last executing test programs:

11.136367091s ago: executing program 4 (id=2019):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x168, 0x0, 0x321, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x13f, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @broadcast, @random="90e488f9971a", {}, @value}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x6, "2d5014b2109a"}, {0xdd, 0x48, "eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602f"}, {0xdd, 0x61, "4f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24103d4337027917c48d29a186"}, {0xdd, 0x36, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aacda"}, {0xdd, 0x6, "83534cd40fda"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x168}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003100)={@ifindex, 0xffffffffffffffff, 0x11, 0x10, 0xffffffffffffffff, @prog_fd}, 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl0\x00', 0x0, 0x2f, 0x6e, 0x1, 0x2fb, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x80, 0x800}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081780000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afc0513466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea01d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a07f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a126a1bdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0d5d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f10bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d00b07862c4fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52c094016406cdd32abf77fea373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515dca8811922929e08538fab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f57cbc05cd897f40693ec427ea71578130cde48de3b4dda0c7b615b57ccd4f8ac729a80f891d91a89d967948b9d95b1f22480ab48969e86b854a8c17f3e264ce11f9f63552364e759eec94572f2f7b0e2f293573d0b80709815f4344f908c00"/2646], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r8, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @multicast}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2000b0086dd6012000800383a00fc010000000000000000000000000000ff0200000000000000000000000000010100007800000000600ad91500002c00ff010000000000000000000000000001fe8000000000000000000000000000040000009000000000"], 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00e7ff0000000000140003007465616d5f736c6176655f300000000008000a"], 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1002, &(0x7f00000004c0)=""/4098}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)

9.88446163s ago: executing program 2 (id=2024):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x10)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000140))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x0)
r3 = socket$inet6(0xa, 0x0, 0x0)
sendmsg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x208}, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000140)='./file0\x00', 0x810, &(0x7f0000000380)=ANY=[@ANYBLOB='dmask=00000000000000000000007,utf8,iocharset=iso8859-1,allow_utime=00000000000000000002001,fmask=00000000000000000000002,allow_utime=00000000000000000000005,umask=00000000000000000000001,gid=', @ANYRESHEX, @ANYRESOCT=r2, @ANYRESHEX, @ANYRESHEX], 0x1, 0x14fe, &(0x7f0000002a40)="$eJzs3AuYjVX7MPB1r7UexjSxm+QwrHvdDzsNlkOSHJLkkCRJkuSUkDRJkpAYckoakpDjJIkhJIdpTBrn8yHnJHmlSZKccgrru6be9/N/39736/t/b9/f9/3n/l3Xuva6Z+977Xvte8/s53nmuvYPPUfVa1G/djMiEv8W+O0mWQgRI4QYJoQoIIQIhBCV4yvH59yfT0Hyv/ck7M/1SNq1roBdS9z/3I37n7tx/3M37n/uxv3P3bj/uRv3P3fj/jOWm22bXfQGHrl38PX/3Iw///8byS43+ZsN5W7q9Z9I4f7nbtz/3I37n7tx/3M37n/uxv3P3bj/uRv3n7Hc7Fpff+Zxbce1fv8xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMsdzvurtBAi5zb4Vw9O/q+tjTHGGGOMMcYYY38On/daV8AYY4wxxhhjjLH/+0BIoYQWgcgj8ooYkU/EiutEnLhe5BcFRETcIOLFjaKguEkUEoVFEVFUJIhiorgwAoUVJEJRQpQUUXGzKCVuEYmitCgjygonyonyooKoKG4VlcRtorK4XVQRd4iqopqoLmqIO0VNcZeoJe4WtcU9oo6oK+qJ+uJe0UDcJxqK+0Uj8YBoLB4UTcRDoql4WDQTj4jm4lHRQjwmWorHRSvRWrQRbUW7/6P8l0Vf8YroJ/qLZDFADBSvikFisBgihoph4jUxXLwuRog3RIoYKUaJN8Vo8ZYYI94WY8U4MV68IyaIiWKSmCymiKkiVbwrpon3xHTx/si/vaJpYraYIz4Uc8U8MV98JBaIj8VCsUgsFktEuvhEZIilIlN8KpaJz0SWWC5WiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK1im/hcbBc7xE6xS+wWe8Re8YXYJ74U+8VX4oD4+j+Zf+4f8nuBAAESJGjQkAfyQAzEQCzEQhzEQX7IDxGIQDzEQ0EoCIWgEBSBIpAACVAcigMCAgFBCSgBUYhCKSgFiZAIZaAMOHBQHspDRbgVKkElqAyVoQpUgapQDapBDagBNaEm1IJaUBtqQx2oA/WgHtwL98J90BAaQiNoBI2hMTSBJtAUmkIzaAbNoTm0gBbQElpCK2gFbaANtIN20B7aQwfoAJ2gE3SGztAFukASJEFX6ArdoBt0h+7QA3pAT+gJvaA39IaX4WV4BV6B/lBHDoCBMBAGwSAYAkNhKLwGw+F1eB3egBQYCaPgTXgT3oIxcBbGwjgYD+OhppwIk2AykJwKqZAK02AaTIfpMAM+gA9gFqTBbJgDc2AuzIN58BEsgI/hY1gEi2AJpEM6ZMBSyIRMWAbnIAuWwwpYCatgNayCtbAO1sIG2AgbYDNshq2wFT6Hz2EH7IBdsAv2wB74Ar6AL+FLSIEDAPq3d9whOAyHIRuy4QgcgaNwFI7BMTgOx+EEnIRTcBLOwBk4C+fgPJyHi3ARLsGLCd8131N6fYqQObTUMo/MI2NkjIyVsTJOxsn8Mr+MyIiMl/GyoCwoC8lCsogsIhNkgiwui0uUKEmGsoQsIaMyKkvJUjJRJsoysox00snysrysKCvKSrKSrCxvl1XkHbKqrCY7uhqyhqwpO7la8m5ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+ZBsKgfAEHhE5nSmhRwJLeUoaCVbyzayrXwLnpDt5RjoIDvKTvIpOQ7GQhfZ3iXJZ2VXOQm6yeflZHhB9pBToad8SfaSvWUf+bLsKzu4frK/nAED5EA5CwbJwXKIHCrnQl2Z07F68g2ZIkfKUfJNuQTekmPk23KsHCfHy3fkBDlRTpKT5RQ5VabKd+U0+Z6cLt+XM+QHcqacJdPkbDlHfijnynlyvvxILpAfy4VykVwsl8h0+YnMkEtlpvxULpOfySy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+bncLnfInXKX3C33yL3yC7lPfin3y6/kAfm1PCj/Ig/Jb+Rh+a3Mlt/JI/J7eVT+II/JH+Vx+ZM8IU/KU/K0PCN/lmflOXleXpAX5S/ykrwsr0gvhQIllVJaBSqPyqtiVD4Vq65Tcep6lV8VUBF1g4pXN6qC6iZVSBVWRVRRlaCKqeLKKFRWkQpVCVVSRdXNqpS6RSWq0qqMKqucKqfKqwqqorpVVVK3qcrqdlVF3aGqqmqquqqh7lQ11V2qlrpb1Vb3qDqqrqqn6qt7VQN1n2qo7leN1AOqsXpQNVEPqabqYdVMPaKaq0dVC/WYaqkeV61Ua9VGtVXt1BOqvXpSdVAdVSf1lOqsnlZd1DMqST2ruqrnVDf1vOquXlA91Iuqp3pJ9VK9VR91WV1RXvVT/VWyGqAGqlfVIDVYDVFD1TD1mhquXlcj1BsqRY1Uo9SbarR6S41Rb6uxapwar95RE9RENUlNVlPUVJWq3lXT1HtqunpfzVAfqJlqlkpTs9WQv640/38j/71/kj/i12ffqrapz9V2tUPtVLvUbrVH7VV71T61T+1X+9UBdUAdVAfVIXVIHVaHVbbKVkfUEXVUHVXH1DF1XB1XJ9RJdUGdVmfUz+qsOqfOqQvqorqoLv31NRAatNRKax3oPDqvjtH5dKy+Tsfp63V+XUBH9A06Xt+oC+qbdCFdWBfRRXWCLqaLa6NRW0061CV0SR3VN+tS+hadqEvrMrqsdrqc9rrCv5VfXlfQf1RfO91Ot9ftdQfdQXfSnXRn3Vl30V10kk7SXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52sk/VA/aoepAfrIXqoHqZf08P1cD1Cj9ApOkWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+pUPU1P09P1dD1Dz9Az9UydptP0HD1Hz9Vz9Xw9Xy/QC/RCvVAv1ot1uk7XGTpDZ+pMvUwv01l6uV6uV+qVerVerdfqtXq9Xq836o16s96ss/Q2vU1v19v1Tr1T79a79V69V+/T+/R+vV8f0Af0QX1QH9KH9GF9WGfrbH1EH9FH9VF9TB/Tx/VxfUKf0Kf0KX1Gn9Fn9Vl9Xp/XF/VFfUlf0lf0lZzDvkAGMtCBDvIEeYKYICaIDWKDuCAuyB/kDyJBJIgP4oOCwU1BoaBwUCQoGiQExYLigQkwsAEFYVAiKBlEg5uDUsEtQWJQOigTlA1cUC4oH1QIKga3BpWC24LKwe1BleCOoGpQLage1AjuDGoGdwW1gruD2sE9QZ2gblAvqB/cGzQI7gsaBvcHjYIHgsbBg0GT4KGgafBw0Cx4JGgePBq0CB4LWgaPB62C1kGboG3Q7k9d3/uzhZ90/Ux/k2wGmIHmVTPIDDZDzFAzzLxmhpvXzQjzhkkxI80o86YZbd4yY8zbZqwZZ8abd8wEM9FMMpPNFDPVpJp3zTTznplu3jczzAdmppll0sxsM8d8aOaaeWa++cgsMB+bhWaRWWyWmHTzickwS02m+dQsM5+ZLLPcrDArzSqz2qwxa806s95sMBvNJrPZbDFbzTbzudludpidZpfZbfaYveYLs898afabr8wB87U5aP5iDplvzGHzrck235kj5ntz1PxgjpkfzXHzkzlhTppT5rQ5Y342Z805c95cMBfNL+aSuWyuGJ9zcJ/z8Y4aNebBPBiDMRiLsRiHcZgf82MEIxiP8VgQC2IhLIRFsAgmYAIWx+KYg5CwBJbAKEaxFJbCREzEMlgGHTosj+WxIlbESlgJK2NlrIJVsCpWxepYHe/EO/EuvAvvxrvxHrwH62JdrI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsjs2xBbbAltgSW2ErbINtsB22w/bYHjtgB+yEnbAzdsYu2AWTMAm7Ylfsht2wO3bHHtgDe2JP7IW9sA/2wb7YF/thP0zGZByIA3EQDsIhOASH4TAcjsNxBI7AFEzBUTgKR+NoHINjcCyOw/H4Dk7AiTgJJ+MUnIqpmIrTcBpOx+k4A2fgTJyJaZiGc3AOzsW5OB/n4wJcgAtxIS7GxZiO6ZiBGZiJmbgMl2EWZuEKXIGrcBWuwTW4DtfhBtyAm3ATbsEtuA234XbcjjtxJ+7G3bgX9+I+3If7cT8ewAN4EA/iITyEh/EwZmM2HsEjeBSP4jE8hsfxOJ7AE3gKT+EZPINn8Syex/N4EX/BS3gZr6DHGJvPxtrrbJy93ua3Bew/xkVsUZtgi9ni1thCtvDfxWitTbSlbRlb1jpbzpa3FX4XV7XVbHVbw95pa9q7bK3fxQ3sfbahvd82sg/Y+vbev4sb2wdtE/uYbWoft81sa9vctrUt7GO2pX3ctrKtbRvb1na2T9su9hmbZJ+1Xe1zv4sz7FK7zq63G+xGu89+ac/bC/ao/cFetL/Yfra/HWZfs8Pt63aEfcOm2JG/i8fbd+wEO9FOspPtFDv1d/FMO8um2dl2jv3QzrXzfhen20/sAptpF9pFdrFd8mucU1Om/dQus5/ZLLvcrrAr7Sq72q6xa/9nrSvtZrvFbrV77Rd2u91hd9pddrfd82ucs4/99it7wH5tj9jv7SH7jT1sj9ls+92vcc7+jtkf7XH7kz1hT9pT9rQ9Y3+2Z+25X/efs/fT9rK9Yr0VBCRJkaaA8lBeiqF8FEvXURxdT/mpAEXoBoqnG6kg3USFqDAVoaKUQMWoOBlCskQUUgkqSVG6mUrRLZRIpakMlSVH5ag8VaCKdCtVotuoMt1OVegOqkrVqDrVoDupJt1Ftehuqk33UB2qS/WoPt1LDeg+akj3UyN6gBrTg9SEHqKm9DA1o0eoOT1KLegxakmPUytqTW2oLbWjJ6g9PUkdqCN1oqeoMz1NXegZSqJnqSs9R93oeepOL1APepF60kvUi3pTH3qZ+tIr1I/6UzINoIH0Kg2iwTSEhtIweo2G0+s0gt6gFBpJo+hNGk1v0Rh6m8bSOBpP79AEmkiTaDJNoamUSu/SNHqPptP7NIM+oJk0i9JoNs2hD2kuzaP59BEtoI9pIS2ixbSE0ukTyqCllEmf0jL6jLJoOa2glbSKVtMaWkvraD1toI20iTbTFtpK2+hz2k47aCftot20h/bSF7SPvqT99BUdoK/pIP2FDtE3dJi+pWz6jo7Q93SUfqBj9CMdp5/oBJ2kU3SaztDPdJbO0Xm6QBfpF7pEl+kKeRIhhDJUoQ6DME+YN4wJ84Wx4XVhXHh9mD8sEEbCG8L48MawYHhTWCgsHBYJi4YJYbGweGhCDG1IYRiWCEuG0fDmsFR4S5gYlg7LhGVDF5YLy4cVworhrWGl8Lawcnh7WCW8I6waVgsfe6BGeGdYM7wrrBXeHdYO7wnrhHXDemH98N6wQXhf2DC8P2wUPhBWCh8Mm4QPhU3Dh8Nm4SNh8/DRsEX4WNgyfDxsFbYO24Rtw3bhE2H78MmwQ9gx7BQ+FXYOnw67hM+ESeGzYdfwuT+8PzkcEA4MXw1fDb2/Xy2OLommRz+JZkSXRjOjn0aXRT+LZkWXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a9r59XOHDSKadd4PK4vC7G5XOx7joX5653+V0BF3E3uHh3oyvobnKFXGFXxBV1Ca6YK+6MQ2cdudCVcCVd1N3sSrlbXKIr7cq4ss65cq68a+vauXauvXvSdXAdXSf3lHvKPe2eds+4Z9yzrqt7znVzz7vu7gXXw73oXnQvuV6ut+vjXnZ93Suun+vvkl2yG+gGukFukBvihrhhbpgb7oa7EW6ES3EpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Vpbppbpqb7qa7GW6GnulmujSX5ua4OW6um+vmu/luQeICt9AtdIvdYpfu0l2Gy3CZLtMtc8tclstyK9wKt8qtcmvcGrfOrXMb3Aa3yW1yW9wWt81tc9vddrfT7XS73W631+11+9w+Ldx+d8AdcAfdQXfIHXKH3bcu233njrjv3VH3gzvmfnTH3U/uhDvpTrnT7oz72Z1159x5d8FddL+4S+6yu+K8S428G5kWeS8yPfJ+ZEbkg8jMyKxIWmR2ZE7kw8jcyLzI/MhHkQWRjyMLI4siiyNLIumRTyIZkaWRzMinkWWRzyJZkeWRFZGVkVWR1RHvi20PfQlf0kf9zb6Uv8Un+tK+jC/rnS/ny/sKvqK/1Vfyt/nK/nZfxd/hq/pqvrp/3LfyrX0b39a380/49v5J38F39J38U76zf9p38c/4JP+s7+qf89388767f8H38C/6nv4l38v39n38y76vf8X38/19sh/gB/pX/SA/2A/xQ/0w/5of7l/3I/wbPsWP9KP8m360f8uP8W/7sX6cH+/f8RP8RD/JT/ZT/FSf6t/10/x7frp/38/wH/iZfpZP87P9HP+hn+vn+fn+I7/Af+wX+kV+sV/i0/0nPsMv9Zn+U7/Mf+az/HK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/znfrvf4Xf6XX633+P3+i/8Pv+l3++/8gf81/6g/4s/5L/xh/23Ptt/54/47/1R/4M/5n/0x/1P/oQ/6U/50/6M/9mf9ef8eX/BX/S/+Ev+sr/ivb+GF9EZY4wxxv6/of7g/gH/5GfyryPHQCHE9TuKZv/jmpsK/TYfLBM6R4QQz/bv+cjfRp06ycl/+yqBLCWCkouEEJGr+XnE1Xi56CSeFkmio6j4T+sbLHtfpD9YP3q7ELH/ISdGXI2vrn/rv1j/iafGZ1QJz8f/L9ZfJERiyas5+cTVeLno9Ov/aDuKSv9i/cLt/6D+fN+kCtHhP+TEiatxTv2+wG/zJ8VzIunvHskYY4wxxhhjjP1msKze/Y/On3POzxP01Zy84mr8R+fnjDHGGGOMMcYYu/Ze6N3nmSeSkjp25wlPePL/1kRdy1/Pa/2XiTHGGGOMMfZnu3rQf60rYYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGcq//iq8Tu9Z7ZIwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq61/xEAAP//aIcwug==")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r4 = open(0x0, 0x0, 0x0)
getdents(r4, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003200), 0x0, 0x0, 0x0)

8.989279001s ago: executing program 4 (id=2027):
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x608}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
setresuid(0x0, 0xee01, 0x0)
inotify_init1(0x0)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0), 0x4)
mlockall(0x3)
io_setup(0xa5f, &(0x7f0000000680))
syz_open_dev$evdev(0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)

6.845261302s ago: executing program 2 (id=2030):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000940)={[{@nls={'nls', 0x3d, 'cp1250'}}, {@nobarrier}, {@creator={'creator', 0x3d, "bd3c66f5"}}, {@uid}, {@force}, {@umask={'umask', 0x3d, 0xde2}}]}, 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r1 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0xfffffffffffffffe, &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1], 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @loopback}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000140)='fd')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount$afs(0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000500)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000040))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000900)=ANY=[@ANYBLOB="9feb01001800000000000000400000004000000002000000000000000000000300000000020000000200000000000000000000000000000105000000080000000000000001000085000000000000000001"], 0x0, 0x5a}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0x9362, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x0)
getdents(r0, 0x0, 0x0)

6.719219553s ago: executing program 3 (id=2032):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000340)}], 0x1}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)

6.585970273s ago: executing program 3 (id=2033):
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder-control\x00', 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$rds(r1, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000000)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @mcast2, 0x4}}}, 0x30)
r5 = fsopen(&(0x7f0000000040)='nfsd\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)

5.508970351s ago: executing program 2 (id=2036):
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e3502020001ffffffff685f1158e2fafc0e1f00020000000c00009c"], 0x38)
open(&(0x7f0000000180)='./file0\x00', 0x4080, 0x20)
r0 = creat(0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280), 0x17)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0xc00, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a32000000001400078008000640000000000800084000000000050005000a0000000500010006feff000d000300686173683a6e6574"], 0x5c}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000001000)=ANY=[@ANYRES16=r4, @ANYRES32=r2, @ANYRES16=r4], &(0x7f0000000d40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x90)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x6}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1e, 0x59827034, 0x17, 0x80, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, r0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x2c0, 0xd8, 0xffffffff, 0xffffffff, 0xd8, 0xffffffff, 0x1f0, 0xffffffff, 0xffffffff, 0x1f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast2, @local, [], [], 'vlan0\x00', 'wlan1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'hsr0\x00', 'veth1_to_hsr\x00'}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320)
syz_extract_tcp_res$synack(&(0x7f0000000200), 0x1, 0x0)
pipe(&(0x7f0000000100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
write$binfmt_script(r9, 0x0, 0x4e)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
tee(r8, r2, 0x5, 0x1)
vmsplice(r8, &(0x7f0000000000)=[{&(0x7f0000000140)='b', 0x1}], 0x1, 0x0)
write(r9, &(0x7f0000000040)='g', 0x1)
r11 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r11, &(0x7f0000000000)={0xa, 0x0, 0xfe06, @local, 0x5}, 0x1c)
sendmmsg$inet6(r11, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, '\x00', 0x41}}, 0x58, 0x0}}], 0x6c00, 0x0)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x8000000004)
unshare(0x8000200)
writev(r13, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)
sendmsg$unix(r8, &(0x7f00000002c0)={&(0x7f0000000240)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001300), 0x0, &(0x7f0000000900)=ANY=[@ANYRES32=r12, @ANYBLOB="e5ed14094a0e6f740d432ae7053ed04f4f603d65b010e931230f99380e94e84464691d5d75f137d40cf8e95735dcee504a79af29f1ba170e768af3670ef647cc0f634223572b481b3560187c7725db45122d4722de29084760bd34e8ca51a27a6e4eb98b3cf4b7d16c89dcae7b000000000000c8ee563bc5094e06055c8b602ceac730966188507118e91688be5afe953706a4c3a2449e0bf429374d3e6c1062e93b8919f26ba39467132c67fe2150bdae54fb1b5bbc4a26463e8cd14575e2ce693db2cc7449921778403184f7690d11859415716478dddc1b09c5fa288f62379d7343e2c14b0d622b2ac05ee45f99520e4148b0bb208fe670bbbefcef11a431e372aa68e222ec69acb0f40b1d472e15c98e1657ab5b373bff5de95dccdbce4a8b3b1d23c10acb661e8e83cc6f3d3b6f7e6c5b8af32caab37e5f22b74f1538994e97c8bd91f1ed4aab4eb87cb0f9fc507c19b9683edf20d1ca6e", @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYRES64=r10, @ANYRES64, @ANYRESHEX=r11, @ANYRESOCT=0x0, @ANYRES64=r12, @ANYBLOB="0047b1d19bec420fd311bb340000001cf8fe961a00000000000000000089e24cfc0318ca3f272008fb1019287542b01a2f329923aa3d89753fcb5400"/74, @ANYRES8=r11, @ANYRESDEC=r6, @ANYRESOCT=r11, @ANYRES32=r5, @ANYRES16=r7, @ANYRESHEX], 0xffffffa1, 0x4000010}, 0x0)

5.467696243s ago: executing program 0 (id=2037):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
r4 = dup(r3)
ioctl$PPPIOCCONNECT(r4, 0x40047435, &(0x7f00000002c0)=0x2)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)

5.255978373s ago: executing program 0 (id=2039):
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioperm(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mknod(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000040))
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r4, 0x2)

5.147730929s ago: executing program 4 (id=2040):
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioperm(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mknod(0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)

