last executing test programs:

6m43.667828302s ago: executing program 3 (id=11):
socket$inet6_icmp(0xa, 0x2, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x800000003, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r5)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYRES16=r1, @ANYRES64, @ANYRESHEX=r0, @ANYRES64=r3, @ANYRES64=r6, @ANYRESDEC=r2, @ANYRES8=r0], 0x5c}, 0x1, 0x0, 0x0, 0x40002800}, 0x4000010)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r8)
sendmsg$IEEE802154_LIST_IFACE(r7, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="310729bd7000fedb0010000000000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x80)
r10 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={<r11=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000001b00)={'syz_tun\x00', &(0x7f0000001ac0)=@ethtool_cmd={0x24, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, [0x40000000]}})
setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0xc, &(0x7f0000000000)={0x8, 0x0, 0x2}, 0x10)
write(r10, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000ec01d00000000000000050008000d000000", 0x24)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0))
socket$packet(0x11, 0x3, 0x300)

6m41.790436229s ago: executing program 3 (id=15):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt(r0, 0x7, 0x0, &(0x7f0000000500)=""/171, &(0x7f00000005c0)=0xab)
sendmmsg$inet(r0, &(0x7f0000000080)=[{{&(0x7f0000000040)={0x2, 0xfffc, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'tunl0\x00', 0x0})
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=0xffffffffffffffff, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000340)}, 0x1c)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000200)=0x8000000)
r6 = openat$dlm_monitor(0xffffff9c, &(0x7f00000003c0), 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, [@alu={0x4, 0x1, 0x1, 0x7, 0x1, 0xfffffffffffffff4, 0x8}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x2}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xb}]}, &(0x7f00000000c0)='GPL\x00', 0xd, 0x54, &(0x7f0000000100)=""/84, 0x40f00, 0x40, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000280)={0x9, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0x5, 0xa, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r2, 0xffffffffffffffff, r3, r5, r6], 0x0, 0x10, 0xffff, @void, @value}, 0x94)

6m40.37116937s ago: executing program 3 (id=20):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000012c0)=@polexpire={0xc4, 0x1b, 0xc8dbc5159e5c15d1, 0x0, 0x0, {{{@in=@private, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0xc944}, {0xfffffffffffffffc, 0x0, 0x10001}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xc4}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x1, 0x3, 0x2000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0x0, 0xffff}, {0xc}}}, 0x24}}, 0x400c0)
getsockname$packet(r1, &(0x7f0000000740)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}]}}}]}, 0x48}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104fcffffff0000000000000000", @ANYRES32=r3, @ANYBLOB="00250000000000003c0012800b000100697036746e6c00002c00028006000f000000000009000000060012004e230000080008001400000006000f0001000000bb049669db6f99e88baf9d105a985c9f8ba87cf8fc209b71a8b688d16e41e0ac7b105e3e2bc7a652d4908648"], 0x5c}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f00000000c0)={<r4=>r0, 0x1ee, 0x81, 0x10000})
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xd, 0x11, &(0x7f0000000340)=ANY=[@ANYRES32=r4, @ANYRESDEC=r0, @ANYRESHEX, @ANYRES32=r4, @ANYRES8=r0, @ANYRESHEX=r4, @ANYRESDEC=r0, @ANYBLOB="ae761f297b9ac1c718d546bed438d802993f258fb825d9a681a8387cc10ad21e606f9868645ec206daf671391f3599f81b26f0b071cf0c8fe987074fecbe3f2fa9f5b76924428052c9ec389a72356e50235f0246d07473d0b7e34df93a51bff610afbca2574907"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
symlinkat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000240)='./cgroup\x00', 0xcc04, &(0x7f0000000480)={[{@dots}, {@fat=@errors_continue}, {@nodots}, {@fat=@flush}, {@fat=@dos1xfloppy}, {@fat=@errors_remount}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {}, {@dots}, {@dots}, {@fat=@nocase}, {@fat=@time_offset={'time_offset', 0x3d, 0xffffffffffffff46}}, {@nodots}, {@fat=@time_offset={'time_offset', 0x3d, 0x5}}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x8}}, {@nodots}]}, 0xfd, 0x214, &(0x7f0000001280)="$eJzs3T2LE10UAOCTffP5YrG1IIxYaLWoje2KrCAGhJWA2gkKgqk2TbLNbu8v8S+JhbWVbJVGrowz+TAm6xpIRtfnKTJn5tybe+9MMkmTkxS5VhRqsbMf+zGuxW7sxMRpsWkEAHApjFOKL6kwPfip0ikBABu29PN/qp0/fK1gWgDABj19/uLx/W734DDL2hFnp8PesFdsi/zDR92D29l3u7NeZ8Nh779p/k62+N0hzzfi/zJ/t+ifTdPNiOg149aNIp/nHjzpZj/2b8WrDa8dAAAAAAAAAAAAAAAAAAAAAACqci2yiaK+z5t7H5/l27K+z97eQj46ZX2eYm+uPtBC/Z56XK2Xu7PyQOlkWwsDAAAAAAAAAAAAAAAAAACAv8hgdPz2Zb//+mgWtCJi/kh9SZvVQa184gs1rj7Y+fC5mO9vdu+Uy1xj0Fp5ija7wM7yi3uRIOp/ytVZN8i2MFZn1el9lwcp5Ufm3wVp+mqZlMVYOUQzIs4f/ebhupMfp5T6768fDUaRzm08u0e0tnc7AgAAAAAAAAAAAAAAAACAf9pgVJv86vsn7SomBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVGIyOy///XyM4iYgr8cvGk7Ea0a52sQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxa3wIAAP//dS0gvw==")
socket$kcm(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r7, @ANYRES16=r6], 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

6m34.800241858s ago: executing program 3 (id=31):
pipe2$9p(&(0x7f0000000000), 0x4000)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000f00fc00000018000180140002006e657464657673696d300000000000000800060000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES16=r1], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x40)

6m31.173474926s ago: executing program 3 (id=37):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000, 0x1)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x10)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf4fffff7, 0x12, r2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000000)={[{@errors_continue}]}, 0x1, 0x4be, &(0x7f0000000a00)="$eJzs3c9vG1UeAPCv7SZN0uz2x+5h28O22lbqQtW4TdQkQr30hIRUQO2BYxUSNypx4ih2ShPlkEoc4I6gEifEoX8Agis9cewVeoIzUgUhJUKikpHHdppfLgbSWMp8PtLUb+ZN/X0v1vdp5o3HE0Bqnar9k4noj4iHEXG4vrp5h1P1l7WVpfHakolq9fqPmWS/1ZWl8eauzf93KCKWI6InIq69GvF2Znvc8sLi1FixWJhrrOcr07P58sLi+VvTY5OFycLM0MjgyOjw8MjopV3r63t3rrzx0S9X3v/sm/vfvZP54kytWf2Nuo392E31rnfF0Q3bDkTE5RcRrANyjf70droh/CW1z+9fEXE6yf/DkUs+TSANqtVq9Wn1YKvq5Sqwb2WTY+BMdiAi6uVsdmCgfgz/7+jLFkvlyrmbpfmZifqx8pHoyt68VSxcaJwrHImuTG39YlJ+tj64ZX0oIjkG/jDXm6wPjJeKE3s71AFbHNqS/09y9fwHUsIpP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q/pJf8hveQ/pJf8h/SS/5BKb169Wluqa4373yduL8xPlW6fnyiUpwam58cHxktzswOTpdJkcs/O9B+9X7FUmh2Kmfk7+UqhXMmXFxZvTJfmZyo3kvv6bxS69qRXQDuOnnzwKBMRy6/0JktNd6NOrsL+Vq1motP3IAOdkev0AAR0jKk/SC/n+MAOP9G7SU+ritndbwuwN7LPii1THNifzh53/Q/Syvw/pJf5f0gvx/iA+X9In2ynGwB0TH+L53/9Y8Ozuy5ExD8j4ttc18Hms76A/SD7Q6bVPOCZiO7Mr8klgu6IePeT6x/fGatU5i7Wtv+0vr1yr7F9sP2o3bvWfqBdzTxt5jEAkF6rK0vjzWUv4z6+Uj/5qMVdayz1mgONucme5Bpl32pm0zlKy3OWP2n5bkT8J+LJytJ4c2lGqD/vvH7lo281ty3+scZrpv4WSXsPJM9Nj7a/Tv134h/fEP+/G+Kf2IW/C6TBg9r4c2H7+HewkdOxnn+bx5/+XfruRHP8W9s2/mXXx79ci/HvZJsxLuffWm0Z/27EiR3jN+P1JLG2xq+17Wyb8b/+4OeHreqqn9bfZ6f4TbVSvjI9my8vLJ5PfkdusjAzNDI4Mjo8PDJ6KZ/MUeebM9XbPfrf06+e1/++FvF36n/3hja91Gb/f7v35blTz4n//9M7f/7Hdojf1BsRL7cZ/7XPv7/Wqq4Wf6JF/7Mt4mcilmvbhtqMf/3+49fb3BUA2APlhcWpsWKxMKegoKCwXuj0yAS8aM+SvtMtAQAAAAAAAAAAANq1F18n7nQfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g98DAAD//3wG2HA=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r3, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
write$tun(r1, &(0x7f0000000600)={@void, @val={0x1, 0x3, 0xffff, 0x9, 0xfeff, 0xff0c}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x3, 0x5, 0x2c, 0x68, 0x0, 0x9, 0x11, 0x0, @remote, @multicast2}, {0x4e20, 0x4e21, 0x18, 0x0, @wg=@data={0x4, 0x7b8dd026, 0x1ff}}}}}, 0x36)
r4 = open$dir(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0, 0x80)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f0000000300)=ANY=[@ANYBLOB="b2ffffffffffffff07000000000000000400000006fa157706000000000000000000000001000000040000000000000007000000000000000000000000000000000000000000000000040000000000000000000000000000c325c13a00000000e8470000000000008506b162000000000000000000000000000000000000000000080000000000000000000000000000020000000000000000000000a0000000570600000000000000000000000000000000000000000000880c000000000000000000000000000083000000000000000700000000000000e90600f7e3000000000000000000000000000000000000000002000000000000000000000000000007000000000000000400000000000000090000000000000000000000000000000040000000000000800c00000000000000000000000000000700000000000000ff0f0000000000000600"/368])
openat(r1, &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x400000, 0x182)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500), 0x0, 0x1}}, 0x3c)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

6m28.727765893s ago: executing program 3 (id=41):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xe) (async)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000}) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="660a0000000000006111730000000000850000001500000095000000000000004b4ce93ac73c1028358a23cabce92fa9b3c0df7b4c1f6bb69b2f6f3df1f7521114a93b3008aedaa23ec821811f98b39353edaa8fb2ef04e52c1cb7cfe590ac8829fb20f54f8ecb49db4796e6bf1e31eb9dcd26b0aa8dd2105b98c1931bc3880dbd61efe5fcd0e83ade46087470436702cde9de23b23835d8752c9df00b002bd344fda65a5c1323c9250cffb5aa568aa69ee1d4f37f363a9ac1e98ecdf52acf5ef7cb71147158590bf8ce0456fd5dd403116195bf98f26b89941895aea228dfbede414cb5871452a669c2f999e3feabc2a60e50f6b778ac2aad"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b000000070000000f0000000900000005"], 0x50) (async, rerun: 32)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x10}], 0x1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xff}, 0x1c)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r4, 0xb4}, 0x8) (async)
bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000001840), 0xfffffff7, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000440), 0x2, r1}, 0x38) (async, rerun: 32)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='smb3\x00', 0x0, &(0x7f00000003c0)='nolazytime') (rerun: 32)

6m13.279490868s ago: executing program 32 (id=41):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xe) (async)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000}) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="660a0000000000006111730000000000850000001500000095000000000000004b4ce93ac73c1028358a23cabce92fa9b3c0df7b4c1f6bb69b2f6f3df1f7521114a93b3008aedaa23ec821811f98b39353edaa8fb2ef04e52c1cb7cfe590ac8829fb20f54f8ecb49db4796e6bf1e31eb9dcd26b0aa8dd2105b98c1931bc3880dbd61efe5fcd0e83ade46087470436702cde9de23b23835d8752c9df00b002bd344fda65a5c1323c9250cffb5aa568aa69ee1d4f37f363a9ac1e98ecdf52acf5ef7cb71147158590bf8ce0456fd5dd403116195bf98f26b89941895aea228dfbede414cb5871452a669c2f999e3feabc2a60e50f6b778ac2aad"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b000000070000000f0000000900000005"], 0x50) (async, rerun: 32)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x10}], 0x1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xff}, 0x1c)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r4, 0xb4}, 0x8) (async)
bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000001840), 0xfffffff7, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000440), 0x2, r1}, 0x38) (async, rerun: 32)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='smb3\x00', 0x0, &(0x7f00000003c0)='nolazytime') (rerun: 32)

3m6.304517262s ago: executing program 2 (id=27):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$isdn(0x22, 0x3, 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb080002"], 0x78}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001600010a00000000000000000a0000ee"], 0x24}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4, 0x0, 0x20000000}, 0x18)
sched_getaffinity(0x0, 0x8, &(0x7f0000000180))
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000220000/0x2000)=nil, 0x2000, 0x15)
socket(0x18, 0x0, 0x2)

2m35.519226955s ago: executing program 2 (id=27):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$isdn(0x22, 0x3, 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb080002"], 0x78}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001600010a00000000000000000a0000ee"], 0x24}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4, 0x0, 0x20000000}, 0x18)
sched_getaffinity(0x0, 0x8, &(0x7f0000000180))
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000220000/0x2000)=nil, 0x2000, 0x15)
socket(0x18, 0x0, 0x2)

2m5.28884453s ago: executing program 2 (id=27):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$isdn(0x22, 0x3, 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb080002"], 0x78}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001600010a00000000000000000a0000ee"], 0x24}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4, 0x0, 0x20000000}, 0x18)
sched_getaffinity(0x0, 0x8, &(0x7f0000000180))
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000220000/0x2000)=nil, 0x2000, 0x15)
socket(0x18, 0x0, 0x2)

1m33.343905233s ago: executing program 2 (id=27):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$isdn(0x22, 0x3, 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb080002"], 0x78}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001600010a00000000000000000a0000ee"], 0x24}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4, 0x0, 0x20000000}, 0x18)
sched_getaffinity(0x0, 0x8, &(0x7f0000000180))
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000220000/0x2000)=nil, 0x2000, 0x15)
socket(0x18, 0x0, 0x2)

1m3.447748086s ago: executing program 2 (id=27):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$isdn(0x22, 0x3, 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb080002"], 0x78}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001600010a00000000000000000a0000ee"], 0x24}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4, 0x0, 0x20000000}, 0x18)
sched_getaffinity(0x0, 0x8, &(0x7f0000000180))
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000220000/0x2000)=nil, 0x2000, 0x15)
socket(0x18, 0x0, 0x2)

34.657193046s ago: executing program 2 (id=27):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$isdn(0x22, 0x3, 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb080002"], 0x78}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001600010a00000000000000000a0000ee"], 0x24}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4, 0x0, 0x20000000}, 0x18)
sched_getaffinity(0x0, 0x8, &(0x7f0000000180))
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000220000/0x2000)=nil, 0x2000, 0x15)
socket(0x18, 0x0, 0x2)

30.434809218s ago: executing program 4 (id=788):
openat$vsock(0xffffffffffffff9c, 0x0, 0x103000, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
write$tun(r0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x8000000000000, &(0x7f0000000300)=@base={0x14, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

27.527689274s ago: executing program 5 (id=794):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[{0xc, 0x110, 0xc}], 0xc}, 0x0)

26.918270983s ago: executing program 5 (id=795):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x20)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='gre0\x00', 0x10)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20)

25.887719022s ago: executing program 5 (id=797):
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
r1 = open(&(0x7f0000000380)='./bus\x00', 0x240, 0x0)
r2 = creat(&(0x7f0000000200)='./bus\x00', 0x84)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES32=r1], 0x2b)
sendfile(r3, r1, 0x0, 0x4000000053d2)

25.672621911s ago: executing program 4 (id=798):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f00000003c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e06921e8682d85ff9782762f86dd", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

24.48414423s ago: executing program 4 (id=800):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000340)=0x4000000)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)={0x2, 0x0, [{0xd000, 0x24, &(0x7f00000003c0)=""/36}, {0x0, 0x0, 0x0}]})
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x8, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r5, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x205000, 0x0)
fchown(r6, 0x0, 0xee01)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000040)={0x7ffe, 0xffffffffffffffff, 0x80000})
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r6, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x46108101}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYRES16=r7, @ANYBLOB="00042cbd7000010000000700000014000780080001000200000008000200020000001401058034000280080001001400000008000200000000000800030088930000080001001b000000080002000d000000080002000a000000080001006574680034000280080001001e00000008000400f1ff000008000300000000070800040009000000080001000c000000080001001900000007000100696200004400028008000400ab00000008000100000000000800020006000000080001000300000008000100060000000800010003000000080002000500000008000400050000004c000280080004000200000008000300010000000800040006000000080002008000000008000300ff010000080003000101000008000100160000000800020007000000080001001200000008000100756470000001068004000200040002004600040067636d28616573290000000000000000000000000000000000000000000000001e0000004ac2edc820a2b28d8d68ca696c5c52f8cbdc116f01834e2de19c59f3d3870000ab000300b7a33c6a5fb18196af71dbbd2930147e728ff5bbfb1d96ae2ea25369db82d3bd94d24a16439dc0a3e63be63a461918e2a03bfe1130c867d3b61dd9e0dd650c4f9b8d5db4aabf1c97aa69ef4c49e6e0a3d26d554ef59199fafd9c40184ad607af49694612a0004e68ba89a88949c4946205c417e09022e98f11a9a2dad33b2d9fede7f566e2b28def9b27fbdc8eef4993c987ecb34fac5abeb5401d877e3d9e0f75427deb10f1a800"], 0x23c}, 0x1, 0x0, 0x0, 0x40800}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2000000000000015000200000001103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff070067020000030000001606000000000078bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

21.263225841s ago: executing program 5 (id=802):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="b15025bd7000ffdbdf251500000008000300", @ANYRES32=r2, @ANYBLOB="0500290002"], 0x24}}, 0x20000084)

