last executing test programs:

26.219895352s ago: executing program 4 (id=1071):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000c0c005006c0012800b00010062726964676500005c0002800600270006000000050026000100000005002c000100000008001d002b89000008001c"], 0x94}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
connect$vsock_stream(r1, 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
process_madvise(r3, 0x0, 0x0, 0x19, 0x0)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast2, 0x4e20, 0x0, 'fo\x00', 0x1, 0x0, 0x51}, 0x2c)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000880)=@filter={'filter\x00', 0xe, 0x4, 0x2b0, 0xffffffff, 0x0, 0xb0, 0x0, 0xffffffff, 0xffffffff, 0xb0, 0x218, 0x229, 0xffffffff, 0x4, 0x0, {[{{@ip={@broadcast, @local, 0x0, 0x0, 'pim6reg1\x00', 'vlan0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x310)
setsockopt$inet_tcp_int(r5, 0x6, 0x17, &(0x7f0000000300)=0x8, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000002c0)='westwood\x00', 0x9)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)
r6 = socket(0x1d, 0x2, 0x6)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r6, 0x6a, 0x3, 0x0, 0x4)
r7 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r7, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @loopback}}}, 0x48)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r8, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8018002", @ANYRES16], 0x1d8}}, 0x0)
setxattr$incfs_size(&(0x7f0000000500)='./cgroup.cpu/cpuset.cpus\x00', 0x0, 0x0, 0x0, 0x1)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x41, &(0x7f0000000080)=0x69a, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r10=>0x0})
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x1d, r10}, 0x10, &(0x7f0000000100)={&(0x7f00000002c0)=@can={{0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "ce0d3384b99c4fd6"}, 0x10}}, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)

25.881189149s ago: executing program 4 (id=1072):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x96dca55c25fb4027, &(0x7f0000000180)=0x40000000010001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
r4 = socket$inet6_dccp(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x1}, 0x1c)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @dev}})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f0000000740), 0x4)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e80)=[{{&(0x7f0000000240)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000480)="be", 0x1}], 0x1}}], 0x1, 0xc0c0)

24.66006677s ago: executing program 4 (id=1076):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$kcm(0x11, 0x7, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="180000005200010000000000000000000a00000004800500"], 0x18}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffcaa}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x8, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x2, 0x0, @local, 0xa}, 0x1c)
