ioctl c0306201 20000680 returned -14
[  250.789572][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  250.857092][ T5131] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  250.868686][ T5131] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  251.043619][ T8150] blktrace: Concurrent blktraces are not allowed on sg0
[  251.057929][ T5131] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  251.070880][ T5131] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  251.094514][ T5131] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  251.826818][ T8159] gfs2: gfs2 mount does not exist
[  251.856446][ T5957] bridge_slave_1: left allmulticast mode
[  251.862207][ T5957] bridge_slave_1: left promiscuous mode
[  251.907525][ T8161] netlink: 428 bytes leftover after parsing attributes in process `syz.5.497'.
[  251.917831][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.092990][ T5957] bridge_slave_0: left allmulticast mode
[  252.108286][ T5957] bridge_slave_0: left promiscuous mode
[  252.114235][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.829863][ T8170] netlink: 16 bytes leftover after parsing attributes in process `syz.0.498'.
[  252.876435][ T8164] netlink: 'syz.5.497': attribute type 3 has an invalid length.
[  252.884228][ T8164] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.497'.
[  252.957143][ T5131] Bluetooth: hci5: command 0x0406 tx timeout
[  252.985527][ T8170] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'.
[  253.331279][ T5830] Bluetooth: hci0: command tx timeout
[  253.953032][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  253.953049][   T29] audit: type=1326 audit(1737221543.115:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  253.991712][   T29] audit: type=1326 audit(1737221543.115:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.013992][   T29] audit: type=1326 audit(1737221543.115:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.036670][   T29] audit: type=1326 audit(1737221543.115:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.059283][   T29] audit: type=1326 audit(1737221543.115:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.081671][   T29] audit: type=1326 audit(1737221543.115:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.103807][   T29] audit: type=1326 audit(1737221543.115:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.125713][   T29] audit: type=1326 audit(1737221543.115:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.147504][   T29] audit: type=1326 audit(1737221543.115:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  254.169832][   T29] audit: type=1326 audit(1737221543.115:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8174 comm="syz.4.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7fc00000
[  255.098077][ T5957] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  255.141753][ T5957] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.164019][ T5957] bond0 (unregistering): Released all slaves
[  255.282523][ T8161] netlink: 32 bytes leftover after parsing attributes in process `syz.5.497'.
[  255.487599][ T5830] Bluetooth: hci0: command tx timeout
[  256.149963][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  256.156660][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  256.357788][ T8146] chnl_net:caif_netlink_parms(): no params data found
[  257.607110][ T5830] Bluetooth: hci0: command tx timeout
[  257.951125][ T8199] blktrace: Concurrent blktraces are not allowed on sg0
[  258.134410][ T5957] hsr_slave_0: left promiscuous mode
[  258.141306][ T5957] hsr_slave_1: left promiscuous mode
[  258.160967][ T5957] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.169570][ T5957] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.189466][ T5957] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.199747][ T5957] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.243978][ T5957] veth1_macvtap: left promiscuous mode
[  258.252127][ T5957] veth0_macvtap: left promiscuous mode
[  258.266650][ T5957] veth1_vlan: left promiscuous mode
[  258.272131][ T5957] veth0_vlan: left promiscuous mode
[  258.832825][ T8225] ax25_connect(): syz.0.511 uses autobind, please contact jreuter@yaina.de
[  259.653867][ T8229] Bluetooth: MGMT ver 1.23
[  259.737625][ T5830] Bluetooth: hci0: command tx timeout
[  260.074017][ T5957] team0 (unregistering): Port device team_slave_1 removed
[  260.134614][ T5957] team0 (unregistering): Port device team_slave_0 removed
[  260.905928][ T8146] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.923682][ T8146] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.948578][ T8146] bridge_slave_0: entered allmulticast mode
[  261.064071][ T8146] bridge_slave_0: entered promiscuous mode
[  262.929728][ T8146] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.937703][ T8146] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.945030][ T8146] bridge_slave_1: entered allmulticast mode
[  262.954706][ T8146] bridge_slave_1: entered promiscuous mode
[  263.158079][ T8146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.192697][ T8146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.380833][ T8146] team0: Port device team_slave_0 added
[  263.664064][ T8146] team0: Port device team_slave_1 added
[  263.862695][ T8146] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.885443][ T8146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.922142][ T8146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.029008][ T8146] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.048645][ T8146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.083551][ T8146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.106394][ T5873] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  264.157118][ T8146] hsr_slave_0: entered promiscuous mode
[  264.163735][ T8146] hsr_slave_1: entered promiscuous mode
[  264.170363][ T8146] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  264.178211][ T8146] Cannot create hsr debugfs directory
[  264.275583][ T5873] usb 6-1: Using ep0 maxpacket: 8
[  264.289221][ T5873] usb 6-1: config 2 has an invalid interface number: 31 but max is 0
[  264.298034][ T5873] usb 6-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  264.308616][ T5873] usb 6-1: config 2 has no interface number 0
[  264.314998][ T5873] usb 6-1: config 2 interface 31 has no altsetting 0
[  264.365138][ T5873] usb 6-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  264.375077][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.383245][ T5873] usb 6-1: Product: syz
[  264.460694][ T5873] usb 6-1: Manufacturer: syz
[  264.465418][ T5873] usb 6-1: SerialNumber: syz
[  264.475791][ T5873] ch9200 6-1:2.31: probe with driver ch9200 failed with error -22
[  264.499278][ T8259] input: syz0 as /devices/virtual/input/input7
[  264.677350][ T5944] usb 6-1: USB disconnect, device number 7
[  264.726600][ T8260] syz.4.521 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  265.736125][ T8146] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  265.757445][ T8146] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  266.560441][ T8146] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  266.573758][ T8146] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  266.611266][ T5944] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  266.887822][ T5944] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  266.904648][ T8146] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.911706][ T5944] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.940144][ T5944] usb 6-1: Product: syz
[  266.947169][ T5944] usb 6-1: Manufacturer: syz
[  266.951937][ T5944] usb 6-1: SerialNumber: syz
[  266.960032][ T5944] usb 6-1: config 0 descriptor??
[  266.961876][ T8146] 8021q: adding VLAN 0 to HW filter on device team0
[  267.075867][ T6856] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.083100][ T6856] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.126382][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.133522][ T5957] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.503520][ T8146] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.537275][ T5944] usb 6-1: Firmware version (0.0) predates our first public release.
[  268.545746][ T5944] usb 6-1: Please update to version 0.2 or newer
[  268.707087][ T5944] usb 6-1: USB disconnect, device number 8
[  268.746260][   T29] kauditd_printk_skb: 10335 callbacks suppressed
[  268.746280][   T29] audit: type=1326 audit(1737221557.965:10623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8299 comm="syz.5.533" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa572585d29 code=0x0
[  268.934731][ T8146] veth0_vlan: entered promiscuous mode
[  268.982813][ T8146] veth1_vlan: entered promiscuous mode
[  269.037895][ T8146] veth0_macvtap: entered promiscuous mode
[  269.069030][ T8146] veth1_macvtap: entered promiscuous mode
[  269.114335][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  269.145315][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.155191][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  269.185512][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.195598][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  269.225307][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.235152][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  269.256188][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.275305][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  269.295293][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.306489][ T8146] batman_adv: batadv0: Interface activated: batadv_slave_0
[  269.328993][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.340063][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.350012][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.370243][ T8320] binder: 8319:8320 unknown command 0
[  269.379805][ T8320] binder: 8319:8320 ioctl c0306201 20000140 returned -22
[  269.387212][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.403667][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.415327][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.431033][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.442681][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.460208][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.484925][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.516395][ T8146] batman_adv: batadv0: Interface activated: batadv_slave_1
[  269.618997][ T8324] netlink: 12 bytes leftover after parsing attributes in process `syz.0.541'.
[  269.684171][ T8146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.751383][ T8146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.818413][ T8146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.881218][ T8146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.158894][ T8330] Driver unsupported XDP return value 0 on prog  (id 155) dev N/A, expect packet loss!
[  270.247679][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.256123][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.281821][  T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.302770][ T8335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.546'.
[  270.329279][  T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.792766][ T8356] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  270.802096][ T8356] overlayfs: missing 'lowerdir'
[  271.420969][ T8357] xt_HMARK: spi-set and port-set can't be combined
[  271.431505][   T29] audit: type=1326 audit(1737221560.645:10624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.485804][   T29] audit: type=1326 audit(1737221560.645:10625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.508553][   T29] audit: type=1326 audit(1737221560.645:10626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.532723][   T29] audit: type=1326 audit(1737221560.645:10627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.554373][    C0] vkms_vblank_simulate: vblank timer overrun
[  271.561651][   T29] audit: type=1326 audit(1737221560.645:10628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.561709][ T8361] netlink: 12 bytes leftover after parsing attributes in process `syz.4.556'.
[  271.583612][   T29] audit: type=1326 audit(1737221560.645:10629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.616399][   T29] audit: type=1326 audit(1737221560.645:10630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.638021][    C0] vkms_vblank_simulate: vblank timer overrun
[  271.645606][   T29] audit: type=1326 audit(1737221560.645:10631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.667819][   T29] audit: type=1326 audit(1737221560.645:10632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8355 comm="syz.4.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  271.689290][    C0] vkms_vblank_simulate: vblank timer overrun
[  271.799632][ T8363] FAULT_INJECTION: forcing a failure.
[  271.799632][ T8363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.813089][ T8363] CPU: 0 UID: 0 PID: 8363 Comm: syz.5.557 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  271.823779][ T8363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  271.833863][ T8363] Call Trace:
[  271.837145][ T8363]  <TASK>
[  271.840075][ T8363]  dump_stack_lvl+0x241/0x360
[  271.844752][ T8363]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.849975][ T8363]  ? __pfx__printk+0x10/0x10
[  271.854590][ T8363]  ? __pfx_lock_release+0x10/0x10
[  271.859624][ T8363]  should_fail_ex+0x3b0/0x4e0
[  271.864315][ T8363]  _copy_from_user+0x2f/0xc0
[  271.868972][ T8363]  alg_setkey+0xc4/0x1b0
[  271.873237][ T8363]  alg_setsockopt+0x383/0x450
[  271.877924][ T8363]  ? __pfx_alg_setsockopt+0x10/0x10
[  271.883171][ T8363]  do_sock_setsockopt+0x3af/0x720
[  271.888233][ T8363]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  271.893789][ T8363]  ? __fget_files+0x395/0x410
[  271.898467][ T8363]  ? __fget_files+0x2a/0x410
[  271.903079][ T8363]  __x64_sys_setsockopt+0x1ee/0x280
[  271.908302][ T8363]  do_syscall_64+0xf3/0x230
[  271.913500][ T8363]  ? clear_bhb_loop+0x35/0x90
[  271.918181][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.924362][ T8363] RIP: 0033:0x7fa572585d29
[  271.928794][ T8363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.948529][ T8363] RSP: 002b:00007fa5733e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  271.957908][ T8363] RAX: ffffffffffffffda RBX: 00007fa572775fa0 RCX: 00007fa572585d29
[  271.965987][ T8363] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000007
[  271.974159][ T8363] RBP: 00007fa5733e8090 R08: 0000000000000020 R09: 0000000000000000
[  271.982255][ T8363] R10: 0000000020000340 R11: 0000000000000246 R12: 0000000000000001
[  271.990241][ T8363] R13: 0000000000000000 R14: 00007fa572775fa0 R15: 00007fff900884b8
[  271.998238][ T8363]  </TASK>
[  272.001326][    C0] vkms_vblank_simulate: vblank timer overrun
[  272.036686][ T8367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.045482][ T8367] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.275761][    T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  272.331183][ T8373] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.367625][ T8373] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.379418][ T8373] bond0 (unregistering): Released all slaves
[  272.438177][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.476300][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.503532][    T8] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  272.523265][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.536610][  T131] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.556772][    T8] usb 5-1: config 0 descriptor??
[  272.776265][    T8] usbhid 5-1:0.0: can't add hid device: -71
[  272.782349][    T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  272.794188][    T8] usb 5-1: USB disconnect, device number 12
[  272.976158][  T131] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.053536][  T131] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.129672][  T131] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.209101][  T131] bridge_slave_1: left allmulticast mode
[  273.214818][  T131] bridge_slave_1: left promiscuous mode
[  273.222319][  T131] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.232516][  T131] bridge_slave_0: left allmulticast mode
[  273.238866][  T131] bridge_slave_0: left promiscuous mode
[  273.244646][  T131] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.636115][ T5131] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  274.763454][ T5131] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  274.804524][ T5131] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  274.962055][ T8385] mmap: syz.4.562 (8385) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  275.223467][ T5131] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  275.234948][ T5131] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  275.243676][ T5131] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  275.431285][  T131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  275.461680][  T131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  275.477909][  T131] bond0 (unregistering): Released all slaves
[  275.772891][ T8406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.568'.