21.14682267s ago: executing program 4 (id=803):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x800)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000180)={0x77, @time={0x20000040, 0x5}, 0x0, {}, 0x0, 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000001940)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000001900)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(0xffffffffffffffff, &(0x7f0000001980)={0x5, 0x10, 0xfa00, {&(0x7f0000001700), r4}}, 0x18)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x41000, 0xc193fb33447a5702, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe, @void, @value}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r6, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0)
r7 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r8, 0x0)
accept4$rose(r8, 0x0, 0x0, 0x0)
r9 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002)
writev(r9, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {&(0x7f00000007c0), 0x300}, {&(0x7f0000000900), 0x4000}], 0xe)
r10 = socket$inet6_udplite(0xa, 0x2, 0x88)
r11 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x97052, r11, 0x0)
ftruncate(r11, 0x0)
setsockopt$inet6_opts(r10, 0x29, 0x40, 0x0, 0xd0060)
write$tun(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0800080007000200001014000000460a0fc0006600008b67907864010120ffffffff44047e113297e3ba627aa2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88769ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b7589ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c99172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19415e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb91010763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c93148aa8d2934a15d29cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47cfa9fcd7aefe41e4be596beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c3df04affee49612a735907d3c4d310a54a6f609873ad56f29a138f4d5661f686c5e7462eb98f6ecf0c520339ed3d2fbb4e87bc63862ca6f885f1fbfc598ca0bbc68c5310ea1b7c6e9e9c8555e08b69963972dffe86cf79571ba6cb015cd07e800840ef0e3615193d3f3286b9811d2cdc63fb82a56753d26c9458692f2c5d18b41a43fe575449fd8667ab188a740b2b51a78c0917cd22a2c3564008ea78aaae969e0fc476cae872d0511143ca8bbfac08232e63ffc21219b1c794ab66b064867ca914d66bf4e6520eed53636c1d86f7d09dd35da16f4d5c017eefd90963d02da79dcedfbcdded0aaa8857bb8ea0c36421a79a2e993d4fe9e026717c007a3ee47ff3fb9bf189a601f0773c8a050456e738d0149a87bf7c7ea4f4740e220730b23b0385a953aedbabd0d61e44c9f386d87e0d920a147f0e936913b8f7bc3748af412c3fe1fcd6f03286e0bdcad4128757106e6c5087dcaefe185aaa2ebb5b311ddd18c32809e38b344e350857fe5354d7ab112506c07091703aa5b067d68f5f3213910b395e1627cf5f4fad23c63178b40e56f592a9e1c6a73a4d98e0496e"], 0xfce)

20.126759263s ago: executing program 5 (id=804):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

19.530857316s ago: executing program 4 (id=806):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000000c0)=0x7, 0x4)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000005200010bbc3c4900000000000a"], 0x1c}}, 0x0)
listen(r3, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000040)=0x38)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)

19.14932683s ago: executing program 5 (id=807):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r2, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x46d, 0xc20e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
write$sysctl(r2, &(0x7f0000000000)='2\x00', 0x2)

18.617250799s ago: executing program 4 (id=808):
r0 = fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x20)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0xc0189436, &(0x7f0000000000)={'bridge_slave_1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x5, 0x0, 0x3, 0x8, 0x0, {0x5, 0x4, 0x0, 0x0, 0x1, 0x65, 0x0, 0x1, 0x2f, 0x0, @dev, @remote}}}}}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x2, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8}, @TCA_MPLS_TTL={0x5, 0x7, 0x8}, @TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x2}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
syz_io_uring_setup(0x112, 0x0, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x20, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x8001)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0x6, 0x0, 0xff, 0x0, 0x0, 0x9}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

14.145799584s ago: executing program 1 (id=811):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x118, &(0x7f00000001c0)=0x5, 0x0, 0x4)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mkdir(&(0x7f0000000000)='./file0\x00', 0x1c4)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='debugfs\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0xa4000608)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='xfs\x00', 0x200013, 0x0)
chown(&(0x7f0000000140)='./file0\x00', 0xee01, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x6ad1, &(0x7f0000000940)={0x0, 0x3, 0x80, 0x0, 0x235}, &(0x7f00000009c0), &(0x7f00000003c0))
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$UHID_INPUT(r3, &(0x7f0000001300)={0x8, {"af0014920c989bde943127351c7e048fe805d44569c987d51286ac5e80b0961cfe3629729c82e28c53b31e3ecbb8722bff9c0906027d5cb6fbd929cb4b5e657cc88a443809e6a720828c27b6519e7c18904d67528373733934aa5240afd60544d489e1ec3779ac45095c12c6c5f13c086306dfbbd31926b74150ff2c87db2be1d995e9b3a16fb7360de12618b05d94c291acfcdab84c919de60133f54a0a18d2517c1d0de417ae39fec1c9fa306573205051a9880da1f213b9a27c22b72d42d92b7b260b41bcc1868a0404936774ea5209f02929ec3eef4298818ddb708de6c0e1fda05436037d7d4042d2de3adebc8a62f58ec6ccb4160435c4393ba913250b56ec2fce544a01a5a3ce4363fd497fb256910f31e9416f5b719d64f931bd6d71b54787841b3e49e01fe6ac9598ddb5ef1aeb3d1cabb75845d46806a494b6cf89ec9c8203b92dd0dadc5a3c02545cd005b5f26b7d2b848cb684cb58245d591472d5109e7fbe1175656d729fdd689af57802b33d7d53d427aa57eb0af7a63d9f73be83cd9c12bd06463083b4cc853aad416e9faf484fa069d3b7599b6fc6d94152811403201b91da2547ff6721b0ea237c37464b47b3b4f37384e50ba5773a63356991a5abef659e089cc95e5c3b6d8428115efcf9e89e2743b167d7b9824392d868c159fd1264bea8b9b8b26769d15a27df3af350e2a6e9e37b35c153bf980e8ad15de3b0f3add5f98eb2cbc03eeb2b04e6fb032991d7a88b14c7d2cf2959fc4ed27c4c93c13f5760d0803f10afb91effb45967b4793c58e4bc2e4348c93b4e59f1544a01e89530f6056cda3f972050ae79d9297af71cce0d82c764db2422967f05c9847715c66321e8ab0075a361e8fd78a956074945e687ec1ad01f8dfeb7f3ae2c25daff35617a5d752ad5b019689f10c789d0196f73011f5a4e002aebb676ccb2d8b92ff6c1eb60de10ed0d42f2d19fe96786938eca0fd09a3f16f7b52ef806183282c05ff9fccf96abd096b442c73c494c78c4161ce0599bf6e637664f5dbefa129e69a0d53525d77f871716052385649c1249a402a4a9ecadfd7182a4aba3fc48d76890dfe8a5442ff1b833b95fdb7ae5f052e5c18e9b0ad482ed80c4567f0d0645e6525e3390195b3a4314ab063ffca639d2b181efe15d5bb09e967900fd55ad9db7f6ba99268e0d7e2785c5b14f801b16b6fe9966bb3fa88352bc2ca79aa9a77ec5f9c271dcc62b6124a4d5ed1014fa6eb98521d4be4ca4323311d39e44002e71469326056d98af69fd42eed1dfec48d191587b35e2641abe8c80a2553b92cb43feea49505b5b5ca35dfaf06c693730033ebcad45b6b8026d4722b5c7e13d69269808f438816f77a7b1ed2d31ab44968657e70a51e8d98e520e3628014a09e55f36ca5c4c630d687b20e5a7bdfd6d43613fd3738c8ec1464561586987388885b7a424c949a3110e5de795ffdcf1ef43fb8b5b0364cdb0e9a62c1c6922f08125d456f0ee5d58fa670ff071a8d5b57c06efe30d960f9a67d3dd7dd6ec13c799f9b89d90593ba794c5c582f8bd583af0a59043a1da36cee8e2cc173610960e33300ec48cf7281887ffe66e7ec113a29ed339556d84d638ae9554bb20f2a7695da8bcad10e5f155fe5d54eb511087f7abb4a8ae9e78e233b1e079a44c9cdf2529ed3166c24f80a2bda3b2dfdd2e1c2f650cc35fccf8cb17c03681c6f379f535eeaf46caa1dd95f0b72ea6cf301f2d713844b36c7e90e052528f04a668e1dc5ed11e95bbb86268c712af3f6c77d538c9d3dafeceaacc7ba6b20d9266d75c7470d627725700bfd36a9faf5488532a0871a00e18466f3499e3e3270513168d05f52472045b8558d3fb7880805b6fe3a56b3df9eaea72d147f94ee09e763fcf66d0c71b708fb842bbe619eeeaf483fa717864ab435ca03503285591364727a3615582c80d2023897f7bfdda9b00d095ec11f42482f3851a9232ed09ec6733d54020a9e3b98cb3a014f094e9d968672632a30f967a6d2f00c64fb0aefbeb64510edca5496c9f69379f71412f08fe6afeeb604040a42f00290bc04a40f66f0b84c9c6d7e4d1bc213ed49142215b259be08a0a305c68cbec769ce195ea62b7a2ce632da0a98b469284fd7802bb8c47943ac1c8a7a2b0ee36ed45cde2d13cc00ecc11ca9516d9e917fa28d703566b8d5743c5aba0da662f0446768c6d0df6773d1b0c46dac6a6213aa7b5095a8bd9f34048394a8baac9ec65d740ad8acb8eb683702eaf509c30b547bf355561ca00841efdccd413295a430344d17d2d5f4f435d0a33fafe1b4f6826e9d91436b379cc46039551997e54692487562f65a406b769f2856d37c87a73e2e3738c9afdfa5e0f088bbd2799c7c722c23a7cc37266af557beecb9cc8340bc76ba85a147530f3a9bd8cfe82358c0d799f0687540d463e0f010d1e914f043027284292bf31af75301e27689910393e41f877832797dd7c184249e7b2ec0a79b0decb9a3eead5b3c82ac60fe1485829bf75b8af597b5fd9e47460ebb6d809733eb790027094b019ef2bfb76d75876a5e1e312e80e841c5e074c78b35be6a4070c99372dbb13dc27966a8d448b8e3225b11af907985f3142d41da70a682166814fce9e535cca37058bbb3a02894f6ada82c266e763f431d7e1926da2fc86805b02d6af712c82e7a36e667bd3091661be9cc0cdbd3b3cc690594cf8bac39dd9dac1f883cfb0e500759b0e5dc36721b3ed452addc26d39733a2d76d852d897298009dea9546bae66e9aac7f35277e025d440ca93fdec4bbd58970a130fc79056af96f81b0461ef0e16d4fb12014313438a4bb95b2f9cac98e24a713ed14b539ceddf55e90b6c000044a24be6597e2c5a397a772d7c493ad53a05d6076b584ee7c1615ee7f9de627ac9d7d0d4a12b5a080a9c4977da436704bc9eb9f1d25ba91498e4b575550a69aab83e9157a910c4b2907ea97bcc171dcb7ff6fa982dee16d5c5aaaf93fcc225a6c67c96e54ead190f9c6f949b8025988a46d29c86cf18623882d5aa996a3ece81881ba63e0e7d62b585a179631c7e22f924be7aad5699af389c6651c92848153007d9929683648c8a3fb102a50d9a3e9c83e6cabeae5f97d7faad7a803f8c6dbd9237fa4bec7b33db2cc4db5cd7b3baf1c4f4ddc1f16ec6484cbd1adecab06617045b2d5bac8d1bf97a37ed2780a967a678095a6849cabd87256dbe46f52c960ba8ead52e666a131abfb019d2ac7dd2b055bf91168322b23821a522d241f27a2e7ef892d589a0e55b606167e53b0725a089cae5ef65f02f8a2f32dedb370bf2dc34dac5218be294e755915b399cece7e5c3fa887909961a3d626e4a43bab7edd193a9bc0a7a764640943a635fec7722ff8b3add819b26b78c4e54ff970c15d6b27971cd135d288f081a66e792a8ee5b2d89d5945a99f4216ac21fd9a61e305b4a908f4cbe38e5ccd5eab65f5962877a570524809dffa4ca0ed90d505601d7d244273f20cc47feca7259bd1362e334be459e25a59d4873fc8ede03744c88599a5e5f2a6fb0ca08d085e40c8bd71a0777f7715153e71f4a67f6bb73bbbcd766a9dd4287671dcf6b7daacc4f4b81b32ea0d0381fc32807fe9393249e596d3d5ae4bc5a1cb3e48d63478679eb381fbe8cafd2c6890ba29c1af695f2597c6b472a163b7584dde7327933b9d5e88e0d77e3a3d526a619966dde7f82c7ab7a67a59ded2c880ee0e2f736f054b7d99cc68df48c28d76ab12762c85d07a1f3215d3d4ef2ebd65b0f7eacf62ec12997ccdada731992513263a06e063c27eccfdb3c9d1199136c1a2c3d6b5ea6b2e96c9aa6be3bfbda408b2779ad4eba91809a495c1b872e40d49b0acf4b19b4677e6ea8d07b9a621816c4c5f0e5aa364d4803567da0b2b646604563b31aaa298130576690cbab52bf1ddad7c64a7a416ceb36d6b3202f377ed003e8d74cabd4a6a7be18c95716022cc30c45157d6743785746cf8b0e21ec3208336ab0a43ad9c058fffa3021f84ca8b037dea55254ab944493ca03d025a4b42df3e5b830b81471cddf81fd14aed18e45cfed27b1ef015827942f833a0eee4cc0fcd57f0180f83f32e17d27e4784e42eb1a256404aa6e12f9daabddb907230b20693f3bc74723be6808d95c6463ef7bb6bc4a756fdc805ef4077303e5cd504e6c1754ee8303ee92b94808782984f75c0df49436d3859c092133b0545dac0d8f84fc95a1f0f38e4ecbe3f935d33e86b97bb11ca6f502a602bc7e05b4e6514ddc8ae4d8231874b350b32f96ff6cfbe03f1bf5a0fda73c15eca00afe85c026f5e34e699910ab16502b224b8f383a9a863ca351a1e87c17baadb3f7141aa1295a2a6be4d88d1347da9c356ba9b3bfcc678b58add1b224a0c9b7c3cc4c828abc56acd320e8a8ad22da90a0cf6ae40a471c150581da040297aed0e4889c5963bd8c1415acecbd932f9acda87315e3b2dade276b8324dc7d95141cdd8c4fba82c834a95f9efeb2c74c31e7fd32f96a6a68d9e9942c0bdc55bedd1617e47420877b9f640094a37ceea39656468215ebe789a277f585adc1cc0285b53e33afae1616b0806aeed78b6cc4da54e3bdfa3d49ead4e4fa3623f86a4dfa3042ed403684c62a5d148a30c99c24c3cf9a8858e02800e49e0eed84472a559c9f208f6c3310050e4c5948320b5b4eeefe583bb0bcc0bc01356e76e3465f66a7d0c56ca7abc069db5bd7ad20ec01307f391b5bc890b5034271ee31d5bd374a9422a08ce949667512c8d0bb60eb5d4d22fa0e2a5d172edc7b7386abe63222ef8fc5c676828a1441c5ed19ed5827b0d73d568efc51f46f65ea4f205ac26924d6a7f11477fe23049e0de65bd534c81756556c1cd8bc70b3ce71e4e13d44500773e0767bc735c98f0e1d06dc79e43b946a2faaf698e188cf5909e433edbc546beffcbdea76064ff9d5d56273ca05af42c541b896bc5a942665599c9a8f52db36dbd6d42e8f9bb3446df5f44e3971eb408d0c63381b4aa5997441e01a5eff9fa51d82b7d60d8c3ead784e50b562db074b19e855e8290896b808611c40ed7e0691f758103208900d69cd4c86310318d339eeb473b4bea27be94622560cf35416eea7333bb72110afe202dfcc55c755ed32ea9b4851378b554546b52ebd71b90828733ac3040daf1e3d23bfcadd20bb9248731ab11155aebd259b7e693ebad5d43e6a85f14ea317f31eca905634f9e8d5b1ff73dc5dbd2bbeef6c2965932c885969e00e1939685b472c097b4504c9e6f273e1038045e5ac4010ac232288b77de7d3433a143292f145465b6d1f9020aa4f8405bda4310059b82ad8fd41e698a7824456e11f44e577dc5d5a0eb93b98421a2867c3d40627f9061c1d5689205915c7a91da42348ad3bd12038d84175bddaee423b73c93aebf873c850ef44d66324a80ad0cf268998d71fac6988cb0b1879ebcb6c4c3bce2c45daf73db246bc55fb8221341ef760f5f5264113a437e03cbcf03bb276cdc4100138afc6a1eeb9d90e7f43ce8abbd8be6b9c5b54920f76f07d1557167292feb4c970da3f582d40c0661af8f043e01db8016e2600f655175fa7d705bda3a14d1733ccf6603b7f8709b71f2046211468460791330234fa21f417e6a68cdb1d4496808923a87d02f0ebfb09e102a7c9f7c870c082d6993d10e0de2dbe119ac811848661ab30ab8d7a528acf262bf7d21c2f235e5638be58171b61bed99ac3fef801562aabcf3feff77fe9498d09de3e9c3cf18914392433030595aa31d9c79abc29350a2a2a1d0c2f311246", 0x1000}}, 0x1006)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r5, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000001c80)={0x8, 0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000680)=""/128, 0x80}, {&(0x7f0000000d80)=""/81, 0x51}, {&(0x7f0000000e00)=""/184, 0xb8}, {&(0x7f0000000ec0)=""/95, 0x5f}, {&(0x7f0000000f40)=""/204, 0xcc}, {&(0x7f0000001040)=""/209, 0xd2}, {&(0x7f0000000540)=""/52, 0xfffffffffffffe14}, {&(0x7f0000000700)=""/25, 0x19}], &(0x7f0000000540)}, 0x20)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
socket$nl_generic(0x10, 0x3, 0x10)

10.389906325s ago: executing program 0 (id=813):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

