last executing test programs:

12.474598659s ago: executing program 0 (id=3419):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x19, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000630104000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002911ad080a1110115dab010203010902240001010000000904000002c688ff0009050f020000000000090506"], 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000380)={{0x2, 0x4e21, @multicast1}, {0x6, @broadcast}, 0x2a, {0x2, 0x4e21, @multicast2}, 'erspan0\x00'})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x1004, 0x804, 0x6, 0x89, 0x120000, 0xff, 0x4, 0x9, 0x8000000000000007, 0x4, 0x0, 0x800000fe, 0x400000000000006, 0xd5], 0x8000000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x40, 0x80, '\x00', 0x0, 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000004008804416483169a045c0000", @ANYRES32=0x0, @ANYRES32=r1, @ANYRES64=r0, @ANYBLOB="9d7e9228a9ce8398b13bd4c3e3f9016f46f66ca9ebc07feca5d882c297d810a4255e4e50c6742fbf1ff4b5cd2eb6d36d4df2601fbe29111840131492bed8d33ae788d612b92d9779651d6c5bfafae2981640c91969f97fc8648333afe1b5bf136e89f67c5307050ec9d88a2ba2e1cb0b8c1705a86ea40ef7ca44e4e3c88fd4026a6e585118de5cc0e42f75c0224719f49b221e3822d129e74091f4945f701e0c64a4846a6acee433a8bac63778b6eb4b880ed0ca96d5b2b5cd41300b29005f14f58e23f35c427ea2a81d4349e6de0453af4ce33cf1bb9a46c2d37486f0a62f9dbd446cc5b3ac4934afacacd8d806a96e6ce07ba04d65a93949", @ANYBLOB='\x00'/20], 0x48)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000001c0)=0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x19, 0xf, &(0x7f0000000080)=ANY=[@ANYBLOB="00ff000000000000009cf283c7", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000000f000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000ba000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_open_procfs(0x0, &(0x7f0000001c80)='net/arp\x00')
read$FUSE(r6, &(0x7f0000001cc0)={0x2020}, 0x2020)

10.00670989s ago: executing program 4 (id=3425):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$kcm(0x29, 0x2, 0x0)
close(r1)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x5514, 0x0)
syz_io_uring_setup(0x196d, 0x0, 0x0, 0x0)
r2 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="250804000000000000"], 0x54}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={0x1}, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r4, &(0x7f00000003c0)='./bus/file0\x00', r4, &(0x7f0000000080)='./file0\x00', 0x5)
r5 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7b, &(0x7f0000000100)=<r6=>0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000500)={'ip6_vti0\x00', 0x0, 0x2f, 0xfd, 0x1, 0xf4d1, 0x11, @ipv4={'\x00', '\xff\xff', @empty}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x40, 0xfd3b, 0xfffffff7}})
io_destroy(r6)

8.9729201s ago: executing program 4 (id=3428):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="c2b140004599aedaf6", @ANYRESHEX=r1, @ANYBLOB="21091fb10b4385cb9c8c9613a3578407dc5230bba2adb2db054904b373f47efed622174d4b65f8484c8fcbd6459cb30e56760dee6b11a2b5efeb0a30dbe0d87560926c4c48c45883d438fe76a94c30cb587417ec18bb65ffa76796019ee9ec82e78f719790ffd2006a6723cd82540105bc8b9ebda583f96e8cb6b67d8f3ee63283e3f45d4618b8cbdc740729612cebabdf54f5de5d16ff8d2d5b44ed4ef18a263158dd868ad84a6b31e032b2acef69ccc85ae6f31c080069ab9d94c756cb1945fea59a8a53", @ANYRES64=r1], 0x40}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0x7, 0x1000000a, 0x100, 0x0, 0x56fffffffffffffd, 0x401, 0x6, 0xfffffffffffffff7, 0x2, 0x13f, 0x2, 0xba25, 0xfff, 0x3, 0xfffffffffffffe00, 0x4], 0xeeef0000, 0x1c0080})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.838906569s ago: executing program 1 (id=3429):
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
unshare(0x4000400)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000480)=0x7ff, 0x4)

8.736910922s ago: executing program 4 (id=3430):
syz_emit_ethernet(0x42, &(0x7f0000000f40)=ANY=[@ANYBLOB="8c4d58c4fbb85d10fe034402040e0005021e0307e076863a7518705532", @ANYRES16=0x0, @ANYBLOB="a6d1e8552214a41cdefe61257028efd7bbeb421fac036f849d8a3f2371ca64df188cf9fbf200fe68e05a0cee931d13bb91ee102cdd31e418063d61e6373f1778031c658ef30e68203549a70739072ac61f51e4b75957182d38caae69409b1541b84c8371e5e8a95751bc941f0280314b2338ca3040dddbea8062837ff2d9305d138a930401d7dea1e5e15ae1e25507a65481c9", @ANYBLOB="f47c8dd0beb989e18455785bdcf46f26d852cd0ef0f61c9f8b35249d3b9cb9d431daeb0b9e726345c327af3bb2b9c745665d88131d38664521b93383208c71567dc2cc7e7e1775405fe612293ef1c0da8818053afc8497da8b93c3a395d504dfeaad40bf94b1c0e99380c62d8456f8d89fb550954df3cf98a0acabb382c74cb159e885f9fc2a472872d6ad9539f77776c9f8a683f02b3a4dc4fb0b754a79f5d02bd16818e784ee4dcc"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x5, 0x0, 0x8000000, 0x1000, &(0x7f0000ffb000/0x1000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x105040)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000600)=@mangle={'mangle\x00', 0xc061, 0x6, 0x538, 0x0, 0x378, 0x0, 0x2a8, 0x2a8, 0x468, 0x468, 0x468, 0x468, 0x468, 0x6, 0x0, {[{{@ipv6={@mcast1, @mcast2, [], [], 'ip_vti0\x00', 'ip6_vti0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {0x0, 0x3a010000}, [@inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0, 0x0, {0x3000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {0x3}, 0xfff}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x0}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'veth0_to_team\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @ipv4=@empty, 0xff, 0x2d}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r5, 0x0, 0xb, &(0x7f0000000080)=0xffffe, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="0380c2000000bbbbbbbbbbbb0800450000380000000000019078ac1e0001ac1414aa030490781200183f2500000000680000000100007f0000017f0000010018f9b6ae9b1c03"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x2006c2, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000340)={0x28, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x78})
socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r8, 0x3b70, &(0x7f0000000440)={0x30})

8.733495697s ago: executing program 2 (id=3431):
r0 = syz_io_uring_setup(0x6df, &(0x7f0000000640)={0x0, 0xec2a, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000400)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r5=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000400)={r5}, &(0x7f0000000340)=0x8)

8.701604261s ago: executing program 1 (id=3432):
lsetxattr$system_posix_acl(0x0, &(0x7f0000000180)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000", @ANYRES32=r2, @ANYBLOB="800202000a000200577f0000aabb000020000e8005"], 0x48}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)
pselect6(0x40, &(0x7f0000000080)={0x4, 0xc000000000, 0xffffffffffffffff, 0x9, 0x100, 0x4, 0x8, 0x10001}, &(0x7f00000000c0)={0x2, 0x80000000, 0xffffffffffff447c, 0x10, 0x4, 0x1, 0x3, 0x7fffffff}, 0x0, &(0x7f0000000140), &(0x7f0000000200)={&(0x7f00000001c0)={[0x5e]}, 0x8})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x8004}, 0x80)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000080), 0x10)
listen(r6, 0x1)
accept4$llc(r6, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0x40384708, &(0x7f0000000040)={0x8, 0x1, 0x5, 0x3f, 0x1a, "3eccd25569e20900"})
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180))
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)

8.700888149s ago: executing program 0 (id=3433):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
readv(r1, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, 0x0, 0x0)
writev(r3, &(0x7f0000000300), 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast1, @rand_addr=0x64010105, @empty}, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10)
write(0xffffffffffffffff, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000001000000", 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000001880))
socket$inet_tcp(0x2, 0x1, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='hpfs\x00', 0x8007, 0x0)

7.767082354s ago: executing program 2 (id=3436):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
readv(r1, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, 0x0, 0x0)
writev(r3, &(0x7f0000000300), 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast1, @rand_addr=0x64010105, @empty}, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10)
write(0xffffffffffffffff, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000001000000", 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000001880)=<r7=>0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042})
io_uring_enter(r5, 0x92, 0x0, 0x0, 0x0, 0x0)

7.720655407s ago: executing program 1 (id=3437):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61129300000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000003d350000000000006507000002000000070700004c0001fa0f75000000000000bf54000000000000070400000400f9ff2d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa1a2ba7ba0e2d507b92de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d72e690098804de235cf020e35245c9f5526d35df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07f8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000037000000080003", @ANYRES32=r1, @ANYBLOB="080026009015000008005700"], 0x2c}}, 0x80)

7.712465133s ago: executing program 0 (id=3439):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
r2 = getpgrp(r1)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1cc)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, 0x0, 0x2)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x8000}})
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmmsg$inet(r7, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="08001497733f7fb3", 0x8}], 0x1}}], 0x1, 0x2004000)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0xff, @multicast2, 0x4e21, 0x3, 'ovf\x00', 0x2b, 0x5, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x1d}, 0x4e21, 0x4, 0x3, 0x5, 0xfffffff9}}, 0x44)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@ipv4_newrule={0x30, 0x1e, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'syz_tun\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)

7.124722445s ago: executing program 4 (id=3441):
socket$inet(0x2, 0x2, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000160001f47efde4be701161000a000000040000800400", @ANYRES32=r0], 0x1c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x5, 0x2d, &(0x7f0000001dc0)={{0x12, 0x1, 0x200, 0xc4, 0xad, 0x6b, 0x40, 0x856, 0xac30, 0xd21d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x6, 0x2, 0x0, 0xf7, [{{0x9, 0x4, 0x6c, 0x9, 0x1, 0x96, 0x79, 0x5c, 0x7, [], [{{0x9, 0x5, 0x81, 0x3, 0x3ef, 0x6, 0xe, 0x7}}]}}]}}]}}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
kexec_load(0x6, 0xa, &(0x7f0000001a00)=[{&(0x7f0000000240)="81fc2704e359983754d10ba3c41b42a78b297b95599b69ac913ccb842d67f83c954d5842badd1488e186a6a2", 0x2c, 0x0, 0x8}, {&(0x7f0000000240), 0x0, 0x400, 0x1}, {&(0x7f00000002c0)="03a89fa6a811869e9000397823b7ed6dda079a36bc70955cbf0fca9a3d35967a74c7581b0b75e4f0f2f775ab3899f8451def2c75b71cf4bb968b7b474b0efbd0473769a746", 0x45, 0x797e, 0x5}, {&(0x7f00000004c0)="de88a961329920bf2e9f9f9c4899f38e5f2727a77951d95a97dd37ce1520c38253f8a3cd0673f8fc6fbbdbdc0472e5e87a033ab1d921a43eb963d939c6e7df6a16540acc74d445c9faf9795417705428e614e319d7dbc56eb0bf8d49956b61e008e151f7ca6f6ef3a38fdfa2933417ad7732782807ac3611dec19c8aea915dd70141b1dfb83842f0140e3a56b753f2fed22d9e1f9b79d4d6820b6ce28cdbdb3015e104cd05f79814ff8f219b2d7b6b7416a4", 0xb2, 0x7fff, 0x3}, {&(0x7f0000000200)="b47dc7ec2a7da10912095c44820777d0f10c99acb8e59204b2c32f9e056c90469866ed3cb610e24cb69bbb15479d01c23c7f9a8c3b1be6b0aa76e2fb439603", 0x3f, 0xfffffffffffffff7, 0x1}, {&(0x7f00000008c0)="a0381913daf694465d4951c58c7c099faefdcc859a5ae33ba0373ad803793d12d35ddd1517e77d335cd9f28382e85116ec5dc63e35d73cb7cc3221d4fc3e0712366a9ac92a1c71382e8f32045517b57e52030794d96f8dd80347d060d3314a03c07b53c58ac3d423dc8e61adf8c88274eb72db62d49b0220bae3ebb30dc03ccacfcee70145e69b9ce2d9da6270bef60c3912cfa9703cec7656662b6dbb066fac0b508a628ac745", 0xa7, 0x5, 0x9}, {&(0x7f0000000680)="849762b59f83681c94315ab1688b57e2c2fe929b675c898d7ec8d2b9b96ca43282db185a984a157e18039dae3d6cf58643391fa4660bdcf297161ab3a8af6a65ffad50132eec0d15b73910893e1a0a5b22e64838c88a07dab19c86afe1c48524a2958c061ad1ef4c450ffb0f1602a940237add019655231f9189e740364958bb8d9d21ccf8756511ac", 0x89, 0x6, 0x6}, {&(0x7f00000007c0)="b149aa3c891bc03cfc5b3ade2cf2372f63d394014dbe4c14de6e5a7c6e6b187ce7b294a55600072f6a3cfe8135b8ac0ca422fb9c527aa8d1b570389e354a141429a1fd615e4870095e2841ca077688286a890479735b2d769c48c007f18eb90b477a7ef7e56814007732a023e50591f7da96cefd49e644488cecf2e4eda0283cb5bb1c29a64b69420783a28fc567f80ac648c3ea36ada944bcb4ed9daec163e1f9db83f6db0bea7fc32b4f21b68260cd094c552ff6edb663c50ae20bd984a466df78fc5cdc275d87b5d2f932aefc0a1075c008e1039b18909dd1f34575dffeebd4aa10d95c14f1986ed368abce0442bcd4794571f65e", 0xf6, 0x3, 0xe0fa}, {&(0x7f0000000380)="037c050ac6615c6861fdd5dd5abb33296ecd86e8a3b8b8f9a8b7f539b225bb03dae393c6666769b84ae691fe3363f4beacc2d4a3e01dce1358eb86cd02bd9e906ad7e58f137d175c68a4d35181", 0x4d, 0x5}, {&(0x7f0000000a00)="c58e22362c9253b369c4e9f13a833311d6a9396f380c5bdfd37ccd327cddaadc6b270ce46b7b90bc35602dcb105674541ced5ec32824d0e39093989f789156edb3709d1b24127a0ea3108c0957d85c1dd1f10a29060a9fcd91605299af53713b4f5339e2b06844a797521d3729621ca34715f710be2a68dd3e9064635f6c4442e29d1ead1f8644578cbc7db6db94adbdba41629ccb269270d796d60871626a0c590749c7093c280cb4434895038ec4bf1931e9fadc3d70f068601647a4790ae32dda9449d2a84360f20876e8bbd8e525ecea3b6409418e0f5e02fc1d9c587c62902a119c51fa081df56d8ab7f8f6425a97b5c558887a7a5d5137b86b98cdd2170b03803e4155c87c6f5e0462be2f3af807e216b180704906c69392c44067053039da8c92076f602cea7740e9742468d3580181a74d170dcd88ba8e94c34cecc2ad5ea83bd8b006568a32803e87192c4603b1b8a55ad98f41face8e2e136ae1b96153f882faf81638794945e59d6216a0d955bfc92949ce31e34e63ff83dffed7b98fb3f8d2faa9026979ab4a130ae2263e2534218e8a9293fdfdccdbd7711b5f9b42ebc3ce6547519e773573510b56f96b812ef1415b1683a4927b16ab2352471312d5b6014f366d5f243cf34c175ff25d31154623f34c821956e1afaea2b84f3c40f408d9de86580a587c50340daca549a50e2a742cbf77cdb4fad34c635822627807bc22f8e96e00e1165bffcde5808f3e7ca846ee8cda5b30fa8e4c508d12f94894f669b8b3391ad4cde87c945a04026779ac2e814436aff6e323764fff99e83a054eac45b022cc17db29c13fb860d951a1e0018364d85aa29031148ff2f2d425e7e438ae8cf906e3c0c9b1467cb7629bc3308e55d7eab5477bc1c2483f82c8e5392a45b9050492101a7356f8331ac51853db1da2de3a96011824dc6af79597db405833089835a38a0624b3338eec50a56cf2cd6e32d8b2f110e5c6c347a54ca563df598602aed5c1c9a479c8c79a5d0a2293e1692d74fec4879b5f915a418f7bde35cc684ad83e970cbd445b5f72919eddc02e6b4e5eefe161edb29e1a06ac926d17679c3974ba154afd62112372544c73e3f993e852ce1728bbd509b1135a23884e50894e7ee3d219b567317579fc34ac9d38f8c8123c17f16a40f8f6ea2e1403caa7379e39a439addb1ab8a9964eae928ec927a20159858374f69456c4645990e236c900d3375e044e614f87f9d4ebd7685581b4528c98a80030b776b592ef2ecba0ee82c161f530efe62b1b9883498d864253878dbe20a5ddc042bae1786d542b8c23f8686c1640a03e08b1fa474f819b32c349930431b81a8e95ecf040482766eae4a6ac22f7d7ae48dd6420fb0b6e8d2828b7e5fc38c04d83779f81291003f48d8b6c96eda90f9ba541b79867c49d6cbf5efb48d60b72e32f60bbfab57c61ac2676bdedd52454b3f908988687db84af737d1fdd06352bf621b4583784290274332f0148760b0a75d334fb0e447069ab429c0c67d4c581c7581f81b2b9f13c857cbe50d36ab8672678ed9e3f903c3e78f667ae6bee9e0dfa3f72db0c0f556ab586b396a3e270e08241dc14e603e101d6d1c2a45b0432ed509fee61804168e2402108bbcf265a8024948abb791c0b9b5d4de42532b74518a63fe5c404d289983acbf27553a59949661c79a293331a4e55aef0fc530bfd48552f31fb86202f34b94abebc4f77c4fa69600a4d4f8b0479b6bcc1cf5bf39db999f6885f2d063436b4472e2c4af616ac1646b79165997ceb20976cc5029806ceeb069dd74f74a81dd17558949ed2dd2f2517be4d0ba0216e2f1a594f6fdfe60a1b7641aee42bebbbdd35752bf59ed0daa5bee94fb541a6bce4dd61a4ff0cfea76a062d768b8a23a536138d754affe183c623b792125097b16bf0ca1d3fb4cca61ac593f34ad2fd54a6142fdb6981399c700b63e42f58823964486f0565bb0b2bb58cf2ef6f0a8b3051601f40872d1de8548215675db5ed061a39ea1af7e718c5c11d8b75e98d20d54294eb1ec96b6520325ee97b13b2651862626ef4ced8280d40fb733d07ecc3fd841faec333b20f4ca9a4b72acf71f797893aff1148e71fc42b21d7c0df3ebacf1aa53e833151248d9fc51220e37794bb7807cebcea6a9bf46c5800980ad2eea7774390d43219d9a70cf4b7981f9ef5434f94beec98cf8bf7bdbb04ae8d54c8885914c1057167b69553f9db62a9f09978e405ed5b282d5f1e5d1c5e6a78c5459b4a6f4af791a91c994cabbec6dd50289065940ed64b5671c5b226deb2478fb144d7e2aeb8f364097fa0235d197b2656acc724340de29fac2fbe25649a69595bf66d944ab77c70c580feea880133df743772ee6c87154cafe5407304c7214ff27282d98abe85b04f3f3daebbca0526cc98cca943570d68796060a539f68b691d1a9e15f811d73eb8ab4f1c105a41e8ee99ce46c30ac8669f60eb9706376c375438b992f6ce38a2684459b5dc50dcebda171cffca703b766acacd848917f26d0fce876b7c216184b40211e5fb94cc25214356683fe3df2f612ed63def3eb94ed3af8e0e500e635ccaf558c808533a92ce7e441ae31df90e20508cdb590868de264dbf123237513ed9766415aec304f5b16532b6344c90987707a0ea830d3a856df905be29ada8288597dc7073ea5269fee15e30311e97d96f25f6e1d2414466e133e23c5029acb37951eea77419dc0f153fd4ce3849c47a172f872c60148c5685aa4bff64b786f6cf7608f7061717b8005e634df6ca7252566904d0a2069d037b72adfc85acd84605e96cc38a694e0da282630e1b5dcde36a6e38420b7f64cc1840faee874a37e54ef3e301ff64ed5a3d6f72a3adeeb650672962e42bc6defdc01cac081e93dca0979d29b6009cca57857231f55f4bf98a91f5fd852302818f22a562042c7395ef7c0bd38e68beb0b1e65cea8d1f99f68320f5162f88e792f461e823839d156e1d9cbf159ffb3c7ffd999e548ece1ca2ec3346ce65aeb896f29d29a9c28b6765693f84fc5883a3ac30c9bd8dc4aac17d33204352e11f013f1bf257f52036a2854e6fc21ed2437c31dddfc639cf9878570bd2d76e4c12eddf21ab60af1ec6caf2e01464db45f23e64b4e6ea3f5ad5af0df8bb829ce7aa4ea6c9fdd8401205ea2f7cd1f78d61ea1d2cf3b04297e209684c8576c30ed05ef3c2aa041016adc698cd92646959c0433f5fd8048b2e67759d97e7cb8f67e7c820b3e0cdc048fc61339e0590a5d71daf30ecab968dc6ef602bfc5500f74263ac8b05e87223882907378ab236e1120ddf64eb6f29f1ec260ef4da345068a3d9c5d5f604e99feee05c573b5ec779abf28065d26c0c7ee8eef4d98bd8e869449fb6eea98fcc2109d1af30a157ee442bcafa7adeb736f391e8a66b97c79816c1eb963cf17fdf57cbded20d1d4728780b5b3559930d9a3772d93d30b1a69efc9e77daac5a572b9fd96b07e9b7318137ec1c1016e29186dd16e46b57626ae8b54f5f522cc4d2aeeca868077ed8938f98f310d2fdb8a5aa5b0971309dc49ea2c8d85fa32e840e27927fe70cb51bc6d7646b83ea3a03d8ead8df4ef68a12e5c2eb95bad4d096e5834f8b921efc93675dd4876dfee0d9b43e310d3fc6d485f56e94767a234c34671e43894c9c3972013f6dbbccccfb99a86ad532a386d51af4216e231e8d443104af23df737146da28283369a23eb32f34735c439bce12a8a388295ed6b85e629389b8870682d17923751120453b81462e01fd17691ca9bb324cecca4fcd7b09005d99f7bd5c3c5b13d36ca42aaa46edd7dbc9e5eb77c9903e3d3fa79343c74ef5f6beba10eeac4d4d65b39b99b45aa9f4f6802da788a9d6eb77509c9ad5a7097fba30a0a24bd1c0a2eee40dd202fe5d8e8f3bb0532984b2f8d6e27a12111218aafda07c4014b6eb3361c09a1bdbd50c64d46061176063c1ed9d46b17d70c95caf3899f6a618e96b27499e3087f838847ccfc2a961422cf44fe9fabc31bba5a9d68c7f431329f55157ecfcf66097503fe4aab52693b4e8bee8c54e3d1ac08fa69db98082f83b54677e5e7b2e665ded1d358fde8a5510082ea5b88f1b31c3f194fdf4bc58a5cf6d17384960470d07a50af82150a8e7317e277a1bb874ccd14169b85289261fa0a65cf1135efaaab3b8eb32f249bf06b13671ab7b76466affa14bd777caaa4143b32858b8e83127f816345a74deacafe97a8536b7aa5252875eea7516ff51ddd82901c52fa31a9714b35f3f724c18470de29859b9b0d0a40ff47d3ce65b1a826047ccdb70e13daf6ba520b2e17079b970c55c8a2f003875c8362d3704adcc6901179443258962c294525ae38c4f7d62fd7b5354dd98fe83b4bd0a3269782ab1df1bc083e8dd0a8e2e734a543296f174b0ed94f31fc55b998e1c5f66762a9c3249d0ae964d30d12755c467907599ce79834e392a69f3350336f3d2a0841a70a951a46f8c793ffd19119da5d22e02fb1f7a546286cdbfda6b593b0d283cab9c4421a47f66e7d78541c86aead38d842dadf4bb9b7e60377c87eee5bc9a55d1bc304d8c5f99dfe519841e2fd5bf33ba667853eb57b08217beea865aa9bd13fce52e80639dfb47d7ef8ed3cd8cec732d696d87935c4db1faf2e8121eb4bcd86a09758368f66cc65eda7beafdcb5906cb46924cf186091a18748076b99b16709c806865be13c23dcb99edd0712b23b731555413d7020c94c22438699dd215132df1c933be1e4239ea6b0081114b9a6e19cb54359214966662ef1ca0461e48f4aed6052b9c21f6b4bae1376f9a8034c7d842fc960bbe4cdcffae41f1b173a02a6c3fe763ee7683c99a7b2e3cbb70a2632e7bb3d545f459863570b8bfbb74325272152515cbab4f82c32072bc9820b8dd623f502ddf8c44b425f146d16e07a453107d69025c39f9f98e9dda740c1a4b78e026cd387b311728fa16dd76b22cca7b8c5f35e66a24a011c924c5909053cb0dbce417aca7deb8b3bca3c0d03c86df75994c0914e48570acaca4a6a0fd50a6059770bbacf41372e30cc9da1c36d54223b00c8a45744a3ff14c406d96aa1410f51c4c6ae2eaf4ca6d901d214bbae74123090f2e7e149d32afaf5938ebc8dd44612c75ffabcc18d7f2098f7af5ff4e32f5899c2c9b026e8577a3115bc2c0f9ffb86e6847cb882650f6ed2fa96e9cd285e2934243142b4ee3d53fc143944b9500efa8cf3c62b643531cc71d30ec46eed91a8ddf5bce96c9dc3791c49f2c090fa7c843e6c612aabfca15dd5dae8e1bff96e279958820dc76da75864c460a38ff7d3d228a00b83c87a3ed2f92d4ce47ad9f66e9897772a807aa562613287b1b855acc77abd98948f0f25feb357d009eb99076a90005bb2c0ec68f39fe6c2bba0f1464a34741c5af62e5a72933928b5d98a678c2c7bd470b8ef357fc91e70af2f509fd8a2960769d24cc56af37c7c84068280cdb4bcdcd7fe53ba15c1ff0efd7a65a6e8c7697c2da614f2ca1976b56a085b5af6aa1f967a238de36cd857a78c05954fd3c1be81e220b899dec2488145ed7699c39d6ce05de4a641b90da001b99c08ab737e8551b1737e2a5fa772be16760a82ee17102fb80f97c3e87c89e4238e15cf3e6e115ede32c2f3f26ae64e54a5204569f48116233a07485f615cc490f4fc66f24762c94de2853d923c73df87ed929ea7c09edef2ebf503d685ece903ee910cee19d5fbd66028ee0c7ded2e3ef4ed7cce19cc0a5349872b5805df116205696f3b5fa2ee54870c2eb817fcfda335e", 0x1000, 0x6}], 0x0)
r3 = syz_io_uring_setup(0x2b9, &(0x7f0000000740)={0x0, 0xb1e9, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000080)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x4, &(0x7f00000009c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xdffff963}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$SG_SET_FORCE_PACK_ID(r6, 0x227b, &(0x7f00000000c0)=0x1)
readv(r6, &(0x7f0000000000)=[{&(0x7f0000000100)=""/54, 0x36}], 0x1)

