last executing test programs:

13.683517104s ago: executing program 4 (id=886):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8f4dd086d0492082a6d0000000109021b0001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000280)={0x44, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000000200)={0x20, 0x6}, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x8, 0x4, 0x4, 0xdf, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

8.968161447s ago: executing program 4 (id=900):
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20044094}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a4400000400000000000000000100000008000a40000000010900020073797a3200001d000900010073797a300000000008000540000000020800098004000280140000001000010000000000000000000000000a00000000109c12c3c8f5f152bea2b982eacf21399185e9c3a69f82cc4946362ebdf9d0cfa47bba0573ef89b848dedc5d5635ba8468e0d9e973e8ef2e0d2be9a3b86447aca145f8217eaa7046a985c2209406497626a31f44ca0f47172f993fda276369bc2a7b2a4d1baa1c93b2a4e770bff4c202e482e7"], 0x6c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x0, 0x0, 0xdddd1000})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x200008, 0x804, 0x4, 0xf, 0x120000, 0x9, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x7, 0x101, 0x1], 0xffff1000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x20, 0x0, 0x80, 0x0, 0x0, '\x00', 0x0, 0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000080)={0xa, 0x4e23, 0x4, @remote, 0x744bacdc}, 0x1c)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r7, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x4)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000000700)=ANY=[@ANYRES64=r8], 0x0, 0x49, 0xdb, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000540)={0x0, @multicast2, @empty}, &(0x7f0000000100)=0xc)
sendmsg$nl_route_sched(r8, &(0x7f0000000380)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000240)=@newtfilter={0x24, 0x2c, 0x4, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0x9}, {0xffe0, 0xd}, {0x2, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x44080}, 0x80)

8.604691405s ago: executing program 0 (id=904):
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
flock(r0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYBLOB='\x00\x00LKHL\x00\x00\x00\x00@\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYRESHEX=0x0, @ANYRES32=r1, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x2, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r3, 0x1e76, 0x0, 0x6, 0x0, 0x0)

8.092025465s ago: executing program 0 (id=909):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x80, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000013"], 0x188}}, 0x0)

7.878169667s ago: executing program 0 (id=910):
r0 = syz_open_dev$loop(&(0x7f00000005c0), 0x9, 0x12d600)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000d3f000/0x1000)=nil, 0x1000, 0x0)
r6 = syz_open_dev$swradio(&(0x7f00000007c0), 0x0, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f0000000000)={0x0, 0x1, 0x2, {0xb, @sliced={0x9, [0x8000, 0xd34, 0x7, 0x1, 0x6, 0x8100, 0x0, 0x1, 0x4, 0xfff5, 0x1, 0x8, 0x7, 0x3, 0xfffd, 0x2000, 0x1, 0x9, 0x4, 0x7, 0x800, 0x456, 0x2, 0x1b1a, 0x4, 0x40, 0x5, 0x4e, 0x6, 0x1800, 0x6, 0xffff, 0x3, 0x9, 0x100, 0x101, 0x7, 0x1000, 0x6, 0x0, 0x6, 0x67, 0xd000, 0x5ae3, 0x2, 0x0, 0xffff, 0x1000], 0x7fffffff}}})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x4000044}, 0x8800)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_misc(r7, &(0x7f0000001000), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r7, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0155aaffffffffffff0300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})

6.690150324s ago: executing program 0 (id=913):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x1d1, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

6.63898791s ago: executing program 3 (id=914):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x4ba5, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x0, 0x2}, 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_create(0x7, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x10000000000, 0x0, 0x6}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)

6.511048639s ago: executing program 1 (id=915):
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendto$inet6(r0, &(0x7f0000001640)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xffffffffffffff18, 0x840, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xd}, 0x0, &(0x7f00000002c0)={0x3fc, 0x0, 0x100000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

5.468862327s ago: executing program 3 (id=918):
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000002800018014000400001fff00000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000840)
sendmmsg$inet(r1, &(0x7f0000002000)=[{{&(0x7f0000000300)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000240)=[{0x0}], 0x1}}], 0x1, 0x2400c040)
close_range(r0, 0xffffffffffffffff, 0x0)

5.451494402s ago: executing program 1 (id=919):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) (async)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000440)=ANY=[@ANYRES8=r4, @ANYRES32=0x0, @ANYRES64=r3, @ANYRES32, @ANYRES16=r4, @ANYRES32=r4, @ANYBLOB], 0x44}}, 0x0) (async)
r5 = creat(&(0x7f00000002c0)='./file0\x00', 0x109)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r6, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x8fff5], 0x0, 0x0, 0x1f, 0x1}}, 0x3c) (async)
r7 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) (async)
r8 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000600)={'team0\x00', <r9=>0x0}) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r9, {0x0, 0x2}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0) (async)
ftruncate(r5, 0x9) (async)
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)

5.268441825s ago: executing program 2 (id=920):
r0 = fanotify_init(0x8, 0x101000)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r0, 0x61, 0x40001002, r1, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='smaps_rollup\x00')
preadv(r2, &(0x7f0000000040), 0x1000000000000135, 0x0, 0xfffff990) (async)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000c2427a206d046009afa50102030109021200010000000009040000006f350500"], 0x0) (async)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x80044940, &(0x7f0000001480)) (async)
read(r3, &(0x7f0000000580)=""/85, 0x55) (async)
r4 = socket$xdp(0x2c, 0x3, 0x0) (async, rerun: 64)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88) (rerun: 64)
setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r6=>0x0}) (rerun: 32)
bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x5, r6, 0x3b, r4}, 0x10) (async)
r7 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r7, 0x0, r7, 0x1) (async, rerun: 64)
request_key(&(0x7f0000000100)='.request_key_auth\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)='smaps_rollup\x00', r7) (async, rerun: 64)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
r8 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
setsockopt$inet_tcp_int(r8, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) (async, rerun: 64)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) (rerun: 64)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) (async)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r8, 0x6, 0x15, &(0x7f0000000040)=0x4, 0x4)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f00000001c0), 0x4) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async, rerun: 64)
r9 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) (rerun: 64)
fallocate(r9, 0x33, 0x8000000f11, 0x1000ef) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

5.148139492s ago: executing program 1 (id=921):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1})
r3 = syz_open_dev$mouse(&(0x7f00000004c0), 0x3a, 0x2142)
fcntl$setstatus(r3, 0x4, 0x800)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f00000001c0)={0x2000, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES16=r3, @ANYRES16=r0, @ANYRES64=r3, @ANYRESDEC=r2, @ANYRES16=r3, @ANYRES64=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRESHEX=r2, @ANYRESOCT=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x22020600)
fstatfs(0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='qrtr_ns_service_announce_new\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getitimer(0x0, &(0x7f0000000040))
recvfrom$inet(r3, &(0x7f0000000500)=""/22, 0x16, 0x2, 0x0, 0x0)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r5, 0xc01c64ae, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x401, 0x10, 0x4})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000340)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r7, &(0x7f0000000400)='d', 0x1, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000340)={0x0, 0x0, 0x5, 0x10001, 0x0, 0xffff75b9}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='percpu_alloc_percpu\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000400002000"/23], 0x48)

5.071028359s ago: executing program 2 (id=922):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB='mpol=interleave,mpol=l'])
r0 = socket$nl_generic(0x10, 0x3, 0x10)
rseq(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
unshare(0x2040400)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r4}, 0x18)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

4.69446992s ago: executing program 2 (id=923):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x24}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-avx2\x00'}, 0x58)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r4, 0x0)
accept4(r4, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x48}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001a000100000000000000000002000000ef0000000000000008000100e000000108000300", @ANYRES32=r2, @ANYBLOB], 0x34}}, 0x400c840)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
accept4(r0, 0x0, 0x0, 0x80000)
syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)

4.628177836s ago: executing program 4 (id=924):
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000000)={0x9, 0x1, 0x119})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6b)
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00', 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={<r1=>0x0, <r2=>0x0}, &(0x7f0000000180)=0xc)
read$FUSE(r0, &(0x7f00000001c0)={0x2020, 0x0, 0x0, <r3=>0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
setpgid(r1, r5)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002240)={0x1, &(0x7f0000002200)=[{0x5, 0x5, 0xf5, 0x9}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x2, &(0x7f0000002280))
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000022c0)=<r7=>0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000002340)={r7, r0, 0x0, 0x1c, &(0x7f0000002300)='/sys/kernel/debug/sync/info\x00'}, 0x30)
writev(r6, &(0x7f0000003500)=[{&(0x7f0000002380)="3340a07efbe7e164681e379e70d64ac6c9ae276387e47a2dc7631fb6245f3056d074f8fdd171f1a6cdcba0f0b7f5cfb3bd0f2ae85397501e6c12499602b9072e8b14fc56a9970b85cca484f833c5a6bd348f4de9f074423f63f32dc791f551c707356c74786cb1529d3776aafd129c2ed1a3641e48e2604ff354cc9b1695", 0x7e}, {&(0x7f0000002400)="28081f6c7ca568ee59b7fffe1bfb9786a478f631a3b1bb3c63d95229345e6117ff064c849931dcea77d1d43dd2a9cbe3c6edad2af1d5c3334ecc197cc4558ad2a69e729d5ef80b9d6f9177154cc18bce3bc1851b458b9fa1391be3cceb44ccbfa3f2a0f0720b4e20d6fb988dd555c5e65a61a1df7c1758b24ccd84413ca10718d87120df35f3e104d6e1adb2e2f874ac189bb64efdf659f78cf2a8e6c2c1987718a407b8b05e0eda679517863d82fedbadac30863b70101527c63423add43b8d6405ed00a3c17d38a0177e6671d87b1ffe572be10c6c9da70e4c50e36c2e3697871d463567b145724bd0cd9c5387f3633bfc27a07c7cd05bfc98332dd97db6e3c1981ab061ce36e765c30727078a45ac6f5c11ebcf7faf1b0090d195787c5e9889f2fbe467dcfb2c05b6e17e4967a3a7941e3fe8445d1e9f6fedf87b5e19ac680c970d4953161c98a002901828e73fd39c2551a06ce31a8e255ea97151b221328109a67e7589d87b2c5b98ced8df97ba23f1303b6ac959eacc1a24c3f9837f1e029356745929dc6ba6eed51b98ab3a2e3a8840ddca27e21f14556181ca9c6c78b509f7130a00ab947b849d4c8247960e05e56aa73a947163b03536142a0c0c3287ddcbf09e52e59cf7a44b4eae63808e3a94efe8edcae9c3139194c20fef0bbcc07d5313c370d5bcdfacbd262d33f8e5bfeba52bb09478a99201f52ccca957685c39cd999123499cfbed5028fd8c3ac60ea9ecb100803b4930fbc5c12f36155aa8c506a9f6544c549ff8c3973c36b1eee672e37026a740ee5acc47d6cf116fd8130997ac9997fa551619ea0b188cea4fcd2be0f0aaa30a71653b18266c5bc268dbbb92cd46d5d17345245cc56de838c5ab773b4a3031c63b557f84cc2d3af797c17075c96c47b3d1bca158f76dc466460bafbd484a1c5c2a37bf6a9a70227de0cdad259ed5d5c452b18c6bad43556ba83a3b253d9fa9a1e4af5f5089914f073a00a5d5dcb389b4475e48c20c69f0f3669428bd4707f704316a7ce687f0b57c58ff5a7424dbcfcec0a4c14477ba849c245877cc51091d6861af879380e8c5aa118ac6a35589be6fe03fa98832afca8505148cbf090aa23871623010fdfd381a9ecbfbaa8f737eb8dc60af613699aa5614b2d4a7121693fb5aa0efdb30c673cd390c2da84b216c198bbe28689b5dc374aad53baa14296af2f7ed4947c388cf6fabe8e7db41bfe08a6f356d6320b0b20832c4eda7614df5f0d10417bad542cb81c1b8a75ba2272b5ecbf136fdce34d0e18cb60158ba278ae723beb41db610192d73dd18f8115e67b5fd2cc8d79381b0f51a061f4e9182ef63e9b05bfebd606487ecb2e1ba9ac67825ce40472e2968280a2a2b31e140a60c748061830cbc8fe90ef5faeb9d1670e462ab1f40977e332ae4b7e040373e4cbeeee31605430f1427fd522d4f8ad651b5b1e4e54cd416c77ed3aff6f46edeeafa221f1576beb33fbbfd0ce3df7c5e5bef3e3015ad7fbf617ec75433bae498595d41cb6ef5717126a567169105e76b83eb50db075d160963bf598c24b15859df9a16ac8db4543544b52bd0e3a2d43c377307eee43e724450c3957d55d498dcc1fa2abb6bfa2e9256c60cb1f7cb969db69a4a8fcac7aef60bf4ba68349c1782496719b898390dccdfa3a8f5954eaef25121e0fe3da9c03542fb69fb9ebd09a2b469d81a3945ef44ef4419d1d698ec94665363a90e0d216ba5982a3363ed2beacc8db47a4dc4145b6360c0cb9ba1fb4d8759de3022ba7b7981f62f19a5b733e832cd0e996a8adb08a0b00bb26406df0d141010a06f82b386657fcf378d538c2a80f399614436d56565ceb8d455ccd021689e428168d88227a332229235a02784556020a9acfb356f75ded6c7aea7dfbf67281de58db36c2bf6c2c9bf8d5d56f189eb4dff629addfece0dd0e353c807e2184e7a555615e60400cabb3f5da3abdede6fe4691ff53b707d6b61617800640b5a79d78a6acd31c73daddbbf859fddac31b2f4ea7fa6f7756ad92dc695dce739ef63f3d8e101d46a90534e7d314062d75d4419ce48846d4905b2a752e37affc8833fd80d879d659ff7f776debe7df93a8a572567c1c9e263372759e2dabe8f52162a58a5b04b93492b45ec77cdf35b22d86f7d9ce53f718c93af6a0d329ec8924fe7cb3b62421d5db896ca11d1b29861fc78fac1fc6d3f13ebed6b811848ed53a2a5c1d9a972603e8e70f9e406370c772edc1fa30574951111b1281c7ed2b69868b70b40ea4379689a5995b707e6e62b7e560b34ebd0c28052f315f70e1834a7a63ad0334b37b1a57ca2bdc6d7c2a6f1dd3a6e90cb14c925c0fed79e1fd90107ce1d9ffa179eb49cee44bf941c5c98be689c45457fdb3f586da5c36dc46c0b6098818dfb4895af5b34c3665177ee35c6d3050f818c36361920bb243220067c994a6433fd0cbac8bd0c9b2ffd267c56c0c2adfa4408b52fbc6604a96ea9551ab0d4d4e6ef2f70c0ee57f1908e7ff141d8ba2fe3f0dfbd1772edd43b82c57be6ad43b86dba46a675b387fcaa09cb3b417dfb2802058051860ca1d268a0a9be47ffb4602209ce1dd9e5ab1520ce6f4432b9e0561f0f9ebdcdc39e4f3b9485018494d10c0d415e80ee160840cacdd3b1bae965765176cac54c1a19a50cf9bde6f3fa3c8ff67ab69e5628ff212aa24a9b42b49a409c1469219c177435771392a8e30e8f1fbbd6694e3c6c58e2900c3e475d5767eec64cf54c0d297ac50b6e3cfb1cffe68682d2f9ec06351a376451cb1a5d944ce580ef9626947e6904a6ba197fd14e154e5b6596733a37e3dcfb81d6cce45a092fcd52f2472b45296efca8fd8b88b03a9a386511397d6d6942c32e0e86024c62c9bf669527e52ac785b8266a662b303cad08c4f1b328a7c63b526dc2275343f15d87b53fb3ef7a662f4e8e83ca03c4bcd4368aa2e6f17d0418b0271ea3f9d156d9c8e3d2b180110c05f8fa8dfe9748e439fcd05a3206f9098bc60988e1235d034ea9f281cf0c81c5734dfd6b9c440ad131b2b3b8e82205b1e4b7deac5647f0733750f2e8f5b242156aa343eb38efe55a5c1a4586c9602b876e197d4a9f1f11ebafc3c04bfe604d1d80fe0edef4dfc60e732fb1906fb5a883107c125522279b55f2ba6da3bc6c58282f2e736affc204ce1c19cc2747cc112027cb7e7cc070ae8884de277a6099fa35ba7a1b5bd8d3b378a929e4f0a6e41a8ae9031805964af14c80dfb8405091eb122daf879b19e79bceefc508fb448219ee2ed63014a02dfe364b2f95fa28cd4963eb6e73733fc19da8255a93700771fc16952c750ad98bc672b7183e40d2a25882ad875a7c3853cda63cc9f753929fd8039d9377ecced75278c72adb8e72a5f4ce450d8b846f8e67167009ef98f683947e707c1938ac193f32d33633043ff4c4d71985609cf455fc5195401f0fc2da5e57353912881ef2cf3b796bb902548dff7bc3039f7ecf33f01ef8f021403915688ee84dd2c099de453d5fe9fa76dc89ce4d8f0a3af8491d642a4c6c710cfae46c7a52d2790eacb35d446b3082eec35f4047983a5d2660ce00cd435a4775b6ccf1ddc6c6b862b92f3ba13ef61f31fed05fdf9557401422953077ce52d9a44785ac22777f7aa2f9ae33814fde5b2e90c3ec1e94e8f0afe5ee434c91b1c5083460b0255e6d443f5899cbcd76774ddb9b4d9a6b123e2a01928ac560ab1c2978bd3f0b9a45db96e07f85b59665a25e1e38bd665dbbc3fedd17ff1300818b1c8fb71a6b2f20b2d0b3d7b37fc49d2648a38871e9c3cdfe00e33c71d513695dd819f6bdf8dd8840a30495c5abd6197813d090d3e763502fc6111f66d609384ac6eb094e978a41cc8b80a12d373fc8ea72f14dbadbdbdce5b96f05a4af76ef13a2e298e13ab2046db690403a909b7b3f5566be3cf9d61e96beb1fd920eba5fb0b74c4eefe6af601585fd4671b9af9004a646d504ea71dcd5a5ad417f3dafd1f0868ee6a6536f5ca8ad623cbdeb22323cf69510a0addc51eae97a65fd7c509a1c05a3fba2e313e91265b0209477c72ab82c26a22f966b9f79c81d130b1275f65b68f4bfb6d8836e2b44c04b83d74540635d7a0aa952384acc77b0c81a53a45b6d9ea3a152ab9434ecd89f0a15355f2f1685445c007d579e94250f75755ba41f3096501485877ff04309da6e03e48d2ca79daabb4e3fa664e2bddc58636ce89f10cba66f68d684f7c71c95e871df9d3314d93890fd1cdc97cd50fb0e0943a848b7836874e1394b58f51e668844d782ac2218e1d75cb95438650aabe53c8b25dc9a4e17401c932e10301edca4cdcd872518b20cda4d6aa9b2ff9354313690b1a0b145df5b3e93d3bfae963f8b86bc9d98cb666318b5f4e27a97a0f780a0e7378fa348f0797c1b00afcaf9962ec242e8801d0ac9023be97c4d4739c57f2061bb22722ee3f2930c5c3258dc824c4fad516b158c66c41f956ddbae3f66567cfba6981907a500b7cbc9b7c56e705efb9ba383b79c2f668d70407d259bbe8e4d62c611f51fbaa50d25dbc4e3d37da94142d11c6c0b329eaef099bd1a449b6434648faa56205beac7e88482fbc33c610df9d18afd2f0463d6c69247f6a53494fc7161294fa39052fc2d3d8f688128ae8ecde1ce905a0cd95da5064a58d95bd75e5840e0853c0e9ed03a4194db699f709112a59eef6adfeb2780e35ed6413d437bd606d2eb03bc5a71d8ac753e8035816876589c12a3929a361a6fb9791e9be33afcacb03aadff445368f8503128e131103c6376e50a062c725339966d7cf7283c7ca198386959b9e9ea4991d2447f3739cff1bfc8b804e7dd05e832d8061d018afe7e41f1a4730c178ff21589117c23419f2ee28faf1845ad931db3a13fd36edb4b35bf895b97d14aa05952e2d6bb5205158d7f3d1bc1e93b78c5558d00e788bbb6392c8460cbe876325fc501db901e3c7aa5f207d02a053cff3351f9ab8b57b5b2553f29a0d1560f6afa7e1f95b049c95ba077ae940090cf53cbd1b477f69d0a33ec1264e06f9260dc95495332475fbceb85e77e30f75ddd769f2352b7c203dc79b1b66a95d948c1ab78ab7b6c2aaf22190a1aab2494ba764e7079c6398e3ec510be10207b1773d3827364d8dfa6e0babda9cfc81c855bfea7a05e5adc0e1ebd3618fdc5fd4a23c0a1646ab54921c5f6c4a2ba4b4543a724929d49252775b6c7eb70a304a814437ab0c597c91792a4be279749a754bc2800fa0989b680911d0b792fd12a7f289561ae43e7ad376d96b1c3cc52c9535ed3bac6eea08ca755dbb3c03700ae200e55f698aa1e310f4c36360c224fb9eb24ea7ee30e0e0468310c1ae213bff9acd0e1d005b7f8bf6a0987f358360ddb59065ec74fe8201add24feac906c959769390db6ab18afa4322037e0dc4f581e967e1e82fa9ab08dee977cc34b95db07d91abf4561f89ae78f19cffcae04afe56ff9af0e54f26e50af002621834259bd3b7690e7b3ddd8faeee81c0ca6df4e6b2d547519dacccb3d33b70539fa9e2f0bd7ba55963f3c7bc8fa4d9f3062d50767a5e872a3a4ff3bacf28c9c9bfc968ebd079fb47fd008dbc95ba9de2c2088834697424a5dea693eb564fbcca16bd8d2f7a6990f90f94a3ab297b1a2596ef014db31ab9be99a45b164a45faa13535b05bc230d47bd0457c1e50bde8faba57fffb8b208eb5bdeca82244f11d634b44d14f32cf73c7a70f9971f818b73ac48c4a26e12f27e75edb9583793d9e5d32818c068722a50ff20a1caf6d52f29133910a9b0595274867c00a5af8c", 0x1000}, {&(0x7f0000003400)="1908d4b9e97ef450e2bf9c8b1e0dd4f7683e9dab32de56bf79b2f14572e6cf8252ed2e4fb7c5081a09d2120400f9ca81c1fbf1edbecc46e3b384914ff18cf250f8b8432fdbbfb552ae2320fe859273f1bee21c5f033497cb35638e338afd2918e2183f9d41edaa1e1c4f7ba7d6a2afb5a51642b251c21603ef4acf1458996eefea31a9fe5e0b16ccd14e411e5c45b68a4a3aa1ee7c0298b63057a516c0b56ed9726cb51126546b3c4d05fafa8569556eb60da64affca31da5b4e7ce95bc2a67a1c4884a7cdf6839b2076939ab7f3d0fecbfef569af54f83683faaf17b19e97eddb1aef2296a7542cb9d56690a52a", 0xee}], 0x3)
close(r0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000003540)={0x394, 0xa, 0x3, 0x0, 0xe})
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
symlink(&(0x7f0000003580)='./file0\x00', &(0x7f00000035c0)='./file0\x00')
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000003600)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r10 = openat$cgroup_ro(r9, &(0x7f0000003640)='blkio.bfq.empty_time\x00', 0x0, 0x0)
r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000003680), 0x414000, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r11, &(0x7f0000003780)={&(0x7f00000036c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000003740)={&(0x7f0000003700)={0x3c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2, 0x0, 0xa}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x401}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x24040000)
read$FUSE(r10, &(0x7f0000003840)={0x2020, 0x0, 0x0, <r12=>0x0}, 0x2020)
mount$9p_fd(0x0, &(0x7f00000037c0)='./file0\x00', &(0x7f0000003800), 0x8, &(0x7f0000005880)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@afid}, {@cache_readahead}, {@access_uid={'access', 0x3d, 0xee00}}, {@uname={'uname', 0x3d, './cgroup.cpu/syz0\x00'}}, {@dfltgid={'dfltgid', 0x3d, r4}}], [{@uid_lt={'uid<', r12}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@euid_lt={'euid<', r3}}, {@subj_type}, {@measure}, {@fsname={'fsname', 0x3d, '.-\xad{*@%@],[+&'}}, {@fowner_gt={'fowner>', r2}}, {@subj_type={'subj_type', 0x3d, '{%+}]]+&$*\'&*/*'}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}})
ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r11, 0xc0305616, &(0x7f0000005a00)={0x0, {0x7fffffff, 0x200}})
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r9, 0x4008941a, &(0x7f0000005a40)=0x2)
getsockname(r8, &(0x7f0000005a80)=@l2tp6={0xa, 0x0, 0x0, @local}, &(0x7f0000005b00)=0x80)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000005b40), 0x480201, 0x0)
connect$unix(r8, &(0x7f0000005b80)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
read$FUSE(r11, &(0x7f0000005c00)={0x2020, 0x0, <r13=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000007c40)={0xa0, 0xfffffffffffffff5, r13, {{0x0, 0x2, 0x2, 0x2, 0x4, 0x3, {0x2, 0x7, 0x5, 0x200, 0x3, 0x4, 0x5, 0x99d, 0x0, 0x6000, 0x7, r3, r4, 0x4, 0x2}}, {0x0, 0x12}}}, 0xa0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000007d00)={'bridge_slave_0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})