socket(0x2, 0x2, 0x1)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
preadv(r3, &(0x7f0000000080), 0x0, 0xa3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b0400000000000000000200000038000480340001800b0001006e756d67656e00002400028008000440000000000800014000000008080002400000000608000340000000010900010073797a30000000000900020073797a3200000020"], 0x8c}}, 0x0)
fsopen(&(0x7f0000000040)='nfsd\x00', 0x0)

23.39625061s ago: executing program 4 (id=1081):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000006340)={0x2020, 0x0, <r2=>0x0}, 0x2058)
write$FUSE_INIT(r1, &(0x7f0000002140)={0x50, 0x0, r2, {0x7, 0x28, 0x0, 0x4}}, 0x50)
read$FUSE(r1, &(0x7f0000000100)={0x2020, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000004340)="265ed300624cee917954148609d0f2ac52561da46fe5c8ce8b3d649d8b59dfb0c633a2151990de893de399d507986121aa114fd87163065d2988807d3e0953e6b084d8b607280f9207193bb76a79bb6d4f638d070435bddb76667d5dee6329e71b2c9befbb22bbde0c1b6da63b845f2c28d2c5f4deb07b4ae015fc576702112f75a755e76b6dc450719f63cd1939961e4c895f9054760c61f933bf74d185520f9aebaf3ab397a2089640ec41ab5cfe6c828b53c4cc544f9812034c719e712532763eff6e69ad7cc4d2f29f97ccce18f298ce417251430929d422e21cac05093609d97896d0beb7d4cce9f1975f01e7dd29ea061a868bb6607b7cf88a2e33dd5c5db31cbead98e06c2c7add9012b0483fe662532c81ab1a1ca8f20f1cd9020e06c2bdade3f311d08b47503b5b63b279a9be019006e6929670f53d5688c194e9f046d2322d71bc26245e698cd44d655c59b2e0ff43771a386abc38cd6e493e0a475ef525fa78671fd9954e7df71a3b7c7ed90379dffa4fd76f0367eca11c1d8de813979951eccc8c93b4f9fdb4785c0a9d207e65742bdd358e9dfbf29203c36b91fdd78db55b53ad1e713e32fc1f47bf3390f3db8dfbd514b4b31095c818e18b63ebad5cc3b406557f3a9380c5025ab11c64522b1752b2296bb00b7750ab82704ba197f26ab76e35da02ae87d25669d54d212aa680b579773c889902782d1c8067b16ff957bfa70cd8af4c366c1629e871cfb033d46c0d308c3ff5072fd8e23ee02986a128051b8e6dbaa2bc46bdc8772d923f2906eef68015bdb4cd66a2525269a91cbd7336c930c08190a8606d762c768d164d05eea38d63e99e1fab83ce2683b885e1619065acb1bed0bfd63e3cea5c9d7c9994df4036aa17f9eb0850f9eb42b17b19926fd9d814529c3cf4397e3f38f9626f0bb4f229b51c35773cbecc42ba22f8346c9c3a6f3ca7d8b25d0bbf30baf48bde92ea192e2484ef9b2160492edb5f2ce296b0b6b420d020b7d14d780db436b1a23b733051369536eae7c7148927c3ba3a968516039b0b14d9918a41a1bdd5002847e1c3d02f0dc2235857a9797038d164591757820e7d74dbadd42b8903f20434c6ac0f401fdbfcbed5dd3c5b5fb0ce1f9c81e8d1037fde8dd3fef1d5d7af6af8f36c0f4462909dbf694cc6fe80070bd5fac5a5ca4dffae4b2c67892f7c53af3644ffec29ab3d791bd7934ad38929a9d5fb9ecf10b9dec62e315ccb0e0de60bb1620daa8154a4cdec98d94d42ac1a