5.102958785s ago: executing program 3 (id=2041):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b508020000000000db8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff06ffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000080000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x3, 0x10, &(0x7f0000001e00)=""/4087}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.kill\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000012400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000080)='jbd2_handle_stats\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x2a920, 0x80000000, 0xfffffffc, 0x200, 0xffffffffffffffff, 0xa, '\x00', 0x0, r1, 0x5, 0x0, 0x4, 0x6}, 0x48)
socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008802, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000300)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800009d7f000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
syz_emit_ethernet(0x8a, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa00001580e24b0000000086dd60000000005400000000000006000000000000002001000000000900000000000000000200000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000907800071a68dfb6a2a1104d2d8cac39d631ecfaeeff589ef050265d5309cca585a2ba76e597007f533796b7727701f7edfa921059d404f522c3c4c9b37914faae268aae"], 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000002380)='map_files\x00')
getdents64(r8, &(0x7f00000035c0)=""/4084, 0xff4)

4.806102009s ago: executing program 3 (id=2043):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000340)}], 0x1}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)

3.995110091s ago: executing program 0 (id=2044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x11c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0xf5, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @broadcast, @random="90e488f9971a", {}, @value}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x6, "2d5014b2109a"}, {0xdd, 0x61, "4f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24103d4337027917c48d29a186"}, {0xdd, 0x36, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aacda"}, {0xdd, 0x6, "83534cd40fda"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x11c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={0xffffffffffffffff, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @multicast}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1002, &(0x7f00000004c0)=""/4098}, 0x90)

3.95897259s ago: executing program 4 (id=2045):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x12, r2, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.336745303s ago: executing program 2 (id=2046):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$SIOCX25SSUBSCRIP(0xffffffffffffffff, 0x89e1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000001b7040000000000008500000033000000850000007d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r4, r3}, 0xc)

3.285466135s ago: executing program 3 (id=2047):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x800)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="02446162741ea7b979dc11c79c20e73305", 0x11}, {&(0x7f0000000200)="fd", 0x1}], 0x2}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)="8d483c1013f2f308771c0e5786ab4520e3c15984ceeb834087bc90dfa43ffadb37867605e5a965abda3deb52e6ddb8defb9a383ea1c9aaf5bd2994aa5269fb003646501a8a955950352a336cb70a452da05d5e9f4ea3eb6251fef9c9dcc703cfe16a7a79aa7978ace556d7c0b4b67dcf168aec2702361977cfe379ff046fbcd6d36f57f2338509b8e7dba15265b03f5dc103d52f8e417932ec76447b03924c2e325d4ea40ebdc2420a9524a3ba7efcccffa45b68cbb4", 0xb6}, {&(0x7f0000000300)="f6298884ec1ca5647787842078f2e819674e60c84a063e1c7d39a2b141a9e3b617b7a3004da22b961184273abc81cd0e32fb8eb6f6d2895d", 0x38}], 0x2, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x30, 0x1, 0x1, [r1, r1, r1, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48, 0x810}}], 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x54, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0x2, 0xffff}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x5, "ac80344e3f40e514717145f3d360bdaf"}}}, @qdisc_kind_options=@q_atm={0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9a2}]}, 0x54}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0)
epoll_create(0x7fff)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f00000001c0)={"fe403ca4", 0x0, 0x5, 0x81, 0x0, 0x7, "de6c0a5bcee099303c9842579a1c19", "dba0a737", "4da264d5", "e75aef41", ["4fdd51b5a333d64fd52f79de", "0c13895a26e4cb6b2f9782fc", "674a440d6cdaaf6be57cc8cd", "2d66d59cea6bb67af44fa6da"]})
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f0000000140)={"04f16c91", 0x0, 0x0, 0x0, 0x0, 0x0, "6f99e65664cdfb5f24cf398a3f7a92", '\x00', "246a8a96", "12caa207", ['\x00', "9d09b43157145fa9a5c56bcf", "2b4af2886e6d02546f0ad9b4", "000000010100"]})

3.103853797s ago: executing program 0 (id=2048):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a0000080480020009", @ANYBLOB="e757"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, 0x0, 0x0)

2.931675482s ago: executing program 4 (id=2049):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x10)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000140))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x0)
r3 = socket$inet6(0xa, 0x0, 0x0)
sendmsg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x208}, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000140)='./file0\x00', 0x810, &(0x7f0000000380)=ANY=[@ANYBLOB='dmask=00000000000000000000007,utf8,iocharset=iso8859-1,allow_utime=00000000000000000002001,fmask=00000000000000000000002,allow_utime=00000000000000000000005,umask=00000000000000000000001,gid=', @ANYRESHEX, @ANYRESOCT=r2, @ANYRESHEX, @ANYRESHEX], 0x1, 0x14fe, &(0x7f0000002a40)="$eJzs3AuYjVX7MPB1r7UexjSxm+QwrHvdDzsNlkOSHJLkkCRJkuSUkDRJkpAYckoakpDjJIkhJIdpTBrn8yHnJHmlSZKccgrru6be9/N/39736/t/b9/f9/3n/l3Xuva6Z+977Xvte8/s53nmuvYPPUfVa1G/djMiEv8W+O0mWQgRI4QYJoQoIIQIhBCV4yvH59yfT0Hyv/ck7M/1SNq1roBdS9z/3I37n7tx/3M37n/uxv3P3bj/uRv3P3fj/jOWm22bXfQGHrl38PX/3Iw///8byS43+ZsN5W7q9Z9I4f7nbtz/3I37n7tx/3M37n/uxv3P3bj/uRv3n7Hc7Fpff+Zxbce1fv8xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMsdzvurtBAi5zb4Vw9O/q+tjTHGGGOMMcYYY38On/daV8AYY4wxxhhjjLH/+0BIoYQWgcgj8ooYkU/EiutEnLhe5BcFRETcIOLFjaKguEkUEoVFEVFUJIhiorgwAoUVJEJRQpQUUXGzKCVuEYmitCgjygonyonyooKoKG4VlcRtorK4XVQRd4iqopqoLmqIO0VNcZeoJe4WtcU9oo6oK+qJ+uJe0UDcJxqK+0Uj8YBoLB4UTcRDoql4WDQTj4jm4lHRQjwmWorHRSvRWrQRbUW7/6P8l0Vf8YroJ/qLZDFADBSvikFisBgihoph4jUxXLwuRog3RIoYKUaJN8Vo8ZYYI94WY8U4MV68IyaIiWKSmCymiKkiVbwrpon3xHTx/si/vaJpYraYIz4Uc8U8MV98JBaIj8VCsUgsFktEuvhEZIilIlN8KpaJz0SWWC5WiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK1im/hcbBc7xE6xS+wWe8Re8YXYJ74U+8VX4oD4+j+Zf+4f8nuBAAESJGjQkAfyQAzEQCzEQhzEQX7IDxGIQDzEQ0EoCIWgEBSBIpAACVAcigMCAgFBCSgBUYhCKSgFiZAIZaAMOHBQHspDRbgVKkElqAyVoQpUgapQDapBDagBNaEm1IJaUBtqQx2oA/WgHtwL98J90BAaQiNoBI2hMTSBJtAUmkIzaAbNoTm0gBbQElpCK2gFbaANtIN20B7aQwfoAJ2gE3SGztAFukASJEFX6ArdoBt0h+7QA3pAT+gJvaA39IaX4WV4BV6B/lBHDoCBMBAGwSAYAkNhKLwGw+F1eB3egBQYCaPgTXgT3oIxcBbGwjgYD+OhppwIk2AykJwKqZAK02AaTIfpMAM+gA9gFqTBbJgDc2AuzIN58BEsgI/hY1gEi2AJpEM6ZMBSyIRMWAbnIAuWwwpYCatgNayCtbAO1sIG2AgbYDNshq2wFT6Hz2EH7IBdsAv2wB74Ar6AL+FLSIEDAPq3d9whOAyHIRuy4QgcgaNwFI7BMTgOx+EEnIRTcBLOwBk4C+fgPJyHi3ARLsGLCd8131N6fYqQObTUMo/MI2NkjIyVsTJOxsn8Mr+MyIiMl/GyoCwoC8lCsogsIhNkgiwui0uUKEmGsoQsIaMyKkvJUjJRJsoysox00snysrysKCvKSrKSrCxvl1XkHbKqrCY7uhqyhqwpO7la8m5ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+ZBsKgfAEHhE5nSmhRwJLeUoaCVbyzayrXwLnpDt5RjoIDvKTvIpOQ7GQhfZ3iXJZ2VXOQm6yeflZHhB9pBToad8SfaSvWUf+bLsKzu4frK/nAED5EA5CwbJwXKIHCrnQl2Z07F68g2ZIkfKUfJNuQTekmPk23KsHCfHy3fkBDlRTpKT5RQ5VabKd+U0+Z6cLt+XM+QHcqacJdPkbDlHfijnynlyvvxILpAfy4VykVwsl8h0+YnMkEtlpvxULpOfySy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+bncLnfInXKX3C33yL3yC7lPfin3y6/kAfm1PCj/Ig/Jb+Rh+a3Mlt/JI/J7eVT+II/JH+Vx+ZM8IU/KU/K0PCN/lmflOXleXpAX5S/ykrwsr0gvhQIllVJaBSqPyqtiVD4Vq65Tcep6lV8VUBF1g4pXN6qC6iZVSBVWRVRRlaCKqeLKKFRWkQpVCVVSRdXNqpS6RSWq0qqMKqucKqfKqwqqorpVVVK3qcrqdlVF3aGqqmqquqqh7lQ11V2qlrpb1Vb3qDqqrqqn6qt7VQN1n2qo7leN1AOqsXpQNVEPqabqYdVMPaKaq0dVC/WYaqkeV61Ua9VGtVXt1BOqvXpSdVAdVSf1lOqsnlZd1DMqST2ruqrnVDf1vOquXlA91Iuqp3pJ9VK9VR91WV1RXvVT/VWyGqAGqlfVIDVYDVFD1TD1mhquXlcj1BsqRY1Uo9SbarR6S41Rb6uxapwar95RE9RENUlNVlPUVJWq3lXT1HtqunpfzVAfqJlqlkpTs9WQv640/38j/71/kj/i12ffqrapz9V2tUPtVLvUbrVH7VV71T61T+1X+9UBdUAdVAfVIXVIHVaHVbbKVkfUEXVUHVXH1DF1XB1XJ9RJdUGdVmfUz+qsOqfOqQvqorqoLv31NRAatNRKax3oPDqvjtH5dKy+Tsfp63V+XUBH9A06Xt+oC+qbdCFdWBfRRXWCLqaLa6NRW0061CV0SR3VN+tS+hadqEvrMrqsdrqc9rrCv5VfXlfQf1RfO91Ot9ftdQfdQXfSnXRn3Vl30V10kk7SXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52sk/VA/aoepAfrIXqoHqZf08P1cD1Cj9ApOkWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+pUPU1P09P1dD1Dz9Az9UydptP0HD1Hz9Vz9Xw9Xy/QC/RCvVAv1ot1uk7XGTpDZ+pMvUwv01l6uV6uV+qVerVerdfqtXq9Xq836o16s96ss/Q2vU1v19v1Tr1T79a79V69V+/T+/R+vV8f0Af0QX1QH9KH9GF9WGfrbH1EH9FH9VF9TB/Tx/VxfUKf0Kf0KX1Gn9Fn9Vl9Xp/XF/VFfUlf0lf0lZzDvkAGMtCBDvIEeYKYICaIDWKDuCAuyB/kDyJBJIgP4oOCwU1BoaBwUCQoGiQExYLigQkwsAEFYVAiKBlEg5uDUsEtQWJQOigTlA1cUC4oH1QIKga3BpWC24LKwe1BleCOoGpQLage1AjuDGoGdwW1gruD2sE9QZ2gblAvqB/cGzQI7gsaBvcHjYIHgsbBg0GT4KGgafBw0Cx4JGgePBq0CB4LWgaPB62C1kGboG3Q7k9d3/uzhZ90/Ux/k2wGmIHmVTPIDDZDzFAzzLxmhpvXzQjzhkkxI80o86YZbd4yY8zbZqwZZ8abd8wEM9FMMpPNFDPVpJp3zTTznplu3jczzAdmppll0sxsM8d8aOaaeWa++cgsMB+bhWaRWWyWmHTzickwS02m+dQsM5+ZLLPcrDArzSqz2qwxa806s95sMBvNJrPZbDFbzTbzudludpidZpfZbfaYveYLs898afabr8wB87U5aP5iDplvzGHzrck235kj5ntz1PxgjpkfzXHzkzlhTppT5rQ5Y342Z805c95cMBfNL+aSuWyuGJ9zcJ/z8Y4aNebBPBiDMRiLsRiHcZgf82MEIxiP8VgQC2IhLIRFsAgmYAIWx+KYg5CwBJbAKEaxFJbCREzEMlgGHTosj+WxIlbESlgJK2NlrIJVsCpWxepYHe/EO/EuvAvvxrvxHrwH62JdrI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsjs2xBbbAltgSW2ErbINtsB22w/bYHjtgB+yEnbAzdsYu2AWTMAm7Ylfsht2wO3bHHtgDe2JP7IW9sA/2wb7YF/thP0zGZByIA3EQDsIhOASH4TAcjsNxBI7AFEzBUTgKR+NoHINjcCyOw/H4Dk7AiTgJJ+MUnIqpmIrTcBpOx+k4A2fgTJyJaZiGc3AOzsW5OB/n4wJcgAtxIS7GxZiO6ZiBGZiJmbgMl2EWZuEKXIGrcBWuwTW4DtfhBtyAm3ATbsEtuA234XbcjjtxJ+7G3bgX9+I+3If7cT8ewAN4EA/iITyEh/EwZmM2HsEjeBSP4jE8hsfxOJ7AE3gKT+EZPINn8Syex/N4EX/BS3gZr6DHGJvPxtrrbJy93ua3Bew/xkVsUZtgi9ni1thCtvDfxWitTbSlbRlb1jpbzpa3FX4XV7XVbHVbw95pa9q7bK3fxQ3sfbahvd82sg/Y+vbev4sb2wdtE/uYbWoft81sa9vctrUt7GO2pX3ctrKtbRvb1na2T9su9hmbZJ+1Xe1zv4sz7FK7zq63G+xGu89+ac/bC/ao/cFetL/Yfra/HWZfs8Pt63aEfcOm2JG/i8fbd+wEO9FOspPtFDv1d/FMO8um2dl2jv3QzrXzfhen20/sAptpF9pFdrFd8mucU1Om/dQus5/ZLLvcrrAr7Sq72q6xa/9nrSvtZrvFbrV77Rd2u91hd9pddrfd82ucs4/99it7wH5tj9jv7SH7jT1sj9ls+92vcc7+jtkf7XH7kz1hT9pT9rQ9Y3+2Z+25X/efs/fT9rK9Yr0VBCRJkaaA8lBeiqF8FEvXURxdT/mpAEXoBoqnG6kg3USFqDAVoaKUQMWoOBlCskQUUgkqSVG6mUrRLZRIpakMlSVH5ag8VaCKdCtVotuoMt1OVegOqkrVqDrVoDupJt1Ftehuqk33UB2qS/WoPt1LDeg+akj3UyN6gBrTg9SEHqKm9DA1o0eoOT1KLegxakmPUytqTW2oLbWjJ6g9PUkdqCN1oqeoMz1NXegZSqJnqSs9R93oeepOL1APepF60kvUi3pTH3qZ+tIr1I/6UzINoIH0Kg2iwTSEhtIweo2G0+s0gt6gFBpJo+hNGk1v0Rh6m8bSOBpP79AEmkiTaDJNoamUSu/SNHqPptP7NIM+oJk0i9JoNs2hD2kuzaP59BEtoI9pIS2ixbSE0ukTyqCllEmf0jL6jLJoOa2glbSKVtMaWkvraD1toI20iTbTFtpK2+hz2k47aCftot20h/bSF7SPvqT99BUdoK/pIP2FDtE3dJi+pWz6jo7Q93SUfqBj9CMdp5/oBJ2kU3SaztDPdJbO0Xm6QBfpF7pEl+kKeRIhhDJUoQ6DME+YN4wJ84Wx4XVhXHh9mD8sEEbCG8L48MawYHhTWCgsHBYJi4YJYbGweGhCDG1IYRiWCEuG0fDmsFR4S5gYlg7LhGVDF5YLy4cVworhrWGl8Lawcnh7WCW8I6waVgsfe6BGeGdYM7wrrBXeHdYO7wnrhHXDemH98N6wQXhf2DC8P2wUPhBWCh8Mm4QPhU3Dh8Nm4SNh8/DRsEX4WNgyfDxsFbYO24Rtw3bhE2H78MmwQ9gx7BQ+FXYOnw67hM+ESeGzYdfwuT+8PzkcEA4MXw1fDb2/Xy2OLommRz+JZkSXRjOjn0aXRT+LZkWXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a9r59XOHDSKadd4PK4vC7G5XOx7joX5653+V0BF3E3uHh3oyvobnKFXGFXxBV1Ca6YK+6MQ2cdudCVcCVd1N3sSrlbXKIr7cq4ss65cq68a+vauXauvXvSdXAdXSf3lHvKPe2eds+4Z9yzrqt7znVzz7vu7gXXw73oXnQvuV6ut+vjXnZ93Suun+vvkl2yG+gGukFukBvihrhhbpgb7oa7EW6ES3EpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Vpbppbpqb7qa7GW6GnulmujSX5ua4OW6um+vmu/luQeICt9AtdIvdYpfu0l2Gy3CZLtMtc8tclstyK9wKt8qtcmvcGrfOrXMb3Aa3yW1yW9wWt81tc9vddrfT7XS73W631+11+9w+Ldx+d8AdcAfdQXfIHXKH3bcu233njrjv3VH3gzvmfnTH3U/uhDvpTrnT7oz72Z1159x5d8FddL+4S+6yu+K8S428G5kWeS8yPfJ+ZEbkg8jMyKxIWmR2ZE7kw8jcyLzI/MhHkQWRjyMLI4siiyNLIumRTyIZkaWRzMinkWWRzyJZkeWRFZGVkVWR1RHvi20PfQlf0kf9zb6Uv8Un+tK+jC/rnS/ny/sKvqK/1Vfyt/nK/nZfxd/hq/pqvrp/3LfyrX0b39a380/49v5J38F39J38U76zf9p38c/4JP+s7+qf89388767f8H38C/6nv4l38v39n38y76vf8X38/19sh/gB/pX/SA/2A/xQ/0w/5of7l/3I/wbPsWP9KP8m360f8uP8W/7sX6cH+/f8RP8RD/JT/ZT/FSf6t/10/x7frp/38/wH/iZfpZP87P9HP+hn+vn+fn+I7/Af+wX+kV+sV/i0/0nPsMv9Zn+U7/Mf+az/HK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/znfrvf4Xf6XX633+P3+i/8Pv+l3++/8gf81/6g/4s/5L/xh/23Ptt/54/47/1R/4M/5n/0x/1P/oQ/6U/50/6M/9mf9ef8eX/BX/S/+Ev+sr/ivb+GF9EZY4wxxv6/of7g/gH/5GfyryPHQCHE9TuKZv/jmpsK/TYfLBM6R4QQz/bv+cjfRp06ycl/+yqBLCWCkouEEJGr+XnE1Xi56CSeFkmio6j4T+sbLHtfpD9YP3q7ELH/ISdGXI2vrn/rv1j/iafGZ1QJz8f/L9ZfJERiyas5+cTVeLno9Ov/aDuKSv9i/cLt/6D+fN+kCtHhP+TEiatxTv2+wG/zJ8VzIunvHskYY4wxxhhjjP1msKze/Y/On3POzxP01Zy84mr8R+fnjDHGGGOMMcYYu/Ze6N3nmSeSkjp25wlPePL/1kRdy1/Pa/2XiTHGGGOMMfZnu3rQf60rYYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGcq//iq8Tu9Z7ZIwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq61/xEAAP//aIcwug==")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r4 = open(0x0, 0x0, 0x0)
getdents(r4, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

2.93004454s ago: executing program 1 (id=2050):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x168, 0x0, 0x321, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x13e, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @broadcast, @random="90e488f9971a", {}, @value}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x6, "2d5014b2109a"}, {0xdd, 0x48, "eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602f"}, {0xdd, 0x61, "4f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24103d4337027917c48d29a186"}, {0xdd, 0x35, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aac"}, {0xdd, 0x6, "83534cd40fda"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x168}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003100)={@ifindex, 0xffffffffffffffff, 0x11, 0x10, 0xffffffffffffffff, @prog_fd}, 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl0\x00', 0x0, 0x2f, 0x6e, 0x1, 0x2fb, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x80, 0x800, 0xe5b}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081780000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afc0513466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea01d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a07f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a126a1bdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0d5d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f10bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d00b07862c4fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52c094016406cdd32abf77fea373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515dca8811922929e08538fab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f57cbc05cd897f40693ec427ea71578130cde48de3b4dda0c7b615b57ccd4f8ac729a80f891d91a89d967948b9d95b1f22480ab48969e86b854a8c17f3e264ce11f9f63552364e759eec94572f2f7b0e2f293573d0b80709815f4344f908c00"/2646], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r6, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2000b0086dd6012000800383a00fc010000000000000000000000000000ff0200000000000000000000000000010100007800000000600ad91500002c00ff010000000000000000000000000001fe8000000000000000000000000000040000009000000000"], 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00e7ff0000000000140003007465616d5f736c6176655f300000000008000a"], 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1002, &(0x7f00000004c0)=""/4098}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)

1.963688427s ago: executing program 1 (id=2051):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0xcc71)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102370, 0x18fe2}], 0x1, 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000500)={0x40000000, 0x0, "0a1f511f900700427ff44fba1abc61019d30fd87819aba0a3fb25f2167d30b0e"})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]})