9.578859282s ago: executing program 1 (id=814):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x2b9, &(0x7f0000000740)={0x0, 0xaa73, 0x10100, 0x2, 0x0, 0x0, r1}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(0xffffffffffffffff, 0x400c4152, 0x0)
fsetxattr$security_capability(r2, &(0x7f0000000140), 0x0, 0x0, 0x2)
r5 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchdir(r5)
syz_open_procfs$namespace(0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
mount(0x0, &(0x7f00000000c0)='./cgroup\x00', 0x0, 0x2020, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r6, 0x227b, &(0x7f00000000c0)=0x1)
readv(r6, &(0x7f0000000000)=[{&(0x7f0000000100)=""/54, 0x36}], 0x1)

9.400126269s ago: executing program 0 (id=815):
io_setup(0x19, &(0x7f00000009c0)=<r0=>0x0)
io_cancel(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff6f, 0x0, 0x3}, 0x0)

8.262323935s ago: executing program 0 (id=816):
syz_open_dev$evdev(&(0x7f0000000d80), 0x3, 0x0)
openat$rdma_cm(0xffffff9c, 0x0, 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000380), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000b40)='./file1\x00', 0x0, 0x100, 0x12345})
r2 = syz_io_uring_setup(0x81f, &(0x7f0000000480)={0x0, 0x0, 0x10, 0x1, 0x34f}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1fffffffffffffaa, &(0x7f0000000200)=[{0x30, 0x9, 0x0, 0x6}]}, 0xfffffffffffffdf1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
r5 = memfd_create(&(0x7f0000000740)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c\xfa\xb4q\xbb\x7fN\xd1\r%;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\x12?\xc7zL\x01\r-\x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc\xbe\xb6\xa7w\x9d\xf1\xe5V\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca', 0x4)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r5, 0x0)
io_uring_enter(r2, 0x47bc, 0x0, 0x21, 0x0, 0x0)

8.171602534s ago: executing program 1 (id=817):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
rt_sigpending(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
close(r0)
r1 = gettid()
ioprio_get$pid(0x2, r1)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
r2 = socket$alg(0x26, 0x5, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='name', &(0x7f00000000c0)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000003c0)='name', &(0x7f0000000400)='})\x00', 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x3a9040, 0x0)
socket$inet6(0xa, 0x1, 0x8010000000000084)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_open_procfs$pagemap(0x0, &(0x7f0000000240))

6.528313445s ago: executing program 0 (id=818):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000002440)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x1, @local, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000cc0)=[@hoplimit={{0x10, 0x29, 0x34, 0x5}}, @rthdrdstopts={{0x14, 0x29, 0x37, {0x2b}}}], 0x24}}], 0x1, 0x0)

5.690015747s ago: executing program 0 (id=819):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x60840, 0x1d2)
syz_open_dev$tty1(0xc, 0x4, 0x4)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000005c0))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'ip_vti0\x00'})
sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x0)
r6 = socket$inet(0xa, 0x801, 0x84)
sendto$inet(r6, &(0x7f0000000080)='w', 0x34000, 0x0, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x64010102}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
r7 = socket$netlink(0x10, 0x3, 0x4)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newlink={0x80, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x28000, 0x9808}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_EXT_MASK={0x8, 0x1d, 0x9}, @IFLA_VF_PORTS={0x30, 0x18, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0xb, 0x2, ')*\\(*}\x00'}, @IFLA_PORT_PROFILE={0xc, 0x2, 'bridge0\x00'}, @IFLA_PORT_PROFILE={0x1, 0x2, '@.\':\'.+\'[%/\x00'}]}]}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x6d539}]}, 0x80}, 0x1, 0xba01, 0x0, 0x20004401}, 0x0)

4.574286104s ago: executing program 1 (id=820):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x1000000, 0x0, 0x0, 0x0, 0xfffff9, 0x800005c0], 0xff00, 0x0, &(0x7f00000005c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x700}]}, 0xe0)

2.723398938s ago: executing program 33 (id=807):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r2, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x46d, 0xc20e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
write$sysctl(r2, &(0x7f0000000000)='2\x00', 0x2)

2.461734348s ago: executing program 34 (id=808):
r0 = fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x20)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0xc0189436, &(0x7f0000000000)={'bridge_slave_1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x5, 0x0, 0x3, 0x8, 0x0, {0x5, 0x4, 0x0, 0x0, 0x1, 0x65, 0x0, 0x1, 0x2f, 0x0, @dev, @remote}}}}}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x2, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8}, @TCA_MPLS_TTL={0x5, 0x7, 0x8}, @TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x2}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
syz_io_uring_setup(0x112, 0x0, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x20, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x8001)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0x6, 0x0, 0xff, 0x0, 0x0, 0x9}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

2.387574909s ago: executing program 0 (id=823):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[], 0x48)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[], 0x5c}}, 0x0)
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, 0x0, 0x1000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GCALLUSERDATA(r2, 0x89e4, &(0x7f0000000180)={0x7c, "0f9607fda5cbde5493dcb7472f3235140563c27653e6ec89a81a12a27fa9fd00e996a06ff35fb92731035d261f7142fea7c8e55658e5b54820c84defdc7056c82b884cf7d5405a0f10ea232a5b6a0bdca0f1aad123cbd58a833ba563aa6328b91d64755cfa0fae615960466da4429600a1e4a68b1e37666ab4b5e1c37c6d3863"})
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in=@dev={0xac, 0x14, 0x14, 0x1c}, @in=@local, 0x0, 0x0, 0xffff, 0x5, 0xa, 0xe0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x20000, 0x0, 0xffffffffffffffff, 0x0, 0x3}, {0x1000000, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb4}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
creat(0x0, 0x50)
r5 = dup(r3)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket(0x28, 0x2, 0xfffffffe)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600))

1.766183228s ago: executing program 1 (id=824):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000980)={0x2, @sliced={0x5000, [0x81, 0xd9, 0xfff, 0x5, 0x1, 0x1000, 0x6, 0x6, 0x3, 0xf3f, 0x80, 0xcf, 0xc6e7, 0x10, 0xde, 0x7, 0x8, 0x12, 0x1f87, 0xe7b0, 0x4, 0x1, 0xa34, 0xff80, 0xc9, 0x806, 0x8, 0x3, 0xcaa, 0x0, 0x3, 0x1, 0x206, 0x7, 0x595, 0x1, 0x2, 0xfffd, 0xff01, 0x6, 0x818f, 0xfffe, 0x9, 0x4, 0x1, 0x1, 0x8, 0x9]}})

0s ago: executing program 1 (id=825):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x3)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3800003, 0x4000010, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x18)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0)
prlimit64(0x0, 0xc, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = syz_open_dev$video(&(0x7f0000000340), 0x2, 0x8340)
ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000140)=@mmap={0x5, 0x9, 0x4, 0x10, 0x9, {}, {0x5, 0xc, 0x3, 0x1b, 0x1, 0xa, "c754e8ac"}, 0x0, 0x1, {}, 0x7})
alarm(0x7)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x11}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x3, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000580)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lblc\x00', 0x2, 0x4, 0x6e}, {@local, 0x4e20, 0x2, 0x2, 0x12d5c, 0x12d5c}}, 0x44)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
sendmmsg$sock(r5, &(0x7f0000002680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=[@mark={{0x10, 0x1, 0x24, 0x3}}], 0x10}}], 0x11, 0x20000000)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x15)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7)
r6 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x65c, 0xec, 0xec, 0x424, 0x0, 0x1cc, 0x594, 0x594, 0x594, 0x594, 0x594, 0x6, 0x0, {[{{@uncond, 0x0, 0xa4, 0xec}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa4, 0xe0}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xf4, 0x118, 0x0, {}, [@common=@unspec=@connmark={{0x2c}}, @common=@inet=@socket1={{0x24}}]}, @HL={0x24, 'HL\x00', 0x0, {0x2, 0x8}}}, {{@uncond, 0x0, 0x11c, 0x140, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x80]}}]}, @inet=@DSCP={0x24, 'DSCP\x00', 0x0, {0xff}}}, {{@uncond, 0x0, 0x134, 0x170, 0x0, {}, [@common=@hbh={{0x48}, {0x8, 0x2, 0x0, [0x905, 0xfffe, 0x4, 0x4, 0x68e, 0xffff, 0x6, 0x7, 0x6, 0x7, 0xfff7, 0x9, 0xffff, 0x8, 0x2, 0x9], 0xa}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x6b8)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x1d, 0x1, 0x1d1, &(0x7f00000001c0)})
r7 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x257803)
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f0000000140)={0x80000002})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

kernel console output (not intermixed with test programs):

