last executing test programs:

45.549744731s ago: executing program 1 (id=51):
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000000000)={{0x0, 0x0, 0x80}})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002080)={0x1b, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2ed69828, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000002180)={0xffffffffffffffff, 0x58, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000021c0)=@base={0x10, 0x5e, 0x6, 0x9, 0x100, r0, 0xff, '\x00', r1, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r3, 0x6, 0x1c, &(0x7f0000002240)=""/135, &(0x7f0000002300)=0x87)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000001, 0x4000010, r0, 0x64628000)
r4 = open(&(0x7f0000002340)='./file0\x00', 0x80000, 0x5e)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r4, 0x3304)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000023c0), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000002400)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_PMK(r4, &(0x7f0000002540)={&(0x7f0000002380), 0xc, &(0x7f0000002500)={&(0x7f0000002440)={0x8c, r5, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "02b5e124bdc13f7d0dde78b3147c15f5"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "54fed2fc75d9134b0be7eb2e68b94fce"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "de851d6406ecd99d5e621c0c0cb8b3d7"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMK={0x14, 0xfe, "92b605f6b53744b67500ca51b69f5d20"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "ac18892d8b854ee654333517e1c9845e"}]}, 0x8c}, 0x1, 0x0, 0x0, 0x810}, 0x881)
write$binfmt_misc(r3, &(0x7f0000002580)={'syz1', "45de957e44e1d0dba757c76e612b325b835acc7cc76853e709989aadada702e4fab173004f5e620aa85fc3bad0112dedb572b4fb4ac71bbc3681c142693cebf442f98720c01b4780c4858710060380a0b671c8792cd0f321922f7669a25ab1aee80258ebd19806e99b4109de64cb3e2de57f1f819fc52993f1c7c41b05e3a199db20ec132e1f41512a533c34c4652955935a5c56ed959821e062c386158827037eb74145aa1c8c4b621a4101ccd8d8953c024b69c69b671a0432fd5bca273c67bc63517c393783c33da3fb510595bc3f1d2a1597b95116"}, 0xdb)
readv(r2, &(0x7f0000002b80)=[{&(0x7f0000002680)=""/210, 0xd2}, {&(0x7f0000002780)=""/83, 0x53}, {&(0x7f0000002800)=""/5, 0x5}, {&(0x7f0000002840)=""/2, 0x2}, {&(0x7f0000002880)=""/224, 0xe0}, {&(0x7f0000002980)=""/142, 0x8e}, {&(0x7f0000002a40)=""/242, 0xf2}, {&(0x7f0000002b40)=""/7, 0x7}], 0x8)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000002c00))
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000002c40)={0x4, {{0x2, 0x4e20, @local}}, 0x1, 0x4, [{{0x2, 0x4e23, @remote}}, {{0x2, 0x4e20, @private=0xa010100}}, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {{0x2, 0x4e24, @local}}]}, 0x290)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000003040)={&(0x7f0000002f00)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000003000)={&(0x7f0000002f80)={0x60, 0x0, 0x12, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x1ff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x6}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x3}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0xd}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'batadv0\x00'}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xf3}]}, 0x60}, 0x1, 0x0, 0x0, 0x40011}, 0x0)
syz_usb_connect$cdc_ecm(0x3, 0x8b, &(0x7f0000003080)={{0x12, 0x1, 0xcebf7a7f12fb1e8f, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x79, 0x1, 0x1, 0x3, 0x40, 0xd7, [{{0x9, 0x4, 0x0, 0x81, 0x2, 0x2, 0x6, 0x0, 0x4, {{0xa, 0x24, 0x6, 0x0, 0x0, "8067d226dc"}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x6bb7, 0xfbc9, 0x1}, [@mdlm={0x15, 0x24, 0x12, 0xfc00}, @obex={0x5, 0x24, 0x15, 0x25}, @mbim_extended={0x8, 0x24, 0x1c, 0x6, 0x82, 0x7}, @country_functional={0xe, 0x24, 0x7, 0x4, 0x8, [0x4, 0x2, 0xc, 0x61]}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x8, 0x6, 0x25, 0x10}}], {{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x80, 0x7, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x4, 0x8, 0x3}}}}}]}}]}}, &(0x7f0000003340)={0xa, &(0x7f0000003140)={0xa, 0x6, 0x300, 0x5, 0x91, 0xe, 0x10, 0x8}, 0x43, &(0x7f0000003180)={0x5, 0xf, 0x43, 0x4, [@ssp_cap={0x1c, 0x10, 0xa, 0x8, 0x4, 0x9, 0x1ef00, 0x5, [0x0, 0x0, 0x0, 0x0]}, @wireless={0xb, 0x10, 0x1, 0x4, 0x12, 0xfd, 0x8, 0x9, 0xba}, @ssp_cap={0x14, 0x10, 0xa, 0x7, 0x2, 0xa, 0xf00f, 0x7ff, [0xc030, 0xff00f0]}, @ptm_cap={0x3}]}, 0x3, [{0x56, &(0x7f0000003200)=@string={0x56, 0x3, "9bf9a732c5c359ba33d381e7d6b051358bcd163acfd2ff7b624c8aedfdbb41140502c90066ba997aed0bd72aa302678dca412d42446abd62f8cbe52a11f0c8318b12e83ce82700bd89c767e22a589f76c5243145"}}, {0x4, &(0x7f0000003280)=@lang_id={0x4, 0x3, 0x426}}, {0x5c, &(0x7f00000032c0)=@string={0x5c, 0x3, "c237f2bc3a397130cb65fe7ebc59c31dddd665a54c43bad5013931f75b7852c1f765270a2168aea8f143d175285dcea749849cadc5d45979ebe7fb780770b8276808d3f06eb001287ab45222bd9a519f1dcd5e7d358bb0e26c93"}}]})
preadv(r0, &(0x7f0000004440)=[{&(0x7f0000003380)=""/66, 0x42}, {&(0x7f0000003400)=""/57, 0x39}, {&(0x7f0000003440)=""/4096, 0x1000}], 0x3, 0x7fffffff, 0x136e7c20)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000004480)={<r7=>0x0}, &(0x7f00000044c0)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r4, 0x84, 0x78, &(0x7f0000004500)=r7, 0x4)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000004580)={0x3, 0x0, &(0x7f0000004540)=[<r8=>0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000004700)={&(0x7f00000045c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000004600)=[{}], &(0x7f0000004680)=[0x0, <r9=>0x0, 0x0], &(0x7f00000046c0)=[0x0, 0x0, 0x0, 0x0], 0x1, 0x3, 0x5})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r4, 0xc01864ba, &(0x7f0000004780)={0x0, r8, r9, 0xcccccccc})
sendmsg$DEVLINK_CMD_TRAP_SET(r4, &(0x7f0000004980)={&(0x7f00000047c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000004940)={&(0x7f0000004800)={0x118, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x118}, 0x1, 0x0, 0x0, 0x6f3eee6156f2b94b}, 0x8000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f00000049c0))
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000004a00)={'wlan1\x00'})
syz_usb_connect$uac1(0x6, 0xb2, &(0x7f0000004a40)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa0, 0x3, 0x1, 0x6, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xfdb, 0x2}, [@extension_unit={0x9, 0x24, 0x8, 0x4, 0x10, 0x5, '\f@'}, @extension_unit={0x9, 0x24, 0x8, 0x3, 0x40, 0xf, "a64d"}, @extension_unit={0xd, 0x24, 0x8, 0x4, 0x100, 0x1, "2a7a301dbefb"}, @extension_unit={0x9, 0x24, 0x8, 0x5, 0x51, 0x6, "fec3"}, @input_terminal={0xc, 0x24, 0x2, 0x1, 0x205, 0x3, 0x7, 0x0, 0x40, 0xff}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x7, 0x9, 0x7, {0x7, 0x25, 0x1, 0x80, 0x3, 0x2}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0x57, 0x2, 0x7, 0x9, "de8366a5d6"}]}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x9, 0xd, 0x9, {0x7, 0x25, 0x1, 0x80, 0xf, 0x6}}}}}}}]}}, &(0x7f0000004d80)={0xa, &(0x7f0000004b00)={0xa, 0x6, 0x250, 0x5, 0x3, 0x6b, 0x10, 0xf8}, 0x38, &(0x7f0000004b40)={0x5, 0xf, 0x38, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x6, "bc67134611dda6fb197af053a3660e5a"}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "f0bc906e3af7181823b86ecaaf32b485"}, @wireless={0xb, 0x10, 0x1, 0xc942493ff42d1a36, 0x10, 0x7, 0x1, 0x0, 0x7f}]}, 0x8, [{0x4, &(0x7f0000004b80)=@lang_id={0x4, 0x3, 0x44a}}, {0x4, &(0x7f0000004bc0)=@lang_id={0x4, 0x3, 0x414}}, {0x4, &(0x7f0000004c00)=@lang_id={0x4, 0x3, 0xb3f18ecfa4a46a7d}}, {0x4, &(0x7f0000004c40)=@lang_id={0x4, 0x3, 0x1404}}, {0x4, &(0x7f0000004c80)=@lang_id={0x4, 0x3, 0x4001}}, {0x4, &(0x7f0000004cc0)=@lang_id={0x4, 0x3, 0x861}}, {0x29, &(0x7f0000004d00)=@string={0x29, 0x3, "1b2f58e0210771dc288ea4a81136afc47d18733e8930e74e01a7e879743a1e6ff6b784d91b91db"}}, {0x2f, &(0x7f0000004d40)=@string={0x2f, 0x3, "9336c70aa6dcfda2f26eb9d036ed45192557980f407d036288f2a4499fad3dd26989c09dbe9af2cc631497a00c"}}]})
ioctl$SNAPSHOT_S2RAM(r4, 0x330b)

44.345265276s ago: executing program 4 (id=56):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3}, [{0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfffffffc}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x28, 0x32, 0x6dd711a25f4cb68b, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x28}}, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
r7 = syz_open_procfs(r6, &(0x7f00000020c0)='autogroup\x00')
read$FUSE(r7, &(0x7f0000000080)={0x2020}, 0x2020)
write$FUSE_NOTIFY_DELETE(r7, &(0x7f0000000000)={0x2a, 0x6, 0x0, {0x6, 0x5, 0x1, 0x0, '.'}}, 0x2a)

43.681988053s ago: executing program 1 (id=57):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x48}}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x2, 0x81000000}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x52}, 0x20)

43.388776052s ago: executing program 1 (id=58):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c)
setsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r7, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r7, &(0x7f0000000080)='D', 0x1, 0x1, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x7ffffffff000)

42.255276521s ago: executing program 1 (id=60):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000540)={0x24, &(0x7f0000000180)={0x0, 0x0, 0xe, {0xe, 0x0, "349b1058a90765ea01c4ed96"}}, 0x0, 0x0, &(0x7f00000004c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x4, 0x9, 0x1, {0x22, 0xfeb}}}}, &(0x7f0000000740)={0x2c, &(0x7f0000000580)={0x40, 0x16, 0x48, "5e61ba09ae4df5d2eeba7efe722da1dc6e78bc9993e99aaaeb753a3425079cfb5ffa0a7781834c506988bded3ece6f589a300750839458161b41f5500441587f63201c5f6ad6551e"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000680)={0x20, 0x1, 0x62, "fd3b130c8301449f13a3f33d22c448a1073d965964dfd1e59839759ddd39e25c4a57f970c05512c6d89d593e7c7b2075747a1d51680f6fc924bcbc261c253b2bdfadc0fcf03c75adf173d727ed6fffa614e04d836d3803713f1e4ad27362001da258"}, &(0x7f0000000700)={0x20, 0x3, 0x1, 0x9}})
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f00009be000/0x4000)=nil)