3.99204561s ago: executing program 4 (id=925):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
fsetxattr$security_ima(r0, &(0x7f00000000c0), &(0x7f0000000080)=@md5={0x1, "e8a65c7343ada2675dda8cdeca3b87fc"}, 0x2, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x1404, 0x100, 0x70bd25, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x4008804}, 0x40041)
gettid()
timer_create(0x3, &(0x7f0000000740)={0x0, 0x421, 0x800000000004, @thr={&(0x7f0000000880)="984011cdce1db796d2bd17eda4d6a4c39c0796c3c4573275ffec53a355594ad48dae7ba280015758825f99e7e8507305c8b349824478e566c5014300b7a5cda45f9ebef51a6a31916c6b473f472cba91704d7a66a82e183d8cbb3ee6f91b4311a877d4810cbbc40c70824324c00b0575e15eda748d5c788f230d71b9c521d0898ddcaf5b2e7aa82f27c26e9771492efdbc1853fab350aeb0caf6119890e5569556", &(0x7f0000000780)="3bd5bba8cc93c5e1576987c165632457c2b0278832f6b2e1dcd1ddb3e457119a1cf62f98d7465943fa0cbb3e354a0c65f98c1aff4c1ba3586f590b19d2a1ad80f67f08edc8ef4bc830e8082d4b042fa7ee7164f7b6cf677ceeb077fb795ee4dfb0b307afcd51f35b98cb531ddd1d99c3cbb536482cf2d8daae70e3b33eba72c6e8e4ca3cf64450f1318c357cbea7feef97aec3355f7ed2347807436889e2035506c3f5bcb93b0c504aa7d3dd28bb1c51ef7e44b5f2004de41df27b334d92fad011cef7c8f28bc3"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000040)={0x1f, @none}, 0x8)
listen(r1, 0x0)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f00000000c0)=0x1, &(0x7f0000000100)=0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0x84400)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r2, 0xc0605345, &(0x7f0000000400)={0x2, 0x2, {0x2, 0x1, 0xe, 0x1, 0xf}, 0xff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f7, &(0x7f0000000080)={'ip6gre0\x00', 0x0})
r5 = accept4(r1, 0x0, 0x0, 0x80000)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000000)={'wg1\x00'})
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000004c0), r4)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r5, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, r6, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xa00}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$FBIOPUTCMAP(r9, 0x4605, &(0x7f0000000280)={0x80000000, 0x1, &(0x7f0000000140)=[0x0], &(0x7f00000001c0), &(0x7f0000000200), 0x0})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r10, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
shutdown(r1, 0x1)
sendto$x25(0xffffffffffffffff, &(0x7f00000005c0)="eeb7175fe303da69a26a74d704d78ba1745aaa107f372b45f62ba6ac88746322396ba86ec28d2efbe51911b8ac19ffb90521a3709a3960d372de05d5f7b06a318e70508abc32f839", 0x48, 0x800, &(0x7f0000000640)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}}, 0x12)

3.981544438s ago: executing program 3 (id=926):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x20c01, 0x0)
dup3(r1, r2, 0x6700000000000000)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000980)=[@text32={0x20, 0x0}], 0x1, 0x51, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b0400000000000000000200000018000480140001800b"], 0x54}}, 0x40880)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0xf, 0x9, '\x00', 0x5})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.84819061s ago: executing program 2 (id=927):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, &(0x7f0000000300))
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
openat$rtc(0xffffffffffffff9c, &(0x7f0000001600), 0xa0900, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xb, &(0x7f0000000580)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2000}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.708481063s ago: executing program 4 (id=928):
r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080), 0x0, 0xfffffffffffffffb)
pipe2$watch_queue(0x0, 0x80)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
keyctl$revoke(0x3, r2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @empty}, 0x2, 0x2000}}, 0x2e)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
connect$inet6(r5, &(0x7f0000000380)={0xa, 0x4e31, 0x4, @empty, 0x3}, 0x1c)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bind$tipc(r7, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000240)={0x80042, 0xfffffffd, 0x2}, 0x10)
close(r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r6, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x34}}, 0x0)
r9 = pidfd_getfd(0xffffffffffffffff, r4, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x18, &(0x7f0000000280)=0x3, 0x4)

3.572998612s ago: executing program 3 (id=929):
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendto$inet6(r0, &(0x7f0000001640)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xffffffffffffff18, 0x840, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xd}, 0x0, &(0x7f00000002c0)={0x3fc, 0x0, 0x100000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.518755714s ago: executing program 2 (id=930):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = fsopen(0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x601, &(0x7f0000000340)={&(0x7f0000000400)={0x38, 0x0, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback={0xff00000000000000}}, @FOU_ATTR_IFINDEX={0x8}]}, 0x38}}, 0x0)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',posixacl'])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c002b8008000800", @ANYRES32, @ANYBLOB="080003001900000008000100", @ANYRES32, @ANYBLOB="08001b00"], 0x44}}, 0x0)

1.624482068s ago: executing program 3 (id=931):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="7af1a0162024000000", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800050003000000"], 0x24}}, 0x0) (async, rerun: 32)
r3 = socket(0x40000000015, 0x5, 0x0) (rerun: 32)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) (async)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="041498f8c8003122784634d73fc02777c6b8bdf15ee640453352751ea20c2dca2aeaaf6c80a2b7341cadd557b016b18e756a038a6b681e6fe53090fa3d86117a64be137743aad0a2e0b45f43c5d6baaa41e2373c5150bca930218a0c750dd54329e7646c7d31258c5f17fac5b7cef555"], 0x9) (async, rerun: 32)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) (rerun: 32)
r4 = syz_open_procfs(0x0, &(0x7f0000001200)='attr\x00')
getdents64(r4, 0x0, 0x0) (async)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)) (async, rerun: 64)
r5 = socket$igmp(0x2, 0x3, 0x2) (async, rerun: 64)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES32=r5], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xec9223f0ec860c78, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10) (async)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000032680)=""/102392, 0x18ff8) (async)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, &(0x7f0000000040), 0x0) (async)
epoll_create(0x207ffd) (async)
r9 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r10 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r10, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0) (async)
ioctl$LOOP_CHANGE_FD(r9, 0x4c00, r10) (async)
sendfile(r9, r9, 0x0, 0x24002de8)

1.429884999s ago: executing program 2 (id=932):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$igmp(0x2, 0x3, 0x2)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bond_slave_1\x00', <r5=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000004c0)={r5, 0x1, 0x6, @local}, 0x10)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r6, 0x0, 0x40c0)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x0, 0x4, 0x8, 0x29, @vifc_lcl_ifindex, @rand_addr=0x64010100}, 0x10)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f00000008c0)=0x8, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000500)={0x800082, 0x810000, 0x40dd1, 0x0, 0xfc, 0x55b})
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
r12 = dup(r11)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYBLOB=',00000000000010,k\x00\x00\x00\x00\x00\x00\x00\x00\x00'])

1.359263904s ago: executing program 1 (id=933):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB='mpol=interleave,mpol=l'])
r0 = socket$nl_generic(0x10, 0x3, 0x10)
rseq(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
unshare(0x2040400)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r4}, 0x18)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1.220494888s ago: executing program 0 (id=934):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x400, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x800c42, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80882)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x200, 0x2})
fcntl$lock(r0, 0x26, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmstat\x00', 0x0, 0x0)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)

1.21512039s ago: executing program 3 (id=935):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = fsopen(0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x601, &(0x7f0000000340)={&(0x7f0000000400)={0x38, 0x0, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback={0xff00000000000000}}, @FOU_ATTR_IFINDEX={0x8}]}, 0x38}}, 0x0)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',posixacl'])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x0, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c002b8008000800", @ANYRES32, @ANYBLOB="080003001900000008000100", @ANYRES32, @ANYBLOB="08001b00"], 0x44}}, 0x0)
dup(0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e04070620"], 0x7)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14df25b12b32d800"/20], 0x14}}, 0x0)