4b5f8da6afcb7dfb53544fbbcaa3aa444182ff25064ace51a825fe89236e850a2c90e1c7db17871ea809c4a11a26f49b213cab87d4a42b747546fb9b15068faf1a8556f909f2c47202e7b65cddc708ded90bdde68725b787bdc2d4eeda60204bd0028f07ffc3052f93eb6343d1b2a9a5292e6574baa4a096fda6dd54f6d39e9462b6839b8ee2426e3fbf42a016dc0963145e602f2b0c351f123df48f608f74b04fc7e9cd018e7ab25bc1c12f8f58c0b2dce5714faa54820ef72f38566e3d776ea2d5b061a2e94710176f15d2221420abad8b8b733de253e602277848e7f1e0eb4d07f5eb0cc4d9f874e632007cbca23a5d7e4109cf5c4fafe5f607149bac37938734b77d9b183cf76014aa61507bd4eb44524e8326c58932c8b9f6a10e334cc602b5b8c956c7cb5ffa099274b599fc9c58327f85553e00263e548c93c89edf7a7c83cc10348662fc344c85378572a40b49ae65972fb40abd5e0a38af48207983f86c7bb6bf9b7853c4b1fb522d135a83bbdbb78130b4df3aa7cfa930868cd5a2d995ca9fe4f64c79485ab19d85b0c82a72f4a09ccab267320a61208ccef13c3546ab0f16e34cdc56d6e48a6d9c14c626528a3b191e3723b19d4388d5b9b61c7aec726b8752455f96e888ba7af82c127796e9b67432d1f60a3470c7bf4b924cf10f06a3e3f64c60c7c2b0fba4d1ebe4e52014b4052c2ba0d5b649c46e5cdc6c7159faff2adad2db2d3db9f4f9e9735ba28b7aa1c6c2fea9dab6c9617160d182dfc13e18f44e73c4377df42080d08a87fcfd46b4a4f30205457ad19ddd473fc3a67153d04e960f1dc7556fb158a1d584eb2bde917792892a30e9cd25d37a318cf06bd6541463adaf5d12adc50252f364ba05f89182018ded2179c23a1fc0b31d87139da39298b8d387446c70c4577a27f6df841d9f43106bc1bf44f5c7a41460e2afc9eea98f8e256919c0befd53d7d015412391963c9ad39a19aad265cdbd609628e1913adc2467b69c00865a88635c46a851e7252cf3dc5c3cc5dcb04e97c0742d1a844556744036c97710dd9b55f661506f36cfef2c6b7305b63f5c33469b33ad09e1b593a7ddfc97777954c71c8e4857ca49aa7e5de0d25d760f633660e1fd783cdc43b00a0ec149cc9c8385807c2f6b4cb255d6a15ac75ef63d0871b176d503f332c069ccfa7a2bacd11999ea792024b35c9faae5bf02bd5c844d04d9680c1fe35c2d90ce808b45932e754e4e1dd142ba5a7bd9ecdf7717094ed4359eba666fbdc1e849ccede72b0b37f0b8bc4f76b99222f8d199de11dbd0ff396236f4a37aab955126a60c9f0d457c7a394920aa9014611e5d994c8373516f061dcc5ac881bdda5132b5ee984b15fd007828401c72df63c2efbc5f0e8545310ce65d0635dc73f0cb1c796c24b7ee62616116c13369ceb74ff8bda64a98e903dfcfd88b3c0c5f86191bcc8342578f23dc70fa6ceebde822ffedb7587a3f204d330be4977bbbc2529cf0ddf4c85b17f1088f48d878e72fb00e15a6144231108be816d2718c360e2fa8a236691c775a9a0ef3559696e9b8f85eec0aa2b1c4f01a2df6065bd31b23dd37718613fcbbb1566dc0607bf487c1a91f2b39a83755a6048e46d02ede0f5aaea8ee9e245d6c37891f5ebc9bb7ad2462b4ea4f1167b8c8e97e2f7b62c1c98ae0b808ee6033818d28a00ee72120820b2227da50d7f66d3318f6acc6398c81e529c5cb0df75e303954c2fa828760c1133fdbdf1fd7675b8634bdb496b054b91672fc7ac344a37bf60988870d54e5baf91334db883b2c69acb50676c2f871fd577747dd1d26c00a56e757b6a0edcd609ef5c3b3ef669ced2af5f19ad19194d04f23ff23546df47bc67ad596672a40cca2e87f8fcc3a318e37c73f9f50bd06926c74078356ddddba42ee273e0c33c2fc6cdd1fd50daa6ed3b7b6ce558