1: invalid descriptor for config index 0: type = 0x2, length = 7
[  504.122829][ T5842] usb 5-1: can't read configurations, error -22
[  504.349947][ T5842] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  504.570207][ T5842] usb 5-1: Using ep0 maxpacket: 16
[  504.617165][ T5842] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  504.626358][ T5842] usb 5-1: can't read configurations, error -22
[  504.690297][ T5842] usb usb5-port1: attempt power cycle
[  504.760783][ T7777] netlink: 'syz.0.370': attribute type 13 has an invalid length.
[  505.089136][ T5842] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  505.115863][ T7782] loop1: detected capacity change from 0 to 512
[  505.147302][ T5842] usb 5-1: Using ep0 maxpacket: 16
[  505.200455][ T5842] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  505.209476][ T5842] usb 5-1: can't read configurations, error -22
[  505.248985][ T7782] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  505.258375][ T7782] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  505.384529][ T7782] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  505.432622][ T5842] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  505.460480][ T7786] netlink: 'syz.0.383': attribute type 13 has an invalid length.
[  505.479878][ T7782] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  505.525416][ T7782] System zones: 0-2, 18-18, 34-35
[  505.535819][ T5842] usb 5-1: Using ep0 maxpacket: 16
[  505.561650][ T7782] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  505.562865][ T5842] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  505.583389][ T5842] usb 5-1: can't read configurations, error -22
[  505.605158][ T5842] usb usb5-port1: unable to enumerate USB device
[  505.666907][ T7790] loop5: detected capacity change from 0 to 1024
[  505.691257][   T30] audit: type=1800 audit(1746834907.930:27): pid=7782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.372" name="file1" dev="loop1" ino=15 res=0 errno=0
[  505.739175][ T5839] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  505.747804][ T7782] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.372: bg 0: block 353: padding at end of block bitmap is not set
[  505.791926][ T7790] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  505.805093][ T7790] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.871050][   T30] audit: type=1326 audit(1746834908.120:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7781 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  505.895620][   T30] audit: type=1326 audit(1746834908.120:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7781 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  505.897015][ T7782] netlink: 12 bytes leftover after parsing attributes in process `syz.1.372'.
[  505.927798][ T7782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.372'.
[  505.950716][ T5839] usb 1-1: Using ep0 maxpacket: 16
[  505.985451][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.997185][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  506.007741][ T5839] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  506.017341][ T5839] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.045016][ T5839] usb 1-1: config 0 descriptor??
[  506.092799][ T7782] syz.1.372 (7782) used greatest stack depth: 4288 bytes left
[  506.225760][ T6228] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.497807][ T5839] usbhid 1-1:0.0: can't add hid device: -71
[  506.506471][ T5839] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  506.516342][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.604868][ T5839] usb 1-1: USB disconnect, device number 10
[  506.848336][ T7798] loop5: detected capacity change from 0 to 256
[  507.015367][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  507.024623][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  507.413453][ T3006] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  507.421959][ T3006] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  508.444653][ T3006] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.585136][ T3006] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.629237][ T5839] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  508.784616][ T3006] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.836525][ T5839] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.848014][ T5839] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  508.857680][ T5839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.933024][ T5839] usb 6-1: config 0 descriptor??
[  508.960311][ T5839] pwc: Askey VC010 type 2 USB webcam detected.
[  509.035501][ T3006] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.403314][ T7811] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.413458][ T7811] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.512377][ T7811] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.514353][ T5839] pwc: recv_control_msg error -32 req 02 val 2b00
[  509.525182][ T7811] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.638046][ T3006] bridge_slave_1: left allmulticast mode
[  509.645271][ T3006] bridge_slave_1: left promiscuous mode
[  509.652708][ T3006] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.671807][ T3006] bridge_slave_0: left allmulticast mode
[  509.678073][ T3006] bridge_slave_0: left promiscuous mode
[  509.685611][ T3006] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.716667][ T7811] loop5: detected capacity change from 0 to 256
[  509.781900][ T7811] vfat: Unknown parameter '18446744073709551615'
[  510.220914][ T5839] pwc: recv_control_msg error -32 req 02 val 2700
[  510.237906][ T5839] pwc: recv_control_msg error -32 req 02 val 2c00
[  510.247622][ T5839] pwc: recv_control_msg error -32 req 04 val 1000
[  510.279660][ T5839] pwc: recv_control_msg error -32 req 04 val 1300
[  510.302763][ T5839] pwc: recv_control_msg error -32 req 04 val 1400
[  510.329304][ T5839] pwc: recv_control_msg error -32 req 02 val 2000
[  510.415665][ T3006] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  510.479547][ T3006] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  510.518272][ T3006] bond0 (unregistering): Released all slaves
[  510.622151][ T5839] pwc: recv_control_msg error -71 req 04 val 1500
[  510.649363][ T5839] pwc: recv_control_msg error -71 req 02 val 2500
[  510.677846][ T5839] pwc: recv_control_msg error -71 req 02 val 2400
[  510.698228][ T5839] pwc: recv_control_msg error -71 req 02 val 2600
[  510.731316][ T5839] pwc: recv_control_msg error -71 req 02 val 2900
[  510.759728][ T5839] pwc: recv_control_msg error -71 req 02 val 2800
[  510.768324][ T5839] pwc: recv_control_msg error -71 req 04 val 1100
[  510.802432][ T5839] pwc: recv_control_msg error -71 req 04 val 1200
[  510.820772][ T5839] pwc: Registered as video103.
[  510.829971][ T5839] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input6
[  510.880447][ T5839] usb 6-1: USB disconnect, device number 7
[  511.429797][ T3006] hsr_slave_0: left promiscuous mode
[  511.469697][ T3006] hsr_slave_1: left promiscuous mode
[  511.478296][ T3006] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  511.486402][ T3006] batman_adv: batadv0: Removing interface: batadv_slave_0
[  511.573293][ T3006] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  511.581481][ T3006] batman_adv: batadv0: Removing interface: batadv_slave_1
[  511.710813][ T3006] veth1_macvtap: left promiscuous mode
[  511.716700][ T3006] veth0_macvtap: left promiscuous mode
[  511.723107][ T3006] veth1_vlan: left promiscuous mode
[  511.729015][ T3006] veth0_vlan: left promiscuous mode
[  512.524553][ T3006] team0 (unregistering): Port device team_slave_1 removed
[  512.635612][ T3006] team0 (unregistering): Port device team_slave_0 removed
[  513.249558][ T7837] loop5: detected capacity change from 0 to 512
[  513.299957][ T7835] loop1: detected capacity change from 0 to 1024
[  513.385127][ T7837] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  513.394884][ T7837] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  513.462618][ T7835] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  513.476149][ T7835] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  513.586139][ T7837] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  513.645442][ T7837] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  513.720552][ T7837] System zones: 0-2, 18-18, 34-35
[  513.730373][ T7837] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  513.880028][   T30] audit: type=1800 audit(1746834916.110:30): pid=7847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.386" name="file1" dev="loop5" ino=15 res=0 errno=0
[  513.899452][ T7837] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.386: bg 0: block 353: padding at end of block bitmap is not set
[  514.030189][ T7847] netlink: 12 bytes leftover after parsing attributes in process `syz.5.386'.
[  514.039754][ T7847] netlink: 8 bytes leftover after parsing attributes in process `syz.5.386'.
[  514.103925][   T30] audit: type=1326 audit(1746834916.340:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.5.386" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  514.127355][   T30] audit: type=1326 audit(1746834916.340:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.5.386" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  514.204248][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.239711][ T5839] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  514.292224][ T5802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  514.310317][ T5802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  514.325232][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  514.341988][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  514.357557][ T5802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  514.429296][ T5839] usb 5-1: Using ep0 maxpacket: 16
[  514.568272][ T5839] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  514.577487][ T5839] usb 5-1: can't read configurations, error -22
[  514.609974][ T6228] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.759323][ T5839] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  514.919830][ T5839] usb 5-1: Using ep0 maxpacket: 16
[  514.987397][ T5839] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  514.996681][ T5839] usb 5-1: can't read configurations, error -22
[  515.038719][ T7854] loop1: detected capacity change from 0 to 128
[  515.052837][ T7854] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  515.071212][ T5839] usb usb5-port1: attempt power cycle
[  515.103253][ T7854] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  515.374565][ T7854] netlink: 'syz.1.389': attribute type 13 has an invalid length.
[  515.500431][ T5839] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  515.564156][ T5839] usb 5-1: Using ep0 maxpacket: 16
[  515.610394][ T5839] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  515.621034][ T5839] usb 5-1: can't read configurations, error -22
[  515.780777][ T5839] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  515.834377][ T5842] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  515.836565][ T5839] usb 5-1: Using ep0 maxpacket: 16
[  515.911839][ T5839] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  515.922094][ T5839] usb 5-1: can't read configurations, error -22
[  515.962077][ T5839] usb usb5-port1: unable to enumerate USB device
[  516.021317][ T5842] usb 2-1: Using ep0 maxpacket: 16
[  516.076441][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.088674][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.092650][ T7867] loop5: detected capacity change from 0 to 512
[  516.099644][ T5842] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  516.099815][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.139036][ T5842] usb 2-1: config 0 descriptor??
[  516.195023][ T7850] chnl_net:caif_netlink_parms(): no params data found
[  516.231447][ T7867] EXT4-fs (loop5): blocks per group (95) and clusters per group (32768) inconsistent
[  516.378417][ T7867] loop5: detected capacity change from 0 to 8
[  516.406155][ T5802] Bluetooth: hci1: command tx timeout
[  516.578530][ T5842] usbhid 2-1:0.0: can't add hid device: -71
[  516.586422][ T5842] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  516.720796][ T5842] usb 2-1: USB disconnect, device number 18
[  517.406528][ T4168] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  518.376144][ T7850] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.386023][ T7850] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.394563][ T7850] bridge_slave_0: entered allmulticast mode
[  518.404540][ T7850] bridge_slave_0: entered promiscuous mode
[  518.432596][ T7850] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.441306][ T7850] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.449349][ T7850] bridge_slave_1: entered allmulticast mode
[  518.459631][ T7850] bridge_slave_1: entered promiscuous mode
[  518.490237][ T5802] Bluetooth: hci1: command tx timeout
[  518.916682][ T7850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  519.045226][ T7850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  519.517117][ T7850] team0: Port device team_slave_0 added
[  519.621899][ T7850] team0: Port device team_slave_1 added
[  520.045115][ T7850] batman_adv: batadv0: Adding interface: batadv_slave_0
[  520.053879][ T7850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.080117][    C0] vkms_vblank_simulate: vblank timer overrun
[  520.087001][ T7850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  520.217937][ T7850] batman_adv: batadv0: Adding interface: batadv_slave_1
[  520.226126][ T7850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.253237][ T7850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  520.580372][ T5802] Bluetooth: hci1: command tx timeout
[  520.656887][ T7850] hsr_slave_0: entered promiscuous mode
[  520.668597][ T7850] hsr_slave_1: entered promiscuous mode
[  520.678504][ T7850] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  520.686725][ T7850] Cannot create hsr debugfs directory
[  521.082102][ T7923] loop1: detected capacity change from 0 to 1764
[  521.284181][ T7923] iso9660: Corrupted directory entry in block 2 of inode 1920
[  521.490399][ T7929] loop5: detected capacity change from 0 to 128
[  521.533691][ T7929] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  521.617405][ T7929] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  521.730033][ T5839] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  521.750543][ T7929] netlink: 'syz.5.407': attribute type 13 has an invalid length.
[  521.913205][ T5839] usb 2-1: Using ep0 maxpacket: 16
[  521.964419][ T5839] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  521.974836][ T5839] usb 2-1: can't read configurations, error -22
[  522.169978][ T5839] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  522.189461][ T5842] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  522.353079][ T5839] usb 2-1: Using ep0 maxpacket: 16
[  522.389360][ T5842] usb 6-1: Using ep0 maxpacket: 16
[  522.415387][ T5839] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  522.424663][ T5839] usb 2-1: can't read configurations, error -22
[  522.447031][ T5842] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  522.458493][ T5842] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  522.469265][ T5842] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  522.478684][ T5842] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.489680][ T5839] usb usb2-port1: attempt power cycle
[  522.549410][ T5842] usb 6-1: config 0 descriptor??
[  522.657737][ T5802] Bluetooth: hci1: command tx timeout
[  522.989933][ T5842] usbhid 6-1:0.0: can't add hid device: -71
[  522.996951][ T5842] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  523.081268][ T5839] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  523.126160][ T5842] usb 6-1: USB disconnect, device number 8
[  523.132505][ T5839] usb 2-1: Using ep0 maxpacket: 16
[  523.149209][ T5839] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  523.158325][ T5839] usb 2-1: can't read configurations, error -22
[  523.246546][ T7850] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  523.334685][ T7850] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  523.397094][ T7850] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  523.430065][ T5839] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  523.473711][ T7850] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  523.501480][ T5839] usb 2-1: Using ep0 maxpacket: 16
[  523.526942][ T5839] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  523.536357][ T5839] usb 2-1: can't read configurations, error -22
[  523.584475][ T5839] usb usb2-port1: unable to enumerate USB device
[  523.846295][ T2908] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  524.563029][ T7962] loop5: detected capacity change from 0 to 1024
[  524.784730][ T7962] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  524.798281][ T7962] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  525.124829][ T7850] 8021q: adding VLAN 0 to HW filter on device bond0
[  525.342680][ T7850] 8021q: adding VLAN 0 to HW filter on device team0
[  525.423881][ T6228] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.461669][ T2903] bridge0: port 1(bridge_slave_0) entered blocking state
[  525.470074][ T2903] bridge0: port 1(bridge_slave_0) entered forwarding state
[  525.550233][ T2903] bridge0: port 2(bridge_slave_1) entered blocking state
[  525.558217][ T2903] bridge0: port 2(bridge_slave_1) entered forwarding state
[  526.371608][ T7971] loop1: detected capacity change from 0 to 4096
[  528.045248][ T7850] 8021q: adding VLAN 0 to HW filter on device batadv0
[  528.679595][ T7850] veth0_vlan: entered promiscuous mode
[  528.716031][ T8015] netlink: 72 bytes leftover after parsing attributes in process `syz.0.422'.
[  528.832497][ T7850] veth1_vlan: entered promiscuous mode
[  528.897400][ T8016] netlink: 'syz.4.423': attribute type 13 has an invalid length.
[  529.319395][ T5839] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  529.519415][ T5839] usb 5-1: Using ep0 maxpacket: 16
[  529.568444][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  529.580095][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  529.590935][ T5839] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  529.601475][ T5839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.651092][ T7850] veth0_macvtap: entered promiscuous mode
[  529.740995][ T8021] loop5: detected capacity change from 0 to 4096
[  529.788541][ T7850] veth1_macvtap: entered promiscuous mode
[  529.806448][ T8021] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  529.883730][ T5839] usb 5-1: config 0 descriptor??
[  530.084706][ T7850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  530.091961][ T8026] loop1: detected capacity change from 0 to 1764
[  530.250514][ T8021] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  530.257638][ T8021] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  530.273095][ T7850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  530.355578][ T5839] usbhid 5-1:0.0: can't add hid device: -71
[  530.363023][ T5839] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  530.419694][ T7850] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  530.430650][ T7850] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  530.441187][ T7850] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  530.450555][ T7850] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  530.498129][ T8015] netlink: 830 bytes leftover after parsing attributes in process `syz.0.422'.
[  530.498385][ T5839] usb 5-1: USB disconnect, device number 25
[  530.571275][ T8026] iso9660: Corrupted directory entry in block 2 of inode 1920
[  531.039418][ T5847] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  531.143962][ T2908] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  531.165458][ T6228] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  531.172713][ T6228] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  531.181817][ T6228] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  531.239199][ T5847] usb 2-1: Using ep0 maxpacket: 16
[  531.266962][ T5847] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  531.277125][ T5847] usb 2-1: can't read configurations, error -22
[  531.300160][ T2908] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  531.530303][ T5847] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  531.710539][ T5847] usb 2-1: Using ep0 maxpacket: 16
[  531.725493][ T5847] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  531.734932][ T5847] usb 2-1: can't read configurations, error -22
[  531.799937][ T5847] usb usb2-port1: attempt power cycle
[  532.218357][ T5847] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  532.229227][ T1642] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  532.281358][ T5847] usb 2-1: Using ep0 maxpacket: 16
[  532.314429][ T5847] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  532.323689][ T5847] usb 2-1: can't read configurations, error -22
[  532.348231][ T8046] loop5: detected capacity change from 0 to 1024
[  532.440154][ T1642] usb 5-1: Using ep0 maxpacket: 16
[  532.475537][ T8046] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.489902][ T8046] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.511773][ T5847] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  532.513223][ T1642] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  532.532120][ T1642] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  532.545586][ T1642] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  532.555170][ T5847] usb 2-1: Using ep0 maxpacket: 16
[  532.560870][ T1642] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.564708][ T5847] usb 2-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  532.578180][ T5847] usb 2-1: can't read configurations, error -22
[  532.601968][ T5847] usb usb2-port1: unable to enumerate USB device
[  532.723308][ T1642] usb 5-1: config 0 descriptor??
[  532.926567][ T8051] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  533.074157][ T6228] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.344209][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.352355][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.360490][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.368130][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.375978][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.383682][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.391757][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.399645][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.407322][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.415239][ T1642] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  533.780975][ T1642] HID 045e:07da: Invalid code 65791 type 1
[  533.791916][ T1642] HID 045e:07da: Invalid code 768 type 1
[  533.797889][ T1642] HID 045e:07da: Invalid code 769 type 1
[  533.804073][ T1642] HID 045e:07da: Invalid code 770 type 1
[  533.810185][ T1642] HID 045e:07da: Invalid code 771 type 1
[  533.816115][ T1642] HID 045e:07da: Invalid code 772 type 1
[  533.822405][ T1642] HID 045e:07da: Invalid code 773 type 1
[  533.828331][ T1642] HID 045e:07da: Invalid code 774 type 1
[  533.835952][ T1642] HID 045e:07da: Invalid code 775 type 1
[  533.843488][ T1642] HID 045e:07da: Invalid code 776 type 1
[  533.899123][ T1642] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0002/input/input7