[  276.047003][ T8409] x_tables: duplicate underflow at hook 3
[  276.319248][ T8386] chnl_net:caif_netlink_parms(): no params data found
[  276.570374][ T8420] netlink: 20 bytes leftover after parsing attributes in process `syz.0.571'.
[  276.618308][ T8420] netlink: 16 bytes leftover after parsing attributes in process `syz.0.571'.
[  276.797997][  T131] hsr_slave_0: left promiscuous mode
[  276.840641][  T131] hsr_slave_1: left promiscuous mode
[  276.900305][  T131] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.937935][  T131] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.993680][  T131] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  277.035736][  T131] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.330945][  T131] veth1_macvtap: left promiscuous mode
[  277.345362][  T131] veth0_macvtap: left promiscuous mode
[  277.359080][  T131] veth1_vlan: left promiscuous mode
[  277.375476][  T131] veth0_vlan: left promiscuous mode
[  277.476233][ T5131] Bluetooth: hci0: command tx timeout
[  278.443292][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  278.443310][   T29] audit: type=1326 audit(1737221567.655:10644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8434 comm="syz.5.576" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa572585d29 code=0x0
[  278.618828][ T8437] netlink: 64 bytes leftover after parsing attributes in process `syz.3.575'.
[  279.187541][  T131] team0 (unregistering): Port device team_slave_1 removed
[  279.326142][  T131] team0 (unregistering): Port device team_slave_0 removed
[  279.566134][ T5131] Bluetooth: hci0: command tx timeout
[  281.020122][ T8432] netlink: 20 bytes leftover after parsing attributes in process `syz.4.574'.
[  281.035467][ T8432] netlink: 13 bytes leftover after parsing attributes in process `syz.4.574'.
[  281.090942][ T8443] FAULT_INJECTION: forcing a failure.
[  281.090942][ T8443] name failslab, interval 1, probability 0, space 0, times 0
[  281.147316][ T8443] CPU: 0 UID: 0 PID: 8443 Comm: syz.3.577 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  281.157975][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  281.168053][ T8443] Call Trace:
[  281.171436][ T8443]  <TASK>
[  281.174433][ T8443]  dump_stack_lvl+0x241/0x360
[  281.179160][ T8443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.184395][ T8443]  ? __pfx__printk+0x10/0x10
[  281.189018][ T8443]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  281.195032][ T8443]  ? __pfx___might_resched+0x10/0x10
[  281.200356][ T8443]  should_fail_ex+0x3b0/0x4e0
[  281.203646][ T8454] netlink: 12 bytes leftover after parsing attributes in process `syz.0.580'.
[  281.205079][ T8443]  should_failslab+0xac/0x100
[  281.218628][ T8443]  kmem_cache_alloc_node_noprof+0x77/0x380
[  281.224475][ T8443]  ? __alloc_skb+0x1c3/0x440
[  281.229097][ T8443]  __alloc_skb+0x1c3/0x440
[  281.233550][ T8443]  ? __pfx___alloc_skb+0x10/0x10
[  281.238536][ T8443]  ? netlink_ack_tlv_len+0x6e/0x200
[  281.243759][ T8443]  netlink_ack+0x145/0xa50
[  281.248213][ T8443]  netlink_rcv_skb+0x262/0x430
[  281.253008][ T8443]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  281.258517][ T8443]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  281.263855][ T8443]  ? netlink_deliver_tap+0x2e/0x1b0
[  281.269085][ T8443]  netlink_unicast+0x7f6/0x990
[  281.273884][ T8443]  ? __pfx_netlink_unicast+0x10/0x10
[  281.279200][ T8443]  ? __virt_addr_valid+0x45f/0x530
[  281.284340][ T8443]  ? __phys_addr_symbol+0x2f/0x70
[  281.289407][ T8443]  ? __check_object_size+0x47a/0x730
[  281.294731][ T8443]  netlink_sendmsg+0x8e4/0xcb0
[  281.299535][ T8443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.304862][ T8443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.310185][ T8443]  __sock_sendmsg+0x221/0x270
[  281.314897][ T8443]  ____sys_sendmsg+0x52a/0x7e0
[  281.319705][ T8443]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.325016][ T8443]  ? __fget_files+0x2a/0x410
[  281.329638][ T8443]  ? __fget_files+0x2a/0x410
[  281.334259][ T8443]  __sys_sendmmsg+0x36a/0x720
[  281.339064][ T8443]  ? __pfx___sys_sendmmsg+0x10/0x10
[  281.344297][ T8443]  ? __pfx_lock_release+0x10/0x10
[  281.349344][ T8443]  ? kstrtouint_from_user+0x128/0x190
[  281.354780][ T8443]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  281.360709][ T8443]  ? ksys_write+0x22a/0x2b0
[  281.365241][ T8443]  ? __pfx_lock_release+0x10/0x10
[  281.370304][ T8443]  ? vfs_write+0x730/0xd30
[  281.374757][ T8443]  ? __mutex_unlock_slowpath+0x21e/0x790
[  281.380433][ T8443]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  281.386479][ T8443]  __x64_sys_sendmmsg+0xa0/0xb0
[  281.391368][ T8443]  do_syscall_64+0xf3/0x230
[  281.395913][ T8443]  ? clear_bhb_loop+0x35/0x90
[  281.400626][ T8443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.406555][ T8443] RIP: 0033:0x7fc7e7585d29
[  281.410998][ T8443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.430635][ T8443] RSP: 002b:00007fc7e8447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  281.439094][ T8443] RAX: ffffffffffffffda RBX: 00007fc7e7776080 RCX: 00007fc7e7585d29
[  281.447091][ T8443] RDX: 0000000004924b68 RSI: 0000000020000140 RDI: 0000000000000004
[  281.455098][ T8443] RBP: 00007fc7e8447090 R08: 0000000000000000 R09: 0000000000000000
[  281.463099][ T8443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.471095][ T8443] R13: 0000000000000000 R14: 00007fc7e7776080 R15: 00007ffffd4dada8
[  281.479194][ T8443]  </TASK>
[  281.636849][ T5131] Bluetooth: hci0: command tx timeout
[  281.736128][ T8386] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.743294][ T8386] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.896995][ T8386] bridge_slave_0: entered allmulticast mode
[  282.008672][ T8386] bridge_slave_0: entered promiscuous mode
[  282.137840][ T8386] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.399923][ T8386] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.407321][ T8386] bridge_slave_1: entered allmulticast mode
[  282.414343][ T8386] bridge_slave_1: entered promiscuous mode
[  282.557862][ T5872] kernel write not supported for file /adsp1 (pid: 5872 comm: kworker/0:6)
[  282.755841][ T8386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.873442][ T8476] netlink: 12 bytes leftover after parsing attributes in process `syz.4.585'.
[  282.887063][ T8476] xt_connbytes: Forcing CT accounting to be enabled
[  282.894998][ T8386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.174083][ T8386] team0: Port device team_slave_0 added
[  283.215137][ T8481] xt_HMARK: spi-set and port-set can't be combined
[  283.395602][   T29] audit: type=1326 audit(1737221572.525:10645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.413524][ T8386] team0: Port device team_slave_1 added
[  283.717328][ T5131] Bluetooth: hci0: command tx timeout
[  283.752016][   T29] audit: type=1326 audit(1737221572.525:10646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.774093][   T29] audit: type=1326 audit(1737221572.525:10647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.795975][   T29] audit: type=1326 audit(1737221572.525:10648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.820374][   T29] audit: type=1326 audit(1737221572.525:10649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.845281][   T29] audit: type=1326 audit(1737221572.525:10650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.870914][   T29] audit: type=1326 audit(1737221572.525:10651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.894189][   T29] audit: type=1326 audit(1737221572.535:10652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.917455][   T29] audit: type=1326 audit(1737221572.535:10653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.941712][   T29] audit: type=1326 audit(1737221572.535:10654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  283.964505][   T29] audit: type=1326 audit(1737221572.555:10655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8479 comm="syz.0.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  284.192547][ T8386] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.395550][ T8386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.457068][ T8386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.481042][ T8386] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.491713][ T8386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.525311][ T8386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.566223][ T8492] netlink: 24 bytes leftover after parsing attributes in process `syz.0.590'.
[  284.588436][ T8486] bridge1: the hash_elasticity option has been deprecated and is always 16
[  284.591124][ T8492] netlink: 348 bytes leftover after parsing attributes in process `syz.0.590'.
[  284.709331][ T8386] hsr_slave_0: entered promiscuous mode
[  284.726850][ T8386] hsr_slave_1: entered promiscuous mode
[  284.746758][ T8386] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.764872][ T8386] Cannot create hsr debugfs directory
[  284.860189][ T8501] netlink: 20 bytes leftover after parsing attributes in process `syz.4.593'.
[  284.875022][ T8501] netlink: 13 bytes leftover after parsing attributes in process `syz.4.593'.
[  286.195496][ T8386] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  286.261679][ T8386] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  286.427946][ T8386] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  286.627177][ T8386] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  286.808948][ T8513] xt_HMARK: spi-set and port-set can't be combined
[  286.844000][ T8515] syz.5.597 (8515) used greatest stack depth: 18544 bytes left
[  287.058630][ T8386] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.132585][ T8386] 8021q: adding VLAN 0 to HW filter on device team0
[  287.152518][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.159731][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.254590][ T7917] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.262117][ T7917] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.728533][ T8386] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.760254][ T8386] veth0_vlan: entered promiscuous mode
[  287.771285][ T8386] veth1_vlan: entered promiscuous mode
[  287.793084][ T8386] veth0_macvtap: entered promiscuous mode
[  287.804082][ T8386] veth1_macvtap: entered promiscuous mode
[  287.819387][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.830330][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.840339][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.850841][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.860997][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.871511][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.881629][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.892371][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.902339][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.912886][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.781587][ T8386] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.689377][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.739457][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.802617][ T8548] xt_HMARK: spi-set and port-set can't be combined
[  289.822863][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.914606][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.943302][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.954473][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.964587][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.007383][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.074141][ T8386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.259515][ T8386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.321204][ T8386] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.349799][ T8386] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.385310][ T8386] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.396496][ T8386] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.411674][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  290.411692][   T29] audit: type=1326 audit(1737221579.625:10685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.415751][ T5868] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  290.455334][   T29] audit: type=1326 audit(1737221579.625:10686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.465431][ T8386] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.477003][    C0] vkms_vblank_simulate: vblank timer overrun
[  290.477774][   T29] audit: type=1326 audit(1737221579.625:10687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.513869][    C0] vkms_vblank_simulate: vblank timer overrun
[  290.526719][   T29] audit: type=1326 audit(1737221579.625:10688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.549142][   T29] audit: type=1326 audit(1737221579.625:10689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.585601][ T5868] usb 6-1: device descriptor read/64, error -71
[  290.620322][   T29] audit: type=1326 audit(1737221579.635:10690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.645695][   T29] audit: type=1326 audit(1737221579.635:10691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.669311][   T29] audit: type=1326 audit(1737221579.635:10692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.723709][ T8565] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[  290.733987][   T29] audit: type=1326 audit(1737221579.635:10693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.791544][ T8567] netlink: 12 bytes leftover after parsing attributes in process `syz.3.610'.
[  290.835689][ T5868] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  290.851886][   T29] audit: type=1326 audit(1737221579.635:10694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8562 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1838385d29 code=0x7ffc0000
[  290.899838][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.899862][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.926785][ T8569] netlink: 8 bytes leftover after parsing attributes in process `syz.4.611'.
[  290.960971][ T6856] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.975450][ T5868] usb 6-1: device descriptor read/64, error -71
[  290.983516][ T6856] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.008865][ T8571] FAULT_INJECTION: forcing a failure.