41.102068995s ago: executing program 4 (id=62):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = accept4$unix(0xffffffffffffffff, &(0x7f00000006c0), &(0x7f0000000400)=0x6e, 0x80000)
sendmmsg(r2, &(0x7f00000026c0)=[{{&(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e21, @multicast1}, 0x1, 0x3, 0x2}}, 0x80, &(0x7f0000000800)=[{&(0x7f00000007c0)="428b530ef29f9bf41822c8dbc57d876e67b8b7b88548fd", 0x17}], 0x1}}, {{&(0x7f0000000840)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x0, 0x2, 0x0, {0xa, 0x4e24, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}}}}, 0x80, &(0x7f0000000e00)=[{&(0x7f00000008c0)="282a114e69b4fa6be4b7c97f9c94d9c7d73dcf3b0c61bf728a31fb1ee313239cf9e0ea66318e07818e40ab7dad1796181da68f7c0fbd28e7651687ebccfcb374f54eaabbf160", 0x46}, {&(0x7f0000000cc0)="234399ba203a788c7228ad8d4d74ab2ee21d1b7662f2072db851211026cb5ca235e7d8ae4fbc90815c43b8729f729892729d7178ce72", 0x36}, {&(0x7f0000000d40)}], 0x3, &(0x7f0000001f40)=ANY=[@ANYBLOB="8000000000000000110100000300000058e282abb165449feb45f14c9e1745075ed3f116a75a66c54615573a73a01d33d8fdc378ae12739c5d86ee2fef53fcf77a7e13c6fd974edcaf27c54ae78e2a041dcb37a6a311ae43c121ab62bc11524be5319b0ee1f5db65924f2071adfa4a399a3c5cdbca9928a8907c5fd54ccf000068000000000000001501000000000000fce12a0ea9c19f77151f7c52eca0ddddbb030851ed59e33ca5993f161bbc4574ac51e5bd5fbd0bf619635f1aef316bed8d28ed0dff8aeac94d8639a5138e03f35f2ee1e7fdf55da8b308686cde6d57ec000000000000b8000000000000003a000000060000009e068aba45eb92749da9524cfa3ddb6efe1ae23a687a2064c1bff4d3d2068ec36f1e08a590fb21456c7f57c76819b75c23ee911fb6696864e71ffa44fffbbf3768669a136fa0c7129b52569ff8c05fe77b014cc823050db8166612417672b8e4b2279ee6c50b143ca49a82de1596f476b905c4072ed138ec16433060ecf67a866333920b8679944ad455a4c4e957a96a81ffcc8282a2d67ed5ab893c163c4fb2b5f63a00000000009800000000000000ff000000f8ffffffdda41ac0adbf33056ca82b54ac027c2ea92591977c5acef4809e0ebe52e196fde4926836124023cdb3ec3f4f40b9eb7e0958287b7558982a9aa2a8019e95b031b2480948a6d03ab553e956d15cfbba3ac59cd11ec2ff60c5cf43be32c400255ead0b1eb276f1fbe6cb9957d1f44bad704513e033eaa63e9eedcb9bf1db7dfb00000000000000c80000000000000011000000100000008cfbc5047622fa2d60232c36fc72066d56fe1caef9c47037905739827f054fa3aa8834cf8aa49fd97225c2fca6d72f3eee148a4ca9fef333aa9b3ebb4b3e7f91e74800c1528d8f4d881519a32b8000b188426fa12ceba8d27d5077c63262195c0298da6e51c5e7c51297dadc491ef2de613ad9b4fdc428939743736c59f6402d1c205547db3c689d5de7f84f54365659c9ceb4c16940576852b927bc8b05d3eaf3f0eef077f3c0f7fa8633b2d1c7fd25d900000000000000000100000000000012010000758400003c678e510a76d2489b0629d1dee377f3616cf1d94da7dba2798c22cb514d1eb27f64cc0416411af27fca045cae5aa4d78f713553669ca2b1016d5cd8b43d28d894e87715220fc6b7323f6d87748fda71b4654f70cd6ce30167844dcc307f9e3e4da217cec04c004f2b7d7beaae1f29589c9ee863a2cda587da42ec4626bd66cc0211f4a24dbbc70799c3a6bc8427ca9646fa01005ce5401fae03f27e7e8a4b7a44b18401a60a9285bb421e188a6285b8b954c3f7c1e95311b0e818a593f2b0303354d3f3be6724620e58a357af11f3781f42b314cb01e0006fcb2e1fe46597664763d3c391d922fca1d17d88b146b646bf493a259dd262efcc4d00000000d0000000000000000d010000ff010000427a9c5cb1877c503a3b15db4f4aad52ee85f56277731a9b8e7de96cf525377f07ce0b96790a3823f5de87b708f7cc6d39f5e6f0bfd2ec2d71d2466201fbd38329920b27296147e426d02b21d26ff5ca2d76c6f4034edfd0d9337e2846d558d0ffd90fa73dc779314311610aab9209b41f2a83ad91ffc35d7012a33d2d6d581f02a26e77d07ab9802990ea96d4e8e185bbc5e82ae4148901bdde8ef0da01fba8453f5039a198347c2342bf06777fdf6e80d10000"], 0x4d0}}, {{&(0x7f0000000e40)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-neon\x00'}, 0x80, 0x0, 0x0, &(0x7f0000002480)=[{0x20, 0x112, 0xff, "824141f5d5fbb0b243c13c17ba7e"}, {0x68, 0x11, 0x8, "8147f2cd9e60a8192fde5be8128d7ffbbba74892fc29c1c0e84ec74ca52c6027ed646e6f1cd1d2b236240013ea2ddb64c4f41cb3661b876d84d77f62689f59a8793f317b03635c97dfaafa73fa5c6b08ac89b16fcbf2f505"}, {0xe0, 0x101, 0x7, "7fe76b5700aeb08668d432fd7681998e89a773afe7d38a6bc39e322732fda00b0eabc0821617d8ab0dcd6fbe1bb1258c408e345b6f3ea96bfb1aa751b4fe451a0c7646764299a8d48dbc0b853c8f7a7887c268f499c99a21d47aaed79925c2e1c024f9c3d7afb925ecf2a67ef46f782731b4a7e7dd2415079e19b552cb896af52e287f195978191d80b7c02840c759b90ca1eb47dec651685d39865771b807f759058c42ac4df9437d5d1f7c0fa072767b30606b76a0f1ff253ffbd71abd49b709cda37a4112dfb2e2791541ada929"}], 0x168}}], 0x3, 0x40000)
ioctl$VIDIOC_G_PARM(r1, 0xc0cc5615, &(0x7f0000000180)={0x9, @capture={0x0, 0x1, {0x9, 0xc7cb}, 0xfffffff0, 0x7fffffff}})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x90, 0x30, 0x1, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ife={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x4}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4547de0ec70f3a97}}}}]}]}, 0x90}}, 0x0)

40.838050191s ago: executing program 4 (id=64):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYRES8=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
syz_pidfd_open(0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r3, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303020309006000000002000020d3"])
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180000005c1cfecdcdee00000000000000000000000085100000fdffffff9500"], &(0x7f0000000040)='syzkaller\x00', 0x4}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000035ae52700009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r4 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r4, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f0000002200)}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000d00)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000cc0)={<r5=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @local}, r5}}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

39.339335902s ago: executing program 4 (id=66):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000040)=0x2, 0x4)
read(r0, &(0x7f0000000440)=""/15, 0xf)

38.955033205s ago: executing program 1 (id=68):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000e07351e475a7c2454c5566b9f5fc083d8e1a76a74f9a5f1fd4855fd9d99911325e0a6cc52cdbcd1bdf2c7e260f29"], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0xc6, &(0x7f0000000300)=""/198}, 0x90)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918b", 0x11}], 0x1}, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r2 = dup(r1)
connect$inet(r2, &(0x7f0000000040)={0x27, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x60)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xd1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
setrlimit(0x0, &(0x7f00000002c0)={0x0, 0x3})
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
prlimit64(r3, 0x0, &(0x7f0000000100)={0x7}, &(0x7f0000000280))
r7 = epoll_create(0x6)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, 0x0)
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, r4, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff, 0x2})
close(r0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
r9 = fcntl$getown(r7, 0x9)
ioprio_get$pid(0x3, r9)

38.833330992s ago: executing program 4 (id=70):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c)
setsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r7, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r7, &(0x7f0000000080)='D', 0x1, 0x1, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x7ffffffff000)

37.557801679s ago: executing program 1 (id=71):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffebd}}, 0x1006)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="043e1f0a00c9000001aaaaaa"], 0x22)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000010000300"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000100140012800b00010067656e65766500000400028004001a80"], 0x38}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000180)={'sit0\x00', 0x0})
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f00000001c0)={@local, @multicast2}, &(0x7f0000000200)=0x4055)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000280)={<r6=>0x0, @local, @multicast1}, &(0x7f0000000300)=0xc)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYRES8, @ANYRES32=r8, @ANYRESOCT=r3], 0x6c}}, 0x4000)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r10=>0x0})
sendto$packet(r9, &(0x7f0000000000)="4dcdc7c6223e00000000ffff8137", 0xe, 0x0, &(0x7f0000000080)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @dev}, 0x14)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="30020000", @ANYRES16=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="140002006261746164765f736c6176655f30000008000100", @ANYRES32=0x0, @ANYRES32=r5, @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="7000018014000200766c616e31000000000000000000000014000200726f736530000000000000000000000008000100", @ANYRES32, @ANYBLOB="1400020064766d7270300000000000000000000014000200766c616e300000000000000000000000140002006e696376663000000000000000000000500001801400020070696d367265670000000000000000001400020064766d7270310000000000000000000008000300010000001400020070696d367265673000000000", @ANYRES32=r2, @ANYBLOB="200001801400020076657468305f766c616e00000000000008000100", @ANYRES32=r6, @ANYBLOB="440001801400020069703665727370616e3000000000000008000100", @ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRES32=r8, @ANYBLOB="0800030000000000140002006d6163766c616e3100000000000000", @ANYRES32=r10, @ANYBLOB="4f3e91f6bdc4b24e1ff106f10fbff5f45ba5e7d3f6276d7ec3c708c9b28ba4f474afadf0bdf6d611e4a73be8a4540458981edebbc0651e4bdb9a43a6c36c88a665674b4c1947fa1f30a9c7f19a4abd177939"], 0x230}, 0x1, 0x0, 0x0, 0x4040800}, 0x4044044)
sched_setaffinity(0x0, 0x0, 0x0)
r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240), 0x0, 0x3, 0x0)
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
r12 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00')
read$FUSE(r12, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x2020)
read$FUSE(r11, &(0x7f0000004180)={0x2020, 0x0, <r14=>0x0}, 0x2020)
write$FUSE_LK(r11, &(0x7f0000000000)={0x28, 0x0, r14, {{0x5, 0xbccf, 0x0, r13}}}, 0x28)

34.895434607s ago: executing program 4 (id=78):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3}, [{0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfffffffc}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x28, 0x32, 0x6dd711a25f4cb68b, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x28}}, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
r7 = syz_open_procfs(r6, &(0x7f00000020c0)='autogroup\x00')
read$FUSE(r7, &(0x7f0000000080)={0x2020}, 0x2020)
write$FUSE_NOTIFY_DELETE(r7, &(0x7f0000000000)={0x2a, 0x6, 0x0, {0x6, 0x5, 0x1, 0x0, '.'}}, 0x2a)