6.644297602s ago: executing program 1 (id=3442):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000000)='xprtrdma_err_vers\x00', 0xffffffffffffffff, 0x0, 0x200000000000}, 0x18)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x4001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket(0x1d, 0x4, 0x6)
r2 = socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000580)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file1'}, 0x3a}], [], 0x2f})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)

6.55031713s ago: executing program 2 (id=3443):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0xffffffffffffbffc, 0x8b}, 0x0)
r4 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r5, r4}, 0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={'crc32c-generic\x00'}, 0x0, 0x14})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$poke(0x1, r7, 0x0, 0x1)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r6, 0x50009405, 0x0)

5.785863705s ago: executing program 1 (id=3444):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f00000005c0)=0x6, 0x4)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
prlimit64(0x0, 0x2, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
read(0xffffffffffffffff, &(0x7f00000001c0)=""/93, 0x5d)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0xfc}, 0x2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x1}, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b000552"], 0x38}}, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
r8 = landlock_create_ruleset(&(0x7f0000000080)={0x4884, 0x0, 0x2}, 0x18, 0x2)
r9 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r9, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000140), r1)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xffffffffffffffd3, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r10, @ANYBLOB="9878104c35aac6b53a0c8fc12a60a77207d52240f9b9afef56d2dcbaf3ad0378af990cfdca3382b7fe8fdc3dd8e44fca823581353a272b0b9c0508e5f2657d87629c6dd96bc63f94b0aa1fbec9ba0d6fcec5f98907d8c8b84475f95f1d1960f814652b223f4a67911cec8737bf40266caa859723fc68ce07919f2ca7a0b11a8a03f995cb085a7594dd89d0db87fd25c16b5a75986086f8d13e38248d9fdd1b8a038549203c8e8320b8d48f46fecf044d8d9f3b34ff771a95d392d09e16629e14bd1d"], 0x14}, 0x1, 0x0, 0x0, 0x4040010}, 0x20008800)
setsockopt$sock_attach_bpf(r9, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r9)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r8, 0x1, &(0x7f00000000c0)={0x49, r0}, 0x0)
socket$inet6(0xa, 0x1, 0x1ff)

5.010713634s ago: executing program 2 (id=3445):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xd}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006380)="c66dd220cbdeb68f27c1f98bf43fd861bcf841572658a3308737983b31a434673f1003eeeb6d9b934bcd19cf754f4882114d61e15354449f763f772e86c9e2252731f7a098faad2accca3e470845b32918bcf530f9474d3cd610d9028cb7b247d3a73d887719f70554d8976c10784c8073e521a80b5ebe7501d6c3b6b5cf9a498a1e97b8201ac756e5f35d71bdd4d196e73cae0cc34c7140cde8380de823e8c76662f0844f549818b5ef6c732b8f412b79273508b69f2e6a653709b4d9bded080b6c15ca5c5b8ff23309e05d460dfb40403f60a3e5a0e1d4e1aa59d53823a047427673267e79d40fdd6f12ef696fe22887d24087373f64987e48ba20e7f47d1f08871e0c22a02593156648fc106c4529d8cf17c71d473f4ad43992b1cdbf5cfaaf1ce401d5ad8b9c6bdc3c60a88a91c52f5aae74a5d25e0cd738fd80169a98b84d4d24a7e86c9d8e4c3e3ff1a9fc44a87558aeb7acbfec13a26a4b121b2cb9ae628c682aa4c44311c45a673bab25880665d6cdf589e5c5415794c4fd6b940e7a44df93a34a684183581c850fbe97ef8c1de852ea836e0db1a104b498d6dd8fdf65c606e772de2e9dfe46a418fac3c0bdd72916c951e3df04f2ae85839305be2a86aebcf4898b6e49c27df6033ad2b8651279ceb20c779716240d3d0fef3bb6c417a8c6f75398a91942d8ab11f21f5795767650a96e246c7244f8e4935e9c01349616a098ae810487d657fd095beee05a36812f39f4266f25f4508e80f19a4aec7116f1d8bc48bc2c1f0f96ff34b66a965d428852766b78f1e7eb0260bbb355cc0859af6988ff7efa0b3fede3d5f2f2147ffae4a5eb58a7585b596270334c360a1547787a95634e13d59bf53f51f48e75a6a3e48f8348f4cb495d9699dfdf8cc71668c5b9622578100f7163394cb3171fc8a6c1e7f88f08b8c3cf4b0cd9a1bc16bd1488ebe43199d97cdf4bbcde8a06a79c5af6ff2ebf1a04add74830cfac0b946514b18de249e934dd8a1a96fce085320fa857c853480170208533acd3d41c4384a932eeccd4ce7d09827efae4c0d19d00c5b48943c4d877017be59434dae6bef767fb9ffd073c2261b06c0f23a0c77a5bcb1f5738dceb6abee00bd7c649f6ebc64b4b8b948319a22ed4add48eedda8a2cd1bad6799e1d9ed778e5ce22d5fead0cd06806cb4b7b5661f9db6bcf9ddcdc9e49e0e6a8ec98fc42c660d5d75311fb9c9d06074611ebbdbea45672dd78760ed92d0e95c1d5ae234d674dc3ffaeef3d928aa4b93c0fe55fa886bd3f2371a5bb22c4dd6b8bc13250490cf279d4e56b646dec4eaa53951d55f602c1f4081d49316f6bcb35aad0453b44c7f266e99838683404859bc372d1df5f1512f35558b3706b32093b72a78a40c8a188852a0b5aca11a34ba23195cb598ca595f243c260392cd793b65dda856f81be1b54d873a0366407ac26687262d6bda693e058f598bde80e304c83dd0c2fd0e634ff15e1ca4e2918bfa8e3a626aee7b5e445aa7fae096595fe58032c993eb06ce49c1045b1f132f2c90d6e23b76076838ad7ed7a6a74245d7ad72b38bdc04e458d3908d1d272f23fe18f68ad746e5440cfbcc3b7ad477dccd6fb2db536df0e4d24480d2765e724ca06cbde7e01cd32e36681796a454c801adc1b25b501cc4aaae778f3783dad15d12e656b09bb3d8f37efc86cc7faea5e51913902faed79ae5973f4413e275f78e7e66099f9e41bd73a07445a780dde0b189308e3b83d1a3cf5aef2d3e11fcad930eb6c60ebb899b22cdbd539412b2371d28a4331394d8f29d8b16f94ffd91d4eb5c278e7f6b4024fcc7af9dfde1b3c915b06dae683760fad05d6638c6389fdd19a9b12956c11e9b9ea7d30e09b13d9f681e012f1e41746341a61b71ac6c333b29883ca2cd1aaa3c02e66c85de1e3b2b7e77b0dd1469ab9db5c17beb2d33862db20fd77de685a1e70ba55b0d9cf4b2d3d1196196b5317324e5f189605baa37493c9586b7e475865b4bb21b335e8b291b9dea17f6afc1cd84618b189567817511de821a866a00b62c62516b716cf55dcf7f5b7d7520306fe03f00cc61b7dc297886459d74bedb8ac1d05cc506db74d018c877da735481c318224fd06f349b59f69b0d2d017c817e5a1f934d263789d418eb69c772d923b01a6a4a6afbba4a6980fbf7cddd84f8e4392eaccb98cdd30488919ea6d492d32f9ca4233649117474f4116f6ca4cb762d524c0f92bbb40d3f430dbd50dba20adda8b4170a73c3b66257c412311a7bd3ea3ecca0da47a7a00ef0a464ee0a4b2402b61db833f3cfe1847b9630de47f331d575f6e3c6fb44a9021700c6d8055ea982a05a5ba6a91a41e7445fdba7ac09202fee733a5c216b3c3090991225b98178508d1985832f8e7dae58482ec0fa2215c935bd0ef9f03c0ed3caf97bf4de023605aa8535f1e88e841471bd8842084c6715a3fd3acd07ec9c43f635e5f868d82cdc6f9424ed978d39e72cc92535c2637164f15e9a67770389535ba46cbf786189562908872274ba126b313bd1c0780e9d0ca38956d1277b58f04eaa1f97ed8c6c83d9c05df0df8b43da930707a84662e480a33d1868edc9ff65368d51fda828ad29ecbd3b2cc0ddb0aad251b4736f872ba5f066617a9e9675ed7f80685544af44c677b9d39a1a353984ea4ccbf36d759b490f8dcd5621e573baaa2c03ef367f543ca5d36d1c9d33d4762bb0b1e02ec67d3511582d69b06a57d15f5260fab5ed8d9361948eabf88d9e776a18c5c4f2d42bb46373861b613db9a91ccff8fbd563ddb37f0738fa1723c23c85cac0f9eb53a41d115fe0339eed3167f59b2f2f0739cf9c0ba5769b18a213d5809bccadecee6e781811bf584c22a6557516d12bd58420f5c67c673fdf0888ab31edcee3198927b5b87a63f89f7a07d1da8cb946f0a87e7d3bb455c888f394d17694378446c9073e54368564dc546b6c930ae17afcc8360cb2e31d87ad8923f60033aa637a399707398ffa51645ab1d9963c29375c834746004ac16d24d8f006e9674e45da3d938de524857c57fd39b22678f39096309527ed22c41677a65a67dc0998a8babc9cb688a56628d09a732773d9019d92399415e93852a12d66ccbfa571837b7689c7cc50026ed643a89c8f1bdef6d01016e6e1c21bb779db52c2254f5dae40ff173943ba62ce343ec035d93d5c92c64884d654777cf6995dd0c485c7c132db383769ae1f35f1980654d2b47e92b1862f653eeb81ada4eed6c9d0fe9da3d7db5dfb4d66b2d576676beddc4394ade2acf55f9ec24aee7c4c77138e799f62deb19367ce226a66715da515479b176c9ca06c739566d279142ce2163b8835c840a3de6e2d275b5d5a948b26ec8faa6cf322c5038fc00fb0a27f0b76b5e305780c9145e99feadf571bf8d87dc93ea0f8ff3bc246b16d4e43256507abc7ccc92e113a037ab13855058ba1e0770b90f52e0740c157d68963b3d236f681454589385c6124bddf948c5aa2e147a3543c301dc6d82acb504f76239c890b7d3d76dbd7c26445ab6fe66f9f71d95f4f0d6c51533ce4b05353ef27178f6b6813366189ff4cc19cc5c9f7aca4d6b6f3b5b213e828cbf8b8b5cacb42ade1fa2594cc4ccd3457a45a5b19926f17b9061c9072fdce96afbd3f2bbecc6dfbdf9d9b3e1a621e65a7cdf0a97cb0223b220b39a88b7414ce91e5fb52f3c9c7e10199ffc8fad826d40a798ecaebbd8881c1605f986bb0af06f416280f63f3a3c28d399d13c21e6d79501cbbfcc9483a73a931e91358807fbebefd39b466cb9f251fa4fc7d5f4fd2d87d4604c9750593d3a801b963085ad7aaa91e023977742b728d292b046d0bd49f81717a686f10096e154681b85aeb81a26fa8f46bf3dfdf5dc7c7ca37aa3da37e53a105be5935640baff476453f53ffcf786894eac35d1933a5e97fb9b6d975f9fbe7914d09dc948d305005eb4aba3a9b8cdefb30dbb3300f46041db06567956ba4327280721addb17425a2b223e81bc41467cb413cebbe16818468eeb5b24b6cd79ec4787f693f3c301e5dd10747bea13bf042d6fde42d18c48fec0e3e43454799da1d5501130fc98917fed27d696ae85a39debdb67d5b3d70a82a2097095476e24211757626c91a29e917796766bc4016456c4acf0436b6c02055778ce7f34e605264f7d6d1321072c4ba341866ac6f78e9b99a30478eb7f09a17f4fb3e23184e878c2f60d2c18617185007841778c7c256750a287ec0bbdd20bd37ab50538e43a5929456d336fb46a04593765b2692ba15e7b71b97788970a7903e12088211098bd356132862a4d586508b4aac077d3acd4f77c67d9066b436d14b20d3e2870cb19cdad5581de2e08da761fc95755c43cf0dc2cff84e6a3a8fa2d0390fcfee285a133b37ac7b2fefd0d3665b1705784187e228579680be97982194329136fb72d8b61cdeaa88f3dfc835ae22167c0130529fe81043b0e1c3aebccb1f4aadc28cb484f850158504439d389d1e559ff424217dc031d422a8b7b51731db75dc541e16fed8fae14f58c1f9c8d0fb91a685245ba558c1aeb243aa728db51c3f3aa6d8f7a4a547b8d95018402283a59a45173e7696f02304954ebfb43c2215f180c8e47e433e5262e279fdb63405c81b0f128b7d6a095ff5f85690331d94d34923a3e8beef5cccbf7b208b2a0aa898f9a32b2f1bb55aca4eaaefcdf09acd871f4b88feb535be87dfdbb5ad45ff3c26a2765230011d90baa4b5d5baaac5519f9013c8fd497d57083403ee6eb0c4e23428cf3846bd34d69840d021196f9a9a4fc101016fe2d4fbf4ec23c11e9d737c5e6d2cc3da7e0981c00ea9df07ed88ab05b7821033b2d311f2fe0525176660d0a33b0eb23a57f5b1d41e2c1698ac7bfe5f59c27792f899fd39610052b705862e798a27084450edfccd180a13d8adf8072430e9305f41b0a67bd1784b6ba9450b1e872794e0b7b55b22a2f649f83270b98d0a0137694fec0d16ec2ebf37c72d9398d231a71e40c912428929a29a433dc0fdcb697f64e07540da92067b1b5a7735fb7fb8ac8da2591fa44b676bbaa32ef5e6cc11f1b2ab3b262d9bc4b2082e081ee50fe71def63cf6e2d588bb8d66a8daa8c8a30ca07d2956463e1affc76003e4bacc632cdeee50098fe80cd7485fefed6eab639d8c42a1357fefae5a5a779fad536474e3bdebf6aab699552e807ffd8a44030f439756748dee9ddf19a6cbf5f75307b03c5ef4185a31a41583fb4ca3699e06319371c5d932d6e5f4e1bf77c02c70564d2140f7510e183ba2fa7ead8a9b8cfb085a9d0fa7dbca7561bd9dc1e5c1a1da0322982ff29c0fa2cc33bea18646445cc59b44965a01570b7b739d730df8f1f2cfe3558e7102de13994d6745ef8f91965265fbe0d29c3f381e1eb9c63242962a4409ddb0a4946ef9ce5b0eda90f8365362681943247a0d87d9b7fbbdd26d4902be34068499b6e2ab2ea746634402e1065c8cb9c32a211d10fc2796f1a7045c59b9cbc4771dbf56a5c38303f93951194d06a1b8cce31dd4869a148ae90a797d09de168e47974ed9699eab3a6424781f481d03cf1046df28b454af02df72c0f56c693343a82f7f383afb3ac452200ff155444010f6c988de71e3fb6f079bc6ac2bfab6ff451242b7e3e70578b8206529816764206d47115cda77b3e356e54f825ec745017ea8c3dcb412523b754b951d19fc075ec66012cceff51da925af9079f547e840c3f2774239cce5fd6533f3ee8d194812de2d4499ef18c4bebfa8d7273307d7aa0ac09e6ebfd95ba99946a585a4bd4afef8bb0b52857e8415a32b42e0a9ccb0749599d7a43cec793b22c96b3de91534c905456b25a5972124b83c7d8f0520cd71c5544e49afab26cccacdb7e112f0af1acbcb2b68760c7538aa6c990814d7cf7bde5ddd618bfd55bfbdd968e53e28f94042fafa2796b5bf2d1be612c81dbafbf90b0728b4b06fe216aab91b8898780ab06cff75be5239c39ac836dbdb5482222e61ff5971ea492c5b5ef509720fc886f8a07a9232653d427d176574c99d65244f1618fdaab109f732e1e1295391a25f9b750c9761bbceb81d316d9f9dcd555afb762191b7e173f06a4d8f4d97ab88b9ae19f6c85c361b8b5cbe91a3493cae594063ed457f3be99772485b34d3308da4e751e58a14cf7c771d8e5be77f88c7567af095caae1eb83d259cea709ea5441047ce96f0e21faf89ed491bba5d0dcc6bc33a07237fbef2fe671447ce14e16a1cae4361938767ce65ecfe0c63e1261cce5fbf603a2537d21b50c9a3a3ed6a7cf112a0586a653b43f813912a226aa4722f7edaf8dda5553efb22721dc71924aa73bf232c2439b1d806d3beaf157442643c81ce2b551b82d63cbcd4195029e2f63aef127ed4df0bffd41665d86213512557ce90ee54fcd01078a6a19085bde6a0343595f540b1ff610bd7a5a2d695bdc5e508cbf544d15cf5920b3e405ef4e10e6651c5ffff039adde2f805143b78916188fec05cadac443c93447d23bb25b0a0cfc787754a20f7efcdee5798de939b758f238f15c23f2622b8ed682378017c8f251dda0261baa33c6262d42d6365e68e85d43a46d92aaf04acee203c09487755df49f07ea1129782b1be0feb6f011bb914266fe2cf5361c377fe33a491089f701ac61bcab2bfa3bbe8bf7b0b834dba1bf187ab78fca751b57f1bddfc670c80d83c34c3461d823d7762b45ff0accc3af21b38137276d4e4d7a5d0a075902865f17f084cfa94cc28f70ee7296e216401b172184df0e060dd61be91efcdbeb03b4a6699c88a16ebb18f3e938cb458a377e29a3f3cbdaaf121e278b691c02b6f0dc790510840b3970b1f905b421a1cb376043cc7511e70e94cc63941ed0f864b4118592878538e12e986b9abaaf2ed588ad5f0e5e0851ffc29ef21aed080eb6f35fa10052f27767d0ddf3fea5a08c14657d68a9c3e6cba422d93a6aff222c40eee9f3c9fcb03a310453b616a80c48646f7d196433736fedcfc2ff4fa1a43bf9f8fc0a0660cf9f79fd0d8e106591a2319cff5eb0a5be578d178e0e184a9eca92991ca63bf1e9c5b1c56dba3c836975a74d9eb9b763ce7c5dc753cde77fb2d048e3656a15f9aa7f9dea249c4a3dc0456b64533513e69861fcb9f4348d78acd5b8ce1f3c41271b8551ba4d5754fbb123862236bc94192a5306c29adb2b0b053cd7d4deaa1be6c61f75bca27b53765a7356dd34a48437d5e5b356d48db64749243fea9b1f44e4625fe7ce820dc9f1a6022d77198e6e917cd4f5e23622d5b3b2fafd4f9be0b85db21371f5d35c7c651a616a8351a02dbfa74f9d273a0eb7d2ab9fca254bd28509b3d6f5420108cabc42d9a5670779dfdfb78afe74cd87fdf8e3be937e6c6981eb88156f5cbc91e4b92f8d65a151ee3307cce381dc189c54a29d21c9fa9f512c50dbc9f1c0ddb43b6b10d5190b8169f9e06f7c60a2103c9c3fa3fe0d1cab8358cf4ddf95d5e26fbed636b2f1f474b7d10426afb5aa21948f7486e0df5275ffa6c091c46c3868703c4e30e1a15a8d27a708b6d5fa7d123f1524c221fb93b5f9f8d87b0286de38c6112a05d1f07706923b531e335db326ff756acf6cf9a5e5352953d112a842d7b2f05d296f644b01bca413f2686dbdea6b2cc6dd8115e22d832af742eb801ee61f6b90f93d227b694fe474385125801d6eb58867c15246faa6c0a1cae0b05f104fb2e97476c73a79185796e0c26bb1b59527aba4b79db6ec99f1650898b996e068329d17b94730cd6ab79a3d77d80e5ed78eecc7d680b5425231357f24c46fd01732052eb18737634915131c7ffcdb0b48a35d8761c402ff5b56aa1a9080b46836e4a888c86d7a260fb6cc2f3b9f68d52201531220bbfe0e7b2890a390acb33831fa1126b88dceb126a555181edbfa4680cadb08d38abe00c91980ce68ab58274ec28eaa697f8a4d7d6db744d8c9daac2035d40a5eb565e12c8be5c2bc1d725f713d45a03ac14ceaf91bb1c5dddcac87553b9d22e23d738742e3bf994412ab153f66ddea53a35c9ec19c555a49ae1aea112a70ddc10201258536ba93ae0dc7fb60d51ffbbe9e96eb8eeea6878e3784dcd686fc0db4516249cdfcb9f6d880fdcf8f86cdadd23ea7455b3b7e3a0e8affc9b61be59814f8e32175c869adaf7dbb5acb4c994e2269d2657011e8751c5c0e6e97e9eda4e8e6c309e842c8ea01c20de3c5f4f6372cc8cb7cdf2b0e3519155e4c662fc8572c36d9d3b7eb3ee19e985bfab9eb20e077c20dec4172e584357cc54f9cd49742e0b31d1fed87812f19efa9ae81ebebb021df0c280aa9790d2f1acb94b38f268ca7861b1da63cbb86daaeac3a5b067c86fc532a1db230a29578563f16dee5b4267f9d474c81c9ad762216452cb3a37c8ed44cbaab2e4b9a9583b134da3a64390fe5f76946879a1757d127e6e10b3b3042de48189350d844ede16134c770dba47cf56483cc14e2cfc93fc11f47cd33b06b720f531efdd1ff1254966b68fc46645ec3b45c2a60427e69ba1d710f25571522ba90622315f9f0cad33f8b1a1053a45aa07964892621ecc9256b7c4e21716e546c235fdb618f339b55c377a30b61a9add4e3b5657e3433a6feaff5b67ef34771ae6d04449b5228b6b99ce7237996b307613d14602d76f21a58a55cdc71a1f348ca18265634f094012bf4eae241df634d7424de578eb4c4199de382f2795c17eefa11ac2ad4625be7263373de4bbe189d42fa51953652d433323b9e6110f00c7cb44e4e7df1e6e1cc421c5cc5e78eac4009824d73b4bf0a0340ebd883acb90e928f6034d6a44edee021abc40726df358ef83429351f46aaf10b63b0a5f4c68bdf4e425f8ce7c6a8ad95dc4874836a56a298f586a602ad7b33350fabaacfda30b80210432dc6b59cb807d50782399624d624bbb5e759c09daec8ab3afbff204f62f94754e377cca96b00ba4842d52d8f12a5ce7d1dd81b760c1c5392f739d91f8bdc8c290090fc6e3221ee69abd2648b6c7a818e8a0d04ffd83464f7b26002e4d5614392848205fc0e766713e4c65f46ec2f9d221e98fdeaa5c329d8a0e7481690164fa1ad829ce9dd2eec2fe92231b33415c3f564161353ea7f823e3dc97c9e905f40d693082be719aff77b3b35a832ed3fc16e3bf57305fbabfbbadea1d33ece1f05ba482d3dcc391e0c709c02c335a6289a8deb035fd5b99edde61f0d936631e21251eb65c1dc23574a7a8f9ba8fd0b6c958ee146954cdab3daf90c17ffe92aef5390b4e19d32fef469e9e60ef8ea16af6b66dab7de1d6ddfeeb602cd69d8f32e4d5f06bfaebe7f000d62abc793ad34d77d1369c63785e93c2ff205769589011208ed6affc73dda9287bc8f4d9e27d33038b699431f56285f92fd9f02e78745fcdca4a4840dcfc307bf8f1806146d954ed5ccc8a66edf2179e2a5356624b3b30f8f78839ddc9940794acce40290e5eb73dbb52fe1c633e88d1492aedc69b351912a0890b63eda0d8756a5b7c47c740fcd73a0f419fa363fbf0cd3fcdd38f0fd055627932c998421f086ee0cbe0520b2f2fd6d38fce1575a2c90fef9f81aa23fc7c4c5625d6f46fbfd02ac31cd1620a92c43b7884e4a050e5ef5bb9b8f9825a159bb0370c828519ef71090e09ab43ff2bd2cc75563fb9073eadcfd869f0d9b6986e4320b1986ce3f19a3f5dce202f8c13757726e5d6a9fc9e2b0b357625362fb873709fb307ee51bc58494857fdd3811f6a8aee0086b0a62da4e327c698e5639e373567d5eefc76e0d6725272527cdbc01a2b40e7511ac986e32bb7e48558756dca3b944855fd9dfdbb2358a52e53769817cad50af13d8a5941c41f6bd121cb267acdc461c500855c6f6c0750367c62dd32fa41595a6070e728f1915bab951e5536ff8230a0608ac96c2e19a5c1415209a3774c091174f575bc937d544d495370294aaffc5e6be76364c7a212bbb4ec7f3bd38db75a159b68e2b3075ae6bb68ffa02e6bfb42553b505da20f133b2855572b7e6f8f3de240d9ab1ff32b3d9825f087774f4932024be806b78f059d4b3b40414df456aef405d1cffb2f3604834dae38932d830298df7045d404f005f5edf81061850808d4998f6ce80bc7569081765875d908d4b6a0edcb434317543a4f5954a5e0e5b7c4da75cb369e2810e2aebf950b973ad3380bca5d0de8311e59a6ed3f01d8f7c1b39060fddc7ac1febe659626ed7ad27dcee7b3d409b9f84e4f55ceb2e462f55627857f8c485c35c9abdc2fa87c4281365790ecdf1971f3a285ea0bb2038ae91d927729f4bf847bf0fc724b002cb029d2a57b89218bd4a763ab01902b7b48cb609cf3b9ad8fb568aef0ceff20c5def1a4faee11d33d304e2227b83f3ab06f0b9fa5502b1d9c6fe2a34bf9abb9a5b13928800149488cead47e48c754c75a061d5ea8a515f7f55611b0c048b88c9772ca4b1eb3d6fc931801990f1611e9b1171223527dceccfe8cfd72600a88a8486e088e21c30b997af1b60b55bc5443cecb18c2dcf54dbca3ac34f10ad2be9d755679519bb674b42904be579df62436bcf06de4cfd636d592840d674d11195edeb4dfe61370e9a9453378957fdecf2115ee008224fb8c97fcd051ddb1ed8d0419b950f2cd085bf1debaafb2a46cf65be863939cffde741797fdf64c17f3b447464be0e6bb90324c4c65b3cf66958a15d537a1675dffbc4e41f7a6c92ed27c5ef0dd0dcce6f96225b4e0ece510ce00f9611e395215e116026499dce3417cee3fbde0106b2a6fbd5937423124f6549c2206afc2ad1df5bedcc5e1371ed2b9f09f76576589450b09dd990811c59c3f848c1a4fccdfe686968903edffbc010eb73f55ac5a675fa3db70db12c826c8b7360617d8abeacefa6e2a8da62e4f304543cc9217fe1b0ec4fb044ca849802c4a140b91cc056d566c8670e4600941a54b2eb8643ff206c3401c0bd9838a025545227ae3e6bcb47fa3dcd1b40d8a0917f63744fb1ec2b72211c6cfda13248b2d0b4232e4fe7015cc42d4928f07ca9161640102f22236cca7ca3b81ffc81c4ff20532b5203e0d94771b8d0ec70e637135fdbb788fa8b4704e11d3c6083a45f51efd8560c0e63435516586aa82eaa998c140767d3ce35491e301c12f74583c61cd4d2ef1caa6fea3e353637cdeb3332d964155c9d32f826829a7174ab06c44e32063e46ce742b7027cffb8999302b602949c60496a0bf3c7cdf859d4ba51102674414867af614cffb88ac177dfbdb6131f7370dcb851002cec1742fb1561257716850c9ed3b075a6c023bcf05b5d580ac8e5d7ab7e5b1723212c681989e5f91958b635e0d076634584920c1b98d7f6ea0ddded6be9eb74de778b3c57c36b18e0c56c3a051014e09fac70ce6a7b0f042f5eeca8b8885e500bcb41f6fd974e5f6888859abdf3600706a3de9fce060c3069600c63106aff24210461c5d3423fa4e350041fd166902ad86bdba8cf965917f7e3ab019e1911d8013dad576465319c4e04b89b5ee1d07f54705718592d6aa453558294743daa8dba33159fb0e291829ac220562b007597e067e5f65841563673b69cc1d549f50e9efbdf256d797fe8c7d09596c167a45d", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0xfffffffffffffff5, 0xffffffff, {0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
readv(r0, &(0x7f0000000800)=[{&(0x7f00000021c0)=""/4096, 0x1000}, {&(0x7f00000031c0)=""/4096, 0x1000}], 0x2)
close(r0)