[  291.008865][ T8571] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.052618][ T8571] CPU: 1 UID: 0 PID: 8571 Comm: syz.0.612 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  291.063274][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  291.073358][ T8571] Call Trace:
[  291.076659][ T8571]  <TASK>
[  291.079610][ T8571]  dump_stack_lvl+0x241/0x360
[  291.084326][ T8571]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.089640][ T8571]  ? __pfx__printk+0x10/0x10
[  291.094268][ T8571]  should_fail_ex+0x3b0/0x4e0
[  291.098987][ T8571]  _copy_to_user+0x31/0xb0
[  291.103435][ T8571]  bpf_test_finish+0x212/0x890
[  291.106249][ T5868] usb usb6-port1: attempt power cycle
[  291.108211][ T8571]  ? __pfx_bpf_test_finish+0x10/0x10
[  291.118878][ T8571]  ? convert___skb_to_skb+0x41/0x620
[  291.124186][ T8571]  ? convert_skb_to___skb+0x2d3/0x510
[  291.129583][ T8571]  bpf_prog_test_run_skb+0xff0/0x1820
[  291.135005][ T8571]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  291.138889][ T8577] netlink: 'syz.3.615': attribute type 2 has an invalid length.
[  291.140825][ T8571]  ? __fget_files+0x2a/0x410
[  291.140857][ T8571]  ? fput+0x21b/0x290
[  291.140875][ T8571]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  291.140896][ T8571]  bpf_prog_test_run+0x2e4/0x360
[  291.140915][ T8571]  __sys_bpf+0x48d/0x810
[  291.151326][ T8577] netlink: 'syz.3.615': attribute type 1 has an invalid length.
[  291.153377][ T8571]  ? __pfx___sys_bpf+0x10/0x10
[  291.153414][ T8571]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  291.181700][ T8577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.615'.
[  291.184704][ T8571]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  291.184738][ T8571]  ? do_syscall_64+0x100/0x230
[  291.190984][ T8577] vlan2: left promiscuous mode
[  291.199440][ T8571]  __x64_sys_bpf+0x7c/0x90
[  291.199478][ T8571]  do_syscall_64+0xf3/0x230
[  291.199496][ T8571]  ? clear_bhb_loop+0x35/0x90
[  291.199516][ T8571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.199542][ T8571] RIP: 0033:0x7f1838385d29
[  291.240667][ T8571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.260377][ T8571] RSP: 002b:00007f18390fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  291.269603][ T8571] RAX: ffffffffffffffda RBX: 00007f1838575fa0 RCX: 00007f1838385d29
[  291.277577][ T8571] RDX: 0000000000000028 RSI: 00000000200003c0 RDI: 000000000000000a
[  291.285546][ T8571] RBP: 00007f18390fe090 R08: 0000000000000000 R09: 0000000000000000
[  291.293778][ T8571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.301750][ T8571] R13: 0000000000000000 R14: 00007f1838575fa0 R15: 00007ffc651a0aa8
[  291.310170][ T8571]  </TASK>
[  291.317717][ T8577] bond0: left promiscuous mode
[  291.322541][ T8577] bond_slave_0: left promiscuous mode
[  291.341086][ T8577] bond_slave_1: left promiscuous mode
[  291.355068][ T8577] bridge0: port 3(vlan2) entered disabled state
[  291.378436][ T8577] bridge_slave_1: left allmulticast mode
[  291.384326][ T8577] bridge_slave_1: left promiscuous mode
[  291.391484][ T8577] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.410498][ T8577] bridge_slave_0: left allmulticast mode
[  291.417276][ T8577] bridge_slave_0: left promiscuous mode
[  291.431601][ T8577] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.467222][ T8582] 9pnet_fd: Insufficient options for proto=fd
[  291.485618][ T5868] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  291.519534][ T5868] usb 6-1: device descriptor read/8, error -71
[  291.589811][ T8578] netlink: 20 bytes leftover after parsing attributes in process `syz.4.614'.
[  291.765924][ T5868] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  291.789437][ T8578] netlink: 13 bytes leftover after parsing attributes in process `syz.4.614'.
[  291.796022][ T5868] usb 6-1: device descriptor read/8, error -71
[  291.977859][ T5868] usb usb6-port1: unable to enumerate USB device
[  292.599286][ T8596] sch_tbf: burst 19869 is lower than device lo mtu (65550) !
[  292.706217][ T7917] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.057500][ T7917] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.695902][ T7917] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.774747][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.0.623'.
[  293.829605][ T7917] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.026712][ T7917] bridge_slave_1: left allmulticast mode
[  294.038802][ T7917] bridge_slave_1: left promiscuous mode
[  294.044919][ T7917] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.063638][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  294.073472][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  294.083364][ T7917] bridge_slave_0: left allmulticast mode
[  294.090902][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  294.106634][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  294.113762][ T7917] bridge_slave_0: left promiscuous mode
[  294.123993][ T5830] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  294.130976][ T7917] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.139025][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  296.089189][ T7917] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  296.101594][ T7917] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.112413][ T7917] bond0 (unregistering): Released all slaves
[  296.195760][ T5830] Bluetooth: hci0: command tx timeout
[  296.343797][ T8614] chnl_net:caif_netlink_parms(): no params data found
[  296.451419][ T7917] hsr_slave_0: left promiscuous mode
[  296.461668][ T7917] hsr_slave_1: left promiscuous mode
[  296.490006][ T7917] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.623741][ T8642] blktrace: Concurrent blktraces are not allowed on sg0
[  296.783904][ T7917] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.956089][ T7917] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.015524][ T7917] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.067662][ T7917] veth1_macvtap: left promiscuous mode
[  297.077951][ T7917] veth0_macvtap: left promiscuous mode
[  297.083589][ T7917] veth1_vlan: left promiscuous mode
[  297.087955][ T8646] netlink: 16 bytes leftover after parsing attributes in process `syz.4.633'.
[  297.097137][ T7917] veth0_vlan: left promiscuous mode
[  297.143333][ T8648] netlink: 12 bytes leftover after parsing attributes in process `syz.0.634'.
[  297.343126][ T5870] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  297.503996][ T5870] usb 6-1: Using ep0 maxpacket: 32
[  297.553226][ T5870] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  297.586745][ T5870] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  297.596005][ T5870] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.604020][ T5870] usb 6-1: Product: syz
[  297.619331][ T5870] usb 6-1: Manufacturer: syz
[  297.623964][ T5870] usb 6-1: SerialNumber: syz
[  297.630700][ T5870] usb 6-1: config 0 descriptor??
[  297.646573][ T5870] quatech2 6-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  297.700015][ T7917] team0 (unregistering): Port device team_slave_1 removed
[  297.753714][ T7917] team0 (unregistering): Port device team_slave_0 removed
[  297.852142][ T5870] usb 6-1: qt2_setup_urbs - submit read urb failed -8
[  297.859318][ T5870] quatech2 6-1:0.0: probe with driver quatech2 failed with error -8
[  298.060147][ T5870] usb 6-1: USB disconnect, device number 13
[  298.275604][ T5830] Bluetooth: hci0: command tx timeout
[  298.425555][ T8614] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.455022][ T8614] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.467846][ T8614] bridge_slave_0: entered allmulticast mode
[  298.474911][ T8614] bridge_slave_0: entered promiscuous mode
[  298.482968][ T8614] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.490896][ T8614] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.506143][ T8614] bridge_slave_1: entered allmulticast mode
[  298.523759][ T8614] bridge_slave_1: entered promiscuous mode
[  298.545041][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.638'.
[  298.848433][ T8614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.866097][ T8666] netlink: 8 bytes leftover after parsing attributes in process `syz.5.640'.
[  298.882033][ T8614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.013135][ T8614] team0: Port device team_slave_0 added
[  299.059085][ T8675] blktrace: Concurrent blktraces are not allowed on sg0
[  299.066142][ T8614] team0: Port device team_slave_1 added
[  299.457841][ T8614] batman_adv: batadv0: Adding interface: batadv_slave_0
[  299.485812][ T8614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.567696][ T8614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  299.595959][ T8614] batman_adv: batadv0: Adding interface: batadv_slave_1
[  299.602976][ T8614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.629061][ T8614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  299.707859][ T8614] hsr_slave_0: entered promiscuous mode
[  299.714520][ T8614] hsr_slave_1: entered promiscuous mode
[  299.742959][ T8614] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  299.765292][ T8614] Cannot create hsr debugfs directory
[  299.929009][ T8683] netlink: 12 bytes leftover after parsing attributes in process `syz.4.647'.
[  299.941355][ T8683] netlink: 16 bytes leftover after parsing attributes in process `syz.4.647'.
[  300.355582][ T5830] Bluetooth: hci0: command tx timeout
[  300.494775][ T8691] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  300.504328][ T8691] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  300.896148][ T5872] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  301.067710][ T5872] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD3, changing to 0x83
[  301.122537][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 115, setting to 64
[  301.261124][ T8696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.643'.
[  301.278419][ T5872] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  301.293795][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.303125][ T8696] netlink: 24 bytes leftover after parsing attributes in process `syz.3.643'.
[  301.351556][ T8696] netlink: 24 bytes leftover after parsing attributes in process `syz.3.643'.
[  301.407213][ T5872] usb 6-1: config 0 descriptor??
[  301.536641][ T8614] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  301.544212][ T8702] FAULT_INJECTION: forcing a failure.
[  301.544212][ T8702] name failslab, interval 1, probability 0, space 0, times 0
[  301.606141][ T8702] CPU: 0 UID: 0 PID: 8702 Comm: syz.4.653 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  301.617318][ T8702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  301.625159][ T8614] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  301.628157][ T8702] Call Trace:
[  301.628170][ T8702]  <TASK>
[  301.628179][ T8702]  dump_stack_lvl+0x241/0x360
[  301.645731][ T8702]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.650941][ T8702]  ? __pfx__printk+0x10/0x10
[  301.655530][ T8702]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  301.661505][ T8702]  ? __pfx___might_resched+0x10/0x10
[  301.666798][ T8702]  should_fail_ex+0x3b0/0x4e0
[  301.671484][ T8702]  should_failslab+0xac/0x100
[  301.676163][ T8702]  kmem_cache_alloc_node_noprof+0x77/0x380
[  301.681967][ T8702]  ? __alloc_skb+0x1c3/0x440
[  301.686558][ T8702]  __alloc_skb+0x1c3/0x440
[  301.690976][ T8702]  ? __pfx___alloc_skb+0x10/0x10
[  301.695918][ T8702]  ? netlink_ack_tlv_len+0x6e/0x200
[  301.701120][ T8702]  netlink_ack+0x145/0xa50
[  301.705555][ T8702]  ? __pfx___might_resched+0x10/0x10
[  301.711077][ T8702]  netlink_rcv_skb+0x262/0x430
[  301.715858][ T8702]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.720901][ T8702]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  301.726226][ T8702]  genl_rcv+0x28/0x40
[  301.730221][ T8702]  netlink_unicast+0x7f6/0x990
[  301.735003][ T8702]  ? __pfx_netlink_unicast+0x10/0x10
[  301.740291][ T8702]  ? __virt_addr_valid+0x45f/0x530
[  301.745404][ T8702]  ? __phys_addr_symbol+0x2f/0x70
[  301.750425][ T8702]  ? __check_object_size+0x47a/0x730
[  301.755715][ T8702]  netlink_sendmsg+0x8e4/0xcb0
[  301.760602][ T8702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.765911][ T8702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.771204][ T8702]  __sock_sendmsg+0x221/0x270
[  301.775889][ T8702]  ____sys_sendmsg+0x52a/0x7e0
[  301.780661][ T8702]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.785944][ T8702]  ? __fget_files+0x2a/0x410
[  301.790533][ T8702]  ? __fget_files+0x2a/0x410
[  301.795146][ T8702]  __sys_sendmsg+0x269/0x350
[  301.799734][ T8702]  ? __pfx_lock_release+0x10/0x10
[  301.804759][ T8702]  ? __pfx___sys_sendmsg+0x10/0x10
[  301.809877][ T8702]  ? __pfx_vfs_write+0x10/0x10
[  301.814666][ T8702]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  301.820995][ T8702]  ? do_syscall_64+0x100/0x230
[  301.825776][ T8702]  ? do_syscall_64+0xb6/0x230
[  301.830463][ T8702]  do_syscall_64+0xf3/0x230
[  301.834980][ T8702]  ? clear_bhb_loop+0x35/0x90
[  301.839669][ T8702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.845568][ T8702] RIP: 0033:0x7f853c585d29
[  301.849984][ T8702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.869602][ T8702] RSP: 002b:00007f853d3d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.878031][ T8702] RAX: ffffffffffffffda RBX: 00007f853c775fa0 RCX: 00007f853c585d29
[  301.886004][ T8702] RDX: 000000000000c000 RSI: 0000000020000200 RDI: 0000000000000004
[  301.893988][ T8702] RBP: 00007f853d3d6090 R08: 0000000000000000 R09: 0000000000000000
[  301.901956][ T8702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.909925][ T8702] R13: 0000000000000000 R14: 00007f853c775fa0 R15: 00007ffd3521c828
[  301.917914][ T8702]  </TASK>
[  302.309192][ T8706] xt_HMARK: spi-set and port-set can't be combined
[  302.411753][ T8614] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  302.440984][ T5830] Bluetooth: hci0: command tx timeout
[  302.447789][ T8614] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  302.505300][ T5872] ath6kl: Failed to submit usb control message: -110
[  302.512078][ T5872] ath6kl: unable to send the bmi data to the device: -110
[  302.527304][ T5872] ath6kl: Unable to send get target info: -110
[  302.586416][ T5872] ath6kl: Failed to init ath6kl core: -110
[  302.593025][ T5872] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -110
[  302.730502][ T8711] xt_HMARK: spi-set and port-set can't be combined
[  302.865478][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  302.865527][   T29] audit: type=1326 audit(1737221592.015:10746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.070294][   T29] audit: type=1326 audit(1737221592.025:10747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.207830][   T29] audit: type=1326 audit(1737221592.025:10748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.212017][ T8614] 8021q: adding VLAN 0 to HW filter on device bond0
[  303.236780][   T29] audit: type=1326 audit(1737221592.025:10749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.282132][   T29] audit: type=1326 audit(1737221592.025:10750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.309764][ T8614] 8021q: adding VLAN 0 to HW filter on device team0
[  303.349280][  T131] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.357187][  T131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.378103][  T131] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.385382][  T131] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.411691][   T29] audit: type=1326 audit(1737221592.025:10751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.557650][   T29] audit: type=1326 audit(1737221592.035:10752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.605379][   T29] audit: type=1326 audit(1737221592.035:10753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.635469][   T29] audit: type=1326 audit(1737221592.035:10754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  303.843034][ T8719] usb 6-1: USB disconnect, device number 14
[  303.949251][   T29] audit: type=1326 audit(1737221592.045:10755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  304.016626][ T8720] hub 6-0:1.0: USB hub found
[  304.022625][ T8720] hub 6-0:1.0: 1 port detected
[  304.509991][ T8725] FAULT_INJECTION: forcing a failure.