7.403813251s ago: executing program 3 (id=136):
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x2a060400)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x0, 0x0)

7.224399316s ago: executing program 3 (id=138):
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bab247412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a71a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f630664223626d9bf962cb3975dd53fee8e32f516b6aaae582289f00b08f9"], 0xd)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="042c1103c8000000000000000000000000000002d9e2ed8bf6077c57412763e8aa05000000000000000359242051549df872a70a9e5c3e25e810c5f1581c03"], 0x14)
pipe2(0x0, 0x80000)
write$evdev(0xffffffffffffffff, &(0x7f00000003c0)=[{{0x77359400}, 0x14, 0x9, 0x6}, {{0x0, 0x2710}, 0x0, 0x0, 0x42dbad0d}], 0x30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
syz_open_pts(0xffffffffffffffff, 0x408b03)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680)={0x2, 0x0, [{0x4, 0x1b, &(0x7f0000000000)=""/27}, {0x115001, 0xa3, &(0x7f0000001500)=""/163}]})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x1, 0x0, &(0x7f0000000340)=""/185, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x1)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0xfffffd5c)
write$rfkill(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x1}, 0x8)
socket$key(0xf, 0x3, 0x2)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x1, 0xfffffffb, &(0x7f0000000080)=""/31, 0x0, &(0x7f0000000500)=""/4085, 0x2})
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000080)=ANY=[], 0x14)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f0000000440), 0x0}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500), 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
sync()
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0)

5.867522454s ago: executing program 3 (id=141):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='veth0_to_bridge\x00', 0x10)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close(r0)

5.339986928s ago: executing program 3 (id=144):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="1f769a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000300)={0x0, 0x0, 0x2, "9c45"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000740)={0x34, &(0x7f0000000540)={0x0, 0x0, 0x2, "c44a"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000fc0)={0x84, &(0x7f0000000b40)={0x0, 0x0, 0x2, "aa4c"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)

2.410161857s ago: executing program 0 (id=149):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40084)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="08000500020000007c10fb68dc8b2cd2c4d2bcf4a1440f9500b536f4e7f9e399"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="913b3901000000fc2e3920"], 0x64}}, 0x0)

1.983782232s ago: executing program 2 (id=150):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x0, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f00000004c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0x2df)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0x0, 0x0, 0x0)

1.868442137s ago: executing program 0 (id=151):
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in6=@private2}}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r0 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0), 0x4)
socket(0x1, 0x803, 0x0)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

1.2098035s ago: executing program 0 (id=152):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000940)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x54583}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x4}]}, 0x44}}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty}}}], 0x20}}], 0x1, 0x0)

1.200708389s ago: executing program 3 (id=153):
getpeername(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = socket(0x0, 0x803, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r2 = io_uring_setup(0x4238, &(0x7f0000000000)={0x0, 0x0, 0x40})
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket(0x2, 0x80805, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
dup2(r4, r3)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000140)={r6}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000018c0)={r6, @in6={{0xa, 0x4e23, 0x3, @loopback, 0x7f}}, 0x5, 0x6, 0x27, 0x4, 0xc, 0x3, 0x7}, &(0x7f0000001980)=0x9c)
r7 = syz_open_procfs(0x0, &(0x7f0000000300)='net/dev_mcast\x00')
pread64(r7, &(0x7f0000000880)=""/4096, 0x1000, 0x400000000000004)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r8, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f00000005c0)=[{0x35, 0x0, 0x0, 0x9}, {0x34, 0x0, 0xfc, 0xe12b}, {0x16}]})
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f00000004c0)=[@ioring_restriction_register_op={0x0, 0x13}], 0x1)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r2, 0xc, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r2, 0x13, 0x0, 0x2)

910.226649ms ago: executing program 0 (id=154):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffffff, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x10, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af3653c001ac00800020004000200060000000464bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40012183, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
epoll_create(0x7ff)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)

858.99877ms ago: executing program 2 (id=155):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)={0x24, r2, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x24}}, 0x0)

691.827993ms ago: executing program 3 (id=156):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000840)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x7, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x73, 0xa, 0xff00}, [@call={0x1d, 0xa}, @map_fd={0x18, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x10, 0x0, 0x0, 0x25000000}, @generic]}, &(0x7f0000000140)='GPL\x00', 0xa, 0x95, &(0x7f0000000180)=""/149}, 0x90)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
connect$inet(r0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
dup3(r4, 0xffffffffffffffff, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

611.166387ms ago: executing program 2 (id=157):
syz_emit_ethernet(0x1c6, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60922ff50190210000000000000000000000ffeffffffffffe8000000000000000000000000000aa000000006402000011"], 0x0)

610.439278ms ago: executing program 0 (id=158):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.stat\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000240)={0x1d, r2, 0x2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000280)={0x1d, r2}, 0x18)
sendmmsg(r1, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff06, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r3}, 0x10)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r4, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xb80b}], 0x1}, 0x0)

471.950897ms ago: executing program 2 (id=159):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="85000000080000001f0000000000000085000000080000009500000000000000e135dee43f5d62cdaf5bb32c301264de232ce03ca49ba60071b592758143664bf8505b4845e336472821027a89dba77c8ea9b6ee1398ae73749be1537086ae214b648801a3f00174709ddccbce9ffab959b9042fc0dfcd37b7baa14007c92d4cf2d339bf000000000000000957476eac9cdac23d9c280569e2dbfa62118132000000000000c0dadcbdbfba95ec64e00d93bfada6b71d91340a4508bcd72d77eba909bd6a9d45359cf11ad81000fb0f5548ced9733ca0fe9d8ca129b42fea3551e5ca8cdad72f668dbfa9a21d9e8c4afb7203e71a4dcefc7a45ea63c8899caca26b63ddd0ddf5b45ad90b19879853bac503661a3069ba143e01ccbef34bdce3099f80a5ae740c01ffa4f0a207fa54f5112a341a195af0662cfbaa80fce27ae5abd0dfbd0fcdcf8b8c362667a67813555101d3f6abaaea73dcf70445c52f0a0354dab0acdc6955a5f2dae85280f9f5a66b411fafe99d8a79d24cc9cf88e456cc5cdda94eeda37b147d64d97abf7f34490200b00ed338864d7d9855f9ee3a194294c73491ec"], &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x44, 0x10, 0x0, 0x41}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)

329.460125ms ago: executing program 0 (id=160):
pipe(&(0x7f0000000140))
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2000000001010103000000000000008008000100000000000edf276886ba0f189ad6a38fafb8166c09f33a98dde6c76aa794983f77515a3f22c9e8fe9e55d42cf4c7e1986bf13ba292799069c5924beaffb58de1ec408dfcbb6c1d8887a5ef1793fd5699a2b89cd1c53b386ac3fd08"], 0x20}}, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000100000009500000000000000b6a1e05efa71fe532a7136c4ff27742e6139f2f1c301833b1cd7547f9f6ed77e29b5117c2554f258b5edc9b6e404f99c3de86522f113757eda211440b5b25a788640b6023b25459362f6"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c8, &(0x7f0000000100))
syz_emit_ethernet(0x32, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b24, &(0x7f0000000000)={'wlan0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='jbd2_handle_stats\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000170000009500000000000000ae3279d900fcffffffffffff18ff1bc6e82237bbbc038c201fab497a326633e6f4b1022cadd4496345884c0042"], &(0x7f0000000080)='GPL\x00'}, 0x90)

258.372795ms ago: executing program 2 (id=161):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x44, 0x0, 0x8, 0x401, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_TIMEWAIT={0x8}, @CTA_TIMEOUT_DCCP_PARTOPEN={0x8}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x44}}, 0x0)