f89449fca6d8b05c90639283d44e14a854eb29d65ce5b9552597072cb148ccea15ef430630559293afaf204f22a890fc3009a2bc1b0844a49668354a940fbd0d5919faadfe5cb80e4c93d138ae28269a99c877426298b9ec7f01e9005da2d7977f34103de38b2f65bdc1c899ba96745ca977c46db6003b1ab840e677f0d8960b4e9f71e82fb89a8cc0702739276ec7a040c69e6dc0e439658d420737a2f6cbe7cb1ce904f4a39dbe8284971e527ef50976c89855f75d5e129a09a117a5c042411696f8a3bf02879a287b2b1ea2a6e1adaed0374341113bb8363f33aacd361339c9c06b4bd6e04f8fbf1f120f1992856608426d44abb6cc429a075c7bd22bdffc9493f218286f8eb585001fdf79327c8c17d462cc2ca5b435d444659767150c6e1000a74f001be398a1bb48863d3a4d4a71a4623e1721b003d7d2c038fdb405b814f37a95a6a53bbb365dddeefb83451676c7b57a23dd1d523958e2e2eb8d889c47cb7aa515e9b11b2c3accfe6739a8ef56b7a02adfd63ec9f9232c38e2aef3773a9a7d6f4844ea1d609f146f19e6c46fb6b961b8037e5d9ba34c0ca5c10a668ddc5d6f4c7951732f68c56ad9c1b3e53e09d33d9b377258ab2de957c8adcd4b68923ed6eaf2441e2d888d1d4653c5686ab712a82ca16cf475009e238e5a8df04ca2fa719e6308bd60026deea44355a6e878157ffc7f14a8d34275a9ed5f810ea4ed1827e4c91998aebe9aacbae14d95eed96a9de17463ae852f53d2bf3e92df959564e9550c1eeb0b052c00cd44c07b7f021cdad5c70908a74bca9ec4fa372f491aeadb297e8f571de1b376ef1b7194d8e434ba3867940606521399595be0ec4daab0b45c42e439adc5cbecc7310025ed8761a1d78adf3ee6b223577e473423cece99cde0807269de6929624ed1739b2380ed4688779ce9808595e9b87ed6f42d89b1676014cb8c9a3f7484aacdf794f056439fd1e5233de23141d5b87ca95b54721a01212666e8067cf683025f1219f4d0569c8cfb2d6ed67e7f051e2ef9d0b70a390ac7d53bf9c4e537c74afd223e311341583282ac6e4ab209a591ab0f4d7205512a74a01cd33b57d993fc5c548a757d757e1f32272c22b86fb2428b338eac75c21e4ce3fbfdc6f04a62856610308e65dca82a7637d7113a48c6ce0357fa454f6d58a1b61698c7b65dc9b8678f9d279b883f76e04ad1f1154e2f490afb7e397ce65ce297f6599b0671f3129bc87cf4221d8ce101f71a1df23b6343dc3d6e35ee2eb0a1e37e67e091fab994b8948e956320d7e512308641a129526ff2e73ba026fb72fd3da3482fde5374d54bc3ed6ae53f2b9b4d222db5f3126760285683ecbbd0f8b5bb964e5a1cfe404ce21588a21c2244e0f76520e139992f65a15299548f4dc5e4d1e54acf7592ee1f04e36987606bf10e4632c79d00e1ed985553b00a8e828dd193f5cbd7101cd36745804d474532fc51e708c7f124bf9231b9a7bd1ca4446060535054b4bfd5a61607f3ae45cf1deebfb9d8710e5523c8cd03565cd378e77b1b3323a7d97f28fd1a13aa40626abf69d7b66ee9db3d604b293966347a4fb36d089078f9808bc209109690ea47941ad7c146367b78eee93131a57b5e12690b7288ffecf22f39f308a80457ac6052b8f477bafc15a3ab30cfa3cbd7dda9803e5a5664694e77f528087de197c02fd4d133ea9133b9aa4377bcc0b62801982b999b6e7f76dff371dfd998704e340b4e5da88384fa8cf08d747c977105e4574bda02c56361338a0a9bd800e94c861a31d5d64d71cb65c0655f5b5cf5f900e348d7cc05d9c2dcf711859cbb8ffa54065e2e5462f4c1d80d28e5d5400090d4bf61565422b8df0f34f7a7c1e153d39c9d7340d15b8db226d323b4e3c50fd8aaa87ec9e5c3fbb3ad66462c6ec5ff31877024d119fdb7a16e69d324ca