1.165098547s ago: executing program 1 (id=936):
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000002800018014000400001fff00000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000840)
sendmmsg$inet(r1, &(0x7f0000002000)=[{{&(0x7f0000000300)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000240)=[{0x0}], 0x1}}], 0x1, 0x2400c040)
close_range(r0, 0xffffffffffffffff, 0x0)

1.028202587s ago: executing program 0 (id=937):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x4ba5, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x0, 0x2}, 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_create(0x7, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x10000000000, 0x0, 0x6}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)

909.846226ms ago: executing program 1 (id=938):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000a40), 0x800, 0x0)
ioctl$IOMMU_IOAS_COPY$syz(r1, 0x3b83, &(0x7f0000000b00)={0x28, 0x10002, 0x0, 0x0, 0x1d2662, 0x0, 0x5, 0x1548f})
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x80)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4)
connect$inet(r4, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r4, &(0x7f0000001cc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000240)="bd91b5", 0x3}, {&(0x7f00000005c0)="ff28763204505d659ca22487561f3114c6606cd3d45ae1f51cf773c0326d2251498ab7457316674641c51890", 0x2c}, {&(0x7f0000000580)="d69c", 0x2}, {&(0x7f0000000640)="69d59b", 0x3}, {&(0x7f0000000280)="326d653b24e14aef6da3ec", 0xb}], 0x5}}], 0x2, 0x400c1)
recvmmsg(r4, &(0x7f00000098c0)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000015c0)=""/32, 0x20}, {0x0, 0x3c}], 0x2}, 0x80}], 0x1, 0x10002, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r5, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r0, &(0x7f0000000c40)={0x2000000b})
read$smackfs_ptrace(r0, &(0x7f0000000000), 0x14)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

0s ago: executing program 4 (id=939):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="05030200000000240012800b00010067656e6576dbfe34dbc029cf05004e210000050008000100000082a13d00d0993e537aae3db61c9de5c00ea7a870c21862427431171f413f2ff6a4c964c5df3d8636c93f7b29ef04d80a7812b5e2482f2543455c83ce75979c32379af5035770a94f5deeb4d0cdad8ca3e57f6fdd4f90536d9941be7a15b4078807e74601d6cc0d60c496b19e79917627784a287912468118073b432066a1a92cd3238214000000"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
eventfd2(0x12, 0x80801)

kernel console output (not intermixed with test programs):