1.869706753s ago: executing program 4 (id=2052):
pipe2(&(0x7f0000000300), 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002bc0)={0x2020}, 0x2020)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fanotify_init(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c80)=ANY=[@ANYBLOB="bf16000000000000b70700001f0000005070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3010100bd2321afb56fa54f26fb0b71afe6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a49ef23d410f6296b32a834388107200759cda9036b4e369a9e152ddcc7b1b85f3c4744aeac698890c864d59887a59905f1e07f40b1cd3641f8c192c368590f894cd4e1110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967dec6e802f5ab3eea57b09a2ed4048d3b867ddd58211d6ececb0cd2b6d357b85a0218ce740068f4025c0bf1aad90738725837079e468ee207d2f73902fbcfcf49822775985bf31b715f5888b24efa000000000000ffffff010100000000000000000000000000020000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9736bdeab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cfe36bc120e3b39a6e5a796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f7da31cf41ab11e0a494034127dd1c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a74e04bde74fa4ffa4d9aaa705989b8e6731e2401b6a560e3296e52d337c56abf112874ec309bae5fa4c81e5c9f42d9383e41d277b10392a96286744f839c3f128f8f92ef992239eafce5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7b06000e3b1c39b2e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec737555393c61a008280b064bda144910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bf6cf03b5ed04465746ff8809c3a0d46ff7f000000000000ad1e1f493354b2822b9837421134c0167d78e6c24ed0a2768e827172ea3b774a1467c89fa0f82e8440105051e5510a33dc5a5e143fbfff161c12ca389cbe4c51b3fa00055cc1b66c5fd9c26a54d43fa050645bd6109b113be7664e08add7115c61afcb718cf3c4680b2f6c7a84a4e378a9b15bc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f841ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79e184f5e93ba5c8c2a4c0443fb652b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e13d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb5288aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6640a9dea0b6c91996d65da6c24a8f2a86c814459f3cdaaf99000000000000000000bf2130d1b32c826563c508d0ad23bc83ba3f3757210afcf2a64783057e177615c068bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd13ab52f5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4acff8f6abe7dbad64d7cfa6396a6ab8487c383e24d4a8051f80e1811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783499d4411ccbbeed215b745058e56c70afe8016b3dd359e785b36e609f173cc6b893ecd138289709839af6c95fbed6c33e401ec747820d6a6283b3452c57a5d44cacd363589845637071320921d22c1663964ed0700000062f3d90f0eb634ae331385d502fc7cc33158bc306d8c3bdae8108a2380000000000000008832ec0906aaec43659c79c8adfdeb1fd291c6fc6737b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c81eb7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9edfe6dca9c43907f3a85cf655ccd9d624e8c6f7932c4d719347f39ef006c2df747e27a2d16304fa000008ffffffffffffff003049ca923d059c0ab5d886a491adacb7e4b43b1b57776e5fe25cf105fa57f000756755b7230e2c0c1fed5487271c4f2981cf8f4351ef5d08641dacaed0000800b805fbd1b474c9ed0dc19ad6e99b66ee0f8c9d697655ebdf5ef30d1b92bd283df88c1096d4bd3686e18ab07f9b580afbd4bd4d8979686422849b04024f609a7b76e902d35343793d99fe395ae73166187c64a501c1f4bb736fcf1dfde7da6bea1945a14f1c578093e6cfb4702a95fb4f653064244950ae227f2a22678e2ff4699bfcba3b7d5656d9be441d07cc3ba51f5b9e825fbec6aee7f9e1b04cdabf99bd760036f74dec91d341c885e785c8517cc50138be2447fa04b77acd2fd078f1da244051e44b5a881197733ba420c9d6b02fd01fa9369f8d3310be2ff1ad5952e025ce59c2dc8327d26fc4facd5915007d22dfccf67dfb53ae2f72a0812ad121fc7de5aba071b83ebf271a5140c6a0b115bd05d7fff46fe144d9fac4ee0a7a2f7242737fd622dc74ca2d79585d4c821d2294b779eebbaac7d81cdaa5ac506ab269be6ff4f7dd9d5ce2e0b1eef2"], &(0x7f0000000140)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r2, 0x7, 0x0, 0x0, &(0x7f0000000040), 0x0, 0xffb0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x3b7, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729a81e4ef2fed2f18732f0038e079e561eea96eb665219070f42139c627dd5f185d23fdc316d38eb99826bcb63938d6cd1af3b5274f57009f87854ad98bef03025c32e7aa4a721d28e94ec5feff3a279c2e1c18002e39eaaefec3dfd1eae45a61e4283e8a7ef1eaf70d93a0333a9ff9ef048332f3fcc797076f8c0285854"})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0x91, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7f, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, ';'}, {0x5, 0x24, 0x0, 0xfffe}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x0, 0x2f}, {0x6}, [@mbim_extended={0x8, 0x24, 0x1c, 0x3, 0x0, 0x1ff}, @network_terminal={0x7, 0x24, 0xa, 0x7, 0x0, 0x7}, @network_terminal={0x7, 0x24, 0xa, 0x6d, 0x0, 0xfe}, @mbim={0xc, 0x24, 0x1b, 0x100, 0x59d}]}}}}}]}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x8, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_DATA={0x4}]}}}]}, 0x38}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000b00)={{0x12, 0x1, 0x0, 0xa5, 0xaf, 0x5f, 0x20, 0xe8d, 0x23, 0x3aab, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x56, 0x0, 0x0, 0xa}}]}}]}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=ANY=[@ANYBLOB="00000000000080000000148a3045e2d59b2f835be5ea0e158eca154cbab5354fbf743f5fc122403262404ab03d579ff00ae8803b1d4b880ed1f02b5aa5b0c2883f9126da4a26a5f382ff54dd48e667192a", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001100028005000100030000000500150000000000"], 0x44}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000040), &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x801, 0x84)
syz_io_uring_setup(0x1fbf, &(0x7f0000000040)={0x0, 0x0, 0x140}, &(0x7f00000000c0), &(0x7f0000000100))

1.191105544s ago: executing program 3 (id=2053):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$kcm(0x10, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
syz_emit_vhci(0x0, 0x5a)
bind$netlink(r3, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = dup(r2)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000002a000900000000000000000004"], 0x30}, 0x1, 0x3000000}, 0x0)
syz_usb_connect$uac1(0x5, 0xf0, &(0x7f0000000340)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xde, 0x3, 0x1, 0xd, 0xa0, 0x7, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x4, 0x4}, [@mixer_unit={0x9, 0x24, 0x4, 0x2, 0xdc, "7118ce1a"}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x203, 0x5, 0x8d, 0x6, 0x80, 0x9}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0xfe, 0x4, 0x49, 0x95, 0x5, 0x3}, @feature_unit={0x11, 0x24, 0x6, 0x1, 0x3, 0x5, [0x3, 0x6, 0x6, 0x2, 0x5], 0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x6, 0x3, 0x9, 0x5, "3511c396221085c831"}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0xb924, 0x9, 0x1, "9f4c3277"}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0xf691, 0xd50, 0x6}, @as_header={0x7, 0x24, 0x1, 0x6, 0x14}]}, {{0x9, 0x5, 0x1, 0x9, 0x800, 0x4, 0x2, 0x3, {0x7, 0x25, 0x1, 0x2, 0x5, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x5, 0xf2, 0x5}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x7, 0x1, 0x10, 0x7, "80", "8b"}, @as_header={0x7, 0x24, 0x1, 0x7, 0x33, 0x2}, @as_header={0x7, 0x24, 0x1, 0xe4, 0xc7, 0x2}]}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x49, 0x7, 0x4, {0x7, 0x25, 0x1, 0x0, 0x5, 0x4}}}}}}}]}}, &(0x7f0000000540)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x110, 0x2, 0x0, 0x7, 0x40, 0x4}, 0x50, &(0x7f0000000240)={0x5, 0xf, 0x50, 0x6, [@ssp_cap={0x1c, 0x10, 0xa, 0x20, 0x4, 0xa, 0x0, 0xa9, [0x3fcf, 0xffc017, 0xff3fcf, 0x0]}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "8819c7ac774913570bcd00cdfa173cae"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0xf7, 0x58, 0x4}, @ext_cap={0x7, 0x10, 0x2, 0xc, 0x2, 0x3, 0xbc2d}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x0, 0x2, 0x2}, @ptm_cap={0x3}]}, 0x3, [{0x68, &(0x7f0000000440)=ANY=[@ANYBLOB="680343f171bb752d4410e936e13cde6ddf5679bd404328ea815224326565a3cdfee2dec3d497f5620e6d64cfc442cbb2ee4101c07c6c9056a7201ce4b01f43b69938c984cc664eb87afb74881a207c8cdf1bd5ea373e5210a97f51eb786616ff8b37f1078dbfdcfa"]}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x444}}, {0xa, &(0x7f0000000500)=@string={0xa, 0x3, "7fc448d21d0a7bc4"}}]})

902.152383ms ago: executing program 1 (id=2054):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x1}]})
write$ppp(r0, &(0x7f0000000140)="1627", 0x2)

831.895441ms ago: executing program 0 (id=2055):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x6, 0x15, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f900001ab703000008000000b704000000001500850000003300000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

647.506224ms ago: executing program 0 (id=2056):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
r2 = epoll_create(0x47f)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000540))
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x1)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640), 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000060c0)="970b180393e57da0084004606e0f7eb55b4379b678ec58dd5832867fc4741e325499108ee901f5ade42a10a2a5ca59b706328aca067422dcda816a63687f6b445fdf7c8c4c158921aab593be18f8f3e3a72a3c634c089c468f2afa55a47fcb36c8ec931a3b8e995ca8f9da378136eee8d00878a33e262e3718e8829586fb5a3bdd2143ea5a880a6322892369f494dd40593794a88b4f0e69dfc3d573117dc27d511cb0b7e7d1c13dac381d4472cb9eba0637c9611565d496c7a6936582144f524085bf34af3a90ac0a0db2f79a423fa8b797909b65b72ee23068ebf92a9ae53fdeca4a47ec6838e363039c63988cf6f4f393f907cff08e13520751cfa3bfeb452f120d8a5f462b040f8537f7add203eb2b2f5784376b4e0d85c027c4e0d5817ce1db986581a147a5c7e820212907992afff07f13a43b2a2c23e6f61d7bdafdea1d396e0fa1e79afd07195dfdab53cbe75d4b96971caef941b69525b87d59fcb99bfb348a12236968f9dacbfbdc4d9b0b01df755ba3b6c320a29e5bc23bd6b20f3b27dc3d63d2d2ef11865347c5ca1504ded5d549e17e1194d717c79bc330ebfc3929d079152f51f3ab9701a3241c7df4130027ca1a6d0e6b5f2f2c3b659cbea4cef19728b45f1325e04151af66111cabddafa17b90f193c52d1c4fb646f99fd42d77a3f16c05a491a775962a2a4ee9f9f6c1a5eaa68305a88add9d6f35815f37cadae92293a0db1613662f145991ba5fd632c4a170588f8265e11b3e1a4ff2b17f3664b98d9c6f54a356f19a9b72175e7eb46ff4330812993886cd7b42ffdc3767a4ac16dd21d76417b70cfe97ad6ad0ddea7284d0e3ecf0c6c6b57833f65963f3764e297c994e0181bbf693c8fc0e57fc15b2ad776a00c19a805a906ffa80efa4116d5f5c9863a74bb340008d958db841c5f1e3b286afac717ceabcc7310e75e45b61215f6ba0bb496bd5e094b6139326758c1d81b176e11da5eda522f05346e1a71a6358b4c9b7653a66ae7153858fac4695d64fe2962b0d62d6d8aac14cf9cd2199fb039b54b64f5085434b2339f90bc11f2e407a6e84557de9a7a7edcc3b15a7798cbc68c1b1e1a822103bd43b656e933bfe886736a2bda6ccb228a8e4fae5956673db0105999017d8b68159f7a9480fd2ca70bb7e9fbc8f4f1c3581b1f528c8fb5b5d6beb769dd5e9650739f3cfcb61ab7b066c342a6c6886b0bd83f399e3eb74d2cafce7fc76febe624a37e185924afa8695caa7d3c1a97fd6684979ef33957a334fbf10c7a9bba18397082580df2425129a87c4868d41d1bcda8a7faaf1afd492cb4c83b7c5ce7a950f92186cc07bf27dcf58ac56506f2453399070ae8e5b009e40eb1970bbe8a1c9f3befb54255602bd191bd46c56c0fda2842462c0b68884f9a922d2a8b161aa9ca2c0c52bcfa26b7b7a152f2ccd16ec4974361f7322dc3b345e926e1a1b56200dc425e2e03c3d7194f9cbd321e10de387adf9790a5706bcf05d9b8c16e40e5633c44553c2aa8611f7656fc732b5dfce1eaf212d2521eb013fcf154d251553ba7a6a1f7ba8b7ceb3a1df621376543a451fe76671beaab4833f1be28247919c7cdf4177e2c9cca78ce52b5a7e4dde913dd8b13ce861bbf7048822041f4b29b3441b4880a8f7a4a289ad3c6258494e7736e48373408d248c3b033372ebdb3d9a406869445b5d956434a576b83d4a7e7b47ae8c69f50be20ea56f171e592e114602ed4f47e86dc34008770940adb4f0167811c474ada06693b55f567cc3201f97c08a3711dca486a86c367f59ce44259c1d71cdb135aa8630c4cae61ad07998a2f781ff87c946e8aef9bde6d4738bc009fc43fd176bc38756a0ca48c382395b48bc55da32892551ecdd0bd3f4c69a79bbe600f4103f21e443821492b92516833b231942e91a39e7401a42ba3e99a3a2fefa6167365b9050305b6f09a013f41e764a80f422cce051e5b30ba6528540ee5d4ea5872572c85f321b68e730f40f64b648be31a9e530718ec17443a1a4dcdb79cf799cfa75d0bfa0fde71828d8f51e38dc3d1d77430ceed007426f689d5843c34afdec5dde3e480a36ffa25db4b3483cde91e56eee8756dd953a3abff11bd7901d6b37c8371b023d7457361908576f92990f19e9f48dc58ca550e61a035161f1539b14b7bcce535b3a3783021094129f312c03e51df62579ae9423927021e8bcf530116f3658a1e94d39a800452f7461d2f001f86b911a8a14b9e61c2fd8f959ea40793df240aed5e5862ea59d78fb235788c1ba3c0ec44fbefc29c2e6f22d70849750625c3c15227579d42858b5fac30bbe86491697cec1c4543addc1f50202fdf77a6d2d23e70ed611a63368694e459012ebdbe71c4f702980d7ae63aaee33d5f8df5fce071c73cd918991c6ba2f95f33a9917a22c9e7342dd492c9e2c2f6457c3a48f35edc1720f2224f2af2ef4c0a38b75ce27aae5d5ef615920ab9245851590cdcdcfaa7e5a66b73f5a0a1bcf1bab66ecdfc0dcbd8cebb1b98f6256cea6761c835a761819018fd9c3d2f541eba25abde06f1551328800b1efc04d8e10594dbe95f9f10005cae8c5b27cc18268ebaa4578f9dcfa99aa61567a55b43545ec729764af99d224cfea6a36a93d4f70bae3225256e179e81a0c64dffce9c2141994253af664c33f881aa417fa3b7e9424f1841f1aa845ea0fe05c4e47b318bef60709d6f20c9eee6e8c0c18bd161d3dbe57d82903937e10c41aa9066dcee124354584232afdcb60d185bc39fcc5e7e5124d17e2f998b64836b587cf233469b92af65a70f4a8f35df9e24c7d5d21bda27ae44ce6706f86d3747db675aa329e8b43652bb1e89687dd003dd7924d300f498d444639b3fd413840cfa958e436e5959e95486161af807cbb7304d99284818eabe39493c66664e92143ff41602a3805369f461abeae5e5b6987a20fa47495cbeeeb322c848147dd9a052384a49898138557e10eb015df370d01977083ad24c7defc8c80583d5f5eca20d0853afb9f41c356f8da0e2435d423528f67f091fc614645980a57ed893ded1c3d37881b243b8a5503f45672492f3849895c9377277a91e7090241832629032872294896107628ffd1151c444153f54b484fa3e5ca057cbe073e6039c11b1eceaf7e20eef2576aa99e7a3f36aed9beb089af28d82e2dc5e97da4878b76b5224e1d293f5223c09f715fba13945695a98624eade1381e31c5651069805e6f707811586f5f81e431e8624a608ba1ab405d2593b1f9f667b89d82e60048e4ef3be98bd3078beb4e5e66e8823c8b427d6f84468f1f18f1ff8a8c11515426993334bcbe0c3ba37b91be07eb800fb2e00a24351457d8fc067b4bfec43c0ce8cd26b23bfbb27d3da7bca3efb7fe6f7715760eda4e3a27a7be7419b803667ef6057bdd5d44250b47fa156af04db91fc57f25425b3cfbaf90a840fe5cfcefcd1500cf4908ec4df10c8bc14ec284bb99b13a8f6136e5e1c669806cb5a4a5227f7952c5b605a2b443866fae399a1f8fea323784935c3e5a9ba9e831749efc9b8228421bdb91afed16341962535cebf6fb02679e5412f67db405c90e218789b634d92a41aaf528c92b8bf38b629a1797c036465b77dc3bb124bdddd309136681d3fbe0251698da27c6f89589171e4492209f7eb48d50a161a5135602fca3355f8934f879c54afb91224901b635ed372fdacc9469471225d2ef3c980466027b86cfe3d664071edaa29b47455064a074da56f4e098ddf27984dac546826aed38e464d5c5a79a3ece544cdb3801de0e29bf5164dbcc14578e3e6c44a4a9041e2315f1243358c5949377352911e0a67c6de7e11b0881af528fe478c34909a1178a8a4f7fb727317e4f3981706d9c9215224604c2d6a4faeefc21bd635c8412931ac4feb2c60666672fb6dc5deda0d6c4ce31f2b6cb45907427691488abb280c3fd001f3d7507c0db358af7151d3b8e2e98eb8a78ee69966f7a1307882c5b57530e0dab5c57f84852c42db013e3448da2fb0a754ed97c001f33cca549eb71d7aef88d1ae7fac0d96f334556d75f600a029ed698ce9e4302279999726a57337b9afda0b0292c14d1687a85326120d9fcd84cdc02718f26c12ca28cac81af0dede79685233be41c7269c57100c603a4f9536f757fa753353bd0cded7d4edab29dff6f7dd5faa81078c263c9d1d7e662a0ffae22d8d12e679de9ec6c634ba46ddf6aa86ac0be41cabd9b14fd12107ffce96915fa0154f5b6017fa866d14ff47754a58ba14c1a3eb3f23f040779a788b774604c3a8a7dd818619352cf47849eebfdd3b49b56f376044e7cb218759059fa85057f96c159ccd63ea6cd0bf47781c2d023411854dd3ea46f4913cda9672655e566d2e83fe2e0eb5476bd6fd7a84557e37a4e8d32c75ab51dbffc59f0cebc3edeb395f38f82765ed3cfdce75b2fd570e783c8c3afb31049383af0b51575e5c9dd9332bde6f684a3e11d199f43004439ed535a20c7f2a695cf9b547985421ac62c2289c71491f0617d23cb7a9466c8f0482eb2e8aa782118702761e0267ef500afc52f4a3a7a53ef22aea542f679dc5c751c766e06af453576689c87b3b89c091e5444ff6fb1472fbd271fffb268a2eada125d7acfc70c8ff4cfd3f5421941c2857e54ed0617d6430b806d605c2e508cd5a7764d6ecdc69dbd050a97f8696535585bbb95b66f751566ce612aebce9a0b021f9fbf067870fe447dd05e8c521413e7f27955db3b8239836b6ad120f5fb48e9003bd19b05f94752743d89bdc5492c2ca1bc3133fe0ceb29451900e2ac713cf2cbc3a531048a473a195ad40c685b539f806f434c9e2cb6a8a25df84d41c13d1ceb90de1a3efecd06a53ac9a32654d1ece86dcf6fa17ea6a4f367f9b360b3e26514bf94af1f52d9c0b0691241e3c6c302e7054bb738cb234019c0e45a7db270ab9d75df73568f25579d33e7b42743c924b1f888df85c6166228f5391962b689f0a4d9683b43ddc98982a820b5c60d9c4e3997cd2212fc3850b2bd41342ccbefc1e4ec2ad7ae285f156f4a4f383281018c73ca4f2e9d255487a9717dd39cd744a000c68c53f82a22a08bcb734b5bbb8364180991140c2e727dfce4b19e70c968c97393b56019ef84688772d488b9bd6fa9354ab64f731e6adab543851e5ca1470fd13d0334ba025b57db5d9ea13c970642726284fefddab8fdf7155f5b8e3b3b86d098c4207b428bffcc7ff76f6397b6a3efc3c0b0fb2a4343b4051271f87e384c2b659086ba668c66a15d68b87faf82a60b184f27256e36a9ada7c4422754be56dbbab50ed781f36e40ded65a30378003de5b5cd5f80a6042613c76e80851312c7ed2c07b762b85a1b6928a7b2428d2bc7a6bfdfa2ba55aed54fd3c878ec655caf1223245433b7c6fc2a2d3b0393d7ba4e12f26a53b9d5afdbab230b9148f061df2e1c0fe73c2abcd142125367fa5e598e500263d9b27e759c08b7debee4695a5b192d968108c134241f236cae0434ed71e5099cd466cfb04d5f7cef2e94683172f82a9841610cb6fe55d4bfe73920992bb76f362b9cf7919c906495d4b37a915d23168fd7ffc2f36de55a1b17fa2232df03663ffa2a4c5e76aad90fd5abc80b6dfc16ec6aa328cc7714dc2d7bb14aae9f86c999e93a59fd18fb2300539bca25e69b04943a16c985ff481a42c9d8af43eb61ef7432b8e3aa5bc391c181b7d546b94ac659bc4b501157d3adf9d4cda4e298a4e4271fa2cd08919b055eb3f168df76c1f0b0d5cf5760b56774f105e51c93cc03ce97b00768b9620a6fd5162b9d9191ac0928d2460e4e821a276680cedb3b8167bc156b48a34d4c24d4a87fd09968a725d4b6a1b54b169f1e14143e97a84cf3d8eb4ec5458dcd5ff93365396c00533c3493847f595725a4f15300183eac306d16ea136b97a9864d16330d8c5b8321a6947caeb9cdc7ff4e53c419518ce9bc11f7355651be27a2c2b9ff4127ad86b96c1b5967def371d5d6a3f365abaca55c5f19600d1d5051d320b065c2f78f2147c170b9153a0eefd7b3f1e637cac3fff14b0eeaf472e6a6a9f7553ed3267c911d4d77a4f7285b77df725b3a88fbfd221343f656d60b61808b52a8facc81b8516698f2ac50cd8769371e67278c59ab1cc890fab36206b939f23b31ab976651ca8a4e7754bb10d03d4cc6506f13d98f2bda76477a69a8794a34614a88a7ec94e1a229ad6f747724a3bfb674cc87ea0dfb610f66057671f664206672e78c00a3f4585f17fc40827d0c8af88d3437f811274f662e9ee73d550833d0c8fde449089f8b5e8a25d25096537ac960699a07ebb51271a8f8556037436307063282febae745d53f8db65f13f24cc2e525ae465c9bf79f76b82dceada3bf34529321f913dd18548ab2a26f2a065028f46f4dfb18294dff30a7e5b131a08c671787baea45545d15629ec2f435d9138e517055cd48af7120b3b79f2275baed8a4b6a0f33c30890105ae2c07a332df79f2fd6767ecc66f1ed628c968a2685813342677a2823d10263958eee79d03e393a557475701694b5ec3dec8773f37b980f5812f1cbaed6e5253da037b5f88ba2070f445d74907679460dd48e16442d345abbd37f7853ec7123ff16db46c8571987db63ed711d36c05c2dafac47ea366f9467624b6296a2b9fb7056702d4ba38b4df72e7db3244421f31aa0911af3e3a09f9e08e96aa1545c37465f990bab4ee2821b1a701aa707db1dc18d52fcede15245f54a5f1a47b0d82c33fa378625d247b08753ac5fa5444b2e3f9d1d3918b154665b02fba87e39d0e27bdf60b27930eee02c31d847d40166544ab9ef801bd79bcc8d93980354021b8c7a1b9592934a90917db115bcd92068a970680011cb074da705f1cd06a0142862a777c6a47afd38721979323e27151c114e8901d41f79358e78289af10134e22d903415e2ebd2edf34ae10eefeec219db7b13ac983583dd4b02dcc615c6f70e6cf35ea216807c4b9c81482c2b941c7d6cd6621d9480ba924a3372ca3e3ca78438b0e9bf7c8436fcc0047b3bdb8d70190076d9feea778005d5d69f1b1194c76dce628e17b6beb299146b25f3f6660263c23dbcd08f70ccb45569a81a140eff66f2190110cf0977d9df7a2c437042961606ca1a378c8f59a310ad6c9cb4ff30a2d55411eeb38d927bb4d0f60ae75d90ab78dad14097f6dd38f512af2f932e1ad6a5e201180373689981f23bd9f59e4ca29244a8ea4236527fe2249eaa299af174f25b13d72b181c2f421652ece630ee1358098c29f84506654ffad3647792852a7faf107e36ae330886ffcef6e3a1725495e430568a9cd85d385e5a15d2f77ed274be3c8edfc52c230d21785b927bb8e470f989e8c89b01af8d04fc7050fc978013fbc5dcedd2baf5e8bfa8e2e1d3f193c224375db2f71d4655d2f647e9b1739657a0ad8ef6751a88151a3413ab870e0d7ba3f0a55ce3f30d55e8eb9e47e3d82563d9180399e7895490b8561a374acf5c94a1c648fa06780c4141c58ed913fb92865d3b4883301ba69b3f2b20c1f82024bd75e62ce2972d3219bdb961ab3bbac8f1d873ddece6d85f540f82c9d79b0937973335fe05e5c6ad8fcc525620a57678d58c7c2f0f157e03073d01fe4f6de520b390794cefdc6c828b4512fb6b2000d08e38693fa22834e69180d31b3978f9da75389f919a0d49ff961997d14ae6bdffcfb179c2ead52c69dae97416eef2602843dcbe4e5ae613d429feef7ffba6a31a8be8bf2e62c6d374c807363a986519a8cf9dfc99fc6607486e10599ae415b51e23f639194885e5119036e0e535accb4f126b4c45c47a53658af1e049daa2967b01d9450625d92f8f8e9d151633646044fcc5f6ad835479d48702839456decf070c7e6143cd31033810bd7da01c4a2cfb08605b25c00336f17d3b5a3db48866ef864b8d9cea9530429d3fb1afc7ae9e7d06aea9034db89b2ec8fc2a96d8d701fc51994305077dbea527bc0fc398b6bb7d42f0c408be69b98eb173d285fd8010ba75c57f2dd982582153814ff959fccc78aa5f7901357f6129f840af6649534f9ebc7750a20502a7cbf2d2f28c6f97884f43779bbbf93c550f8e79949db0e066538456b4e966761656eb7bebd5afe9b9fc241711b874682b226e9c6baecc1e909858e01b32472f6f8d483c073d3b576a4b03534dc4b620e21e6feb4bb2ddb37e3f0d4ff92c0af19e6087034c72c5928707748bc10ea22788bd938a0e6512cae4733fc1a2e47f3d4961932fe564684872922b44db143bea77580b0704675290e0839cb5ee529ada8b4c0bb14f05c5c396e29376f1ea80dea2852a88ddf8929fd402571fb242ead60d2be61f1662e1a833969e18e23e0b808900e7ed4be9d6944942da7d384739da1055cddc94937e1ea4cd305bf161c407b471df0ce3fb3413c5bd511d3c65e70edeb5397b0a8701538be7d2f1765688cbb0379744281231e60f5edcbfa6abd177405c455f77e30b95011ae4fda2a3c6d3f9a29bfe7656f6afba48358d57b4e1a84ebca241b7a427c6f806d1f771b540912f05a6df0d5223f85639fd7c163799e28abd08e4013aa43ddbc11ccc9d53131ec5c75f7682481968ad13ef34ba23d4759b51c4cac5a7ca2c73b3103c5b9e4b8686b872edcaca791d669589655e239920fc088eeced3a131ddff2eee9fab3cced40163eebfb29a85b3e97bbd97d17c3b06d3123409f115cf3e3d1c74dcc359664ab942e6ab36c41b1af4015ff5baf700eb99abd658e6833039051a235a2f84b70cb8d90271a481ce40e2a18bef8dcf7f54952b090bbaaaad391cb6cfa218a1e823ca7b16311e35e0350dd8016f67ed34771d7f3a607c1c9ed63524ea0c865148b05f1d017e475641b5076df632b7c261ef54c23eaf7cf52c22864a8ae8f8c3442d147fd52a801f87665b47e229a77b8e85c21d7996c7de9ac4899b098380f74eff119369c81b21b0b916017d0b604ca2a74b1424a4c3132d265d12a01ec2e8cff9809ed2f7891c55bc5cb932c6ea3cdba14cef47a2a0521e36869e9d62914447c3e6cf3da9ecaed915dec41e81605a46a4ec71a8b5ec0bc2f62b3237de7203e4b6d01bc32a5b2dc416623936a324b73e0c63ec414ce1bb4b344db85f014979ae866c4a2c2cce0f814862c0691883dd2d7bcd63fdf2ddf0cb2c6a1a10aa878ba997b74db8e894e4a7ed5e8ea1e3c0b602bae23c6c8c5f38b919aeef5625501fe5d4759c43e90de56122f3ecf87e8023f25e0d3ce64ab629409e881d2d1c5f083da90d45907e62ce3177f7982e514779a13f70bc207d9aa55835e37a5f4782242681ff46600ac9e63f90a245957440987b54b3678ae808c481d25755dba747cd7c3cc0fafb9a142e1ec1a9a5f81b5cdd6dbbc3a4ba5d49f58be6196c305e2af35fdbfbbae02cc4efe771d65e6000ec3f6cf394650f5144308c95279b9df3b29236a32ad3e9cd377296a4252e7dda1bb95d99c32cb81d970de4ff47760ee087dd2fa98392c8ede48391b49cd40e314adb896f0f5b08ffcdffdd70775160144552b13edfac23a09d53a4a4a827a1f216b2827cb9fb47a9fe6412d509d35b754d3700cc0dc8d7a3406a53bd1b0ee5112c50fb8f805be52a6c4e1e664d174727f33720bb371fbe9adc747a234013fcaadbce5cd2d416414b1900074e3ec73a36f32f9d7baa96ed4ea37aea560df4d9c724c69b440139a6dc1758bc74b59c521bc59958da71c4e5c23e4a8999305d989369a9bcd10f0faa789f4040950c349ef0ee910a822ba8df4a6cc16bd72dfb85d7c9a97911e96541a7fb6fb4711cdfe1e1083b2e8e870e2d2a7304f99296a496fe30553971b75f78ace054a8e3c6d54d40b2dbb2ee38a6244139fcba31b88a3ce91d637e7c88db35794002ca28533a46af85929f603e4cf4f5aea715ac4495d2c07e8bf79da078521fac5059dfe6dff61405fb6962987d15a2c7b27a851e3076803c7b4374a85f05b96e9bae91656a003e9acad767c9ac88b339fd868136b63fcb0520a2ee2f25128c8b97a0d43d60be7436756614108cfee63fb0fd65cce0bb0afcf5ea7fa817134c876c949945642a29d71aab10d05522b4b1788bb051ae1ad23fc7e75607580f9bfb7ed901a66d69e79ba742ba169f7e0d36d0c8482d3a85d66a9fc08b3e4c1669ffb4f74f418d4317fbf03b785859601b9e3af056b6a2543289738fe1e601e635ff04d750f8724bdebbbc920a7ca2f99cdaff265299bef09a2e20878682f2f37e46b5d2d3ade8d857ec6d3f7a2779080a5927749086b33b22def28633d53dae49362b4c4d47d2899562a52f22618a45998233048f0e54ba01dd53953c9f508abcb0acb1c1fb1d110e5d6c14d707713cea4cf0403b7573ab5b0a1439e6b2d29c46a3077e0dd296ca751db66f829a42c5afe0304c48fbef52c526c8f2100f6826fd4a5295f7492855f841fdb1f8487fba63b6db19af983a75468ad29a2b6cc58f9ef2dfeec8d798d60e1950731e65c5e2ec1065a22915a30845a5f87a26c067ea870d4e1ef71f67617906080b7b122b8ac9e4da1b05442b5477ee97343cb20f2587744abfa5f318ce29cbd24df1a6dbd42470789e17ae8115a588788d910a171b88dd1b94228728bfef3b28b2b32f523d603fa28d00cf23b0a201658f28ef7920f36a0da8917068a4435e0d710d320258114e2fcde2e1dec0c9faac26d671ea3735ee2b26cb644ba56ced9031cdd2b391c4b96aee7a4c38063e61dbd8ada24cea7ced0728a365bc2320eda9746823b7d83afdc8b3b293b56739011554000aec6272004a002328f20368c0902b8a8d251afebfb4d7b427cfa8927385626a474e3918ff557c8f19a8691011523a63c7e578b98c8951157f0763db3ebc4ea24388527e83b149ef89d4173ebb1c0c9aa3cf4e1a47faa3ebe7ca625e7ef077b38235781236797360696e552b9289a80491d4c3e70ff00b01540deb0de1b3385549b667cfa3598a34751868a14ccb22a420781452699563b16d0d0f1a7f0ba3f0ff45cc2d2536f1de9e024bbc923cede7725f84bf3e6a645f43c4ab3db6ddff671f283857262570b6652dbd8c869ca6a3896b870235047db08a54e5c39d7516c4b0d621d87a9c3e8c53249ff2ab9145f026ba4743a46197af56a0df022363ed59a5c2011e664a05fb952d5ad9ee2037c59a4075e4b504d91e87d303e0bc55cccaeb17e1cbab6176d2d148ce05fe986c79eb843886194f80e202c4f373244b38fd46643c1bc0fa8723ac498c71919e4ed8e5092832aec00a35ceeca94df7bd2c0c02dabc886cedf1fd044db2b45c30f8c0334c992eed40290baaeeb4d00e2cb504ca1173b6b6eec8d2aa3a1bf46e64c1ae1b3ca2882545729fe78d5e1e99c6f1f31c0b0f2190889c7318ce7605128a86c62c8a1fa107304c4609e28a2a43c6799ff6a7d70909ee10676801ee670004cf9632e34cb8cfb43d2f477ad335f5142da0baa4f4542dc93704e93a3420ec50284626fe36618b079d0db013d691583aba257947bdb1514d0318180ae43d0f94712f5c0de35f3e342ce7da65f755761506b9bfd186641fdbd03d5a2d4fe170fe23af8", 0x2000, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="85000000610000005400000000000000950000c1810000000000b4a8b154120610000000c79077fa15ba36eca61299de67cf77c9062430bc068829afff36b31fa7e35ce95d04"], &(0x7f0000000280)='syzkaller\x00', 0x1}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x2000000, 0xe40, 0x0, &(0x7f0000000240)="5cdd3086ddff0066b3c9bbac88a8862c00dffd0013dd00000000000000008100f5df86dd", 0x0, 0x15d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
close_range(0xffffffffffffffff, r0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'macvtap0\x00', 0x3601})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0)
preadv(r6, &(0x7f00000002c0)=[{&(0x7f0000000580)=""/4078, 0xfffffffffffffccc}, {&(0x7f00000000c0)=""/46}], 0x10000000000000aa, 0xc6, 0x3)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000011c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r7, &(0x7f0000002440)={0x0, 0x0, &(0x7f0000002400)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="290200000000000000000300000008000400000000005db792c29c3c6ae2fbde8919ab6d7504be4877881440f6b64849046921312c789a07b87852463a219d2a9c3f"], 0x1c}}, 0x0)
syz_usb_connect(0x5, 0xe4, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000017ffd340b1134200bbdf000000010902d200010000400009046a00067af4190009050f102000050801060c8b631b7507250102020700090501", @ANYRES32], 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xff2e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))