0s ago: executing program 2 (id=162):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000200000000000000006b79009500000000000000"], &(0x7f00000001c0)='syzkaller\x00'}, 0x80)
r1 = socket$packet(0x11, 0x2, 0x300)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r0, r2, 0x25, 0x2, @val=@iter={0x0}}, 0x40)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.157' (ED25519) to the list of known hosts.
syzkaller login: [   69.238546][ T5076] cgroup: Unknown subsys name 'net'
[   69.406265][ T5076] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   71.101399][ T5076] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   71.691792][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[   71.700278][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[   73.552729][ T5091] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   73.562911][ T5095] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   73.586960][ T5102] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   73.597665][ T5102] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   73.604436][ T5103] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   73.606040][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   73.612431][ T5103] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   73.628310][ T5103] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   73.628520][ T5102] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   73.635656][ T5103] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   73.649800][ T5103] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   73.657265][ T5106] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   73.659221][ T5107] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   73.665929][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   73.672759][ T5107] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   73.678600][ T5106] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   73.686460][ T5107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   73.696181][ T5106] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   73.708812][ T5107] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   73.716298][ T5107] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   73.726050][ T5106] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   73.733711][ T5107] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   73.733816][ T5105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   73.750617][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   73.758248][ T5106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   73.759850][ T5102] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   73.766973][ T5105] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   73.774585][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   73.780040][ T5105] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   73.786959][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   74.371152][ T5089] chnl_net:caif_netlink_parms(): no params data found
[   74.497565][ T5086] chnl_net:caif_netlink_parms(): no params data found
[   74.567695][ T5093] chnl_net:caif_netlink_parms(): no params data found
[   74.661171][ T5096] chnl_net:caif_netlink_parms(): no params data found
[   74.696633][ T5087] chnl_net:caif_netlink_parms(): no params data found
[   74.727893][ T5089] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.735233][ T5089] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.744061][ T5089] bridge_slave_0: entered allmulticast mode
[   74.751538][ T5089] bridge_slave_0: entered promiscuous mode
[   74.792457][ T5089] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.799866][ T5089] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.807475][ T5089] bridge_slave_1: entered allmulticast mode
[   74.814506][ T5089] bridge_slave_1: entered promiscuous mode
[   74.842839][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.850194][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.857576][ T5086] bridge_slave_0: entered allmulticast mode
[   74.864662][ T5086] bridge_slave_0: entered promiscuous mode
[   74.926537][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.934375][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.942615][ T5086] bridge_slave_1: entered allmulticast mode
[   74.950770][ T5086] bridge_slave_1: entered promiscuous mode
[   74.992770][ T5089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.079893][ T5089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.106524][ T5093] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.113994][ T5093] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.121701][ T5093] bridge_slave_0: entered allmulticast mode
[   75.130717][ T5093] bridge_slave_0: entered promiscuous mode
[   75.140505][ T5093] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.147718][ T5093] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.154967][ T5093] bridge_slave_1: entered allmulticast mode
[   75.162541][ T5093] bridge_slave_1: entered promiscuous mode
[   75.172138][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.185212][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.224873][ T5089] team0: Port device team_slave_0 added
[   75.279053][ T5096] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.286299][ T5096] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.294357][ T5096] bridge_slave_0: entered allmulticast mode
[   75.302023][ T5096] bridge_slave_0: entered promiscuous mode
[   75.310405][ T5096] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.317692][ T5096] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.324870][ T5096] bridge_slave_1: entered allmulticast mode
[   75.332240][ T5096] bridge_slave_1: entered promiscuous mode
[   75.341494][ T5089] team0: Port device team_slave_1 added
[   75.361232][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.368447][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.375648][ T5087] bridge_slave_0: entered allmulticast mode
[   75.383852][ T5087] bridge_slave_0: entered promiscuous mode
[   75.409086][ T5086] team0: Port device team_slave_0 added
[   75.418158][ T5093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.471099][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.478728][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.486145][ T5087] bridge_slave_1: entered allmulticast mode
[   75.493645][ T5087] bridge_slave_1: entered promiscuous mode
[   75.514001][ T5086] team0: Port device team_slave_1 added
[   75.534209][ T5093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.574289][ T5089] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.581788][ T5089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.608481][ T5089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.660183][ T5096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.674226][ T5096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.684187][ T5089] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.692304][ T5089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.718537][ T5089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.739689][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.752608][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.762465][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.770586][ T5091] Bluetooth: hci0: command tx timeout
[   75.771823][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.802706][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.818384][ T5093] team0: Port device team_slave_0 added
[   75.847059][   T54] Bluetooth: hci1: command tx timeout
[   75.847418][ T5091] Bluetooth: hci4: command tx timeout
[   75.852822][   T54] Bluetooth: hci2: command tx timeout
[   75.858477][ T5097] Bluetooth: hci3: command tx timeout
[   75.876500][ T5096] team0: Port device team_slave_0 added
[   75.896493][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.903966][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.930165][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.943524][ T5093] team0: Port device team_slave_1 added
[   75.968741][ T5096] team0: Port device team_slave_1 added
[   75.994141][ T5087] team0: Port device team_slave_0 added
[   76.073360][ T5087] team0: Port device team_slave_1 added
[   76.092607][ T5093] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.100222][ T5093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.126953][ T5093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.143156][ T5089] hsr_slave_0: entered promiscuous mode
[   76.149766][ T5089] hsr_slave_1: entered promiscuous mode
[   76.171989][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.179792][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.206567][ T5096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.220615][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.227709][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.253720][ T5096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.283707][ T5093] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.291572][ T5093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.318851][ T5093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.365592][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.372721][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.399597][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.412756][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.419790][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.445847][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.500300][ T5086] hsr_slave_0: entered promiscuous mode
[   76.507320][ T5086] hsr_slave_1: entered promiscuous mode
[   76.513750][ T5086] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.521938][ T5086] Cannot create hsr debugfs directory
[   76.628453][ T5093] hsr_slave_0: entered promiscuous mode
[   76.635087][ T5093] hsr_slave_1: entered promiscuous mode
[   76.642767][ T5093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.650461][ T5093] Cannot create hsr debugfs directory
[   76.670148][ T5096] hsr_slave_0: entered promiscuous mode
[   76.676717][ T5096] hsr_slave_1: entered promiscuous mode
[   76.683220][ T5096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.691056][ T5096] Cannot create hsr debugfs directory
[   76.734780][ T5087] hsr_slave_0: entered promiscuous mode
[   76.741542][ T5087] hsr_slave_1: entered promiscuous mode
[   76.748719][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.756565][ T5087] Cannot create hsr debugfs directory
[   77.258912][ T5089] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   77.287417][ T5089] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   77.302176][ T5089] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   77.312861][ T5089] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   77.394923][ T5096] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   77.414190][ T5096] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   77.437979][ T5096] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   77.450272][ T5096] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   77.539250][ T5086] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.553406][ T5086] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.572823][ T5086] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   77.585415][ T5086] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   77.721091][ T5093] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   77.733949][ T5093] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   77.759509][ T5093] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   77.772906][ T5093] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   77.793044][ T5089] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.847899][   T54] Bluetooth: hci0: command tx timeout
[   77.884474][ T5089] 8021q: adding VLAN 0 to HW filter on device team0
[   77.925668][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.933286][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.937448][   T54] Bluetooth: hci4: command tx timeout
[   77.944952][ T5091] Bluetooth: hci3: command tx timeout
[   77.945894][ T5102] Bluetooth: hci1: command tx timeout
[   77.951890][ T5091] Bluetooth: hci2: command tx timeout
[   77.982201][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.989396][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.002119][ T5087] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   78.042270][ T5087] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   78.058967][ T5087] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   78.081397][ T5087] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   78.112787][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.138408][ T5096] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.208345][ T5096] 8021q: adding VLAN 0 to HW filter on device team0
[   78.274188][ T5086] 8021q: adding VLAN 0 to HW filter on device team0
[   78.293198][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.300413][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.311651][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.318877][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.329487][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.336812][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.422126][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.429341][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.560723][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.594916][ T5086] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   78.605963][ T5086] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.649979][ T5093] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.665814][ T5096] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.709022][ T5087] 8021q: adding VLAN 0 to HW filter on device team0
[   78.771651][ T5093] 8021q: adding VLAN 0 to HW filter on device team0
[   78.790639][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.797979][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.833020][ T5089] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.872995][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.880296][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.892485][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.899736][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.914114][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.921368][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.151374][ T5089] veth0_vlan: entered promiscuous mode