[  304.509991][ T8725] name failslab, interval 1, probability 0, space 0, times 0
[  304.522724][ T8728] netlink: 'syz.4.662': attribute type 1 has an invalid length.
[  304.523678][ T8725] CPU: 0 UID: 0 PID: 8725 Comm: syz.5.659 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  304.541246][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  304.551352][ T8725] Call Trace:
[  304.554637][ T8725]  <TASK>
[  304.557569][ T8725]  dump_stack_lvl+0x241/0x360
[  304.562257][ T8725]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.567457][ T8725]  ? __pfx__printk+0x10/0x10
[  304.572050][ T8725]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  304.578048][ T8725]  ? __pfx___might_resched+0x10/0x10
[  304.583375][ T8725]  should_fail_ex+0x3b0/0x4e0
[  304.588080][ T8725]  should_failslab+0xac/0x100
[  304.592787][ T8725]  kmem_cache_alloc_node_noprof+0x77/0x380
[  304.598691][ T8725]  ? __alloc_skb+0x1c3/0x440
[  304.604074][ T8725]  ? br_get_link_af_size_filtered+0xdb/0xd30
[  304.610061][ T8725]  __alloc_skb+0x1c3/0x440
[  304.614506][ T8725]  ? __pfx___alloc_skb+0x10/0x10
[  304.619448][ T8725]  ? if_nlmsg_size+0x540/0x7a0
[  304.624219][ T8725]  rtmsg_ifinfo_build_skb+0x84/0x260
[  304.629512][ T8725]  rtnetlink_event+0x1b1/0x260
[  304.634459][ T8725]  notifier_call_chain+0x1a5/0x3f0
[  304.639753][ T8725]  dev_set_mac_address+0x3d9/0x510
[  304.644872][ T8725]  ? __pfx_dev_set_mac_address+0x10/0x10
[  304.650782][ T8725]  ? down_write+0x18c/0x220
[  304.655310][ T8725]  ? __pfx_lock_acquire+0x10/0x10
[  304.660422][ T8725]  ? full_name_hash+0x93/0xe0
[  304.665106][ T8725]  dev_set_mac_address_user+0x31/0x50
[  304.670482][ T8725]  dev_ifsioc+0xbd9/0xe70
[  304.674820][ T8725]  ? __pfx_dev_ifsioc+0x10/0x10
[  304.679680][ T8725]  ? dev_load+0x21/0x1f0
[  304.683927][ T8725]  dev_ioctl+0x719/0x1340
[  304.688260][ T8725]  sock_do_ioctl+0x240/0x460
[  304.693035][ T8725]  ? __pfx_sock_do_ioctl+0x10/0x10
[  304.698160][ T8725]  ? __asan_memset+0x23/0x50
[  304.702754][ T8725]  ? smack_file_ioctl+0x29e/0x3a0
[  304.707866][ T8725]  sock_ioctl+0x626/0x8e0
[  304.712462][ T8725]  ? __pfx_sock_ioctl+0x10/0x10
[  304.717322][ T8725]  ? __fget_files+0x2a/0x410
[  304.721919][ T8725]  ? __fget_files+0x2a/0x410
[  304.726513][ T8725]  ? __pfx_sock_ioctl+0x10/0x10
[  304.731380][ T8725]  __se_sys_ioctl+0xf5/0x170
[  304.735979][ T8725]  do_syscall_64+0xf3/0x230
[  304.740480][ T8725]  ? clear_bhb_loop+0x35/0x90
[  304.745184][ T8725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.751174][ T8725] RIP: 0033:0x7fa572585d29
[  304.755592][ T8725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.775310][ T8725] RSP: 002b:00007fa5733e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  304.783734][ T8725] RAX: ffffffffffffffda RBX: 00007fa572775fa0 RCX: 00007fa572585d29
[  304.791724][ T8725] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000004
[  304.799901][ T8725] RBP: 00007fa5733e8090 R08: 0000000000000000 R09: 0000000000000000
[  304.808044][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.816014][ T8725] R13: 0000000000000000 R14: 00007fa572775fa0 R15: 00007fff900884b8
[  304.824013][ T8725]  </TASK>
[  304.841477][ T8730] netlink: 19 bytes leftover after parsing attributes in process `syz.4.662'.
[  304.864722][ T8728] 8021q: adding VLAN 0 to HW filter on device bond1
[  305.276986][ T8614] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.775382][ T5945] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  306.008134][ T8752] xt_HMARK: spi-set and port-set can't be combined
[  306.069623][ T8750] xt_HMARK: spi-set and port-set can't be combined
[  306.101970][ T8614] veth0_vlan: entered promiscuous mode
[  306.155584][ T5945] usb 5-1: Using ep0 maxpacket: 32
[  306.162155][ T8614] veth1_vlan: entered promiscuous mode
[  306.170933][ T5945] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.214412][ T5945] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.258093][ T5945] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  306.282566][ T5945] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.339912][ T5945] usb 5-1: config 0 descriptor??
[  306.384802][ T5945] hub 5-1:0.0: USB hub found
[  306.384800][ T8614] veth0_macvtap: entered promiscuous mode
[  306.532556][ T8756] xt_HMARK: spi-set and port-set can't be combined
[  306.902843][ T8614] veth1_macvtap: entered promiscuous mode
[  306.943578][ T5945] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  306.974910][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.036824][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.051873][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.065640][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.079063][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.095273][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.115344][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.133066][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.165774][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.187455][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.187963][ T8758] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  307.202244][ T8614] batman_adv: batadv0: Interface activated: batadv_slave_0
[  307.219650][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.230334][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.241049][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.251819][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.265094][ T8759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.302954][ T8758] overlayfs: missing 'lowerdir'
[  307.308823][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.326120][ T8759] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.345243][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.391482][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.417162][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.427511][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.438599][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.449887][ T8614] batman_adv: batadv0: Interface activated: batadv_slave_1
[  307.492094][ T8614] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.509352][ T8614] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.521183][ T8614] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.535170][ T8614] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.398269][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.407962][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  308.438205][ T5945] hid-generic 0003:046D:C31C.0006: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[  308.459673][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.470860][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  308.582652][ T5945] usb 5-1: USB disconnect, device number 13
[  309.134378][ T8774] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  309.143586][ T8774] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  309.152357][ T8774] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  309.161293][ T8774] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  309.356343][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  309.356356][   T29] audit: type=1326 audit(1737221598.575:10777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  309.404629][   T29] audit: type=1326 audit(1737221598.575:10778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  309.432960][   T29] audit: type=1326 audit(1737221598.605:10779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  309.456148][   T29] audit: type=1326 audit(1737221598.605:10780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  309.480213][ T8784] binder: 8780:8784 ioctl c0306201 0 returned -14
[  309.630571][   T29] audit: type=1326 audit(1737221598.605:10781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  309.657202][   T29] audit: type=1326 audit(1737221598.605:10782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  309.682650][   T29] audit: type=1326 audit(1737221598.605:10783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  310.445907][   T29] audit: type=1326 audit(1737221598.605:10784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  310.468200][   T29] audit: type=1326 audit(1737221598.615:10785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  310.533962][   T29] audit: type=1326 audit(1737221598.615:10786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853c585d29 code=0x7ffc0000
[  310.613442][ T8789] xt_HMARK: spi-set and port-set can't be combined
[  312.467589][ T8806] binder: 8804:8806 unknown command 369098752
[  312.474254][ T8806] binder: 8804:8806 ioctl c0306201 200001c0 returned -22
[  312.721187][ T5868] libceph: connect (1)[c::]:6789 error -101
[  312.727832][ T5868] libceph: mon0 (1)[c::]:6789 connect error
[  312.823758][   T62] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.844203][ T8810] ceph: No mds server is up or the cluster is laggy
[  312.858503][ T5868] IPVS: starting estimator thread 0...
[  312.975516][ T8818] IPVS: using max 23 ests per chain, 55200 per kthread
[  313.003834][ T5868] libceph: connect (1)[c::]:6789 error -101
[  313.014379][ T5868] libceph: mon0 (1)[c::]:6789 connect error
[  313.201396][ T8820] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  313.878097][   T62] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.943949][   T62] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.022016][   T62] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.116833][   T62] bridge_slave_1: left allmulticast mode
[  314.122639][   T62] bridge_slave_1: left promiscuous mode
[  314.128506][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.138817][   T62] bridge_slave_0: left allmulticast mode
[  314.144481][   T62] bridge_slave_0: left promiscuous mode
[  314.150728][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.480164][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  314.491023][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  314.505821][   T62] bond0 (unregistering): Released all slaves
[  314.742682][   T62] hsr_slave_0: left promiscuous mode
[  314.750846][   T62] hsr_slave_1: left promiscuous mode
[  314.758434][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.766557][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.774388][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.781984][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.861374][   T62] veth1_macvtap: left promiscuous mode
[  314.867137][   T62] veth0_macvtap: left promiscuous mode
[  314.872742][   T62] veth1_vlan: left promiscuous mode
[  314.878111][   T62] veth0_vlan: left promiscuous mode
[  315.676932][ T5870] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  315.684730][ T5945] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  315.845497][ T5870] usb 6-1: device descriptor read/64, error -71
[  315.881560][ T5945] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  315.891546][ T5945] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.978961][ T5945] usb 5-1: config 0 descriptor??