) entered blocking state
[   87.183889][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.210258][ T4524] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.217540][ T4524] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.250543][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.298903][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   87.412688][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.420357][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.476976][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   87.516556][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.523773][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.563857][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.571160][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.608075][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.615269][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.744534][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.894441][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.990945][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   88.061372][ T5838] veth0_vlan: entered promiscuous mode
[   88.084045][ T5838] veth1_vlan: entered promiscuous mode
[   88.156445][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.287504][ T5838] veth0_macvtap: entered promiscuous mode
[   88.319434][ T5828] veth0_vlan: entered promiscuous mode
[   88.333854][ T5838] veth1_macvtap: entered promiscuous mode
[   88.379615][ T5828] veth1_vlan: entered promiscuous mode
[   88.413386][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.421063][ T5837] Bluetooth: hci2: command tx timeout
[   88.421094][ T5843] Bluetooth: hci0: command tx timeout
[   88.426735][ T5837] Bluetooth: hci3: command tx timeout
[   88.475213][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.494470][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.507656][ T5837] Bluetooth: hci1: command tx timeout
[   88.507665][ T5843] Bluetooth: hci4: command tx timeout
[   88.559999][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.570353][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.580821][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.590786][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.698648][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.750326][ T5831] veth0_vlan: entered promiscuous mode
[   88.801574][ T5831] veth1_vlan: entered promiscuous mode
[   88.858938][  T998] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.870026][  T998] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.882587][ T5828] veth0_macvtap: entered promiscuous mode
[   88.931055][ T5829] veth0_vlan: entered promiscuous mode
[   88.943550][ T5828] veth1_macvtap: entered promiscuous mode
[   88.959745][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.969987][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.977838][ T5829] veth1_vlan: entered promiscuous mode
[   89.011531][ T5827] veth0_vlan: entered promiscuous mode
[   89.081536][ T5827] veth1_vlan: entered promiscuous mode
[   89.101671][ T5831] veth0_macvtap: entered promiscuous mode
[   89.127286][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.143085][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.155614][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.167652][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.178521][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.194926][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.196622][ T5838] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   89.213727][ T5829] veth0_macvtap: entered promiscuous mode
[   89.229756][ T5831] veth1_macvtap: entered promiscuous mode
[   89.256367][ T5829] veth1_macvtap: entered promiscuous mode
[   89.277552][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.291273][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.301044][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.314555][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.401528][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.413383][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.427559][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.438847][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.451184][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.462783][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.473567][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.484868][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.496327][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.523462][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.592792][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.617941][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.633026][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.645518][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.658459][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.669198][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.681935][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.701604][ T5827] veth0_macvtap: entered promiscuous mode
[   89.709935][ T5829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.719570][ T5829] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.728898][ T5829] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.750657][ T5829] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.790798][ T5827] veth1_macvtap: entered promiscuous mode
[   89.868544][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.883006][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.901267][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.913205][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.937833][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.952328][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.970370][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.006817][  T998] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.019190][  T998] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.036560][ T5925] syz.2.10 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   90.069734][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.086801][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.096334][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.105318][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.135234][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.158251][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.169101][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.181527][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.191519][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.202097][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.212562][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.223642][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.232887][ T5928] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.235479][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.308127][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.325808][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.361835][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.373777][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.383863][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.394680][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.404532][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.415010][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.427826][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.483819][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.485292][ T5827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.501735][ T5837] Bluetooth: hci0: command tx timeout
[   90.507314][ T5837] Bluetooth: hci2: command tx timeout
[   90.512703][ T5837] Bluetooth: hci3: command tx timeout
[   90.528455][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.536705][ T5827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.550656][ T5930] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12'.
[   90.562344][ T5827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.572912][ T5827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.576098][ T5843] Bluetooth: hci4: command tx timeout
[   90.582154][ T5837] Bluetooth: hci1: command tx timeout
[   90.628965][ T5930] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12'.
[   90.769059][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.778358][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.001987][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.011293][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.021962][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.042809][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.151181][ T4524] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.164440][ T4524] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.260419][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.288416][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.348565][ T5884] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   91.374000][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   91.403292][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.489203][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.644747][ T5942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14'.
[   91.886213][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   91.982567][ T5884] usb 3-1: config 5 has an invalid interface number: 123 but max is 0
[   91.996002][ T5884] usb 3-1: config 5 has no interface number 0
[   92.003242][ T5884] usb 3-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[   92.045739][ T5884] usb 3-1: config 5 interface 123 has no altsetting 0
[   92.074463][ T5884] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[   92.115778][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.157344][ T5884] usb 3-1: Product: syz
[   92.161593][ T5884] usb 3-1: Manufacturer: syz
[   92.202558][ T5884] usb 3-1: SerialNumber: syz
[   92.211535][  T978] cfg80211: failed to load regulatory.db
[   92.481362][   T30] audit: type=1326 audit(1743950412.135:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5951 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[   92.548074][ T5884] ni6501 3-1:5.123: driver 'ni6501' failed to auto-configure device.
[   92.587389][   T30] audit: type=1326 audit(1743950412.135:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5951 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[   92.666103][ T5884] usb 3-1: USB disconnect, device number 2
[   92.716969][   T30] audit: type=1326 audit(1743950412.185:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5951 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[   92.819874][   T30] audit: type=1326 audit(1743950412.185:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5951 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[   92.911045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   92.967670][   T30] audit: type=1326 audit(1743950412.185:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5951 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[   92.990816][   T30] audit: type=1326 audit(1743950412.185:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5951 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[   93.014580][   T30] audit: type=1326 audit(1743950412.205:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5953 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[   93.272364][   T30] audit: type=1326 audit(1743950412.205:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5953 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[   93.300628][   T30] audit: type=1326 audit(1743950412.225:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5953 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[   93.370794][   T30] audit: type=1326 audit(1743950412.225:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5953 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[   93.399088][ T5971] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   93.463878][ T5972] mmap: syz.4.18 (5972) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   94.576420][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   94.986898][ T5992] netlink: 16 bytes leftover after parsing attributes in process `syz.0.26'.
[   95.265701][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   95.296355][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   95.376144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   95.616061][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   95.617527][    T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!!
[   95.674667][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   96.795573][   T59] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   97.679886][   T59] usb 4-1: config 5 has an invalid interface number: 123 but max is 0
[   97.705881][   T59] usb 4-1: config 5 has no interface number 0
[   97.713389][   T59] usb 4-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[   97.739711][   T59] usb 4-1: config 5 interface 123 has no altsetting 0
[   97.757086][   T59] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[   97.815013][   T59] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.850078][   T59] usb 4-1: Product: syz
[   97.854321][   T59] usb 4-1: Manufacturer: syz
[   97.880830][   T59] usb 4-1: SerialNumber: syz
[   98.427150][   T59] ni6501 4-1:5.123: driver 'ni6501' failed to auto-configure device.
[   98.474169][   T59] usb 4-1: USB disconnect, device number 2
[  102.200368][ T6076] Zero length message leads to an empty skb
[  105.447857][ T6119] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  108.613677][ T6145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.64'.
[  108.623485][ T6145] netlink: 24 bytes leftover after parsing attributes in process `syz.2.64'.
[  109.186134][ T6149] netlink: 16 bytes leftover after parsing attributes in process `syz.4.65'.
[  109.596398][ T6156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.67'.
[  110.476608][ T6160] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  111.264030][ T6157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.66'.
[  111.446130][ T6157] netlink: 24 bytes leftover after parsing attributes in process `syz.1.66'.
[  112.134531][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  112.134551][   T30] audit: type=1326 audit(1743950431.805:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  112.242561][   T30] audit: type=1326 audit(1743950431.805:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  112.306414][   T30] audit: type=1326 audit(1743950431.845:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  112.374796][   T30] audit: type=1326 audit(1743950431.845:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  112.484500][   T30] audit: type=1326 audit(1743950431.845:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  113.430644][   T30] audit: type=1326 audit(1743950431.845:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  113.453122][   T30] audit: type=1326 audit(1743950431.845:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  113.482663][   T30] audit: type=1326 audit(1743950431.845:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  113.605716][   T30] audit: type=1326 audit(1743950431.855:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  113.653719][   T30] audit: type=1326 audit(1743950431.855:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  116.621248][ T6222] netlink: 16 bytes leftover after parsing attributes in process `syz.0.82'.
[  117.283275][ T6228] bpf: Bad value for 'smackfsdef'
[  117.770192][ T6232] tmpfs: Bad value for 'mpol'
[  120.940153][ T6265] netlink: 16 bytes leftover after parsing attributes in process `syz.0.96'.
[  122.234140][ T6282] tmpfs: Bad value for 'mpol'
[  128.019015][ T6319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.108'.
[  128.400204][ T6319] netlink: 24 bytes leftover after parsing attributes in process `syz.3.108'.
[  128.649846][ T5837] Bluetooth: hci4: link tx timeout
[  128.667086][ T5837] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  128.689352][ T5837] Bluetooth: hci4: link tx timeout
[  128.694645][ T5837] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  129.147487][ T6329] netlink: 16 bytes leftover after parsing attributes in process `syz.1.111'.
[  130.737332][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  133.154583][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  133.162683][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.860984][ T6367] Bluetooth: MGMT ver 1.23
[  134.736938][ T6386] netlink: 16 bytes leftover after parsing attributes in process `syz.4.129'.
[  139.727084][ T6412] netlink: 616 bytes leftover after parsing attributes in process `syz.2.136'.
[  140.213960][ T6417] netlink: 'syz.3.137': attribute type 17 has an invalid length.
[  141.980515][ T6450] hub 6-0:1.0: USB hub found
[  141.991388][ T6450] hub 6-0:1.0: 1 port detected
[  144.404092][ T5883] IPVS: starting estimator thread 0...
[  144.509303][ T6471] IPVS: using max 28 ests per chain, 67200 per kthread
[  145.939489][ T5883] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  146.125726][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  146.140287][ T5883] usb 1-1: config 1 interface 0 altsetting 50 bulk endpoint 0x82 has invalid maxpacket 32
[  146.199164][ T5883] usb 1-1: config 1 interface 0 altsetting 50 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  146.310554][ T5883] usb 1-1: config 1 interface 0 has no altsetting 0
[  146.698606][ T5883] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  146.724656][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.741691][ T5883] usb 1-1: Product: 솃觢
[  146.749803][ T5883] usb 1-1: Manufacturer: 䀊
[  146.806023][ T5883] usb 1-1: SerialNumber: syz
[  146.835859][ T6479] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  147.112430][ T6500] bpf: Bad value for 'smackfsdef'
[  147.141450][ T6476] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  147.154605][ T5883] usb 1-1: bad CDC descriptors
[  147.188222][ T5883] usb 1-1: USB disconnect, device number 2
[  148.753244][ T6510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.163'.
[  149.441311][ T6516] bpf: Bad value for 'smackfsdef'
[  153.019946][ T6546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.172'.
[  162.155797][ T5883] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  162.474560][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  162.501947][ T5883] usb 1-1: config 1 interface 0 altsetting 50 bulk endpoint 0x82 has invalid maxpacket 32
[  162.532952][ T5883] usb 1-1: config 1 interface 0 altsetting 50 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  162.573180][ T5883] usb 1-1: config 1 interface 0 has no altsetting 0
[  162.598830][   T36] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  162.613719][ T5883] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  163.054740][ T6632] bpf: Bad value for 'smackfsdef'
[  163.259172][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.305730][ T5883] usb 1-1: Product: 솃觢
[  163.320245][ T5883] usb 1-1: Manufacturer: 䀊
[  163.332246][ T5883] usb 1-1: SerialNumber: syz
[  163.341944][ T5883] usb 1-1: can't set config #1, error -71
[  164.137786][ T5883] usb 1-1: USB disconnect, device number 3
[  164.500124][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  164.500144][   T30] audit: type=1326 audit(1743950484.175:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  164.558297][   T30] audit: type=1326 audit(1743950484.175:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  164.593931][   T30] audit: type=1326 audit(1743950484.175:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  164.801520][ T6654] netlink: 4 bytes leftover after parsing attributes in process `syz.4.197'.
[  164.808915][   T30] audit: type=1326 audit(1743950484.175:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  164.832475][   T30] audit: type=1326 audit(1743950484.175:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  164.854372][   T30] audit: type=1326 audit(1743950484.175:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  164.929722][   T30] audit: type=1326 audit(1743950484.175:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  165.361553][   T30] audit: type=1326 audit(1743950484.175:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  165.428709][   T30] audit: type=1326 audit(1743950484.175:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  165.495872][   T30] audit: type=1326 audit(1743950484.175:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  168.523956][ T6683] netlink: 8 bytes leftover after parsing attributes in process `syz.3.212'.
[  169.237020][ T6690] netlink: 12 bytes leftover after parsing attributes in process `syz.1.214'.
[  175.075174][ T6735] tmpfs: Bad value for 'mpol'
[  175.561495][ T6741] FAULT_INJECTION: forcing a failure.
[  175.561495][ T6741] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  175.575055][ T6741] CPU: 1 UID: 0 PID: 6741 Comm: syz.3.230 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  175.575081][ T6741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  175.575091][ T6741] Call Trace:
[  175.575099][ T6741]  <TASK>
[  175.575107][ T6741]  dump_stack_lvl+0x241/0x360
[  175.575142][ T6741]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.575168][ T6741]  ? __pfx__printk+0x10/0x10
[  175.575201][ T6741]  ? lock_release+0x244/0x3e0
[  175.575224][ T6741]  should_fail_ex+0x424/0x570
[  175.575249][ T6741]  _copy_from_user+0x2d/0xb0
[  175.575277][ T6741]  kstrtouint_from_user+0xce/0x1a0
[  175.575303][ T6741]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  175.575330][ T6741]  ? __lock_acquire+0xad5/0xd80
[  175.575360][ T6741]  proc_fail_nth_write+0xac/0x2d0
[  175.575384][ T6741]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  175.575409][ T6741]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  175.575441][ T6741]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  175.575466][ T6741]  vfs_write+0x2bc/0xd10
[  175.575506][ T6741]  ? fdget_pos+0x247/0x310
[  175.575532][ T6741]  ? __pfx_vfs_write+0x10/0x10