449.78343ms ago: executing program 1 (id=2057):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000340)}], 0x1}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)

426.565939ms ago: executing program 2 (id=2058):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x11c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0xf5, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @broadcast, @random="90e488f9971a", {}, @value}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x6, "2d5014b2109a"}, {0xdd, 0x61, "4f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24103d4337027917c48d29a186"}, {0xdd, 0x36, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aacda"}, {0xdd, 0x6, "83534cd40fda"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x11c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={0xffffffffffffffff, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @multicast}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1002, &(0x7f00000004c0)=""/4098}, 0x90)

250.01307ms ago: executing program 1 (id=2059):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0xc, 0x7d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5, 0x1, 'H'}]}]}, 0x28}}, 0x0)

95.753301ms ago: executing program 1 (id=2060):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)

0s ago: executing program 2 (id=2061):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x104, 0x0, 0x321, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0xdc, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @broadcast, @random="90e488f9971a", {}, @value}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x6, "2d5014b2109a"}, {0xdd, 0x48, "eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602f"}, {0xdd, 0x36, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aacda"}, {0xdd, 0x6, "83534cd40fda"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x104}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003100)={@ifindex, 0xffffffffffffffff, 0x11, 0x10, 0xffffffffffffffff, @prog_fd}, 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl0\x00', 0x0, 0x2f, 0x6e, 0x1, 0x2fb, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x80, 0x800, 0xe5b}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081780000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afc0513466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea01d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a07f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a126a1bdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0d5d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f10bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d00b07862c4fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52c094016406cdd32abf77fea373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515dca8811922929e08538fab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f57cbc05cd897f40693ec427ea71578130cde48de3b4dda0c7b615b57ccd4f8ac729a80f891d91a89d967948b9d95b1f22480ab48969e86b854a8c17f3e264ce11f9f63552364e759eec94572f2f7b0e2f293573d0b80709815f4344f908c00"/2646], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r6, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2000b0086dd6012000800383a00fc010000000000000000000000000000ff0200000000000000000000000000010100007800000000600ad91500002c00ff010000000000000000000000000001fe8000000000000000000000000000040000009000000000"], 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00e7ff0000000000140003007465616d5f736c6176655f300000000008000a"], 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1002, &(0x7f00000004c0)=""/4098}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