[  316.115743][ T5870] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  316.135506][ T8837] fuse: Bad value for 'fd'
[  316.256307][ T5870] usb 6-1: device descriptor read/64, error -71
[  316.372368][ T5870] usb usb6-port1: attempt power cycle
[  316.428715][ T5131] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  316.453568][ T5131] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  316.464609][ T5131] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  316.503422][ T5131] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  316.542033][ T5131] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  316.550511][ T5131] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  316.939720][ T5870] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  317.023055][ T8850] xt_time: unknown flags 0xc
[  317.587909][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  317.594298][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  317.601026][ T5870] usb 6-1: device descriptor read/8, error -71
[  317.646154][   T62] team0 (unregistering): Port device team_slave_1 removed
[  317.812490][   T62] team0 (unregistering): Port device team_slave_0 removed
[  317.890603][ T5870] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  317.935968][ T5870] usb 6-1: device descriptor read/8, error -71
[  318.357722][ T5870] usb usb6-port1: unable to enumerate USB device
[  318.599811][ T5131] Bluetooth: hci0: command tx timeout
[  318.752562][ T5945] usb 5-1: Cannot set autoneg
[  318.760369][ T5945] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  318.778071][ T5945] usb 5-1: USB disconnect, device number 14
[  319.015515][ T8872] 9pnet_fd: Insufficient options for proto=fd
[  319.084028][ T8839] chnl_net:caif_netlink_parms(): no params data found
[  319.565014][ T8839] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.616762][ T8839] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.661498][ T8839] bridge_slave_0: entered allmulticast mode
[  319.694367][ T8839] bridge_slave_0: entered promiscuous mode
[  319.721962][ T8839] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.729328][ T8839] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.736626][ T8839] bridge_slave_1: entered allmulticast mode
[  319.743588][ T8839] bridge_slave_1: entered promiscuous mode
[  319.916060][ T8839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.213625][ T8839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  320.327786][ T8887] netem: incorrect gi model size
[  320.333427][ T8887] netem: change failed
[  320.462135][ T8839] team0: Port device team_slave_0 added
[  320.480930][ T8839] team0: Port device team_slave_1 added
[  320.490975][ T8892] netlink: 8 bytes leftover after parsing attributes in process `syz.0.702'.
[  320.600685][ T8839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.613586][ T8839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.678062][ T5131] Bluetooth: hci0: command tx timeout
[  320.682904][ T8839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.696459][ T8839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.703592][ T8839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.730094][ T8839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.356409][ T8839] hsr_slave_0: entered promiscuous mode
[  321.414103][ T8839] hsr_slave_1: entered promiscuous mode
[  321.445933][ T8839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  321.453551][ T8839] Cannot create hsr debugfs directory
[  321.714301][ T8910] FAULT_INJECTION: forcing a failure.
[  321.714301][ T8910] name failslab, interval 1, probability 0, space 0, times 0
[  321.751839][ T8913] 9pnet_fd: Insufficient options for proto=fd
[  321.762093][ T8910] CPU: 1 UID: 0 PID: 8910 Comm: syz.0.707 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  321.772832][ T8910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  321.782930][ T8910] Call Trace:
[  321.786320][ T8910]  <TASK>
[  321.789294][ T8910]  dump_stack_lvl+0x241/0x360
[  321.794023][ T8910]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.799269][ T8910]  ? __pfx__printk+0x10/0x10
[  321.803906][ T8910]  ? __kmalloc_noprof+0xb5/0x4c0
[  321.808881][ T8910]  ? __pfx___might_resched+0x10/0x10
[  321.814201][ T8910]  should_fail_ex+0x3b0/0x4e0
[  321.818887][ T8910]  should_failslab+0xac/0x100
[  321.823576][ T8910]  __kmalloc_noprof+0xdd/0x4c0
[  321.828343][ T8910]  ? ethnl_default_notify+0x18f/0x780
[  321.833727][ T8910]  ethnl_default_notify+0x18f/0x780
[  321.838940][ T8910]  ? __pfx_ethnl_default_notify+0x10/0x10
[  321.844685][ T8910]  ? __pfx_ethnl_set_coalesce+0x10/0x10
[  321.850244][ T8910]  ? mutex_is_locked+0x17/0x50
[  321.855020][ T8910]  ethnl_default_set_doit+0x617/0x910
[  321.860406][ T8910]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  321.866319][ T8910]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  321.872686][ T8910]  genl_rcv_msg+0xb14/0xec0
[  321.877207][ T8910]  ? __pfx_genl_rcv_msg+0x10/0x10
[  321.882261][ T8910]  ? __pfx_lock_acquire+0x10/0x10
[  321.887397][ T8910]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  321.893300][ T8910]  ? __pfx___might_resched+0x10/0x10
[  321.898806][ T8910]  netlink_rcv_skb+0x1e3/0x430
[  321.903597][ T8910]  ? __pfx_genl_rcv_msg+0x10/0x10
[  321.908825][ T8910]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  321.914127][ T8910]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  321.919628][ T8910]  genl_rcv+0x28/0x40
[  321.923789][ T8910]  netlink_unicast+0x7f6/0x990
[  321.928564][ T8910]  ? __pfx_netlink_unicast+0x10/0x10
[  321.933937][ T8910]  ? __virt_addr_valid+0x45f/0x530
[  321.939147][ T8910]  ? __phys_addr_symbol+0x2f/0x70
[  321.944451][ T8910]  ? __check_object_size+0x47a/0x730
[  321.949752][ T8910]  netlink_sendmsg+0x8e4/0xcb0
[  321.954533][ T8910]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.959966][ T8910]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.965442][ T8910]  __sock_sendmsg+0x221/0x270
[  321.970130][ T8910]  ____sys_sendmsg+0x52a/0x7e0
[  321.974906][ T8910]  ? __pfx_____sys_sendmsg+0x10/0x10
[  321.980196][ T8910]  ? __fget_files+0x2a/0x410
[  321.984795][ T8910]  ? __fget_files+0x2a/0x410
[  321.989433][ T8910]  __sys_sendmsg+0x269/0x350
[  321.994835][ T8910]  ? __pfx_lock_release+0x10/0x10
[  321.999875][ T8910]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.005704][ T8910]  ? __pfx_vfs_write+0x10/0x10
[  322.010495][ T8910]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  322.016921][ T8910]  ? do_syscall_64+0x100/0x230
[  322.021688][ T8910]  ? do_syscall_64+0xb6/0x230
[  322.026375][ T8910]  do_syscall_64+0xf3/0x230
[  322.030896][ T8910]  ? clear_bhb_loop+0x35/0x90
[  322.035576][ T8910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.041481][ T8910] RIP: 0033:0x7f1838385d29
[  322.045897][ T8910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.065544][ T8910] RSP: 002b:00007f18390fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.073965][ T8910] RAX: ffffffffffffffda RBX: 00007f1838575fa0 RCX: 00007f1838385d29
[  322.081947][ T8910] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000005
[  322.089974][ T8910] RBP: 00007f18390fe090 R08: 0000000000000000 R09: 0000000000000000
[  322.097946][ T8910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.105921][ T8910] R13: 0000000000000000 R14: 00007f1838575fa0 R15: 00007ffc651a0aa8
[  322.113913][ T8910]  </TASK>
[  322.168653][ T8906] geneve0: entered allmulticast mode
[  322.245301][ T5869] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  322.375468][ T5869] usb 5-1: device descriptor read/64, error -71
[  322.583090][ T8919] netem: incorrect gi model size
[  322.590265][ T8919] netem: change failed
[  322.645736][ T5869] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  322.755376][ T5131] Bluetooth: hci0: command tx timeout
[  322.796352][ T5869] usb 5-1: device descriptor read/64, error -71
[  322.905757][ T5869] usb usb5-port1: attempt power cycle
[  323.135447][   T25] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  323.266910][ T5869] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  323.293504][   T25] usb 6-1: Using ep0 maxpacket: 8
[  323.307698][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.335832][ T5869] usb 5-1: device descriptor read/8, error -71
[  323.356098][ T8923] binder: 8922:8923 ioctl 40044591 20000280 returned -22
[  323.357606][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.420931][   T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  323.453282][   T25] usb 6-1: New USB device found, idVendor=056a, idProduct=00b5, bcdDevice= 0.00
[  323.473065][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.491033][ T8839] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  323.500734][   T25] usb 6-1: config 0 descriptor??
[  323.512998][ T8839] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  323.524732][ T8839] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  323.535631][ T8839] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  323.585872][ T5869] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  323.616163][ T5869] usb 5-1: device descriptor read/8, error -71
[  323.685859][ T8839] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.725838][ T5869] usb usb5-port1: unable to enumerate USB device
[  323.736565][ T8839] 8021q: adding VLAN 0 to HW filter on device team0
[  323.768901][ T7919] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.776104][ T7919] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.810815][ T7919] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.818009][ T7919] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.872527][ T8839] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  323.883401][ T8839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  323.917087][ T8921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.955677][ T8921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.107861][ T8839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.190956][ T8839] veth0_vlan: entered promiscuous mode
[  324.202857][   T25] wacom 0003:056A:00B5.0007: Unknown device_type for 'HID 056a:00b5'. Assuming pen.
[  324.228160][   T25] wacom 0003:056A:00B5.0007: hidraw0: USB HID v0.00 Device [HID 056a:00b5] on usb-dummy_hcd.5-1/input0
[  324.243859][ T8839] veth1_vlan: entered promiscuous mode
[  324.263497][   T25] input: Wacom Intuos3 6x11 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:00B5.0007/input/input8
[  324.317882][ T8839] veth0_macvtap: entered promiscuous mode
[  324.398431][ T8921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.422476][ T8921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.454313][ T8839] veth1_macvtap: entered promiscuous mode
[  324.464707][ T8921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.511220][ T8921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.560858][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.632395][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.691165][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.729883][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.739913][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.750612][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.760492][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.771136][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.787129][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.797692][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.809281][ T8839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.819677][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.840215][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.855498][ T5830] Bluetooth: hci0: command tx timeout
[  324.872368][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.883374][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.894067][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.904948][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.915424][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.926350][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.936994][ T8839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.960597][ T8839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.980085][ T8839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.028396][ T8839] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.043378][ T5872] usb 6-1: USB disconnect, device number 19
[  325.049424][ T8839] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.417704][ T8839] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.428012][ T8839] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.965500][ T5957] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.018513][ T5957] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.169581][ T5957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.178646][ T5957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.990248][ T5830] Bluetooth: hci0: command 0x0405 tx timeout
[  327.050743][ T8958] netem: incorrect gi model size
[  327.056119][ T8958] netem: change failed
[  327.245112][ T8955] 9pnet_fd: Insufficient options for proto=fd
[  327.936831][ T8968] netlink: 'syz.5.724': attribute type 3 has an invalid length.
[  328.056153][ T8970] 9pnet_fd: Insufficient options for proto=fd
[  328.067441][ T8973] 9pnet_fd: Insufficient options for proto=fd
[  329.246834][ T8986] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  329.255667][ T8986] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  329.969011][ T5870] kernel write not supported for file /adsp1 (pid: 5870 comm: kworker/1:4)
[  330.259520][ T8998] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  330.293801][ T8998] Error validating options; rc = [-22]
[  331.015489][ T5870] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  331.390620][ T9013] netlink: 'syz.3.739': attribute type 29 has an invalid length.
[  331.553733][ T9015] blktrace: Concurrent blktraces are not allowed on sg0
[  331.961182][ T9013] netlink: 'syz.3.739': attribute type 29 has an invalid length.
[  331.971026][ T9013] netlink: 508 bytes leftover after parsing attributes in process `syz.3.739'.
[  331.992786][ T9013] unsupported nla_type 40
[  332.027548][ T5870] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  332.039147][ T5870] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.049081][ T5870] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  332.097187][ T5870] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  332.122250][ T9020] 9pnet_fd: Insufficient options for proto=fd
[  332.141776][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.430531][ T5870] usb 5-1: config 0 descriptor??
[  332.949900][ T7917] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.981099][ T5870] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  333.009452][ T5870] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  333.016384][ T9027] netlink: 16 bytes leftover after parsing attributes in process `syz.3.744'.
[  333.127598][ T7917] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.197566][ T7917] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.280026][ T7917] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.291007][ T9006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  333.313806][ T9006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  333.348127][    T8] usb 5-1: USB disconnect, device number 19
[  333.449300][ T7917] bridge_slave_1: left allmulticast mode
[  333.459013][ T7917] bridge_slave_1: left promiscuous mode
[  333.472468][ T7917] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.491793][ T7917] bridge_slave_0: left allmulticast mode
[  333.500920][ T7917] bridge_slave_0: left promiscuous mode
[  333.510451][ T7917] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.274331][ T9034] netlink: 'syz.4.748': attribute type 10 has an invalid length.
[  334.497709][ T9037] 9pnet: Could not find request transport: E

[  334.589565][ T7917] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.668510][ T7917] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.722144][ T7917] bond0 (unregistering): Released all slaves
[  334.753376][ T9034] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  335.634510][ T5825] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  335.650195][ T5825] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  335.670045][ T5825] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  335.688215][ T5825] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  335.697990][ T5825] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  335.719135][ T5825] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  335.937945][ T9065] netlink: 'syz.4.753': attribute type 5 has an invalid length.