4.052010275s ago: executing program 2 (id=3447):
lsetxattr$system_posix_acl(0x0, &(0x7f0000000180)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000", @ANYRES32=r2, @ANYBLOB="800202000a000200577f0000aabb000020000e8005"], 0x48}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)
pselect6(0x40, &(0x7f0000000080)={0x4, 0xc000000000, 0xffffffffffffffff, 0x9, 0x100, 0x4, 0x8, 0x10001}, &(0x7f00000000c0)={0x2, 0x80000000, 0xffffffffffff447c, 0x10, 0x4, 0x1, 0x3, 0x7fffffff}, 0x0, &(0x7f0000000140), &(0x7f0000000200)={&(0x7f00000001c0)={[0x5e]}, 0x8})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x8004}, 0x80)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000080), 0x10)
listen(r6, 0x1)
accept4$llc(r6, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0x40384708, &(0x7f0000000040)={0x8, 0x1, 0x5, 0x3f, 0x1a, "3eccd25569e20900"})
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180))
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)

3.791918302s ago: executing program 0 (id=3448):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x60e82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

3.152188202s ago: executing program 1 (id=3449):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) (async)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee1, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) (async)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r6, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000080)=0x200000000) (async)
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000080)=0x200000000)
syz_usb_connect(0x5, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="120110017a953210ac0504c777620102030109022d0001080540040904270102fffd01000921e700070122b30409050c0200020103400905df02"], 0x0)
r9 = dup2(r5, r5)
ioctl$VHOST_VSOCK_SET_RUNNING(r9, 0x4004af61, &(0x7f0000000000)=0x5)
read$FUSE(r9, &(0x7f0000004d80)={0x2020}, 0x2020) (async)
read$FUSE(r9, &(0x7f0000004d80)={0x2020}, 0x2020)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
recvmmsg(r4, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f00000002c0)=""/99, 0x63}, {&(0x7f0000006800)=""/4097, 0x1001}, {&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/62, 0x3e}, {&(0x7f0000002580)=""/200, 0xc8}, {0x0}, {&(0x7f00000004c0)=""/126, 0x7e}, {&(0x7f0000002740)=""/82, 0x52}], 0x8, &(0x7f0000002840)=""/246, 0xf6}}, {{&(0x7f0000002940)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000029c0)=""/255, 0xff}, {&(0x7f0000000340)=""/23, 0x17}, {&(0x7f0000002ac0)=""/68, 0x44}], 0x3, &(0x7f0000002b40)=""/234, 0xea}, 0x6c}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/215, 0xd7}, 0xba5}, {{0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000005800)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/190, 0xbe}, {&(0x7f0000002f80)=""/100, 0x64}], 0x3, &(0x7f0000003040)=""/144, 0x90}, 0x9}], 0x4, 0x0, 0x0)

3.05211504s ago: executing program 3 (id=3450):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$kcm(0x29, 0x2, 0x0)
close(r1)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x5514, 0x0)
syz_io_uring_setup(0x196d, 0x0, 0x0, 0x0)
r2 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="2508040000000000000060a8b300"], 0x54}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={0x1}, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r4, &(0x7f00000003c0)='./bus/file0\x00', r4, &(0x7f0000000080)='./file0\x00', 0x5)
r5 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7b, &(0x7f0000000100)=<r6=>0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000500)={'ip6_vti0\x00', 0x0, 0x2f, 0xfd, 0x1, 0xf4d1, 0x11, @ipv4={'\x00', '\xff\xff', @empty}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x40, 0xfd3b, 0xfffffff7}})
io_destroy(r6)

2.865962321s ago: executing program 0 (id=3451):
syz_emit_ethernet(0x42, &(0x7f0000000f40)=ANY=[@ANYBLOB="8c4d58c4fbb85d10fe034402040e0005021e0307e076863a7518705532", @ANYRES16=0x0, @ANYBLOB="a6d1e8552214a41cdefe61257028efd7bbeb421fac036f849d8a3f2371ca64df188cf9fbf200fe68e05a0cee931d13bb91ee102cdd31e418063d61e6373f1778031c658ef30e68203549a70739072ac61f51e4b75957182d38caae69409b1541b84c8371e5e8a95751bc941f0280314b2338ca3040dddbea8062837ff2d9305d138a930401d7dea1e5e15ae1e25507a65481c9", @ANYBLOB="f47c8dd0beb989e18455785bdcf46f26d852cd0ef0f61c9f8b35249d3b9cb9d431daeb0b9e726345c327af3bb2b9c745665d88131d38664521b93383208c71567dc2cc7e7e1775405fe612293ef1c0da8818053afc8497da8b93c3a395d504dfeaad40bf94b1c0e99380c62d8456f8d89fb550954df3cf98a0acabb382c74cb159e885f9fc2a472872d6ad9539f77776c9f8a683f02b3a4dc4fb0b754a79f5d02bd16818e784ee4dcc"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x5, 0x0, 0x8000000, 0x1000, &(0x7f0000ffb000/0x1000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x105040)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000600)=@mangle={'mangle\x00', 0xc061, 0x6, 0x538, 0x0, 0x378, 0x0, 0x2a8, 0x2a8, 0x468, 0x468, 0x468, 0x468, 0x468, 0x6, 0x0, {[{{@ipv6={@mcast1, @mcast2, [], [], 'ip_vti0\x00', 'ip6_vti0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {0x0, 0x3a010000}, [@inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0, 0x0, {0x3000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {0x3}, 0xfff}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x0}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'veth0_to_team\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @ipv4=@empty, 0xff, 0x2d}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r5, 0x0, 0xb, &(0x7f0000000080)=0xffffe, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="0380c2000000bbbbbbbbbbbb0800450000380000000000019078ac1e0001ac1414aa030490781200183f2500000000680000000100007f0000017f0000010018f9b6ae9b1c03"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x2006c2, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000340)={0x28, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x78})
socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r8, 0x3b70, &(0x7f0000000440)={0x30})

2.752545442s ago: executing program 2 (id=3452):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, 0x0, 0x0, 0x4000880)
setsockopt$inet_msfilter(r0, 0x0, 0x29, 0x0, 0x0)
syz_emit_ethernet(0x6c, &(0x7f00000006c0)={@link_local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x800, [0x4]}, {}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x3600}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7}}}}}}}}, 0x0)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = syz_open_dev$sg(&(0x7f0000000240), 0x0, 0x391000)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f0000000040)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe2}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6fc40b5d175e86ac0b7a9fd7f1748af98902340eb3de6f89a6272ddc63ce532e270bc6cba3d229a96e108026bf64d48efc0435d52b40c578d3deb33677cf2ec5fadf9a784f2b2bdc8d978e9e1a788494631d094", 0xe3}, {&(0x7f0000002880)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cbf8fbaaec9647b07d0a4965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee425367bc33b71054226beb00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43ad50629f689703d478abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90b60b01f880c3acedd4a54014844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a9d94e235a7b129564e93cd73f6e4ed85bbf5b8193811d78883260630f2fd1c357747636890f515ab0a1e61b618cb3af02418eca8e402b83f543c6ed9d2fe910a7e", 0x118}, {&(0x7f0000000f00)="397d5f2edc82d0337ae5ab9ee47dc3e798cf69cfebf169e77257f308227094d569a4326954e50ea185bc6fff", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000003c0)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb306c7f77c8a00000000000000d037280699ca67e7143e46e0267c791d9ebf43d49dc561ceb279ff", 0x52}, {&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e661725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d70581691a79a4678db1e5e7fa1c98c5b9e4a87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c54e708601eae99200000062635399677c089645ecee7fdddf4f74597a84ed4f771ab273c5720d5cc397c0be582a0b23f749ff982cd036ac23aa6a072cfed3e03efb9f3f267516af3477a4d8caba0b615c1fa14f19d2cf694102c0d9dcc23d55940ea1d4ecbc7c54c342e9094a6c0e69514e6ded113af16d9d43f7ce", 0x143}, {&(0x7f0000000940)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf648c910000000000000000", 0x7b}, {&(0x7f0000000000)="bd2f6aa36cea0e62ac00a4539dd8028116", 0x11}], 0x4}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a81", 0x55}, {&(0x7f0000000500)="e47ecfc6ce6d4d9cc5a0fbf98f301803da3adfbec8a1d5324076b744b24bc7cf83120d4819726e827d90219c7100dc54801b32", 0x33}, {&(0x7f0000000840)="fbdd17a812c727337dc6c74dcb077562b57a440dbf7711ba245a62b7", 0x1c}], 0x3}}], 0x3, 0x0)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
ioctl$SG_SET_FORCE_PACK_ID(r3, 0x227b, &(0x7f0000000340))
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x46d, 0xc20a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)

2.582795547s ago: executing program 3 (id=3453):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
readv(r1, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, 0x0, 0x0)
writev(r3, &(0x7f0000000300), 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast1, @rand_addr=0x64010105, @empty}, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10)
write(0xffffffffffffffff, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000001000000", 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000001880)=<r7=>0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042})
io_uring_enter(r5, 0x92, 0x0, 0x0, 0x0, 0x0)

756.06125ms ago: executing program 3 (id=3454):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
r1 = semget$private(0x0, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
semctl$IPC_RMID(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x8})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
fchdir(0xffffffffffffffff)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r4, 0x0, 0x0, 0xc081)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, 0x0, 0x0)
r5 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r5, r3, 0x0, 0x80000000)
ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x85)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)='tmpfs\x00', 0x80003f, &(0x7f0000000300)='usrquota')

706.685492ms ago: executing program 4 (id=3455):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='stack\x00')
lseek(r0, 0x9, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0xfffffffffffffffe, 0x3, 0x0, 0x3, 0x6}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x15)
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca940a455e7a0deceb768f70a5c0125f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001", 0x58}], 0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet(0xa, 0x80000, 0x104)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000080)={{0x1, 0x3, 0x9, 0x3, 0x2}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

575.98251ms ago: executing program 3 (id=3456):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000000)='xprtrdma_err_vers\x00', 0xffffffffffffffff, 0x0, 0x200000000000}, 0x18)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x4001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
socket(0x1d, 0x4, 0x6)
socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000580)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file1'}, 0x3a}], [], 0x2f})

335.875037ms ago: executing program 3 (id=3457):
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x800452d2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000200), 0x2, 0x101182)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$SIOCAX25CTLCON(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, 0x0, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @default]})
syz_open_dev$vim2m(&(0x7f0000000180), 0x10000000000201, 0x2)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0xf0f041, 0x0, '\x00', @ptr=0x9}})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x7c}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xa, 0x0, &(0x7f00000002c0)="ae24a21f9a824666f9ac", 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f0000000180))