1]  ? __pfx_kthread+0x10/0x10
[  679.389736][    C1]  ret_from_fork_asm+0x1a/0x30
[  679.394582][    C1]  </TASK>
[  679.397642][    C1] DEBUG: waiting rtnl_mutex for 1183 jiffies.
[  679.404125][    C1] task:syz.3.1772      state:D stack:26800 pid:11676 tgid:11674 ppid:5092   flags:0x00000004
[  679.414396][    C1] Call Trace:
[  679.417730][    C1]  <TASK>
[  679.420771][    C1]  __schedule+0x1800/0x4a60
[  679.425386][    C1]  ? __pfx___schedule+0x10/0x10
[  679.430376][    C1]  ? __pfx_lock_release+0x10/0x10
[  679.435471][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  679.442477][    C1]  ? schedule+0x90/0x320
[  679.446787][    C1]  schedule+0x14b/0x320
[  679.451069][    C1]  schedule_preempt_disabled+0x13/0x30
[  679.456583][    C1]  __mutex_lock+0x6a4/0xd70
[  679.461211][    C1]  ? __mutex_lock+0x527/0xd70
[  679.465954][    C1]  ? rtnetlink_rcv_msg+0x847/0x1180
[  679.471261][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  679.476354][    C1]  ? get_rtnl_holder+0x144/0x190
[  679.481381][    C1]  rtnetlink_rcv_msg+0x847/0x1180
[  679.486480][    C1]  ? rtnetlink_rcv_msg+0x208/0x1180
[  679.491818][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  679.497359][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  679.502826][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  679.506143][   T29] audit: type=1326 audit(1720133911.849:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11768 comm="syz.2.1784" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17d4f75bd9 code=0x0
[  679.508099][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  679.508134][    C1]  ? dev_hard_start_xmit+0x773/0x7e0
[  679.540806][    C1]  ? __dev_queue_xmit+0x2da/0x3e90
[  679.546066][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  679.551905][    C1]  ? __dev_queue_xmit+0x2da/0x3e90
[  679.557077][    C1]  ? __dev_queue_xmit+0x1763/0x3e90
[  679.562496][    C1]  ? kasan_save_track+0x51/0x80
[  679.567674][    C1]  ? do_syscall_64+0xf3/0x230
[  679.572450][    C1]  ? __dev_queue_xmit+0x2da/0x3e90
[  679.577628][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  679.583103][    C1]  ? ref_tracker_free+0x643/0x7e0
[  679.588392][    C1]  netlink_rcv_skb+0x1e3/0x430
[  679.593221][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  679.598789][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  679.604176][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  679.609492][    C1]  netlink_unicast+0x7f0/0x990
[  679.614339][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  679.619735][    C1]  ? __virt_addr_valid+0x183/0x530
[  679.624909][    C1]  ? __check_object_size+0x49c/0x900
[  679.630321][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  679.635495][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  679.640372][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  679.645710][    C1]  ? __import_iovec+0x536/0x820
[  679.650663][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  679.655662][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  679.661065][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  679.666605][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  679.671995][    C1]  __sock_sendmsg+0x221/0x270
[  679.676743][    C1]  ____sys_sendmsg+0x525/0x7d0
[  679.681627][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  679.686990][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  679.691685][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  679.696898][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  679.703332][    C1]  ? do_syscall_64+0x100/0x230
[  679.708188][    C1]  ? do_syscall_64+0xb6/0x230
[  679.712914][    C1]  do_syscall_64+0xf3/0x230
[  679.717469][    C1]  ? clear_bhb_loop+0x35/0x90
[  679.722267][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.728340][    C1] RIP: 0033:0x7fa2a7575bd9
[  679.732839][    C1] RSP: 002b:00007fa2a829c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  679.741363][    C1] RAX: ffffffffffffffda RBX: 00007fa2a7703f60 RCX: 00007fa2a7575bd9
[  679.749429][    C1] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  679.757538][    C1] RBP: 00007fa2a75e4aa1 R08: 0000000000000000 R09: 0000000000000000
[  679.765615][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  679.773670][    C1] R13: 000000000000000b R14: 00007fa2a7703f60 R15: 00007ffd6ca06b08
[  679.781797][    C1]  </TASK>
[  679.784867][    C1] DEBUG: waiting rtnl_mutex for 1107 jiffies.
[  679.791036][    C1] task:syz.4.1773      state:D stack:27424 pid:11710 tgid:11688 ppid:11221  flags:0x00004004
[  679.801307][    C1] Call Trace:
[  679.804624][    C1]  <TASK>
[  679.807592][    C1]  __schedule+0x1800/0x4a60
[  679.812242][    C1]  ? __pfx___schedule+0x10/0x10
[  679.817150][    C1]  ? __pfx_lock_release+0x10/0x10
[  679.822283][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  679.827814][    C1]  ? schedule+0x90/0x320
[  679.832166][    C1]  schedule+0x14b/0x320
[  679.836377][    C1]  schedule_preempt_disabled+0x13/0x30
[  679.841936][    C1]  __mutex_lock+0x6a4/0xd70
[  679.846506][    C1]  ? __mutex_lock+0x527/0xd70
[  679.851297][    C1]  ? do_ipv6_setsockopt+0x9e4/0x3630
[  679.856645][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  679.861806][    C1]  ? get_rtnl_holder+0x144/0x190
[  679.866805][    C1]  do_ipv6_setsockopt+0x9e4/0x3630
[  679.872035][    C1]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  679.877664][    C1]  ? plist_del+0x3f1/0x410
[  679.882184][    C1]  ? __pfx___might_resched+0x10/0x10
[  679.887527][    C1]  ? __lock_acquire+0x1359/0x2000
[  679.892659][    C1]  ? aa_sk_perm+0x967/0xab0
[  679.897221][    C1]  ? __pfx_aa_sk_perm+0x10/0x10
[  679.902174][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  679.907256][    C1]  ipv6_setsockopt+0x5c/0x1a0
[  679.912064][    C1]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  679.918329][    C1]  do_sock_setsockopt+0x3af/0x720
[  679.923418][    C1]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  679.929067][    C1]  ? __fget_files+0x29/0x470
[  679.933716][    C1]  ? __fget_files+0x3f6/0x470
[  679.938502][    C1]  __sys_setsockopt+0x1ae/0x250
[  679.943406][    C1]  __x64_sys_setsockopt+0xb5/0xd0
[  679.948537][    C1]  do_syscall_64+0xf3/0x230
[  679.953086][    C1]  ? clear_bhb_loop+0x35/0x90
[  679.957814][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.963820][    C1] RIP: 0033:0x7fe303b75bd9
[  679.968319][    C1] RSP: 002b:00007fe304982048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  679.976784][    C1] RAX: ffffffffffffffda RBX: 00007fe303d04110 RCX: 00007fe303b75bd9
[  679.979520][ T5106] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  679.984837][    C1] RDX: 000000000000002c RSI: 0000000000000029 RDI: 0000000000000007
[  679.997329][ T5106] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  680.000170][    C1] RBP: 00007fe303be4aa1 R08: 0000000000000108 R09: 0000000000000000
[  680.000195][    C1] R10: 0000000020000340 R11: 0000000000000246 R12: 0000000000000000
[  680.000214][    C1] R13: 000000000000006e R14: 00007fe303d04110 R15: 00007ffecce53458
[  680.000251][    C1]  </TASK>
[  680.011295][ T5106] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  680.015203][    C1] DEBUG: holding rtnl_mutex for 1525 jiffies.
[  680.015224][    C1] task:syz.0.1761      state:D stack:24672 pid:11624 tgid:11624 ppid:5097   flags:0x00004006
[  680.015270][    C1] Call Trace:
[  680.015281][    C1]  <TASK>
[  680.015299][    C1]  __schedule+0x1800/0x4a60
[  680.015359][    C1]  ? __pfx___schedule+0x10/0x10
[  680.015394][    C1]  ? __pfx_lock_release+0x10/0x10
[  680.026958][ T5106] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  680.031426][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  680.031483][    C1]  ? schedule+0x90/0x320
[  680.031512][    C1]  schedule+0x14b/0x320
[  680.035793][ T5106] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  680.041512][    C1]  synchronize_rcu_expedited+0x684/0x830
[  680.049738][ T5106] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  680.057755][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  680.125970][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  680.131354][    C1]  ? __pfx___might_resched+0x10/0x10
[  680.136694][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  680.142800][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  680.148967][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  680.155369][    C1]  synchronize_rcu+0x11b/0x360
[  680.160250][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  680.165607][    C1]  lockdep_unregister_key+0x556/0x610
[  680.171099][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  680.177139][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  680.182515][    C1]  ? __qdisc_destroy+0x150/0x410
[  680.187507][    C1]  ? kfree+0x149/0x360
[  680.191694][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[  680.197297][    C1]  __qdisc_destroy+0x165/0x410
[  680.202178][    C1]  dev_shutdown+0x9b/0x440
[  680.206658][    C1]  unregister_netdevice_many_notify+0x9c7/0x1d20
[  680.213185][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  680.220136][    C1]  ? mark_lock+0x9a/0x360
[  680.224524][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  680.230618][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  680.236991][    C1]  ? queue_delayed_work_on+0x1eb/0x390
[  680.242527][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  680.247797][    C1]  unregister_netdevice_queue+0x303/0x370
[  680.253593][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  680.259935][    C1]  __tun_detach+0x6b6/0x1600
[  680.264549][    C1]  tun_chr_close+0x108/0x1b0
[  680.269224][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[  680.274388][    C1]  __fput+0x24a/0x8a0
[  680.278480][    C1]  task_work_run+0x24f/0x310
[  680.283118][    C1]  ? __pfx_task_work_run+0x10/0x10
[  680.288319][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  680.294124][    C1]  syscall_exit_to_user_mode+0x168/0x370
[  680.299843][    C1]  do_syscall_64+0x100/0x230
[  680.304468][    C1]  ? clear_bhb_loop+0x35/0x90
[  680.309213][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.315162][    C1] RIP: 0033:0x7f22d0175bd9
[  680.319660][    C1] RSP: 002b:00007ffde7802698 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  680.328146][    C1] RAX: 0000000000000000 RBX: 00007f22d0305a60 RCX: 00007f22d0175bd9
[  680.336131][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  680.344186][    C1] RBP: 00007f22d0305a60 R08: 0000000000000006 R09: 0000000be78029cf
[  680.352256][    C1] R10: 00000000003ffd20 R11: 0000000000000246 R12: 00000000000a2496
[  680.360318][    C1] R13: 0000000000000032 R14: 00007f22d0305a60 R15: 00007ffde7802780
[  680.368371][    C1]  </TASK>
[  680.371396][    C1] DEBUG: waiting rtnl_mutex for 1554 jiffies.
[  680.377463][    C1] task:kworker/1:0     state:D stack:19888 pid:25    tgid:25    ppid:2      flags:0x00004000
[  680.387691][    C1] Workqueue: events linkwatch_event
[  680.393024][    C1] Call Trace:
[  680.396318][    C1]  <TASK>
[  680.398079][ T5103] Bluetooth: hci5: command tx timeout
[  680.399289][    C1]  __schedule+0x1800/0x4a60
[  680.409200][    C1]  ? __pfx___schedule+0x10/0x10
[  680.414065][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  680.420123][    C1]  ? __pfx_lock_release+0x10/0x10
[  680.425188][    C1]  ? kick_pool+0x1bd/0x620
[  680.429680][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  680.434915][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  680.440184][    C1]  ? schedule+0x90/0x320
[  680.444474][    C1]  schedule+0x14b/0x320
[  680.448708][    C1]  schedule_preempt_disabled+0x13/0x30
[  680.454213][    C1]  __mutex_lock+0x6a4/0xd70
[  680.458802][    C1]  ? __mutex_lock+0x527/0xd70
[  680.463528][    C1]  ? linkwatch_event+0xe/0x60
[  680.468301][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  680.473467][    C1]  ? get_rtnl_holder+0x144/0x190
[  680.478480][    C1]  ? process_scheduled_works+0x945/0x1830
[  680.484234][    C1]  linkwatch_event+0xe/0x60
[  680.488894][    C1]  process_scheduled_works+0xa2c/0x1830
[  680.494497][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  680.500549][    C1]  ? assign_work+0x364/0x3d0
[  680.505180][    C1]  worker_thread+0x86d/0xd40
[  680.509860][    C1]  ? __kthread_parkme+0x169/0x1d0
[  680.514936][    C1]  ? __pfx_worker_thread+0x10/0x10
[  680.520139][    C1]  kthread+0x2f0/0x390
[  680.524252][    C1]  ? __pfx_worker_thread+0x10/0x10
[  680.529426][    C1]  ? __pfx_kthread+0x10/0x10
[  680.534059][    C1]  ret_from_fork+0x4b/0x80
[  680.538572][    C1]  ? __pfx_kthread+0x10/0x10
[  680.543215][    C1]  ret_from_fork_asm+0x1a/0x30
[  680.548084][    C1]  </TASK>
[  680.551134][    C1] 
[  680.551134][    C1] Showing all locks held in the system:
[  680.558922][    C1] 6 locks held by kworker/0:0/8:
[  680.563899][    C1]  #0: ffff888018a97548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  680.575297][    C1]  #1: ffffc900000d7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  680.587272][    C1]  #2: ffff8880239d5190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  680.596243][    C1]  #3: ffff888023a0d518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b6/0x5150
[  680.606288][    C1]  #4: ffff88801e835568 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f4/0x5150
[  680.616040][    C1]  #5: ffffffff8ef34f90 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30
[  680.618007][    T8] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  680.626600][    C1] 3 locks held by kworker/1:0/25:
[  680.626657][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  680.626735][    C1]  #1: ffffc900001f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  680.626815][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  680.626889][    C1] 3 locks held by kworker/u8:2/35:
[  680.675580][    C1]  #0: ffff888029f27948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  680.687236][    C1]  #1: ffffc90000ab7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  680.700999][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  680.710645][    C1] 4 locks held by kworker/u8:8/2449:
[  680.715961][    C1]  #0: ffff88802b1a0148 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  680.727382][    C1]  #1: ffffc90009217d00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  680.741160][    C1]  #2: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  680.751331][    C1]  #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  680.761273][    C1] 2 locks held by getty/4853:
[  680.765945][    C1]  #0: ffff88802b1520a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  680.775789][    C1]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  680.786100][    C1] 2 locks held by kworker/0:3/5102:
[  680.791452][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  680.802520][    C1]  #1: ffffc9000395fd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  680.810774][    T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  680.812881][    C1] 2 locks held by syz.0.1761/11624:
[  680.823431][    T8] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 45523, setting to 1024
[  680.827759][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  680.839882][    T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  680.847930][    C1]  #1: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  680.861927][    T8] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  680.868812][    C1] 1 lock held by syz.3.1772/11676:
[  680.868838][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  680.878846][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.883035][    C1] 1 lock held by syz.4.1773/11710:
[  680.893115][    T8] usb 2-1: Product: 坍ὅ䔅昩刹햯࡬쏜䙅穚ﰈ헙澠檪숴珳员短⊈᜘ꁫ㉂ퟮ⮱ᵣ禼鳀ઈ꽵䔗ᰨ霂☚騹ꪲ翊䮼㫈⾩齃㸼뒿ᡣ㶐뎩嗵岊
[  680.900560][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: do_ipv6_setsockopt+0x9e4/0x3630
[  680.900650][    C1] 1 lock held by syz-executor/11762:
[  680.906482][    T8] usb 2-1: Manufacturer: 쑿
[  680.922455][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  680.922546][    C1] 4 locks held by syz.2.1784/11768:
[  680.922562][    C1]  #0: ffff88807b568e08
[  680.932879][    T8] usb 2-1: SerialNumber: syz
[  680.937406][    C1]  (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  680.937483][    C1]  #1: ffffffff8f667110 ((netlink_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x53/0x90
[  680.937561][    C1]  #2: ffff88802b0746b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nft_rcv_nl_event+0x123/0x6d0
[  680.937639][    C1]  #3: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  681.007262][    C1] 1 lock held by syz.2.1784/11773:
[  681.012432][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: do_ipv6_setsockopt+0x9e4/0x3630
[  681.022127][    C1] 1 lock held by syz.2.1784/11774:
[  681.027299][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[  681.036212][    C1] 1 lock held by syz.2.1784/11778:
[  681.038218][ T5103] Bluetooth: hci6: command tx timeout
[  681.041368][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[  681.055991][    C1] 1 lock held by syz-executor/11770:
[  681.061347][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  681.070971][    C1] 1 lock held by syz-executor/11783:
[  681.076379][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  681.085995][    C1] 1 lock held by syz.1.1786/11786:
[  681.091177][    C1]  #0: ffff888020708258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0
[  681.100979][    C1] 1 lock held by syz.1.1786/11787:
[  681.106124][    C1]  #0: ffff88807d848258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0
[  681.115902][    C1] 
[  681.118290][    C1] =============================================
[  681.118290][    C1] 
[  681.174093][T11786] loop0: detected capacity change from 0 to 7
[  681.192249][T11786] Dev loop0: unable to read RDB block 7
[  681.200231][T11786]  loop0: unable to read partition table
[  681.207373][T11786] loop0: partition table beyond EOD, truncated
[  681.214464][T11786] loop_reread_partitions: partition scan of loop0 (�被x������ڬ��dƤ����ݡ�����
[  681.214464][T11786] 
) failed (rc=-5)
[  681.269543][    T8] cdc_ncm 2-1:1.0: bind() failure
[  681.281020][    T8] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  681.290744][    T8] cdc_ncm 2-1:1.1: bind() failure
[  681.311404][    T8] usb 2-1: USB disconnect, device number 40
[  682.166358][ T5103] Bluetooth: hci7: command tx timeout
[  682.487775][ T5103] Bluetooth: hci5: command tx timeout
[  682.866913][ T1058] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.036559][ T1058] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.118097][ T5103] Bluetooth: hci6: command tx timeout
[  683.180586][ T1058] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.193010][ T5097] syz-executor (5097) used greatest stack depth: 18576 bytes left
[  683.389627][ T1058] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.650373][T11810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1790'.
[  683.846261][T11812] loop2: detected capacity change from 0 to 4096
[  683.862364][T11812] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  683.901995][T11762] chnl_net:caif_netlink_parms(): no params data found
[  683.985991][T11783] chnl_net:caif_netlink_parms(): no params data found
[  684.104014][T11812] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  684.152212][T11812] ntfs3: loop2: mft corrupted
[  684.172212][T11812] ntfs3: loop2: Failed to load $Extend (-22).
[  684.181835][T11812] ntfs3: loop2: Failed to initialize $Extend.
[  684.238451][ T5103] Bluetooth: hci7: command tx timeout
[  684.308694][T11820] ntfs3: Unknown parameter '����������01777777777777777777777���X�c�v�:�Q���'
[  684.425947][T11770] chnl_net:caif_netlink_parms(): no params data found
[  684.558185][ T5103] Bluetooth: hci5: command tx timeout
[  684.567265][ T1058] bridge_slave_1: left allmulticast mode
[  684.568460][T11825] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  684.574066][ T1058] bridge_slave_1: left promiscuous mode
[  684.589401][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  684.601524][ T1058] bridge_slave_0: left allmulticast mode
[  684.607188][ T1058] bridge_slave_0: left promiscuous mode
[  684.638276][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.014694][   T25] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  685.210707][ T5103] Bluetooth: hci6: command tx timeout
[  685.228012][   T25] usb 2-1: Using ep0 maxpacket: 32
[  685.259518][   T25] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  685.267777][   T25] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  685.295833][   T25] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  685.327972][   T25] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  685.348414][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  685.387784][   T25] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  685.410969][   T25] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  685.427936][   T25] usb 2-1: Product: syz
[  685.433056][   T25] usb 2-1: Manufacturer: syz
[  685.437781][   T25] usb 2-1: SerialNumber: syz
[  685.462231][   T25] usb 2-1: config 0 descriptor??
[  685.471687][   T25] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  685.500633][   T25] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  685.691813][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  685.704738][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  685.717495][ T1058] bond0 (unregistering): Released all slaves
[  685.835946][    T8] usb 2-1: USB disconnect, device number 41
[  685.841956][    C0] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  685.878973][    T8] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  685.952982][T11762] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.968045][T11762] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.975359][T11762] bridge_slave_0: entered allmulticast mode
[  686.010235][T11762] bridge_slave_0: entered promiscuous mode
[  686.058309][T11783] bridge0: port 1(bridge_slave_0) entered blocking state
[  686.065623][T11783] bridge0: port 1(bridge_slave_0) entered disabled state
[  686.073141][T11783] bridge_slave_0: entered allmulticast mode
[  686.093048][T11783] bridge_slave_0: entered promiscuous mode
[  686.131823][T11825] ldusb: No device or device unplugged -19
[  686.242780][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  686.249384][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  686.289579][T11762] bridge0: port 2(bridge_slave_1) entered blocking state
[  686.296800][T11762] bridge0: port 2(bridge_slave_1) entered disabled state
[  686.324844][ T5103] Bluetooth: hci7: command tx timeout
[  686.338234][T11762] bridge_slave_1: entered allmulticast mode
[  686.379054][T11762] bridge_slave_1: entered promiscuous mode
[  686.530106][T11783] bridge0: port 2(bridge_slave_1) entered blocking state
[  686.537344][T11783] bridge0: port 2(bridge_slave_1) entered disabled state
[  686.554075][T11823] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  686.577737][T11783] bridge_slave_1: entered allmulticast mode
[  686.596245][T11783] bridge_slave_1: entered promiscuous mode
[  686.668100][T11762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  686.711832][T11762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  686.874583][T11783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  686.907607][T11783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  687.065741][T11762] team0: Port device team_slave_0 added
[  687.082188][T11762] team0: Port device team_slave_1 added
[  687.117632][ T1058] hsr_slave_0: left promiscuous mode
[  687.126676][ T1058] hsr_slave_1: left promiscuous mode
[  687.141410][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  687.153044][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  687.161895][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  687.169622][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  687.208182][ T5153] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  687.210694][ T1058] veth1_macvtap: left promiscuous mode
[  687.223247][ T1058] veth0_macvtap: left promiscuous mode
[  687.240203][ T1058] veth1_vlan: left promiscuous mode
[  687.255718][ T1058] veth0_vlan: left promiscuous mode
[  687.278150][ T5103] Bluetooth: hci6: command tx timeout
[  687.400332][ T5153] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  687.428489][ T5153] usb 3-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[  687.449298][ T5153] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  687.462629][ T5153] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[  687.474421][ T5153] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[  687.493774][ T5153] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  687.513564][ T5153] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  687.536606][ T5153] usb 3-1: Product: syz
[  687.541567][ T5153] usb 3-1: Manufacturer: syz
[  687.553540][ T5153] cdc_wdm 3-1:1.0: skipping garbage
[  687.568630][ T5153] cdc_wdm 3-1:1.0: skipping garbage
[  687.583608][ T5153] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  687.628131][ T5153] cdc_wdm 3-1:1.0: Unknown control protocol
[  687.883828][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.890517][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.897062][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.903708][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.910014][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.916631][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.922918][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.929548][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.935915][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.942544][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.949076][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.955695][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.962005][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.968631][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.974968][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.981618][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  687.987944][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  687.994598][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  688.000933][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  688.007580][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  688.018691][   T25] usb 3-1: USB disconnect, device number 37
[  688.018759][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  688.083664][ T5150] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  688.283931][ T5150] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  688.308394][ T5150] usb 2-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[  688.330177][ T5150] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  688.339473][ T5150] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[  688.366260][ T5150] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[  688.393730][ T5150] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  688.403017][ T5103] Bluetooth: hci7: command tx timeout
[  688.421286][ T5150] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  688.429563][ T5150] usb 2-1: Product: syz
[  688.444046][ T5150] usb 2-1: Manufacturer: syz
[  688.472076][ T5150] cdc_wdm 2-1:1.0: skipping garbage
[  688.477545][ T5150] cdc_wdm 2-1:1.0: skipping garbage
[  688.503814][ T5150] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  688.511604][ T5150] cdc_wdm 2-1:1.0: Unknown control protocol
[  688.530213][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  688.591826][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  688.916713][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  688.948316][ T5153] usb 2-1: USB disconnect, device number 42
[  689.250365][ T5150] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  689.441870][ T5150] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  689.458834][ T5150] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  689.472782][ T5150] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  689.493317][T11783] team0: Port device team_slave_0 added
[  689.508306][ T5150] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  689.533258][ T5150] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  689.544872][ T5150] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  689.545958][T11770] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.553243][ T5150] usb 3-1: Product: syz
[  689.565023][ T5150] usb 3-1: Manufacturer: syz
[  689.571576][T11770] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.593589][ T5150] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  689.602002][T11770] bridge_slave_0: entered allmulticast mode
[  689.609998][T11770] bridge_slave_0: entered promiscuous mode
[  689.627626][T11770] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.635102][T11770] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.643518][T11770] bridge_slave_1: entered allmulticast mode
[  689.653128][T11770] bridge_slave_1: entered promiscuous mode
[  689.665722][T11783] team0: Port device team_slave_1 added
[  689.694364][T11762] batman_adv: batadv0: Adding interface: batadv_slave_0
[  689.701814][T11762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  689.727848][    C0] vkms_vblank_simulate: vblank timer overrun
[  689.744219][T11762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  689.786755][T11762] batman_adv: batadv0: Adding interface: batadv_slave_1