[   79.202456][ T5089] veth1_vlan: entered promiscuous mode
[   79.236384][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.421306][ T5096] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.465525][ T5089] veth0_macvtap: entered promiscuous mode
[   79.493719][ T5089] veth1_macvtap: entered promiscuous mode
[   79.504580][ T5086] veth0_vlan: entered promiscuous mode
[   79.542094][ T5086] veth1_vlan: entered promiscuous mode
[   79.558516][ T5089] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.582659][ T5093] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.602663][ T5089] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.638422][ T5089] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.653929][ T5089] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.663268][ T5089] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.674804][ T5089] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.715644][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.772387][ T5096] veth0_vlan: entered promiscuous mode
[   79.839213][ T5093] veth0_vlan: entered promiscuous mode
[   79.912855][ T5093] veth1_vlan: entered promiscuous mode
[   79.922020][ T5086] veth0_macvtap: entered promiscuous mode
[   79.928269][ T5102] Bluetooth: hci0: command tx timeout
[   79.943598][ T5096] veth1_vlan: entered promiscuous mode
[   79.970010][ T5086] veth1_macvtap: entered promiscuous mode
[   80.010138][ T5102] Bluetooth: hci2: command tx timeout
[   80.010158][ T5091] Bluetooth: hci1: command tx timeout
[   80.010201][ T5091] Bluetooth: hci4: command tx timeout
[   80.015603][ T5102] Bluetooth: hci3: command tx timeout
[   80.096351][ T5093] veth0_macvtap: entered promiscuous mode
[   80.123931][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.135302][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.138177][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.171798][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.184711][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.195917][ T5093] veth1_macvtap: entered promiscuous mode
[   80.232688][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.243245][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.258789][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.284333][ T5086] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.293664][ T5086] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.302972][ T5086] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.311900][ T5086] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.329995][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.338888][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.346102][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.366617][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.378194][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.388770][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.400395][ T5093] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.415160][ T5096] veth0_macvtap: entered promiscuous mode
[   80.439268][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.451299][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.461268][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.472319][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.485257][ T5093] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.494108][ T5096] veth1_macvtap: entered promiscuous mode
[   80.522219][ T5093] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.532386][ T5093] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.541609][ T5093] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.550460][ T5093] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.611450][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.634549][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.645396][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.656553][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.666537][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.677721][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.689941][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.720415][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.743029][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.753005][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.765259][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.778543][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.789548][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.802363][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.832003][ T5096] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.850482][ T5096] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.859984][ T5096] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.869098][ T5096] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.918965][ T2493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.941502][ T2493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.021004][ T5087] veth0_vlan: entered promiscuous mode
[   81.086197][ T5087] veth1_vlan: entered promiscuous mode
[   81.129757][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.143371][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.155372][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.201417][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.304529][ T5087] veth0_macvtap: entered promiscuous mode
[   81.370267][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.383583][ T5087] veth1_macvtap: entered promiscuous mode
[   81.397473][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.460227][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.482810][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.585091][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.637201][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.664971][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.695704][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.741150][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.783482][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.796043][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   81.800014][ T5194] ptm ptm3: ldisc open failed (-12), clearing slot 3
[   81.833672][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.853264][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.882682][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.926222][ T5196] warning: `syz.0.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   81.949536][ T5142] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   81.978094][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.997700][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.013766][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.016821][ T5102] Bluetooth: hci0: command tx timeout
[   82.046604][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.060433][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.076683][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.089315][ T5102] Bluetooth: hci4: command tx timeout
[   82.095430][   T54] Bluetooth: hci2: command tx timeout
[   82.104716][   T54] Bluetooth: hci1: command tx timeout
[   82.110740][   T54] Bluetooth: hci3: command tx timeout
[   82.138330][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.156822][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.173159][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.217173][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.234508][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.236518][ T5211] FAULT_INJECTION: forcing a failure.
[   82.236518][ T5211] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   82.290303][ T5211] CPU: 0 PID: 5211 Comm: syz.3.10 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[   82.299912][ T5211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   82.309993][ T5211] Call Trace:
[   82.313299][ T5211]  <TASK>
[   82.316250][ T5211]  dump_stack_lvl+0x241/0x360
[   82.320987][ T5211]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.326235][ T5211]  ? __pfx__printk+0x10/0x10
[   82.330860][ T5211]  ? __pfx_lock_release+0x10/0x10
[   82.335941][ T5211]  should_fail_ex+0x3b0/0x4e0
[   82.340652][ T5211]  _copy_from_user+0x2f/0xe0
[   82.345352][ T5211]  copy_msghdr_from_user+0xae/0x680
[   82.350615][ T5211]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   82.356455][ T5211]  __sys_sendmsg+0x23d/0x3a0
[   82.361063][ T5211]  ? __pfx___sys_sendmsg+0x10/0x10
[   82.366186][ T5211]  ? vfs_write+0x7c4/0xc90
[   82.370647][ T5211]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   82.376989][ T5211]  ? do_syscall_64+0x100/0x230
[   82.381803][ T5211]  ? do_syscall_64+0xb6/0x230
[   82.386501][ T5211]  do_syscall_64+0xf3/0x230
[   82.391021][ T5211]  ? clear_bhb_loop+0x35/0x90
[   82.395716][ T5211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.401635][ T5211] RIP: 0033:0x7f7831175b59
[   82.406277][ T5211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.425916][ T5211] RSP: 002b:00007f7831fea048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.434352][ T5211] RAX: ffffffffffffffda RBX: 00007f7831303f60 RCX: 00007f7831175b59
[   82.442350][ T5211] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[   82.450346][ T5211] RBP: 00007f7831fea0a0 R08: 0000000000000000 R09: 0000000000000000
[   82.458332][ T5211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.466315][ T5211] R13: 000000000000000b R14: 00007f7831303f60 R15: 00007fff0a1a6ef8
[   82.474314][ T5211]  </TASK>
[   82.485366][ T5087] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.504623][ T5087] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.521186][ T5087] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.561688][ T5087] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.994032][ T5091] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   82.994148][ T5091] CPU: 0 PID: 5091 Comm: kworker/u9:2 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[   82.994177][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   82.994193][ T5091] Workqueue: hci1 hci_rx_work
[   82.994228][ T5091] Call Trace:
[   82.994239][ T5091]  <TASK>
[   82.994251][ T5091]  dump_stack_lvl+0x241/0x360
[   82.994295][ T5091]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.994331][ T5091]  ? __pfx__printk+0x10/0x10
[   82.994367][ T5091]  ? sysfs_create_dir_ns+0x28a/0x3a0
[   82.994404][ T5091]  ? kmalloc_trace_noprof+0x19c/0x2c0
[   82.994448][ T5091]  sysfs_create_dir_ns+0x2ce/0x3a0
[   82.994489][ T5091]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   82.994536][ T5091]  kobject_add_internal+0x435/0x8d0
[   82.994582][ T5091]  kobject_add+0x152/0x220
[   82.994616][ T5091]  ? do_raw_spin_unlock+0x13c/0x8b0
[   82.994640][ T5091]  ? device_add+0x3e7/0xbf0
[   82.994675][ T5091]  ? __pfx_kobject_add+0x10/0x10
[   82.994709][ T5091]  ? _raw_spin_unlock+0x28/0x50
[   82.994750][ T5091]  ? get_device_parent+0x165/0x410
[   82.994790][ T5091]  device_add+0x4e5/0xbf0
[   82.994833][ T5091]  hci_conn_add_sysfs+0xe8/0x200
[   82.994873][ T5091]  le_conn_complete_evt+0xc9f/0x12e0
[   82.994914][ T5091]  ? trace_contention_end+0x3c/0x120
[   82.994952][ T5091]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   82.994986][ T5091]  ? __mutex_unlock_slowpath+0x21d/0x750
[   82.995016][ T5091]  ? __copy_skb_header+0x437/0x5b0
[   82.995047][ T5091]  ? skb_pull_data+0x112/0x230
[   82.995093][ T5091]  hci_le_enh_conn_complete_evt+0x185/0x420
[   82.995134][ T5091]  hci_event_packet+0xa55/0x1540
[   82.995166][ T5091]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   82.995203][ T5091]  ? __pfx_hci_event_packet+0x10/0x10
[   82.995227][ T5091]  ? do_raw_spin_unlock+0x13c/0x8b0
[   82.995260][ T5091]  ? hci_send_to_monitor+0xd8/0x7f0
[   82.995292][ T5091]  ? kcov_remote_start+0x9e/0x7e0
[   82.995326][ T5091]  hci_rx_work+0x3e8/0xca0
[   82.995364][ T5091]  ? process_scheduled_works+0x945/0x1830
[   82.995391][ T5091]  process_scheduled_works+0xa2c/0x1830
[   82.995454][ T5091]  ? __pfx_process_scheduled_works+0x10/0x10
[   82.995493][ T5091]  ? assign_work+0x364/0x3d0
[   82.995527][ T5091]  worker_thread+0x86d/0xd40
[   82.995574][ T5091]  ? __kthread_parkme+0x169/0x1d0
[   82.995608][ T5091]  ? __pfx_worker_thread+0x10/0x10
[   82.995636][ T5091]  kthread+0x2f0/0x390
[   82.995667][ T5091]  ? __pfx_worker_thread+0x10/0x10
[   82.995694][ T5091]  ? __pfx_kthread+0x10/0x10
[   82.995727][ T5091]  ret_from_fork+0x4b/0x80
[   82.995758][ T5091]  ? __pfx_kthread+0x10/0x10
[   82.995790][ T5091]  ret_from_fork_asm+0x1a/0x30
[   82.995844][ T5091]  </TASK>
[   82.995878][ T5091] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   82.995922][ T5091] Bluetooth: hci1: failed to register connection device
[   83.107176][ T5216] netlink: 'syz.2.3': attribute type 10 has an invalid length.
[   83.164732][ T5216] batman_adv: batadv0: Adding interface: team0
[   83.164749][ T5216] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.164770][ T5216] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   83.195192][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[   83.267105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.268025][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.268155][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.946069][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   84.151019][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   84.151766][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   84.215124][ T2493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.215176][ T2493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.452849][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.452870][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.929988][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.937203][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   85.048164][ T5102] Bluetooth: hci1: command tx timeout
[   85.107104][ T5144] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   85.148782][ T5239] FAULT_INJECTION: forcing a failure.
[   85.148782][ T5239] name failslab, interval 1, probability 0, space 0, times 1
[   85.148816][ T5239] CPU: 1 PID: 5239 Comm: syz.4.5 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[   85.148841][ T5239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   85.148855][ T5239] Call Trace:
[   85.148865][ T5239]  <TASK>
[   85.148875][ T5239]  dump_stack_lvl+0x241/0x360