[  175.575561][ T6741]  ? __fget_files+0x2a/0x420
[  175.575590][ T6741]  ? __fget_files+0x39d/0x420
[  175.575608][ T6741]  ? __fget_files+0x2a/0x420
[  175.575640][ T6741]  ksys_write+0x19d/0x2d0
[  175.575668][ T6741]  ? __pfx_ksys_write+0x10/0x10
[  175.575700][ T6741]  ? do_syscall_64+0xb6/0x230
[  175.575727][ T6741]  do_syscall_64+0xf3/0x230
[  175.575749][ T6741]  ? clear_bhb_loop+0x45/0xa0
[  175.575772][ T6741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.575790][ T6741] RIP: 0033:0x7fa77338bc1f
[  175.575808][ T6741] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  175.575822][ T6741] RSP: 002b:00007fa77410b030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  175.575843][ T6741] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa77338bc1f
[  175.575857][ T6741] RDX: 0000000000000001 RSI: 00007fa77410b0a0 RDI: 000000000000000c
[  175.575868][ T6741] RBP: 00007fa77410b090 R08: 0000000000000000 R09: 0000000000000000
[  175.575879][ T6741] R10: 0000000000000015 R11: 0000000000000293 R12: 0000000000000001
[  175.575890][ T6741] R13: 0000000000000000 R14: 00007fa7735a6160 R15: 00007ffc3e767208
[  175.575922][ T6741]  </TASK>
[  176.918536][ T6755] tipc: Started in network mode
[  176.923683][ T6755] tipc: Node identity 7, cluster identity 4711
[  176.930102][ T6755] tipc: Node number set to 7
[  176.935490][ T6755] tipc: Cannot configure node identity twice
[  178.955780][ T5887] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  179.149639][ T5887] usb 1-1: not running at top speed; connect to a high speed hub
[  179.187086][ T5887] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  179.244693][ T5887] usb 1-1: New USB device found, idVendor=0b05, idProduct=1822, bcdDevice= 0.40
[  179.272915][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.274514][ T5887] usb 1-1: Product: syz
[  180.278953][ T5887] usb 1-1: SerialNumber: syz
[  180.565336][ T6774] tmpfs: Bad value for 'mpol'
[  180.614675][ T5887] usb 1-1: can't set config #1, error -71
[  180.623087][ T5887] usb 1-1: USB disconnect, device number 4
[  182.284983][ T6797] netlink: 16 bytes leftover after parsing attributes in process `syz.2.250'.
[  182.535286][ T6796] 9pnet_fd: Insufficient options for proto=fd
[  183.142594][ T6806] fuse: Bad value for 'fd'
[  183.179371][ T6806] netlink: 16 bytes leftover after parsing attributes in process `syz.4.251'.
[  183.497006][ T6815] nvme_fabrics: unknown parameter or missing value '+' in ctrl creation request
[  183.686636][ T6820] nvme_fabrics: unknown parameter or missing value '̧Ҽ�Yz\-f��M^Yn�jy*����u˽�V���F��#' in ctrl creation request
[  183.714414][ T6815] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[  188.105713][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  188.105733][   T30] audit: type=1326 audit(1743950507.625:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.133140][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.192430][   T30] audit: type=1326 audit(1743950507.805:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.213935][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.232168][   T30] audit: type=1326 audit(1743950507.825:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.265480][   T30] audit: type=1326 audit(1743950507.825:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.300105][ T6860] fuse: Bad value for 'fd'
[  188.306539][ T6860] netlink: 16 bytes leftover after parsing attributes in process `syz.1.269'.
[  188.341998][   T30] audit: type=1326 audit(1743950507.825:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.363730][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.400848][   T30] audit: type=1326 audit(1743950507.825:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.441761][   T30] audit: type=1326 audit(1743950507.825:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.463601][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.481080][   T30] audit: type=1326 audit(1743950507.825:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.503893][   T30] audit: type=1326 audit(1743950507.825:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.609614][   T30] audit: type=1326 audit(1743950507.825:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.4.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  188.631174][    C1] vkms_vblank_simulate: vblank timer overrun
[  189.410305][ T6871] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  191.647726][ T6898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.282'.
[  192.156721][ T6901] fuse: Bad value for 'fd'
[  192.187480][ T6901] netlink: 16 bytes leftover after parsing attributes in process `syz.1.283'.
[  193.332585][ T6907] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  194.583204][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.605800][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  197.238097][ T6943] tmpfs: Bad value for 'mpol'
[  198.221096][ T6948] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  202.146375][ T5882] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  202.173021][ T5843] Bluetooth: hci4: link tx timeout
[  202.179202][ T5843] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.207303][ T5837] Bluetooth: hci4: link tx timeout
[  202.212997][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.221370][ T5837] Bluetooth: hci4: link tx timeout
[  202.226660][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.238388][ T5837] Bluetooth: hci4: link tx timeout
[  202.243638][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.251955][ T5837] Bluetooth: hci4: link tx timeout
[  202.257372][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.266259][ T5837] Bluetooth: hci4: link tx timeout
[  202.271515][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.285179][ T5837] Bluetooth: hci4: link tx timeout
[  202.290726][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.317350][ T5837] Bluetooth: hci4: link tx timeout
[  202.322861][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.331540][ T5837] Bluetooth: hci4: link tx timeout
[  202.336973][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.356230][ T5837] Bluetooth: hci4: link tx timeout
[  202.361497][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.373933][ T5837] Bluetooth: hci4: link tx timeout
[  202.381944][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.390321][ T5837] Bluetooth: hci4: link tx timeout
[  202.395572][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.413233][ T5837] Bluetooth: hci4: link tx timeout
[  202.418563][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.437709][ T5837] Bluetooth: hci4: link tx timeout
[  202.442968][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.472256][ T5837] Bluetooth: hci4: link tx timeout
[  202.477576][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.508285][ T5837] Bluetooth: hci4: link tx timeout
[  202.515808][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.523647][ T5837] Bluetooth: hci4: link tx timeout
[  202.529197][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.567649][ T5837] Bluetooth: hci4: link tx timeout
[  202.572932][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.594868][ T5837] Bluetooth: hci4: link tx timeout
[  202.600207][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.631886][ T5837] Bluetooth: hci4: link tx timeout
[  202.637346][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.666296][ T5837] Bluetooth: hci4: link tx timeout
[  202.671727][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.703066][ T5837] Bluetooth: hci4: link tx timeout
[  202.708377][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.759917][ T5837] Bluetooth: hci4: link tx timeout
[  202.765201][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.797894][ T5837] Bluetooth: hci4: link tx timeout
[  202.803192][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.832785][ T5837] Bluetooth: hci4: link tx timeout
[  202.838123][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.868960][ T5837] Bluetooth: hci4: link tx timeout
[  202.874229][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.895769][ T5837] Bluetooth: hci4: link tx timeout
[  202.900972][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.939327][ T5837] Bluetooth: hci4: link tx timeout
[  202.944511][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.952595][ T5837] Bluetooth: hci4: link tx timeout
[  202.957841][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.981938][ T5837] Bluetooth: hci4: link tx timeout
[  202.987347][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  202.999303][ T5837] Bluetooth: hci4: link tx timeout
[  203.004468][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.015815][ T5837] Bluetooth: hci4: link tx timeout
[  203.020988][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.029504][ T5837] Bluetooth: hci4: link tx timeout
[  203.034643][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.042934][ T6989] tmpfs: Bad value for 'mpol'
[  203.047881][ T5837] Bluetooth: hci4: link tx timeout
[  203.053084][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.091857][ T5837] Bluetooth: hci4: link tx timeout
[  203.098472][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.107886][ T6979] bpf: Bad value for 'smackfsdef'
[  203.113131][ T5837] Bluetooth: hci4: link tx timeout
[  203.118371][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.141827][ T5837] Bluetooth: hci4: link tx timeout
[  203.147217][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.159984][ T5837] Bluetooth: hci4: link tx timeout
[  203.165221][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.202473][ T5837] Bluetooth: hci4: link tx timeout
[  203.207972][ T5837] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  203.328285][ T6992] netlink: 16 bytes leftover after parsing attributes in process `syz.1.298'.
[  204.319661][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  206.520574][ T7032] tmpfs: Bad value for 'mpol'
[  206.929743][ T5833] Bluetooth: hci0: command 0x0406 tx timeout
[  206.936729][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  206.943476][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  206.950535][ T5843] Bluetooth: hci3: command 0x0406 tx timeout
[  210.430837][ T7072] tmpfs: Bad value for 'mpol'
[  212.322812][ T7095] vivid-000: kernel_thread() failed
[  212.393585][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  212.393606][   T30] audit: type=1326 audit(1743950532.065:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  212.545717][   T30] audit: type=1326 audit(1743950532.115:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  212.629456][   T30] audit: type=1326 audit(1743950532.115:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  212.816030][   T30] audit: type=1326 audit(1743950532.115:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  213.625244][   T30] audit: type=1326 audit(1743950532.135:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  213.682524][   T30] audit: type=1326 audit(1743950532.135:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  213.774598][   T30] audit: type=1326 audit(1743950532.135:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  213.933227][   T30] audit: type=1326 audit(1743950532.135:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  213.958269][   T30] audit: type=1326 audit(1743950532.135:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  213.993821][   T30] audit: type=1326 audit(1743950532.135:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7089 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ef8d169 code=0x7ffc0000
[  214.861254][ T7127] netlink: 16 bytes leftover after parsing attributes in process `syz.4.347'.
[  215.355814][ T5835] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  215.519167][ T5835] usb 1-1: config 5 has an invalid interface number: 123 but max is 0
[  215.543543][ T5835] usb 1-1: config 5 has no interface number 0
[  216.362299][ T5835] usb 1-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  216.374939][ T5835] usb 1-1: config 5 interface 123 has no altsetting 0
[  216.387957][ T5835] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  216.414439][ T5835] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.431950][ T5835] usb 1-1: Product: syz
[  216.436689][ T5835] usb 1-1: Manufacturer: syz
[  216.457782][ T5835] usb 1-1: SerialNumber: syz
[  216.753645][ T5835] ni6501 1-1:5.123: driver 'ni6501' failed to auto-configure device.
[  216.792468][ T5835] usb 1-1: USB disconnect, device number 5
[  218.815956][ T7178] capability: warning: `syz.2.362' uses 32-bit capabilities (legacy support in use)
[  221.706027][ T2011] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  221.819410][ T7203] 9pnet: p9_errstr2errno: server reported unknown error ��
[  222.835888][ T2011] usb 2-1: Using ep0 maxpacket: 16
[  222.918641][ T7210] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  222.933058][ T7210] xt_NFQUEUE: number of total queues is 0
[  223.283404][ T2011] usb 2-1: config 64 has an invalid interface number: 219 but max is 1
[  223.292302][ T2011] usb 2-1: config 64 has an invalid interface number: 145 but max is 1
[  223.305662][ T2011] usb 2-1: config 64 has no interface number 0
[  223.311924][ T2011] usb 2-1: config 64 has no interface number 1
[  223.325730][ T2011] usb 2-1: config 64 interface 145 has no altsetting 0
[  223.339689][ T2011] usb 2-1: New USB device found, idVendor=185b, idProduct=1e78, bcdDevice=33.a9
[  223.473412][ T2011] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.481594][ T2011] usb 2-1: Product: syz
[  223.486560][ T2011] usb 2-1: Manufacturer: syz
[  223.491220][ T2011] usb 2-1: SerialNumber: syz
[  223.768977][ T2011] dvb-usb: found a 'Compro Videomate U500' in cold state, will try to load a firmware
[  224.561530][ T2011] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  224.625723][ T2011] dib0700: firmware download failed at 7 with -22
[  225.386830][ T2011] hub 2-1:64.145: Invalid hub with more than one config or interface
[  225.883962][ T7238] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  225.896188][ T7238] xt_NFQUEUE: number of total queues is 0
[  226.163492][ T2011] hub 2-1:64.145: probe with driver hub failed with error -22
[  226.231553][ T2011] dvb-usb: found a 'Compro Videomate U500' in cold state, will try to load a firmware
[  226.282809][ T2011] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  226.345509][ T2011] dib0700: firmware download failed at 7 with -22
[  226.401011][ T2011] usb 2-1: USB disconnect, device number 3
[  226.687303][ T7244] Cannot find del_set index 4 as target
[  227.416408][ T5142] Bluetooth: hci1: unexpected event for opcode 0x2006
[  227.915732][ T5882] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  229.000611][ T5882] usb 3-1: config 5 has an invalid interface number: 123 but max is 0
[  229.009266][ T5882] usb 3-1: config 5 has no interface number 0
[  229.015421][ T5882] usb 3-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  229.026540][ T5882] usb 3-1: config 5 interface 123 has no altsetting 0
[  229.876801][ T5882] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  229.885997][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.894023][ T5882] usb 3-1: Product: syz
[  229.898278][ T5882] usb 3-1: Manufacturer: syz
[  229.902902][ T5882] usb 3-1: SerialNumber: syz
[  231.919615][ T5882] ni6501 3-1:5.123: driver 'ni6501' failed to auto-configure device.
[  232.026396][ T5882] usb 3-1: USB disconnect, device number 3
[  232.135784][ T5950] udevd[5950]: setting mode of /dev/bus/usb/003/003 to 020664 failed: No such file or directory
[  232.189757][ T5950] udevd[5950]: setting owner of /dev/bus/usb/003/003 to uid=0, gid=0 failed: No such file or directory
[  232.307998][ T7289] bridge1: the hash_elasticity option has been deprecated and is always 16
[  232.395750][ T5910] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  232.413910][ T7289] bridge1: entered promiscuous mode
[  232.516485][ T7289] mmap: syz.0.393 (7289): VmData 25989120 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  232.595828][ T5910] usb 2-1: Using ep0 maxpacket: 8
[  232.632430][ T5910] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  232.665894][ T5910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.698064][ T5910] usb 2-1: Product: syz
[  232.712998][ T5910] usb 2-1: Manufacturer: syz
[  232.729609][ T5910] usb 2-1: SerialNumber: syz
[  232.752261][ T5910] usb 2-1: config 0 descriptor??
[  233.043862][ T5910] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  233.306598][ T7301] FAULT_INJECTION: forcing a failure.
[  233.306598][ T7301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.345930][ T7301] CPU: 0 UID: 0 PID: 7301 Comm: syz.4.396 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  233.345961][ T7301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  233.345971][ T7301] Call Trace:
[  233.345979][ T7301]  <TASK>
[  233.345987][ T7301]  dump_stack_lvl+0x241/0x360
[  233.346031][ T7301]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.346057][ T7301]  ? __pfx__printk+0x10/0x10
[  233.346094][ T7301]  should_fail_ex+0x424/0x570
[  233.346119][ T7301]  strncpy_from_user+0x36/0x280
[  233.346143][ T7301]  getname_flags+0xf0/0x530
[  233.346171][ T7301]  user_path_at+0x24/0x60
[  233.346197][ T7301]  __se_sys_mount+0x348/0x400
[  233.346227][ T7301]  ? __pfx___se_sys_mount+0x10/0x10
[  233.346255][ T7301]  ? __x64_sys_mount+0x20/0xc0
[  233.346278][ T7301]  do_syscall_64+0xf3/0x230
[  233.346303][ T7301]  ? clear_bhb_loop+0x45/0xa0
[  233.346326][ T7301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.346345][ T7301] RIP: 0033:0x7fef3558d169
[  233.346364][ T7301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.346379][ T7301] RSP: 002b:00007fef363fe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  233.346401][ T7301] RAX: ffffffffffffffda RBX: 00007fef357a5fa0 RCX: 00007fef3558d169
[  233.346414][ T7301] RDX: 0000200000000440 RSI: 0000200000000400 RDI: 00002000000002c0
[  233.346427][ T7301] RBP: 00007fef363fe090 R08: 0000200000000480 R09: 0000000000000000
[  233.346441][ T7301] R10: 0000000001000401 R11: 0000000000000246 R12: 0000000000000001
[  233.346454][ T7301] R13: 0000000000000000 R14: 00007fef357a5fa0 R15: 00007ffc60638fa8
[  233.346486][ T7301]  </TASK>
[  233.855746][ T5910] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  233.960919][ T5910] usb 2-1: USB disconnect, device number 4
[  234.613787][ T7308] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  239.125014][ T7347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.408'.
[  240.356504][ T7352] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  240.907460][ T7360] vlan2: entered promiscuous mode
[  240.936681][ T7360] vlan2: entered allmulticast mode
[  240.941893][ T7360] hsr_slave_1: entered allmulticast mode
[  241.024864][ T7360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.413'.
[  242.558285][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  242.558309][   T30] audit: type=1326 audit(1743950562.225:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  242.674282][   T30] audit: type=1326 audit(1743950562.225:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  242.755505][   T30] audit: type=1326 audit(1743950562.225:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  242.816271][   T30] audit: type=1326 audit(1743950562.225:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  242.881071][   T30] audit: type=1326 audit(1743950562.225:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  243.078573][   T30] audit: type=1326 audit(1743950562.225:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  243.101234][   T30] audit: type=1326 audit(1743950562.225:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  244.152623][ T5910] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  244.536961][   T30] audit: type=1326 audit(1743950562.285:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa773384127 code=0x7ffc0000
[  244.895323][   T30] audit: type=1326 audit(1743950562.285:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa773329359 code=0x7ffc0000
[  244.968639][ T5910] usb 1-1: unable to get BOS descriptor or descriptor too short
[  244.983236][   T30] audit: type=1326 audit(1743950562.285:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7375 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  245.174503][ T5910] usb 1-1: config 7 has an invalid interface number: 64 but max is 0
[  245.228747][ T5910] usb 1-1: config 7 has no interface number 0
[  245.332739][ T5910] usb 1-1: New USB device found, idVendor=0c45, idProduct=628c, bcdDevice=16.4b
[  245.372300][ T7406] zonefs (nullb0) ERROR: Not a zoned block device
[  245.395639][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.435415][ T5910] usb 1-1: Product: syz
[  245.457003][ T5910] usb 1-1: Manufacturer: syz
[  245.477939][ T5910] usb 1-1: SerialNumber: syz
[  246.132351][ T5910] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:628c
[  246.146307][ T5910] gspca_sn9c20x: Write register 1000 failed -71
[  246.158467][ T5910] gspca_sn9c20x: Device initialization failed
[  246.998163][ T5910] gspca_sn9c20x 1-1:7.64: probe with driver gspca_sn9c20x failed with error -71
[  247.068877][ T5910] usb 1-1: USB disconnect, device number 6
[  247.946161][ T5883] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  248.242203][ T5883] usb 3-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  248.396407][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.536540][ T5883] usb 3-1: config 0 descriptor??
[  249.693501][ T5883] creative-sb0540 0003:041E:3100.0001: No inputs registered, leaving
[  249.764871][ T5883] creative-sb0540 0003:041E:3100.0001: hidraw0: USB HID v1.01 Device [HID 041e:3100] on usb-dummy_hcd.2-1/input0
[  250.034447][ T7452] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.052316][ T7452] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.106497][ T7452] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  250.620274][   T24] usb 3-1: USB disconnect, device number 4
[  251.598775][ T7459] vivid-001: kernel_thread() failed
[  252.162953][   T30] kauditd_printk_skb: 51 callbacks suppressed