[  689.794219][T11762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  689.811909][ T5150] usb 3-1: USB disconnect, device number 38
[  689.829990][T11762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  689.922488][T11770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  690.094943][T11770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  690.182014][T11783] batman_adv: batadv0: Adding interface: batadv_slave_0
[  690.220034][T11783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.268099][T11783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  690.293039][T11783] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.300893][T11783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.326913][    C0] vkms_vblank_simulate: vblank timer overrun
[  690.336169][T11783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  690.539735][T11762] hsr_slave_0: entered promiscuous mode
[  690.563014][T11762] hsr_slave_1: entered promiscuous mode
[  690.584294][T11762] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  690.605029][T11762] Cannot create hsr debugfs directory
[  690.625842][T11770] team0: Port device team_slave_0 added
[  690.735650][T11770] team0: Port device team_slave_1 added
[  690.944845][T11783] hsr_slave_0: entered promiscuous mode
[  690.975425][T11783] hsr_slave_1: entered promiscuous mode
[  690.987316][T11783] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  691.005918][T11783] Cannot create hsr debugfs directory
[  691.279939][T11770] batman_adv: batadv0: Adding interface: batadv_slave_0
[  691.288582][T11891] loop2: detected capacity change from 0 to 4096
[  691.295316][T11770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  691.329944][T11891] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  691.377555][T11891] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  691.387948][T11770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  691.430045][T11891] ntfs3: loop2: mft corrupted
[  691.434877][T11891] ntfs3: loop2: Failed to load $Extend (-22).
[  691.445268][T11770] batman_adv: batadv0: Adding interface: batadv_slave_1
[  691.452702][T11891] ntfs3: loop2: Failed to initialize $Extend.
[  691.478078][T11770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  691.507466][T11770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  691.612018][T11894] ntfs3: Unknown parameter '����������01777777777777777777777���X�c�v�:�Q���'
[  691.863567][T11770] hsr_slave_0: entered promiscuous mode
[  691.909391][T11770] hsr_slave_1: entered promiscuous mode
[  691.925272][T11770] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  691.926948][T11898] misc userio: No port type given on /dev/userio
[  691.947238][T11898] misc userio: The device must be registered before sending interrupts
[  691.958004][T11770] Cannot create hsr debugfs directory
[  692.040156][ T5153] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  692.073721][ T1058] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.261016][ T5153] usb 2-1: Using ep0 maxpacket: 16
[  692.290606][ T5153] usb 2-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  692.321445][ T1058] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.339022][ T5153] usb 2-1: config 1 interface 0 has no altsetting 0
[  692.370213][ T5153] usb 2-1: New USB device found, idVendor=056a, idProduct=0020, bcdDevice= 0.40
[  692.399082][ T5153] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  692.407705][ T5153] usb 2-1: Product: syz
[  692.412115][ T5153] usb 2-1: Manufacturer: 㠍
[  692.416705][ T5153] usb 2-1: SerialNumber: syz
[  692.666330][T11905] loop2: detected capacity change from 0 to 256
[  692.681758][ T1058] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.752252][T11905] exfat: Deprecated parameter 'utf8'
[  692.758779][T11905] exfat: Bad value for 'gid'
[  692.937209][ T1058] team0: Port device netdevsim0 removed
[  692.954421][T11913] mmap: syz.1.1802 (11913) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  693.008834][ T1058] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.249713][T11923] loop2: detected capacity change from 0 to 1024
[  694.465877][T11923] EXT4-fs: Ignoring removed orlov option
[  694.477422][T11923] EXT4-fs (loop2): Test dummy encryption mode enabled
[  694.490461][T11923] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  694.529090][T11923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  694.568624][ T1058] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.811140][ T1058] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.911300][T11923] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  695.006933][ T5107] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.008397][ T1058] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.055566][ T5153] usbhid 2-1:1.0: can't add hid device: -71
[  695.061914][ T5153] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  695.093499][ T5153] usb 2-1: USB disconnect, device number 43
[  695.246095][ T1058] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.351770][T11936] loop2: detected capacity change from 0 to 512
[  695.398981][T11936] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[  695.620126][ T1058] bridge_slave_0: left allmulticast mode
[  695.625921][ T1058] bridge_slave_0: left promiscuous mode
[  695.638222][T11936] loop2: detected capacity change from 0 to 64
[  695.642408][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.729063][ T1058] bridge_slave_1: left allmulticast mode
[  695.765618][ T1058] bridge_slave_1: left promiscuous mode
[  695.793647][ T1058] bridge1: port 1(bridge_slave_1) entered disabled state
[  695.853006][ T1058] bridge_slave_0: left allmulticast mode
[  695.864750][ T1058] bridge_slave_0: left promiscuous mode
[  695.891966][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.945618][ T1058] veth1_to_bond: left allmulticast mode
[  695.980419][ T1058] veth1_to_bond: left promiscuous mode
[  696.025376][ T1058] bridge1: port 1(veth1_to_bond) entered disabled state
[  696.041312][ T1058] bridge_slave_1: left allmulticast mode
[  696.047068][ T1058] bridge_slave_1: left promiscuous mode
[  696.069107][ T1058] bridge2: port 1(bridge_slave_1) entered disabled state
[  696.124648][T11947] loop1: detected capacity change from 0 to 512
[  696.168974][T11947] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent
[  696.452756][T11947] loop1: detected capacity change from 0 to 64
[  696.487413][ T1058] ip6gre0: left allmulticast mode
[  696.604309][ T1058] ip_vti0: left allmulticast mode
[  696.657332][ T1058] ip_vti0: left allmulticast mode
[  697.236690][T11961] misc userio: No port type given on /dev/userio
[  697.290654][T11962] misc userio: The device must be registered before sending interrupts
[  697.515180][T11963] loop1: detected capacity change from 0 to 4096
[  697.520309][T11965] loop2: detected capacity change from 0 to 2048
[  697.544209][T11963] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  697.656156][T11965] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  698.068832][T11967] ip6t_REJECT: ECHOREPLY is not supported
[  698.645401][T11963] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  698.664378][T11963] ntfs3: loop1: mft corrupted
[  698.672291][T11963] ntfs3: loop1: Failed to load $Extend (-22).
[  698.693100][T11963] ntfs3: loop1: Failed to initialize $Extend.
[  698.854886][T11970] ntfs3: Unknown parameter '����������01777777777777777777777���X�c�v�:�Q���'
[  699.347320][T11974] loop1: detected capacity change from 0 to 4096
[  699.362399][T11974] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  699.431835][T11974] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  699.444630][T11974] ntfs3: loop1: mft corrupted
[  699.457624][T11974] ntfs3: loop1: Failed to load $Extend (-22).
[  699.464058][T11974] ntfs3: loop1: Failed to initialize $Extend.
[  699.548050][ T5164] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  699.742429][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  699.753866][ T5164] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  699.766633][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  699.775668][ T5164] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  699.789663][ T1058] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  699.798920][ T5164] usb 3-1: config 0 descriptor??
[  699.819091][ T1058] bond0 (unregistering): Released all slaves
[  699.984603][ T1058] team0: Port device bond0 removed
[  699.995289][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  700.012031][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  700.039190][ T1058] bond0 (unregistering): Released all slaves
[  700.244903][T11971] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  700.747999][ T5153] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  700.844442][T11783] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  700.932510][ T5164] pegasus 3-1:0.0: probe with driver pegasus failed with error -71
[  700.962867][ T5153] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  700.970094][ T5164] usb 3-1: USB disconnect, device number 39
[  700.978218][ T5153] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  701.018655][ T5153] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  701.063037][ T5153] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.097536][T11783] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  701.118850][ T5153] usb 2-1: config 0 descriptor??
[  701.318380][T11783] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  701.350764][T11783] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  701.557763][ T5153] lg-g15 0003:046D:C222.0019: unknown main item tag 0x1
[  701.575878][ T5153] lg-g15 0003:046D:C222.0019: item fetching failed at offset 10/11
[  701.597034][ T5153] lg-g15 0003:046D:C222.0019: probe with driver lg-g15 failed with error -22
[  701.793343][T11982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1816'.
[  701.979350][ T1058] hsr_slave_0: left promiscuous mode
[  701.995903][ T1058] hsr_slave_1: left promiscuous mode
[  702.011153][ T1058] hsr_slave_0: left promiscuous mode
[  702.036512][ T1058] hsr_slave_1: left promiscuous mode
[  702.049838][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  702.062063][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  702.070931][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  702.078936][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  702.127785][ T1058] veth1_macvtap: left promiscuous mode
[  702.133732][ T1058] veth0_macvtap: left promiscuous mode
[  702.139858][ T1058] veth0_vlan: left promiscuous mode
[  702.154386][ T1058] veth1_macvtap: left promiscuous mode
[  702.164693][ T1058] veth0_macvtap: left promiscuous mode
[  702.181565][ T1058] veth0_vlan: left promiscuous mode
[  703.191256][T12008] misc userio: No port type given on /dev/userio
[  703.207689][T12008] misc userio: The device must be registered before sending interrupts
[  703.245768][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  703.329471][T12010] loop2: detected capacity change from 0 to 2048
[  703.343848][T12010] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  703.769733][T12012] ip6t_REJECT: ECHOREPLY is not supported
[  704.564001][T12014] loop2: detected capacity change from 0 to 1024
[  704.633977][T12014] could not open pipe file descriptor
[  705.022380][T12016] hfsplus: bad catalog entry type
[  705.635278][   T12] hfsplus: b-tree write err: -5, ino 4
[  705.848719][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  705.949835][T12021] loop2: detected capacity change from 0 to 256
[  705.968690][T12021] exfat: Deprecated parameter 'utf8'
[  705.974193][T12021] exfat: Bad value for 'gid'
[  707.055012][T11983] batman_adv: batadv1: Adding interface: netdevsim0
[  707.071491][T11983] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  707.118269][    C1] DEBUG: holding rtnl_mutex for 512 jiffies.
[  707.124329][    C1] task:syz.1.1816      state:R  running task     stack:22816 pid:11983 tgid:11981 ppid:5848   flags:0x00004006
[  707.136286][    C1] Call Trace:
[  707.139647][    C1]  <TASK>
[  707.142630][    C1]  __schedule+0x1800/0x4a60
[  707.147222][    C1]  ? __pfx___schedule+0x10/0x10
[  707.152169][    C1]  ? prb_read_valid+0xa9/0xf0
[  707.156924][    C1]  ? preempt_schedule+0xe1/0xf0
[  707.161896][    C1]  preempt_schedule_common+0x84/0xd0
[  707.167238][    C1]  preempt_schedule+0xe1/0xf0
[  707.172022][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  707.177546][    C1]  ? _printk+0xd5/0x120
[  707.179532][T11983] batman_adv: batadv1: Interface activated: netdevsim0
[  707.181756][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  707.193869][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[  707.199370][    C1]  ? vprintk_emit+0x7bb/0x900
[  707.204093][    C1]  ? vprintk_emit+0x828/0x900
[  707.208874][    C1]  ? vprintk_emit+0x82d/0x900
[  707.213601][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  707.218726][    C1]  ? __pfx_batadv_tt_local_commit_changes_nolock+0x10/0x10
[  707.225997][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  707.231160][    C1]  ? psi_task_switch+0x3a7/0x770
[  707.236168][    C1]  ? arch_do_signal_or_restart+0x96/0x860
[  707.242021][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.247274][    C1]  ? validate_chain+0x11e/0x5920
[  707.252357][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.258267][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.263544][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.268959][    C1]  ? __schedule+0x17bc/0x4a60
[  707.273701][    C1]  ? __pfx_lock_release+0x10/0x10
[  707.278866][    C1]  ? __schedule+0x1800/0x4a60
[  707.283609][    C1]  ? __pfx_lock_release+0x10/0x10
[  707.288537][T11783] 8021q: adding VLAN 0 to HW filter on device bond0
[  707.288735][    C1]  ? switch_ldt+0x10e/0x280
[  707.298883][ T5153] usb 2-1: USB disconnect, device number 44
[  707.299837][    C1]  ? validate_chain+0x11e/0x5920
[  707.310771][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.316027][    C1]  ? validate_chain+0x11e/0x5920
[  707.321064][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.326330][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.331658][    C1]  ? validate_chain+0x11e/0x5920
[  707.336701][    C1]  ? __lock_acquire+0x1359/0x2000
[  707.341899][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.347166][    C1]  ? validate_chain+0x11e/0x5920
[  707.352233][    C1]  ? validate_chain+0x11e/0x5920
[  707.357240][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.362561][    C1]  ? validate_chain+0x11e/0x5920
[  707.367568][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.372889][    C1]  ? __lock_acquire+0x1359/0x2000
[  707.378004][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.381606][T11783] 8021q: adding VLAN 0 to HW filter on device team0
[  707.383233][    C1]  ? validate_chain+0x11e/0x5920
[  707.383288][    C1]  ? validate_chain+0x11e/0x5920
[  707.399916][    C1]  ? rcu_is_watching+0x15/0xb0
[  707.404735][    C1]  ? __update_load_avg_se+0x6a0/0xaf0
[  707.410213][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.415574][    C1]  ? validate_chain+0x11e/0x5920
[  707.420741][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.426007][    C1]  ? validate_chain+0x11e/0x5920
[  707.431081][    C1]  ? validate_chain+0x11e/0x5920
[  707.436090][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.441436][    C1]  ? mark_lock+0x9a/0x360
[  707.445820][    C1]  ? __pfx_validate_chain+0x10/0x10
[  707.451148][    C1]  ? __lock_acquire+0x1359/0x2000
[  707.456277][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  707.461423][    C1]  ? psi_task_switch+0x441/0x770
[  707.466423][    C1]  ? __pfx_lock_release+0x10/0x10
[  707.471558][    C1]  ? switch_ldt+0x10e/0x280
[  707.476134][    C1]  ? __schedule+0x17bc/0x4a60
[  707.480947][    C1]  ? __pfx_lock_release+0x10/0x10
[  707.486061][    C1]  ? __schedule+0x1800/0x4a60
[  707.490903][    C1]  ? __pfx___schedule+0x10/0x10
[  707.495820][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  707.501839][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  707.507102][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  707.509276][T11783] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  707.513539][    C1]  ? do_task_dead+0x39/0xd0
[  707.528391][    C1]  ? do_task_dead+0xc4/0xd0
[  707.533048][    C1]  ? do_exit+0x1e7c/0x27f0
[  707.537533][    C1]  ? __pfx_do_exit+0x10/0x10
[  707.542236][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  707.547668][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  707.553758][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  707.560173][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  707.565334][    C1]  ? do_group_exit+0x207/0x2c0
[  707.568018][T11783] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  707.570173][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  707.585703][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  707.591039][    C1]  ? get_signal+0x16a1/0x1740
[  707.595787][    C1]  ? __pfx_get_signal+0x10/0x10
[  707.600768][    C1]  ? arch_do_signal_or_restart+0x96/0x860
[  707.606552][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  707.612819][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  707.618902][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  707.624685][    C1]  ? syscall_exit_to_user_mode+0xc9/0x370
[  707.630533][    C1]  ? do_syscall_64+0x100/0x230
[  707.635369][    C1]  ? clear_bhb_loop+0x35/0x90
[  707.640168][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.646311][    C1]  </TASK>
[  707.649443][    C1] 
[  707.649443][    C1] Showing all locks held in the system:
[  707.657198][    C1] 3 locks held by kworker/u8:0/11:
[  707.662409][    C1]  #0: ffff888029f27948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  707.674107][    C1]  #1: ffffc90000107d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  707.687048][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  707.694129][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state
[  707.696581][    C1] 3 locks held by kworker/u8:1/12:
[  707.703748][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  707.708768][    C1] 5 locks held by kworker/u8:2/35:
[  707.721178][    C1] 2 locks held by kworker/u8:6/1050:
[  707.726501][    C1]  #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  707.738287][    C1]  #1: ffffc90004327d00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  707.750522][    C1] 5 locks held by kworker/u8:7/1058:
[  707.755839][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  707.760653][ T5152] bridge0: port 2(bridge_slave_1) entered blocking state
[  707.766845][    C1]  #1: ffffc90004147d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  707.773966][ T5152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  707.773987][    C1]  #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  707.801301][    C1]  #3: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  707.811536][    C1]  #4: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  707.821566][    C1] 4 locks held by udevd/4546:
[  707.826311][    C1]  #0: ffff8880285b12f0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60
[  707.835257][    C1]  #1: ffff888029fd4c88 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0
[  707.844817][    C1]  #2: ffff888067109698 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0
[  707.854454][    C1]  #3: ffff88801515b0e8 (&dev->mutex){....}-{3:3}, at: uevent_show+0x17d/0x340
[  707.863578][    C1] 1 lock held by dhcpcd/4760:
[  707.868375][    C1] 2 locks held by getty/4853:
[  707.873114][    C1]  #0: ffff88802b1520a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  707.883012][    C1]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  707.893261][    C1] 3 locks held by kworker/0:5/5152:
[  707.898646][    C1] 3 locks held by kworker/1:6/5164:
[  707.903892][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  707.915041][    C1]  #1: ffffc90004307d00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  707.918419][T11770] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  707.927778][    C1]  #2: ffff88807911e240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2d1/0x4130
[  707.944769][    C1] 8 locks held by syz-executor/11762:
[  707.950248][    C1] 2 locks held by syz-executor/11770:
[  707.955680][    C1] 
[  707.958092][    C1] =============================================
[  707.958092][    C1] 
[  708.043862][T11770] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  708.143220][T11770] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  708.239416][T11770] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  708.709686][T11762] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  708.913237][   T29] audit: type=1326 audit(1720133941.189:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12031 comm="syz.1.1824" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6cbe375bd9 code=0x0
[  709.266813][T11762] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  709.599643][T11762] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  709.661102][T11783] 8021q: adding VLAN 0 to HW filter on device batadv0
[  709.680621][T11762] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  709.829583][T12048] loop1: detected capacity change from 0 to 512
[  709.895972][T12048] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent
[  710.033330][T12048] loop1: detected capacity change from 0 to 64
[  710.269408][T11783] veth0_vlan: entered promiscuous mode
[  710.378795][T11783] veth1_vlan: entered promiscuous mode
[  710.622365][T11770] 8021q: adding VLAN 0 to HW filter on device bond0
[  710.644234][T12052] loop1: detected capacity change from 0 to 1024
[  710.669723][T11762] 8021q: adding VLAN 0 to HW filter on device bond0
[  710.734927][T11762] 8021q: adding VLAN 0 to HW filter on device team0
[  710.750611][T12052] could not open pipe file descriptor
[  710.786098][T11770] 8021q: adding VLAN 0 to HW filter on device team0
[  710.877619][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  710.884942][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  710.934135][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  710.941523][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  710.986772][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  710.994084][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  711.006227][ T5164] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  711.052281][   T47] bridge0: port 2(bridge_slave_1) entered blocking state
[  711.059547][   T47] bridge0: port 2(bridge_slave_1) entered forwarding state
[  711.126347][T12056] hfsplus: bad catalog entry type
[  711.738889][ T1058] hfsplus: b-tree write err: -5, ino 4
[  711.829268][ T5164] usb 3-1: Using ep0 maxpacket: 32
[  711.860979][ T5164] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  711.892747][ T5164] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.912175][T11762] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  711.924680][ T5164] usb 3-1: config 0 descriptor??
[  711.932243][T11762] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  711.961704][ T5164] gspca_main: sunplus-2.14.0 probing 041e:400b
[  712.152787][T11783] veth0_macvtap: entered promiscuous mode
[  712.363204][   T29] audit: type=1326 audit(1720133944.689:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.1.1830" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6cbe375bd9 code=0x0
[  712.648774][ T5164] gspca_sunplus: reg_r err -71
[  712.700372][T11783] veth1_macvtap: entered promiscuous mode
[  712.799237][ T5164] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  712.861617][T11783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  712.887992][T11783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  712.919547][T11783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  712.960161][ T5164] usb 3-1: USB disconnect, device number 40
[  712.991264][T11783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  713.067295][T11783] batman_adv: batadv0: Interface activated: batadv_slave_0
[  713.156244][T11783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  713.228991][T11783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  713.282795][T11783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  713.316972][T11783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  713.389460][T11783] batman_adv: batadv0: Interface activated: batadv_slave_1
[  713.429033][T11783] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  713.452769][T11783] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  713.471605][T11783] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  713.482836][T11783] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  713.539211][ T5164] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  713.601260][T11762] 8021q: adding VLAN 0 to HW filter on device batadv0
[  713.731024][ T5164] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[  713.739400][   T59] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  713.755244][ T5164] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  713.787934][ T5164] usb 2-1: config 0 has no interface number 0
[  713.798661][ T5164] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has an invalid bInterval 255, changing to 11
[  713.823032][T11770] 8021q: adding VLAN 0 to HW filter on device batadv0
[  713.873131][ T5164] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid maxpacket 59391, setting to 1024
[  713.907770][ T5164] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  713.931300][ T5164] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  713.948248][ T5164] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.958355][   T59] usb 3-1: Using ep0 maxpacket: 16
[  713.969492][   T59] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  713.992720][ T5164] usb 2-1: config 0 descriptor??
[  714.017501][   T59] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  714.030590][T12081] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  714.048344][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.079747][   T59] usb 3-1: config 0 descriptor??
[  714.109677][ T5164] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  714.222722][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  714.232949][T11762] veth0_vlan: entered promiscuous mode
[  714.271453][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  714.422301][T11762] veth1_vlan: entered promiscuous mode
[  714.615134][ T1058] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  714.637533][ T1058] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  714.733390][T12088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  714.791777][T12088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  714.804541][T11762] veth0_macvtap: entered promiscuous mode
[  714.846956][   T59] hid (null): unknown global tag 0x83
[  714.864432][   T59] hid (null): global environment stack underflow
[  714.876969][T11762] veth1_macvtap: entered promiscuous mode
[  714.920677][   T59] hid-generic 0003:0158:0100.001A: unexpected long global item
[  714.956887][   T59] hid-generic 0003:0158:0100.001A: probe with driver hid-generic failed with error -22
[  714.989441][T11762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  715.018900][T11762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  715.039710][T11762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  715.080815][T11762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  715.107220][   T59] usb 3-1: USB disconnect, device number 41
[  715.149116][T11762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  715.199514][ T2449] usb 2-1: Failed to submit usb control message: -110
[  715.205685][T12115] loop3: detected capacity change from 0 to 512
[  715.234757][T11762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  715.238086][ T2449] usb 2-1: unable to send the bmi data to the device: -110
[  715.253564][ T2449] usb 2-1: unable to get target info from device
[  715.260681][T12115] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent
[  715.283852][ T2449] usb 2-1: could not get target info (-110)
[  715.302756][ T2449] usb 2-1: could not probe fw (-110)
[  715.332535][T11762] batman_adv: batadv0: Interface activated: batadv_slave_0
[  715.425891][T11762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  715.452456][T12115] loop3: detected capacity change from 0 to 64
[  715.468479][T11762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  715.510317][T11762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  715.542427][T11762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  715.572867][T11762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  715.604493][T11762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  715.639683][T11762] batman_adv: batadv0: Interface activated: batadv_slave_1
[  715.698132][T11762] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  715.716424][T11762] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  715.756636][T11762] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  715.805828][T11762] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  716.075846][T11770] veth0_vlan: entered promiscuous mode
[  716.098717][ T5102] usb 2-1: USB disconnect, device number 45
[  716.145032][T11770] veth1_vlan: entered promiscuous mode
[  716.493445][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  716.573172][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  717.135766][T11770] veth0_macvtap: entered promiscuous mode