[  335.960785][ T9065] netlink: 16 bytes leftover after parsing attributes in process `syz.4.753'.
[  335.987713][ T7917] hsr_slave_0: left promiscuous mode
[  335.999735][ T7917] hsr_slave_1: left promiscuous mode
[  336.007813][ T7917] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.015981][ T7917] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.026737][ T7917] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  336.034391][ T7917] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.060316][ T7917] veth1_macvtap: left promiscuous mode
[  336.066369][ T7917] veth0_macvtap: left promiscuous mode
[  336.072102][ T7917] veth1_vlan: left promiscuous mode
[  336.077695][ T7917] veth0_vlan: left promiscuous mode
[  336.194263][ T9068] FAULT_INJECTION: forcing a failure.
[  336.194263][ T9068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.208838][ T9068] CPU: 0 UID: 0 PID: 9068 Comm: syz.5.754 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  336.219699][ T9068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  336.229773][ T9068] Call Trace:
[  336.233057][ T9068]  <TASK>
[  336.235989][ T9068]  dump_stack_lvl+0x241/0x360
[  336.240678][ T9068]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.245900][ T9068]  ? __pfx__printk+0x10/0x10
[  336.250504][ T9068]  ? __pfx_lock_release+0x10/0x10
[  336.255540][ T9068]  should_fail_ex+0x3b0/0x4e0
[  336.260320][ T9068]  _copy_from_user+0x2f/0xc0
[  336.265014][ T9068]  alg_setkey+0xc4/0x1b0
[  336.269280][ T9068]  alg_setsockopt+0x383/0x450
[  336.273988][ T9068]  ? __pfx_alg_setsockopt+0x10/0x10
[  336.279209][ T9068]  do_sock_setsockopt+0x3af/0x720
[  336.284340][ T9068]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  336.289923][ T9068]  ? __fget_files+0x395/0x410
[  336.294720][ T9068]  ? __fget_files+0x2a/0x410
[  336.299350][ T9068]  __x64_sys_setsockopt+0x1ee/0x280
[  336.304718][ T9068]  do_syscall_64+0xf3/0x230
[  336.309270][ T9068]  ? clear_bhb_loop+0x35/0x90
[  336.313965][ T9068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.319881][ T9068] RIP: 0033:0x7fa572585d29
[  336.324314][ T9068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.344020][ T9068] RSP: 002b:00007fa5733e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  336.352494][ T9068] RAX: ffffffffffffffda RBX: 00007fa572775fa0 RCX: 00007fa572585d29
[  336.360494][ T9068] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000009
[  336.368672][ T9068] RBP: 00007fa5733e8090 R08: 0000000000000020 R09: 0000000000000000
[  336.376659][ T9068] R10: 0000000020000340 R11: 0000000000000246 R12: 0000000000000001
[  336.384729][ T9068] R13: 0000000000000000 R14: 00007fa572775fa0 R15: 00007fff900884b8
[  336.392752][ T9068]  </TASK>
[  336.972131][ T7917] team0 (unregistering): Port device team_slave_1 removed
[  337.034337][ T7917] team0 (unregistering): Port device team_slave_0 removed
[  337.589732][ T9065] batadv0: entered promiscuous mode
[  337.596399][ T9065] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  337.769177][ T9060] chnl_net:caif_netlink_parms(): no params data found
[  337.804429][ T5131] Bluetooth: hci0: command tx timeout
[  338.986817][ T9060] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.005988][ T9060] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.028088][ T9060] bridge_slave_0: entered allmulticast mode
[  339.043885][ T9060] bridge_slave_0: entered promiscuous mode
[  339.189583][ T9060] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.225887][ T9060] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.394875][ T9060] bridge_slave_1: entered allmulticast mode
[  339.472376][ T9060] bridge_slave_1: entered promiscuous mode
[  339.643884][ T9060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.888198][ T5131] Bluetooth: hci0: command tx timeout
[  339.907800][ T9060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  340.938689][ T9060] team0: Port device team_slave_0 added
[  340.989444][ T9060] team0: Port device team_slave_1 added
[  341.153938][ T9060] batman_adv: batadv0: Adding interface: batadv_slave_0
[  341.185599][ T9060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.264909][ T9060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  341.290844][ T9113] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[  341.376540][ T9060] batman_adv: batadv0: Adding interface: batadv_slave_1
[  341.383716][ T9060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.506810][ T9060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  341.996241][ T5131] Bluetooth: hci0: command tx timeout
[  342.226276][ T9060] hsr_slave_0: entered promiscuous mode
[  342.266485][ T9060] hsr_slave_1: entered promiscuous mode
[  342.322927][ T9060] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  342.331022][ T9060] Cannot create hsr debugfs directory
[  342.612240][ T9139] netlink: 16 bytes leftover after parsing attributes in process `syz.5.772'.
[  342.672832][ T9134] netlink: 20 bytes leftover after parsing attributes in process `syz.0.770'.
[  342.718473][ T9134] netlink: 20 bytes leftover after parsing attributes in process `syz.0.770'.
[  342.827298][ T9140] ptrace attach of "./syz-executor exec"[5824] was attempted by ""[9140]
[  344.237521][ T5131] Bluetooth: hci0: command tx timeout
[  344.535352][ T5872] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  344.613734][ T9060] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  344.647765][ T9060] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  344.685450][ T5872] usb 5-1: Using ep0 maxpacket: 8
[  344.696268][ T5872] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  344.708088][ T9060] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  344.721941][ T5872] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  344.724293][ T9060] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  344.740149][ T5872] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  344.770056][ T5872] usb 5-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[  344.790833][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.802768][ T5872] usb 5-1: Product: syz
[  344.812665][ T5872] usb 5-1: Manufacturer: syz
[  344.820173][ T5872] usb 5-1: SerialNumber: syz
[  344.833661][ T5872] usb 5-1: config 0 descriptor??
[  344.883029][ T5872] radioshark2 5-1:0.0: Invalid radioSHARK2 device
[  344.895561][ T5872] radioshark2 5-1:0.0: probe with driver radioshark2 failed with error -22
[  344.904952][ T5872] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  344.978278][ T9060] 8021q: adding VLAN 0 to HW filter on device bond0
[  345.110680][ T9167] netem: incorrect gi model size
[  345.116053][ T9167] netem: change failed
[  345.274641][ T9060] 8021q: adding VLAN 0 to HW filter on device team0
[  345.601064][ T2992] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.608613][ T2992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  345.661640][ T9171] 9pnet_fd: Insufficient options for proto=fd
[  345.679048][ T2992] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.686335][ T2992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.870781][ T9174] mmap: syz.0.784 (9174): VmData 37597184 exceed data ulimit 6. Update limits or use boot option ignore_rlimit_data.
[  345.976355][ T5945] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  346.161914][ T5945] usb 6-1: Using ep0 maxpacket: 8
[  346.178327][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  346.192063][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  346.203643][ T5945] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  346.216143][ T5945] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.229107][ T5945] usb 6-1: config 0 descriptor??
[  346.234930][ T9171] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  346.476616][ T5945] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  346.489324][ T5945] usb 6-1: USB disconnect, device number 20
[  349.751586][ T5873] usb 5-1: USB disconnect, device number 20
[  349.840067][ T9060] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  349.898998][ T9060] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  351.532615][ T9211] ntfs3(nullb0): Primary boot signature is not NTFS.
[  351.541645][ T9211] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  352.046229][ T9196] xt_HMARK: spi-set and port-set can't be combined
[  352.824415][ T9060] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.844891][ T9060] veth0_vlan: entered promiscuous mode
[  352.855883][ T9060] veth1_vlan: entered promiscuous mode
[  353.111782][ T9060] veth0_macvtap: entered promiscuous mode
[  353.132845][ T9060] veth1_macvtap: entered promiscuous mode
[  353.151908][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.162930][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.173280][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.185135][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.196636][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.208404][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.219444][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.231036][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.368419][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.379629][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.391433][ T9060] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.414293][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.425900][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.436007][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.447318][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.457616][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.468909][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.305351][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.335430][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.355733][ T9060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.375404][ T9060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.426217][ T9060] batman_adv: batadv0: Interface activated: batadv_slave_1
[  354.497495][ T9060] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.535618][ T9060] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.564394][ T9060] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  354.600159][ T9060] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  354.716548][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.725046][ T2992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.733846][ T2992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.741308][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.895385][ T5945] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  355.069675][ T5945] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  355.080928][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.092080][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.102086][ T5945] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  355.115288][ T5945] usb 6-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00
[  355.124445][ T5945] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.133966][ T5945] usb 6-1: config 0 descriptor??
[  355.558883][ T9240] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  355.610812][ T2992] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.779024][ T5945] usbhid 6-1:0.0: can't add hid device: -71
[  355.785511][ T5945] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  355.795033][ T5945] usb 6-1: USB disconnect, device number 21
[  355.970802][ T2992] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.044982][ T2992] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.123860][ T2992] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.252735][ T2992] bridge_slave_1: left allmulticast mode
[  356.258906][ T2992] bridge_slave_1: left promiscuous mode
[  356.264655][ T2992] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.273170][ T2992] bridge_slave_0: left allmulticast mode
[  356.279567][ T2992] bridge_slave_0: left promiscuous mode
[  356.285423][ T2992] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.744363][ T2992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  356.760035][ T2992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  356.770869][ T2992] bond0 (unregistering): Released all slaves
[  358.431917][ T5825] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  358.481546][ T5825] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  358.514664][ T5825] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  358.626403][ T5825] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  358.636154][ T5825] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  358.646591][ T5825] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  358.733490][ T9266] netlink: 20 bytes leftover after parsing attributes in process `syz.3.807'.
[  358.830467][ T9266] netlink: 20 bytes leftover after parsing attributes in process `syz.3.807'.
[  359.045392][ T9273] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  360.432657][ T9278] netem: incorrect gi model size
[  360.445594][ T9278] netem: change failed
[  360.773444][ T9287] FAULT_INJECTION: forcing a failure.