[  534.212601][ T1642] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  534.314488][ T1642] usb 5-1: USB disconnect, device number 26
[  535.404207][ T8083] FAULT_INJECTION: forcing a failure.
[  535.404207][ T8083] name failslab, interval 1, probability 0, space 0, times 0
[  535.418232][ T8083] CPU: 0 UID: 0 PID: 8083 Comm: syz.4.434 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  535.418422][ T8083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  535.418518][ T8083] Call Trace:
[  535.418578][ T8083]  <TASK>
[  535.418635][ T8083]  __dump_stack+0x26/0x30
[  535.418830][ T8083]  dump_stack_lvl+0x1df/0x270
[  535.419025][ T8083]  dump_stack+0x1e/0x25
[  535.419196][ T8083]  should_fail_ex+0x7dc/0x8a0
[  535.419446][ T8083]  should_failslab+0x15b/0x200
[  535.419656][ T8083]  kmem_cache_alloc_lru_noprof+0xf7/0xed0
[  535.419917][ T8083]  ? __d_alloc+0x66/0xab0
[  535.420120][ T8083]  ? kmsan_get_metadata+0x105/0x1b0
[  535.420358][ T8083]  __d_alloc+0x66/0xab0
[  535.420549][ T8083]  ? kmsan_get_metadata+0x105/0x1b0
[  535.420749][ T8083]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  535.420966][ T8083]  d_alloc_parallel+0x94/0x26a0
[  535.421176][ T8083]  ? __rcu_read_unlock+0x6d/0xd0
[  535.421368][ T8083]  ? __d_lookup+0x8a2/0x930
[  535.421577][ T8083]  ? __d_lookup+0x8af/0x930
[  535.421779][ T8083]  ? filter_irq_stacks+0x49/0x190
[  535.421977][ T8083]  ? stack_depot_save_flags+0x35/0x7c0
[  535.422183][ T8083]  ? kmsan_get_metadata+0x105/0x1b0
[  535.422378][ T8083]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  535.422589][ T8083]  ? d_lookup+0x1b6/0x1e0
[  535.422796][ T8083]  path_openat+0x1139/0x6760
[  535.422976][ T8083]  ? filter_irq_stacks+0x49/0x190
[  535.423160][ T8083]  ? kmsan_get_metadata+0x105/0x1b0
[  535.423383][ T8083]  do_filp_open+0x280/0x660
[  535.423598][ T8083]  do_sys_openat2+0x1bb/0x2f0
[  535.423825][ T8083]  __ia32_compat_sys_openat+0x238/0x300
[  535.424075][ T8083]  ia32_sys_call+0x19e0/0x42c0
[  535.424220][ T8083]  __do_fast_syscall_32+0xb0/0x110
[  535.424426][ T8083]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  535.424616][ T8083]  do_fast_syscall_32+0x38/0x80
[  535.424805][ T8083]  do_SYSENTER_32+0x1f/0x30
[  535.424990][ T8083]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  535.425184][ T8083] RIP: 0023:0xf705e539
[  535.425303][ T8083] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  535.425440][ T8083] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000127
[  535.425580][ T8083] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000580
[  535.425688][ T8083] RDX: 0000000000000641 RSI: 0000000000000000 RDI: 0000000000000000
[  535.425780][ T8083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  535.425871][ T8083] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  535.425965][ T8083] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  535.426092][ T8083]  </TASK>
[  535.697762][    C0] vkms_vblank_simulate: vblank timer overrun
[  537.087150][ T8102] netlink: 72 bytes leftover after parsing attributes in process `syz.1.438'.
[  537.130921][ T8099] netlink: 'syz.0.437': attribute type 13 has an invalid length.
[  537.379127][ T8104] loop5: detected capacity change from 0 to 1024
[  537.472283][ T3006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  537.480899][ T3006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  537.579314][ T1642] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  537.624156][ T8106] loop1: detected capacity change from 0 to 1024
[  537.629090][ T8104] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  537.643851][ T8104] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  537.650062][ T8106] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  537.709015][ T4168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  537.717441][ T4168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  537.820727][ T1642] usb 1-1: Using ep0 maxpacket: 16
[  537.900012][ T1642] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  537.911627][ T1642] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  537.922250][ T1642] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  537.932377][ T1642] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.051769][ T1642] usb 1-1: config 0 descriptor??
[  538.493152][ T1642] usbhid 1-1:0.0: can't add hid device: -71
[  538.500195][ T1642] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  538.511808][ T6228] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.622802][ T1642] usb 1-1: USB disconnect, device number 11
[  538.645927][ T8102] loop1: detected capacity change from 0 to 512
[  538.729699][ T8102] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  538.738691][ T8102] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  538.994452][ T8102] netlink: 830 bytes leftover after parsing attributes in process `syz.1.438'.
[  539.190408][   T60] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.477918][   T60] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.795524][   T60] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.829669][ T1642] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  540.045468][   T60] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.057244][ T1642] usb 5-1: Using ep0 maxpacket: 16
[  540.121632][ T1642] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  540.131831][ T1642] usb 5-1: can't read configurations, error -22
[  540.346635][ T1642] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  540.511243][ T8124] loop5: detected capacity change from 0 to 4096
[  540.563103][ T1642] usb 5-1: Using ep0 maxpacket: 16
[  540.631960][ T1642] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  540.641463][ T1642] usb 5-1: can't read configurations, error -22
[  540.700947][ T1642] usb usb5-port1: attempt power cycle
[  540.707630][   T60] bridge_slave_1: left allmulticast mode
[  540.714066][   T60] bridge_slave_1: left promiscuous mode
[  540.721380][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  540.811710][   T60] bridge_slave_0: left allmulticast mode
[  540.817901][   T60] bridge_slave_0: left promiscuous mode
[  540.827951][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  541.150669][ T1642] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  541.279750][ T1642] usb 5-1: Using ep0 maxpacket: 16
[  541.331316][ T1642] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 7
[  541.342774][ T1642] usb 5-1: can't read configurations, error -22
[  541.549471][ T1642] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  541.611119][ T1642] usb 5-1: Using ep0 maxpacket: 16
[  541.902197][ T1642] usb 5-1: unable to read config index 0 descriptor/start: -71
[  541.910856][ T1642] usb 5-1: can't read configurations, error -71
[  541.962429][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  541.980798][ T1642] usb usb5-port1: unable to enumerate USB device
[  542.040305][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  542.088359][   T60] bond0 (unregistering): Released all slaves
[  542.200880][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  542.208369][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  542.836916][   T60] hsr_slave_0: left promiscuous mode
[  542.866376][   T60] hsr_slave_1: left promiscuous mode
[  542.875605][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  542.883836][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  542.908266][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  542.916939][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  542.967597][   T60] veth1_macvtap: left promiscuous mode
[  542.975621][   T60] veth0_macvtap: left promiscuous mode
[  542.981986][   T60] veth1_vlan: left promiscuous mode
[  542.987829][   T60] veth0_vlan: left promiscuous mode
[  543.678628][   T60] team0 (unregistering): Port device team_slave_1 removed
[  543.712895][   T60] team0 (unregistering): Port device team_slave_0 removed
[  544.352191][ T8151] netlink: 45 bytes leftover after parsing attributes in process `syz.4.446'.
[  545.030660][ T6728] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  545.045745][ T6728] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  545.058211][ T6728] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  545.122641][ T6728] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  545.141164][ T6728] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  546.822086][ T8181] loop5: detected capacity change from 0 to 4096
[  546.836054][ T8160] chnl_net:caif_netlink_parms(): no params data found
[  546.899528][ T8181] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  547.113361][ T8190] netlink: 'syz.0.452': attribute type 13 has an invalid length.
[  547.199294][ T6728] Bluetooth: hci1: command tx timeout
[  547.321037][ T8181] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  547.328030][ T8181] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  547.540884][ T5842] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  547.651092][ T8198] netlink: 72 bytes leftover after parsing attributes in process `syz.4.454'.
[  547.919525][ T5842] usb 1-1: Using ep0 maxpacket: 16
[  547.945249][ T5842] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  547.957074][ T5842] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  547.968346][ T5842] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  547.978059][ T5842] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.030348][ T4687] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  548.046627][ T6228] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  548.054395][ T6228] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  548.061954][ T6228] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  548.082784][ T4687] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  548.172323][ T5842] usb 1-1: config 0 descriptor??
[  548.262272][ T8160] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.270229][ T8160] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.278159][ T8160] bridge_slave_0: entered allmulticast mode
[  548.288554][ T8160] bridge_slave_0: entered promiscuous mode
[  548.495671][ T8160] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.507433][ T8160] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.515592][ T8160] bridge_slave_1: entered allmulticast mode
[  548.526180][ T8160] bridge_slave_1: entered promiscuous mode
[  548.607603][ T5842] usbhid 1-1:0.0: can't add hid device: -71
[  548.616158][ T5842] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  548.776498][ T5842] usb 1-1: USB disconnect, device number 12
[  548.888232][ T8199] loop1: detected capacity change from 0 to 4096
[  549.304920][ T6728] Bluetooth: hci1: command tx timeout
[  549.429357][   T30] audit: type=1326 audit(1746834951.660:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  549.452315][   T30] audit: type=1326 audit(1746834951.660:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  549.492977][ T8160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  549.616777][ T8160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  549.718468][   T30] audit: type=1326 audit(1746834951.730:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf70de539 code=0x7ffc0000
[  549.741987][   T30] audit: type=1326 audit(1746834951.730:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  549.764512][   T30] audit: type=1326 audit(1746834951.750:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  549.916840][ T5839] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  550.071423][ T8160] team0: Port device team_slave_0 added
[  550.150527][ T5839] usb 6-1: config index 0 descriptor too short (expected 35577, got 27)
[  550.159448][ T5839] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  550.168428][ T5839] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  550.177759][ T5839] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  550.185922][ T8160] team0: Port device team_slave_1 added
[  550.188283][ T5839] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 92
[  550.203426][ T5839] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  550.212961][ T5839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.410629][ T1642] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  550.415471][ T8214] input: syz0 as /devices/virtual/input/input8
[  550.587584][ T1642] usb 5-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[  550.598339][ T1642] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  550.610404][ T1642] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 8224, setting to 1024
[  550.621942][ T1642] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  550.632440][ T1642] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  550.708618][ T1642] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  550.718604][ T1642] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.727325][ T1642] usb 5-1: Product: syz
[  550.731927][ T1642] usb 5-1: Manufacturer: syz
[  550.736823][ T1642] usb 5-1: SerialNumber: syz
[  550.748530][   T30] audit: type=1326 audit(1746834952.970:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70de539 code=0x7ffc0000
[  550.772868][   T30] audit: type=1326 audit(1746834952.980:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  550.795326][   T30] audit: type=1326 audit(1746834952.980:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  550.818048][   T30] audit: type=1326 audit(1746834952.990:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70de539 code=0x7ffc0000
[  550.840401][   T30] audit: type=1326 audit(1746834953.000:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8205 comm="syz.5.456" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  550.868740][ T8160] batman_adv: batadv0: Adding interface: batadv_slave_0
[  550.876860][ T8160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.903720][ T8160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  550.952852][ T8160] batman_adv: batadv0: Adding interface: batadv_slave_1
[  550.960434][ T8160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.987387][ T8160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  551.014497][ T5842] usb 6-1: USB disconnect, device number 9
[  551.104481][ T8214] mmap: syz.0.459 (8214) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  551.147521][ T1642] cdc_ncm 5-1:1.0: bind() failure
[  551.160499][ T1642] usbtest 5-1:1.0: couldn't get endpoints, -22
[  551.167338][ T1642] usbtest 5-1:1.0: probe with driver usbtest failed with error -22
[  551.191669][ T1642] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  551.199071][ T1642] cdc_ncm 5-1:1.1: bind() failure
[  551.211677][ T1642] usbtest 5-1:1.1: couldn't get endpoints, -22
[  551.218464][ T1642] usbtest 5-1:1.1: probe with driver usbtest failed with error -22
[  551.387816][ T6728] Bluetooth: hci1: command tx timeout
[  551.426360][ T1642] usb 5-1: USB disconnect, device number 31
[  551.645769][ T8160] hsr_slave_0: entered promiscuous mode
[  551.657311][ T8160] hsr_slave_1: entered promiscuous mode
[  551.667429][ T8160] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  551.675532][ T8160] Cannot create hsr debugfs directory
[  553.439449][ T6728] Bluetooth: hci1: command tx timeout
[  553.462297][ T5842] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  553.703831][ T5842] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  553.714831][ T5842] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  553.724499][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  553.836984][ T5842] usb 2-1: config 0 descriptor??
[  553.887968][ T5842] pwc: Askey VC010 type 2 USB webcam detected.
[  553.971385][ T8160] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  554.131566][ T8160] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  554.173001][ T8249] netlink: 12 bytes leftover after parsing attributes in process `syz.5.466'.
[  554.281502][ T8160] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  554.320412][ T5842] pwc: recv_control_msg error -32 req 02 val 2b00
[  554.334430][ T5842] pwc: recv_control_msg error -32 req 02 val 2700
[  554.362887][ T5842] pwc: recv_control_msg error -32 req 02 val 2c00
[  554.398660][ T5842] pwc: recv_control_msg error -32 req 04 val 1000
[  554.415379][ T8238] netlink: 4 bytes leftover after parsing attributes in process `syz.1.463'.
[  554.430929][ T8160] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  554.445305][ T5842] pwc: recv_control_msg error -32 req 04 val 1300
[  554.513647][ T5842] pwc: recv_control_msg error -32 req 04 val 1400
[  554.536503][ T5842] pwc: recv_control_msg error -32 req 02 val 2000
[  554.787384][ T5842] pwc: recv_control_msg error -71 req 04 val 1500
[  554.819505][ T5842] pwc: recv_control_msg error -71 req 02 val 2500
[  554.859493][ T5842] pwc: recv_control_msg error -71 req 02 val 2400
[  554.888610][ T5842] pwc: recv_control_msg error -71 req 02 val 2600
[  554.909426][ T5842] pwc: recv_control_msg error -71 req 02 val 2900
[  554.927783][ T5842] pwc: recv_control_msg error -71 req 02 val 2800
[  554.967996][ T5842] pwc: recv_control_msg error -71 req 04 val 1100
[  555.017997][ T5842] pwc: recv_control_msg error -71 req 04 val 1200
[  555.057829][ T5842] pwc: Registered as video103.
[  555.067248][ T5842] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input9
[  555.234189][ T5842] usb 2-1: USB disconnect, device number 27
[  555.640000][ T8263] loop5: detected capacity change from 0 to 64
[  556.080368][ T8160] 8021q: adding VLAN 0 to HW filter on device bond0
[  556.089587][ T1642] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  556.222994][ T8269] FAULT_INJECTION: forcing a failure.
[  556.222994][ T8269] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.237485][ T8269] CPU: 1 UID: 0 PID: 8269 Comm: syz.1.471 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  556.237656][ T8269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  556.237759][ T8269] Call Trace:
[  556.237820][ T8269]  <TASK>
[  556.237877][ T8269]  __dump_stack+0x26/0x30
[  556.238080][ T8269]  dump_stack_lvl+0x1df/0x270
[  556.238286][ T8269]  dump_stack+0x1e/0x25
[  556.238470][ T8269]  should_fail_ex+0x7dc/0x8a0
[  556.238723][ T8269]  should_fail+0x2a/0x40
[  556.238921][ T8269]  should_fail_usercopy+0x2e/0x40
[  556.239134][ T8269]  _copy_from_user+0x33/0x100
[  556.239344][ T8269]  get_compat_msghdr+0x63/0x740
[  556.239587][ T8269]  ? do_recvmmsg+0x50b/0xdf0
[  556.239764][ T8269]  ___sys_recvmsg+0x17f/0x850
[  556.239924][ T8269]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  556.240148][ T8269]  ? __fget_files+0x3b4/0x4a0
[  556.240333][ T8269]  ? __fget_files+0x3b9/0x4a0
[  556.240513][ T8269]  ? kmsan_get_metadata+0x105/0x1b0
[  556.240710][ T8269]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  556.240918][ T8269]  do_recvmmsg+0x50b/0xdf0
[  556.241066][ T8269]  ? __sys_recvmmsg+0x21/0x460
[  556.241216][ T8269]  ? filter_irq_stacks+0x49/0x190
[  556.241403][ T8269]  ? kmsan_get_metadata+0x105/0x1b0
[  556.241643][ T8269]  __sys_recvmmsg+0xf3/0x460
[  556.241809][ T8269]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  556.242027][ T8269]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[  556.242312][ T8269]  ia32_sys_call+0x40ce/0x42c0
[  556.242466][ T8269]  __do_fast_syscall_32+0xb0/0x110
[  556.242692][ T8269]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  556.242885][ T8269]  do_fast_syscall_32+0x38/0x80
[  556.243076][ T8269]  do_SYSENTER_32+0x1f/0x30
[  556.243270][ T8269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  556.243469][ T8269] RIP: 0023:0xf7ff6539
[  556.243578][ T8269] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  556.243727][ T8269] RSP: 002b:00000000f511655c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[  556.243877][ T8269] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  556.243981][ T8269] RDX: 0000000000000001 RSI: 0000000040000003 RDI: 0000000000000000
[  556.244076][ T8269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  556.244163][ T8269] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  556.244248][ T8269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  556.244376][ T8269]  </TASK>
[  556.341263][ T8160] 8021q: adding VLAN 0 to HW filter on device team0
[  556.510532][ T1642] usb 6-1: Using ep0 maxpacket: 32
[  556.589271][ T1642] usb 6-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.601039][ T1642] usb 6-1: config 0 interface 0 has no altsetting 0
[  556.608052][ T1642] usb 6-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00
[  556.617787][ T1642] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.711411][ T1642] usb 6-1: config 0 descriptor??
[  556.826432][ T3501] bridge0: port 1(bridge_slave_0) entered blocking state
[  556.834467][ T3501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  556.983121][ T3501] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.990975][ T3501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  557.064888][ T1642] usb 6-1: string descriptor 0 read error: -71
[  557.169556][ T1642] usbhid 6-1:0.0: can't add hid device: -71
[  557.176552][ T1642] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  557.330383][ T1642] usb 6-1: USB disconnect, device number 10
[  558.059630][ T5847] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  558.340249][ T5847] usb 2-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[  558.351255][ T5847] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.366603][ T5847] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 8224, setting to 1024
[  558.378246][ T5847] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  558.389151][ T5847] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  558.591723][ T5847] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  558.601352][ T5847] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.609919][ T5847] usb 2-1: Product: syz
[  558.614388][ T5847] usb 2-1: Manufacturer: syz
[  558.619426][ T5847] usb 2-1: SerialNumber: syz
[  559.016673][ T5847] cdc_ncm 2-1:1.0: bind() failure
[  559.031051][ T5847] usbtest 2-1:1.0: couldn't get endpoints, -22
[  559.037799][ T5847] usbtest 2-1:1.0: probe with driver usbtest failed with error -22
[  559.054200][ T5847] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  559.062725][ T5847] cdc_ncm 2-1:1.1: bind() failure
[  559.075171][ T5847] usbtest 2-1:1.1: couldn't get endpoints, -22
[  559.082537][ T5847] usbtest 2-1:1.1: probe with driver usbtest failed with error -22
[  559.401677][ T5847] usb 2-1: USB disconnect, device number 28
[  559.495462][ T8160] 8021q: adding VLAN 0 to HW filter on device batadv0
[  560.109837][ T8160] veth0_vlan: entered promiscuous mode
[  560.254279][ T8297] syz.4.477 (8297): drop_caches: 2
[  560.332499][ T8160] veth1_vlan: entered promiscuous mode
[  560.610614][ T8305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.479'.
[  560.681890][ T8160] veth0_macvtap: entered promiscuous mode
[  560.753825][ T8160] veth1_macvtap: entered promiscuous mode
[  560.954323][ T8160] batman_adv: batadv0: Interface activated: batadv_slave_0
[  561.099848][ T8160] batman_adv: batadv0: Interface activated: batadv_slave_1
[  561.169562][ T8160] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  561.178696][ T8160] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  561.188184][ T8160] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  561.197448][ T8160] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  561.527036][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  561.527124][   T30] audit: type=1326 audit(1746834963.770:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.481" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000