302.283596ms ago: executing program 0 (id=3458):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r0, 0x0, r3, 0x0, 0x39000, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8ca, 0x0)
fcntl$dupfd(r1, 0x0, r1)
read$FUSE(r2, &(0x7f00000033c0)={0x2020}, 0x2020)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$lock(r5, 0x6, &(0x7f0000002000)={0x1})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r5, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000000000003})
fcntl$lock(r5, 0x7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7fffffff})

161.660909ms ago: executing program 3 (id=3459):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000000)={{}, 'syz1\x00', 0xfffffffc})
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0)

0s ago: executing program 4 (id=3460):
r0 = syz_io_uring_setup(0x6df, &(0x7f0000000640)={0x0, 0xec2a, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000400)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r5=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000400)={r5}, &(0x7f0000000340)=0x8)

kernel console output (not intermixed with test programs):

2777'.
[  967.891252][T15280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2777'.
[  968.507456][T15285] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[  969.872909][T15292] netlink: 'syz.1.2782': attribute type 2 has an invalid length.
[  969.922613][ T5867] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  970.822606][ T5953] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  971.012612][ T5867] usb 3-1: device not accepting address 55, error -71
[  972.661557][ T5953] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  972.934065][ T5953] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  972.955668][T15320] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2790'.
[  972.991226][ T5953] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  973.013325][ T5953] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  973.022376][ T5953] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  973.064199][ T5953] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  973.104817][ T5953] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  973.124034][ T5953] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  973.142341][ T5953] usb 4-1: Product: syz
[  973.147105][ T5953] usb 4-1: Manufacturer: syz
[  973.189372][ T5953] cdc_wdm 4-1:1.0: skipping garbage
[  973.209109][ T5953] cdc_wdm 4-1:1.0: skipping garbage
[  973.222967][ T5953] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  973.232761][ T5953] cdc_wdm 4-1:1.0: Unknown control protocol
[  973.357674][T15326] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2793'.
[  973.542768][   T30] audit: type=1107 audit(1746134969.962:170): pid=15327 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='λ'
[  973.593283][T15330] FAULT_INJECTION: forcing a failure.
[  973.593283][T15330] name failslab, interval 1, probability 0, space 0, times 0
[  973.606287][T15330] CPU: 0 UID: 0 PID: 15330 Comm: syz.2.2794 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  973.606316][T15330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  973.606329][T15330] Call Trace:
[  973.606337][T15330]  <TASK>
[  973.606345][T15330]  dump_stack_lvl+0x189/0x250
[  973.606376][T15330]  ? lockdep_hardirqs_on+0x9c/0x150
[  973.606399][T15330]  ? __pfx_dump_stack_lvl+0x10/0x10
[  973.606444][T15330]  should_fail_ex+0x414/0x560
[  973.606481][T15330]  should_failslab+0xa8/0x100
[  973.606510][T15330]  __kmalloc_cache_noprof+0x70/0x3d0
[  973.606536][T15330]  ? __hw_addr_add_ex+0x1f4/0x770
[  973.606563][T15330]  __hw_addr_add_ex+0x1f4/0x770
[  973.606590][T15330]  dev_addr_init+0x14f/0x230
[  973.606615][T15330]  ? __pfx_dev_addr_init+0x10/0x10
[  973.606648][T15330]  alloc_netdev_mqs+0x2f3/0x11e0
[  973.606670][T15330]  ? __pfx_gprs_setup+0x10/0x10
[  973.606697][T15330]  gprs_attach+0x7a/0x540
[  973.606722][T15330]  pep_setsockopt+0x33d/0x4c0
[  973.606744][T15330]  ? __pfx_pep_setsockopt+0x10/0x10
[  973.606767][T15330]  ? sock_common_setsockopt+0x36/0xc0
[  973.606795][T15330]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  973.606828][T15330]  do_sock_setsockopt+0x257/0x3e0
[  973.606854][T15330]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  973.606874][T15330]  ? __fget_files+0x2a/0x420
[  973.606905][T15330]  ? __fget_files+0x3a0/0x420
[  973.606929][T15330]  ? __fget_files+0x2a/0x420
[  973.606981][T15330]  __x64_sys_setsockopt+0x18b/0x220
[  973.607008][T15330]  do_syscall_64+0xf6/0x210
[  973.607029][T15330]  ? asm_sysvec_call_function_single+0x1a/0x20
[  973.607048][T15330]  ? clear_bhb_loop+0x45/0xa0
[  973.607069][T15330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  973.607086][T15330] RIP: 0033:0x7faa22b8e969
[  973.607104][T15330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  973.607120][T15330] RSP: 002b:00007faa23970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  973.607140][T15330] RAX: ffffffffffffffda RBX: 00007faa22db6160 RCX: 00007faa22b8e969
[  973.607154][T15330] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000008
[  973.607164][T15330] RBP: 00007faa23970090 R08: 0000000000000004 R09: 0000000000000000
[  973.607176][T15330] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  973.607187][T15330] R13: 0000000000000000 R14: 00007faa22db6160 R15: 00007ffef2175118
[  973.607217][T15330]  </TASK>
[  974.496080][T15333] sp0: Synchronizing with TNC
[  977.026277][T10050] usb 4-1: USB disconnect, device number 51
[  977.073789][T15341] netlink: 'syz.2.2796': attribute type 2 has an invalid length.
[  980.247985][T15364] ip6erspan0: entered promiscuous mode
[  980.309659][T15369] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2802'.
[  980.331216][T15371] FAULT_INJECTION: forcing a failure.
[  980.331216][T15371] name failslab, interval 1, probability 0, space 0, times 0
[  980.362748][T15371] CPU: 1 UID: 0 PID: 15371 Comm: syz.4.2805 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  980.362778][T15371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  980.362792][T15371] Call Trace:
[  980.362800][T15371]  <TASK>
[  980.362809][T15371]  dump_stack_lvl+0x189/0x250
[  980.362845][T15371]  ? __pfx_dump_stack_lvl+0x10/0x10
[  980.362873][T15371]  ? __pfx__printk+0x10/0x10
[  980.362911][T15371]  ? __pfx___might_resched+0x10/0x10
[  980.362940][T15371]  ? fs_reclaim_acquire+0x7d/0x100
[  980.362967][T15371]  should_fail_ex+0x414/0x560
[  980.363004][T15371]  should_failslab+0xa8/0x100
[  980.363036][T15371]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  980.363065][T15371]  ? __d_alloc+0x31/0x6f0
[  980.363092][T15371]  __d_alloc+0x31/0x6f0
[  980.363120][T15371]  d_alloc_parallel+0xe0/0x14e0
[  980.363148][T15371]  ? stack_trace_save+0x9c/0xe0
[  980.363172][T15371]  ? smack_log+0xef/0x3f0
[  980.363210][T15371]  ? __pfx_d_alloc_parallel+0x10/0x10
[  980.363239][T15371]  ? __raw_spin_lock_init+0x45/0x100
[  980.363262][T15371]  ? __init_waitqueue_head+0xa9/0x150
[  980.363291][T15371]  __lookup_slow+0x116/0x3d0
[  980.363317][T15371]  ? __pfx___lookup_slow+0x10/0x10
[  980.363363][T15371]  lookup_one_len+0x1aa/0x310
[  980.363389][T15371]  ? __pfx_lookup_one_len+0x10/0x10
[  980.363412][T15371]  ? mntput+0x65/0xc0
[  980.363444][T15371]  start_creating+0x18d/0x310
[  980.363473][T15371]  debugfs_create_dir+0x28/0x420
[  980.363502][T15371]  ieee80211_debugfs_recreate_netdev+0x1a6/0x1460
[  980.363535][T15371]  ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10
[  980.363561][T15371]  ? ieee80211_do_open+0xf00/0x2390
[  980.363598][T15371]  ieee80211_if_change_type+0x156/0x990
[  980.363640][T15371]  ieee80211_change_iface+0xd5/0x510
[  980.363670][T15371]  cfg80211_change_iface+0x792/0xef0
[  980.363703][T15371]  nl80211_set_interface+0x773/0xaa0
[  980.363737][T15371]  ? __pfx_nl80211_set_interface+0x10/0x10
[  980.363768][T15371]  ? nl80211_pre_doit+0x4fb/0x930
[  980.363797][T15371]  genl_family_rcv_msg_doit+0x212/0x300
[  980.363833][T15371]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  980.363876][T15371]  ? bpf_lsm_capable+0x9/0x20
[  980.363901][T15371]  ? security_capable+0x7e/0x2e0
[  980.363934][T15371]  genl_rcv_msg+0x60e/0x790
[  980.363968][T15371]  ? __pfx_genl_rcv_msg+0x10/0x10
[  980.363992][T15371]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  980.364010][T15371]  ? __pfx_nl80211_set_interface+0x10/0x10
[  980.364029][T15371]  ? __pfx_nl80211_post_doit+0x10/0x10
[  980.364051][T15371]  ? ref_tracker_free+0x63a/0x7d0
[  980.364069][T15371]  ? __copy_skb_header+0xa7/0x550
[  980.364106][T15371]  netlink_rcv_skb+0x219/0x490
[  980.364127][T15371]  ? __pfx_genl_rcv_msg+0x10/0x10
[  980.364155][T15371]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  980.364204][T15371]  ? down_read+0x1ad/0x2e0
[  980.364232][T15371]  genl_rcv+0x28/0x40
[  980.364255][T15371]  netlink_unicast+0x758/0x8d0
[  980.364299][T15371]  netlink_sendmsg+0x805/0xb30
[  980.364318][T15371]  ? is_bpf_text_address+0x26/0x2b0
[  980.364354][T15371]  ? __pfx_netlink_sendmsg+0x10/0x10
[  980.364385][T15371]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  980.364406][T15371]  ? __pfx_netlink_sendmsg+0x10/0x10
[  980.364428][T15371]  __sock_sendmsg+0x219/0x270
[  980.364463][T15371]  ____sys_sendmsg+0x505/0x830
[  980.364494][T15371]  ? __pfx_____sys_sendmsg+0x10/0x10
[  980.364530][T15371]  ? import_iovec+0x74/0xa0
[  980.364560][T15371]  ___sys_sendmsg+0x21f/0x2a0
[  980.364588][T15371]  ? __pfx____sys_sendmsg+0x10/0x10
[  980.364662][T15371]  ? __fget_files+0x2a/0x420
[  980.364691][T15371]  ? __fget_files+0x3a0/0x420
[  980.364734][T15371]  __x64_sys_sendmsg+0x19b/0x260
[  980.364762][T15371]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  980.364807][T15371]  ? do_syscall_64+0xba/0x210
[  980.364835][T15371]  do_syscall_64+0xf6/0x210
[  980.364859][T15371]  ? clear_bhb_loop+0x45/0xa0
[  980.364885][T15371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.364904][T15371] RIP: 0033:0x7fdcb518e969
[  980.364922][T15371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.364939][T15371] RSP: 002b:00007fdcb6006038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  980.364960][T15371] RAX: ffffffffffffffda RBX: 00007fdcb53b5fa0 RCX: 00007fdcb518e969
[  980.364976][T15371] RDX: 000000000000c0c4 RSI: 0000200000000000 RDI: 0000000000000005
[  980.364988][T15371] RBP: 00007fdcb6006090 R08: 0000000000000000 R09: 0000000000000000
[  980.365001][T15371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  980.365013][T15371] R13: 0000000000000000 R14: 00007fdcb53b5fa0 R15: 00007fff64b4ae48
[  980.365047][T15371]  </TASK>
[  980.900498][T15373] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[  981.009802][   T30] audit: type=1326 audit(1746134977.512:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15376 comm="syz.3.2806" exe="/root/syz-executor" sig=9 arch=c000003e syscall=157 compat=0 ip=0x7f094298e969 code=0x0
[  981.231332][T15385] FAULT_INJECTION: forcing a failure.
[  981.231332][T15385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  981.259563][T15385] CPU: 0 UID: 0 PID: 15385 Comm: syz.3.2809 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  981.259593][T15385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  981.259606][T15385] Call Trace:
[  981.259614][T15385]  <TASK>
[  981.259623][T15385]  dump_stack_lvl+0x189/0x250
[  981.259658][T15385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  981.259685][T15385]  ? __pfx__printk+0x10/0x10
[  981.259727][T15385]  should_fail_ex+0x414/0x560
[  981.259762][T15385]  _copy_to_user+0x31/0xb0
[  981.259790][T15385]  simple_read_from_buffer+0xe1/0x170
[  981.259823][T15385]  proc_fail_nth_read+0x1df/0x250
[  981.259846][T15385]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  981.259869][T15385]  ? rw_verify_area+0x258/0x650
[  981.259894][T15385]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  981.259915][T15385]  vfs_read+0x1fd/0x980
[  981.259945][T15385]  ? __pfx___mutex_lock+0x10/0x10
[  981.259967][T15385]  ? __pfx_vfs_read+0x10/0x10
[  981.259994][T15385]  ? __fget_files+0x2a/0x420
[  981.260028][T15385]  ? __fget_files+0x3a0/0x420
[  981.260055][T15385]  ? __fget_files+0x2a/0x420
[  981.260093][T15385]  ksys_read+0x145/0x250
[  981.260121][T15385]  ? __pfx_ksys_read+0x10/0x10
[  981.260151][T15385]  ? do_syscall_64+0xba/0x210
[  981.260177][T15385]  do_syscall_64+0xf6/0x210
[  981.260200][T15385]  ? clear_bhb_loop+0x45/0xa0
[  981.260224][T15385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.260243][T15385] RIP: 0033:0x7f094298d37c
[  981.260260][T15385] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  981.260277][T15385] RSP: 002b:00007f0943895030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  981.260298][T15385] RAX: ffffffffffffffda RBX: 00007f0942bb5fa0 RCX: 00007f094298d37c
[  981.260313][T15385] RDX: 000000000000000f RSI: 00007f09438950a0 RDI: 0000000000000004
[  981.260325][T15385] RBP: 00007f0943895090 R08: 0000000000000000 R09: 0000000000000000
[  981.260337][T15385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  981.260348][T15385] R13: 0000000000000000 R14: 00007f0942bb5fa0 R15: 00007ffecd1b22d8
[  981.260379][T15385]  </TASK>
[  982.283108][T15393] netlink: 'syz.3.2811': attribute type 2 has an invalid length.
[  984.210569][T15398] xt_bpf: check failed: parse error
[  984.374756][T15409] o2cb: This node has not been configured.
[  984.380894][T15409] o2cb: Cluster check failed. Fix errors before retrying.
[  984.389273][T15409] (syz.3.2814,15409,0):user_dlm_register:674 ERROR: status = -22
[  984.398963][T15409] (syz.3.2814,15409,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[  984.944253][T14084] Bluetooth: hci5: command 0x0406 tx timeout
[  985.585426][T15420] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2818'.
[  985.653051][ T7236] usb 4-1: new full-speed USB device number 52 using dummy_hcd
[  986.251061][T15423] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2821'.
[  986.396932][T15425] block nbd0: server does not support multiple connections per device.
[  986.477858][T15425] block nbd0: shutting down sockets
[  986.568537][ T7236] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  986.580135][ T7236] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  986.729803][ T7236] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  987.122991][ T7236] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  987.132132][ T7236] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.182242][ T7236] usb 4-1: Product: syz
[  987.209341][T15435] netlink: 'syz.2.2824': attribute type 2 has an invalid length.
[  987.244279][ T7236] usb 4-1: Manufacturer: syz
[  988.057660][ T7236] usb 4-1: SerialNumber: syz
[  988.108411][ T7236] usb 4-1: config 0 descriptor??
[  988.736916][ T5953] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  988.935108][ T7236] usb 4-1: can't set config #0, error -71
[  988.971003][ T7236] usb 4-1: USB disconnect, device number 52
[  989.062625][ T5953] usb 2-1: Using ep0 maxpacket: 32
[  989.082226][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  989.142093][T15452] CIFS mount error: No usable UNC path provided in device string!
[  989.142093][T15452] 
[  989.172062][T15452] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  989.216686][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  989.446681][ T5953] usb 2-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[  989.456561][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  989.523971][ T5953] usb 2-1: config 0 descriptor??
[  989.604534][ T5953] usb 2-1: can't set config #0, error -71
[  989.670508][T15460] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[  989.672963][ T5953] usb 2-1: USB disconnect, device number 42
[  989.780772][T10044] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  990.093776][T10044] usb 1-1: Using ep0 maxpacket: 8
[  990.124306][T10044] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  990.162623][T10044] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[  990.195095][T10044] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  990.261679][T10044] usb 1-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[  990.303171][T10044] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  990.343079][T10044] usb 1-1: Product: syz
[  990.347290][T10044] usb 1-1: Manufacturer: syz
[  990.351878][T10044] usb 1-1: SerialNumber: syz
[  990.375192][T15463] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2831'.
[  990.429529][T10044] ti_usb_3410_5052 1-1:1.0: TI USB 3410 1 port adapter converter detected
[  990.746054][T15468] xt_bpf: check failed: parse error
[  992.278838][T10044] usb 1-1: USB disconnect, device number 7
[  993.164441][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  993.177931][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  995.517572][T15490] netlink: 'syz.0.2838': attribute type 2 has an invalid length.
[  996.060841][T15496] CIFS mount error: No usable UNC path provided in device string!
[  996.060841][T15496] 
[  996.209720][T15496] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  996.638813][T15502] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2842'.
[  996.650119][T15502] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2842'.
[  998.482731][T10044] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  998.513974][T15516] program syz.1.2847 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  998.678146][T10044] usb 3-1: Using ep0 maxpacket: 32
[  998.691136][T15521] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[  998.803951][T15522] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2846'.
[  998.813299][T15522] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2846'.
[  998.822580][T15522] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2846'.
[  998.831952][T15522] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2846'.
[  998.881910][T10044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  998.923552][T10044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  998.941088][T15526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2848'.
[  998.977444][T10044] usb 3-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[  999.173274][T10044] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.082166][T10044] usb 3-1: config 0 descriptor??
[ 1000.350055][T10044] usb 3-1: can't set config #0, error -71
[ 1000.361452][T10044] usb 3-1: USB disconnect, device number 57
[ 1000.562152][T15535] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2850'.
[ 1002.646545][T15545] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2854'.
[ 1002.685689][T15545] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2854'.
[ 1002.775595][T15547] cifs: Unknown parameter 'po'
[ 1003.292969][T15549] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2855'.
[ 1005.462975][T15567] xt_bpf: check failed: parse error
[ 1008.767428][T15581] ceph: No mds server is up or the cluster is laggy
[ 1009.082536][ T5872] libceph: connect (1)[c::]:6789 error -101
[ 1009.089531][ T5872] libceph: mon0 (1)[c::]:6789 connect error
[ 1009.775408][T15592] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2866'.
[ 1009.816082][T15588] FAULT_INJECTION: forcing a failure.
[ 1009.816082][T15588] name failslab, interval 1, probability 0, space 0, times 0
[ 1009.839306][T15592] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2866'.
[ 1009.856628][T15594] netlink: 'syz.1.2865': attribute type 9 has an invalid length.
[ 1009.865162][T15594] netlink: 212012 bytes leftover after parsing attributes in process `syz.1.2865'.
[ 1009.882666][T15588] CPU: 0 UID: 0 PID: 15588 Comm: syz.2.2862 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1009.882698][T15588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1009.882708][T15588] Call Trace:
[ 1009.882714][T15588]  <TASK>
[ 1009.882722][T15588]  dump_stack_lvl+0x189/0x250
[ 1009.882750][T15588]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1009.882783][T15588]  ? __pfx__printk+0x10/0x10
[ 1009.882805][T15588]  ? __lock_acquire+0xaac/0xd20
[ 1009.882829][T15588]  should_fail_ex+0x414/0x560
[ 1009.882862][T15588]  should_failslab+0xa8/0x100
[ 1009.882885][T15588]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1009.882906][T15588]  ? __alloc_skb+0x112/0x2d0
[ 1009.882925][T15588]  __alloc_skb+0x112/0x2d0
[ 1009.882943][T15588]  _sctp_make_chunk+0x5e/0x430
[ 1009.882960][T15588]  ? sched_clock_cpu+0x74/0x430
[ 1009.882983][T15588]  sctp_make_heartbeat+0xa7/0x470
[ 1009.883008][T15588]  ? __switch_to+0xd70/0x1600
[ 1009.883039][T15588]  ? __pfx_sctp_make_heartbeat+0x10/0x10
[ 1009.883079][T15588]  ? __lock_acquire+0xaac/0xd20
[ 1009.883109][T15588]  sctp_sf_do_prm_requestheartbeat+0x32/0x280
[ 1009.883131][T15588]  sctp_do_sm+0x1e4/0x5a20
[ 1009.883144][T15588]  ? __pfx_sctp_pname+0x10/0x10
[ 1009.883164][T15588]  ? rcu_is_watching+0x15/0xb0
[ 1009.883185][T15588]  ? trace_sched_exit_tp+0x38/0x120
[ 1009.883205][T15588]  ? __pfx_sctp_do_sm+0x10/0x10
[ 1009.883220][T15588]  ? __lock_acquire+0xaac/0xd20
[ 1009.883263][T15588]  ? do_raw_spin_lock+0x121/0x290
[ 1009.883281][T15588]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1009.883302][T15588]  sctp_primitive_REQUESTHEARTBEAT+0x98/0xc0
[ 1009.883329][T15588]  sctp_apply_peer_addr_params+0xdf/0x1880
[ 1009.883356][T15588]  sctp_setsockopt_peer_addr_params+0x678/0x940
[ 1009.883388][T15588]  sctp_setsockopt+0x709/0x1200
[ 1009.883408][T15588]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1009.883433][T15588]  do_sock_setsockopt+0x257/0x3e0
[ 1009.883452][T15588]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1009.883467][T15588]  ? __fget_files+0x2a/0x420
[ 1009.883493][T15588]  ? __fget_files+0x3a0/0x420
[ 1009.883513][T15588]  ? __fget_files+0x2a/0x420
[ 1009.883541][T15588]  __x64_sys_setsockopt+0x18b/0x220
[ 1009.883563][T15588]  do_syscall_64+0xf6/0x210
[ 1009.883580][T15588]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1009.883595][T15588]  ? clear_bhb_loop+0x45/0xa0
[ 1009.883613][T15588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.883627][T15588] RIP: 0033:0x7faa22b8e969
[ 1009.883642][T15588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1009.883655][T15588] RSP: 002b:00007faa23970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1009.883670][T15588] RAX: ffffffffffffffda RBX: 00007faa22db6160 RCX: 00007faa22b8e969
[ 1009.883681][T15588] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000006
[ 1009.883690][T15588] RBP: 00007faa23970090 R08: 000000000000009c R09: 0000000000000000
[ 1009.883699][T15588] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[ 1009.883708][T15588] R13: 0000000000000001 R14: 00007faa22db6160 R15: 00007ffef2175118
[ 1009.883731][T15588]  </TASK>
[ 1010.355167][T15596] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2868'.
[ 1010.692354][T15602] cifs: Unknown parameter 'po'
[ 1013.918425][T15622] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1014.909723][T15630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2871'.
[ 1015.605935][T15634] netlink: 'syz.1.2880': attribute type 9 has an invalid length.
[ 1015.626804][T15634] netlink: 212012 bytes leftover after parsing attributes in process `syz.1.2880'.
[ 1015.640080][T15638] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2879'.
[ 1015.640657][T15640] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2877'.
[ 1015.680316][T15640] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2877'.
[ 1015.864556][T15641] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2878'.
[ 1017.246060][T15647] vivid-000: disconnect
[ 1017.468869][T15644] vivid-000: reconnect
[ 1019.073799][T15658] 9pnet_fd: Insufficient options for proto=fd
[ 1019.387666][T15669] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2891'.
[ 1019.467502][T15670] xt_bpf: check failed: parse error
[ 1019.536556][T14084] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1019.546905][T14084] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1019.555542][T14084] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1019.582609][T14084] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1020.188001][T14084] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1020.334563][T15678] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2892'.
[ 1020.353628][T15678] ip6erspan0: entered promiscuous mode
[ 1020.458824][T15679] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2889'.
[ 1020.496076][T15680] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2892'.
[ 1022.617656][   T55] Bluetooth: hci1: command tx timeout
[ 1023.127058][T15703] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1023.232164][T15672] chnl_net:caif_netlink_parms(): no params data found
[ 1023.583649][T15716] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2901'.
[ 1023.749662][T15711] 9pnet_fd: Insufficient options for proto=fd
[ 1024.527567][T15724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2903'.
[ 1024.630995][T15724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2903'.
[ 1024.702738][   T55] Bluetooth: hci1: command tx timeout
[ 1026.220386][T15742] FAULT_INJECTION: forcing a failure.
[ 1026.220386][T15742] name failslab, interval 1, probability 0, space 0, times 0
[ 1026.896480][   T55] Bluetooth: hci1: command tx timeout
[ 1027.195535][T15742] CPU: 1 UID: 0 PID: 15742 Comm: syz.4.2907 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1027.195564][T15742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1027.195575][T15742] Call Trace:
[ 1027.195583][T15742]  <TASK>
[ 1027.195591][T15742]  dump_stack_lvl+0x189/0x250
[ 1027.195626][T15742]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1027.195653][T15742]  ? __pfx__printk+0x10/0x10