[  252.339066][   T30] audit: type=1326 audit(1743950571.835:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7462 comm="syz.1.439" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f979ef8d169 code=0x0
[  254.442600][   T30] audit: type=1326 audit(1743950573.945:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7488 comm="syz.1.446" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f979ef8d169 code=0x0
[  256.027300][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  256.034803][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  260.330802][ T7565] 9pnet_fd: Insufficient options for proto=fd
[  260.477822][ T7571] netlink: 'syz.3.467': attribute type 32 has an invalid length.
[  261.356676][ T7582] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  264.231367][ T7601] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  264.243752][ T7601] xt_NFQUEUE: number of total queues is 0
[  265.385966][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.482'.
[  265.853231][ T7625] batman_adv: batadv0: Adding interface: dummy0
[  265.865755][ T7625] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  265.954713][ T7625] batman_adv: batadv0: Interface activated: dummy0
[  266.227069][ T7634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.486'.
[  266.434993][ T7645] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  266.434993][ T7645] The task syz.0.489 (7645) triggered the difference, watch for misbehavior.
[  266.496987][ T7645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.489'.
[  266.510678][ T7645] netlink: 277 bytes leftover after parsing attributes in process `syz.0.489'.
[  266.907600][   T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  267.640725][   T24] usb 2-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  267.680029][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.814357][ T7665] netlink: 8 bytes leftover after parsing attributes in process `syz.0.496'.
[  268.148233][   T24] usb 2-1: config 0 descriptor??
[  268.341756][ T7674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.500'.
[  269.055496][   T24] creative-sb0540 0003:041E:3100.0002: No inputs registered, leaving
[  269.080079][   T24] creative-sb0540 0003:041E:3100.0002: hidraw0: USB HID v1.01 Device [HID 041e:3100] on usb-dummy_hcd.1-1/input0
[  269.735031][ T7686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.753404][ T7686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  270.969952][ T7650] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  270.980492][  T978] usb 2-1: USB disconnect, device number 5
[  271.186260][ T7701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.508'.
[  271.454793][ T7710] tmpfs: Bad value for 'mpol'
[  274.347153][ T7727] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  275.026690][ T7739] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  275.048737][ T7739] PKCS7: Only support pkcs7_signedData type
[  278.687202][ T7778] fuse: Bad value for 'fd'
[  278.717275][ T7778] netlink: 16 bytes leftover after parsing attributes in process `syz.1.529'.
[  279.699607][ T7784] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  281.235807][  T978] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  282.438205][  T978] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  282.459910][  T978] usb 1-1: config 179 has no interface number 0
[  282.484932][  T978] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  282.528002][  T978] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  282.555949][  T978] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 24929, setting to 8
[  282.575730][  T978] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  282.605694][  T978] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  282.645710][  T978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.678943][ T7793] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  282.691970][  T978] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  282.726020][  T978] xpad 1-1:179.65: probe with driver xpad failed with error -5
[  284.081808][ T7817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.533'.
[  285.681323][ T5910] usb 1-1: USB disconnect, device number 7
[  288.561933][ T7854] netlink: 16 bytes leftover after parsing attributes in process `syz.0.550'.
[  289.296691][ T5142] Bluetooth: hci4: unexpected event for opcode 0x2006
[  292.534304][ T5883] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  293.055710][ T5883] usb 3-1: Using ep0 maxpacket: 32
[  293.074475][ T5883] usb 3-1: unable to get BOS descriptor or descriptor too short
[  293.103494][ T5883] usb 3-1: config index 0 descriptor too short (expected 85, got 36)
[  293.139654][ T5883] usb 3-1: config 1 interface 0 altsetting 165 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.192990][ T5883] usb 3-1: config 1 interface 0 has no altsetting 0
[  293.232742][ T5883] usb 3-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.40
[  293.263251][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.338507][ T5883] usb 3-1: Product: syz
[  293.356839][ T5883] usb 3-1: Manufacturer: syz
[  293.945745][ T5883] usb 3-1: SerialNumber: syz
[  294.199006][ T7888] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  294.267598][ T7888] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  294.874724][ T7915] syz.2.559 uses obsolete (PF_INET,SOCK_PACKET)
[  296.584908][ T7927] tmpfs: Bad value for 'mpol'
[  297.991563][ T5883] usbhid 3-1:1.0: can't add hid device: -71
[  298.015859][ T5883] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  298.047664][ T5883] usb 3-1: USB disconnect, device number 5
[  300.344705][ T7963] netlink: 452 bytes leftover after parsing attributes in process `syz.1.573'.
[  300.440023][ T7963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.573'.
[  301.726111][ T7976] tmpfs: Bad value for 'mpol'
[  302.752590][ T7991] =======================================================
[  302.752590][ T7991] WARNING: The mand mount option has been deprecated and
[  302.752590][ T7991]          and is ignored by this kernel. Remove the mand
[  302.752590][ T7991]          option from the mount to silence this warning.
[  302.752590][ T7991] =======================================================
[  302.811759][ T7995] netlink: 104 bytes leftover after parsing attributes in process `syz.4.589'.
[  303.040201][   T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  304.195807][   T24] usb 2-1: Using ep0 maxpacket: 16
[  304.237302][   T24] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  304.292660][   T24] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  304.319134][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  304.330474][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.339056][   T24] usb 2-1: Product: syz
[  304.345980][   T24] usb 2-1: Manufacturer: syz
[  304.350649][   T24] usb 2-1: SerialNumber: syz
[  305.273312][ T8011] overlayfs: failed to resolve './file0/../file0': -2
[  305.555667][ T5142] Bluetooth: hci4: unexpected event for opcode 0x2006
[  305.713296][ T8012] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nbd0": -EINTR
[  305.994717][   T24] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  306.108076][   T24] usb 2-1: USB disconnect, device number 6
[  306.617696][ T5882] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  306.691249][ T5880] udevd[5880]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  306.775778][ T5882] usb 4-1: device descriptor read/64, error -71
[  307.978580][ T5882] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  308.496664][ T8043] tmpfs: Bad value for 'mpol'
[  308.539784][ T8041] program syz.1.599 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  308.631127][ T8047] netlink: 'syz.4.601': attribute type 1 has an invalid length.
[  308.975805][ T5882] usb 4-1: device descriptor read/64, error -71
[  309.086571][ T5882] usb usb4-port1: attempt power cycle
[  309.207944][ T8051] netlink: 24 bytes leftover after parsing attributes in process `syz.2.602'.
[  310.048111][ T5882] usb usb4-port1: Cannot enable. Maybe the USB cable is bad?
[  310.669579][ T8071] gre1: entered promiscuous mode
[  310.674849][ T8071] gre1: entered allmulticast mode
[  311.641215][ T5882] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  312.099658][ T5882] usb 4-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  312.121343][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.560680][ T8085] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  314.073893][ T5882] usb 4-1: config 0 descriptor??
[  314.247519][ T5882] usb 4-1: can't set config #0, error -71
[  314.520952][ T5882] usb 4-1: USB disconnect, device number 6
[  314.564593][ T8095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.615'.
[  315.453636][ T8103] netlink: 16 bytes leftover after parsing attributes in process `syz.3.616'.
[  315.576164][ T5835] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  315.705847][ T5910] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  315.815840][ T5910] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  315.923373][ T8108] nfs: Unknown parameter 'TIPCv2'
[  315.961357][ T5835] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  316.030566][ T5835] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  316.112342][ T5835] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  316.195878][ T5910] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  316.219243][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  316.294892][ T5835] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  316.666612][ T5910] usb 2-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  316.686468][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.688130][ T5835] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  316.765192][ T5910] usb 2-1: config 0 descriptor??
[  316.770734][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  317.834883][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.841525][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  317.889954][ T5910] creative-sb0540 0003:041E:3100.0003: No inputs registered, leaving
[  317.951279][ T5910] creative-sb0540 0003:041E:3100.0003: hidraw0: USB HID v1.01 Device [HID 041e:3100] on usb-dummy_hcd.1-1/input0
[  318.653415][ T8137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  318.667891][ T8137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  318.835852][ T5910] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  319.031887][ T5846] Bluetooth: hci2: unexpected event for opcode 0x2006
[  319.040093][ T5910] usb 3-1: Using ep0 maxpacket: 16
[  319.057147][ T5910] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.072177][ T5910] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.095831][ T5910] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  319.123560][ T5910] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x2 has invalid wMaxPacketSize 0
[  319.146261][   T24] usb 2-1: USB disconnect, device number 7
[  319.160739][ T5910] usb 3-1: config 7 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  319.200884][ T5910] usb 3-1: config 7 interface 0 has no altsetting 0
[  319.228757][ T5910] usb 3-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  319.250976][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.295315][ T5910] hid (null): report_id 4134521175 is invalid
[  320.301644][ T5910] hid (null): unknown global tag 0xe
[  320.318303][ T5910] hid (null): unknown global tag 0xc
[  320.323985][ T5910] hid (null): unknown global tag 0xd
[  320.366014][ T5910] input: HID 0458:5010 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:7.0/0003:0458:5010.0004/input/input5
[  320.471263][ T5910] kye 0003:0458:5010.0004: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.2-1/input0
[  320.662150][ T5835] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  320.856102][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  320.896555][ T5835] usb 4-1: config 0 has an invalid descriptor of length 28, skipping remainder of the config
[  320.923719][ T5835] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  320.943524][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.959964][ T5835] usb 4-1: Product: syz
[  320.965511][ T8158] sctp: [Deprecated]: syz.0.630 (pid 8158) Use of struct sctp_assoc_value in delayed_ack socket option.
[  320.965511][ T8158] Use struct sctp_sack_info instead
[  320.975296][ T5835] usb 4-1: Manufacturer: syz
[  320.990568][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.630'.
[  321.001647][ T5835] usb 4-1: SerialNumber: syz
[  321.007336][ T8158] capability: warning: `syz.0.630' uses deprecated v2 capabilities in a way that may be insecure
[  321.089957][ T5835] usb 4-1: config 0 descriptor??
[  321.116810][ T5835] usb 4-1: bad CDC descriptors
[  321.127955][ T5835] usb 4-1: unsupported MDLM descriptors
[  321.320603][ T5835] usb 4-1: USB disconnect, device number 7
[  321.740608][ T8169] FAULT_INJECTION: forcing a failure.
[  321.740608][ T8169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.793178][ T8169] CPU: 1 UID: 0 PID: 8169 Comm: syz.0.634 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  321.793215][ T8169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.793225][ T8169] Call Trace:
[  321.793240][ T8169]  <TASK>
[  321.793248][ T8169]  dump_stack_lvl+0x241/0x360
[  321.793276][ T8169]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.793295][ T8169]  ? __pfx__printk+0x10/0x10
[  321.793316][ T8169]  should_fail_ex+0x424/0x570
[  321.793332][ T8169]  _copy_from_user+0x2d/0xb0
[  321.793349][ T8169]  copy_from_sockptr_offset+0x60/0xb0
[  321.793366][ T8169]  do_ipt_set_ctl+0xbe4/0x1260
[  321.793383][ T8169]  ? __pfx___mutex_trylock_common+0x10/0x10
[  321.793398][ T8169]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  321.793421][ T8169]  ? __mutex_unlock_slowpath+0x229/0x800
[  321.793439][ T8169]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  321.793457][ T8169]  ? ksys_write+0x24e/0x2d0
[  321.793476][ T8169]  nf_setsockopt+0x295/0x2c0
[  321.793496][ T8169]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  321.793511][ T8169]  do_sock_setsockopt+0x3b1/0x710
[  321.793526][ T8169]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  321.793535][ T8169]  ? __fget_files+0x2a/0x420
[  321.793551][ T8169]  ? __fget_files+0x39d/0x420
[  321.793561][ T8169]  ? __fget_files+0x2a/0x420
[  321.793578][ T8169]  __x64_sys_setsockopt+0x1ee/0x280
[  321.793594][ T8169]  do_syscall_64+0xf3/0x230
[  321.793607][ T8169]  ? clear_bhb_loop+0x45/0xa0
[  321.793620][ T8169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.793630][ T8169] RIP: 0033:0x7ff4c318d169
[  321.793642][ T8169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.793651][ T8169] RSP: 002b:00007ff4c0ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  321.793666][ T8169] RAX: ffffffffffffffda RBX: 00007ff4c33a6080 RCX: 00007ff4c318d169
[  321.793674][ T8169] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  321.793681][ T8169] RBP: 00007ff4c0ff6090 R08: 0000000000000580 R09: 0000000000000000
[  321.793688][ T8169] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  321.793695][ T8169] R13: 0000000000000000 R14: 00007ff4c33a6080 R15: 00007fffce103398
[  321.793712][ T8169]  </TASK>
[  322.839145][ T8180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.636'.
[  323.249169][  T978] usb 3-1: USB disconnect, device number 6
[  324.225797][ T5835] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  324.778157][ T5835] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  324.797786][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.847571][ T5835] usb 1-1: config 0 descriptor??
[  325.874983][   T30] audit: type=1326 audit(1743950645.535:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  325.877442][ T5835] creative-sb0540 0003:041E:3100.0005: No inputs registered, leaving
[  325.908843][   T30] audit: type=1326 audit(1743950645.545:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  325.942966][   T30] audit: type=1326 audit(1743950645.545:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  325.967107][   T30] audit: type=1326 audit(1743950645.545:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  326.007889][   T30] audit: type=1326 audit(1743950645.545:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  326.148345][ T5835] creative-sb0540 0003:041E:3100.0005: hidraw0: USB HID v1.01 Device [HID 041e:3100] on usb-dummy_hcd.0-1/input0
[  326.154868][   T30] audit: type=1326 audit(1743950645.595:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  326.972267][   T30] audit: type=1326 audit(1743950645.595:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  326.994300][   T30] audit: type=1326 audit(1743950645.595:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  327.019491][   T30] audit: type=1326 audit(1743950645.595:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  327.041859][   T30] audit: type=1326 audit(1743950645.595:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8191 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  327.407633][ T8206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.428746][ T8206] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.485974][ T8206] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  327.846993][   T24] usb 1-1: USB disconnect, device number 8
[  327.949495][ T8215] veth1_macvtap: left promiscuous mode
[  327.955046][ T8215] macsec0: entered promiscuous mode
[  327.992546][ T8215] veth1_macvtap: entered promiscuous mode
[  328.006698][ T8215] macsec0: left promiscuous mode
[  330.950729][ T8237] netlink: 16 bytes leftover after parsing attributes in process `syz.1.654'.
[  330.966539][ T8231] netlink: 16 bytes leftover after parsing attributes in process `syz.0.653'.
[  332.012594][ T8251] input: syz0 as /devices/virtual/input/input6
[  332.566895][  T978] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  332.751527][  T978] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  332.765632][  T978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.795433][  T978] usb 1-1: config 0 descriptor??
[  332.977859][ T8267] overlay: Unknown parameter 'dont_appraise'
[  333.126918][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  333.126939][   T30] audit: type=1326 audit(1743950652.805:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8257 comm="syz.2.663" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe9de38d169 code=0x0
[  333.230003][  T978] creative-sb0540 0003:041E:3100.0006: No inputs registered, leaving
[  333.256576][  T978] creative-sb0540 0003:041E:3100.0006: hidraw0: USB HID v1.01 Device [HID 041e:3100] on usb-dummy_hcd.0-1/input0
[  333.498345][ T8280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  333.508969][ T8280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  333.537497][ T8280] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  334.041364][   T24] usb 1-1: USB disconnect, device number 9
[  335.621464][ T8292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.670'.
[  337.802957][ T8315] warning: `syz.4.675' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  338.027932][   T24] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  338.196268][   T24] usb 4-1: Using ep0 maxpacket: 16
[  338.290175][   T24] usb 4-1: config 7 has an invalid interface number: 46 but max is 0
[  338.350600][   T24] usb 4-1: config 7 has no interface number 0
[  338.397100][   T24] usb 4-1: config 7 interface 46 has no altsetting 0
[  338.503450][ T8328] netlink: 8 bytes leftover after parsing attributes in process `syz.4.684'.
[  338.632439][   T24] usb 4-1: New USB device found, idVendor=9fdb, idProduct=cfba, bcdDevice=f1.37
[  338.701904][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.741780][   T24] usb 4-1: Product: syz
[  338.746592][   T24] usb 4-1: Manufacturer: syz
[  338.751230][   T24] usb 4-1: SerialNumber: syz
[  339.416161][   T24] usb 4-1: USB disconnect, device number 8
[  339.655668][ T5910] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  339.828881][ T8351] bpf: Bad value for 'smackfsdef'
[  339.839220][ T5910] usb 3-1: unable to get BOS descriptor or descriptor too short
[  339.867772][ T5910] usb 3-1: not running at top speed; connect to a high speed hub
[  339.879125][ T5910] usb 3-1: config 1 interface 0 altsetting 99 endpoint 0x82 has invalid maxpacket 1023, setting to 64
[  339.892224][ T5910] usb 3-1: config 1 interface 0 has no altsetting 0
[  339.918614][ T5910] usb 3-1: New USB device found, idVendor=8525, idProduct=a4a8, bcdDevice= 0.40
[  339.929299][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.939114][ T5910] usb 3-1: Product: syz
[  339.943460][ T5910] usb 3-1: Manufacturer: syz
[  339.948955][ T5910] usb 3-1: SerialNumber: syz
[  339.965224][ T8334] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  340.092512][ T8356] process 'syz.3.695' launched '/dev/fd/4' with NULL argv: empty string added
[  340.193949][ T8334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.212662][ T8334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  340.245223][ T5910] usblp 3-1:1.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 99 proto 2 vid 0x8525 pid 0xA4A8
[  340.264681][ T5910] usb 3-1: USB disconnect, device number 7
[  340.286680][ T5910] usblp0: removed
[  341.823601][ T8385] vlan2: entered promiscuous mode
[  341.844837][ T8385] bond0: entered promiscuous mode
[  341.884793][ T8385] bond_slave_0: entered promiscuous mode
[  341.914169][ T8385] bond_slave_1: entered promiscuous mode
[  341.966331][ T8390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.707'.
[  341.966537][   T24] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  342.180370][   T24] usb 1-1: Using ep0 maxpacket: 16
[  342.188537][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  342.300789][   T24] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  342.319522][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.328819][   T24] usb 1-1: Product: syz
[  342.333276][   T24] usb 1-1: Manufacturer: syz
[  342.342610][   T24] usb 1-1: SerialNumber: syz
[  342.367507][   T24] usb 1-1: config 0 descriptor??
[  342.429612][   T24] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  342.440955][   T24] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  342.579569][ T8403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.710'.