[   85.148916][ T5239]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.148950][ T5239]  ? __pfx__printk+0x10/0x10
[   85.148983][ T5239]  ? __pfx___might_resched+0x10/0x10
[   85.149018][ T5239]  should_fail_ex+0x3b0/0x4e0
[   85.149053][ T5239]  ? alloc_pipe_info+0xeb/0x4d0
[   85.149083][ T5239]  should_failslab+0x9/0x20
[   85.149113][ T5239]  kmalloc_trace_noprof+0x6c/0x2c0
[   85.149160][ T5239]  alloc_pipe_info+0xeb/0x4d0
[   85.149194][ T5239]  splice_direct_to_actor+0xaac/0xc90
[   85.149240][ T5239]  ? __pfx_direct_splice_actor+0x10/0x10
[   85.149268][ T5239]  ? __pfx_splice_direct_to_actor+0x10/0x10
[   85.149296][ T5239]  ? __fget_files+0x29/0x470
[   85.149326][ T5239]  ? __pfx_lock_release+0x10/0x10
[   85.149358][ T5239]  do_splice_direct+0x28c/0x3e0
[   85.149389][ T5239]  ? __pfx_do_splice_direct+0x10/0x10
[   85.149414][ T5239]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   85.149448][ T5239]  ? rw_verify_area+0x1d2/0x6b0
[   85.149479][ T5239]  do_sendfile+0x56d/0xe20
[   85.149525][ T5239]  ? __pfx_do_sendfile+0x10/0x10
[   85.149572][ T5239]  __se_sys_sendfile64+0x17c/0x1e0
[   85.149609][ T5239]  ? __pfx___se_sys_sendfile64+0x10/0x10
[   85.149643][ T5239]  ? do_syscall_64+0x100/0x230
[   85.149677][ T5239]  ? do_syscall_64+0xb6/0x230
[   85.149711][ T5239]  do_syscall_64+0xf3/0x230
[   85.149743][ T5239]  ? clear_bhb_loop+0x35/0x90
[   85.149768][ T5239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.149801][ T5239] RIP: 0033:0x7fc9ad775b59
[   85.149822][ T5239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.149841][ T5239] RSP: 002b:00007fc9ae53d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   85.149867][ T5239] RAX: ffffffffffffffda RBX: 00007fc9ad903f60 RCX: 00007fc9ad775b59
[   85.149884][ T5239] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   85.149898][ T5239] RBP: 00007fc9ae53d0a0 R08: 0000000000000000 R09: 0000000000000000
[   85.149913][ T5239] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000001
[   85.149928][ T5239] R13: 000000000000000b R14: 00007fc9ad903f60 R15: 00007ffcc6cd54e8
[   85.149962][ T5239]  </TASK>
[   85.257667][ T5144] usb 3-1: device descriptor read/64, error -71
[   85.269983][ T5241] fuse: Bad value for 'user_id'
[   85.792220][ T5241] fuse: Bad value for 'user_id'
[   85.966868][ T5144] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   86.116972][ T5144] usb 3-1: device descriptor read/64, error -71
[   86.241002][ T5144] usb usb3-port1: attempt power cycle
[   87.423041][ T5144] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   87.439822][    T9] cfg80211: failed to load regulatory.db
[   87.506459][ T5144] usb 3-1: device descriptor read/8, error -71
[   88.000936][ T5261] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   92.927725][ T5274] autofs: Bad value for 'fd'
[   92.999448][ T5275] autofs: Bad value for 'fd'
[   93.444152][ T5287] cgroup: noprefix used incorrectly
[   93.881219][ T5295] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   94.675538][ T5102] Bluetooth: hci1: ISO packet for unknown connection handle 0
[   95.547302][ T5144] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   95.814016][ T5144] usb 5-1: config 1 interface 0 altsetting 129 bulk endpoint 0x82 has invalid maxpacket 1023
[   95.848374][ T5144] usb 5-1: config 1 interface 0 altsetting 129 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   95.872498][ T5144] usb 5-1: config 1 interface 0 has no altsetting 0
[   95.885710][ T5144] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   95.916350][ T5144] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.934530][ T5144] usb 5-1: Product: 㟂볲㤺ぱ旋绾妼᷃훝ꕥ䍌햺㤁硛셒旷ਧ校ꢮ䏱痑崨꟎葉궜퓅祙磻瀇➸ࡨ끮⠁둺≒骽齑총絞謵鍬
[   95.959976][ T5144] usb 5-1: Manufacturer: Ц
[   95.964800][ T5144] usb 5-1: SerialNumber: syz
[   96.020672][ T5307] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   96.046958][ T5307] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   96.097071][ T5320] capability: warning: `syz.2.36' uses deprecated v2 capabilities in a way that may be insecure
[   96.307136][ T5144] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[   96.332859][ T5144] usb 5-1: USB disconnect, device number 2
[   96.898396][ T5102] Bluetooth: hci1: command 0x0406 tx timeout
[   98.187101][ T5147] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   98.215807][ T5102] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[   98.367042][ T5147] usb 5-1: Using ep0 maxpacket: 16
[   98.374890][ T5147] usb 5-1: config 1 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 116, changing to 10
[   98.374956][ T5147] usb 5-1: config 1 interface 0 has no altsetting 0
[   98.378019][ T5147] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   98.378045][ T5147] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.378061][ T5147] usb 5-1: Product: syz
[   98.378073][ T5147] usb 5-1: Manufacturer: syz
[   98.378085][ T5147] usb 5-1: SerialNumber: syz
[   98.488677][  T928] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   98.686984][  T928] usb 3-1: Using ep0 maxpacket: 32
[   98.689597][  T928] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.689624][  T928] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.689689][  T928] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   98.689708][  T928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.694292][  T928] usb 3-1: config 0 descriptor??
[   98.700506][  T928] hub 3-1:0.0: USB hub found
[   98.954265][  T928] hub 3-1:0.0: config failed, hub has too many ports! (err -19)
[   99.057419][ T5102] Bluetooth: hci1: command 0x0406 tx timeout
[   99.171228][  T928] usbhid 3-1:0.0: can't add hid device: -71
[   99.193916][  T928] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   99.270758][  T928] usb 3-1: USB disconnect, device number 6
[   99.692768][ T5359] FAULT_INJECTION: forcing a failure.
[   99.692768][ T5359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.724295][ T5359] CPU: 0 PID: 5359 Comm: syz.0.47 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[   99.733915][ T5359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   99.744000][ T5359] Call Trace:
[   99.747312][ T5359]  <TASK>
[   99.750264][ T5359]  dump_stack_lvl+0x241/0x360
[   99.754960][ T5359]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.760173][ T5359]  ? __pfx__printk+0x10/0x10
[   99.764874][ T5359]  ? snprintf+0xda/0x120
[   99.769143][ T5359]  should_fail_ex+0x3b0/0x4e0
[   99.773861][ T5359]  _copy_to_user+0x2f/0xb0
[   99.778290][ T5359]  simple_read_from_buffer+0xca/0x150
[   99.783693][ T5359]  proc_fail_nth_read+0x1e9/0x250
[   99.788748][ T5359]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.794388][ T5359]  ? rw_verify_area+0x520/0x6b0
[   99.799244][ T5359]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.804794][ T5359]  vfs_read+0x204/0xbc0
[   99.808982][ T5359]  ? __pfx_lock_release+0x10/0x10
[   99.814019][ T5359]  ? __pfx_vfs_read+0x10/0x10
[   99.818726][ T5359]  ? __fget_files+0x29/0x470
[   99.823354][ T5359]  ? __fget_files+0x3f6/0x470
[   99.828066][ T5359]  ksys_read+0x1a0/0x2c0
[   99.832344][ T5359]  ? __pfx_ksys_read+0x10/0x10
[   99.837126][ T5359]  ? do_syscall_64+0x100/0x230
[   99.841930][ T5359]  ? do_syscall_64+0xb6/0x230
[   99.846622][ T5359]  do_syscall_64+0xf3/0x230
[   99.851152][ T5359]  ? clear_bhb_loop+0x35/0x90
[   99.855857][ T5359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.861768][ T5359] RIP: 0033:0x7f2306f7463c
[   99.866184][ T5359] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   99.885812][ T5359] RSP: 002b:00007f2307dbc040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   99.894255][ T5359] RAX: ffffffffffffffda RBX: 00007f2307104038 RCX: 00007f2306f7463c
[   99.902433][ T5359] RDX: 000000000000000f RSI: 00007f2307dbc0b0 RDI: 0000000000000005
[   99.910418][ T5359] RBP: 00007f2307dbc0a0 R08: 0000000000000000 R09: 0000000000000000
[   99.918405][ T5359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.926382][ T5359] R13: 000000000000006e R14: 00007f2307104038 R15: 00007ffd3a1cc068
[   99.934370][ T5359]  </TASK>
[  100.326430][ T5147] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  100.391615][ T5147] usb 5-1: USB disconnect, device number 3
[  100.786886][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  100.950319][ T5360] delete_channel: no stack
[  101.005250][    T9] usb 2-1: config 1 interface 0 altsetting 129 bulk endpoint 0x82 has invalid maxpacket 1023
[  101.036324][    T9] usb 2-1: config 1 interface 0 altsetting 129 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  101.096281][    T9] usb 2-1: config 1 interface 0 has no altsetting 0
[  101.096437][ T5376] bridge1: entered promiscuous mode
[  101.120873][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  101.134635][ T5376] bridge1: entered allmulticast mode
[  101.159793][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.189372][    T9] usb 2-1: Product: 㟂볲㤺ぱ旋绾妼᷃훝ꕥ䍌햺㤁硛셒旷ਧ校ꢮ䏱痑崨꟎葉궜퓅祙磻瀇➸ࡨ끮⠁둺≒骽齑총絞謵鍬
[  101.231606][    T9] usb 2-1: Manufacturer: Ц
[  101.246382][    T9] usb 2-1: SerialNumber: syz
[  101.281132][ T5368] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  101.302840][ T5368] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  101.536168][    T9] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  101.597762][    T9] usb 2-1: USB disconnect, device number 2
[  102.279668][ T5391] netlink: 8 bytes leftover after parsing attributes in process `syz.1.57'.
[  103.751020][ T5400] cgroup: noprefix used incorrectly
[  103.786426][ T5091] Bluetooth: hci1: ISO packet for unknown connection handle 0
[  104.060952][ T5092] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  104.319122][ T5092] usb 2-1: Using ep0 maxpacket: 32
[  104.364029][ T5092] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.462899][ T5092] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.501851][ T5092] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  104.523793][ T5092] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.549431][ T5092] usb 2-1: config 0 descriptor??
[  104.573453][ T5092] hub 2-1:0.0: USB hub found
[  104.786579][ T5092] hub 2-1:0.0: config failed, hub has too many ports! (err -19)
[  104.990419][ T5092] usbhid 2-1:0.0: can't add hid device: -71
[  105.026701][ T5092] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  105.144890][ T5092] usb 2-1: USB disconnect, device number 3
[  105.388178][ T5410] FAULT_INJECTION: forcing a failure.
[  105.388178][ T5410] name failslab, interval 1, probability 0, space 0, times 0
[  105.479037][ T5414] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  105.486537][ T5414] vhci_hcd: invalid port number 9
[  105.491720][ T5414] vhci_hcd: invalid port number 9
[  106.397902][ T5102] Bluetooth: hci1: command tx timeout
[  106.424707][ T5410] CPU: 0 PID: 5410 Comm: syz.2.63 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[  106.434296][ T5410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  106.444375][ T5410] Call Trace:
[  106.447659][ T5410]  <TASK>
[  106.450586][ T5410]  dump_stack_lvl+0x241/0x360
[  106.455305][ T5410]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.460525][ T5410]  ? __pfx__printk+0x10/0x10
[  106.465127][ T5410]  should_fail_ex+0x3b0/0x4e0
[  106.469829][ T5410]  ? __alloc_skb+0x1c3/0x440
[  106.474432][ T5410]  should_failslab+0x9/0x20
[  106.478962][ T5410]  kmem_cache_alloc_node_noprof+0x71/0x320
[  106.484783][ T5410]  __alloc_skb+0x1c3/0x440
[  106.489203][ T5410]  ? __pfx___alloc_skb+0x10/0x10
[  106.494139][ T5410]  ? bpf_lsm_file_permission+0x9/0x10
[  106.499510][ T5410]  ? security_file_permission+0x7f/0xa0
[  106.505082][ T5410]  ppp_write+0xb4/0x3f0
[  106.509257][ T5410]  ? vfs_write+0x288/0xc90
[  106.513671][ T5410]  ? __pfx_ppp_write+0x10/0x10
[  106.518455][ T5410]  vfs_write+0x2a2/0xc90
[  106.522748][ T5410]  ? __pfx_vfs_write+0x10/0x10
[  106.527556][ T5410]  ? __fget_files+0x29/0x470
[  106.532190][ T5410]  ? __fget_files+0x3f6/0x470
[  106.536909][ T5410]  ? __fget_files+0x29/0x470
[  106.541516][ T5410]  ksys_write+0x1a0/0x2c0
[  106.545847][ T5410]  ? __pfx_ksys_write+0x10/0x10
[  106.550716][ T5410]  ? do_syscall_64+0x100/0x230
[  106.555514][ T5410]  ? do_syscall_64+0xb6/0x230
[  106.560210][ T5410]  do_syscall_64+0xf3/0x230
[  106.564736][ T5410]  ? clear_bhb_loop+0x35/0x90
[  106.569446][ T5410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.575350][ T5410] RIP: 0033:0x7feb6e975b59
[  106.579773][ T5410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.599381][ T5410] RSP: 002b:00007feb6f791048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  106.607801][ T5410] RAX: ffffffffffffffda RBX: 00007feb6eb03f60 RCX: 00007feb6e975b59
[  106.615796][ T5410] RDX: 000000000000000b RSI: 0000000020000180 RDI: 0000000000000003
[  106.623769][ T5410] RBP: 00007feb6f7910a0 R08: 0000000000000000 R09: 0000000000000000
[  106.631738][ T5410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.639716][ T5410] R13: 000000000000000b R14: 00007feb6eb03f60 R15: 00007ffcc6c5e298
[  106.647743][ T5410]  </TASK>
[  107.128468][ T5424] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  108.499012][ T5434] (syz.2.69,5434,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  108.507908][ T5434] (syz.2.69,5434,1):ocfs2_fill_super:1178 ERROR: status = -22
[  108.539233][ T5091] Bluetooth: hci1: command 0x0406 tx timeout
[  109.409451][ T5091] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  109.409625][ T5091] CPU: 1 PID: 5091 Comm: kworker/u9:2 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[  109.409653][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  109.409668][ T5091] Workqueue: hci4 hci_rx_work
[  109.409699][ T5091] Call Trace:
[  109.409710][ T5091]  <TASK>
[  109.409720][ T5091]  dump_stack_lvl+0x241/0x360
[  109.409761][ T5091]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.409794][ T5091]  ? __pfx__printk+0x10/0x10
[  109.409841][ T5091]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  109.409877][ T5091]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  109.409918][ T5091]  sysfs_create_dir_ns+0x2ce/0x3a0
[  109.409956][ T5091]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  109.410003][ T5091]  kobject_add_internal+0x435/0x8d0
[  109.410047][ T5091]  kobject_add+0x152/0x220
[  109.410079][ T5091]  ? do_raw_spin_unlock+0x13c/0x8b0
[  109.410103][ T5091]  ? device_add+0x3e7/0xbf0
[  109.410137][ T5091]  ? __pfx_kobject_add+0x10/0x10
[  109.410170][ T5091]  ? _raw_spin_unlock+0x28/0x50
[  109.410208][ T5091]  ? get_device_parent+0x165/0x410