[ 1027.195689][T15742]  ? __pfx___might_resched+0x10/0x10
[ 1027.195723][T15742]  should_fail_ex+0x414/0x560
[ 1027.195759][T15742]  should_failslab+0xa8/0x100
[ 1027.195791][T15742]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1027.195821][T15742]  ? __alloc_skb+0x112/0x2d0
[ 1027.195845][T15742]  __alloc_skb+0x112/0x2d0
[ 1027.195870][T15742]  netlink_sendmsg+0x5c6/0xb30
[ 1027.195890][T15742]  ? is_bpf_text_address+0x26/0x2b0
[ 1027.195926][T15742]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1027.195956][T15742]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1027.195977][T15742]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1027.195999][T15742]  __sock_sendmsg+0x219/0x270
[ 1027.196032][T15742]  ____sys_sendmsg+0x505/0x830
[ 1027.196061][T15742]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1027.196096][T15742]  ? import_iovec+0x74/0xa0
[ 1027.196124][T15742]  ___sys_sendmsg+0x21f/0x2a0
[ 1027.196150][T15742]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1027.196206][T15742]  ? __fget_files+0x2a/0x420
[ 1027.196234][T15742]  ? __fget_files+0x3a0/0x420
[ 1027.196275][T15742]  __x64_sys_sendmsg+0x19b/0x260
[ 1027.196303][T15742]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1027.196356][T15742]  ? do_syscall_64+0xba/0x210
[ 1027.196385][T15742]  do_syscall_64+0xf6/0x210
[ 1027.196410][T15742]  ? clear_bhb_loop+0x45/0xa0
[ 1027.196434][T15742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1027.196454][T15742] RIP: 0033:0x7fdcb518e969
[ 1027.196473][T15742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1027.196490][T15742] RSP: 002b:00007fdcb6006038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1027.196511][T15742] RAX: ffffffffffffffda RBX: 00007fdcb53b5fa0 RCX: 00007fdcb518e969
[ 1027.196527][T15742] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1027.196539][T15742] RBP: 00007fdcb6006090 R08: 0000000000000000 R09: 0000000000000000
[ 1027.196552][T15742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1027.196564][T15742] R13: 0000000000000000 R14: 00007fdcb53b5fa0 R15: 00007fff64b4ae48
[ 1027.196596][T15742]  </TASK>
[ 1027.569129][T15672] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1027.652912][T15672] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1027.675935][T15744] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[ 1027.735594][T15672] bridge_slave_0: entered allmulticast mode
[ 1028.005545][T15672] bridge_slave_0: entered promiscuous mode
[ 1028.019359][T15672] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1028.029573][T15672] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1028.039902][T15672] bridge_slave_1: entered allmulticast mode
[ 1028.050524][T15672] bridge_slave_1: entered promiscuous mode
[ 1028.136564][T15752] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.2911'.
[ 1028.407565][T15754] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1028.976714][T15672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1029.102641][   T55] Bluetooth: hci1: command tx timeout
[ 1029.175829][T15672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1029.200753][T15759] netlink: 'syz.2.2912': attribute type 9 has an invalid length.
[ 1029.213123][T15759] netlink: 212012 bytes leftover after parsing attributes in process `syz.2.2912'.
[ 1029.449220][T15672] team0: Port device team_slave_0 added
[ 1029.479198][T15672] team0: Port device team_slave_1 added
[ 1029.611840][T15672] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1029.640707][T15672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1029.671374][T15768] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2915'.
[ 1029.703208][T15672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1029.721422][T15672] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1029.734725][T15672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1029.767674][T15672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1029.780596][T15771] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2915'.
[ 1029.802411][T15768] ip6erspan0: entered promiscuous mode
[ 1029.884759][T15772] xt_bpf: check failed: parse error
[ 1030.083293][T15672] hsr_slave_0: entered promiscuous mode
[ 1030.097118][T15672] hsr_slave_1: entered promiscuous mode
[ 1030.118663][T15672] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1030.642601][T15672] Cannot create hsr debugfs directory
[ 1031.939740][T15788] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2920'.
[ 1031.989788][T15788] netlink: 'syz.4.2920': attribute type 3 has an invalid length.
[ 1032.093696][T15790] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1032.101556][T15790] IPv6: NLM_F_CREATE should be set when creating new route
[ 1032.108908][T15790] IPv6: NLM_F_CREATE should be set when creating new route
[ 1032.574318][T15798] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1032.676487][T15800] MTD: Couldn't look up 'Ÿë
': -2
[ 1034.158687][T15672] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1034.175441][T15672] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1034.271912][T10050] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[ 1034.289313][T15672] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1034.318171][T15672] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1034.371477][T15810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2926'.
[ 1034.386648][T15810] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2926'.
[ 1034.460728][T10050] usb 5-1: Using ep0 maxpacket: 16
[ 1034.469680][T15672] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1034.486483][T10050] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1034.497980][T15672] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1034.501942][T15812] netlink: 'syz.0.2927': attribute type 9 has an invalid length.
[ 1034.525978][T10050] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1034.526051][T15812] netlink: 212012 bytes leftover after parsing attributes in process `syz.0.2927'.
[ 1034.535775][T10050] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1034.563390][T10050] usb 5-1: Product: syz
[ 1034.567792][T10050] usb 5-1: Manufacturer: syz
[ 1034.573051][T15814] vcan0: entered allmulticast mode
[ 1034.579146][T10050] usb 5-1: SerialNumber: syz
[ 1034.589201][T10050] usb 5-1: config 0 descriptor??
[ 1034.599082][T15814] vcan0 (unregistering): left allmulticast mode
[ 1034.618447][T10050] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1034.649229][T10050] em28xx 5-1:0.0: DVB interface 0 found: bulk
[ 1034.662058][T15672] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1034.685123][T15672] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1035.869442][T10050] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1036.087906][T15824] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2930'.
[ 1036.097794][T15824] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2930'.
[ 1036.443852][T10050] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1036.451921][T10050] em28xx 5-1:0.0: board has no eeprom
[ 1037.101821][T15672] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1037.126472][T15672] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1037.197253][T15672] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1037.222652][T15802] em28xx 5-1:0.0: read from i2c device at 0x0 failed with unknown error (status=1)
[ 1037.304316][T15672] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1038.143783][T10050] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1038.162353][T10050] em28xx 5-1:0.0: dvb set to bulk mode.
[ 1038.271246][T10043] em28xx 5-1:0.0: Binding DVB extension
[ 1038.416795][T10050] usb 5-1: USB disconnect, device number 46
[ 1038.427041][T10050] em28xx 5-1:0.0: Disconnecting em28xx
[ 1038.655940][T15672] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1038.741200][T10043] em28xx 5-1:0.0: Registering input extension
[ 1038.783644][T10050] em28xx 5-1:0.0: Closing input extension
[ 1038.801173][T15672] 8021q: adding VLAN 0 to HW filter on device team0
[ 1039.054178][T10050] em28xx 5-1:0.0: Freeing device
[ 1039.086135][ T6725] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1039.093363][ T6725] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1039.166577][ T6725] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1039.173817][ T6725] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1040.892754][T15855] fuse: Unknown parameter '°( õF¨O¶ïÀ0x0000000000000003'
[ 1041.196026][T15672] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1041.352872][T15672] veth0_vlan: entered promiscuous mode
[ 1041.363797][T15867] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1041.469917][T15672] veth1_vlan: entered promiscuous mode
[ 1041.576189][T15870] xt_bpf: check failed: parse error
[ 1041.585391][T15672] veth0_macvtap: entered promiscuous mode
[ 1041.605889][T15672] veth1_macvtap: entered promiscuous mode
[ 1041.669537][T15672] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1041.729388][T15672] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1041.777244][T15672] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.817341][T15672] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.842572][T15672] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.867960][T15672] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1042.089030][ T6015] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1042.115928][ T6015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1042.758920][ T6725] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1042.787998][ T6725] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1042.912243][T15878] netlink: 'syz.1.2942': attribute type 2 has an invalid length.
[ 1049.426205][T15929] fuse: Bad value for 'group_id'
[ 1049.460661][T15929] fuse: Bad value for 'group_id'
[ 1049.481982][T15929] netlink: 'syz.0.2956': attribute type 1 has an invalid length.
[ 1049.577677][T15929] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1049.730678][T15931] bond1: (slave veth0_to_bond): Enslaving as an active interface with a down link
[ 1049.754551][T15929] vlan2: entered allmulticast mode
[ 1049.761290][T15929] veth1: entered allmulticast mode
[ 1049.776983][T15929] veth1: entered promiscuous mode
[ 1049.793676][T15929] veth1: left promiscuous mode
[ 1049.828419][T15929] bond1: (slave vlan2): making interface the new active one
[ 1049.893500][T15929] veth1: entered promiscuous mode
[ 1049.924411][T15929] vlan2: entered promiscuous mode
[ 1049.960994][T15929] bond1: (slave vlan2): Enslaving as an active interface with an up link
[ 1050.371138][T15937] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input25
[ 1050.523439][T15940] xt_bpf: check failed: parse error
[ 1050.903034][ T5867] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1051.062745][ T5867] usb 1-1: device descriptor read/64, error -71
[ 1051.382602][ T5867] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1051.542733][ T5867] usb 1-1: device descriptor read/64, error -71
[ 1051.697014][ T5867] usb usb1-port1: attempt power cycle
[ 1051.868318][T15956] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1052.158494][ T5867] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1052.203280][ T5867] usb 1-1: device descriptor read/8, error -71
[ 1052.564451][ T5867] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1052.856276][ T5867] usb 1-1: device descriptor read/8, error -71
[ 1053.415513][ T5867] usb usb1-port1: unable to enumerate USB device
[ 1053.727002][T15970] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2965'.
[ 1053.743342][T15970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2965'.
[ 1054.527174][T15978] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1054.553956][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.554018][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.652686][ T5867] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1054.783804][ T5867] usb 4-1: device descriptor read/64, error -71
[ 1055.034098][ T5867] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 1055.207036][ T5867] usb 4-1: device descriptor read/64, error -71
[ 1055.353891][ T5867] usb usb4-port1: attempt power cycle
[ 1055.879281][ T5867] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 1055.943548][ T5867] usb 4-1: device descriptor read/8, error -71
[ 1056.334159][T16008] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1057.463435][T16017] xt_bpf: check failed: parse error
[ 1058.538533][T16023] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2981'.
[ 1058.581541][T16023] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2981'.
[ 1061.638519][T16049] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2988'.
[ 1061.647845][T16049] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2988'.
[ 1061.657284][T16049] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2988'.
[ 1061.667420][T16049] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2988'.
[ 1063.497070][T16063] vivid-000: disconnect
[ 1064.286307][T16057] vivid-000: reconnect
[ 1064.577325][T16071] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2996'.
[ 1064.630237][T16071] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2996'.
[ 1064.644450][   T30] audit: type=1804 audit(1746135061.142:172): pid=16069 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.2994" name="/newroot/583/file0" dev="tmpfs" ino=3079 res=1 errno=0
[ 1064.708642][T16069] ref_ctr_offset mismatch. inode: 0xc07 offset: 0x0 ref_ctr_offset(old): 0x200000000280 ref_ctr_offset(new): 0x200000000200
[ 1064.747087][T16069] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: 0, delta: -1
[ 1064.768836][T16069] ref_ctr decrement failed for inode: 0xc07 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88807f9a3200
[ 1064.800594][T16069] uprobe: syz.4.2994:16069 failed to unregister, leaking uprobe
[ 1065.324669][ T1338] vlan2: left promiscuous mode
[ 1065.383957][T16086] xt_bpf: check failed: parse error
[ 1065.564682][T16083] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1065.984259][T16090] cifs: Unknown parameter 'po'
[ 1067.055444][T16106] vivid-000: disconnect
[ 1067.273593][T16101] vivid-000: reconnect
[ 1068.307218][T16111] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3007'.
[ 1068.328729][T16109] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3008'.
[ 1068.339914][T16111] vlan2: entered promiscuous mode
[ 1068.345122][T16111] bridge0: entered promiscuous mode
[ 1068.565318][T16113] netlink: 'syz.4.3009': attribute type 10 has an invalid length.
[ 1068.925478][T16119] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3013'.
[ 1068.953967][T16119] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3013'.
[ 1071.328894][T16150] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3020'.
[ 1071.552734][T16159] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3024'.
[ 1071.969738][T16172] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3027'.
[ 1072.002139][T16172] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3027'.
[ 1074.136923][T16190] FAULT_INJECTION: forcing a failure.
[ 1074.136923][T16190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1074.150353][T16190] CPU: 0 UID: 0 PID: 16190 Comm: syz.0.3033 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1074.150381][T16190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1074.150414][T16190] Call Trace:
[ 1074.150422][T16190]  <TASK>
[ 1074.150430][T16190]  dump_stack_lvl+0x189/0x250
[ 1074.150461][T16190]  ? __lock_acquire+0xaac/0xd20
[ 1074.150491][T16190]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1074.150526][T16190]  ? __pfx__printk+0x10/0x10
[ 1074.150558][T16190]  ? __might_fault+0xb0/0x130
[ 1074.150601][T16190]  should_fail_ex+0x414/0x560
[ 1074.150637][T16190]  _copy_from_user+0x2d/0xb0
[ 1074.150665][T16190]  get_itimerspec64+0xa1/0x2f0
[ 1074.150703][T16190]  ? __pfx_get_itimerspec64+0x10/0x10
[ 1074.150744][T16190]  __x64_sys_timerfd_settime+0x12f/0x220
[ 1074.150769][T16190]  ? __pfx___x64_sys_timerfd_settime+0x10/0x10
[ 1074.150812][T16190]  do_syscall_64+0xf6/0x210
[ 1074.150836][T16190]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1074.150856][T16190]  ? clear_bhb_loop+0x45/0xa0
[ 1074.150882][T16190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1074.150901][T16190] RIP: 0033:0x7f04add8e969
[ 1074.150920][T16190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1074.150939][T16190] RSP: 002b:00007f04aeb53038 EFLAGS: 00000246 ORIG_RAX: 000000000000011e
[ 1074.150961][T16190] RAX: ffffffffffffffda RBX: 00007f04adfb6160 RCX: 00007f04add8e969
[ 1074.150976][T16190] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffffffffffffffff
[ 1074.150988][T16190] RBP: 00007f04aeb53090 R08: 0000000000000000 R09: 0000000000000000
[ 1074.151001][T16190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1074.151012][T16190] R13: 0000000000000001 R14: 00007f04adfb6160 R15: 00007fff096b35e8
[ 1074.151044][T16190]  </TASK>
[ 1075.387969][T16196] xt_bpf: check failed: parse error
[ 1077.921730][T16213] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3038'.
[ 1078.627534][T16221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3041'.
[ 1078.663729][T16221] dummy0: entered promiscuous mode
[ 1078.681327][T16227] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3041'.
[ 1078.705709][T16221] macvtap1: entered promiscuous mode
[ 1078.938434][T16221] macvtap1: entered allmulticast mode
[ 1078.956197][T16221] dummy0: entered allmulticast mode
[ 1079.174230][T16226] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3043'.
[ 1079.298667][T16227] dummy0: left allmulticast mode
[ 1079.441962][T16227] dummy0: left promiscuous mode
[ 1080.114706][T16239] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1080.504262][T16249] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3050'.
[ 1081.777250][T10047] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[ 1081.926534][T16262] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1082.079195][T10047] usb 5-1: Using ep0 maxpacket: 16
[ 1082.086810][T10047] usb 5-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1082.096151][T10047] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1082.111308][T10047] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1082.157989][T10047] usb 5-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1082.176670][T10047] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.212363][T10047] usb 5-1: Product: syz
[ 1082.225484][T10047] usb 5-1: Manufacturer: syz
[ 1082.239603][T10047] usb 5-1: SerialNumber: syz
[ 1082.269748][T10047] usb 5-1: config 0 descriptor??
[ 1082.489408][T16252] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3052'.
[ 1082.531632][T16252] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3052'.
[ 1082.641854][T10047] usb 5-1: USB disconnect, device number 47
[ 1084.952883][T16287] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3063'.
[ 1086.153938][T16302] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[ 1087.244109][T16303] veth0_to_team: entered promiscuous mode
[ 1087.250100][T16303] veth0_to_team: entered allmulticast mode
[ 1087.767022][T14609] usb 2-1: new low-speed USB device number 43 using dummy_hcd
[ 1088.162596][ T5867] usb 4-1: new full-speed USB device number 57 using dummy_hcd
[ 1088.309626][T16335] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3076'.
[ 1088.566298][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1089.372043][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1089.404613][ T5867] usb 4-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[ 1089.430134][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.475152][ T5867] usb 4-1: config 0 descriptor??
[ 1089.749458][T16344] netlink: 24032 bytes leftover after parsing attributes in process `syz.0.3080'.
[ 1089.785050][T16344] netlink: 104088 bytes leftover after parsing attributes in process `syz.0.3080'.
[ 1089.815209][ T3528] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1089.846266][T16344] netlink: 24032 bytes leftover after parsing attributes in process `syz.0.3080'.
[ 1089.855812][ T3528] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.904518][ T5867] elecom 0003:056E:011C.000C: hidraw0: USB HID v0.00 Device [HID 056e:011c] on usb-dummy_hcd.3-1/input0
[ 1089.990089][T16348] sctp: [Deprecated]: syz.1.3081 (pid 16348) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1089.990089][T16348] Use struct sctp_sack_info instead
[ 1090.119768][T16327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1090.623383][T16327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1090.804134][ T3528] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1090.846066][ T3528] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.863949][T14609] usb 4-1: USB disconnect, device number 57
[ 1090.884137][T14084] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1090.894014][T14084] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1090.904283][T14084] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1090.913453][T14084] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1090.923031][T14084] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1091.720139][T16371] netlink: 'syz.3.3084': attribute type 10 has an invalid length.
[ 1091.754516][T10047] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1091.765838][ T3528] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1091.815873][ T3528] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1091.925506][T10047] usb 1-1: device descriptor read/64, error -71
[ 1091.969542][T16371] team0: Port device wlan1 added
[ 1092.224896][ T3528] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1092.270551][ T3528] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1093.091053][T10047] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1093.097578][T14084] Bluetooth: hci0: command tx timeout
[ 1093.264399][T10047] usb 1-1: device descriptor read/64, error -71
[ 1093.605737][T10047] usb usb1-port1: attempt power cycle
[ 1093.959572][T16395] netlink: 'syz.3.3091': attribute type 1 has an invalid length.
[ 1093.972722][T10047] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1094.021357][T16397] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3091'.
[ 1094.023083][T10047] usb 1-1: device descriptor read/8, error -71
[ 1094.062141][T16395] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1094.130453][T16397] bond1: entered promiscuous mode
[ 1094.138577][T16397] bond1: entered allmulticast mode
[ 1094.198940][T16403] sctp: [Deprecated]: syz.1.3092 (pid 16403) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1094.198940][T16403] Use struct sctp_sack_info instead
[ 1094.284051][T10047] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1094.817839][T10047] usb 1-1: device descriptor read/8, error -71
[ 1094.935415][T10047] usb usb1-port1: unable to enumerate USB device
[ 1095.183169][T14084] Bluetooth: hci0: command 0x041b tx timeout
[ 1096.792877][T14609] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 1096.962862][T14609] usb 4-1: Using ep0 maxpacket: 32
[ 1096.997783][T14609] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1097.041896][T14609] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1097.056091][T14609] usb 4-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1097.069503][T14609] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.140103][T14609] usb 4-1: config 0 descriptor??
[ 1097.264901][   T55] Bluetooth: hci0: command 0x041b tx timeout
[ 1097.372824][T14609] usbhid 4-1:0.0: can't add hid device: -71
[ 1097.382048][T14609] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1097.393614][T14609] usb 4-1: USB disconnect, device number 58
[ 1097.495092][ T3528] bond0 (unregistering): Released all slaves
[ 1097.546596][ T5872] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1097.902747][ T5872] usb 2-1: Using ep0 maxpacket: 32
[ 1097.938770][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1098.585464][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1098.596390][ T5872] usb 2-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1098.636218][ T3528] tipc: Left network mode
[ 1098.650232][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1098.661916][ T5872] usb 2-1: config 0 descriptor??
[ 1098.952238][ T5872] usbhid 2-1:0.0: can't add hid device: -71
[ 1098.982720][ T5872] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1099.023033][ T5872] usb 2-1: USB disconnect, device number 44
[ 1099.411421][T16354] chnl_net:caif_netlink_parms(): no params data found
[ 1099.892640][   T55] Bluetooth: hci0: command 0x041b tx timeout
[ 1102.460128][   T55] Bluetooth: hci0: command 0x041b tx timeout
[ 1102.522576][T10024] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1102.823562][ T3528] hsr_slave_0: left promiscuous mode
[ 1102.842586][T10024] usb 4-1: Using ep0 maxpacket: 32
[ 1102.849805][ T3528] hsr_slave_1: left promiscuous mode
[ 1102.874140][T10024] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1102.916812][T16483] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3109'.
[ 1102.926215][T16483] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3109'.
[ 1102.935516][T16483] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3109'.
[ 1102.945519][T16483] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3109'.
[ 1103.099602][T10024] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1103.415078][T10024] usb 4-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1103.512800][T10024] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1103.554288][T10024] usb 4-1: config 0 descriptor??
[ 1103.562155][ T3528] veth1_macvtap: left promiscuous mode
[ 1103.715990][T10024] usb 4-1: can't set config #0, error -71
[ 1103.722592][ T3528] veth0_macvtap: left promiscuous mode
[ 1103.728340][ T3528] veth1_vlan: left promiscuous mode