[  360.773444][ T9287] name failslab, interval 1, probability 0, space 0, times 0
[  360.788889][ T9287] CPU: 1 UID: 0 PID: 9287 Comm: syz.3.812 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  360.799712][ T9287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  360.809773][ T9287] Call Trace:
[  360.813072][ T9287]  <TASK>
[  360.816016][ T9287]  dump_stack_lvl+0x241/0x360
[  360.820715][ T9287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  360.825943][ T9287]  ? __pfx__printk+0x10/0x10
[  360.830568][ T9287]  should_fail_ex+0x3b0/0x4e0
[  360.835251][ T9287]  should_failslab+0xac/0x100
[  360.839942][ T9287]  ? skb_clone+0x20c/0x390
[  360.844722][ T9287]  kmem_cache_alloc_noprof+0x70/0x380
[  360.850121][ T9287]  skb_clone+0x20c/0x390
[  360.854381][ T9287]  __netlink_deliver_tap+0x3cc/0x7f0
[  360.859683][ T9287]  ? netlink_deliver_tap+0x2e/0x1b0
[  360.864881][ T9287]  netlink_deliver_tap+0x19d/0x1b0
[  360.869994][ T9287]  netlink_dump+0x8c6/0xe10
[  360.874508][ T9287]  ? __pfx_netlink_dump+0x10/0x10
[  360.879582][ T9287]  __netlink_dump_start+0x5a2/0x790
[  360.884802][ T9287]  xsk_diag_handler_dump+0x1dc/0x270
[  360.890108][ T9287]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  360.895921][ T9287]  ? __pfx_xsk_diag_dump+0x10/0x10
[  360.901043][ T9287]  ? sock_diag_lock_handler+0x19/0x280
[  360.906508][ T9287]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  360.912895][ T9287]  sock_diag_rcv_msg+0x3dc/0x5f0
[  360.917865][ T9287]  netlink_rcv_skb+0x1e3/0x430
[  360.923083][ T9287]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  360.928725][ T9287]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  360.934035][ T9287]  ? netlink_deliver_tap+0x2e/0x1b0
[  360.939247][ T9287]  netlink_unicast+0x7f6/0x990
[  360.944036][ T9287]  ? __pfx_netlink_unicast+0x10/0x10
[  360.950035][ T9287]  ? __virt_addr_valid+0x45f/0x530
[  360.955173][ T9287]  ? __phys_addr_symbol+0x2f/0x70
[  360.960212][ T9287]  ? __check_object_size+0x47a/0x730
[  360.965549][ T9287]  netlink_sendmsg+0x8e4/0xcb0
[  360.970504][ T9287]  ? mark_lock+0x9a/0x360
[  360.974851][ T9287]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.980151][ T9287]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.985453][ T9287]  __sock_sendmsg+0x221/0x270
[  360.990134][ T9287]  sock_write_iter+0x2d7/0x3f0
[  360.994903][ T9287]  ? __pfx_sock_write_iter+0x10/0x10
[  361.000209][ T9287]  do_iter_readv_writev+0x600/0x880
[  361.005420][ T9287]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  361.011158][ T9287]  ? bpf_lsm_file_permission+0x9/0x10
[  361.016568][ T9287]  ? security_file_permission+0x74/0x280
[  361.022209][ T9287]  ? rw_verify_area+0x1c3/0x6f0
[  361.027068][ T9287]  vfs_writev+0x376/0xba0
[  361.031411][ T9287]  ? __pfx_lock_acquire+0x10/0x10
[  361.036451][ T9287]  ? __pfx_vfs_writev+0x10/0x10
[  361.041316][ T9287]  ? __pfx_vfs_write+0x10/0x10
[  361.046087][ T9287]  ? __fget_files+0x2a/0x410
[  361.050676][ T9287]  ? __fget_files+0x395/0x410
[  361.055358][ T9287]  ? __fget_files+0x2a/0x410
[  361.059967][ T9287]  do_writev+0x1b6/0x360
[  361.064399][ T9287]  ? __pfx_do_writev+0x10/0x10
[  361.069175][ T9287]  ? do_syscall_64+0x100/0x230
[  361.073942][ T9287]  ? do_syscall_64+0xb6/0x230
[  361.078621][ T9287]  do_syscall_64+0xf3/0x230
[  361.083122][ T9287]  ? clear_bhb_loop+0x35/0x90
[  361.087812][ T9287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.093809][ T9287] RIP: 0033:0x7fc7e7585d29
[  361.098240][ T9287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  361.118032][ T9287] RSP: 002b:00007fc7e8468038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  361.126454][ T9287] RAX: ffffffffffffffda RBX: 00007fc7e7775fa0 RCX: 00007fc7e7585d29
[  361.134437][ T9287] RDX: 0000000000000001 RSI: 0000000020000140 RDI: 0000000000000006
[  361.142499][ T9287] RBP: 00007fc7e8468090 R08: 0000000000000000 R09: 0000000000000000
[  361.150474][ T9287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  361.158463][ T9287] R13: 0000000000000000 R14: 00007fc7e7775fa0 R15: 00007ffffd4dada8
[  361.166457][ T9287]  </TASK>
[  361.213724][ T5131] Bluetooth: hci0: command tx timeout
[  361.279111][ T9294] netlink: 32 bytes leftover after parsing attributes in process `syz.4.814'.
[  361.295924][ T2992] hsr_slave_0: left promiscuous mode
[  361.310411][ T2992] hsr_slave_1: left promiscuous mode
[  361.325068][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  361.333662][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  361.455956][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  361.615841][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  362.185154][ T2992] veth1_macvtap: left promiscuous mode
[  362.191707][ T2992] veth0_macvtap: left promiscuous mode
[  362.208498][ T2992] veth1_vlan: left promiscuous mode
[  362.214051][ T2992] veth0_vlan: left promiscuous mode
[  362.230579][ T9306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.819'.
[  362.295826][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.819'.
[  362.304860][ T9306] netlink: 32 bytes leftover after parsing attributes in process `syz.3.819'.
[  362.373500][ T5131] block nbd1: Receive control failed (result -107)
[  362.405798][ T9306] 
[  362.408186][ T9306] ======================================================
[  362.415371][ T9306] WARNING: possible circular locking dependency detected
[  362.422383][ T9306] 6.13.0-rc7-syzkaller-00189-g595523945be0 #0 Not tainted
[  362.429484][ T9306] ------------------------------------------------------
[  362.436496][ T9306] syz.3.819/9306 is trying to acquire lock:
[  362.442377][ T9306] ffff8880253c2e18 (&q->limits_lock){+.+.}-{4:4}, at: nbd_set_size+0x2e0/0x8f0
[  362.451355][ T9306] 
[  362.451355][ T9306] but task is already holding lock:
[  362.459331][ T9306] ffff8880253c27c8 (&q->q_usage_counter(io)#50){++++}-{0:0}, at: nbd_set_size+0xe0/0x8f0
[  362.469182][ T9306] 
[  362.469182][ T9306] which lock already depends on the new lock.
[  362.469182][ T9306] 
[  362.479577][ T9306] 
[  362.479577][ T9306] the existing dependency chain (in reverse order) is:
[  362.488674][ T9306] 
[  362.488674][ T9306] -> #5 (&q->q_usage_counter(io)#50){++++}-{0:0}:
[  362.497282][ T9306]        lock_acquire+0x1ed/0x550
[  362.502313][ T9306]        blk_mq_submit_bio+0x1536/0x2390
[  362.507942][ T9306]        __submit_bio+0x2c6/0x560
[  362.512964][ T9306]        submit_bio_noacct_nocheck+0x4d3/0xe30
[  362.519112][ T9306]        block_read_full_folio+0x9b3/0xae0
[  362.524914][ T9306]        filemap_read_folio+0x148/0x3b0
[  362.530456][ T9306]        filemap_get_pages+0x18ca/0x2080
[  362.536116][ T9306]        filemap_read+0x452/0xf50
[  362.541139][ T9306]        blkdev_read_iter+0x2d8/0x430
[  362.546507][ T9306]        vfs_read+0x991/0xb70
[  362.551186][ T9306]        ksys_read+0x18f/0x2b0
[  362.555942][ T9306]        do_syscall_64+0xf3/0x230
[  362.560958][ T9306]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.567383][ T9306] 
[  362.567383][ T9306] -> #4 (mapping.invalidate_lock#2){++++}-{4:4}:
[  362.576087][ T9306]        lock_acquire+0x1ed/0x550
[  362.581147][ T9306]        down_read+0xb1/0xa40
[  362.585908][ T9306]        filemap_fault+0x615/0x1490
[  362.591097][ T9306]        __do_fault+0x135/0x390
[  362.595948][ T9306]        handle_pte_fault+0xcab/0x5ed0
[  362.601404][ T9306]        handle_mm_fault+0x1053/0x1ad0
[  362.606859][ T9306]        __get_user_pages+0x1c82/0x49e0
[  362.612421][ T9306]        faultin_page_range+0x4e7/0x850
[  362.618104][ T9306]        do_madvise+0x6e5/0x4d10
[  362.623143][ T9306]        __x64_sys_madvise+0xa6/0xc0
[  362.629416][ T9306]        do_syscall_64+0xf3/0x230
[  362.634874][ T9306]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.641840][ T9306] 
[  362.641840][ T9306] -> #3 (&mm->mmap_lock){++++}-{4:4}:
[  362.649624][ T9306]        lock_acquire+0x1ed/0x550
[  362.655032][ T9306]        __might_fault+0xc6/0x120
[  362.660078][ T9306]        _copy_from_user+0x2a/0xc0
[  362.665194][ T9306]        blk_trace_setup+0xd2/0x1e0
[  362.670412][ T9306]        sg_ioctl+0xa46/0x2e80
[  362.675189][ T9306]        __se_sys_ioctl+0xf5/0x170
[  362.680583][ T9306]        do_syscall_64+0xf3/0x230
[  362.685615][ T9306]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.692044][ T9306] 
[  362.692044][ T9306] -> #2 (&q->debugfs_mutex){+.+.}-{4:4}:
[  362.699870][ T9306]        lock_acquire+0x1ed/0x550
[  362.704900][ T9306]        __mutex_lock+0x1ac/0xee0
[  362.709926][ T9306]        blk_mq_init_sched+0x3fa/0x830
[  362.715383][ T9306]        elevator_init_mq+0x20e/0x320
[  362.720754][ T9306]        add_disk_fwnode+0x10d/0xf80
[  362.726035][ T9306]        sd_probe+0xba6/0x1100
[  362.730791][ T9306]        really_probe+0x2b8/0xad0
[  362.735805][ T9306]        __driver_probe_device+0x1a2/0x390
[  362.741610][ T9306]        driver_probe_device+0x50/0x430
[  362.747256][ T9306]        __device_attach_driver+0x2d6/0x530
[  362.753173][ T9306]        bus_for_each_drv+0x24e/0x2e0
[  362.758545][ T9306]        __device_attach_async_helper+0x22d/0x300
[  362.764955][ T9306]        async_run_entry_fn+0xa8/0x420
[  362.770415][ T9306]        process_scheduled_works+0xa66/0x1840
[  362.776485][ T9306]        worker_thread+0x870/0xd30
[  362.781626][ T9306]        kthread+0x2f0/0x390
[  362.786215][ T9306]        ret_from_fork+0x4b/0x80
[  362.791147][ T9306]        ret_from_fork_asm+0x1a/0x30
[  362.796700][ T9306] 
[  362.796700][ T9306] -> #1 (&q->q_usage_counter(queue)#50){++++}-{0:0}:
[  362.805569][ T9306]        lock_acquire+0x1ed/0x550
[  362.810616][ T9306]        blk_queue_enter+0xe1/0x600
[  362.815923][ T9306]        blk_mq_alloc_request+0x4fa/0xaa0
[  362.821663][ T9306]        scsi_execute_cmd+0x16c/0x10e0
[  362.827217][ T9306]        read_capacity_16+0x2b4/0x1450
[  362.832765][ T9306]        sd_revalidate_disk+0x1013/0xbce0
[  362.838747][ T9306]        sd_probe+0x9fa/0x1100
[  362.843511][ T9306]        really_probe+0x2b8/0xad0
[  362.848536][ T9306]        __driver_probe_device+0x1a2/0x390
[  362.854454][ T9306]        driver_probe_device+0x50/0x430
[  362.860003][ T9306]        __device_attach_driver+0x2d6/0x530
[  362.866714][ T9306]        bus_for_each_drv+0x24e/0x2e0
[  362.872271][ T9306]        __device_attach_async_helper+0x22d/0x300
[  362.878769][ T9306]        async_run_entry_fn+0xa8/0x420
[  362.884227][ T9306]        process_scheduled_works+0xa66/0x1840
[  362.890297][ T9306]        worker_thread+0x870/0xd30
[  362.895399][ T9306]        kthread+0x2f0/0x390
[  362.899992][ T9306]        ret_from_fork+0x4b/0x80
[  362.904922][ T9306]        ret_from_fork_asm+0x1a/0x30
[  362.910208][ T9306] 
[  362.910208][ T9306] -> #0 (&q->limits_lock){+.+.}-{4:4}:
[  362.917946][ T9306]        validate_chain+0x18ef/0x5920
[  362.923342][ T9306]        __lock_acquire+0x1397/0x2100
[  362.928807][ T9306]        lock_acquire+0x1ed/0x550
[  362.934267][ T9306]        __mutex_lock+0x1ac/0xee0
[  362.939577][ T9306]        nbd_set_size+0x2e0/0x8f0
[  362.944601][ T9306]        nbd_genl_connect+0x157c/0x1c80
[  362.950328][ T9306]        genl_rcv_msg+0xb14/0xec0
[  362.955351][ T9306]        netlink_rcv_skb+0x1e3/0x430
[  362.960647][ T9306]        genl_rcv+0x28/0x40
[  362.965236][ T9306]        netlink_unicast+0x7f6/0x990
[  362.970516][ T9306]        netlink_sendmsg+0x8e4/0xcb0
[  362.975796][ T9306]        __sock_sendmsg+0x221/0x270
[  362.981039][ T9306]        ____sys_sendmsg+0x52a/0x7e0
[  362.986322][ T9306]        __sys_sendmsg+0x269/0x350
[  362.991424][ T9306]        do_syscall_64+0xf3/0x230
[  362.996441][ T9306]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.002864][ T9306] 
[  363.002864][ T9306] other info that might help us debug this:
[  363.002864][ T9306] 
[  363.013520][ T9306] Chain exists of:
[  363.013520][ T9306]   &q->limits_lock --> mapping.invalidate_lock#2 --> &q->q_usage_counter(io)#50
[  363.013520][ T9306] 
[  363.028400][ T9306]  Possible unsafe locking scenario:
[  363.028400][ T9306] 
[  363.035844][ T9306]        CPU0                    CPU1
[  363.041312][ T9306]        ----                    ----