[  343.884593][   T24] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  344.836272][ T5910] IPVS: starting estimator thread 0...
[  344.935161][   T24] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  344.955768][ T8415] IPVS: using max 29 ests per chain, 69600 per kthread
[  344.995766][   T24] em28xx 1-1:0.0: board has no eeprom
[  345.265703][   T24] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  345.290980][   T24] em28xx 1-1:0.0: dvb set to bulk mode.
[  345.306120][ T2011] em28xx 1-1:0.0: Binding DVB extension
[  345.349078][   T24] usb 1-1: USB disconnect, device number 10
[  345.366985][   T24] em28xx 1-1:0.0: Disconnecting em28xx
[  345.461650][ T8433] can0: slcan on ttyS3.
[  345.477277][ T2011] em28xx 1-1:0.0: Registering input extension
[  345.487062][   T24] em28xx 1-1:0.0: Closing input extension
[  345.558247][ T8434] can0 (unregistered): slcan off ttyS3.
[  345.583372][ T8434] Falling back ldisc for ttyS3.
[  345.599154][   T24] em28xx 1-1:0.0: Freeing device
[  345.961184][ T8425] netlink: 24 bytes leftover after parsing attributes in process `syz.3.718'.
[  346.123825][   T30] audit: type=1326 audit(1743950665.795:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.214466][   T30] audit: type=1326 audit(1743950665.795:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.265877][   T30] audit: type=1326 audit(1743950665.805:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.288036][   T30] audit: type=1326 audit(1743950665.805:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.310060][   T30] audit: type=1326 audit(1743950665.805:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.355799][   T30] audit: type=1326 audit(1743950665.805:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.461759][   T30] audit: type=1326 audit(1743950665.805:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.535980][   T30] audit: type=1326 audit(1743950665.805:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.580983][   T30] audit: type=1326 audit(1743950665.805:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  346.625217][   T30] audit: type=1326 audit(1743950665.805:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8445 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3558d169 code=0x7ffc0000
[  347.555970][ T5882] IPVS: starting estimator thread 0...
[  347.679212][ T8459] IPVS: using max 26 ests per chain, 62400 per kthread
[  347.713998][ T8461] Cannot find del_set index 3 as target
[  347.720339][ T8463] Cannot find del_set index 3 as target
[  348.932153][ T8479] FAULT_INJECTION: forcing a failure.
[  348.932153][ T8479] name failslab, interval 1, probability 0, space 0, times 0
[  349.002874][ T8479] CPU: 0 UID: 0 PID: 8479 Comm: syz.0.731 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  349.002906][ T8479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  349.002917][ T8479] Call Trace:
[  349.002926][ T8479]  <TASK>
[  349.002934][ T8479]  dump_stack_lvl+0x241/0x360
[  349.002969][ T8479]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.002995][ T8479]  ? __pfx__printk+0x10/0x10
[  349.003026][ T8479]  ? __pfx___might_resched+0x10/0x10
[  349.003054][ T8479]  should_fail_ex+0x424/0x570
[  349.003081][ T8479]  should_failslab+0xac/0x100
[  349.003104][ T8479]  __kmalloc_cache_noprof+0x73/0x370
[  349.003123][ T8479]  ? ip_set_create+0x338/0x1960
[  349.003148][ T8479]  ip_set_create+0x338/0x1960
[  349.003171][ T8479]  ? rcu_needs_cpu+0x61/0xb0
[  349.003194][ T8479]  ? trace_contention_end+0x3c/0x120
[  349.003221][ T8479]  ? __pfx_ip_set_create+0x10/0x10
[  349.003280][ T8479]  ? nfnetlink_rcv_msg+0x227/0x1190
[  349.003301][ T8479]  nfnetlink_rcv_msg+0xbf7/0x1190
[  349.003321][ T8479]  ? nfnetlink_rcv_msg+0x227/0x1190
[  349.003367][ T8479]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  349.003384][ T8479]  ? stack_trace_save+0x11a/0x1d0
[  349.003438][ T8479]  ? dev_hard_start_xmit+0x2d4/0x840
[  349.003456][ T8479]  ? __dev_queue_xmit+0x1b80/0x3f60
[  349.003474][ T8479]  ? __netlink_deliver_tap+0x561/0x7f0
[  349.003498][ T8479]  ? netlink_deliver_tap+0x19d/0x1b0
[  349.003519][ T8479]  ? netlink_unicast+0x7c6/0x9a0
[  349.003539][ T8479]  ? netlink_sendmsg+0x8c3/0xcd0
[  349.003560][ T8479]  ? __sock_sendmsg+0x221/0x270
[  349.003582][ T8479]  ? ____sys_sendmsg+0x523/0x860
[  349.003598][ T8479]  ? __sys_sendmsg+0x271/0x360
[  349.003635][ T8479]  netlink_rcv_skb+0x208/0x480
[  349.003661][ T8479]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  349.003683][ T8479]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  349.003726][ T8479]  ? safesetid_security_capable+0xb2/0x1d0
[  349.003754][ T8479]  ? bpf_lsm_capable+0x9/0x10
[  349.003774][ T8479]  ? security_capable+0x7e/0x2d0
[  349.003810][ T8479]  nfnetlink_rcv+0x296/0x28f0
[  349.003835][ T8479]  ? __dev_queue_xmit+0x2f9/0x3f60
[  349.003855][ T8479]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  349.003889][ T8479]  ? __dev_queue_xmit+0x2f9/0x3f60
[  349.003909][ T8479]  ? __dev_queue_xmit+0x2f9/0x3f60
[  349.003931][ T8479]  ? __dev_queue_xmit+0x1780/0x3f60
[  349.003949][ T8479]  ? kasan_save_track+0x3f/0x80
[  349.003972][ T8479]  ? __kasan_slab_alloc+0x66/0x80
[  349.004004][ T8479]  ? do_syscall_64+0xf3/0x230
[  349.004030][ T8479]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  349.004048][ T8479]  ? __dev_queue_xmit+0x2f9/0x3f60
[  349.004072][ T8479]  ? __pfx___dev_queue_xmit+0x10/0x10
[  349.004114][ T8479]  ? ref_tracker_free+0x63e/0x7e0
[  349.004135][ T8479]  ? __asan_memcpy+0x40/0x70
[  349.004156][ T8479]  ? __pfx_ref_tracker_free+0x10/0x10
[  349.004174][ T8479]  ? __skb_clone+0x5c/0x6d0
[  349.004210][ T8479]  ? skb_clone+0x240/0x390
[  349.004244][ T8479]  ? netlink_deliver_tap+0x2e/0x1b0
[  349.004272][ T8479]  ? netlink_deliver_tap+0x2e/0x1b0
[  349.004300][ T8479]  netlink_unicast+0x7f8/0x9a0
[  349.004333][ T8479]  ? __pfx_netlink_unicast+0x10/0x10
[  349.004359][ T8479]  ? skb_put+0x114/0x1f0
[  349.004382][ T8479]  netlink_sendmsg+0x8c3/0xcd0
[  349.004423][ T8479]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.004463][ T8479]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.004486][ T8479]  __sock_sendmsg+0x221/0x270
[  349.004514][ T8479]  ____sys_sendmsg+0x523/0x860
[  349.004546][ T8479]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.004563][ T8479]  ? __fget_files+0x2a/0x420
[  349.004585][ T8479]  ? __fget_files+0x2a/0x420
[  349.004614][ T8479]  __sys_sendmsg+0x271/0x360
[  349.004639][ T8479]  ? __pfx___sys_sendmsg+0x10/0x10
[  349.004715][ T8479]  ? do_syscall_64+0xb6/0x230
[  349.004735][ T8479]  do_syscall_64+0xf3/0x230
[  349.004747][ T8479]  ? clear_bhb_loop+0x45/0xa0
[  349.004761][ T8479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.004772][ T8479] RIP: 0033:0x7ff4c318d169
[  349.004783][ T8479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.004792][ T8479] RSP: 002b:00007ff4c3f14038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.004814][ T8479] RAX: ffffffffffffffda RBX: 00007ff4c33a5fa0 RCX: 00007ff4c318d169
[  349.004822][ T8479] RDX: 0000000040000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  349.004829][ T8479] RBP: 00007ff4c3f14090 R08: 0000000000000000 R09: 0000000000000000
[  349.004836][ T8479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.004842][ T8479] R13: 0000000000000000 R14: 00007ff4c33a5fa0 R15: 00007fffce103398
[  349.004860][ T8479]  </TASK>
[  349.481702][ T8473] tty tty1: ldisc open failed (-12), clearing slot 0
[  349.529421][ T8479] sctp: [Deprecated]: syz.0.731 (pid 8479) Use of int in max_burst socket option.
[  349.529421][ T8479] Use struct sctp_assoc_value instead
[  349.715671][ T8485] FAULT_INJECTION: forcing a failure.
[  349.715671][ T8485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.733854][ T8485] CPU: 0 UID: 0 PID: 8485 Comm: syz.1.733 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  349.733875][ T8485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  349.733882][ T8485] Call Trace:
[  349.733887][ T8485]  <TASK>
[  349.733892][ T8485]  dump_stack_lvl+0x241/0x360
[  349.733913][ T8485]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.733928][ T8485]  ? __pfx__printk+0x10/0x10
[  349.733948][ T8485]  should_fail_ex+0x424/0x570
[  349.733963][ T8485]  _copy_to_user+0x31/0xb0
[  349.733980][ T8485]  simple_read_from_buffer+0xc4/0x170
[  349.733995][ T8485]  proc_fail_nth_read+0x1ef/0x260
[  349.734011][ T8485]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  349.734027][ T8485]  ? rw_verify_area+0x246/0x630
[  349.734040][ T8485]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  349.734054][ T8485]  vfs_read+0x21f/0xb90
[  349.734071][ T8485]  ? __pfx___mutex_lock+0x10/0x10
[  349.734085][ T8485]  ? __pfx_vfs_read+0x10/0x10
[  349.734101][ T8485]  ? __fget_files+0x2a/0x420
[  349.734115][ T8485]  ? __fget_files+0x39d/0x420
[  349.734125][ T8485]  ? __fget_files+0x2a/0x420
[  349.734143][ T8485]  ksys_read+0x19d/0x2d0
[  349.734159][ T8485]  ? __pfx_ksys_read+0x10/0x10
[  349.734177][ T8485]  ? do_syscall_64+0xb6/0x230
[  349.734192][ T8485]  do_syscall_64+0xf3/0x230
[  349.734204][ T8485]  ? clear_bhb_loop+0x45/0xa0
[  349.734217][ T8485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.734227][ T8485] RIP: 0033:0x7f979ef8bb7c
[  349.734239][ T8485] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  349.734248][ T8485] RSP: 002b:00007f979fd62030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  349.734261][ T8485] RAX: ffffffffffffffda RBX: 00007f979f1a5fa0 RCX: 00007f979ef8bb7c
[  349.734269][ T8485] RDX: 000000000000000f RSI: 00007f979fd620a0 RDI: 0000000000000005
[  349.734276][ T8485] RBP: 00007f979fd62090 R08: 0000000000000000 R09: 0000000000000000
[  349.734283][ T8485] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  349.734290][ T8485] R13: 0000000000000000 R14: 00007f979f1a5fa0 R15: 00007fff30754c38
[  349.734307][ T8485]  </TASK>
[  349.987293][ T8486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.732'.
[  350.171943][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.3.732'.
[  350.186136][ T8486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.732'.
[  350.283603][ T8495] netlink: 12 bytes leftover after parsing attributes in process `syz.3.732'.
[  350.331652][ T8486] bond1 (unregistering): Released all slaves
[  350.399490][ T8495] smc: net device bond0 applied user defined pnetid S
[  350.933275][ T8506] 8021q: adding VLAN 0 to HW filter on device batadv1
[  350.941823][ T8506] bond0: (slave batadv1): Enslaving as an active interface with an up link
[  351.764183][ T8503] netlink: 40 bytes leftover after parsing attributes in process `syz.1.738'.
[  352.049213][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  352.049596][   T30] audit: type=1326 audit(1743950671.715:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  352.125669][   T30] audit: type=1326 audit(1743950671.715:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  352.232887][ T8519] FAULT_INJECTION: forcing a failure.
[  352.232887][ T8519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.255912][ T8519] CPU: 0 UID: 0 PID: 8519 Comm: syz.1.741 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  352.255948][ T8519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  352.255960][ T8519] Call Trace:
[  352.255968][ T8519]  <TASK>
[  352.255976][ T8519]  dump_stack_lvl+0x241/0x360
[  352.256011][ T8519]  ? __pfx_dump_stack_lvl+0x10/0x10
[  352.256034][ T8519]  ? __pfx__printk+0x10/0x10
[  352.256074][ T8519]  should_fail_ex+0x424/0x570
[  352.256101][ T8519]  _copy_from_user+0x2d/0xb0
[  352.256128][ T8519]  restore_altstack+0x9a/0x160
[  352.256152][ T8519]  ? __pfx_restore_altstack+0x10/0x10
[  352.256191][ T8519]  __do_sys_rt_sigreturn+0x19a/0x290
[  352.256223][ T8519]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  352.256259][ T8519]  ? do_syscall_64+0xb6/0x230
[  352.256285][ T8519]  do_syscall_64+0xf3/0x230
[  352.256307][ T8519]  ? clear_bhb_loop+0x45/0xa0
[  352.256329][ T8519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.256347][ T8519] RIP: 0033:0x7f979ef29359
[  352.256365][ T8519] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  352.256381][ T8519] RSP: 002b:00007f979fd61a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  352.256402][ T8519] RAX: ffffffffffffffda RBX: 00007f979f1a5fa0 RCX: 00007f979ef29359
[  352.256416][ T8519] RDX: 00007f979fd61a80 RSI: 00007f979fd61bb0 RDI: 0000000000000021
[  352.256428][ T8519] RBP: 00007f979fd62090 R08: 0000000000000001 R09: 0000000000000000
[  352.256439][ T8519] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  352.256450][ T8519] R13: 0000000000000000 R14: 00007f979f1a5fa0 R15: 00007fff30754c38
[  352.256482][ T8519]  </TASK>
[  353.939125][ T8532] lo speed is unknown, defaulting to 1000
[  353.954638][ T8532] lo speed is unknown, defaulting to 1000
[  353.967915][ T8532] lo speed is unknown, defaulting to 1000
[  354.766355][ T8532] infiniband s
z1: set active
[  354.771231][ T8532] infiniband s
z1: added lo
[  354.786989][ T2011] lo speed is unknown, defaulting to 1000
[  354.853766][ T8532] RDS/IB: s
z1: added
[  354.859242][ T8532] smc: adding ib device s
z1 with port count 1
[  354.865751][ T8532] smc:    ib device s
z1 port 1 has pnetid 
[  354.875215][ T2011] lo speed is unknown, defaulting to 1000
[  354.932995][ T8532] lo speed is unknown, defaulting to 1000
[  355.080776][ T8532] lo speed is unknown, defaulting to 1000
[  355.210042][ T8532] lo speed is unknown, defaulting to 1000
[  355.338115][ T8532] lo speed is unknown, defaulting to 1000
[  355.469384][ T8532] lo speed is unknown, defaulting to 1000
[  359.561011][ T8567] FAULT_INJECTION: forcing a failure.
[  359.561011][ T8567] name failslab, interval 1, probability 0, space 0, times 0
[  359.574092][ T8567] CPU: 0 UID: 0 PID: 8567 Comm: syz.2.753 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  359.574117][ T8567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  359.574128][ T8567] Call Trace:
[  359.574133][ T8567]  <TASK>
[  359.574138][ T8567]  dump_stack_lvl+0x241/0x360
[  359.574159][ T8567]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.574174][ T8567]  ? __pfx__printk+0x10/0x10
[  359.574191][ T8567]  ? __pfx___might_resched+0x10/0x10
[  359.574207][ T8567]  should_fail_ex+0x424/0x570
[  359.574223][ T8567]  should_failslab+0xac/0x100
[  359.574236][ T8567]  kmem_cache_alloc_lru_noprof+0x7d/0x390
[  359.574247][ T8567]  ? sock_alloc_inode+0x28/0xc0
[  359.574265][ T8567]  sock_alloc_inode+0x28/0xc0
[  359.574277][ T8567]  ? __pfx_sock_alloc_inode+0x10/0x10
[  359.574289][ T8567]  alloc_inode+0x69/0x1b0
[  359.574302][ T8567]  __sock_create+0x127/0xa30
[  359.574323][ T8567]  rfcomm_dlc_open+0x2de/0x10d0
[  359.574342][ T8567]  ? __local_bh_enable_ip+0x168/0x200
[  359.574356][ T8567]  ? lockdep_hardirqs_on+0x9d/0x150
[  359.574372][ T8567]  ? __pfx_rfcomm_dlc_open+0x10/0x10
[  359.574386][ T8567]  ? rfcomm_sock_connect+0x2d7/0x610
[  359.574397][ T8567]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  359.574413][ T8567]  ? do_raw_spin_unlock+0x13c/0x8b0
[  359.574433][ T8567]  rfcomm_sock_connect+0x305/0x610
[  359.574448][ T8567]  __sys_connect+0x28c/0x2d0
[  359.574464][ T8567]  ? __fget_files+0x2a/0x420
[  359.574476][ T8567]  ? __pfx___sys_connect+0x10/0x10
[  359.574506][ T8567]  __x64_sys_connect+0x7a/0x90
[  359.574522][ T8567]  do_syscall_64+0xf3/0x230
[  359.574535][ T8567]  ? clear_bhb_loop+0x45/0xa0
[  359.574548][ T8567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.574558][ T8567] RIP: 0033:0x7fe9de38d169
[  359.574570][ T8567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.574579][ T8567] RSP: 002b:00007fe9df1f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  359.574593][ T8567] RAX: ffffffffffffffda RBX: 00007fe9de5a6080 RCX: 00007fe9de38d169
[  359.574601][ T8567] RDX: 000000000000000a RSI: 00002000000000c0 RDI: 0000000000000008
[  359.574608][ T8567] RBP: 00007fe9df1f0090 R08: 0000000000000000 R09: 0000000000000000
[  359.574615][ T8567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.574622][ T8567] R13: 0000000000000000 R14: 00007fe9de5a6080 R15: 00007ffc9efc56f8
[  359.574639][ T8567]  </TASK>
[  359.574805][ T8567] socket: no more sockets
[  360.607250][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'.
[  360.616324][ T8573] bridge_slave_1: left allmulticast mode
[  360.622055][ T8573] bridge_slave_1: left promiscuous mode
[  360.639394][ T8573] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.736189][ T8573] bridge_slave_0: left allmulticast mode
[  360.741960][ T8573] bridge_slave_0: left promiscuous mode
[  360.749873][ T8573] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.704879][ T8579] netlink: 8 bytes leftover after parsing attributes in process `syz.1.757'.
[  365.003302][ T8610] 9pnet_fd: Insufficient options for proto=fd
[  365.111005][ T8614] FAULT_INJECTION: forcing a failure.
[  365.111005][ T8614] name failslab, interval 1, probability 0, space 0, times 0
[  365.154747][ T8614] CPU: 0 UID: 0 PID: 8614 Comm: syz.3.767 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  365.154778][ T8614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  365.154789][ T8614] Call Trace:
[  365.154797][ T8614]  <TASK>
[  365.154807][ T8614]  dump_stack_lvl+0x241/0x360
[  365.154842][ T8614]  ? __pfx_dump_stack_lvl+0x10/0x10
[  365.154867][ T8614]  ? __pfx__printk+0x10/0x10
[  365.154898][ T8614]  ? __pfx___might_resched+0x10/0x10
[  365.154925][ T8614]  should_fail_ex+0x424/0x570
[  365.154952][ T8614]  should_failslab+0xac/0x100
[  365.154974][ T8614]  __kmalloc_noprof+0xdf/0x4d0
[  365.154993][ T8614]  ? tomoyo_encode+0x26f/0x540
[  365.155017][ T8614]  tomoyo_encode+0x26f/0x540
[  365.155043][ T8614]  tomoyo_realpath_from_path+0x59e/0x5e0
[  365.155077][ T8614]  tomoyo_path_number_perm+0x245/0x790
[  365.155109][ T8614]  ? tomoyo_path_number_perm+0x215/0x790
[  365.155138][ T8614]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  365.155172][ T8614]  ? ksys_write+0x24e/0x2d0
[  365.155207][ T8614]  ? __lock_acquire+0xad5/0xd80
[  365.155248][ T8614]  ? __fget_files+0x2a/0x420
[  365.155269][ T8614]  ? __fget_files+0x2a/0x420
[  365.155294][ T8614]  ? __fget_files+0x2a/0x420
[  365.155322][ T8614]  security_file_ioctl+0xc6/0x2a0
[  365.155350][ T8614]  __se_sys_ioctl+0x46/0x160
[  365.155380][ T8614]  do_syscall_64+0xf3/0x230
[  365.155404][ T8614]  ? clear_bhb_loop+0x45/0xa0
[  365.155428][ T8614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.155446][ T8614] RIP: 0033:0x7fa77338d169
[  365.155463][ T8614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.155479][ T8614] RSP: 002b:00007fa77414d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  365.155501][ T8614] RAX: ffffffffffffffda RBX: 00007fa7735a5fa0 RCX: 00007fa77338d169
[  365.155520][ T8614] RDX: 0000200000005ec0 RSI: 00000000c0285629 RDI: 0000000000000003
[  365.155532][ T8614] RBP: 00007fa77414d090 R08: 0000000000000000 R09: 0000000000000000
[  365.155543][ T8614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.155553][ T8614] R13: 0000000000000000 R14: 00007fa7735a5fa0 R15: 00007ffc3e767208
[  365.155593][ T8614]  </TASK>
[  365.428218][ T8614] ERROR: Out of memory at tomoyo_realpath_from_path.
[  366.271244][ T8626] netlink: 16 bytes leftover after parsing attributes in process `syz.4.768'.
[  367.855985][ T5846] Bluetooth: hci3: unexpected event for opcode 0x2006
[  368.895745][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  369.101726][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  369.221589][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  369.403606][   T24] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  369.472910][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  369.525740][   T24] usb 5-1: SerialNumber: syz
[  369.780276][   T24] usb 5-1: 0:2 : does not exist
[  369.984124][   T24] usb 5-1: USB disconnect, device number 3
[  370.179226][ T8671] netlink: 16 bytes leftover after parsing attributes in process `syz.2.781'.
[  370.299414][ T8667] Cannot find del_set index 4 as target
[  370.687860][ T5882] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  371.936426][ T5882] usb 1-1: Using ep0 maxpacket: 32
[  372.053822][ T5882] usb 1-1: config 1 interface 0 altsetting 7 bulk endpoint 0x82 has invalid maxpacket 16
[  372.064180][   T30] audit: type=1326 audit(1743950691.725:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.085771][    C0] vkms_vblank_simulate: vblank timer overrun
[  372.105814][ T5882] usb 1-1: config 1 interface 0 altsetting 7 endpoint 0x3 has invalid maxpacket 1975, setting to 1024
[  372.185809][ T5882] usb 1-1: config 1 interface 0 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 1024
[  372.199009][   T30] audit: type=1326 audit(1743950691.725:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.220962][    C0] vkms_vblank_simulate: vblank timer overrun
[  372.229705][ T5882] usb 1-1: config 1 interface 0 has no altsetting 0
[  372.260163][ T5882] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  372.272771][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.281225][   T30] audit: type=1326 audit(1743950691.765:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.302866][    C0] vkms_vblank_simulate: vblank timer overrun
[  372.325371][ T5882] usb 1-1: Product: 쪑䓦
[  372.448969][ T5882] usb 1-1: Manufacturer: ᓳ
[  372.460094][ T8677] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  372.468843][   T30] audit: type=1326 audit(1743950691.765:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.491327][ T8677] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  372.505803][   T30] audit: type=1326 audit(1743950691.765:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.627256][   T30] audit: type=1326 audit(1743950691.765:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.821406][   T30] audit: type=1326 audit(1743950691.765:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.843696][   T30] audit: type=1326 audit(1743950691.765:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  372.876055][   T30] audit: type=1326 audit(1743950691.765:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  373.647580][   T30] audit: type=1326 audit(1743950691.765:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8685 comm="syz.3.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77338d169 code=0x7ffc0000