[ 1103.735839][T10024] usb 4-1: USB disconnect, device number 59
[ 1103.747843][ T3528] veth0_vlan: left promiscuous mode
[ 1103.756279][T15294] udevd[15294]: setting mode of /dev/bus/usb/004/059 to 020664 failed: No such file or directory
[ 1103.768188][T15294] udevd[15294]: setting owner of /dev/bus/usb/004/059 to uid=0, gid=0 failed: No such file or directory
[ 1105.266018][T16498] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[ 1105.273006][T16498] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1105.281906][T16498] vhci_hcd vhci_hcd.0: Device attached
[ 1105.879060][T16503] vhci_hcd: connection closed
[ 1105.880632][   T62] vhci_hcd: stop threads
[ 1105.890729][   T62] vhci_hcd: release socket
[ 1105.898562][   T62] vhci_hcd: disconnect device
[ 1105.959385][T10050] usb 40-1: enqueue for inactive port 0
[ 1106.933435][T16516] CIFS mount error: No usable UNC path provided in device string!
[ 1106.933435][T16516] 
[ 1106.947487][T16516] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1107.196613][T10050] usb usb40-port1: attempt power cycle
[ 1107.763003][T16526] syz.1.3119: attempt to access beyond end of device
[ 1107.763003][T16526] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1107.781691][T16526] hpfs: hpfs_map_sector(): read error
[ 1107.821119][T10050] usb usb40-port1: unable to enumerate USB device
[ 1108.877972][T16509] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3116'.
[ 1109.128247][T16534] netlink: 'syz.3.3120': attribute type 1 has an invalid length.
[ 1109.207401][T16354] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1109.252695][T16354] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1109.260018][T16354] bridge_slave_0: entered allmulticast mode
[ 1109.290673][T16354] bridge_slave_0: entered promiscuous mode
[ 1109.338362][T16544] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3120'.
[ 1109.425445][T16534] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1109.479596][T16354] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1109.499821][T16354] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1110.229767][T16354] bridge_slave_1: entered allmulticast mode
[ 1110.247408][T16547] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3124'.
[ 1110.258959][T16547] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3124'.
[ 1110.268266][T16547] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3124'.
[ 1110.277551][T16547] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3124'.
[ 1110.435400][T16354] bridge_slave_1: entered promiscuous mode
[ 1110.729269][T16544] bond2: entered promiscuous mode
[ 1110.752508][T16544] bond2: entered allmulticast mode
[ 1111.145984][T16354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1112.671710][T16562] CIFS mount error: No usable UNC path provided in device string!
[ 1112.671710][T16562] 
[ 1112.700951][T16562] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1112.925812][T16354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1113.056969][T16575] netlink: 'syz.0.3130': attribute type 2 has an invalid length.
[ 1114.802416][T16599] netlink: 'syz.2.3135': attribute type 1 has an invalid length.
[ 1114.806112][T16581] vlan3: entered promiscuous mode
[ 1114.841859][T16581] vlan3: entered allmulticast mode
[ 1114.871149][T16581] bridge0: entered allmulticast mode
[ 1114.889063][T16602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3135'.
[ 1114.916706][T16354] team0: Port device team_slave_0 added
[ 1114.968145][T16354] team0: Port device team_slave_1 added
[ 1115.112424][T16599] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1115.491912][T16354] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1115.518638][T16354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1115.769400][T16354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1115.882783][T16354] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1115.989727][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.997520][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.012102][T16354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1116.946343][T16354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1117.280337][T16354] hsr_slave_0: entered promiscuous mode
[ 1117.525159][T16354] hsr_slave_1: entered promiscuous mode
[ 1120.186770][T10044] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 1120.352681][T10044] usb 3-1: Using ep0 maxpacket: 8
[ 1120.360230][T10044] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1120.476674][T10044] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1120.534925][T10044] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1120.919604][T10044] usb 3-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1121.053356][T10044] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1121.412541][T10044] usb 3-1: Product: syz
[ 1121.417493][T10044] usb 3-1: Manufacturer: syz
[ 1121.458159][T10044] usb 3-1: SerialNumber: syz
[ 1121.657741][T16668] overlayfs: overlapping lowerdir path
[ 1121.746464][T10044] ti_usb_3410_5052 3-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1124.467697][T10047] usb 3-1: USB disconnect, device number 58
[ 1124.589025][T16697] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3152'.
[ 1124.623790][T16697] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3152'.
[ 1125.391940][T16702] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3151'.
[ 1125.706749][T16702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3151'.
[ 1125.812641][T16708] CIFS mount error: No usable UNC path provided in device string!
[ 1125.812641][T16708] 
[ 1125.823860][T16708] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1126.745535][T16719] overlayfs: failed to resolve './file1': -2
[ 1127.314897][T16354] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1127.487884][ T7236] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1127.864623][T16354] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1127.946332][T16354] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1128.003558][T16354] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1128.615218][T16735] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.3161'.
[ 1129.544377][T16739] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3162'.
[ 1129.680119][T16354] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1129.707517][T16744] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3162'.
[ 1129.767856][T16354] 8021q: adding VLAN 0 to HW filter on device team0
[ 1129.804991][ T3528] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1129.812523][ T3528] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1129.872601][T16747] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3163'.
[ 1129.931408][ T3528] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1129.938650][ T3528] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1130.011357][T16750] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3163'.
[ 1130.521796][T16753] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3164'.
[ 1130.619940][T16755] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3164'.
[ 1131.998000][T16769] vivid-000: disconnect
[ 1132.954110][T16766] vivid-000: reconnect
[ 1134.087319][T16354] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1135.144090][T16803] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3174'.
[ 1135.211723][T16803] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3174'.
[ 1135.683779][T10024] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1135.719879][T16818] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[ 1135.856335][T16820] CIFS mount error: No usable UNC path provided in device string!
[ 1135.856335][T16820] 
[ 1135.866824][T16820] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1135.893182][T10024] usb 1-1: Using ep0 maxpacket: 32
[ 1136.273253][T10024] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1136.326905][T10024] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1136.382661][T10024] usb 1-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1136.391795][T10024] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1136.454939][T10024] usb 1-1: config 0 descriptor??
[ 1136.507376][T16354] veth0_vlan: entered promiscuous mode
[ 1136.925253][T16834] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1138.573592][T10024] usbhid 1-1:0.0: can't add hid device: -71
[ 1138.579688][T10024] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1138.603976][T16354] veth1_vlan: entered promiscuous mode
[ 1138.622685][T10024] usb 1-1: USB disconnect, device number 16
[ 1139.332363][T16354] veth0_macvtap: entered promiscuous mode
[ 1139.385875][T16354] veth1_macvtap: entered promiscuous mode
[ 1139.392701][T10024] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1139.770031][T10024] usb 4-1: Using ep0 maxpacket: 16
[ 1139.810508][T10024] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1139.830372][T16854] netlink: 165 bytes leftover after parsing attributes in process `syz.0.3183'.
[ 1139.880300][T10024] usb 4-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00
[ 1140.067500][T16354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1140.099802][T16354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.113173][T10024] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.135525][T10024] usb 4-1: config 0 descriptor??
[ 1140.179248][T16354] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1140.443343][T16354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1140.503391][T16354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.603298][T16840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1140.621354][T16840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1140.624051][T16354] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1140.941775][T10024] aquacomputer_d5next 0003:0C70:F003.000D: unknown main item tag 0x6
[ 1140.987098][T16840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1140.999999][T16354] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1141.023095][T10024] aquacomputer_d5next 0003:0C70:F003.000D: unknown main item tag 0x0
[ 1141.053334][T16354] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1141.062396][T16840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1141.063801][T16867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1141.103117][T10024] aquacomputer_d5next 0003:0C70:F003.000D: hidraw0: USB HID v0.00 Device [HID 0c70:f003] on usb-dummy_hcd.3-1/input0
[ 1141.122304][T16354] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1141.153712][T16354] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1141.154135][T16867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1141.202604][T16870] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3186'.
[ 1141.243228][T16872] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3186'.
[ 1141.264131][ T5953] usb 4-1: USB disconnect, device number 60
[ 1142.180595][ T7058] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1142.224640][ T7058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1142.261779][T16884] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1143.915938][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1144.052581][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1144.377758][T16900] o2cb: This node has not been configured.
[ 1144.383850][T16900] o2cb: Cluster check failed. Fix errors before retrying.
[ 1144.391149][T16900] (syz.3.3192,16900,0):user_dlm_register:674 ERROR: status = -22
[ 1144.399540][T16900] (syz.3.3192,16900,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1144.472604][ T5953] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1144.480471][    C1] raw-gadget.0 gadget.1: ignoring, device is not running
[ 1144.882184][ T5953] usb 2-1: device descriptor read/64, error -32
[ 1145.624642][T16909] netlink: 'syz.0.3196': attribute type 1 has an invalid length.
[ 1145.662688][ T5953] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1145.724743][T16909] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1145.853152][ T5953] usb 2-1: Using ep0 maxpacket: 32
[ 1145.894465][T16911] syz.2.3193: attempt to access beyond end of device
[ 1145.894465][T16911] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1145.908495][T16911] hpfs: hpfs_map_sector(): read error
[ 1146.344589][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1146.357649][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1146.367810][ T5953] usb 2-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1146.377109][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1146.408554][T16909] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3196'.
[ 1146.458312][T16914] ip6erspan0: entered promiscuous mode
[ 1146.468575][ T5953] usb 2-1: config 0 descriptor??
[ 1146.687067][T16909] bond2: entered promiscuous mode
[ 1146.772569][T16909] bond2: entered allmulticast mode
[ 1147.240769][T16930] overlayfs: overlapping lowerdir path
[ 1147.856370][ T5953] usbhid 2-1:0.0: can't add hid device: -71
[ 1147.863400][ T5953] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1147.870951][T16933] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3199'.
[ 1147.884224][T16933] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3199'.
[ 1147.897087][ T5953] usb 2-1: USB disconnect, device number 47
[ 1149.307299][T16947] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1149.754868][T16959] syz.3.3204: attempt to access beyond end of device
[ 1149.754868][T16959] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1149.776601][T16959] hpfs: hpfs_map_sector(): read error
[ 1150.655889][T16962] 9pnet_fd: Insufficient options for proto=fd
[ 1151.115394][T14084] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1151.128261][T14084] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1151.144313][T14084] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1151.163538][T10043] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1151.203511][T14084] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1151.274962][T14084] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1151.603939][T10043] usb 4-1: Using ep0 maxpacket: 8
[ 1151.651029][T10043] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1151.681236][T10043] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1151.752537][T10043] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1151.789368][T10043] usb 4-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1151.819181][T10043] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1151.859951][T10043] usb 4-1: Product: syz
[ 1151.870365][T10043] usb 4-1: Manufacturer: syz
[ 1151.890395][T10043] usb 4-1: SerialNumber: syz
[ 1152.648683][T10043] ti_usb_3410_5052 4-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1153.422675][T14084] Bluetooth: hci2: command tx timeout
[ 1154.175631][T10024] usb 4-1: USB disconnect, device number 61
[ 1154.262516][ T5867] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 1154.503149][T16973] chnl_net:caif_netlink_parms(): no params data found
[ 1154.535738][T17011] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3213'.
[ 1154.554886][T17011] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3213'.
[ 1154.582737][ T5867] usb 3-1: Using ep0 maxpacket: 32
[ 1155.504267][T14084] Bluetooth: hci2: command tx timeout
[ 1155.504632][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1155.523177][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1155.533113][ T5867] usb 3-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1155.542213][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.581046][ T5867] usb 3-1: config 0 descriptor??
[ 1156.382562][ T5867] usbhid 3-1:0.0: can't add hid device: -71
[ 1156.388648][ T5867] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1156.422590][T10050] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1156.707866][T17032] 9pnet_fd: Insufficient options for proto=fd
[ 1156.778645][ T5867] usb 3-1: USB disconnect, device number 59
[ 1156.841386][T17035] cifs: Unknown parameter 'por'
[ 1156.881143][T16973] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1156.900152][T16973] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1156.921340][T10050] usb 4-1: Using ep0 maxpacket: 32
[ 1156.960800][T16973] bridge_slave_0: entered allmulticast mode
[ 1156.967611][T10050] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1156.996445][T16973] bridge_slave_0: entered promiscuous mode
[ 1157.008229][T10050] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1157.050628][T16973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1157.063038][T10050] usb 4-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1157.101641][T16973] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1157.184662][T10050] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.188668][T16973] bridge_slave_1: entered allmulticast mode
[ 1157.509510][T16973] bridge_slave_1: entered promiscuous mode
[ 1157.518658][T10050] usb 4-1: config 0 descriptor??
[ 1157.590748][T14084] Bluetooth: hci2: command tx timeout
[ 1158.278086][T16973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1158.305049][T16973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1158.357488][T17055] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1158.823702][T10024] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[ 1158.850711][T10050] usbhid 4-1:0.0: can't add hid device: -71
[ 1158.859808][T10050] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1158.875664][T10050] usb 4-1: USB disconnect, device number 62
[ 1158.940489][ T7058] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1159.002795][T10024] usb 3-1: Using ep0 maxpacket: 32
[ 1159.024756][T10024] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1159.052698][T10024] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1159.063256][T17057] netlink: 'syz.4.3222': attribute type 1 has an invalid length.
[ 1159.073164][T10024] usb 3-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1159.086804][ T7058] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1159.092503][T10024] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1159.123833][T17058] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3222'.
[ 1159.140199][T16973] team0: Port device team_slave_0 added
[ 1159.147150][T10024] usb 3-1: config 0 descriptor??
[ 1159.169819][T16973] team0: Port device team_slave_1 added
[ 1159.187884][T17058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1159.201467][T17058] batadv_slave_1: entered promiscuous mode
[ 1159.211295][T17058] batadv_slave_1: entered allmulticast mode
[ 1159.282083][ T7058] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1159.363490][T10024] usbhid 3-1:0.0: can't add hid device: -71
[ 1159.369584][T10024] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1159.394736][T10024] usb 3-1: USB disconnect, device number 60
[ 1159.952710][T14084] Bluetooth: hci2: command tx timeout
[ 1160.314004][ T7058] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1160.331779][T16973] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1160.352576][T16973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1160.406204][T16973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1160.427435][T16973] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1160.441170][T16973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1160.471561][T16973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1160.959476][T17071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3224'.
[ 1161.058843][T16973] hsr_slave_0: entered promiscuous mode
[ 1161.072889][T10044] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1161.150213][T16973] hsr_slave_1: entered promiscuous mode
[ 1161.169709][T16973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1161.197701][T16973] Cannot create hsr debugfs directory
[ 1161.232853][T10044] usb 4-1: Using ep0 maxpacket: 8
[ 1161.270960][T10044] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1161.313882][T10044] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1161.340431][T10044] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1161.386346][T10044] usb 4-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1161.424632][T10044] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1161.450246][T10044] usb 4-1: Product: syz
[ 1161.455992][T10044] usb 4-1: Manufacturer: syz
[ 1161.460640][T10044] usb 4-1: SerialNumber: syz
[ 1161.504158][T10044] ti_usb_3410_5052 4-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1161.644438][T17074] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3227'.
[ 1161.814767][T17077] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3227'.
[ 1162.596153][T10024] usb 4-1: USB disconnect, device number 63
[ 1164.473815][T10044] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1164.672588][T10044] usb 4-1: Using ep0 maxpacket: 32
[ 1164.691193][T10044] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1164.722497][T10044] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1164.927452][T10044] usb 4-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1164.938732][T10044] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1164.961883][T10044] usb 4-1: config 0 descriptor??
[ 1165.048638][T17107] FAULT_INJECTION: forcing a failure.
[ 1165.048638][T17107] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.061556][T17107] CPU: 1 UID: 0 PID: 17107 Comm: syz.0.3233 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1165.061585][T17107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1165.061599][T17107] Call Trace:
[ 1165.061607][T17107]  <TASK>
[ 1165.061616][T17107]  dump_stack_lvl+0x189/0x250
[ 1165.061652][T17107]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1165.061680][T17107]  ? __pfx__printk+0x10/0x10
[ 1165.061718][T17107]  ? __pfx___might_resched+0x10/0x10
[ 1165.061745][T17107]  ? fs_reclaim_acquire+0x7d/0x100
[ 1165.061773][T17107]  should_fail_ex+0x414/0x560
[ 1165.061811][T17107]  should_failslab+0xa8/0x100
[ 1165.061844][T17107]  __kmalloc_cache_node_noprof+0x73/0x3d0
[ 1165.061874][T17107]  ? __get_vm_area_node+0x131/0x2d0
[ 1165.061910][T17107]  __get_vm_area_node+0x131/0x2d0
[ 1165.061946][T17107]  __vmalloc_node_range_noprof+0x2f1/0x12c0
[ 1165.061968][T17107]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.062004][T17107]  ? preempt_schedule_irq+0xde/0x150
[ 1165.062036][T17107]  ? irqentry_exit+0x74/0x90
[ 1165.062060][T17107]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1165.062093][T17107]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.062117][T17107]  __vmalloc_noprof+0x7a/0x90
[ 1165.062136][T17107]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.062161][T17107]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.062192][T17107]  bpf_prog_alloc+0x3c/0x1a0
[ 1165.062219][T17107]  bpf_prog_load+0x735/0x1930
[ 1165.062251][T17107]  ? __lock_acquire+0xaac/0xd20
[ 1165.062280][T17107]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1165.062329][T17107]  ? bpf_lsm_bpf+0x9/0x20
[ 1165.062353][T17107]  ? security_bpf+0x7e/0x300
[ 1165.062379][T17107]  __sys_bpf+0x5f1/0x860
[ 1165.062409][T17107]  ? __pfx___sys_bpf+0x10/0x10
[ 1165.062446][T17107]  ? ksys_write+0x1f0/0x250
[ 1165.062487][T17107]  __x64_sys_bpf+0x7c/0x90
[ 1165.062515][T17107]  do_syscall_64+0xf6/0x210
[ 1165.062539][T17107]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1165.062560][T17107]  ? clear_bhb_loop+0x45/0xa0
[ 1165.062584][T17107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1165.062604][T17107] RIP: 0033:0x7f04add8e969
[ 1165.062624][T17107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1165.062643][T17107] RSP: 002b:00007f04aeb53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1165.062664][T17107] RAX: ffffffffffffffda RBX: 00007f04adfb6160 RCX: 00007f04add8e969
[ 1165.062679][T17107] RDX: 0000000000000094 RSI: 0000200000000600 RDI: 0000000000000005
[ 1165.062692][T17107] RBP: 00007f04aeb53090 R08: 0000000000000000 R09: 0000000000000000
[ 1165.062705][T17107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1165.062717][T17107] R13: 0000000000000000 R14: 00007f04adfb6160 R15: 00007fff096b35e8
[ 1165.062765][T17107]  </TASK>
[ 1165.334128][T17107] syz.0.3233: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1165.351677][T17107] CPU: 1 UID: 0 PID: 17107 Comm: syz.0.3233 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1165.351708][T17107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1165.351722][T17107] Call Trace:
[ 1165.351732][T17107]  <TASK>
[ 1165.351740][T17107]  dump_stack_lvl+0x189/0x250
[ 1165.351775][T17107]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1165.351803][T17107]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1165.351832][T17107]  ? __pfx__printk+0x10/0x10
[ 1165.351865][T17107]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1165.351898][T17107]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1165.351939][T17107]  warn_alloc+0x214/0x310
[ 1165.351968][T17107]  ? __pfx_warn_alloc+0x10/0x10
[ 1165.352001][T17107]  ? __get_vm_area_node+0x27f/0x2d0
[ 1165.352042][T17107]  __vmalloc_node_range_noprof+0x316/0x12c0
[ 1165.352076][T17107]  ? preempt_schedule_irq+0xde/0x150
[ 1165.352110][T17107]  ? irqentry_exit+0x74/0x90
[ 1165.352135][T17107]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1165.352169][T17107]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.352194][T17107]  __vmalloc_noprof+0x7a/0x90
[ 1165.352214][T17107]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.352240][T17107]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[ 1165.352271][T17107]  bpf_prog_alloc+0x3c/0x1a0
[ 1165.352300][T17107]  bpf_prog_load+0x735/0x1930
[ 1165.352333][T17107]  ? __lock_acquire+0xaac/0xd20
[ 1165.352376][T17107]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1165.352428][T17107]  ? bpf_lsm_bpf+0x9/0x20