[  363.046669][ T9306]   lock(&q->q_usage_counter(io)#50);
[  363.052147][ T9306]                                lock(mapping.invalidate_lock#2);
[  363.059954][ T9306]                                lock(&q->q_usage_counter(io)#50);
[  363.067901][ T9306]   lock(&q->limits_lock);
[  363.072489][ T9306] 
[  363.072489][ T9306]  *** DEADLOCK ***
[  363.072489][ T9306] 
[  363.080713][ T9306] 5 locks held by syz.3.819/9306:
[  363.085727][ T9306]  #0: ffffffff8fd03730 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  363.094266][ T9306]  #1: ffffffff8fd035e8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  363.103237][ T9306]  #2: ffff8880258a4198 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_connect+0xc26/0x1c80
[  363.113533][ T9306]  #3: ffff8880253c27c8 (&q->q_usage_counter(io)#50){++++}-{0:0}, at: nbd_set_size+0xe0/0x8f0
[  363.123928][ T9306]  #4: ffff8880253c2800 (&q->q_usage_counter(queue)#34){+.+.}-{0:0}, at: nbd_set_size+0xe0/0x8f0
[  363.134508][ T9306] 
[  363.134508][ T9306] stack backtrace:
[  363.140392][ T9306] CPU: 0 UID: 0 PID: 9306 Comm: syz.3.819 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  363.151060][ T9306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  363.161199][ T9306] Call Trace:
[  363.164473][ T9306]  <TASK>
[  363.167403][ T9306]  dump_stack_lvl+0x241/0x360
[  363.172086][ T9306]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.177411][ T9306]  ? __pfx__printk+0x10/0x10
[  363.182054][ T9306]  print_circular_bug+0x13a/0x1b0
[  363.187084][ T9306]  check_noncircular+0x36a/0x4a0
[  363.192034][ T9306]  ? __pfx_check_noncircular+0x10/0x10
[  363.197502][ T9306]  ? lockdep_lock+0x123/0x2b0
[  363.202204][ T9306]  validate_chain+0x18ef/0x5920
[  363.207075][ T9306]  ? __pfx_validate_chain+0x10/0x10
[  363.212298][ T9306]  ? mark_lock+0x9a/0x360
[  363.217061][ T9306]  __lock_acquire+0x1397/0x2100
[  363.221914][ T9306]  lock_acquire+0x1ed/0x550
[  363.226411][ T9306]  ? nbd_set_size+0x2e0/0x8f0
[  363.231090][ T9306]  ? __pfx_lock_acquire+0x10/0x10
[  363.236201][ T9306]  ? mark_lock+0x9a/0x360
[  363.240529][ T9306]  ? __pfx___might_resched+0x10/0x10
[  363.245814][ T9306]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  363.251788][ T9306]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  363.258229][ T9306]  __mutex_lock+0x1ac/0xee0
[  363.263284][ T9306]  ? nbd_set_size+0x2e0/0x8f0
[  363.268056][ T9306]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  363.274044][ T9306]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  363.280639][ T9306]  ? finish_wait+0xd4/0x1e0
[  363.285141][ T9306]  ? nbd_set_size+0x2e0/0x8f0
[  363.290008][ T9306]  ? __pfx___mutex_lock+0x10/0x10
[  363.295129][ T9306]  ? blk_mq_freeze_queue_wait+0x132/0x190
[  363.300854][ T9306]  ? __pfx_blk_mq_freeze_queue_wait+0x10/0x10
[  363.306942][ T9306]  ? percpu_ref_kill_and_confirm+0xa0/0x130
[  363.312860][ T9306]  ? nbd_set_size+0xe0/0x8f0
[  363.317473][ T9306]  nbd_set_size+0x2e0/0x8f0
[  363.322005][ T9306]  ? queue_work_on+0x1e3/0x380
[  363.326764][ T9306]  ? lockdep_hardirqs_on+0x99/0x150
[  363.331962][ T9306]  ? __pfx_nbd_set_size+0x10/0x10
[  363.336990][ T9306]  ? __pfx_queue_work_on+0x10/0x10
[  363.342095][ T9306]  ? rcu_read_lock_any_held+0xb7/0x160
[  363.347580][ T9306]  ? nbd_start_device+0x86f/0xaa0
[  363.352634][ T9306]  nbd_genl_connect+0x157c/0x1c80
[  363.357687][ T9306]  ? __pfx_nbd_genl_connect+0x10/0x10
[  363.363160][ T9306]  ? __nla_parse+0x40/0x60
[  363.367587][ T9306]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  363.373922][ T9306]  genl_rcv_msg+0xb14/0xec0
[  363.378435][ T9306]  ? __pfx_genl_rcv_msg+0x10/0x10
[  363.383466][ T9306]  ? __pfx_lock_acquire+0x10/0x10
[  363.388486][ T9306]  ? __pfx_nbd_genl_connect+0x10/0x10
[  363.393883][ T9306]  ? __pfx___might_resched+0x10/0x10
[  363.399197][ T9306]  netlink_rcv_skb+0x1e3/0x430
[  363.404009][ T9306]  ? __pfx_genl_rcv_msg+0x10/0x10
[  363.409055][ T9306]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  363.414362][ T9306]  genl_rcv+0x28/0x40
[  363.418346][ T9306]  netlink_unicast+0x7f6/0x990
[  363.423121][ T9306]  ? __pfx_netlink_unicast+0x10/0x10
[  363.428404][ T9306]  ? __virt_addr_valid+0x45f/0x530
[  363.433524][ T9306]  ? __phys_addr_symbol+0x2f/0x70
[  363.438545][ T9306]  ? __check_object_size+0x47a/0x730
[  363.443835][ T9306]  netlink_sendmsg+0x8e4/0xcb0
[  363.448604][ T9306]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.453898][ T9306]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.459179][ T9306]  __sock_sendmsg+0x221/0x270
[  363.463880][ T9306]  ____sys_sendmsg+0x52a/0x7e0
[  363.468670][ T9306]  ? __pfx_____sys_sendmsg+0x10/0x10
[  363.473992][ T9306]  ? __fget_files+0x2a/0x410
[  363.478583][ T9306]  ? __fget_files+0x2a/0x410
[  363.483173][ T9306]  __sys_sendmsg+0x269/0x350
[  363.487762][ T9306]  ? __pfx___sys_sendmsg+0x10/0x10
[  363.492882][ T9306]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  363.499221][ T9306]  ? do_syscall_64+0x100/0x230
[  363.504072][ T9306]  ? do_syscall_64+0xb6/0x230
[  363.508850][ T9306]  do_syscall_64+0xf3/0x230
[  363.513526][ T9306]  ? clear_bhb_loop+0x35/0x90
[  363.518221][ T9306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.524218][ T9306] RIP: 0033:0x7fc7e7585d29
[  363.528636][ T9306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.548416][ T9306] RSP: 002b:00007fc7e8468038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.556830][ T9306] RAX: ffffffffffffffda RBX: 00007fc7e7775fa0 RCX: 00007fc7e7585d29
[  363.564809][ T9306] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 000000000000000a
[  363.572780][ T9306] RBP: 00007fc7e7601b08 R08: 0000000000000000 R09: 0000000000000000
[  363.580768][ T9306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  363.588743][ T9306] R13: 0000000000000000 R14: 00007fc7e7775fa0 R15: 00007ffffd4dada8
[  363.596721][ T9306]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  363.636388][ T5131] Bluetooth: hci0: command tx timeout
[  363.690319][ T9306] nbd1: detected capacity change from 0 to 256
[  364.240922][ T2992] team0 (unregistering): Port device team_slave_1 removed
[  364.287302][ T2992] team0 (unregistering): Port device team_slave_0 removed
[  364.818991][ T9310] batadv0: entered promiscuous mode
[  364.824291][ T9310] macsec1: entered promiscuous mode
[  364.833539][ T9310] macsec1: entered allmulticast mode
[  364.838999][ T9310] batadv0: entered allmulticast mode
[  364.849270][ T9310] batadv0: left allmulticast mode
[  364.854477][ T9310] batadv0: left promiscuous mode
[  365.305346][ T2992] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  365.316170][ T2992] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.370332][ T2992] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  365.380875][ T2992] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.420530][ T2992] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  365.431030][ T2992] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.469347][ T2992] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  365.479874][ T2992] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.529798][ T2992] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.569381][ T2992] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.629629][ T2992] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.689315][ T2992] bond0: (slave netdevsim0): Releasing backup interface
[  365.697399][ T2992] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.759623][ T2992] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.770071][ T2992] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  365.818980][ T2992] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.829456][ T2992] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  365.881181][ T2992] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.891580][ T2992] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  365.948369][ T2992] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.958837][ T2992] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  366.018618][ T2992] bridge_slave_1: left allmulticast mode
[  366.024282][ T2992] bridge_slave_1: left promiscuous mode
[  366.030054][ T2992] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.038049][ T2992] bridge_slave_0: left allmulticast mode
[  366.043722][ T2992] bridge_slave_0: left promiscuous mode
[  366.049631][ T2992] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.058893][ T2992] bridge_slave_1: left allmulticast mode
[  366.064536][ T2992] bridge_slave_1: left promiscuous mode
[  366.070227][ T2992] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.079029][ T2992] bridge_slave_0: left allmulticast mode
[  366.085107][ T2992] bridge_slave_0: left promiscuous mode
[  366.091102][ T2992] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.100054][ T2992] bridge_slave_1: left allmulticast mode
[  366.105768][ T2992] bridge_slave_1: left promiscuous mode
[  366.111421][ T2992] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.120516][ T2992] bridge_slave_0: left allmulticast mode
[  366.126765][ T2992] bridge_slave_0: left promiscuous mode
[  366.132423][ T2992] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.164811][ T2992] gretap0: left allmulticast mode
[  366.471025][ T2992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  366.481009][ T2992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  366.492260][ T2992] bond0 (unregistering): Released all slaves
[  366.507090][ T2992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  366.517911][ T2992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  366.528535][ T2992] bond0 (unregistering): Released all slaves
[  366.671964][ T2992] bond1 (unregistering): Released all slaves
[  367.109838][ T2992] hsr_slave_0: left promiscuous mode
[  367.116709][ T2992] hsr_slave_1: left promiscuous mode
[  367.122474][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  367.131335][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.139531][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  367.147505][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  367.157296][ T2992] hsr_slave_0: left promiscuous mode
[  367.163052][ T2992] hsr_slave_1: left promiscuous mode
[  367.169090][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  367.176699][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.184368][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  367.191904][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  367.201411][ T2992] hsr_slave_0: left promiscuous mode
[  367.207488][ T2992] hsr_slave_1: left promiscuous mode
[  367.213325][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  367.220937][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.228796][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  367.237524][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  367.248323][ T2992] veth1_macvtap: left promiscuous mode
[  367.253822][ T2992] veth0_macvtap: left promiscuous mode
[  367.259994][ T2992] veth1_vlan: left promiscuous mode
[  367.265334][ T2992] veth0_vlan: left promiscuous mode
[  367.271111][ T2992] batadv0: left promiscuous mode
[  367.276251][ T2992] veth1_macvtap: left promiscuous mode
[  367.281763][ T2992] veth0_macvtap: left promiscuous mode
[  367.288009][ T2992] veth1_macvtap: left promiscuous mode
[  367.293754][ T2992] veth0_macvtap: left promiscuous mode
[  367.299407][ T2992] veth1_vlan: left promiscuous mode
[  367.304710][ T2992] veth0_vlan: left promiscuous mode
[  367.504704][ T2992] team0 (unregistering): Port device team_slave_1 removed
[  367.537191][ T2992] team0 (unregistering): Port device team_slave_0 removed
[  367.700402][ T2992] team0 (unregistering): Port device team_slave_1 removed
[  367.731528][ T2992] team0 (unregistering): Port device team_slave_0 removed
[  367.847918][ T2992] pimreg (unregistering): left allmulticast mode
[  367.939150][ T2992] team0 (unregistering): Port device team_slave_1 removed
[  367.972111][ T2992] team0 (unregistering): Port device team_slave_0 removed
[  368.691489][ T2992] IPVS: stop unused estimator thread 0...
[  368.698109][ T2992] IPVS: stop unused estimator thread 0...