[  717.235313][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  717.248613][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  717.274867][T11770] veth1_macvtap: entered promiscuous mode
[  717.406370][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.425241][T12140] loop3: detected capacity change from 0 to 1024
[  717.458755][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.496822][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.524653][T12140] could not open pipe file descriptor
[  717.538262][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.785793][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.809938][  T928] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  717.842779][T12149] hfsplus: bad catalog entry type
[  717.937503][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  718.009333][T12146] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  718.034788][  T928] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  718.106390][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  718.398735][  T928] usb 2-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[  718.437922][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  718.438074][  T928] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  718.466500][   T11] hfsplus: b-tree write err: -5, ino 4
[  718.498592][T11770] batman_adv: batadv0: Interface activated: batadv_slave_0
[  718.510468][  T928] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[  718.556255][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  718.597015][  T928] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[  718.624507][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  718.669747][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  718.735054][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  718.786019][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  718.807243][ T5150] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  718.854673][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  718.892695][  T928] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  718.902063][  T928] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  718.906036][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  718.910243][  T928] usb 2-1: Product: syz
[  718.910266][  T928] usb 2-1: Manufacturer: syz
[  718.915521][  T928] cdc_wdm 2-1:1.0: skipping garbage
[  718.935670][  T928] cdc_wdm 2-1:1.0: skipping garbage
[  718.948116][  T928] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  718.954080][  T928] cdc_wdm 2-1:1.0: Unknown control protocol
[  718.960089][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  718.994121][T11770] batman_adv: batadv0: Interface activated: batadv_slave_1
[  719.023033][ T5150] usb 1-1: Using ep0 maxpacket: 32
[  719.027065][T11770] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  719.059947][T11770] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  719.059947][ T5150] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  719.059990][T11770] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  719.087982][ T5150] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  719.128356][T11770] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  719.138598][ T5150] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  719.168073][ T5150] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  719.237159][ T5150] usb 1-1: config 0 interface 0 has no altsetting 0
[  719.268339][ T5150] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  719.277460][ T5150] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  719.317986][ T5150] usb 1-1: Product: syz
[  719.322224][ T5150] usb 1-1: Manufacturer: syz
[  719.326864][ T5150] usb 1-1: SerialNumber: syz
[  719.395673][ T5150] usb 1-1: config 0 descriptor??
[  719.420683][ T5150] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  719.486432][ T5150] ldusb 1-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  719.499779][    C0] wdm_int_callback: 74 callbacks suppressed
[  719.499809][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.512367][    C0] wdm_int_callback: 74 callbacks suppressed
[  719.512389][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.524672][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.531319][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.537689][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.544331][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.550773][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.557505][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.564314][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.570957][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.577315][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.583961][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.590315][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.596968][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.603356][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.610005][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.616361][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.622990][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.629310][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  719.635951][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  719.672293][    T8] usb 2-1: USB disconnect, device number 46
[  719.672354][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  719.814602][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  719.838490][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  719.905471][T12167] usb 1-1: USB disconnect, device number 56
[  719.923480][T12167] ldusb 1-1:0.0: LD USB Device #1 now disconnected
[  719.955555][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  719.977437][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  720.336735][T12162] loop3: detected capacity change from 0 to 32768
[  720.390062][T12162] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1838 (12162)
[  720.493719][T12176] loop4: detected capacity change from 0 to 4096
[  720.502874][T12162] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  720.547432][T12162] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  720.592137][T12162] BTRFS info (device loop3): using free-space-tree
[  720.612643][T12144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  720.699621][   T29] audit: type=1800 audit(1720133953.049:1917): pid=12176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1783" name="bus" dev="loop4" ino=33 res=0 errno=0
[  720.720085][    C0] vkms_vblank_simulate: vblank timer overrun
[  720.728882][   T29] audit: type=1800 audit(1720133953.049:1918): pid=12176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1783" name="bus" dev="loop4" ino=33 res=0 errno=0
[  720.839500][T12192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1840'.
[  721.028672][T12192] team0: entered promiscuous mode
[  721.057234][T12192] team_slave_1: entered promiscuous mode
[  721.091677][T12191] team0: left promiscuous mode
[  721.096523][T12191] team_slave_1: left promiscuous mode
[  721.456444][T11783] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  721.489826][ T5150] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  721.722243][ T5150] usb 5-1: Using ep0 maxpacket: 16
[  721.741860][ T8996] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  721.775974][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  721.821795][ T5150] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  721.868362][ T5150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.879247][T12222] loop2: detected capacity change from 0 to 512
[  721.925749][ T5150] usb 5-1: config 0 descriptor??
[  721.962552][T12222] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[  721.988590][ T8996] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[  722.003267][ T5164] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  722.023182][ T8996] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  722.048253][ T8996] usb 2-1: config 0 has no interface number 0
[  722.108097][ T8996] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has an invalid bInterval 255, changing to 11
[  722.171151][ T8996] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid maxpacket 59391, setting to 1024
[  722.233893][ T5164] usb 1-1: Using ep0 maxpacket: 16
[  722.257756][ T8996] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  722.280801][T12222] loop2: detected capacity change from 0 to 64
[  722.317239][ T8996] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  722.332359][ T5164] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  722.373123][ T5164] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  722.382995][ T8996] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  722.407438][ T5164] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  722.435704][ T8996] usb 2-1: config 0 descriptor??
[  722.491012][T12205] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  722.690760][T12210] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  722.709140][T12205] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  722.918781][ T5164] usb 1-1: config 0 descriptor??
[  723.088829][ T8996] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  723.263337][ T5150] hid (null): unknown global tag 0x83
[  723.312408][ T5150] hid (null): global environment stack underflow
[  723.423392][ T5150] hid-generic 0003:0158:0100.001B: unexpected long global item
[  723.456629][T12234] loop2: detected capacity change from 0 to 1024
[  723.477630][ T5150] hid-generic 0003:0158:0100.001B: probe with driver hid-generic failed with error -22
[  723.566684][ T5150] usb 5-1: USB disconnect, device number 39
[  723.615733][T12234] could not open pipe file descriptor
[  723.819947][T12218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.958685][T12218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  724.019866][T12240] hfsplus: bad catalog entry type
[  724.610890][   T11] usb 2-1: Failed to submit usb control message: -110
[  724.635180][    T8] usb 2-1: USB disconnect, device number 47
[  724.635804][   T53] hfsplus: b-tree write err: -5, ino 4
[  724.674245][   T11] usb 2-1: unable to send the bmi data to the device: -110
[  724.687082][T12167] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  724.709949][ T5164] hid (null): unknown global tag 0x83
[  724.719206][ T5164] hid (null): global environment stack underflow
[  724.737230][   T11] usb 2-1: unable to get target info from device
[  724.749505][   T11] usb 2-1: could not get target info (-110)
[  724.755546][   T11] usb 2-1: could not probe fw (-110)
[  724.776856][ T5164] hid-generic 0003:0158:0100.001C: unexpected long global item
[  724.807090][ T5164] hid-generic 0003:0158:0100.001C: probe with driver hid-generic failed with error -22
[  724.877583][T12244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1850'.
[  724.917976][T12167] usb 4-1: Using ep0 maxpacket: 8
[  724.962215][T12167] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  724.985151][ T5150] usb 1-1: USB disconnect, device number 57
[  724.996033][T12167] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  725.049620][T12167] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  725.078278][T12167] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  725.109244][T12167] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  725.148152][T12167] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  725.171752][T12167] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  725.198179][ T5164] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  725.488214][T12167] usb 4-1: usb_control_msg returned -32
[  725.516097][T12254] loop1: detected capacity change from 0 to 4096
[  725.525211][T12167] usbtmc 4-1:16.0: can't read capabilities
[  725.578214][ T5164] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  725.598617][ T5164] usb 3-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[  725.640953][ T5164] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  725.691781][T12265] overlayfs: failed to resolve './file2': -2
[  725.997504][ T5164] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[  726.552465][ T5164] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[  726.566855][ T5164] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  726.628529][ T5164] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  726.651124][   T29] audit: type=1800 audit(1720133958.999:1919): pid=12254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1851" name="bus" dev="loop1" ino=33 res=0 errno=0
[  727.008158][   T29] audit: type=1800 audit(1720133959.049:1920): pid=12254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1851" name="bus" dev="loop1" ino=33 res=0 errno=0
[  727.417141][ T5164] usb 3-1: Product: syz
[  727.421579][ T5164] usb 3-1: Manufacturer: syz
[  727.448173][ T5164] cdc_wdm 3-1:1.0: skipping garbage
[  727.453456][ T5164] cdc_wdm 3-1:1.0: skipping garbage
[  727.486389][ T5164] cdc_wdm 3-1:1.0: cdc-wdm1: USB WDM device
[  727.498010][ T5164] cdc_wdm 3-1:1.0: Unknown control protocol
[  727.583926][T12281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1854'.
[  727.840256][ T5150] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  728.098376][T12246] usbtmc 4-1:16.0: send_request_dev_dep_msg_in returned -90
[  728.121506][T12288] loop4: detected capacity change from 0 to 512
[  728.171102][T12288] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[  728.270199][T12288] loop4: detected capacity change from 0 to 64
[  728.301640][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  728.374553][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  728.520917][ T5150] usb 2-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[  728.544914][    T8] usb 3-1: USB disconnect, device number 42
[  728.663544][ T5150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.729446][ T5150] usb 2-1: config 0 descriptor??
[  728.748829][T12167] usb 4-1: USB disconnect, device number 42
[  729.169722][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.184472][T12297] loop3: detected capacity change from 0 to 1024
[  729.191594][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.199218][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.206671][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.218189][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.287969][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.307652][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.316776][ T5150] hid-generic 0003:0EEF:C002.001D: unknown main item tag 0x0
[  729.322325][T12297] could not open pipe file descriptor
[  729.384727][ T5150] hid-generic 0003:0EEF:C002.001D: hidraw0: USB HID v0.00 Device [HID 0eef:c002] on usb-dummy_hcd.1-1/input0
[  729.427687][ T5150] usb 2-1: USB disconnect, device number 48
[  729.751072][T12303] hfsplus: bad catalog entry type
[  730.329493][   T12] hfsplus: b-tree write err: -5, ino 4
[  730.384325][T12311] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1861'.
[  730.492328][T12317] ieee802154 phy0 wpan0: encryption failed: -22
[  730.738171][    T8] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  730.763772][T12319] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  730.957686][    T8] usb 4-1: Using ep0 maxpacket: 8
[  730.985335][    T8] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  731.027363][    T8] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  731.088036][ T8996] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  731.096092][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  731.127253][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  731.163746][    T8] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  731.213409][    T8] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  731.257755][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.322891][ T8996] usb 3-1: Using ep0 maxpacket: 16
[  731.383311][ T8996] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  731.418127][ T8996] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  731.447629][ T8996] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.522992][    T8] usb 4-1: usb_control_msg returned -32
[  731.526259][ T8996] usb 3-1: config 0 descriptor??
[  731.546365][    T8] usbtmc 4-1:16.0: can't read capabilities
[  731.553774][T12331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'.
[  731.607687][T12333] cgroup: noprefix used incorrectly
[  731.888298][T12338] netlink: 'syz.1.1867': attribute type 10 has an invalid length.
[  731.955206][T12338] 8021q: adding VLAN 0 to HW filter on device team0
[  731.973251][T12322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  732.012942][T12322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  732.019451][T12338] bond0: (slave team0): Enslaving as an active interface with an up link
[  732.051006][ T8996] hid (null): unknown global tag 0x83
[  732.138205][ T8996] hid (null): global environment stack underflow
[  732.418604][ T8996] hid-generic 0003:0158:0100.001E: unexpected long global item
[  732.432330][ T8996] hid-generic 0003:0158:0100.001E: probe with driver hid-generic failed with error -22
[  733.107421][T12354] usbtmc 4-1:16.0: stb usb_control_msg returned -32
[  733.117622][ T8996] usb 3-1: USB disconnect, device number 43
[  733.240162][T12346] loop4: detected capacity change from 0 to 4096
[  733.248624][T12346] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  733.391125][T12361] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  733.474866][T12346] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  733.487399][T12346] ntfs3: loop4: mft corrupted
[  733.495180][T12346] ntfs3: loop4: Failed to load $Extend (-22).
[  733.502819][T12346] ntfs3: loop4: Failed to initialize $Extend.
[  733.768102][ T5103] Bluetooth: hci6: command tx timeout
[  733.839225][T12360] loop1: detected capacity change from 0 to 1024
[  734.090322][T12360] could not open pipe file descriptor
[  734.424072][T12362] hfsplus: bad catalog entry type
[  734.710470][ T8996] usb 4-1: USB disconnect, device number 43
[  735.235185][   T12] hfsplus: b-tree write err: -5, ino 4
[  735.275870][T12376] ieee802154 phy0 wpan0: encryption failed: -22
[  735.622854][T12379] cgroup: noprefix used incorrectly
[  735.665353][T12381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1878'.
[  735.768153][ T5103] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  735.777102][ T5103] Bluetooth: hci6: Injecting HCI hardware error event
[  735.787280][ T5103] Bluetooth: hci6: hardware error 0x00
[  736.128142][ T5102] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  736.487678][T12396] overlayfs: failed to resolve './file2': -2
[  736.658520][ T5102] usb 3-1: Using ep0 maxpacket: 8
[  736.733534][ T5102] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  736.737951][ T5164] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  737.259290][ T5102] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  737.318033][ T5102] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  737.372881][ T5102] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  737.413585][ T5102] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  737.468187][ T5102] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  737.497690][ T5102] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.559364][ T5164] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  737.587992][ T5164] usb 5-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[  737.628309][ T5164] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  737.637366][ T5164] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[  737.662395][ T5164] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[  737.694326][ T5164] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  737.704006][ T5164] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  737.737895][ T5164] usb 5-1: Product: syz
[  737.742278][ T5164] usb 5-1: Manufacturer: syz
[  737.751242][ T5102] usb 3-1: usb_control_msg returned -32
[  737.771476][ T5102] usbtmc 3-1:16.0: can't read capabilities
[  737.775582][ T5164] cdc_wdm 5-1:1.0: skipping garbage
[  737.801006][ T5164] cdc_wdm 5-1:1.0: skipping garbage
[  737.829870][ T5164] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  737.836461][ T5164] cdc_wdm 5-1:1.0: Unknown control protocol
[  737.838117][T11224] Bluetooth: hci7: command tx timeout
[  737.923972][ T5103] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  738.050312][T12387] usbtmc 3-1:16.0: send_request_dev_dep_msg_in returned -90
[  738.228941][ T5164] usb 5-1: USB disconnect, device number 40
[  738.257711][T12400] loop3: detected capacity change from 0 to 32768
[  738.293484][T12400] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1884 (12400)
[  738.620537][T12400] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  738.668242][T12400] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  738.735663][T12406] usbtmc 3-1:16.0: stb usb_control_msg returned -32
[  738.781720][T12400] BTRFS info (device loop3): using free-space-tree
[  739.702721][T12402] loop1: detected capacity change from 0 to 32768
[  739.888853][ T5103] Bluetooth: hci7: Controller not accepting commands anymore: ncmd = 0
[  739.899232][ T5103] Bluetooth: hci7: Injecting HCI hardware error event
[  739.910012][ T5103] Bluetooth: hci7: hardware error 0x00
[  740.240902][T11783] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  740.568843][ T5164] usb 3-1: USB disconnect, device number 44
[  740.781968][T12432] binder: 12428:12432 ioctl c0306201 0 returned -14
[  741.029820][T12434] loop1: detected capacity change from 0 to 1024
[  741.072989][T12431] loop2: detected capacity change from 0 to 4096
[  741.159791][T12434] could not open pipe file descriptor
[  741.318238][   T29] audit: type=1800 audit(1720133973.589:1921): pid=12431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1890" name="bus" dev="loop2" ino=33 res=0 errno=0
[  741.446701][   T29] audit: type=1800 audit(1720133973.609:1922): pid=12431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1890" name="bus" dev="loop2" ino=33 res=0 errno=0
[  741.467315][    C0] vkms_vblank_simulate: vblank timer overrun
[  741.516305][T12421] loop0: detected capacity change from 0 to 32768
[  741.586147][T12442] hfsplus: bad catalog entry type
[  742.063746][   T11] hfsplus: b-tree write err: -5, ino 4
[  742.082118][ T5103] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  743.995503][T12457] loop3: detected capacity change from 0 to 256
[  744.004366][T12457] exfat: Deprecated parameter 'utf8'
[  744.011469][T12457] exfat: Bad value for 'gid'
[  744.047453][T12455] cgroup: noprefix used incorrectly
[  744.088163][   T25] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  744.311505][   T25] usb 2-1: Using ep0 maxpacket: 16
[  744.339944][   T25] usb 2-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  744.358539][   T25] usb 2-1: config 1 interface 0 has no altsetting 0
[  744.373154][   T25] usb 2-1: New USB device found, idVendor=056a, idProduct=0020, bcdDevice= 0.40
[  744.383030][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.394315][   T25] usb 2-1: Product: syz
[  744.399062][   T25] usb 2-1: Manufacturer: 㠍
[  744.403704][   T25] usb 2-1: SerialNumber: syz
[  745.578119][ T5103] Bluetooth: hci5: Ignoring connect complete event for invalid link type
[  745.622088][ T5103] Bluetooth: hci5: SCO packet for unknown connection handle 1039
[  745.711078][T12465] loop2: detected capacity change from 0 to 32768
[  747.147192][T12467] loop3: detected capacity change from 0 to 32768
[  747.544606][T12470] loop4: detected capacity change from 0 to 32768
[  747.562412][T12470] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1900 (12470)
[  747.720594][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  747.736254][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  747.787471][T12470] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  747.823917][T12470] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  748.167160][T12470] BTRFS info (device loop4): using free-space-tree
[  748.246485][T12485] overlayfs: failed to resolve './file2': -2
[  748.273891][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  748.322231][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  748.529425][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  748.839019][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  748.921649][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  749.009745][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  749.022953][T12492] loop0: detected capacity change from 0 to 1024
[  749.082157][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  749.084719][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  749.186157][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  749.356521][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  749.427987][T12492] could not open pipe file descriptor
[  749.428753][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  749.758043][T12470] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  749.832220][T12507] hfsplus: bad catalog entry type
[  750.221151][   T25] usbhid 2-1:1.0: can't add hid device: -32
[  750.227246][   T25] usbhid 2-1:1.0: probe with driver usbhid failed with error -32
[  750.270758][   T12] hfsplus: b-tree write err: -5, ino 4
[  750.270851][T12504] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  750.336385][T12470] BTRFS error (device loop4): open_ctree failed
[  750.478718][T12511] loop0: detected capacity change from 0 to 64
[  750.518799][T12511] hfs: unable to parse mount options
[  750.682236][T12509] loop3: detected capacity change from 0 to 4096
[  750.899054][   T29] audit: type=1800 audit(1720133983.219:1923): pid=12509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1903" name="bus" dev="loop3" ino=33 res=0 errno=0
[  750.965447][T12514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1908'.
[  751.017956][   T25] usb 2-1: USB disconnect, device number 49
[  751.037958][   T29] audit: type=1800 audit(1720133983.219:1924): pid=12509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1903" name="bus" dev="loop3" ino=33 res=0 errno=0
[  752.268340][T12526] cgroup: noprefix used incorrectly
[  752.480013][T12532] loop4: detected capacity change from 0 to 512
[  752.520079][T12532] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[  752.808231][   T29] audit: type=1326 audit(1720133985.149:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12534 comm="syz.1.1913" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6cbe375bd9 code=0x0
[  753.196528][T12532] loop4: detected capacity change from 0 to 64
[  753.787790][T12548] loop1: detected capacity change from 0 to 1024
[  753.863070][T12553] loop0: detected capacity change from 0 to 64
[  753.879466][T12553] hfs: unable to parse mount options
[  753.911958][T12548] could not open pipe file descriptor
[  754.228411][T12557] hfsplus: bad catalog entry type
[  755.423391][   T11] hfsplus: b-tree write err: -5, ino 4
[  755.768282][T12566] loop1: detected capacity change from 0 to 4096
[  755.878100][T12167] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  756.002765][   T29] audit: type=1800 audit(1720133988.349:1926): pid=12566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1919" name="bus" dev="loop1" ino=33 res=0 errno=0
[  756.254404][   T29] audit: type=1800 audit(1720133988.399:1927): pid=12566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1919" name="bus" dev="loop1" ino=33 res=0 errno=0
[  756.280965][T12167] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  757.021006][T12167] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 45523, setting to 1024
[  757.037004][T12167] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  757.051754][T12167] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  757.061228][T12167] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.085984][T12167] usb 1-1: Product: 坍ὅ䔅昩刹햯࡬쏜䙅穚ﰈ헙澠檪숴珳员短⊈᜘ꁫ㉂ퟮ⮱ᵣ禼鳀ઈ꽵䔗ᰨ霂☚騹ꪲ翊䮼㫈⾩齃㸼뒿ᡣ㶐뎩嗵岊
[  757.138187][T12167] usb 1-1: Manufacturer: 쑿
[  757.142850][T12167] usb 1-1: SerialNumber: syz
[  757.419464][T12564] loop0: detected capacity change from 0 to 7
[  757.468739][T12564] Dev loop0: unable to read RDB block 7
[  757.487995][T12564]  loop0: unable to read partition table
[  757.493941][T12564] loop0: partition table beyond EOD, truncated
[  757.531376][T12564] loop_reread_partitions: partition scan of loop0 (�被x������ڬ��dƤ����ݡ�����
[  757.531376][T12564] 
) failed (rc=-5)
[  757.608325][T12167] cdc_ncm 1-1:1.0: bind() failure
[  757.656748][T12167] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  757.668102][T12167] cdc_ncm 1-1:1.1: bind() failure
[  757.729053][T12167] usb 1-1: USB disconnect, device number 58
[  757.806901][T12578] cgroup: noprefix used incorrectly
[  758.368560][T12587] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1928'.
[  758.479947][T12586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  759.038435][T12586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  759.241628][T12591] loop0: detected capacity change from 0 to 1024
[  759.304735][T12591] could not open pipe file descriptor
[  759.434906][T12572] loop2: detected capacity change from 0 to 32768
[  759.874871][T12598] hfsplus: bad catalog entry type
[  760.491467][   T53] hfsplus: b-tree write err: -5, ino 4
[  760.578059][T12167] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  760.980045][T12167] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  761.765770][T12167] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  761.776516][T12167] usb 4-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[  761.787905][T12167] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.819051][T12167] usb 4-1: config 0 descriptor??