[  561.557434][   T30] audit: type=1326 audit(1746834963.770:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.481" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000
[  561.580081][   T30] audit: type=1326 audit(1746834963.770:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.481" exe="/root/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf706e539 code=0x7ffc0000
[  561.602042][    C0] vkms_vblank_simulate: vblank timer overrun
[  561.609055][   T30] audit: type=1326 audit(1746834963.770:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.481" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000
[  561.816541][   T30] audit: type=1326 audit(1746834963.900:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.481" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706e539 code=0x7ffc0000
[  561.838372][    C0] vkms_vblank_simulate: vblank timer overrun
[  563.445437][ T5802] Bluetooth: hci1: command 0x0405 tx timeout
[  564.010038][   T30] audit: type=1326 audit(1746834966.230:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.5.489" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  564.033120][   T30] audit: type=1326 audit(1746834966.260:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.5.489" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70de539 code=0x7ffc0000
[  564.056286][   T30] audit: type=1326 audit(1746834966.260:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.5.489" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  564.079172][   T30] audit: type=1326 audit(1746834966.310:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.5.489" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70de539 code=0x7ffc0000
[  564.134285][   T30] audit: type=1326 audit(1746834966.380:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.5.489" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  565.203705][ T8366] netlink: 8 bytes leftover after parsing attributes in process `syz.5.493'.
[  565.247000][ T8369] FAULT_INJECTION: forcing a failure.
[  565.247000][ T8369] name failslab, interval 1, probability 0, space 0, times 0
[  565.260541][ T8369] CPU: 1 UID: 0 PID: 8369 Comm: syz.1.495 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  565.260705][ T8369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  565.260790][ T8369] Call Trace:
[  565.260843][ T8369]  <TASK>
[  565.260894][ T8369]  __dump_stack+0x26/0x30
[  565.261069][ T8369]  dump_stack_lvl+0x1df/0x270
[  565.261251][ T8369]  dump_stack+0x1e/0x25
[  565.261411][ T8369]  should_fail_ex+0x7dc/0x8a0
[  565.261625][ T8369]  should_failslab+0x15b/0x200
[  565.261821][ T8369]  __kmalloc_noprof+0x182/0x1310
[  565.262018][ T8369]  ? tomoyo_encode+0x626/0xa10
[  565.262186][ T8369]  ? tomoyo_realpath_from_path+0x952/0x9f0
[  565.262367][ T8369]  ? kmsan_get_metadata+0x105/0x1b0
[  565.262544][ T8369]  ? kmsan_get_metadata+0x105/0x1b0
[  565.262744][ T8369]  tomoyo_encode+0x626/0xa10
[  565.262950][ T8369]  tomoyo_mount_permission+0x587/0xfe0
[  565.263233][ T8369]  tomoyo_sb_mount+0x4e/0x70
[  565.263424][ T8369]  security_sb_mount+0x169/0x630
[  565.263604][ T8369]  path_mount+0x103/0x1e90
[  565.263774][ T8369]  ? user_path_at+0x32d/0x3d0
[  565.263985][ T8369]  __se_sys_mount+0x6eb/0x7d0
[  565.264141][ T8369]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  565.264337][ T8369]  __ia32_sys_mount+0xe2/0x150
[  565.264512][ T8369]  ia32_sys_call+0x2733/0x42c0
[  565.264647][ T8369]  __do_fast_syscall_32+0xb0/0x110
[  565.264842][ T8369]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  565.265013][ T8369]  do_fast_syscall_32+0x38/0x80
[  565.265185][ T8369]  do_SYSENTER_32+0x1f/0x30
[  565.265362][ T8369]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  565.265539][ T8369] RIP: 0023:0xf7ff6539
[  565.265639][ T8369] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  565.265777][ T8369] RSP: 002b:00000000f511655c EFLAGS: 00000206 ORIG_RAX: 0000000000000015
[  565.265913][ T8369] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000100
[  565.266015][ T8369] RDX: 0000000080002100 RSI: 000000000280449c RDI: 0000000000000000
[  565.266110][ T8369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  565.266197][ T8369] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  565.266285][ T8369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  565.266408][ T8369]  </TASK>
[  565.635156][ T8367] FAULT_INJECTION: forcing a failure.
[  565.635156][ T8367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  565.649038][ T8367] CPU: 0 UID: 0 PID: 8367 Comm: syz.4.494 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  565.649217][ T8367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  565.649307][ T8367] Call Trace:
[  565.649361][ T8367]  <TASK>
[  565.649416][ T8367]  __dump_stack+0x26/0x30
[  565.649607][ T8367]  dump_stack_lvl+0x1df/0x270
[  565.649814][ T8367]  dump_stack+0x1e/0x25
[  565.649983][ T8367]  should_fail_ex+0x7dc/0x8a0
[  565.650216][ T8367]  should_fail+0x2a/0x40
[  565.650416][ T8367]  should_fail_usercopy+0x2e/0x40
[  565.650634][ T8367]  _copy_from_user+0x33/0x100
[  565.650846][ T8367]  kstrtouint_from_user+0x75/0x140
[  565.651029][ T8367]  ? proc_fail_nth_write+0x43/0x300
[  565.651226][ T8367]  ? vfs_write+0x460/0x1560
[  565.651394][ T8367]  proc_fail_nth_write+0x61/0x300
[  565.651592][ T8367]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  565.651793][ T8367]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  565.651996][ T8367]  vfs_write+0x460/0x1560
[  565.652153][ T8367]  ? stack_depot_save_flags+0x35/0x7c0
[  565.652367][ T8367]  ? kmsan_get_metadata+0x105/0x1b0
[  565.652563][ T8367]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  565.652771][ T8367]  __ia32_sys_write+0x1f9/0x4d0
[  565.652954][ T8367]  ia32_sys_call+0x30f2/0x42c0
[  565.653093][ T8367]  __do_fast_syscall_32+0xb0/0x110
[  565.653287][ T8367]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  565.653473][ T8367]  do_fast_syscall_32+0x38/0x80
[  565.653664][ T8367]  do_SYSENTER_32+0x1f/0x30
[  565.653841][ T8367]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  565.654029][ T8367] RIP: 0023:0xf705e539
[  565.654135][ T8367] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  565.654264][ T8367] RSP: 002b:00000000f504e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  565.654399][ T8367] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f504e620
[  565.654496][ T8367] RDX: 0000000000000001 RSI: 00000000f73c2ff4 RDI: 0000000000000000
[  565.654609][ T8367] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  565.654700][ T8367] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  565.654790][ T8367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  565.654912][ T8367]  </TASK>
[  565.887803][    C0] vkms_vblank_simulate: vblank timer overrun
[  567.056278][ T8385] netlink: 28 bytes leftover after parsing attributes in process `syz.5.500'.
[  567.273816][ T8391] netlink: 24 bytes leftover after parsing attributes in process `syz.4.502'.
[  567.797298][ T8390] loop1: detected capacity change from 0 to 4096
[  567.839271][ T8390] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  568.101634][   T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  568.110719][   T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  568.252661][ T3501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  568.264697][ T3501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  568.687596][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.4.507'.
[  569.435907][   T60] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.541733][ T8411] loop5: detected capacity change from 0 to 4096
[  569.621119][   T60] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.654086][ T8411] NILFS (loop5): invalid segment: Checksum error in segment payload
[  569.663229][ T8411] NILFS (loop5): trying rollback from an earlier position
[  569.710987][ T8421] FAULT_INJECTION: forcing a failure.
[  569.710987][ T8421] name failslab, interval 1, probability 0, space 0, times 0
[  569.724320][ T8421] CPU: 1 UID: 0 PID: 8421 Comm: syz.0.512 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  569.724489][ T8421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  569.724582][ T8421] Call Trace:
[  569.724639][ T8421]  <TASK>
[  569.724693][ T8421]  __dump_stack+0x26/0x30
[  569.724883][ T8421]  dump_stack_lvl+0x1df/0x270
[  569.725078][ T8421]  dump_stack+0x1e/0x25
[  569.725258][ T8421]  should_fail_ex+0x7dc/0x8a0
[  569.725487][ T8421]  should_failslab+0x15b/0x200
[  569.725691][ T8421]  __kmalloc_cache_noprof+0xcb/0xed0
[  569.725901][ T8421]  ? tcf_exts_init_ex+0xd2/0x850
[  569.726098][ T8421]  ? kmsan_get_metadata+0x105/0x1b0
[  569.726296][ T8421]  ? kmsan_get_metadata+0x105/0x1b0
[  569.726498][ T8421]  tcf_exts_init_ex+0xd2/0x850
[  569.726716][ T8421]  cls_cgroup_change+0x256/0x800
[  569.726908][ T8421]  ? kmsan_get_metadata+0x105/0x1b0
[  569.727095][ T8421]  ? __pfx_cls_cgroup_change+0x10/0x10
[  569.727275][ T8421]  ? __pfx_cls_cgroup_change+0x10/0x10
[  569.727430][ T8421]  tc_new_tfilter+0x23de/0x2d20
[  569.727666][ T8421]  ? tc_new_tfilter+0x1d11/0x2d20
[  569.727984][ T8421]  ? __pfx_tc_new_tfilter+0x10/0x10
[  569.728213][ T8421]  rtnetlink_rcv_msg+0x106c/0x14b0
[  569.728387][ T8421]  ? stack_depot_save_flags+0x35/0x7c0
[  569.728601][ T8421]  ? kmsan_get_metadata+0x105/0x1b0
[  569.728838][ T8421]  netlink_rcv_skb+0x54a/0x680
[  569.729073][ T8421]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  569.729268][ T8421]  rtnetlink_rcv+0x35/0x40
[  569.729421][ T8421]  ? __pfx_rtnetlink_rcv+0x10/0x10
[  569.729572][ T8421]  netlink_unicast+0xed5/0x1290
[  569.729808][ T8421]  netlink_sendmsg+0x10b3/0x1250
[  569.729996][ T8421]  ? __pfx_netlink_sendmsg+0x10/0x10
[  569.730155][ T8421]  ? __pfx_netlink_sendmsg+0x10/0x10
[  569.730312][ T8421]  __sock_sendmsg+0x330/0x3d0
[  569.730505][ T8421]  ____sys_sendmsg+0x7e0/0xd80
[  569.730703][ T8421]  ___sys_sendmsg+0x271/0x3b0
[  569.730869][ T8421]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  569.731087][ T8421]  ? __rcu_read_unlock+0x6d/0xd0
[  569.731287][ T8421]  ? __fget_files+0x3b4/0x4a0
[  569.731469][ T8421]  ? __fget_files+0x3b9/0x4a0
[  569.731658][ T8421]  ? kmsan_get_metadata+0x105/0x1b0
[  569.731856][ T8421]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  569.732071][ T8421]  __sys_sendmsg+0x1aa/0x300
[  569.732295][ T8421]  __ia32_compat_sys_sendmsg+0xa4/0x100
[  569.732540][ T8421]  ia32_sys_call+0x3692/0x42c0
[  569.732693][ T8421]  __do_fast_syscall_32+0xb0/0x110
[  569.732900][ T8421]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  569.733104][ T8421]  do_fast_syscall_32+0x38/0x80
[  569.733316][ T8421]  do_SYSENTER_32+0x1f/0x30
[  569.733505][ T8421]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  569.733715][ T8421] RIP: 0023:0xf706e539
[  569.733830][ T8421] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  569.733968][ T8421] RSP: 002b:00000000f503d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  569.734164][ T8421] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080006040
[  569.734271][ T8421] RDX: 0000000000004800 RSI: 0000000000000000 RDI: 0000000000000000
[  569.734367][ T8421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  569.734467][ T8421] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  569.734566][ T8421] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  569.734700][ T8421]  </TASK>
[  569.839562][ T8411] NILFS (loop5): recovery complete
[  569.844964][ T8422] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  570.137901][   T60] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.364788][   T60] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.857462][   T60] bridge_slave_1: left allmulticast mode
[  570.863814][   T60] bridge_slave_1: left promiscuous mode
[  570.871224][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.010261][   T60] bridge_slave_0: left allmulticast mode
[  571.016549][   T60] bridge_slave_0: left promiscuous mode
[  571.024511][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.654979][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  571.687819][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  571.706934][   T60] bond0 (unregistering): Released all slaves
[  572.267211][   T60] hsr_slave_0: left promiscuous mode
[  572.286396][   T60] hsr_slave_1: left promiscuous mode
[  572.299290][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  572.307560][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  572.327504][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  572.337056][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  572.376787][   T60] veth1_macvtap: left promiscuous mode
[  572.383595][   T60] veth0_macvtap: left promiscuous mode
[  572.390048][   T60] veth1_vlan: left promiscuous mode
[  572.395701][   T60] veth0_vlan: left promiscuous mode
[  573.255244][ T8436] netlink: 48 bytes leftover after parsing attributes in process `syz.0.514'.
[  573.381996][ T8443] netlink: 24 bytes leftover after parsing attributes in process `syz.5.516'.
[  574.295757][   T60] team0 (unregistering): Port device team_slave_1 removed
[  574.511371][ T5802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  574.522512][ T5802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  574.545005][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  574.567612][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  574.583691][ T5802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  575.103057][   T60] team0 (unregistering): Port device team_slave_0 removed
[  576.382968][ T8460] netlink: 8 bytes leftover after parsing attributes in process `syz.4.521'.
[  576.639623][ T5802] Bluetooth: hci1: command tx timeout
[  576.860737][ T1642] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  577.087171][ T1642] usb 2-1: Using ep0 maxpacket: 16
[  577.146031][ T1642] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  577.156716][ T1642] usb 2-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0x6E, changing to 0xE
[  577.168927][ T1642] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0xE has an invalid bInterval 170, changing to 11
[  577.180671][ T1642] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0xE has invalid maxpacket 34661, setting to 1024
[  577.192502][ T1642] usb 2-1: config 0 interface 0 has no altsetting 0
[  577.319172][ T1642] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  577.328884][ T1642] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.337299][ T1642] usb 2-1: Product: syz
[  577.342284][ T1642] usb 2-1: Manufacturer: syz
[  577.346187][ T8448] chnl_net:caif_netlink_parms(): no params data found
[  577.347080][ T1642] usb 2-1: SerialNumber: syz
[  577.454828][ T1642] usb 2-1: config 0 descriptor??
[  577.476442][ T8466] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  577.851843][ T8466] mkiss: ax0: crc mode is auto.
[  577.921905][ T8485] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  578.372149][ T5842] usb 2-1: USB disconnect, device number 29
[  578.727475][ T8496] netlink: 24 bytes leftover after parsing attributes in process `syz.0.527'.
[  578.738155][ T5802] Bluetooth: hci1: command tx timeout
[  579.116507][ T8448] bridge0: port 1(bridge_slave_0) entered blocking state
[  579.126212][ T8448] bridge0: port 1(bridge_slave_0) entered disabled state
[  579.134488][ T8448] bridge_slave_0: entered allmulticast mode
[  579.146534][ T8448] bridge_slave_0: entered promiscuous mode
[  579.337905][ T8448] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.349550][ T8448] bridge0: port 2(bridge_slave_1) entered disabled state
[  579.359285][ T8448] bridge_slave_1: entered allmulticast mode
[  579.374026][ T8448] bridge_slave_1: entered promiscuous mode
[  579.873600][ T8503] netlink: 48 bytes leftover after parsing attributes in process `syz.1.529'.
[  580.027539][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  580.027630][   T30] audit: type=1326 audit(1746834982.270:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8501 comm="syz.1.529" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff6539 code=0x0
[  580.057212][    C0] vkms_vblank_simulate: vblank timer overrun
[  580.092557][ T8448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  580.238626][ T8448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  580.580093][ T8512] FAULT_INJECTION: forcing a failure.
[  580.580093][ T8512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  580.594501][ T8512] CPU: 0 UID: 0 PID: 8512 Comm: syz.0.531 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  580.594669][ T8512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  580.594759][ T8512] Call Trace:
[  580.594816][ T8512]  <TASK>
[  580.594872][ T8512]  __dump_stack+0x26/0x30
[  580.595071][ T8512]  dump_stack_lvl+0x1df/0x270
[  580.595266][ T8512]  dump_stack+0x1e/0x25
[  580.595439][ T8512]  should_fail_ex+0x7dc/0x8a0
[  580.595679][ T8512]  should_fail+0x2a/0x40
[  580.595873][ T8512]  should_fail_usercopy+0x2e/0x40
[  580.596103][ T8512]  _copy_from_user+0x33/0x100
[  580.596317][ T8512]  strndup_user+0x206/0x3e0
[  580.596539][ T8512]  __se_sys_mount+0x6f/0x7d0
[  580.596718][ T8512]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  580.596907][ T8512]  ? kmsan_get_metadata+0x105/0x1b0
[  580.597107][ T8512]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  580.597321][ T8512]  __ia32_sys_mount+0xe2/0x150
[  580.597516][ T8512]  ia32_sys_call+0x2733/0x42c0
[  580.597670][ T8512]  __do_fast_syscall_32+0xb0/0x110
[  580.597872][ T8512]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  580.598082][ T8512]  do_fast_syscall_32+0x38/0x80
[  580.598275][ T8512]  do_SYSENTER_32+0x1f/0x30
[  580.598466][ T8512]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  580.598667][ T8512] RIP: 0023:0xf706e539
[  580.598783][ T8512] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  580.598915][ T8512] RSP: 002b:00000000f503d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000015
[  580.599064][ T8512] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000180
[  580.599169][ T8512] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000140
[  580.599270][ T8512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  580.599368][ T8512] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  580.599464][ T8512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  580.599606][ T8512]  </TASK>
[  580.804776][    C0] vkms_vblank_simulate: vblank timer overrun
[  580.843810][ T8488] syz.5.536 (8488): drop_caches: 2
[  580.947468][ T5802] Bluetooth: hci1: command tx timeout
[  581.027847][ T8448] team0: Port device team_slave_0 added
[  581.048062][ T8448] team0: Port device team_slave_1 added
[  581.231057][ T8515] netlink: 'syz.4.532': attribute type 13 has an invalid length.
[  581.431986][ T8448] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.439431][ T8448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.466910][ T8448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  581.617563][ T8518] loop1: detected capacity change from 0 to 128
[  581.645153][ T5842] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  581.682606][ T8448] batman_adv: batadv0: Adding interface: batadv_slave_1
[  581.690217][ T8448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.699419][ T8518] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  581.716766][ T8448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  581.785091][ T8520] loop5: detected capacity change from 0 to 256
[  581.824021][ T8518] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  581.890680][ T5842] usb 5-1: Using ep0 maxpacket: 16
[  581.982226][ T5842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.993994][ T5842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.004512][ T5842] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  582.014075][ T5842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.058644][ T8518] netlink: 'syz.1.533': attribute type 13 has an invalid length.
[  582.086492][ T5842] usb 5-1: config 0 descriptor??
[  582.433295][ T8448] hsr_slave_0: entered promiscuous mode
[  582.444473][ T8448] hsr_slave_1: entered promiscuous mode
[  582.454264][ T8448] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  582.462288][ T8448] Cannot create hsr debugfs directory
[  582.629833][ T1642] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  582.780261][ T5842] usbhid 5-1:0.0: can't add hid device: -71
[  582.787069][ T5842] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  582.851922][ T1642] usb 2-1: Using ep0 maxpacket: 16
[  582.851952][ T5842] usb 5-1: USB disconnect, device number 32
[  582.935890][ T1642] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.947707][ T1642] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.958280][ T1642] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  582.968015][ T1642] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.988449][ T5802] Bluetooth: hci1: command tx timeout
[  583.014417][ T1642] usb 2-1: config 0 descriptor??
[  583.678353][ T1642] usbhid 2-1:0.0: can't add hid device: -71
[  583.685648][ T1642] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  583.761053][ T1642] usb 2-1: USB disconnect, device number 30
[  584.073231][ T8536] netlink: 16 bytes leftover after parsing attributes in process `syz.5.539'.
[  584.496260][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.0.541'.
[  584.607665][   T60] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  585.249911][   T30] audit: type=1326 audit(1746834987.500:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.365009][ T8448] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  585.380151][ T8551] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  585.401015][   T30] audit: type=1326 audit(1746834987.550:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.423682][   T30] audit: type=1326 audit(1746834987.580:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.446992][   T30] audit: type=1326 audit(1746834987.620:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.470128][   T30] audit: type=1326 audit(1746834987.620:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.472473][ T8448] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  585.497033][   T30] audit: type=1326 audit(1746834987.700:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.526430][   T30] audit: type=1326 audit(1746834987.700:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.549479][   T30] audit: type=1326 audit(1746834987.700:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.572982][   T30] audit: type=1326 audit(1746834987.770:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.573489][ T8551] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5)
[  585.595412][   T30] audit: type=1326 audit(1746834987.770:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.1.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6539 code=0x7ffc0000
[  585.601654][ T8551] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  585.601962][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.638646][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.646338][ T8551] vhci_hcd vhci_hcd.0: Device attached
[  585.760748][ T8448] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  585.820792][ T8448] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  585.830187][ T8555] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(8)
[  585.837337][ T8555] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  585.845565][ T8555] vhci_hcd vhci_hcd.0: Device attached
[  585.944066][ T8556] vhci_hcd: connection closed