[  109.410245][ T5091]  device_add+0x4e5/0xbf0
[  109.410284][ T5091]  hci_conn_add_sysfs+0xe8/0x200
[  109.410321][ T5091]  le_conn_complete_evt+0xc9f/0x12e0
[  109.410359][ T5091]  ? trace_contention_end+0x3c/0x120
[  109.410395][ T5091]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  109.410426][ T5091]  ? __mutex_unlock_slowpath+0x21d/0x750
[  109.410455][ T5091]  ? __copy_skb_header+0x437/0x5b0
[  109.410486][ T5091]  ? skb_pull_data+0x112/0x230
[  109.410522][ T5091]  hci_le_enh_conn_complete_evt+0x185/0x420
[  109.410563][ T5091]  hci_event_packet+0xa55/0x1540
[  109.410594][ T5091]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  109.410629][ T5091]  ? __pfx_hci_event_packet+0x10/0x10
[  109.410652][ T5091]  ? do_raw_spin_unlock+0x13c/0x8b0
[  109.410683][ T5091]  ? hci_send_to_monitor+0xd8/0x7f0
[  109.410714][ T5091]  ? kcov_remote_start+0x9e/0x7e0
[  109.410748][ T5091]  hci_rx_work+0x3e8/0xca0
[  109.410784][ T5091]  ? process_scheduled_works+0x945/0x1830
[  109.410816][ T5091]  process_scheduled_works+0xa2c/0x1830
[  109.410878][ T5091]  ? __pfx_process_scheduled_works+0x10/0x10
[  109.410915][ T5091]  ? assign_work+0x364/0x3d0
[  109.410946][ T5091]  worker_thread+0x86d/0xd40
[  109.410989][ T5091]  ? __kthread_parkme+0x169/0x1d0
[  109.411023][ T5091]  ? __pfx_worker_thread+0x10/0x10
[  109.411050][ T5091]  kthread+0x2f0/0x390
[  109.411081][ T5091]  ? __pfx_worker_thread+0x10/0x10
[  109.411107][ T5091]  ? __pfx_kthread+0x10/0x10
[  109.411138][ T5091]  ret_from_fork+0x4b/0x80
[  109.411168][ T5091]  ? __pfx_kthread+0x10/0x10
[  109.411196][ T5091]  ret_from_fork_asm+0x1a/0x30
[  109.411246][ T5091]  </TASK>
[  109.411277][ T5091] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  109.411318][ T5091] Bluetooth: hci4: failed to register connection device
[  109.593162][ T5443] cgroup: noprefix used incorrectly
[  109.642907][ T5445] FAULT_INJECTION: forcing a failure.
[  109.642907][ T5445] name failslab, interval 1, probability 0, space 0, times 0
[  109.642965][ T5445] CPU: 0 PID: 5445 Comm: syz.2.74 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[  109.642989][ T5445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  109.643003][ T5445] Call Trace:
[  109.643012][ T5445]  <TASK>
[  109.643023][ T5445]  dump_stack_lvl+0x241/0x360
[  109.643065][ T5445]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.643098][ T5445]  ? __pfx__printk+0x10/0x10
[  109.643132][ T5445]  ? __pfx___might_resched+0x10/0x10
[  109.643168][ T5445]  should_fail_ex+0x3b0/0x4e0
[  109.643204][ T5445]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  109.643232][ T5445]  should_failslab+0x9/0x20
[  109.643264][ T5445]  __kmalloc_noprof+0xd8/0x400
[  109.643296][ T5445]  ? kfree+0x4e/0x360
[  109.643332][ T5445]  tomoyo_realpath_from_path+0xcf/0x5e0
[  109.643374][ T5445]  tomoyo_path_number_perm+0x23a/0x880
[  109.643417][ T5445]  ? tomoyo_path_number_perm+0x208/0x880
[  109.643453][ T5445]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  109.643533][ T5445]  ? __fget_files+0x29/0x470
[  109.643566][ T5445]  ? __fget_files+0x3f6/0x470
[  109.643595][ T5445]  ? __fget_files+0x29/0x470
[  109.643632][ T5445]  security_file_ioctl+0x75/0xb0
[  109.643662][ T5445]  __se_sys_ioctl+0x47/0x170
[  109.643692][ T5445]  do_syscall_64+0xf3/0x230
[  109.643724][ T5445]  ? clear_bhb_loop+0x35/0x90
[  109.643828][ T5445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.643868][ T5445] RIP: 0033:0x7feb6e975b59
[  109.643892][ T5445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.643913][ T5445] RSP: 002b:00007feb6f791048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  109.643942][ T5445] RAX: ffffffffffffffda RBX: 00007feb6eb03f60 RCX: 00007feb6e975b59
[  109.643962][ T5445] RDX: 0000000020000d80 RSI: 00000000c0109207 RDI: 0000000000000004
[  109.643979][ T5445] RBP: 00007feb6f7910a0 R08: 0000000000000000 R09: 0000000000000000
[  109.643995][ T5445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.644010][ T5445] R13: 000000000000000b R14: 00007feb6eb03f60 R15: 00007ffcc6c5e298
[  109.644045][ T5445]  </TASK>
[  109.644056][ T5445] ERROR: Out of memory at tomoyo_realpath_from_path.
[  109.795823][ T5447] cgroup: noprefix used incorrectly
[  109.832342][ T5102] Bluetooth: hci3: unexpected event for opcode 0x0016
[  109.973754][ T5102] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  111.446855][   T54] Bluetooth: hci4: command tx timeout
[  111.802028][    C0] vkms_vblank_simulate: vblank timer overrun
[  112.010309][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  115.946617][ T5478] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  115.954524][ T5478] vhci_hcd: invalid port number 9
[  115.972439][ T5478] vhci_hcd: invalid port number 9
[  118.273047][ T5474] sched: RT throttling activated
[  118.757567][ T5091] Bluetooth: hci0: command 0x0406 tx timeout
[  119.408227][ T5487] binder: 5486:5487 ioctl 4018620d 0 returned -22
[  120.676921][ T5147] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  121.565779][ T5147] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  121.592265][ T5147] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.611493][ T5091] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  121.621373][ T5091] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  121.622398][ T5147] usb 1-1: config 0 descriptor??
[  121.645407][ T5091] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  121.661911][ T5091] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  121.673276][ T5091] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  121.680906][ T5091] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  122.570936][ T5494] chnl_net:caif_netlink_parms(): no params data found
[  123.640566][ T5147] pegasus 1-1:0.0: probe with driver pegasus failed with error -110
[  123.767023][ T5091] Bluetooth: hci5: command tx timeout
[  123.787003][   T58] usb 1-1: USB disconnect, device number 2
[  123.884913][ T5102] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  123.911363][ T5102] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  123.928762][ T5102] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  123.944878][ T5102] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  123.964283][ T5102] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  123.972563][ T5102] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  124.602694][   T63] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.919974][   T63] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.443945][ T5535] (syz.3.97,5535,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  125.452633][ T5535] (syz.3.97,5535,0):ocfs2_fill_super:1178 ERROR: status = -22
[  125.860105][ T5091] Bluetooth: hci5: command tx timeout
[  126.093491][ T5091] Bluetooth: hci4: command tx timeout
[  126.120456][   T63] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.181026][ T5494] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.189696][ T5494] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.197183][ T5494] bridge_slave_0: entered allmulticast mode
[  126.208161][ T5494] bridge_slave_0: entered promiscuous mode
[  126.300695][ T5494] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.317062][ T5494] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.328357][ T5494] bridge_slave_1: entered allmulticast mode
[  126.348534][ T5494] bridge_slave_1: entered promiscuous mode
[  126.534320][   T63] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.689252][ T5494] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  126.745603][ T5494] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.933355][ T5091] Bluetooth: hci5: command tx timeout
[  128.043671][ T5494] team0: Port device team_slave_0 added
[  128.092335][ T5494] team0: Port device team_slave_1 added
[  128.167963][ T5091] Bluetooth: hci4: command tx timeout
[  128.594877][ T5494] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.605590][ T5145] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  128.638010][ T5494] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.884598][ T5494] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.901079][ T5494] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.912180][ T5494] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.080967][ T5571] (syz.0.107,5571,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  129.089723][ T5571] (syz.0.107,5571,1):ocfs2_fill_super:1178 ERROR: status = -22
[  129.715480][ T5145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.728507][ T5145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.740888][ T5145] usb 3-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  129.752333][ T5145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.765491][ T5145] usb 3-1: config 0 descriptor??
[  129.816520][ T5494] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.007063][ T5091] Bluetooth: hci5: command tx timeout
[  130.146400][   T63] bridge_slave_1: left allmulticast mode
[  130.168174][   T63] bridge_slave_1: left promiscuous mode
[  130.178825][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.245996][   T63] bridge_slave_0: left allmulticast mode
[  130.251991][ T5091] Bluetooth: hci4: command tx timeout
[  130.268279][   T63] bridge_slave_0: left promiscuous mode
[  130.284139][ T5563] vhci_hcd: invalid port number 0
[  130.284298][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.425154][ T5563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.105'.
[  130.755687][ T5145] hid-led 0003:1D34:000A.0001: unknown main item tag 0x0
[  130.789013][ T5145] hid-led 0003:1D34:000A.0001: unknown main item tag 0x0
[  130.812206][ T5145] hid-led 0003:1D34:000A.0001: unknown main item tag 0x0
[  130.837266][ T5145] hid-led 0003:1D34:000A.0001: unknown main item tag 0x0
[  130.866909][ T5145] hid-led 0003:1D34:000A.0001: unknown main item tag 0x0
[  131.534553][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.566193][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.598479][   T63] bond0 (unregistering): Released all slaves
[  131.859995][ T5494] hsr_slave_0: entered promiscuous mode
[  131.920739][ T5494] hsr_slave_1: entered promiscuous mode
[  131.966820][ T5494] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.010963][ T5494] Cannot create hsr debugfs directory
[  132.032260][ T5514] chnl_net:caif_netlink_parms(): no params data found
[  132.326887][ T5091] Bluetooth: hci4: command tx timeout
[  132.992670][ T5145] hid-led 0003:1D34:000A.0001: probe with driver hid-led failed with error -71
[  133.047401][ T5145] usb 3-1: USB disconnect, device number 7
[  133.131158][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  133.137915][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  133.690502][ T5514] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.724373][ T5514] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.744382][ T5514] bridge_slave_0: entered allmulticast mode
[  133.756142][ T5514] bridge_slave_0: entered promiscuous mode
[  133.797430][ T5514] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.810129][ T5514] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.835605][ T5514] bridge_slave_1: entered allmulticast mode
[  133.856434][ T5514] bridge_slave_1: entered promiscuous mode
[  133.892138][ T5627] Zero length message leads to an empty skb
[  134.041968][   T63] hsr_slave_0: left promiscuous mode
[  134.059260][   T63] hsr_slave_1: left promiscuous mode
[  134.076451][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.085502][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.098097][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.111080][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.154489][   T63] veth1_macvtap: left promiscuous mode
[  134.163826][   T63] veth0_macvtap: left promiscuous mode
[  134.174188][   T63] veth1_vlan: left promiscuous mode
[  134.184898][   T63] veth0_vlan: left promiscuous mode
[  134.487846][  T928] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  134.666838][  T928] usb 3-1: Using ep0 maxpacket: 32
[  134.682700][  T928] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  134.695626][  T928] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  134.706904][  T928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.714959][  T928] usb 3-1: Product: syz
[  134.722682][  T928] usb 3-1: Manufacturer: syz
[  134.727911][  T928] usb 3-1: SerialNumber: syz
[  134.735553][  T928] usb 3-1: config 0 descriptor??
[  134.745476][ T5639] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  134.917856][   T63] team0 (unregistering): Port device team_slave_1 removed
[  135.045360][ T5147] usb 3-1: USB disconnect, device number 8
[  135.092915][   T63] team0 (unregistering): Port device team_slave_0 removed
[  135.176844][  T928] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  135.383641][  T928] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  135.397931][  T928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.415047][  T928] usb 4-1: config 0 descriptor??
[  135.527353][ T5147] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  135.637784][ T5207] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  135.729076][ T5147] usb 3-1: config 0 has no interfaces?
[  135.730860][ T5514] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.747011][ T5147] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  135.757080][ T5147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.759691][ T5514] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.813283][ T5147] usb 3-1: config 0 descriptor??
[  135.827444][ T5207] usb 1-1: Using ep0 maxpacket: 32
[  135.844983][ T5207] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  135.854405][ T5207] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  135.882606][ T5207] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  135.924442][ T5514] team0: Port device team_slave_0 added
[  135.947029][ T5207] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  135.971295][ T5207] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  135.990280][ T5207] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  136.023177][ T5207] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  136.043373][ T5207] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.044946][ T5514] team0: Port device team_slave_1 added
[  136.072108][ T5207] usb 1-1: config 0 descriptor??
[  136.201075][ T5092] usb 3-1: USB disconnect, device number 9