[  373.669009][    C0] vkms_vblank_simulate: vblank timer overrun
[  374.852746][ T5882] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -71
[  374.878803][ T5882] usb 1-1: USB disconnect, device number 11
[  375.848912][ T8728] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  375.862210][ T8729] sp0: Synchronizing with TNC
[  375.935469][ T8728] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  375.957469][ T8728] overlayfs: missing 'lowerdir'
[  376.038345][ T8740] netlink: 16 bytes leftover after parsing attributes in process `syz.1.798'.
[  376.665813][ T5835] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  377.468036][ T5835] usb 5-1: Using ep0 maxpacket: 16
[  377.489601][ T5835] usb 5-1: config index 0 descriptor too short (expected 49803, got 41)
[  377.518703][ T5835] usb 5-1: config 0 has an invalid interface number: 87 but max is 0
[  377.573396][ T5835] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  377.654208][ T5835] usb 5-1: config 0 has no interface number 0
[  377.694079][ T8760] ip6t_srh: unknown srh match flags  5294
[  377.715443][ T5835] usb 5-1: New USB device found, idVendor=046d, idProduct=0879, bcdDevice= b.28
[  377.740618][ T5835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.752442][ T5835] usb 5-1: Product: syz
[  377.756894][ T5835] usb 5-1: Manufacturer: syz
[  377.764011][ T5835] usb 5-1: SerialNumber: syz
[  377.803756][ T5846] Bluetooth: hci1: unexpected event for opcode 0x2006
[  377.813609][ T2011] lo speed is unknown, defaulting to 1000
[  377.828412][ T5835] usb 5-1: config 0 descriptor??
[  377.977187][ T2011] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  378.168438][ T2011] usb 3-1: unable to get BOS descriptor or descriptor too short
[  378.245928][ T2011] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  378.321620][ T2011] usb 3-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  378.470214][ T2011] usb 3-1: config 1 interface 0 has no altsetting 1
[  378.531230][   T52] usb 5-1: USB disconnect, device number 4
[  378.574103][ T2011] usb 3-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  378.600993][ T2011] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.649508][ T2011] usb 3-1: Product: syz
[  378.664841][ T2011] usb 3-1: Manufacturer: syz
[  378.674968][ T2011] usb 3-1: SerialNumber: syz
[  378.723456][ T2011] smsusb:smsusb_probe: board id=8, interface number 0
[  378.875986][ T5882] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  378.901414][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.908536][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  378.931513][ T2011] smsusb:smsusb_probe: usb_set_interface failed, rc -71
[  378.938779][ T2011] smsusb 3-1:1.0: probe with driver smsusb failed with error -71
[  378.960271][ T2011] usb 3-1: USB disconnect, device number 8
[  379.068676][ T5882] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  379.089616][ T5882] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  379.131298][ T5882] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  379.154298][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.230351][ T5882] usb 4-1: config 0 descriptor??
[  379.265346][ T5882] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  379.283003][ T5882] dvb-usb: bulk message failed: -22 (3/0)
[  380.235792][   T52] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  380.257129][ T5882] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  380.270621][ T8768] dvb-usb: bulk message failed: -22 (2/0)
[  380.270844][ T5882] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  380.284273][ T5882] usb 4-1: media controller created
[  380.450496][ T5882] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  380.637202][ T5882] dvb-usb: bulk message failed: -22 (6/0)
[  380.644225][ T5882] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  380.659659][ T5882] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input9
[  380.701447][   T52] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  380.740271][   T52] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.969500][ T5882] dvb-usb: schedule remote query interval to 150 msecs.
[  380.976697][ T5882] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  380.997567][ T5882] usb 4-1: USB disconnect, device number 9
[  381.016424][   T52] usb 1-1: config 0 descriptor??
[  381.042388][ T8796] xt_l2tp: missing protocol rule (udp|l2tpip)
[  381.132067][ T8797] s
z1: rxe_newlink: already configured on lo
[  381.918070][   T24] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  382.113579][ T5882] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  382.353524][   T52] [drm:udl_init] *ERROR* Selecting channel failed
[  383.674220][   T24] usb 5-1: unable to get BOS descriptor set
[  383.712279][   T52] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  383.752090][   T24] usb 5-1: not running at top speed; connect to a high speed hub
[  383.771541][   T52] [drm] Initialized udl on minor 2
[  383.795246][   T52] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  383.942885][   T24] usb 5-1: config 0 has no interfaces?
[  383.961003][   T52] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  383.974064][ T5910] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  383.989843][   T52] usb 1-1: USB disconnect, device number 12
[  383.996625][ T5910] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  384.097430][ T8822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.823'.
[  384.123072][ T5882] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  384.154722][   T24] usb 5-1: unable to read config index 1 descriptor/all
[  384.189400][   T24] usb 5-1: can't read configurations, error -71
[  384.299503][ T5882] usb 4-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  384.312236][ T8832] netlink: 60 bytes leftover after parsing attributes in process `syz.4.825'.
[  384.319334][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.355315][ T5882] usb 4-1: config 0 descriptor??
[  384.380958][ T8833] netlink: 60 bytes leftover after parsing attributes in process `syz.4.825'.
[  384.421010][ T8835] Context (ID=0x1) not attached to queue pair (handle=0x2:0x784e)
[  384.430890][   T52] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  384.608610][   T52] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  384.631066][   T52] usb 1-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  384.642737][   T52] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.672312][   T52] usb 1-1: Product: syz
[  384.677081][   T52] usb 1-1: Manufacturer: syz
[  384.681729][   T52] usb 1-1: SerialNumber: syz
[  384.721537][   T52] usb 1-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  385.036142][   T24] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  385.469811][ T8845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  385.546429][ T8845] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  385.567109][   T52] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  385.612847][ T8845] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  385.644726][   T24] usb 5-1: too many configurations: 185, using maximum allowed: 8
[  385.670265][   T24] usb 5-1: unable to read config index 0 descriptor/start: -61
[  385.685002][   T52] usb 1-1: USB disconnect, device number 13
[  385.693374][   T24] usb 5-1: can't read configurations, error -61
[  385.710671][   T24] usb usb5-port1: attempt power cycle
[  386.006968][ T5882] usbhid 4-1:0.0: can't add hid device: -71
[  386.013214][ T5882] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  386.053391][ T5882] usb 4-1: USB disconnect, device number 10
[  386.066447][   T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  386.104918][   T24] usb 5-1: too many configurations: 185, using maximum allowed: 8
[  386.119302][   T24] usb 5-1: unable to read config index 0 descriptor/start: -61
[  386.135725][ T5835] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  386.139158][   T24] usb 5-1: can't read configurations, error -61
[  386.264642][ T8855] lo speed is unknown, defaulting to 1000
[  386.295926][ T5835] usb 3-1: device descriptor read/64, error -71
[  386.295932][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  386.318267][   T24] usb 5-1: too many configurations: 185, using maximum allowed: 8
[  386.353945][   T24] usb 5-1: unable to read config index 0 descriptor/start: -61
[  386.377395][   T24] usb 5-1: can't read configurations, error -61
[  386.393782][   T24] usb usb5-port1: unable to enumerate USB device
[  386.725957][ T5835] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  386.841881][ T8862] netlink: 8 bytes leftover after parsing attributes in process `syz.3.834'.
[  386.915764][ T5835] usb 3-1: device descriptor read/64, error -71
[  387.056365][ T5835] usb usb3-port1: attempt power cycle
[  387.282188][ T8874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.838'.
[  387.385622][   T24] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  387.407084][ T5835] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  387.441715][ T5835] usb 3-1: device descriptor read/8, error -71
[  387.726823][   T24] usb 1-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=32.00
[  387.743621][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.767870][   T24] usb 1-1: Product: syz
[  387.772471][   T24] usb 1-1: Manufacturer: syz
[  387.778590][   T24] usb 1-1: SerialNumber: syz
[  387.788290][   T24] usb 1-1: config 0 descriptor??
[  387.802486][   T24] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  387.815885][ T5835] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  387.827926][   T24] usb 1-1: Detected FT233HP
[  387.876407][ T5835] usb 3-1: device descriptor read/8, error -71
[  387.996176][ T5835] usb usb3-port1: unable to enumerate USB device
[  388.105934][   T52] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  388.451786][ T8881] netlink: 'syz.0.835': attribute type 10 has an invalid length.
[  388.470006][   T52] usb 5-1: config 36 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 192, changing to 11
[  388.566132][   T52] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  388.636224][   T52] usb 5-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  388.736609][ T8881] syz_tun: entered promiscuous mode
[  388.803840][ T8881] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  388.824324][   T52] usb 5-1: Manufacturer: syz
[  388.880889][   T52] usb 5-1: SerialNumber: syz
[  389.064259][   T24] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  389.088056][   T24] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  389.138707][   T24] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  389.315482][   T52] usbhid 5-1:36.0: couldn't find an input interrupt endpoint
[  389.329304][   T24] usb 1-1: USB disconnect, device number 14
[  389.336202][   T52] usb 5-1: USB disconnect, device number 9
[  389.350918][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  389.364922][   T24] ftdi_sio 1-1:0.0: device disconnected
[  389.975633][  T978] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  390.052590][ T5846] Bluetooth: hci4: unexpected event for opcode 0x2006
[  390.885382][ T8901] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  391.467925][  T978] usb 2-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  391.490650][  T978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.544233][  T978] usb 2-1: config 0 descriptor??
[  391.656273][ T8910] netlink: 8 bytes leftover after parsing attributes in process `syz.0.847'.
[  393.216315][ T8925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.315226][ T8925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.877156][ T8932] netlink: 'syz.3.854': attribute type 3 has an invalid length.
[  393.885020][ T8932] netlink: 3 bytes leftover after parsing attributes in process `syz.3.854'.
[  397.630850][  T978] usbhid 2-1:0.0: can't add hid device: -32
[  397.637086][  T978] usbhid 2-1:0.0: probe with driver usbhid failed with error -32
[  397.717398][   T24] usb 2-1: USB disconnect, device number 8
[  397.932608][ T8971] syz_tun: entered allmulticast mode
[  400.267599][ T8970] syz_tun: left allmulticast mode
[  402.212325][ T5846] Bluetooth: hci3: unexpected event for opcode 0x2006
[  405.509120][ T9029] lo speed is unknown, defaulting to 1000
[  405.969110][ T9045] netlink: 'syz.4.884': attribute type 9 has an invalid length.
[  405.977124][ T9045] netlink: 4 bytes leftover after parsing attributes in process `syz.4.884'.
[  407.015600][ T5835] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  407.919214][ T5835] usb 5-1: Using ep0 maxpacket: 8
[  407.957294][ T5835] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.055102][ T5835] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  408.065117][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.086987][ T5835] usb 5-1: config 0 descriptor??
[  408.113562][ T5835] gspca_main: vc032x-2.14.0 probing 046d:0892
[  409.743693][ T5835] gspca_vc032x: reg_w err -110
[  409.787341][ T5835] vc032x 5-1:0.0: probe with driver vc032x failed with error -110
[  410.941790][ T9086] tipc: Started in network mode
[  410.979845][ T9088] FAULT_INJECTION: forcing a failure.
[  410.979845][ T9088] name failslab, interval 1, probability 0, space 0, times 0
[  411.012327][ T9086] tipc: Node identity -6, cluster identity 4711
[  411.030155][ T9088] CPU: 1 UID: 0 PID: 9088 Comm: syz.0.896 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  411.030187][ T9088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  411.030199][ T9088] Call Trace:
[  411.030207][ T9088]  <TASK>
[  411.030216][ T9088]  dump_stack_lvl+0x241/0x360
[  411.030260][ T9088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  411.030286][ T9088]  ? __pfx__printk+0x10/0x10
[  411.030316][ T9088]  ? __pfx___might_resched+0x10/0x10
[  411.030344][ T9088]  should_fail_ex+0x424/0x570
[  411.030370][ T9088]  should_failslab+0xac/0x100
[  411.030393][ T9088]  __kmalloc_noprof+0xdf/0x4d0
[  411.030412][ T9088]  ? video_usercopy+0x204/0x1330
[  411.030435][ T9088]  video_usercopy+0x204/0x1330
[  411.030465][ T9088]  ? __pfx___video_do_ioctl+0x10/0x10
[  411.030484][ T9088]  ? __pfx_video_usercopy+0x10/0x10
[  411.030500][ T9088]  ? smack_file_ioctl+0x306/0x3b0
[  411.030536][ T9088]  ? __fget_files+0x2a/0x420
[  411.030562][ T9088]  ? __fget_files+0x2a/0x420
[  411.030586][ T9088]  v4l2_ioctl+0x189/0x1e0
[  411.030613][ T9088]  ? __pfx_v4l2_ioctl+0x10/0x10
[  411.030642][ T9088]  __se_sys_ioctl+0xf1/0x160
[  411.030672][ T9088]  do_syscall_64+0xf3/0x230
[  411.030695][ T9088]  ? clear_bhb_loop+0x45/0xa0
[  411.030718][ T9088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.030735][ T9088] RIP: 0033:0x7ff4c318d169
[  411.030753][ T9088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.030770][ T9088] RSP: 002b:00007ff4c3f14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  411.030791][ T9088] RAX: ffffffffffffffda RBX: 00007ff4c33a5fa0 RCX: 00007ff4c318d169
[  411.030805][ T9088] RDX: 00002000000001c0 RSI: 00000000c0d05640 RDI: 0000000000000003
[  411.030817][ T9088] RBP: 00007ff4c3f14090 R08: 0000000000000000 R09: 0000000000000000
[  411.030829][ T9088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.030841][ T9088] R13: 0000000000000000 R14: 00007ff4c33a5fa0 R15: 00007fffce103398
[  411.030872][ T9088]  </TASK>
[  411.355625][ T5882] usb 5-1: USB disconnect, device number 10
[  412.390258][ T9120] netlink: 173 bytes leftover after parsing attributes in process `syz.0.909'.
[  412.929699][ T9131] loop9: detected capacity change from 0 to 7
[  412.942012][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  412.950779][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  412.959825][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  412.968966][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  412.978176][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  412.987673][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  412.996962][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  413.005542][ T9131] ldm_validate_partition_table(): Disk read failed.
[  413.014949][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  413.023585][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  413.032998][ T9131] Buffer I/O error on dev loop9, logical block 0, async page read
[  413.042632][ T9131] Dev loop9: unable to read RDB block 0
[  413.051377][ T9131]  loop9: unable to read partition table
[  413.059181][ T9131] loop9: partition table beyond EOD, truncated
[  413.065611][ T9131] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  413.065611][ T9131] 
U�������) failed (rc=-5)
[  413.770565][ T9133] netlink: 'syz.2.912': attribute type 4 has an invalid length.
[  413.825663][ T9133] netlink: 'syz.2.912': attribute type 4 has an invalid length.
[  414.105608][ T9142] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  415.479224][ T9164] tmpfs: Bad value for 'mpol'
[  415.983616][ T9171] netlink: 8 bytes leftover after parsing attributes in process `syz.2.923'.
[  416.362615][ T9172] 9pnet_fd: Insufficient options for proto=fd
[  419.065731][ T9200] bond_slave_1: entered promiscuous mode
[  419.121793][ T9200] pimreg: entered allmulticast mode
[  419.141766][ T9200] pimreg: left allmulticast mode
[  419.147016][ T9202] tmpfs: Bad value for 'mpol'
[  420.260126][ T5846] Bluetooth: hci3: unexpected event for opcode 0x2006
[  420.333345][ T9199] bond_slave_1: left promiscuous mode
[  420.468254][ T5142]  non-paged memory
[  420.472540][ T5142] list_del corruption, ffff88805c1cac80->next is LIST_POISON1 (dead000000000100)
[  420.509420][ T5142] ------------[ cut here ]------------
[  420.515240][ T5142] kernel BUG at lib/list_debug.c:58!
[  420.526086][ T5142] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  420.532486][ T5142] CPU: 0 UID: 0 PID: 5142 Comm: kworker/u9:1 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(full) 
[  420.544330][ T5142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  420.554514][ T5142] Workqueue: hci4 hci_conn_timeout
[  420.559736][ T5142] RIP: 0010:__list_del_entry_valid_or_report+0x10f/0x190
[  420.566954][ T5142] Code: a0 e5 a0 8c 4c 89 fe e8 bf e8 22 fc 90 0f 0b 48 89 df e8 f4 de 03 fd 48 c7 c7 00 e6 a0 8c 4c 89 fe 48 89 da e8 a2 e8 22 fc 90 <0f> 0b 48 89 df e8 d7 de 03 fd 48 c7 c7 60 e6 a0 8c 4c 89 fe 48 89
[  420.586662][ T5142] RSP: 0018:ffffc9000f19fa28 EFLAGS: 00010246
[  420.592760][ T5142] RAX: 000000000000004e RBX: dead000000000100 RCX: 9a174779c5084300
[  420.600749][ T5142] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  420.608733][ T5142] RBP: ffff88805c1caca0 R08: ffffffff81a293ec R09: 1ffff92001e33ee0
[  420.617007][ T5142] R10: dffffc0000000000 R11: fffff52001e33ee1 R12: dead000000000122
[  420.624999][ T5142] R13: dffffc0000000000 R14: dead000000000100 R15: ffff88805c1cac80
[  420.633272][ T5142] FS:  0000000000000000(0000) GS:ffff888124fc9000(0000) knlGS:0000000000000000
[  420.642410][ T5142] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  420.649001][ T5142] CR2: 0000000000000004 CR3: 00000000607e4000 CR4: 00000000003526f0
[  420.657029][ T5142] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  420.665018][ T5142] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  420.673082][ T5142] Call Trace:
[  420.676375][ T5142]  <TASK>
[  420.679312][ T5142]  hci_cmd_sync_dequeue_once+0x262/0x360
[  420.685075][ T5142]  hci_cancel_connect_sync+0xc3/0x120
[  420.690482][ T5142]  hci_abort_conn+0x194/0x330
[  420.695222][ T5142]  ? process_scheduled_works+0x9cb/0x18e0
[  420.701128][ T5142]  ? process_scheduled_works+0x9cb/0x18e0
[  420.706868][ T5142]  process_scheduled_works+0xac3/0x18e0
[  420.712624][ T5142]  ? __pfx_process_scheduled_works+0x10/0x10
[  420.718609][ T5142]  ? assign_work+0x367/0x3d0
[  420.723200][ T5142]  worker_thread+0x870/0xd50
[  420.727799][ T5142]  ? __kthread_parkme+0x1a8/0x200
[  420.732826][ T5142]  ? __pfx_worker_thread+0x10/0x10
[  420.737944][ T5142]  kthread+0x7b7/0x940
[  420.742114][ T5142]  ? __pfx_worker_thread+0x10/0x10
[  420.747236][ T5142]  ? __pfx_kthread+0x10/0x10
[  420.751842][ T5142]  ? __pfx_kthread+0x10/0x10
[  420.756446][ T5142]  ? __pfx_kthread+0x10/0x10
[  420.761127][ T5142]  ? __pfx_kthread+0x10/0x10
[  420.765727][ T5142]  ? _raw_spin_unlock_irq+0x23/0x50
[  420.770951][ T5142]  ? lockdep_hardirqs_on+0x9d/0x150
[  420.776187][ T5142]  ? __pfx_kthread+0x10/0x10
[  420.780792][ T5142]  ret_from_fork+0x4b/0x80
[  420.785308][ T5142]  ? __pfx_kthread+0x10/0x10
[  420.789934][ T5142]  ret_from_fork_asm+0x1a/0x30
[  420.794721][ T5142]  </TASK>
[  420.797755][ T5142] Modules linked in:
[  420.802201][ T5142] ---[ end trace 0000000000000000 ]---
[  421.075665][ T5142] RIP: 0010:__list_del_entry_valid_or_report+0x10f/0x190
[  421.082795][ T5142] Code: a0 e5 a0 8c 4c 89 fe e8 bf e8 22 fc 90 0f 0b 48 89 df e8 f4 de 03 fd 48 c7 c7 00 e6 a0 8c 4c 89 fe 48 89 da e8 a2 e8 22 fc 90 <0f> 0b 48 89 df e8 d7 de 03 fd 48 c7 c7 60 e6 a0 8c 4c 89 fe 48 89
[  421.103058][ T5142] RSP: 0018:ffffc9000f19fa28 EFLAGS: 00010246
[  421.109222][ T5142] RAX: 000000000000004e RBX: dead000000000100 RCX: 9a174779c5084300
[  421.117284][ T5142] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  421.125408][ T5142] RBP: ffff88805c1caca0 R08: ffffffff81a293ec R09: 1ffff92001e33ee0
[  421.133452][ T5142] R10: dffffc0000000000 R11: fffff52001e33ee1 R12: dead000000000122
[  421.141653][ T5142] R13: dffffc0000000000 R14: dead000000000100 R15: ffff88805c1cac80
[  421.149666][ T5142] FS:  0000000000000000(0000) GS:ffff888124fc9000(0000) knlGS:0000000000000000
[  421.158638][ T5142] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  421.165221][ T5142] CR2: 0000000000000004 CR3: 00000000607e4000 CR4: 00000000003526f0
[  421.173648][ T5142] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  421.181734][ T5142] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  421.190092][ T5142] Kernel panic - not syncing: Fatal exception
[  421.196558][ T5142] Kernel Offset: disabled
[  421.200989][ T5142] Rebooting in 86400 seconds..