[  585.949092][ T2908] vhci_hcd: stop threads
[  585.958608][ T2908] vhci_hcd: release socket
[  585.963666][ T2908] vhci_hcd: disconnect device
[  585.970693][ T8553] vhci_hcd: connection closed
[  586.000464][ T5842] usb 35-2: new low-speed USB device number 2 using vhci_hcd
[  586.014560][ T8554] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  586.049941][ T2908] vhci_hcd: stop threads
[  586.054509][ T2908] vhci_hcd: release socket
[  586.059478][ T2908] vhci_hcd: disconnect device
[  587.460992][ T8574] loop1: detected capacity change from 0 to 128
[  587.543460][ T8574] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  587.551783][ T8448] 8021q: adding VLAN 0 to HW filter on device bond0
[  587.597012][ T8574] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  587.862675][ T8574] netlink: 'syz.1.550': attribute type 13 has an invalid length.
[  587.899674][ T8448] 8021q: adding VLAN 0 to HW filter on device team0
[  587.963100][ T3006] bridge0: port 1(bridge_slave_0) entered blocking state
[  587.970905][ T3006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  587.972820][ T8560] syz.4.545 (8560): drop_caches: 2
[  588.073708][ T3006] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.081473][ T3006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  588.459335][ T5847] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  588.689416][ T5847] usb 2-1: Using ep0 maxpacket: 16
[  588.745602][ T5847] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  588.757910][ T5847] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  588.768341][ T5847] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  588.778015][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.795397][ T8583] netlink: 16 bytes leftover after parsing attributes in process `syz.0.552'.
[  588.902476][ T5847] usb 2-1: config 0 descriptor??
[  589.578226][ T5847] usbhid 2-1:0.0: can't add hid device: -71
[  589.587123][ T5847] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  589.689282][ T5847] usb 2-1: USB disconnect, device number 31
[  590.418536][ T8448] 8021q: adding VLAN 0 to HW filter on device batadv0
[  590.445415][   T14] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  590.546131][ T8588] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.554'.
[  590.926322][ T8448] veth0_vlan: entered promiscuous mode
[  591.061599][ T8448] veth1_vlan: entered promiscuous mode
[  591.140081][ T5842] vhci_hcd: vhci_device speed not set
[  591.294687][ T8612] loop5: detected capacity change from 0 to 256
[  591.588838][ T8448] veth0_macvtap: entered promiscuous mode
[  591.698857][ T8448] veth1_macvtap: entered promiscuous mode
[  591.980077][ T8448] batman_adv: batadv0: Interface activated: batadv_slave_0
[  592.155517][ T8448] batman_adv: batadv0: Interface activated: batadv_slave_1
[  592.208042][ T8448] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  592.217536][ T8448] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  592.227368][ T8448] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  592.236772][ T8448] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  593.382911][ T8643] netlink: 16 bytes leftover after parsing attributes in process `syz.4.565'.
[  594.145083][ T8653] netlink: 'syz.0.568': attribute type 13 has an invalid length.
[  594.463312][   T24] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  594.693345][   T24] usb 1-1: Using ep0 maxpacket: 16
[  594.730969][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.742735][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.753212][   T24] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  594.762750][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.893255][   T24] usb 1-1: config 0 descriptor??
[  595.402624][ T8671] loop1: detected capacity change from 0 to 256
[  595.539505][   T24] usbhid 1-1:0.0: can't add hid device: -71
[  595.546306][   T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  595.662916][   T24] usb 1-1: USB disconnect, device number 13
[  595.741852][ T8664] loop5: detected capacity change from 0 to 4096
[  596.491861][ T8681] netlink: 'syz.1.575': attribute type 11 has an invalid length.
[  596.649697][ T8664] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.571'.
[  596.653545][ T8681] loop1: detected capacity change from 0 to 128
[  596.845958][ T8681] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  596.955506][ T8681] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  597.392322][ T5804] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  597.996858][ T8707] netlink: 8 bytes leftover after parsing attributes in process `syz.1.580'.
[  598.756370][ T8714] loop5: detected capacity change from 0 to 512
[  598.822714][ T8714] EXT4-fs (loop5): blocks per group (95) and clusters per group (32768) inconsistent
[  598.999287][ T8714] loop5: detected capacity change from 0 to 8
[  599.242275][ T8714] overlayfs: missing 'lowerdir'
[  599.519613][ T3501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  599.527907][ T3501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  599.926309][ T4168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  599.935270][ T4168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  600.219945][ T8730] loop1: detected capacity change from 0 to 128
[  600.293745][ T8730] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  600.393064][ T8730] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  600.517085][ T8730] netlink: 'syz.1.586': attribute type 13 has an invalid length.
[  600.899911][ T5839] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  601.090270][ T5839] usb 2-1: Using ep0 maxpacket: 16
[  601.139298][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.152376][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  601.163683][ T5839] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  601.173349][ T5839] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.295991][   T14] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.303018][ T5839] usb 2-1: config 0 descriptor??
[  601.400439][ T8744] netlink: 'syz.5.590': attribute type 11 has an invalid length.
[  601.548305][   T14] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.653739][ T8744] loop5: detected capacity change from 0 to 128
[  601.737103][   T14] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.811814][ T8744] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  601.879285][ T8744] ext4 filesystem being mounted at /123/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  601.944053][ T5839] usbhid 2-1:0.0: can't add hid device: -71
[  601.952785][ T5839] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  602.008055][   T14] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  602.042747][ T5839] usb 2-1: USB disconnect, device number 32
[  602.454329][   T14] bridge_slave_1: left allmulticast mode
[  602.460976][   T14] bridge_slave_1: left promiscuous mode
[  602.469704][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.486319][   T14] bridge_slave_0: left allmulticast mode
[  602.492770][   T14] bridge_slave_0: left promiscuous mode
[  602.499926][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[  602.706457][ T6228] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  602.889437][ T4168] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  603.207715][   T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  603.262486][   T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  603.290726][   T14] bond0 (unregistering): Released all slaves
[  603.630287][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  603.637125][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  604.021272][   T14] hsr_slave_0: left promiscuous mode
[  604.050049][   T14] hsr_slave_1: left promiscuous mode
[  604.059037][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  604.066860][   T14] batman_adv: batadv0: Removing interface: batadv_slave_0
[  604.104529][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  604.112843][   T14] batman_adv: batadv0: Removing interface: batadv_slave_1
[  604.172500][   T14] veth1_macvtap: left promiscuous mode
[  604.178386][   T14] veth0_macvtap: left promiscuous mode
[  604.184849][   T14] veth1_vlan: left promiscuous mode
[  604.190711][   T14] veth0_vlan: left promiscuous mode
[  604.979270][   T14] team0 (unregistering): Port device team_slave_1 removed
[  605.007741][   T14] team0 (unregistering): Port device team_slave_0 removed
[  605.920999][ T8775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.593'.
[  606.033681][ T8773] loop5: detected capacity change from 0 to 1024
[  606.227165][ T8773] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  606.275465][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  606.297942][   T30] audit: type=1800 audit(1746835008.520:118): pid=8773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.594" name="file1" dev="loop5" ino=15 res=0 errno=0
[  606.663165][ T6728] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  606.675004][ T6728] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  606.687386][ T6728] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  606.709444][ T6228] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.726790][ T6728] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  606.743815][ T6728] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  607.619626][ T8803] loop5: detected capacity change from 0 to 512
[  607.789676][ T8803] EXT4-fs (loop5): blocks per group (95) and clusters per group (32768) inconsistent
[  607.937048][ T8803] loop5: detected capacity change from 0 to 8
[  608.091986][ T8803] overlayfs: missing 'lowerdir'
[  608.101486][   T24] usb 1-1: new low-speed USB device number 14 using dummy_hcd
[  608.260707][   T24] usb 1-1: device descriptor read/64, error -71
[  608.555714][   T24] usb 1-1: new low-speed USB device number 15 using dummy_hcd
[  608.627628][ T8788] chnl_net:caif_netlink_parms(): no params data found
[  608.660004][ T8821] loop1: detected capacity change from 0 to 128
[  608.682997][ T8821] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  608.733635][ T8821] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  608.776574][   T24] usb 1-1: device descriptor read/64, error -71
[  608.800060][ T6728] Bluetooth: hci1: command tx timeout
[  608.898389][   T24] usb usb1-port1: attempt power cycle
[  608.952457][ T8821] netlink: 'syz.1.603': attribute type 13 has an invalid length.
[  609.309171][   T24] usb 1-1: new low-speed USB device number 16 using dummy_hcd
[  609.340315][ T5847] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  609.367419][   T24] usb 1-1: device descriptor read/8, error -71
[  609.529015][ T5847] usb 2-1: Using ep0 maxpacket: 16
[  609.544619][ T5847] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  609.556523][ T5847] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  609.567500][ T5847] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  609.577211][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.600862][ T8826] loop5: detected capacity change from 0 to 4096
[  609.627361][ T5847] usb 2-1: config 0 descriptor??
[  609.661621][   T24] usb 1-1: new low-speed USB device number 17 using dummy_hcd
[  609.712741][   T24] usb 1-1: device descriptor read/8, error -71
[  609.830380][   T24] usb usb1-port1: unable to enumerate USB device
[  610.054842][ T8835] netlink: 8 bytes leftover after parsing attributes in process `syz.4.607'.
[  610.276343][ T5847] usbhid 2-1:0.0: can't add hid device: -71
[  610.288541][ T5847] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  610.360678][ T5847] usb 2-1: USB disconnect, device number 33
[  610.432682][ T8788] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.441407][ T8788] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.449713][ T8788] bridge_slave_0: entered allmulticast mode
[  610.460117][ T8788] bridge_slave_0: entered promiscuous mode
[  610.525881][ T8788] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.534715][ T8788] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.542974][ T8788] bridge_slave_1: entered allmulticast mode
[  610.553336][ T8788] bridge_slave_1: entered promiscuous mode
[  610.812380][ T8841] FAULT_INJECTION: forcing a failure.
[  610.812380][ T8841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  610.826240][ T8841] CPU: 1 UID: 0 PID: 8841 Comm: syz.4.608 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  610.826406][ T8841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  610.826504][ T8841] Call Trace:
[  610.826562][ T8841]  <TASK>
[  610.826620][ T8841]  __dump_stack+0x26/0x30
[  610.826818][ T8841]  dump_stack_lvl+0x1df/0x270
[  610.827022][ T8841]  dump_stack+0x1e/0x25
[  610.827192][ T8841]  should_fail_ex+0x7dc/0x8a0
[  610.827443][ T8841]  should_fail+0x2a/0x40
[  610.827643][ T8841]  should_fail_usercopy+0x2e/0x40
[  610.827858][ T8841]  _copy_from_user+0x33/0x100
[  610.828061][ T8841]  kstrtouint_from_user+0x75/0x140
[  610.828232][ T8841]  ? proc_fail_nth_write+0x43/0x300
[  610.828427][ T8841]  ? vfs_write+0x460/0x1560
[  610.828588][ T8841]  proc_fail_nth_write+0x61/0x300
[  610.828789][ T8841]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  610.828985][ T8841]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  610.829184][ T8841]  vfs_write+0x460/0x1560
[  610.829334][ T8841]  ? stack_depot_save_flags+0x35/0x7c0
[  610.829584][ T8841]  ? kmsan_get_metadata+0x105/0x1b0
[  610.829781][ T8841]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  610.829996][ T8841]  __ia32_sys_write+0x1f9/0x4d0
[  610.830183][ T8841]  ia32_sys_call+0x30f2/0x42c0
[  610.830344][ T8841]  __do_fast_syscall_32+0xb0/0x110
[  610.830532][ T8841]  ? irqentry_exit_to_user_mode+0x82/0xa0
[  610.830740][ T8841]  do_fast_syscall_32+0x38/0x80
[  610.830934][ T8841]  do_SYSENTER_32+0x1f/0x30
[  610.831115][ T8841]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  610.831303][ T8841] RIP: 0023:0xf705e539
[  610.831410][ T8841] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  610.831533][ T8841] RSP: 002b:00000000f502d590 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  610.831676][ T8841] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f502d620
[  610.831769][ T8841] RDX: 0000000000000001 RSI: 00000000f73c2ff4 RDI: 0000000000000000
[  610.831856][ T8841] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  610.831943][ T8841] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  610.832025][ T8841] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  610.832140][ T8841]  </TASK>
[  610.890215][ T6728] Bluetooth: hci1: command tx timeout
[  611.104458][ T8788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  611.134381][ T8788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  611.440328][   T60] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  611.657414][ T8788] team0: Port device team_slave_0 added
[  611.737045][ T8788] team0: Port device team_slave_1 added
[  612.122636][ T5839] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  612.146197][ T8788] batman_adv: batadv0: Adding interface: batadv_slave_0
[  612.154033][ T8788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  612.180793][ T8788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  612.231604][ T8788] batman_adv: batadv0: Adding interface: batadv_slave_1
[  612.239062][ T8788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  612.265726][ T8788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  612.341793][ T5839] usb 6-1: config 0 has an invalid interface number: 100 but max is 0
[  612.350901][ T5839] usb 6-1: config 0 has an invalid interface number: 66 but max is 0
[  612.359647][ T5839] usb 6-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[  612.369115][ T5839] usb 6-1: config 0 has no interface number 0
[  612.375517][ T5839] usb 6-1: config 0 has no interface number 1
[  612.382146][ T5839] usb 6-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  612.393765][ T5839] usb 6-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  612.407260][ T5839] usb 6-1: too many endpoints for config 0 interface 66 altsetting 153: 216, using maximum allowed: 30
[  612.419494][ T5839] usb 6-1: config 0 interface 66 altsetting 153 has an endpoint descriptor with address 0x12, changing to 0x2
[  612.431852][ T5839] usb 6-1: config 0 interface 66 altsetting 153 has an endpoint descriptor with address 0xE6, changing to 0x86
[  612.444457][ T5839] usb 6-1: config 0 interface 66 altsetting 153 endpoint 0x86 has invalid maxpacket 34869, setting to 1024
[  612.463355][ T5839] usb 6-1: config 0 interface 66 altsetting 153 bulk endpoint 0x86 has invalid maxpacket 1024
[  612.474604][ T5839] usb 6-1: config 0 interface 66 altsetting 153 has 2 endpoint descriptors, different from the interface descriptor's value: 216
[  612.488552][ T5839] usb 6-1: config 0 interface 66 has no altsetting 0
[  612.520771][ T5839] usb 6-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[  612.531072][ T5839] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  612.541110][ T5839] usb 6-1: Product: syz
[  612.545620][ T5839] usb 6-1: Manufacturer: syz
[  612.550718][ T5839] usb 6-1: SerialNumber: syz
[  612.609879][ T5839] usb 6-1: config 0 descriptor??
[  612.639088][ T5839] port100 6-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[  612.660677][ T5839] port100 6-1:0.66: NFC: Could not find bulk-in or bulk-out endpoint
[  612.965668][ T8788] hsr_slave_0: entered promiscuous mode
[  612.977001][ T8788] hsr_slave_1: entered promiscuous mode
[  612.987633][ T8788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  612.997381][ T8788] Cannot create hsr debugfs directory
[  613.119086][ T6728] Bluetooth: hci1: command tx timeout
[  613.553144][ T8871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.615'.
[  614.014199][ T8874] netlink: 4 bytes leftover after parsing attributes in process `syz.4.616'.
[  614.446611][ T8879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.618'.
[  614.869351][ T5847] usb 6-1: USB disconnect, device number 11
[  615.200315][ T6728] Bluetooth: hci1: command tx timeout
[  615.463131][ T8887] loop5: detected capacity change from 0 to 128
[  615.483807][ T8887] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  615.515890][ T8788] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  615.562043][ T8887] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  615.660578][ T8788] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  615.814214][ T8788] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  615.834038][ T8887] netlink: 'syz.5.621': attribute type 13 has an invalid length.
[  615.943367][ T8788] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  616.299857][   T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  616.500982][   T24] usb 6-1: Using ep0 maxpacket: 16
[  616.534182][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  616.545968][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  616.556716][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  616.567385][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.694900][   T24] usb 6-1: config 0 descriptor??
[  617.354517][ T8788] 8021q: adding VLAN 0 to HW filter on device bond0
[  617.379774][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  617.386768][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  617.458516][   T24] usb 6-1: USB disconnect, device number 12
[  617.705015][ T8788] 8021q: adding VLAN 0 to HW filter on device team0
[  617.828247][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[  617.836206][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[  617.947196][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[  617.955004][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[  618.100432][ T8912] netlink: 4 bytes leftover after parsing attributes in process `syz.4.627'.
[  618.168043][ T8912] netlink: 12 bytes leftover after parsing attributes in process `syz.4.627'.
[  618.331911][ T3006] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  619.020189][ T8924] netlink: 8 bytes leftover after parsing attributes in process `syz.5.630'.
[  619.643232][   T24] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  619.859257][   T24] usb 5-1: Using ep0 maxpacket: 16
[  619.912263][   T24] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  619.923693][   T24] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  619.933976][   T24] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  620.069549][   T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  620.079613][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  620.087931][   T24] usb 5-1: Product: syz
[  620.092581][   T24] usb 5-1: Manufacturer: syz
[  620.097484][   T24] usb 5-1: SerialNumber: syz
[  620.110798][ T1642] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  620.282036][ T1642] usb 6-1: Using ep0 maxpacket: 32
[  620.337675][ T1642] usb 6-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  620.434947][ T8932] netlink: 28 bytes leftover after parsing attributes in process `syz.4.631'.
[  620.446587][ T1642] usb 6-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=de.fe
[  620.456492][ T1642] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  620.464987][ T1642] usb 6-1: Product: syz
[  620.469764][ T1642] usb 6-1: Manufacturer: syz
[  620.474678][ T1642] usb 6-1: SerialNumber: syz
[  620.486506][ T8788] 8021q: adding VLAN 0 to HW filter on device batadv0
[  620.570694][   T24] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor
[  620.579525][   T24] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  620.660775][ T1642] gspca_main: spca501-2.14.0 probing 0000:0000
[  621.036221][   T24] usb 5-1: USB disconnect, device number 33
[  621.662548][ T8788] veth0_vlan: entered promiscuous mode
[  621.865246][ T1642] gspca_spca501: reg write: error -110
[  621.871221][ T1642] spca501 6-1:2.0: Reg write failed for 0x02,0x0f,0x05
[  621.880274][ T1642] spca501 6-1:2.0: probe with driver spca501 failed with error -22
[  621.983383][ T8788] veth1_vlan: entered promiscuous mode
[  622.155223][ T6054] udevd[6054]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  622.386543][ T8938] loop5: detected capacity change from 0 to 40427
[  622.432401][ T8938] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  622.440691][ T8938] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  622.466752][ T8938] F2FS-fs (loop5): Wrong secs_per_zone / total_sections (64, 24)
[  622.475219][ T8938] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  622.596589][ T8788] veth0_macvtap: entered promiscuous mode
[  622.658633][ T1642] usb 6-1: USB disconnect, device number 13
[  622.729820][ T8788] veth1_macvtap: entered promiscuous mode
[  623.019711][ T8788] batman_adv: batadv0: Interface activated: batadv_slave_0
[  623.158282][ T8788] batman_adv: batadv0: Interface activated: batadv_slave_1
[  623.315903][ T8788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  623.331129][ T8788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  623.342044][ T8788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  623.352360][ T8788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  628.193354][ T9030] pim6reg0: tun_chr_ioctl cmd 2147767506
[  630.054280][ T4168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  630.062927][ T4168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  630.297222][ T4687] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  630.305682][ T4687] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  631.204485][ T3501] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.450073][ T3501] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.644388][ T3501] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.807466][ T3501] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  632.315213][ T3501] bridge_slave_1: left allmulticast mode