[  762.075073][T12609] loop4: detected capacity change from 0 to 512
[  762.133783][T12609] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[  762.251320][T12609] loop4: detected capacity change from 0 to 64
[  762.314196][T12167] hid-generic 0003:0EEF:C002.001F: item fetching failed at offset 6/8
[  762.384766][T12167] hid-generic 0003:0EEF:C002.001F: probe with driver hid-generic failed with error -22
[  763.061454][T12167] usb 4-1: USB disconnect, device number 44
[  763.223387][T12618] cgroup: noprefix used incorrectly
[  763.260201][T12615] loop2: detected capacity change from 0 to 4096
[  763.688223][   T29] audit: type=1800 audit(1720133996.029:1928): pid=12625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1933" name="bus" dev="loop2" ino=33 res=0 errno=0
[  763.718408][ T8996] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  763.951485][ T8996] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  763.971471][   T29] audit: type=1800 audit(1720133996.029:1929): pid=12615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1933" name="bus" dev="loop2" ino=33 res=0 errno=0
[  764.029662][ T8996] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 45523, setting to 1024
[  764.032399][T12627] loop0: detected capacity change from 0 to 1024
[  764.097314][ T8996] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  764.240668][ T8996] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  764.251035][ T8996] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.270627][ T8996] usb 2-1: Product: 坍ὅ䔅昩刹햯࡬쏜䙅穚ﰈ헙澠檪숴珳员短⊈᜘ꁫ㉂ퟮ⮱ᵣ禼鳀ઈ꽵䔗ᰨ霂☚騹ꪲ翊䮼㫈⾩齃㸼뒿ᡣ㶐뎩嗵岊
[  764.307253][T12627] could not open pipe file descriptor
[  764.313081][ T8996] usb 2-1: Manufacturer: 쑿
[  764.323336][ T8996] usb 2-1: SerialNumber: syz
[  764.659050][T12635] hfsplus: bad catalog entry type
[  764.719509][T12102] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  765.112477][T12631] loop3: detected capacity change from 0 to 256
[  765.122389][ T1058] hfsplus: b-tree write err: -5, ino 4
[  765.144395][ T8996] cdc_ncm 2-1:1.0: bind() failure
[  765.154227][ T8996] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  765.162848][ T8996] cdc_ncm 2-1:1.1: bind() failure
[  765.176857][T12631] exfat: Deprecated parameter 'utf8'
[  765.188497][ T8996] usb 2-1: USB disconnect, device number 50
[  765.223237][T12631] exfat: Bad value for 'gid'
[  765.232669][T12102] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  765.256937][T12102] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 45523, setting to 1024
[  765.286690][T12102] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  765.398065][T11224] Bluetooth: hci5: command tx timeout
[  765.496937][T12102] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  765.506067][T12102] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.527997][T12102] usb 5-1: Product: 坍ὅ䔅昩刹햯࡬쏜䙅穚ﰈ헙澠檪숴珳员短⊈᜘ꁫ㉂ퟮ⮱ᵣ禼鳀ઈ꽵䔗ᰨ霂☚騹ꪲ翊䮼㫈⾩齃㸼뒿ᡣ㶐뎩嗵岊
[  766.268875][T12167] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  766.276783][T12102] usb 5-1: Manufacturer: 쑿
[  766.282570][T12102] usb 5-1: SerialNumber: syz
[  766.457939][T12167] usb 3-1: Using ep0 maxpacket: 8
[  766.742337][T12167] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  766.752665][T12167] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  766.763407][T12102] cdc_ncm 5-1:1.0: bind() failure
[  766.773096][T12102] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  766.780066][T12167] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  766.786084][T12652] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1949'.
[  766.789967][T12167] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  766.790002][T12167] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  766.790058][T12167] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  766.790087][T12167] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.791587][T12102] cdc_ncm 5-1:1.1: bind() failure
[  766.867742][T12654] loop3: detected capacity change from 0 to 64
[  767.076491][T12655] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  767.359828][T11224] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  767.368814][T11224] Bluetooth: hci5: Injecting HCI hardware error event
[  767.380527][ T5103] Bluetooth: hci5: hardware error 0x00
[  767.553895][T12102] usb 5-1: USB disconnect, device number 41
[  767.651771][T12650] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  767.748261][T12167] usb 3-1: usb_control_msg returned -32
[  767.756602][T12167] usbtmc 3-1:16.0: can't read capabilities
[  767.775890][T12664] cgroup: noprefix used incorrectly
[  767.860800][ T5164] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  767.993126][T12668] loop4: detected capacity change from 0 to 4096
[  767.994017][T12670] loop3: detected capacity change from 0 to 1024
[  768.019501][T12670] could not open pipe file descriptor
[  768.073888][ T5164] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  768.099723][   T29] audit: type=1800 audit(1720134000.449:1930): pid=12668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1954" name="bus" dev="loop4" ino=33 res=0 errno=0
[  768.132255][ T5164] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  768.181589][ T5164] usb 2-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[  768.218511][   T29] audit: type=1800 audit(1720134000.469:1931): pid=12668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1954" name="bus" dev="loop4" ino=33 res=0 errno=0
[  768.265195][ T5164] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  768.311539][ T5164] usb 2-1: config 0 descriptor??
[  768.396686][T12673] hfsplus: bad catalog entry type
[  768.862183][ T5164] hid-generic 0003:0EEF:C002.0020: item fetching failed at offset 6/8
[  769.257144][ T5164] hid-generic 0003:0EEF:C002.0020: probe with driver hid-generic failed with error -22
[  769.278891][ T5164] usb 2-1: USB disconnect, device number 51
[  769.804200][ T5103] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  769.930348][T12678] usbtmc 3-1:16.0: stb usb_control_msg returned -32
[  769.968503][   T11] hfsplus: b-tree write err: -5, ino 4
[  770.181782][T12167] usb 3-1: USB disconnect, device number 45
[  770.600933][T12684] loop0: detected capacity change from 0 to 4096
[  770.648444][T12684] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  770.677059][T12695] loop4: detected capacity change from 0 to 512
[  770.715912][T12696] Cannot find del_set index 2 as target
[  770.743526][T12695] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[  770.789566][T12696] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  770.825640][T12696] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  770.846423][T12684] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  770.878809][T12684] ntfs3: loop0: mft corrupted
[  770.884121][T12695] loop4: detected capacity change from 0 to 64
[  770.889434][T12684] ntfs3: loop0: Failed to load $Extend (-22).
[  770.896570][T12684] ntfs3: loop0: Failed to initialize $Extend.
[  771.866326][T12702] cgroup: noprefix used incorrectly
[  772.273508][T12710] loop2: detected capacity change from 0 to 1024
[  772.356239][T12710] could not open pipe file descriptor
[  773.112036][T12714] hfsplus: bad catalog entry type
[  773.352212][ T1058] hfsplus: b-tree write err: -5, ino 4
[  773.743800][T12707] loop0: detected capacity change from 0 to 32768
[  773.768414][T12707] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1966 (12707)
[  773.781696][ T5164] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  773.848476][T12707] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  773.868811][T12707] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  773.889358][T12707] BTRFS info (device loop0): using free-space-tree
[  773.989163][ T8996] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  774.000353][ T5164] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  774.013165][ T5164] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  774.040846][ T5164] usb 5-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[  774.062907][ T5164] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.074408][ T5164] usb 5-1: config 0 descriptor??
[  774.208228][ T8996] usb 3-1: Using ep0 maxpacket: 8
[  774.217233][ T8996] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  774.227986][ T8996] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  774.317790][ T8996] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  774.346300][T11762] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  774.375662][ T8996] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  774.417700][ T8996] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  774.487708][ T8996] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  774.546766][ T5164] hid-generic 0003:0EEF:C002.0021: unknown main item tag 0x0
[  774.562433][ T8996] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.574651][ T5164] hid-generic 0003:0EEF:C002.0021: unknown main item tag 0x0
[  774.634822][ T5164] hid-generic 0003:0EEF:C002.0021: hidraw0: USB HID v0.00 Device [HID 0eef:c002] on usb-dummy_hcd.4-1/input0
[  774.811227][   T59] usb 5-1: USB disconnect, device number 42
[  774.856420][T12751] Cannot find add_set index 0 as target
[  774.882035][ T8996] usb 3-1: usb_control_msg returned -32
[  774.887686][ T8996] usbtmc 3-1:16.0: can't read capabilities
[  774.934109][T12751] netdevsim netdevsim0: Direct firmware load for ng failed with error -2
[  774.953503][T12751] netdevsim netdevsim0: Falling back to sysfs fallback for: ng
[  775.005183][T12748] loop3: detected capacity change from 0 to 4096
[  775.042838][T12725] loop1: detected capacity change from 0 to 32768
[  775.051611][T12748] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  775.179732][T12725] jfs: Unrecognized mount option "����������01777777777777777777777���X�c�v�:�Q���" or missing value
[  775.215749][T12748] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  775.242737][T12748] ntfs3: loop3: mft corrupted
[  775.255903][T12748] ntfs3: loop3: Failed to load $Extend (-22).
[  775.264556][T12748] ntfs3: loop3: Failed to initialize $Extend.
[  775.806484][T12757] netlink: 'syz.4.1979': attribute type 10 has an invalid length.
[  775.882677][T12758] usbtmc 3-1:16.0: stb usb_control_msg returned -32
[  775.922872][T12759] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1979'.
[  776.651273][T12757] team0: Failed to send options change via netlink (err -105)
[  776.660328][T12762] cgroup: noprefix used incorrectly
[  776.680522][T12757] team0: Port device netdevsim0 added
[  776.754025][T12766] loop0: detected capacity change from 0 to 1024
[  776.773671][T12766] could not open pipe file descriptor
[  777.009053][T12167] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  777.765576][T12768] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  777.804670][T12102] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  777.814112][   T63] hfsplus: b-tree write err: -5, ino 4
[  777.918657][T12167] usb 3-1: USB disconnect, device number 46
[  778.007919][T12102] usb 5-1: Using ep0 maxpacket: 8
[  778.212201][T12102] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  778.565158][T12102] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  778.578011][T12102] usb 5-1: config 1 has no interface number 1
[  778.584458][T12102] usb 5-1: too many endpoints for config 1 interface 2 altsetting 220: 113, using maximum allowed: 30
[  778.600480][T12102] usb 5-1: config 1 interface 2 altsetting 220 has an invalid endpoint descriptor of length 3, skipping
[  778.992063][T12102] usb 5-1: config 1 interface 2 altsetting 220 has 1 endpoint descriptor, different from the interface descriptor's value: 113
[  779.063638][T12102] usb 5-1: config 1 interface 2 has no altsetting 0
[  779.091847][T12102] usb 5-1: string descriptor 0 read error: -71
[  779.100456][T12102] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  779.147728][T12102] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.220416][T12102] usb 5-1: can't set config #1, error -71
[  779.259833][T12102] usb 5-1: USB disconnect, device number 43
[  780.387960][T12167] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  780.411919][T12799] loop4: detected capacity change from 0 to 1024
[  780.479487][T12799] could not open pipe file descriptor
[  780.709887][T12167] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  780.723402][T12167] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.396080][T12167] usb 1-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[  781.410508][T12167] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  781.418945][   T11] hfsplus: b-tree write err: -5, ino 4
[  781.431668][T12167] usb 1-1: config 0 descriptor??
[  781.706965][T12797] loop2: detected capacity change from 0 to 4096
[  781.779967][T12805] loop3: detected capacity change from 0 to 64
[  782.442352][T12167] hid-generic 0003:0EEF:C002.0022: unknown main item tag 0x0
[  782.453227][T12167] hid-generic 0003:0EEF:C002.0022: unknown main item tag 0x0
[  782.469018][T12167] hid-generic 0003:0EEF:C002.0022: hidraw0: USB HID v0.00 Device [HID 0eef:c002] on usb-dummy_hcd.0-1/input0
[  782.490814][T12797] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  782.491290][T12167] usb 1-1: USB disconnect, device number 59
[  782.793128][T12797] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  783.578340][T12797] ntfs3: loop2: mft corrupted
[  783.615810][T12797] ntfs3: loop2: Failed to load $Extend (-22).
[  783.639343][T12797] ntfs3: loop2: Failed to initialize $Extend.
[  783.949269][ T8996] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  784.169686][ T8996] usb 4-1: Using ep0 maxpacket: 8
[  784.264376][T12823] loop2: detected capacity change from 0 to 256
[  784.274611][T12823] exfat: Deprecated parameter 'utf8'
[  784.280838][T12823] exfat: Bad value for 'gid'
[  784.564848][ T8996] usb 4-1: unable to get BOS descriptor or descriptor too short
[  784.589520][ T8996] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  784.610159][ T8996] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  784.695014][ T8996] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  784.745086][ T8996] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  784.777925][ T8996] usb 4-1: Product: syz
[  784.787738][ T8996] usb 4-1: Manufacturer: syz
[  784.965313][ T8996] usb 4-1: SerialNumber: syz
[  785.019301][T12832] loop1: detected capacity change from 0 to 512
[  785.065055][T12832] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent
[  785.257977][  T928] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  785.282789][T12832] loop1: detected capacity change from 0 to 64
[  785.468006][  T928] usb 1-1: Using ep0 maxpacket: 32
[  785.483073][  T928] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  785.496087][  T928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  785.536318][  T928] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  785.606336][  T928] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  785.647972][  T928] usb 1-1: Product: syz
[  785.652208][  T928] usb 1-1: Manufacturer: syz
[  785.656852][  T928] usb 1-1: SerialNumber: syz
[  785.717570][  T928] usb 1-1: config 0 descriptor??
[  785.814828][  T928] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  785.833551][T12840] loop2: detected capacity change from 0 to 1024
[  785.857759][T12812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  785.868476][T12812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  785.887412][  T928] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  785.962989][T12840] could not open pipe file descriptor
[  786.203987][T12843] loop1: detected capacity change from 0 to 512
[  786.848663][T12843] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent
[  786.866136][   T35] hfsplus: b-tree write err: -5, ino 4
[  786.889575][ T5102] usb 1-1: USB disconnect, device number 60
[  786.928332][ T5102] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  787.317228][T12842] loop1: detected capacity change from 0 to 64
[  788.149138][ T5150] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  788.195263][  T928] usb 4-1: USB disconnect, device number 45
[  788.410356][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  788.659331][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  788.702674][ T5150] usb 5-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[  788.743792][ T5150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.782336][ T5150] usb 5-1: config 0 descriptor??
[  789.271502][ T5150] hid-generic 0003:0EEF:C002.0023: unknown main item tag 0x0
[  789.327979][ T5150] hid-generic 0003:0EEF:C002.0023: unknown main item tag 0x0
[  789.346328][ T5150] hid-generic 0003:0EEF:C002.0023: hidraw0: USB HID v0.00 Device [HID 0eef:c002] on usb-dummy_hcd.4-1/input0
[  789.351928][T12856] loop2: detected capacity change from 0 to 4096
[  789.368122][T12866] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  789.426748][T12856] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  789.462261][ T5150] usb 5-1: USB disconnect, device number 44
[  789.599029][T12856] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  789.624560][T12856] ntfs3: loop2: mft corrupted
[  789.636954][T12856] ntfs3: loop2: Failed to load $Extend (-22).
[  789.644723][T12856] ntfs3: loop2: Failed to initialize $Extend.
[  789.733970][T12871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2015'.
[  789.793894][T12871] team0: entered promiscuous mode
[  789.797602][T12874] loop0: detected capacity change from 0 to 1024
[  789.804849][T12871] team_slave_0: entered promiscuous mode
[  789.823159][T12871] team_slave_1: entered promiscuous mode
[  789.857244][T12871] team_slave_0: entered allmulticast mode
[  789.879201][T12874] could not open pipe file descriptor
[  790.104049][T12871] team0: Port device team_slave_0 removed
[  790.608319][T12879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2017'.
[  790.684642][T12870] team0: left promiscuous mode
[  790.725978][T12870] team_slave_1: left promiscuous mode
[  790.928291][   T35] hfsplus: b-tree write err: -5, ino 4
[  791.119173][T12885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2019'.
[  791.199804][T12885] team0: entered promiscuous mode
[  791.204951][T12885] team_slave_0: entered promiscuous mode
[  791.899103][T12885] team_slave_1: entered promiscuous mode
[  791.905040][T12885] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  791.990143][T12885] team_slave_0: entered allmulticast mode
[  792.447946][T12885] team0: Port device team_slave_0 removed
[  792.599657][T12901] loop2: detected capacity change from 0 to 256
[  792.720008][T12901] exfat: Deprecated parameter 'utf8'
[  792.725563][T12901] exfat: Bad value for 'gid'
[  792.772674][T12882] team0: left promiscuous mode
[  792.789572][T12882] team_slave_1: left promiscuous mode
[  792.795146][T12882] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  795.243922][T12918] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2031'.
[  795.328157][T12919] loop2: detected capacity change from 0 to 1024
[  795.408748][T12919] could not open pipe file descriptor
[  795.710732][   T63] hfsplus: b-tree write err: -5, ino 4
[  796.548011][T12936] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  798.590261][T12958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2044'.
[  798.895843][T12952] loop1: detected capacity change from 0 to 256
[  798.903541][T12952] exfat: Deprecated parameter 'utf8'
[  798.909006][T12952] exfat: Bad value for 'gid'
[  799.221104][T12977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2050'.
[  799.540121][T12167] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  799.860600][T12167] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  799.869704][T12167] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  799.887986][T12167] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  799.899885][T12978] loop4: detected capacity change from 0 to 256
[  799.906799][T12978] exfat: Deprecated parameter 'utf8'
[  799.912261][T12978] exfat: Bad value for 'gid'
[  800.021291][T12167] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  800.090499][T12167] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  800.115885][T12167] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  800.175389][T12167] usb 1-1: Product: syz
[  800.192829][T12167] usb 1-1: Manufacturer: syz
[  800.213431][T12167] cdc_wdm 1-1:1.0: skipping garbage
[  800.222600][T12167] cdc_wdm 1-1:1.0: skipping garbage
[  800.244412][T12167] cdc_wdm 1-1:1.0: skipping garbage
[  800.280826][T12167] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22
[  800.439326][T12167] usb 1-1: USB disconnect, device number 61
[  800.578915][ T5150] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  800.788411][ T5150] usb 5-1: Using ep0 maxpacket: 32
[  800.851647][ T5150] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  800.891105][ T5150] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  800.917994][ T5150] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  800.935004][ T5150] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  800.950330][T12992] netlink: 'syz.3.2053': attribute type 10 has an invalid length.
[  800.958420][ T5150] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  800.968995][ T5150] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  800.990343][ T5150] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  801.028466][T12993] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2053'.
[  801.049320][ T5150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  801.097329][ T5150] usb 5-1: Product: syz
[  801.118150][ T5150] usb 5-1: Manufacturer: syz
[  801.143854][ T5150] usb 5-1: SerialNumber: syz
[  801.185945][T12992] team0: Failed to send options change via netlink (err -105)
[  801.228021][T12992] team0: Port device netdevsim0 added
[  801.248322][   T59] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  801.448252][ T5102] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  801.482282][T12989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  801.503691][T12989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  801.678247][ T5102] usb 4-1: Using ep0 maxpacket: 8
[  801.701722][ T5102] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  801.755825][ T5102] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  801.768814][T13006] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2058'.
[  801.805567][ T5102] usb 4-1: config 1 has no interface number 1
[  801.823532][ T5102] usb 4-1: too many endpoints for config 1 interface 2 altsetting 220: 113, using maximum allowed: 30
[  801.861491][ T5102] usb 4-1: config 1 interface 2 altsetting 220 has an invalid endpoint descriptor of length 3, skipping
[  801.907252][ T5102] usb 4-1: config 1 interface 2 altsetting 220 has 1 endpoint descriptor, different from the interface descriptor's value: 113
[  801.929470][   T59] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  801.939323][   T53] ------------[ cut here ]------------
[  801.945318][   T53] WARNING: CPU: 1 PID: 53 at net/wireless/nl80211.c:19513 cfg80211_bss_color_notify+0x5f8/0x8b0
[  801.945357][   T53] Modules linked in:
[  801.945376][   T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/u8:3 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  801.945394][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  801.945423][   T53] Workqueue: phy36 ieee80211_color_collision_detection_work
[  801.945448][   T53] RIP: 0010:cfg80211_bss_color_notify+0x5f8/0x8b0
[  801.945474][   T53] Code: 00 e8 fc b9 b6 fe 48 83 c4 08 89 c1 c1 f8 1f 21 c8 e9 08 fd ff ff e8 67 b3 ab f6 90 0f 0b 90 e9 6f fb ff ff e8 59 b3 ab f6 90 <0f> 0b 90 e9 36 fb ff ff e8 4b b3 ab f6 c6 05 8b 02 b2 04 01 90 48
[  801.945488][   T53] RSP: 0018:ffffc90000bd7aa0 EFLAGS: 00010293
[  801.945502][   T53] RAX: ffffffff8ae7d087 RBX: 0000000000000000 RCX: ffff8880157c0000
[  801.945514][   T53] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  801.945524][   T53] RBP: ffffc90000bd7bb0 R08: ffffffff8ae7cbb2 R09: 1ffffffff1f5ef4d
[  801.945558][   T53] R10: dffffc0000000000 R11: ffffffff8b037720 R12: 1ffff9200017af5c
[  801.945571][   T53] R13: ffff888022860000 R14: ffff888022860cd0 R15: dffffc0000000000
[  801.945584][   T53] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  801.945598][   T53] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  801.945609][   T53] CR2: 000055557868c808 CR3: 000000000e132000 CR4: 00000000003506f0
[  801.945624][   T53] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  801.945633][   T53] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  801.945644][   T53] Call Trace:
[  801.945652][   T53]  <TASK>
[  801.945660][   T53]  ? __warn+0x168/0x4e0
[  801.945699][   T53]  ? cfg80211_bss_color_notify+0x5f8/0x8b0
[  801.945727][   T53]  ? report_bug+0x2b3/0x500
[  801.945749][   T53]  ? cfg80211_bss_color_notify+0x5f8/0x8b0
[  801.945777][   T53]  ? handle_bug+0x3e/0x70
[  801.945794][   T53]  ? exc_invalid_op+0x1a/0x50
[  801.945826][   T53]  ? asm_exc_invalid_op+0x1a/0x20
[  801.945849][   T53]  ? __pfx_ieee80211_color_collision_detection_work+0x10/0x10
[  801.945872][   T53]  ? cfg80211_bss_color_notify+0x122/0x8b0
[  801.945895][   T53]  ? cfg80211_bss_color_notify+0x5f7/0x8b0
[  801.945921][   T53]  ? cfg80211_bss_color_notify+0x5f8/0x8b0
[  801.945969][   T53]  ? __pfx_lock_acquire+0x10/0x10
[  801.945992][   T53]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  801.946013][   T53]  ? __pfx_cfg80211_bss_color_notify+0x10/0x10
[  801.946038][   T53]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  801.946075][   T53]  ? process_scheduled_works+0x945/0x1830
[  801.946112][   T53]  process_scheduled_works+0xa2c/0x1830
[  801.946156][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  801.946185][   T53]  ? assign_work+0x364/0x3d0
[  801.946209][   T53]  worker_thread+0x86d/0xd40
[  801.946260][   T53]  ? __kthread_parkme+0x169/0x1d0
[  801.946285][   T53]  ? __pfx_worker_thread+0x10/0x10
[  801.946305][   T53]  kthread+0x2f0/0x390
[  801.946328][   T53]  ? __pfx_worker_thread+0x10/0x10
[  801.946348][   T53]  ? __pfx_kthread+0x10/0x10
[  801.946388][   T53]  ret_from_fork+0x4b/0x80
[  801.946411][   T53]  ? __pfx_kthread+0x10/0x10
[  801.946434][   T53]  ret_from_fork_asm+0x1a/0x30
[  801.946469][   T53]  </TASK>
[  801.946478][   T53] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  802.262547][   T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/u8:3 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  802.272799][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  802.282868][   T53] Workqueue: phy36 ieee80211_color_collision_detection_work
[  802.290191][   T53] Call Trace:
[  802.293473][   T53]  <TASK>
[  802.296403][   T53]  dump_stack_lvl+0x241/0x360
[  802.301096][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  802.306407][   T53]  ? __pfx__printk+0x10/0x10
[  802.311023][   T53]  ? vscnprintf+0x5d/0x90
[  802.315359][   T53]  panic+0x349/0x870
[  802.319288][   T53]  ? __warn+0x177/0x4e0
[  802.323445][   T53]  ? __pfx_panic+0x10/0x10
[  802.327888][   T53]  ? ret_from_fork_asm+0x1a/0x30
[  802.332838][   T53]  __warn+0x34b/0x4e0
[  802.336815][   T53]  ? cfg80211_bss_color_notify+0x5f8/0x8b0
[  802.342630][   T53]  report_bug+0x2b3/0x500
[  802.346969][   T53]  ? cfg80211_bss_color_notify+0x5f8/0x8b0
[  802.352787][   T53]  handle_bug+0x3e/0x70
[  802.356940][   T53]  exc_invalid_op+0x1a/0x50
[  802.361445][   T53]  asm_exc_invalid_op+0x1a/0x20
[  802.366298][   T53] RIP: 0010:cfg80211_bss_color_notify+0x5f8/0x8b0
[  802.372736][   T53] Code: 00 e8 fc b9 b6 fe 48 83 c4 08 89 c1 c1 f8 1f 21 c8 e9 08 fd ff ff e8 67 b3 ab f6 90 0f 0b 90 e9 6f fb ff ff e8 59 b3 ab f6 90 <0f> 0b 90 e9 36 fb ff ff e8 4b b3 ab f6 c6 05 8b 02 b2 04 01 90 48
[  802.392359][   T53] RSP: 0018:ffffc90000bd7aa0 EFLAGS: 00010293
[  802.398437][   T53] RAX: ffffffff8ae7d087 RBX: 0000000000000000 RCX: ffff8880157c0000
[  802.406409][   T53] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  802.414395][   T53] RBP: ffffc90000bd7bb0 R08: ffffffff8ae7cbb2 R09: 1ffffffff1f5ef4d
[  802.422386][   T53] R10: dffffc0000000000 R11: ffffffff8b037720 R12: 1ffff9200017af5c
[  802.430379][   T53] R13: ffff888022860000 R14: ffff888022860cd0 R15: dffffc0000000000
[  802.438374][   T53]  ? __pfx_ieee80211_color_collision_detection_work+0x10/0x10
[  802.445852][   T53]  ? cfg80211_bss_color_notify+0x122/0x8b0
[  802.451681][   T53]  ? cfg80211_bss_color_notify+0x5f7/0x8b0
[  802.457520][   T53]  ? __pfx_lock_acquire+0x10/0x10
[  802.462581][   T53]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  802.468598][   T53]  ? __pfx_cfg80211_bss_color_notify+0x10/0x10
[  802.474784][   T53]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  802.481126][   T53]  ? process_scheduled_works+0x945/0x1830
[  802.486859][   T53]  process_scheduled_works+0xa2c/0x1830
[  802.492438][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  802.498441][   T53]  ? assign_work+0x364/0x3d0
[  802.503119][   T53]  worker_thread+0x86d/0xd40
[  802.507762][   T53]  ? __kthread_parkme+0x169/0x1d0
[  802.512814][   T53]  ? __pfx_worker_thread+0x10/0x10
[  802.517960][   T53]  kthread+0x2f0/0x390
[  802.522946][   T53]  ? __pfx_worker_thread+0x10/0x10
[  802.528073][   T53]  ? __pfx_kthread+0x10/0x10
[  802.532675][   T53]  ret_from_fork+0x4b/0x80
[  802.537129][   T53]  ? __pfx_kthread+0x10/0x10
[  802.541728][   T53]  ret_from_fork_asm+0x1a/0x30
[  802.546513][   T53]  </TASK>
[  802.549838][   T53] Kernel Offset: disabled
[  802.554270][   T53] Rebooting in 86400 seconds..