[ 1165.352458][T17107]  ? security_bpf+0x7e/0x300
[ 1165.352484][T17107]  __sys_bpf+0x5f1/0x860
[ 1165.352507][T17107]  ? __pfx___sys_bpf+0x10/0x10
[ 1165.352545][T17107]  ? ksys_write+0x1f0/0x250
[ 1165.352582][T17107]  __x64_sys_bpf+0x7c/0x90
[ 1165.352603][T17107]  do_syscall_64+0xf6/0x210
[ 1165.352627][T17107]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1165.352646][T17107]  ? clear_bhb_loop+0x45/0xa0
[ 1165.352671][T17107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1165.352691][T17107] RIP: 0033:0x7f04add8e969
[ 1165.352710][T17107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1165.352728][T17107] RSP: 002b:00007f04aeb53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1165.352750][T17107] RAX: ffffffffffffffda RBX: 00007f04adfb6160 RCX: 00007f04add8e969
[ 1165.352765][T17107] RDX: 0000000000000094 RSI: 0000200000000600 RDI: 0000000000000005
[ 1165.352778][T17107] RBP: 00007f04aeb53090 R08: 0000000000000000 R09: 0000000000000000
[ 1165.352790][T17107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1165.352802][T17107] R13: 0000000000000000 R14: 00007f04adfb6160 R15: 00007fff096b35e8
[ 1165.352834][T17107]  </TASK>
[ 1165.616159][T17107] Mem-Info:
[ 1165.619878][T17107] active_anon:343 inactive_anon:9484 isolated_anon:0
[ 1165.619878][T17107]  active_file:15601 inactive_file:38721 isolated_file:0
[ 1165.619878][T17107]  unevictable:768 dirty:80 writeback:0
[ 1165.619878][T17107]  slab_reclaimable:10756 slab_unreclaimable:105582
[ 1165.619878][T17107]  mapped:34430 shmem:6253 pagetables:900
[ 1165.619878][T17107]  sec_pagetables:0 bounce:0
[ 1165.619878][T17107]  kernel_misc_reclaimable:0
[ 1165.619878][T17107]  free:1319483 free_pcp:1353 free_cma:0
[ 1165.666440][T17107] Node 0 active_anon:1372kB inactive_anon:37936kB active_file:62328kB inactive_file:154884kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137720kB dirty:320kB writeback:0kB shmem:23476kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11484kB pagetables:3600kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1165.700489][T17107] Node 1 active_anon:0kB inactive_anon:0kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1165.731869][T17107] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1165.759751][T17107] lowmem_reserve[]: 0 2504 2504 2504 2504
[ 1165.765577][T17107] Node 0 DMA32 free:1348712kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:1368kB inactive_anon:37932kB active_file:62236kB inactive_file:154872kB unevictable:1536kB writepending:316kB present:3129332kB managed:2564616kB mlocked:0kB bounce:0kB free_pcp:5740kB local_pcp:4244kB free_cma:0kB
[ 1165.796334][T17107] lowmem_reserve[]: 0 0 0 0 0
[ 1165.801435][T17107] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:92kB inactive_file:12kB unevictable:0kB writepending:4kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1165.828429][T17107] lowmem_reserve[]: 0 0 0 0 0
[ 1165.833185][T17107] Node 1 Normal free:3913152kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1165.862501][T17107] lowmem_reserve[]: 0 0 0 0 0
[ 1165.867259][T17107] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1165.880041][T17107] Node 0 DMA32: 2*4kB (ME) 136*8kB (UME) 595*16kB (UME) 706*32kB (UME) 546*64kB (UME) 232*128kB (UME) 90*256kB (UME) 48*512kB (UME) 25*1024kB (UME) 7*2048kB (UME) 284*4096kB (M) = 1348664kB
[ 1165.899001][T17107] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1165.910649][T17107] Node 1 Normal: 220*4kB (UME) 64*8kB (UME) 33*16kB (UME) 212*32kB (UME) 99*64kB (UME) 30*128kB (UME) 20*256kB (UME) 4*512kB (UME) 6*1024kB (UME) 1*2048kB (U) 947*4096kB (M) = 3913152kB
[ 1165.929208][T17107] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1165.938816][T17107] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1165.948843][T17107] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1165.959253][T17107] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1165.968671][T17107] 60650 total pagecache pages
[ 1165.973785][T17107] 0 pages in swap cache
[ 1165.977998][T17107] Free swap  = 124996kB
[ 1165.982210][T17107] Total swap = 124996kB
[ 1165.986621][T17107] 2097051 pages RAM
[ 1165.990487][T17107] 0 pages HighMem/MovableOnly
[ 1165.995263][T17107] 424238 pages reserved
[ 1165.999487][T17107] 0 pages cma reserved
[ 1166.224671][T10044] usbhid 4-1:0.0: can't add hid device: -71
[ 1166.230762][T10044] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1166.323888][T10044] usb 4-1: USB disconnect, device number 64
[ 1166.431170][T17118] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1166.849051][ T7058] bond0 (unregistering): Released all slaves
[ 1167.043900][ T7058] bond1 (unregistering): Released all slaves
[ 1167.201730][ T7058] bond2 (unregistering): Released all slaves
[ 1167.295800][T10024] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1167.344164][ T7058] bond3 (unregistering): Released all slaves
[ 1167.358917][T17090] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3230'.
[ 1167.471984][T10024] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1167.515720][T10024] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1167.539021][T10024] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1167.569627][T10024] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1167.581370][T10024] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1167.614682][ T7058] tipc: Left network mode
[ 1167.638821][T10024] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1167.655904][T10024] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1167.666324][T10024] usb 4-1: Product: syz
[ 1167.670776][T10024] usb 4-1: Manufacturer: syz
[ 1168.133192][T10024] cdc_wdm 4-1:1.0: skipping garbage
[ 1168.138636][T10024] cdc_wdm 4-1:1.0: skipping garbage
[ 1168.155534][T10024] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 1168.178660][T10024] cdc_wdm 4-1:1.0: Unknown control protocol
[ 1170.777295][T10050] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[ 1170.905199][ T5867] usb 4-1: USB disconnect, device number 65
[ 1170.973022][T10050] usb 3-1: Using ep0 maxpacket: 8
[ 1170.990915][T17132] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3239'.
[ 1171.009777][T17135] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3239'.
[ 1171.010546][T10050] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1171.129551][T10050] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1171.203109][T10050] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1171.270375][T10050] usb 3-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1171.305957][T10050] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.326153][T10050] usb 3-1: Product: syz
[ 1171.342951][T10050] usb 3-1: Manufacturer: syz
[ 1171.814477][T10050] usb 3-1: SerialNumber: syz
[ 1171.854179][T10050] ti_usb_3410_5052 3-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1172.126243][T16973] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1172.223069][T17169] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3245'.
[ 1172.274369][T16973] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1172.634564][ T7058] dummy0: left promiscuous mode
[ 1173.300191][ T7058] team0: left promiscuous mode
[ 1173.624534][T10024] usb 3-1: USB disconnect, device number 61
[ 1173.725380][ T7058] hsr_slave_0: left promiscuous mode
[ 1173.753855][ T7058] hsr_slave_1: left promiscuous mode
[ 1173.813520][ T7058] veth1_macvtap: left promiscuous mode
[ 1173.819107][ T7058] veth0_macvtap: left promiscuous mode
[ 1173.833446][ T7058] veth1_vlan: left promiscuous mode
[ 1173.849715][ T7058] veth0_vlan: left promiscuous mode
[ 1174.018274][T17196] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1174.366317][T17200] overlayfs: overlapping lowerdir path
[ 1174.384576][T14084] Bluetooth: hci1: command 0x0406 tx timeout
[ 1175.839284][T17218] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3254'.
[ 1177.428205][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.437365][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.919478][ T7058] lo (unregistering): left allmulticast mode
[ 1177.930147][T16973] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1178.035399][T17229] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3258'.
[ 1178.081441][T16973] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1178.341942][T17233] cifs: Bad value for 'port'
[ 1178.441732][T17234] overlayfs: overlapping lowerdir path
[ 1179.596623][T10043] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1179.611196][T10044] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[ 1179.941367][T16973] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1180.193058][T16973] 8021q: adding VLAN 0 to HW filter on device team0
[ 1180.236686][T10044] usb 3-1: Using ep0 maxpacket: 32
[ 1180.242796][T10043] usb 1-1: Using ep0 maxpacket: 8
[ 1180.255652][ T6015] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1180.262900][ T6015] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1180.275554][T10043] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1180.286105][T10043] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1180.301354][T10043] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1180.311951][T10044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1180.372661][T10044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1180.396636][ T3528] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1180.404105][ T3528] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1180.417964][T10044] usb 3-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1180.428228][T10043] usb 1-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1180.462910][T10043] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1180.502659][T10044] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1180.515479][T10043] usb 1-1: Product: syz
[ 1180.550745][T10043] usb 1-1: Manufacturer: syz
[ 1180.568682][T10044] usb 3-1: config 0 descriptor??
[ 1180.573959][T10043] usb 1-1: SerialNumber: syz
[ 1180.646066][T10043] ti_usb_3410_5052 1-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1181.432025][T10044] usbhid 3-1:0.0: can't add hid device: -71
[ 1181.465747][T10044] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1181.663964][T10044] usb 3-1: USB disconnect, device number 62
[ 1181.755581][T17275] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3266'.
[ 1182.443062][T10043] usb 1-1: USB disconnect, device number 17
[ 1183.452337][T16973] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1183.635670][T17295] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3270'.
[ 1183.700906][T16973] veth0_vlan: entered promiscuous mode
[ 1183.742130][T16973] veth1_vlan: entered promiscuous mode
[ 1183.909190][T16973] veth0_macvtap: entered promiscuous mode
[ 1183.940882][T16973] veth1_macvtap: entered promiscuous mode
[ 1185.199607][T17314] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1185.678236][T17309] syz.4.3271: attempt to access beyond end of device
[ 1185.678236][T17309] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1185.684444][T16973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1185.704275][T17309] hpfs: hpfs_map_sector(): read error
[ 1185.704839][T16973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.720989][T16973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1185.733471][T16973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1186.078671][T16973] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1186.365527][T16973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1186.422537][T16973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1186.454054][T16973] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1186.641998][T16973] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.683946][T16973] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.725332][T16973] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.802170][T16973] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.972137][T17333] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3277'.
[ 1188.558112][ T6015] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1188.571243][ T6015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1188.753750][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1188.780633][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1189.062961][T17356] syz.0.3280: attempt to access beyond end of device
[ 1189.062961][T17356] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1189.085275][T17356] hpfs: hpfs_map_sector(): read error
[ 1189.193091][T10024] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1189.331368][T17358] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[ 1189.483261][T10024] usb 4-1: Using ep0 maxpacket: 8
[ 1189.500763][T10024] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1189.548854][T10024] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1189.701700][T10024] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1189.735155][T10024] usb 4-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1189.755824][T10024] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1189.781858][T10024] usb 4-1: Product: syz
[ 1189.812005][T10024] usb 4-1: Manufacturer: syz
[ 1189.827795][T10024] usb 4-1: SerialNumber: syz
[ 1189.866030][T10024] ti_usb_3410_5052 4-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1191.036202][T17367] overlayfs: overlapping lowerdir path
[ 1191.161034][T10044] usb 4-1: USB disconnect, device number 66
[ 1191.698144][T17383] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.3286'.
[ 1192.347227][T17390] syz.0.3287: attempt to access beyond end of device
[ 1192.347227][T17390] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1192.363268][T17390] hpfs: hpfs_map_sector(): read error
[ 1192.622858][T17394] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3288'.
[ 1192.678468][T17394] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3288'.
[ 1193.575200][T14084] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1193.588375][T14084] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1193.601154][T14084] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1193.628317][T14084] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1193.637428][T14084] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1193.974670][ T6725] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1194.408181][T17410] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3290'.
[ 1194.448250][T17411] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3290'.
[ 1194.459433][T17420] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3292'.
[ 1194.913946][T17425] netlink: 'syz.0.3293': attribute type 1 has an invalid length.
[ 1195.063620][T17431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3293'.
[ 1195.098846][ T6725] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1195.156744][T17424] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3292'.
[ 1195.257794][T17425] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1195.749112][   T55] Bluetooth: hci3: command tx timeout
[ 1195.956183][ T6725] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1196.106780][T17436] overlayfs: overlapping lowerdir path
[ 1197.082525][T10025] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1197.822776][   T55] Bluetooth: hci3: command tx timeout
[ 1198.055112][T10025] usb 4-1: Using ep0 maxpacket: 8
[ 1198.070928][T10025] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1198.085580][T10025] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1198.114726][T10025] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1198.240501][T10025] usb 4-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1198.344174][T10025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1198.416274][T10025] usb 4-1: Product: syz
[ 1198.458803][T10025] usb 4-1: Manufacturer: syz
[ 1198.501312][T10025] usb 4-1: SerialNumber: syz
[ 1198.655644][T10025] ti_usb_3410_5052 4-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1199.461899][ T6725] bond2 (unregistering): (slave ip6erspan0): Releasing backup interface
[ 1199.516925][ T6725] ip6erspan0 (unregistering): left allmulticast mode
[ 1199.539561][T16916] usb 4-1: USB disconnect, device number 67
[ 1199.793114][T17496] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3303'.
[ 1199.903100][   T55] Bluetooth: hci3: command tx timeout
[ 1199.980588][T17500] netlink: 'syz.4.3306': attribute type 1 has an invalid length.
[ 1200.187333][T17503] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3306'.
[ 1200.892366][T17510] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3308'.
[ 1200.908115][T17510] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3308'.
[ 1201.461828][ T6725] team0: Port device bond0 removed
[ 1201.496007][ T6725] bond0 (unregistering): Released all slaves
[ 1201.690870][ T6725] bond1 (unregistering): Released all slaves
[ 1201.712674][T10025] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1201.716748][T10043] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1201.892547][T10025] usb 4-1: Using ep0 maxpacket: 8
[ 1201.898672][ T6725] bond2 (unregistering): Released all slaves
[ 1201.904496][T10025] usb 4-1: New USB device found, idVendor=1004, idProduct=61aa, bcdDevice=d2.b4
[ 1201.914540][T10043] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1201.914581][T10025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1201.931677][T10025] usb 4-1: Product: syz
[ 1201.936008][T10025] usb 4-1: Manufacturer: syz
[ 1201.938178][T10043] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1201.940830][T10025] usb 4-1: SerialNumber: syz
[ 1201.967646][T10025] usb 4-1: config 0 descriptor??
[ 1201.968946][T10043] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1201.985529][   T55] Bluetooth: hci3: command tx timeout
[ 1202.002165][T10043] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1202.025104][T10043] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1202.068775][T10043] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1202.080442][T10043] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1202.088804][T10043] usb 1-1: Product: syz
[ 1202.093075][T10043] usb 1-1: Manufacturer: syz
[ 1202.111674][T10043] cdc_wdm 1-1:1.0: skipping garbage
[ 1202.121725][T10043] cdc_wdm 1-1:1.0: skipping garbage
[ 1202.129171][T10043] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 1202.135825][T10043] cdc_wdm 1-1:1.0: Unknown control protocol
[ 1202.261569][ T6725] bond3 (unregistering): Released all slaves
[ 1202.583878][T17500] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1203.618783][T17502] ip6erspan0: entered promiscuous mode
[ 1204.774889][T17516] sp0: Synchronizing with TNC
[ 1204.884364][ T6725] tipc: Left network mode
[ 1205.440402][T10024] usb 1-1: USB disconnect, device number 18
[ 1205.502652][T10025] usb 4-1: USB disconnect, device number 68
[ 1208.035971][T17537] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3316'.
[ 1209.097803][ T6725] hsr_slave_0: left promiscuous mode
[ 1209.136620][ T6725] hsr_slave_1: left promiscuous mode
[ 1209.243624][ T6725] veth1_macvtap: left promiscuous mode
[ 1209.355651][T17560] overlayfs: overlapping lowerdir path
[ 1209.371701][ T6725] veth0_macvtap: left promiscuous mode
[ 1209.592892][ T6725] veth1_vlan: left promiscuous mode
[ 1209.642878][ T6725] veth0_vlan: left promiscuous mode
[ 1210.658556][T17578] o2cb: This node has not been configured.
[ 1210.664624][T17578] o2cb: Cluster check failed. Fix errors before retrying.
[ 1210.672009][T17578] (syz.3.3321,17578,1):user_dlm_register:674 ERROR: status = -22
[ 1210.679992][T17578] (syz.3.3321,17578,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1212.451708][T17591] syz.4.3322: attempt to access beyond end of device
[ 1212.451708][T17591] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1212.465342][T17591] hpfs: hpfs_map_sector(): read error
[ 1215.342928][T14084] Bluetooth: hci0: command 0x041b tx timeout
[ 1215.815281][T17408] chnl_net:caif_netlink_parms(): no params data found
[ 1216.036180][T17609] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3328'.
[ 1216.704794][T17623] syz.0.3329: attempt to access beyond end of device
[ 1216.704794][T17623] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1216.719087][T17623] hpfs: hpfs_map_sector(): read error
[ 1217.964771][T17408] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1218.018683][T17408] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1218.624165][T17408] bridge_slave_0: entered allmulticast mode
[ 1218.646437][T17408] bridge_slave_0: entered promiscuous mode
[ 1218.661200][T17408] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1218.669450][T17408] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1218.679423][T17408] bridge_slave_1: entered allmulticast mode
[ 1218.689616][T17408] bridge_slave_1: entered promiscuous mode
[ 1218.729650][T17644] 9pnet_virtio: no channels available for device syz
[ 1219.233948][T17661] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3337'.
[ 1219.236744][T17658] nbd: must specify at least one socket
[ 1219.273650][T17408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1219.360261][T17408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1220.434371][T17408] team0: Port device team_slave_0 added
[ 1220.605905][T17678] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3341'.
[ 1220.621888][T17680] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3341'.
[ 1220.993645][T17408] team0: Port device team_slave_1 added
[ 1221.942020][T17408] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1221.949520][T17408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1222.042587][T17408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1222.075300][T17408] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1222.119537][T17408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1222.689936][T17408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1223.000678][T17408] hsr_slave_0: entered promiscuous mode
[ 1223.012553][T16916] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1223.033910][T17408] hsr_slave_1: entered promiscuous mode
[ 1223.047382][T17408] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1223.071488][T17408] Cannot create hsr debugfs directory
[ 1223.202633][T16916] usb 4-1: Using ep0 maxpacket: 32
[ 1223.216641][T16916] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1223.877699][T16916] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1223.952461][T16916] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1223.971281][T16916] usb 4-1: Product: syz
[ 1223.977994][T16916] usb 4-1: Manufacturer: syz
[ 1223.995002][T16916] usb 4-1: SerialNumber: syz
[ 1224.013377][T16916] usb 4-1: config 0 descriptor??
[ 1224.023270][T17693] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1224.976150][T10050] usb 4-1: USB disconnect, device number 69
[ 1225.193691][T17710] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1226.112502][T10050] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1226.240766][T17733] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3352'.
[ 1226.412566][T10050] usb 1-1: Using ep0 maxpacket: 32
[ 1226.419635][T10050] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1226.432357][T10050] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1226.446114][T10050] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1226.458760][T10050] usb 1-1: Product: syz
[ 1226.463702][T10050] usb 1-1: Manufacturer: syz
[ 1226.469565][T10050] usb 1-1: SerialNumber: syz
[ 1227.026980][T10050] usb 1-1: config 0 descriptor??
[ 1227.039874][T17723] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1227.059588][T17733] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3352'.
[ 1227.071601][T17738] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3353'.
[ 1227.098648][T17742] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3353'.
[ 1227.268986][T10024] usb 1-1: USB disconnect, device number 19
[ 1228.913831][T17753] block device autoloading is deprecated and will be removed.
[ 1228.925411][T17753] syz.4.3355: attempt to access beyond end of device
[ 1228.925411][T17753] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1229.693525][T17755] syz.0.3356: attempt to access beyond end of device
[ 1229.693525][T17755] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1229.708640][T17755] hpfs: hpfs_map_sector(): read error
[ 1230.372537][T17760] o2cb: This node has not been configured.
[ 1230.378442][T17760] o2cb: Cluster check failed. Fix errors before retrying.
[ 1230.386234][T17760] (syz.3.3357,17760,1):user_dlm_register:674 ERROR: status = -22
[ 1230.394109][T17760] (syz.3.3357,17760,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1231.332141][T17408] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1231.402783][T17764] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3358'.
[ 1231.411823][T17764] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3358'.
[ 1231.420914][T17764] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3358'.
[ 1231.429908][T17764] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3358'.
[ 1231.451130][T17408] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1231.490555][T17408] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1231.531411][T17408] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1231.792293][T17408] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1231.829572][T17408] 8021q: adding VLAN 0 to HW filter on device team0
[ 1231.859174][ T3013] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1231.866476][ T3013] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1231.920096][ T3013] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1231.927375][ T3013] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1232.158597][T17791] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3363'.