[  632.321961][ T3501] bridge_slave_1: left promiscuous mode
[  632.328577][ T3501] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.412334][ T3501] bridge_slave_0: left allmulticast mode
[  632.418471][ T3501] bridge_slave_0: left promiscuous mode
[  632.425502][ T3501] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.102933][ T3501] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  633.158133][ T3501] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  633.183513][ T3501] bond0 (unregistering): Released all slaves
[  633.791167][ T3501] hsr_slave_0: left promiscuous mode
[  633.807857][ T3501] hsr_slave_1: left promiscuous mode
[  633.816813][ T3501] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  633.825095][ T3501] batman_adv: batadv0: Removing interface: batadv_slave_0
[  633.851254][ T3501] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  633.860594][ T3501] batman_adv: batadv0: Removing interface: batadv_slave_1
[  633.911080][ T3501] veth1_macvtap: left promiscuous mode
[  633.916919][ T3501] veth0_macvtap: left promiscuous mode
[  633.923478][ T3501] veth1_vlan: left promiscuous mode
[  633.930907][ T3501] veth0_vlan: left promiscuous mode
[  634.729503][ T3501] team0 (unregistering): Port device team_slave_1 removed
[  634.828042][ T3501] team0 (unregistering): Port device team_slave_0 removed
[  636.396537][ T9099] syzkaller0: entered promiscuous mode
[  636.403314][ T9099] syzkaller0: entered allmulticast mode
[  636.459791][ T9101] veth0_vlan: entered allmulticast mode
[  636.516201][ T9101] veth0_vlan: left promiscuous mode
[  636.522229][ T9101] veth0_vlan: entered promiscuous mode
[  636.643520][ T5802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  636.654174][ T5802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  636.666730][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  636.682951][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  636.696190][ T5802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  637.859370][ T9119] warning: `syz.5.684' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  638.365727][ T9106] chnl_net:caif_netlink_parms(): no params data found
[  638.721433][ T5802] Bluetooth: hci1: command tx timeout
[  639.041071][ T9127] syzkaller0: entered promiscuous mode
[  639.101245][ T9127] syzkaller0: left promiscuous mode
[  640.235574][ T9106] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.243811][ T9106] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.303166][ T9106] bridge_slave_0: entered allmulticast mode
[  640.313792][ T9106] bridge_slave_0: entered promiscuous mode
[  640.423316][ T9106] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.431433][ T9106] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.442045][ T9106] bridge_slave_1: entered allmulticast mode
[  640.452363][ T9106] bridge_slave_1: entered promiscuous mode
[  640.800537][ T5802] Bluetooth: hci1: command tx timeout
[  640.884959][ T9106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  640.933274][ T9106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  641.334416][ T9106] team0: Port device team_slave_0 added
[  641.451239][ T9106] team0: Port device team_slave_1 added
[  641.738596][ T9106] batman_adv: batadv0: Adding interface: batadv_slave_0
[  641.748281][ T9106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  641.775001][ T9106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  641.830088][ T9106] batman_adv: batadv0: Adding interface: batadv_slave_1
[  641.837516][ T9106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  641.864399][ T9106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  642.421739][ T9106] hsr_slave_0: entered promiscuous mode
[  642.433878][ T9106] hsr_slave_1: entered promiscuous mode
[  642.444384][ T9106] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  642.452676][ T9106] Cannot create hsr debugfs directory
[  642.879676][ T5802] Bluetooth: hci1: command tx timeout
[  644.978186][ T5802] Bluetooth: hci1: command tx timeout
[  645.024000][ T9106] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  645.077161][ T9106] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  645.105899][ T9106] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  645.140957][ T9106] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  646.423703][ T9106] 8021q: adding VLAN 0 to HW filter on device bond0
[  646.659325][ T9106] 8021q: adding VLAN 0 to HW filter on device team0
[  646.781299][ T3501] bridge0: port 1(bridge_slave_0) entered blocking state
[  646.789195][ T3501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  646.898105][ T3501] bridge0: port 2(bridge_slave_1) entered blocking state
[  646.905926][ T3501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  649.449208][ T9106] 8021q: adding VLAN 0 to HW filter on device batadv0
[  649.989725][ T9106] veth0_vlan: entered promiscuous mode
[  650.107069][ T9106] veth1_vlan: entered promiscuous mode
[  650.518644][ T9106] veth0_macvtap: entered promiscuous mode
[  650.589911][ T9106] veth1_macvtap: entered promiscuous mode
[  650.812575][ T9106] batman_adv: batadv0: Interface activated: batadv_slave_0
[  650.925868][ T9106] batman_adv: batadv0: Interface activated: batadv_slave_1
[  651.065470][ T9106] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  651.077594][ T9106] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  651.087364][ T9106] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  651.096607][ T9106] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  658.393895][ T4168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  658.403298][ T4168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  658.811889][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  658.823989][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  659.363161][ T9411] syzkaller0: entered promiscuous mode
[  659.369159][ T9411] syzkaller0: entered allmulticast mode
[  659.989375][ T4687] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.175601][ T4687] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.356080][ T4687] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.572202][ T4687] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  661.225823][ T4687] bridge_slave_1: left allmulticast mode
[  661.232452][ T4687] bridge_slave_1: left promiscuous mode
[  661.241349][ T4687] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.334961][ T4687] bridge_slave_0: left allmulticast mode
[  661.341300][ T4687] bridge_slave_0: left promiscuous mode
[  661.351422][ T4687] bridge0: port 1(bridge_slave_0) entered disabled state
[  662.061648][ T4687] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  662.101897][ T4687] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  662.119714][ T4687] bond0 (unregistering): Released all slaves
[  662.634411][ T4687] hsr_slave_0: left promiscuous mode
[  662.659734][ T4687] hsr_slave_1: left promiscuous mode
[  662.668361][ T4687] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  662.676466][ T4687] batman_adv: batadv0: Removing interface: batadv_slave_0
[  662.715269][ T4687] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  662.723479][ T4687] batman_adv: batadv0: Removing interface: batadv_slave_1
[  662.801401][ T4687] veth1_macvtap: left promiscuous mode
[  662.807278][ T4687] veth0_macvtap: left promiscuous mode
[  662.813692][ T4687] veth1_vlan: left promiscuous mode
[  662.819741][ T4687] veth0_vlan: left promiscuous mode
[  663.665997][ T4687] team0 (unregistering): Port device team_slave_1 removed
[  663.729650][ T4687] team0 (unregistering): Port device team_slave_0 removed
[  665.090572][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  665.097374][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  665.437368][ T6728] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  665.449233][ T6728] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  665.468219][ T6728] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  665.489956][ T6728] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  665.511456][ T6728] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  666.980259][ T5837] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  667.209674][ T5837] usb 1-1: Using ep0 maxpacket: 8
[  667.260994][ T5837] usb 1-1: config 0 has no interfaces?
[  667.266886][ T5837] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  667.276641][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.373683][ T5837] usb 1-1: config 0 descriptor??
[  667.607743][ T5802] Bluetooth: hci1: command tx timeout
[  667.607925][ T9470] chnl_net:caif_netlink_parms(): no params data found
[  667.781822][ T5837] usb 1-1: USB disconnect, device number 18
[  669.400704][ T9470] bridge0: port 1(bridge_slave_0) entered blocking state
[  669.408457][ T9470] bridge0: port 1(bridge_slave_0) entered disabled state
[  669.417809][ T9470] bridge_slave_0: entered allmulticast mode
[  669.427072][ T9470] bridge_slave_0: entered promiscuous mode
[  669.498393][ T9470] bridge0: port 2(bridge_slave_1) entered blocking state
[  669.506460][ T9470] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.514575][ T9470] bridge_slave_1: entered allmulticast mode
[  669.523677][ T9470] bridge_slave_1: entered promiscuous mode
[  669.570106][ T5837] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  669.679374][ T5802] Bluetooth: hci1: command tx timeout
[  669.759407][ T5837] usb 6-1: Using ep0 maxpacket: 8
[  669.852323][ T9470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  669.891732][ T5837] usb 6-1: config 0 has no interfaces?
[  669.897671][ T5837] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  669.907508][ T5837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.987109][ T9470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  670.032490][ T5837] usb 6-1: config 0 descriptor??
[  670.365253][ T8580] usb 6-1: USB disconnect, device number 14
[  670.467619][ T9470] team0: Port device team_slave_0 added
[  670.543086][ T9470] team0: Port device team_slave_1 added
[  671.372009][ T9470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  671.379539][ T9470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  671.406685][ T9470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  671.951459][ T5802] Bluetooth: hci1: command tx timeout
[  672.388539][ T9470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  672.396335][ T9470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  672.424078][ T9470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  673.581681][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  673.917458][ T9470] hsr_slave_0: entered promiscuous mode
[  673.927265][ T9470] hsr_slave_1: entered promiscuous mode
[  673.936861][ T9470] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  673.945308][ T9470] Cannot create hsr debugfs directory
[  673.999126][ T5802] Bluetooth: hci1: command tx timeout
[  674.011546][ T9527] syzkaller1: entered promiscuous mode
[  674.017481][ T9527] syzkaller1: entered allmulticast mode
[  674.138621][ T9524] bond1: entered allmulticast mode
[  674.146078][ T9524] 8021q: adding VLAN 0 to HW filter on device bond1
[  676.410543][ T1642] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  676.709656][ T1642] usb 6-1: Using ep0 maxpacket: 8
[  676.762822][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  676.789037][    T0] NOHZ tick-stop error: local softirq work is pending, handler #302!!!
[  676.938883][    T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!!
[  676.988887][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  677.018885][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  677.058877][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  677.198859][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  677.298895][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  677.348862][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  677.602564][ T1642] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  677.614132][ T1642] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  677.624543][ T1642] usb 6-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  677.634506][ T1642] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.803571][ T1642] usb 6-1: config 0 descriptor??
[  678.414482][ T9470] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  678.580664][ T9470] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  678.802102][ T9470] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  679.012166][ T9470] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  680.584683][ T9563] ieee802154 phy0 wpan0: encryption failed: -22
[  681.765656][ T9470] 8021q: adding VLAN 0 to HW filter on device bond0
[  682.502648][ T9470] 8021q: adding VLAN 0 to HW filter on device team0
[  682.651754][ T3006] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.659622][ T3006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  682.686276][ T9567] XFS (nullb0): Invalid superblock magic number
[  682.854451][ T3006] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.862284][ T3006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  683.005546][ T1642] usbhid 6-1:0.0: can't add hid device: -32
[  683.012649][ T1642] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  683.305061][ T9579] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  685.536057][ T9470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  686.145854][ T9470] veth0_vlan: entered promiscuous mode
[  686.403667][ T9470] veth1_vlan: entered promiscuous mode
[  686.913366][ T9470] veth0_macvtap: entered promiscuous mode
[  687.093664][ T9470] veth1_macvtap: entered promiscuous mode
[  687.428259][ T9470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  687.534353][ T9470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  687.713769][ T9470] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  687.723715][ T9470] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  687.732862][ T9470] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  687.742118][ T9470] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  693.704128][ T6728] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  693.731292][ T6728] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  693.747404][ T6728] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  693.766334][ T6728] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  693.777499][ T6728] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  694.264214][ T5802] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  694.274047][ T5802] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  694.299084][ T5802] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  694.318535][ T5802] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  694.331002][ T5802] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  695.399072][   T24] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  695.439768][ T9655] chnl_net:caif_netlink_parms(): no params data found
[  695.639008][   T24] usb 2-1: Using ep0 maxpacket: 16
[  695.700300][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  695.711824][   T24] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  695.721350][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  695.839286][ T5802] Bluetooth: hci2: command tx timeout
[  695.943722][   T24] usb 2-1: config 0 descriptor??
[  695.995549][ T9653] chnl_net:caif_netlink_parms(): no params data found
[  696.230193][ T5837] IPVS: starting estimator thread 0...
[  696.272270][ T9663] =====================================================
[  696.279796][ T9663] BUG: KMSAN: uninit-value in do_output_route4+0x466/0x510
[  696.287474][ T9663]  do_output_route4+0x466/0x510
[  696.292773][ T9663]  __ip_vs_get_out_rt+0x496/0x2100
[  696.298122][ T9663]  ip_vs_tunnel_xmit+0x1ff/0x23b0
[  696.303548][ T9663]  ip_vs_in_hook+0x1c4e/0x36e0
[  696.308559][ T9663]  nf_hook_slow+0xde/0x3d0
[  696.313341][ T9663]  __ip_local_out+0x756/0x7f0
[  696.318219][ T9663]  ip_send_skb+0x6a/0x3e0
[  696.323159][ T9663]  udp_send_skb+0x1375/0x1cb0
[  696.328080][ T9663]  udp_sendmsg+0x2ef6/0x3480
[  696.333108][ T9663]  inet_sendmsg+0x1ef/0x2a0
[  696.337858][ T9663]  __sock_sendmsg+0x278/0x3d0
[  696.342927][ T9663]  ____sys_sendmsg+0x893/0xd80
[  696.347982][ T9663]  ___sys_sendmsg+0x271/0x3b0
[  696.353069][ T9663]  __sys_sendmmsg+0x3c2/0x7d0
[  696.357949][ T9663]  __ia32_compat_sys_sendmmsg+0xd2/0x160
[  696.364009][ T9663]  ia32_sys_call+0x3a66/0x42c0
[  696.369099][ T9663]  __do_fast_syscall_32+0xb0/0x110
[  696.374452][ T9663]  do_fast_syscall_32+0x38/0x80
[  696.379833][ T9663]  do_SYSENTER_32+0x1f/0x30
[  696.384638][ T9663]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  696.391376][ T9663] 
[  696.393825][ T9663] Uninit was created at:
[  696.398355][ T9663]  __kmalloc_cache_noprof+0x7f7/0xed0
[  696.404174][ T9663]  __ip_vs_get_out_rt+0x3fc/0x2100
[  696.409642][ T9663]  ip_vs_tunnel_xmit+0x1ff/0x23b0
[  696.414904][ T9663]  ip_vs_in_hook+0x1c4e/0x36e0
[  696.420102][ T9663]  nf_hook_slow+0xde/0x3d0
[  696.424749][ T9663]  __ip_local_out+0x756/0x7f0
[  696.429835][ T9663]  ip_send_skb+0x6a/0x3e0
[  696.434454][ T9663]  udp_send_skb+0x1375/0x1cb0
[  696.439455][ T9663]  udp_sendmsg+0x2ef6/0x3480
[  696.444246][ T9663]  inet_sendmsg+0x1ef/0x2a0
[  696.449253][ T9663]  __sock_sendmsg+0x278/0x3d0
[  696.454196][ T9663]  ____sys_sendmsg+0x893/0xd80
[  696.459435][ T9663]  ___sys_sendmsg+0x271/0x3b0
[  696.464310][ T9663]  __sys_sendmmsg+0x3c2/0x7d0
[  696.469330][ T9663]  __ia32_compat_sys_sendmmsg+0xd2/0x160
[  696.475242][ T9663]  ia32_sys_call+0x3a66/0x42c0
[  696.480450][ T9663]  __do_fast_syscall_32+0xb0/0x110
[  696.485805][ T9663]  do_fast_syscall_32+0x38/0x80
[  696.491102][ T9663]  do_SYSENTER_32+0x1f/0x30
[  696.495847][ T9663]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  696.502597][ T9663] 
[  696.505068][ T9663] CPU: 0 UID: 0 PID: 9663 Comm: syz.1.825 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  696.517555][ T9663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  696.527941][ T9663] =====================================================
[  696.535186][ T9663] Disabling lock debugging due to kernel taint
[  696.541739][ T9663] Kernel panic - not syncing: kmsan.panic set ...
[  696.548335][ T9663] CPU: 0 UID: 0 PID: 9663 Comm: syz.1.825 Tainted: G    B               6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
[  696.562164][ T9663] Tainted: [B]=BAD_PAGE
[  696.566457][ T9663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  696.576872][ T9663] Call Trace:
[  696.580298][ T9663]  <TASK>
[  696.583373][ T9663]  __dump_stack+0x26/0x30
[  696.587941][ T9663]  dump_stack_lvl+0x53/0x270
[  696.592775][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.598845][ T9663]  dump_stack+0x1e/0x25
[  696.603235][ T9663]  panic+0x4bd/0xd50
[  696.607425][ T9663]  kmsan_report+0x29d/0x2a0
[  696.612178][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.618240][ T9663]  ? __msan_warning+0x96/0x120
[  696.623217][ T9663]  ? do_output_route4+0x466/0x510
[  696.628495][ T9663]  ? __ip_vs_get_out_rt+0x496/0x2100
[  696.634053][ T9663]  ? ip_vs_tunnel_xmit+0x1ff/0x23b0
[  696.639508][ T9663]  ? ip_vs_in_hook+0x1c4e/0x36e0
[  696.644697][ T9663]  ? nf_hook_slow+0xde/0x3d0
[  696.649535][ T9663]  ? __ip_local_out+0x756/0x7f0
[  696.654586][ T9663]  ? ip_send_skb+0x6a/0x3e0
[  696.659305][ T9663]  ? udp_send_skb+0x1375/0x1cb0
[  696.664366][ T9663]  ? udp_sendmsg+0x2ef6/0x3480
[  696.669327][ T9663]  ? inet_sendmsg+0x1ef/0x2a0
[  696.674241][ T9663]  ? __sock_sendmsg+0x278/0x3d0
[  696.679315][ T9663]  ? ____sys_sendmsg+0x893/0xd80
[  696.684450][ T9663]  ? ___sys_sendmsg+0x271/0x3b0
[  696.689492][ T9663]  ? __sys_sendmmsg+0x3c2/0x7d0
[  696.694540][ T9663]  ? __ia32_compat_sys_sendmmsg+0xd2/0x160
[  696.700636][ T9663]  ? ia32_sys_call+0x3a66/0x42c0
[  696.705781][ T9663]  ? __do_fast_syscall_32+0xb0/0x110
[  696.711333][ T9663]  ? do_fast_syscall_32+0x38/0x80
[  696.716614][ T9663]  ? do_SYSENTER_32+0x1f/0x30
[  696.721540][ T9663]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  696.728300][ T9663]  ? ip_route_output_key_hash_rcu+0x316a/0x3bb0
[  696.734809][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.740287][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.746373][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.751829][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.757914][ T9663]  ? ip_route_output_flow+0x236/0x2b0
[  696.763518][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.768991][ T9663]  __msan_warning+0x96/0x120
[  696.773822][ T9663]  do_output_route4+0x466/0x510
[  696.778965][ T9663]  __ip_vs_get_out_rt+0x496/0x2100
[  696.784362][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.789865][ T9663]  ip_vs_tunnel_xmit+0x1ff/0x23b0
[  696.795213][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.800806][ T9663]  ? __pfx_ip_vs_tunnel_xmit+0x10/0x10
[  696.806533][ T9663]  ip_vs_in_hook+0x1c4e/0x36e0
[  696.811621][ T9663]  ? __pfx_ip_vs_in_hook+0x10/0x10
[  696.816994][ T9663]  nf_hook_slow+0xde/0x3d0
[  696.821680][ T9663]  __ip_local_out+0x756/0x7f0
[  696.826582][ T9663]  ? __pfx_dst_output+0x10/0x10
[  696.831663][ T9663]  ip_send_skb+0x6a/0x3e0
[  696.836224][ T9663]  udp_send_skb+0x1375/0x1cb0
[  696.841191][ T9663]  udp_sendmsg+0x2ef6/0x3480
[  696.845972][ T9663]  ? aa_label_sk_perm+0x6f0/0x7b0
[  696.851228][ T9663]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  696.857044][ T9663]  ? __pfx_udp_sendmsg+0x10/0x10
[  696.862181][ T9663]  inet_sendmsg+0x1ef/0x2a0
[  696.867359][ T9663]  __sock_sendmsg+0x278/0x3d0
[  696.872255][ T9663]  ____sys_sendmsg+0x893/0xd80
[  696.877245][ T9663]  ___sys_sendmsg+0x271/0x3b0
[  696.882141][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.888311][ T9663]  ? __rcu_read_unlock+0x6d/0xd0
[  696.893494][ T9663]  ? __fget_files+0x3b4/0x4a0
[  696.898412][ T9663]  ? __fget_files+0x3b9/0x4a0
[  696.903320][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.908764][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.914823][ T9663]  __sys_sendmmsg+0x3c2/0x7d0
[  696.919694][ T9663]  ? schedule+0x17d/0x3c0
[  696.924209][ T9663]  ? kmsan_get_metadata+0x105/0x1b0
[  696.929632][ T9663]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.935729][ T9663]  __ia32_compat_sys_sendmmsg+0xd2/0x160
[  696.941630][ T9663]  ia32_sys_call+0x3a66/0x42c0
[  696.946587][ T9663]  __do_fast_syscall_32+0xb0/0x110
[  696.951934][ T9663]  do_fast_syscall_32+0x38/0x80
[  696.956998][ T9663]  do_SYSENTER_32+0x1f/0x30
[  696.961711][ T9663]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  696.968268][ T9663] RIP: 0023:0xf7ff6539
[  696.972493][ T9663] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  696.992329][ T9663] RSP: 002b:00000000f511655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  697.000979][ T9663] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080002680
[  697.009129][ T9663] RDX: 0000000000000011 RSI: 0000000020000000 RDI: 0000000000000000
[  697.017262][ T9663] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  697.025395][ T9663] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  697.033693][ T9663] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  697.041852][ T9663]  </TASK>
[  697.045338][ T9663] Kernel Offset: disabled
[  697.049782][ T9663] Rebooting in 86400 seconds..