[  136.233473][ T5514] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.263592][ T5514] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.320351][ T5514] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.335377][ T5207] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  136.382756][ T5514] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.396856][ T5514] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.438570][ T5514] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.535746][ T5207] usb 1-1: USB disconnect, device number 3
[  136.596152][ T5207] usblp0: removed
[  136.842846][ T5514] hsr_slave_0: entered promiscuous mode
[  136.864993][ T5514] hsr_slave_1: entered promiscuous mode
[  136.900870][ T5514] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  136.918711][ T5514] Cannot create hsr debugfs directory
[  136.943412][ T5666] netlink: 'syz.2.131': attribute type 1 has an invalid length.
[  136.963607][ T5666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.131'.
[  137.348509][ T5494] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  137.481632][   T63] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.557416][ T5494] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  137.586538][ T5494] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  137.615792][ T5091] Bluetooth: hci3: adv larger than maximum supported
[  137.677473][   T63] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.709156][ T5494] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  137.783795][   T63] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.869539][  T928] usb 4-1: Cannot set autoneg
[  137.894775][  T928] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  137.931444][   T63] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.935577][  T928] usb 4-1: USB disconnect, device number 3
[  138.197536][ T5494] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.353424][   T63] bridge_slave_1: left allmulticast mode
[  138.364047][   T63] bridge_slave_1: left promiscuous mode
[  138.371646][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.400044][   T63] bridge_slave_0: left allmulticast mode
[  138.412103][   T63] bridge_slave_0: left promiscuous mode
[  138.428195][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.897094][ T5091] Bluetooth: hci3: command 0x2016 tx timeout
[  140.325107][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  140.345703][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  140.363579][   T63] bond0 (unregistering): Released all slaves
[  140.466983][ T5144] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  140.473917][ T5494] 8021q: adding VLAN 0 to HW filter on device team0
[  140.557426][ T5727] syz.2.143 uses obsolete (PF_INET,SOCK_PACKET)
[  140.639737][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.647012][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.663709][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.671023][ T5147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.716885][ T5144] usb 1-1: Using ep0 maxpacket: 32
[  140.726267][ T5144] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  140.743308][ T5144] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  140.754766][ T5144] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  140.764322][ T5144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  140.795557][ T5144] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  140.807711][ T5091] Bluetooth: hci1: command 0x0406 tx timeout
[  140.820572][ T5144] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  140.850813][ T5144] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  140.874351][ T5144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.927180][ T5145] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  140.945657][ T5144] usb 1-1: config 0 descriptor??
[  141.149777][ T5145] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  141.186003][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.203435][ T5144] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  141.244909][ T5145] usb 4-1: config 0 descriptor??
[  141.334992][ T5744] =======================================================
[  141.334992][ T5744] WARNING: The mand mount option has been deprecated and
[  141.334992][ T5744]          and is ignored by this kernel. Remove the mand
[  141.334992][ T5744]          option from the mount to silence this warning.
[  141.334992][ T5744] =======================================================
[  141.397488][   T63] hsr_slave_0: left promiscuous mode
[  141.428637][   T63] hsr_slave_1: left promiscuous mode
[  141.454577][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.468999][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.492391][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.523539][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.606300][   T63] veth1_macvtap: left promiscuous mode
[  141.615375][   T63] veth0_macvtap: left promiscuous mode
[  141.632555][ T5750] netlink: 'syz.2.147': attribute type 1 has an invalid length.
[  141.637083][   T63] veth1_vlan: left promiscuous mode
[  141.655969][ T5750] netlink: 8 bytes leftover after parsing attributes in process `syz.2.147'.
[  141.656651][ T5144] usb 1-1: USB disconnect, device number 4
[  141.665513][   T63] veth0_vlan: left promiscuous mode
[  141.742263][ T5144] usblp0: removed
[  141.927000][ T5091] Bluetooth: hci3: command 0x2016 tx timeout
[  143.004140][   T63] team0 (unregistering): Port device team_slave_1 removed
[  143.071913][   T63] team0 (unregistering): Port device team_slave_0 removed
[  143.700310][ T5776] netlink: 60 bytes leftover after parsing attributes in process `syz.0.149'.
[  143.749281][ T5145] usb 4-1: Cannot set autoneg
[  143.754166][ T5145] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  143.786904][ T5145] usb 4-1: USB disconnect, device number 4
[  144.128331][ T5514] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  144.213584][ T5514] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  144.330418][ T5514] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  144.409488][ T5786] netlink: 'syz.0.151': attribute type 10 has an invalid length.
[  144.505592][ T5786] team0: Port device netdevsim0 added
[  144.557619][ T5514] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  144.824811][ T5791] ipip0: entered promiscuous mode
[  144.900550][ T5796] Cannot find add_set index 0 as target
[  144.938134][ T5494] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.985824][ T5796] usb usb8: usbfs: process 5796 (syz.3.153) did not claim interface 0 before use
[  145.062555][   T29] audit: type=1326 audit(1721338222.359:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5792 comm="syz.3.153" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7831175b59 code=0x0
[  145.338830][ T5514] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.351284][ T5805] dccp_invalid_packet: P.CsCov 2 exceeds packet length 400
[  145.439360][ T5494] veth0_vlan: entered promiscuous mode
[  145.451133][ T5514] 8021q: adding VLAN 0 to HW filter on device team0
[  145.461189][ T5807] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  145.509972][ T5494] veth1_vlan: entered promiscuous mode
[  145.533287][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.540610][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.616963][ T5147] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  145.648988][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.656171][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.695215][ T5814] netlink: 12 bytes leftover after parsing attributes in process `syz.0.160'.
[  145.969395][    C0] Oops: general protection fault, probably for non-canonical address 0xe3fffb240028e7c8: 0000 [#1] PREEMPT SMP KASAN PTI
[  145.982048][    C0] KASAN: maybe wild-memory-access in range [0x1ffff92001473e40-0x1ffff92001473e47]
[  145.991368][    C0] CPU: 0 PID: 5818 Comm: syz.2.162 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0
[  145.992409][ T5494] veth0_macvtap: entered promiscuous mode
[  146.001007][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  146.001023][    C0] RIP: 0010:__cpu_map_flush+0x42/0xd0
[  146.001051][    C0] Code: e8 e3 d9 d6 ff 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8d c7 39 00 49 8b 1e 4c 39 f3 74 77 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 6f c7 39 00 4c 8b 23 48 8d 7b c0
[  146.001068][    C0] RSP: 0018:ffffc90000007bb0 EFLAGS: 00010203
[  146.048042][    C0] RAX: 03ffff240028e7c8 RBX: 1ffff92001473e44 RCX: ffff888027121e00
[  146.048601][ T5494] veth1_macvtap: entered promiscuous mode
[  146.056025][    C0] RDX: 0000000080000101 RSI: 0000000000000000 RDI: ffffc9000a39f1a0
[  146.069805][    C0] RBP: dffffc0000000000 R08: ffffffff895d4e8a R09: 1ffffffff1f5a8c5
[  146.077787][    C0] R10: dffffc0000000000 R11: fffffbfff1f5a8c6 R12: ffffc9000a39f1a0
[  146.085771][    C0] R13: ffffc9000a39f160 R14: ffffc9000a39f1a0 R15: dffffc0000000000
[  146.093751][    C0] FS:  00007feb6f7916c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  146.102691][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  146.109291][    C0] CR2: 000000110c343cd0 CR3: 000000001ec24000 CR4: 00000000003506f0
[  146.117271][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  146.125241][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  146.133214][    C0] Call Trace:
[  146.136492][    C0]  <IRQ>
[  146.139340][    C0]  ? __die_body+0x88/0xe0
[  146.143686][    C0]  ? die_addr+0x108/0x140
[  146.148032][    C0]  ? exc_general_protection+0x3dd/0x5d0
[  146.153592][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  146.158809][    C0]  ? asm_exc_general_protection+0x26/0x30
[  146.164543][    C0]  ? xdp_do_check_flushed+0x10a/0x240
[  146.169924][    C0]  ? __cpu_map_flush+0x42/0xd0
[  146.174691][    C0]  xdp_do_check_flushed+0x136/0x240
[  146.179898][    C0]  __napi_poll+0xe4/0x490
[  146.184323][    C0]  net_rx_action+0x89b/0x1240
[  146.189017][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  146.194139][    C0]  ? sched_clock+0x4a/0x70
[  146.198579][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.204915][    C0]  ? sched_clock+0x4a/0x70
[  146.209355][    C0]  handle_softirqs+0x2c4/0x970
[  146.214127][    C0]  ? do_softirq+0x11b/0x1e0
[  146.218638][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  146.223932][    C0]  do_softirq+0x11b/0x1e0
[  146.228263][    C0]  </IRQ>
[  146.231192][    C0]  <TASK>
[  146.234124][    C0]  ? __pfx_do_softirq+0x10/0x10
[  146.238975][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  146.244610][    C0]  ? rcu_is_watching+0x15/0xb0
[  146.249379][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  146.254671][    C0]  ? __pfx_netif_receive_skb+0x10/0x10
[  146.260135][    C0]  ? tun_rx_batched+0x160/0x8f0
[  146.264995][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  146.270729][    C0]  ? tun_rx_batched+0x160/0x8f0
[  146.275596][    C0]  tun_rx_batched+0x732/0x8f0
[  146.280287][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.286621][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  146.291650][    C0]  ? __pfx_tun_rx_batched+0x10/0x10
[  146.296898][    C0]  tun_get_user+0x2f84/0x4720
[  146.301588][    C0]  ? tun_get_user+0x2a78/0x4720
[  146.306451][    C0]  ? __lock_acquire+0x1346/0x1fd0
[  146.311488][    C0]  ? __pfx_tun_get_user+0x10/0x10
[  146.316533][    C0]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  146.322003][    C0]  ? tun_get+0x1e/0x2f0
[  146.326168][    C0]  ? __pfx_lock_release+0x10/0x10
[  146.331207][    C0]  ? tun_get+0x1e/0x2f0
[  146.335367][    C0]  ? tun_get+0x27d/0x2f0
[  146.339616][    C0]  tun_chr_write_iter+0x113/0x1f0
[  146.344650][    C0]  vfs_write+0xa72/0xc90
[  146.348901][    C0]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  146.354456][    C0]  ? __pfx_vfs_write+0x10/0x10
[  146.359221][    C0]  ? do_futex+0x392/0x560
[  146.363582][    C0]  ksys_write+0x1a0/0x2c0
[  146.367920][    C0]  ? __pfx_ksys_write+0x10/0x10
[  146.372780][    C0]  ? do_syscall_64+0x100/0x230
[  146.377559][    C0]  ? do_syscall_64+0xb6/0x230
[  146.382253][    C0]  do_syscall_64+0xf3/0x230
[  146.386766][    C0]  ? clear_bhb_loop+0x35/0x90
[  146.391453][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.397357][    C0] RIP: 0033:0x7feb6e9746df
[  146.401779][    C0] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  146.421393][    C0] RSP: 002b:00007feb6f791010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  146.429820][    C0] RAX: ffffffffffffffda RBX: 00007feb6eb03f60 RCX: 00007feb6e9746df
[  146.437794][    C0] RDX: 0000000000000036 RSI: 0000000020000240 RDI: 00000000000000c8
[  146.445767][    C0] RBP: 00007feb6e9e4e5d R08: 0000000000000000 R09: 0000000000000000
[  146.453740][    C0] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000000
[  146.461735][    C0] R13: 000000000000000b R14: 00007feb6eb03f60 R15: 00007ffcc6c5e298
[  146.469743][    C0]  </TASK>
[  146.472770][    C0] Modules linked in:
[  146.476808][    C0] ---[ end trace 0000000000000000 ]---
[  146.482303][    C0] RIP: 0010:__cpu_map_flush+0x42/0xd0
[  146.487755][    C0] Code: e8 e3 d9 d6 ff 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8d c7 39 00 49 8b 1e 4c 39 f3 74 77 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 6f c7 39 00 4c 8b 23 48 8d 7b c0
[  146.507437][    C0] RSP: 0018:ffffc90000007bb0 EFLAGS: 00010203
[  146.513545][    C0] RAX: 03ffff240028e7c8 RBX: 1ffff92001473e44 RCX: ffff888027121e00
[  146.521606][    C0] RDX: 0000000080000101 RSI: 0000000000000000 RDI: ffffc9000a39f1a0
[  146.528164][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.529637][    C0] RBP: dffffc0000000000 R08: ffffffff895d4e8a R09: 1ffffffff1f5a8c5
[  146.540426][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.548012][    C0] R10: dffffc0000000000 R11: fffffbfff1f5a8c6 R12: ffffc9000a39f1a0
[  146.548033][    C0] R13: ffffc9000a39f160 R14: ffffc9000a39f1a0 R15: dffffc0000000000
[  146.548050][    C0] FS:  00007feb6f7916c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  146.548070][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  146.548087][    C0] CR2: 000000110c343cd0 CR3: 000000001ec24000 CR4: 00000000003506f0
[  146.548105][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  146.548120][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  146.558004][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.565887][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  146.574165][    C0] Kernel Offset: disabled