[ 1232.188710][T17791] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3363'.
[ 1233.725364][T17408] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1234.932362][T17408] veth0_vlan: entered promiscuous mode
[ 1234.995598][T17408] veth1_vlan: entered promiscuous mode
[ 1235.075305][T17408] veth0_macvtap: entered promiscuous mode
[ 1235.147871][T17408] veth1_macvtap: entered promiscuous mode
[ 1235.222169][T17408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1235.255872][T17408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1235.279173][T17408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1235.447160][T17408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1235.462829][T17408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1235.474446][T17408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1235.486423][T17408] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1235.498802][T17408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1235.510218][T17408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1235.520673][T17408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1235.643298][T17408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1235.776791][T17408] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1235.855668][T17408] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1235.891346][T17408] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1236.050545][T17408] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1236.059880][T17408] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1236.651687][ T7059] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1236.693891][ T7059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1236.909576][T17863] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3377'.
[ 1237.206310][T17865] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3377'.
[ 1237.499511][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1237.522135][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1237.542848][ T5953] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[ 1237.718795][ T5953] usb 5-1: Using ep0 maxpacket: 32
[ 1237.790567][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1237.939020][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1238.085694][ T5953] usb 5-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1238.125837][ T5953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1238.169112][ T5953] usb 5-1: config 0 descriptor??
[ 1238.372805][ T5953] usbhid 5-1:0.0: can't add hid device: -71
[ 1238.384613][ T5953] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1238.440638][ T5953] usb 5-1: USB disconnect, device number 48
[ 1238.497926][T17876] xt_TCPMSS: Only works on TCP SYN packets
[ 1238.869343][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.876113][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.892927][ T5953] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[ 1239.151766][ T5953] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1239.570003][ T5953] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1239.581252][ T5953] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1239.592080][ T5953] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1239.603218][ T5953] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1239.643126][ T5953] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1239.652247][ T5953] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1239.693330][ T5953] usb 5-1: Product: syz
[ 1239.697583][ T5953] usb 5-1: Manufacturer: syz
[ 1239.735725][ T5953] cdc_wdm 5-1:1.0: skipping garbage
[ 1239.760977][ T5953] cdc_wdm 5-1:1.0: skipping garbage
[ 1239.817780][T17891] syz.1.3382: attempt to access beyond end of device
[ 1239.817780][T17891] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1239.887641][ T5953] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1239.965290][ T5953] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1240.337346][T17894] sp0: Synchronizing with TNC
[ 1241.863238][ T5953] usb 5-1: USB disconnect, device number 49
[ 1242.029125][T17904] syz.1.3385 (17904): /proc/17903/oom_adj is deprecated, please use /proc/17903/oom_score_adj instead.
[ 1242.135314][T17906] netlink: 'syz.0.3386': attribute type 72 has an invalid length.
[ 1242.155421][T17906] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3386'.
[ 1242.237772][T17915] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3388'.
[ 1242.254559][T17915] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3388'.
[ 1243.048722][T17925] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3390'.
[ 1245.192658][ T5953] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1245.740896][ T5953] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1245.792528][ T5953] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1245.848547][T17958] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1245.887960][ T5953] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1245.945504][ T5953] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1245.974249][ T5953] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1245.996659][ T5953] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1246.014997][ T5953] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1246.397825][ T5953] usb 1-1: Product: syz
[ 1246.426268][ T5953] usb 1-1: Manufacturer: syz
[ 1246.454908][ T5953] cdc_wdm 1-1:1.0: skipping garbage
[ 1246.469272][ T5953] cdc_wdm 1-1:1.0: skipping garbage
[ 1246.496556][ T5953] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 1246.515584][ T5953] cdc_wdm 1-1:1.0: Unknown control protocol
[ 1246.611153][T17966] syz.4.3398: attempt to access beyond end of device
[ 1246.611153][T17966] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1246.722585][T10045] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1247.049539][T17968] sp0: Synchronizing with TNC
[ 1248.333515][T10045] usb 2-1: Using ep0 maxpacket: 8
[ 1248.410527][T10045] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1248.430978][ T5953] usb 1-1: USB disconnect, device number 20
[ 1248.478580][T10045] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1248.495931][T17970] netlink: 'syz.4.3400': attribute type 72 has an invalid length.
[ 1248.517502][T10045] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1248.523143][T17970] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3400'.
[ 1248.549124][T10045] usb 2-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1248.566744][T10045] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1248.587287][T10045] usb 2-1: Product: syz
[ 1248.591615][T10045] usb 2-1: Manufacturer: syz
[ 1248.605816][T10045] usb 2-1: SerialNumber: syz
[ 1248.831560][T10045] ti_usb_3410_5052 2-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1249.629105][T10024] usb 2-1: USB disconnect, device number 48
[ 1249.738688][T17982] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3403'.
[ 1249.759136][T17982] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3403'.
[ 1252.371927][T18001] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3409'.
[ 1252.482086][T18005] syz.0.3410: attempt to access beyond end of device
[ 1252.482086][T18005] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1253.401536][T18010] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3412'.
[ 1253.729279][T18014] overlayfs: overlapping lowerdir path
[ 1254.531887][T18024] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1254.832254][T18034] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3418'.
[ 1254.855708][T18034] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3418'.
[ 1255.679198][T10043] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1255.862806][T10043] usb 1-1: Using ep0 maxpacket: 8
[ 1255.880014][T10043] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1255.897362][T10043] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1255.942550][T10043] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1255.984649][T10043] usb 1-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1256.043034][T10043] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1256.074720][T18049] syz.4.3422: attempt to access beyond end of device
[ 1256.074720][T18049] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1256.092832][T10043] usb 1-1: Product: syz
[ 1256.112980][T10043] usb 1-1: Manufacturer: syz
[ 1256.213401][T10043] usb 1-1: SerialNumber: syz
[ 1256.807483][T10043] ti_usb_3410_5052 1-1:1.0: TI USB 3410 1 port adapter converter detected
[ 1257.436485][T10043] usb 1-1: USB disconnect, device number 21
[ 1257.531499][T18056] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3424'.
[ 1258.667310][T18075] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3432'.
[ 1258.712021][T18075] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3432'.
[ 1258.724333][T18080] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[ 1258.886480][T18081] syz.0.3433: attempt to access beyond end of device
[ 1258.886480][T18081] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1258.899633][T18081] hpfs: hpfs_map_sector(): read error
[ 1259.765719][T18100] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3437'.
[ 1260.147473][T18107] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001
[ 1260.858804][T18114] overlayfs: overlapping lowerdir path
[ 1261.082931][ T7236] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 1262.230094][ T7236] usb 5-1: config 6 has an invalid interface number: 108 but max is 0
[ 1262.268911][ T7236] usb 5-1: config 6 has no interface number 0
[ 1262.289205][ T7236] usb 5-1: config 6 interface 108 has no altsetting 0
[ 1262.309285][ T7236] usb 5-1: New USB device found, idVendor=0856, idProduct=ac30, bcdDevice=d2.1d
[ 1262.342978][ T7236] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1262.364169][ T7236] usb 5-1: Product: syz
[ 1262.368428][ T7236] usb 5-1: Manufacturer: syz
[ 1262.381857][ T7236] usb 5-1: SerialNumber: syz
[ 1262.657162][T18122] mmap: syz.1.3444 (18122): VmData 25841664 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[ 1263.391156][T18144] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3447'.
[ 1263.453346][T18144] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3447'.
[ 1264.116565][T18148] syz.0.3448: attempt to access beyond end of device
[ 1264.116565][T18148] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1266.502664][ T7236] mos7840 5-1:6.108: missing endpoints
[ 1266.512860][T10043] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[ 1266.530926][ T7236] usb 5-1: USB disconnect, device number 50
[ 1266.706459][T10043] usb 3-1: Using ep0 maxpacket: 32
[ 1266.732337][T10043] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1266.782738][T10043] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1266.820011][T10043] usb 3-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[ 1266.846316][T18172] overlayfs: failed to clone lowerpath
[ 1266.879293][T10043] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1266.934285][T10043] usb 3-1: config 0 descriptor??
[ 1267.203078][T10043] usbhid 3-1:0.0: can't add hid device: -71
[ 1267.227028][T10043] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1267.264105][T18181] netlink: 'syz.3.3459': attribute type 1 has an invalid length.
[ 1267.272507][T10043] usb 3-1: USB disconnect, device number 63
[ 1267.371081][T18181] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1267.404703][T18181] ==================================================================
[ 1267.412852][T18181] BUG: KASAN: global-out-of-bounds in fib6_clean_node+0x35d/0x590
[ 1267.420728][T18181] Read of size 8 at addr ffffffff99cdf5e8 by task syz.3.3459/18181
[ 1267.428666][T18181] 
[ 1267.431011][T18181] CPU: 1 UID: 0 PID: 18181 Comm: syz.3.3459 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1267.431035][T18181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1267.431047][T18181] Call Trace:
[ 1267.431055][T18181]  <TASK>
[ 1267.431063][T18181]  dump_stack_lvl+0x189/0x250
[ 1267.431091][T18181]  ? __virt_addr_valid+0x18c/0x540
[ 1267.431112][T18181]  ? rcu_is_watching+0x15/0xb0
[ 1267.431134][T18181]  ? __kasan_check_byte+0x12/0x40
[ 1267.431159][T18181]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1267.431180][T18181]  ? rcu_is_watching+0x15/0xb0
[ 1267.431202][T18181]  ? lock_release+0x4b/0x3e0
[ 1267.431225][T18181]  ? __virt_addr_valid+0x18c/0x540
[ 1267.431244][T18181]  ? __virt_addr_valid+0x469/0x540
[ 1267.431263][T18181]  print_report+0xb4/0x290
[ 1267.431281][T18181]  ? fib6_clean_node+0x35d/0x590
[ 1267.431296][T18181]  kasan_report+0x118/0x150
[ 1267.431318][T18181]  ? stack_depot_save_flags+0x40/0x910
[ 1267.431345][T18181]  ? fib6_clean_node+0x35d/0x590
[ 1267.431364][T18181]  fib6_clean_node+0x35d/0x590
[ 1267.431382][T18181]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1267.431401][T18181]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1267.431426][T18181]  fib6_walk_continue+0x678/0x910
[ 1267.431447][T18181]  fib6_walk+0x149/0x290
[ 1267.431464][T18181]  __fib6_clean_all+0x234/0x380
[ 1267.431479][T18181]  ? __fib6_clean_all+0x9b/0x380
[ 1267.431494][T18181]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1267.431512][T18181]  ? __pfx___fib6_clean_all+0x10/0x10
[ 1267.431528][T18181]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1267.431543][T18181]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1267.431560][T18181]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1267.431580][T18181]  ? __pfx___mutex_lock+0x10/0x10
[ 1267.431599][T18181]  rt6_sync_down_dev+0xf9/0x150
[ 1267.431616][T18181]  ? __pfx_rt6_sync_down_dev+0x10/0x10
[ 1267.431635][T18181]  ? addrconf_link_ready+0x112/0x170
[ 1267.431655][T18181]  addrconf_notify+0x929/0x1010
[ 1267.431674][T18181]  notifier_call_chain+0x1b3/0x3e0
[ 1267.431702][T18181]  __dev_notify_flags+0x21b/0x2e0
[ 1267.431721][T18181]  ? __pfx___dev_notify_flags+0x10/0x10
[ 1267.431738][T18181]  ? __dev_change_flags+0x4cc/0x6d0
[ 1267.431758][T18181]  ? init_timer_key+0x171/0x2d0
[ 1267.431777][T18181]  rtnl_newlink_create+0x606/0xaf0
[ 1267.431801][T18181]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1267.431819][T18181]  ? rtnl_newlink+0x8db/0x1c70
[ 1267.431834][T18181]  ? __pfx___mutex_lock+0x10/0x10
[ 1267.431856][T18181]  ? ns_capable+0x8a/0xf0
[ 1267.431903][T18181]  rtnl_newlink+0x16d6/0x1c70
[ 1267.431919][T18181]  ? kasan_save_track+0x3e/0x80
[ 1267.431946][T18181]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1267.431975][T18181]  ? kasan_quarantine_put+0xdd/0x220
[ 1267.431995][T18181]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1267.432014][T18181]  ? nlmon_xmit+0xb0/0x100
[ 1267.432035][T18181]  ? kmem_cache_free+0x192/0x3f0
[ 1267.432062][T18181]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1267.432086][T18181]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1267.432103][T18181]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1267.432126][T18181]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1267.432152][T18181]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1267.432172][T18181]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1267.432191][T18181]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1267.432214][T18181]  ? __lock_acquire+0xaac/0xd20
[ 1267.432243][T18181]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1267.432258][T18181]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1267.432274][T18181]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1267.432288][T18181]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1267.432305][T18181]  ? ref_tracker_free+0x63a/0x7d0
[ 1267.432319][T18181]  ? __copy_skb_header+0xa7/0x550
[ 1267.432343][T18181]  netlink_rcv_skb+0x219/0x490
[ 1267.432359][T18181]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1267.432376][T18181]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1267.432404][T18181]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1267.432424][T18181]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1267.432447][T18181]  netlink_unicast+0x758/0x8d0
[ 1267.432480][T18181]  netlink_sendmsg+0x805/0xb30
[ 1267.432500][T18181]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1267.432520][T18181]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1267.432536][T18181]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1267.432553][T18181]  __sock_sendmsg+0x219/0x270
[ 1267.432577][T18181]  ____sys_sendmsg+0x505/0x830
[ 1267.432598][T18181]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1267.432621][T18181]  ? import_iovec+0x74/0xa0
[ 1267.432643][T18181]  ___sys_sendmsg+0x21f/0x2a0
[ 1267.432664][T18181]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1267.432698][T18181]  ? __fget_files+0x2a/0x420
[ 1267.432722][T18181]  ? __fget_files+0x3a0/0x420
[ 1267.432749][T18181]  __x64_sys_sendmsg+0x19b/0x260
[ 1267.432769][T18181]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1267.432796][T18181]  ? do_syscall_64+0xba/0x210
[ 1267.432815][T18181]  do_syscall_64+0xf6/0x210
[ 1267.432832][T18181]  ? clear_bhb_loop+0x45/0xa0
[ 1267.432850][T18181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1267.432866][T18181] RIP: 0033:0x7ffa40f8e969
[ 1267.432883][T18181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1267.432914][T18181] RSP: 002b:00007ffa3edf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1267.432932][T18181] RAX: ffffffffffffffda RBX: 00007ffa411b5fa0 RCX: 00007ffa40f8e969
[ 1267.432945][T18181] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1267.432955][T18181] RBP: 00007ffa41010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1267.432965][T18181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1267.432975][T18181] R13: 0000000000000000 R14: 00007ffa411b5fa0 R15: 00007ffde1ab00f8
[ 1267.432995][T18181]  </TASK>
[ 1267.433001][T18181] 
[ 1267.971188][T18181] The buggy address belongs to the variable:
[ 1267.977179][T18181]  binder_devices+0x8/0x20
[ 1267.981610][T18181] 
[ 1267.983937][T18181] The buggy address belongs to the physical page:
[ 1267.990393][T18181] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x19cdf
[ 1267.999163][T18181] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[ 1268.007072][T18181] raw: 00fff00000002000 ffffea00006737c8 ffffea00006737c8 0000000000000000
[ 1268.015668][T18181] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 1268.024252][T18181] page dumped because: kasan: bad access detected
[ 1268.030673][T18181] page_owner info is not present (never set?)
[ 1268.036741][T18181] 
[ 1268.039123][T18181] Memory state around the buggy address:
[ 1268.044754][T18181]  ffffffff99cdf480: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[ 1268.052829][T18181]  ffffffff99cdf500: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[ 1268.060907][T18181] >ffffffff99cdf580: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[ 1268.068975][T18181]                                                           ^
[ 1268.076436][T18181]  ffffffff99cdf600: 00 00 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
[ 1268.084507][T18181]  ffffffff99cdf680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1268.092599][T18181] ==================================================================
[ 1268.100898][T18181] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1268.108131][T18181] CPU: 1 UID: 0 PID: 18181 Comm: syz.3.3459 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[ 1268.120211][T18181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1268.130277][T18181] Call Trace:
[ 1268.133574][T18181]  <TASK>
[ 1268.136514][T18181]  dump_stack_lvl+0x99/0x250
[ 1268.141126][T18181]  ? __asan_memcpy+0x40/0x70
[ 1268.145731][T18181]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1268.150947][T18181]  ? __pfx__printk+0x10/0x10
[ 1268.155576][T18181]  panic+0x2db/0x790
[ 1268.159517][T18181]  ? __pfx_panic+0x10/0x10
[ 1268.163979][T18181]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 1268.169927][T18181]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1268.175843][T18181]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1268.182293][T18181]  ? print_memory_metadata+0x314/0x400
[ 1268.187771][T18181]  ? fib6_clean_node+0x35d/0x590
[ 1268.192724][T18181]  check_panic_on_warn+0x89/0xb0
[ 1268.197682][T18181]  ? fib6_clean_node+0x35d/0x590
[ 1268.202633][T18181]  end_report+0x78/0x160
[ 1268.206896][T18181]  kasan_report+0x129/0x150
[ 1268.211418][T18181]  ? stack_depot_save_flags+0x40/0x910
[ 1268.216903][T18181]  ? fib6_clean_node+0x35d/0x590
[ 1268.221856][T18181]  fib6_clean_node+0x35d/0x590
[ 1268.226631][T18181]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1268.231931][T18181]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1268.237321][T18181]  fib6_walk_continue+0x678/0x910
[ 1268.242362][T18181]  fib6_walk+0x149/0x290
[ 1268.246626][T18181]  __fib6_clean_all+0x234/0x380
[ 1268.251489][T18181]  ? __fib6_clean_all+0x9b/0x380
[ 1268.256595][T18181]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1268.261560][T18181]  ? __pfx___fib6_clean_all+0x10/0x10
[ 1268.266952][T18181]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1268.272252][T18181]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1268.277236][T18181]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1268.282890][T18181]  ? __pfx___mutex_lock+0x10/0x10
[ 1268.287930][T18181]  rt6_sync_down_dev+0xf9/0x150
[ 1268.292797][T18181]  ? __pfx_rt6_sync_down_dev+0x10/0x10
[ 1268.298301][T18181]  ? addrconf_link_ready+0x112/0x170
[ 1268.303608][T18181]  addrconf_notify+0x929/0x1010
[ 1268.308480][T18181]  notifier_call_chain+0x1b3/0x3e0
[ 1268.313619][T18181]  __dev_notify_flags+0x21b/0x2e0
[ 1268.318661][T18181]  ? __pfx___dev_notify_flags+0x10/0x10
[ 1268.324222][T18181]  ? __dev_change_flags+0x4cc/0x6d0
[ 1268.329439][T18181]  ? init_timer_key+0x171/0x2d0
[ 1268.334311][T18181]  rtnl_newlink_create+0x606/0xaf0
[ 1268.339476][T18181]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1268.345125][T18181]  ? rtnl_newlink+0x8db/0x1c70
[ 1268.349906][T18181]  ? __pfx___mutex_lock+0x10/0x10
[ 1268.354953][T18181]  ? ns_capable+0x8a/0xf0
[ 1268.359310][T18181]  rtnl_newlink+0x16d6/0x1c70
[ 1268.364005][T18181]  ? kasan_save_track+0x3e/0x80
[ 1268.368926][T18181]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1268.374093][T18181]  ? kasan_quarantine_put+0xdd/0x220
[ 1268.379419][T18181]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1268.384638][T18181]  ? nlmon_xmit+0xb0/0x100
[ 1268.389074][T18181]  ? kmem_cache_free+0x192/0x3f0
[ 1268.394045][T18181]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1268.399442][T18181]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1268.404658][T18181]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1268.410051][T18181]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1268.415795][T18181]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1268.420954][T18181]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1268.426085][T18181]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1268.431214][T18181]  ? __lock_acquire+0xaac/0xd20
[ 1268.436099][T18181]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1268.441166][T18181]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1268.446120][T18181]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1268.451245][T18181]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1268.456731][T18181]  ? ref_tracker_free+0x63a/0x7d0
[ 1268.461775][T18181]  ? __copy_skb_header+0xa7/0x550
[ 1268.466834][T18181]  netlink_rcv_skb+0x219/0x490
[ 1268.471619][T18181]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1268.477091][T18181]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1268.482399][T18181]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1268.487619][T18181]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1268.492830][T18181]  netlink_unicast+0x758/0x8d0
[ 1268.497623][T18181]  netlink_sendmsg+0x805/0xb30
[ 1268.502408][T18181]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1268.507725][T18181]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1268.513035][T18181]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1268.518340][T18181]  __sock_sendmsg+0x219/0x270
[ 1268.523048][T18181]  ____sys_sendmsg+0x505/0x830
[ 1268.527871][T18181]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1268.533173][T18181]  ? import_iovec+0x74/0xa0
[ 1268.537697][T18181]  ___sys_sendmsg+0x21f/0x2a0
[ 1268.542393][T18181]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1268.547632][T18181]  ? __fget_files+0x2a/0x420
[ 1268.552242][T18181]  ? __fget_files+0x3a0/0x420
[ 1268.556944][T18181]  __x64_sys_sendmsg+0x19b/0x260
[ 1268.561902][T18181]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1268.567388][T18181]  ? do_syscall_64+0xba/0x210
[ 1268.572090][T18181]  do_syscall_64+0xf6/0x210
[ 1268.576620][T18181]  ? clear_bhb_loop+0x45/0xa0
[ 1268.581315][T18181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1268.587227][T18181] RIP: 0033:0x7ffa40f8e969
[ 1268.591656][T18181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1268.611465][T18181] RSP: 002b:00007ffa3edf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1268.619906][T18181] RAX: ffffffffffffffda RBX: 00007ffa411b5fa0 RCX: 00007ffa40f8e969
[ 1268.627897][T18181] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1268.635885][T18181] RBP: 00007ffa41010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1268.643989][T18181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1268.651972][T18181] R13: 0000000000000000 R14: 00007ffa411b5fa0 R15: 00007ffde1ab00f8
[ 1268.659967][T18181]  </TASK>
[ 1268.663329][T18181] Kernel Offset: disabled
[ 1268.667664][T18181] Rebooting in 86400 seconds..