9819512c45c3852409f4899a41a4d16ca77dc3dba1ffbdc2af2fccaba1f04e048444154d5019a267bbcd440d7bb3516e9741e5f9c3ef1135e8c0d70e3c7800c10c000e9cfbddbb5aba9e43b3dc0164f92733590f6921bfb53aa1466a53b6146113795fc13d1621b3cbe0eadec02c469a4899232c23a5a88a9d659984c22ee523b5c5de84223a0f0f9bf1fcdb1efb4709252c0fab477823bf2505f9a2e4a36d0bdae824ecad15a4c313f0c9eb4423ea249710e353e61264630927f778c01978f5b50213d71fd746e40009432bf50b7932b7659942f0d1b6375b87d9b038ce271d7333ed282beb3925a330d881ac7611d3e8b869601b146fd82c06b340ae4823c4c429af4c15f2a2a2bdf383788e86b68c001866a86188cfd71b02bc8abef13703264f3ad08ff6602e15ff84715b7796541c87e26b0c6e086211943e52629f8c1e71fdaec972ab5a2c690c78b08d65651ae4b64070f7bb37931119881ef14c4c8e228d67d34f1c9eb855b39ad6e615bf24f7b453a76547edf2fa025c53bda95d783fb3f735852f28318a8a67c8ceb5279d380d724ee6eb2e76ba8807a0865fcafac50d09a92b85d27a238e4461a80cbbeaed62a844c17e498f6457aa642ebbd0aaeabf127b8f8fbdc2e28ff7fafaafe3016603461f256d7fca690a8643b9697800b3cd59e09ecae48baabccb63cad4a627f6bfba0759f1c186977e9698e6fbc16ec9d1c95ca8e2e075a1eed3ba6223e4df44be7da59a444715a78fdb90a1645c069ca0fd1609b7dce29ffa11f17266c32856f9ebc853c0c7cbbbd82667a5106b5b63f5328ae9d653dc5dd53194988f0e421db3851eee53c557e40a7ad293a22ffd3445d296347cef4187aab3c9c3c2a8e40be66919c30cef3de8125f3cc7342a43791cf1b3b117af99b04e0fd8170f17f4ba25bdcb24965501025188a430df86239d369a6e2c9245e914fe4be3a1eb48e22e2e1c72caeb4b0d1b69e8a817cc7ddf644d33e56ae32215604f267a80754619440ddb3621280a4b388c14ca19dfd398d744977849247d0bbc55d5a54ef062ad3cb3689168b28a0981946fa01737e081101b9c571d0ec4e5775159daccc110588fbd35bf6f0d55f99da967a3d3db1999e158958d7ce128571efaabc09c1aa7137c35f3edf7cfff386a79ba5acfa974366c442207a39ce67afc8469c2ddc6f45413dd654d9f59ae7fd31115dfeccc43c27bbcffab119106735b7782f9694a3e30159aee341f04540a54443562cafad5cf3336c6e900332b053d7c93bab45d8846cb5b880e11b979c13dfea06267932d89e258ef30768ec2ce1d7b020609a5ea6ad9eda78219542567029d1d4d2ffe797b7f95f16b8f599390b0b630decdc6e17593b7e4992d48e62c27cca2e423eded85cd4b436065496984d59044d38f317d0ba649837e5377ab3793c3f66c0509eb37ba365c94273b3cad97c5f607bcd312cdf3c8605dd5569e293d21c588969d7bfb17a228b53f2cd0387995945253c6ec8fad3777cafafcbb9151a54e653a142b5ad0c62682b8ec4b99f525dd853f75c17ae6264b7bf975138de9932d40be9f35ce25dd2a1e307fcf506eb6db8803c19b9880f96299ef58a6bdf32708346db540dae112b0f7ebfbe6f3f46635b7d98e232cc91eff2aa9c7fed6dd53d448db2fb8fc4c0dd661d47585c7966f9338f165e53b3d7777dd844be6a6c8885d95b839a32ea0bc83ec0ef8a5bd11b666d11fd8e27561d8afc4686e978ba31ff2f812f81a6a82956b95a0cce2966a37a4b9e33bd297ab8b1667f6ca5a6be65e4485a305651a4230b7a010a960b035dfb7a8474dec1965c6a9177f62484817807e0dc43ab2770b27adcb40f76c0e78639c55fdecb6c008f2e859ed496818b48e5fbe32376fb3c434afc0ff780867e7374a8d659cc1580e49678f4542e5cd3e54d5f4bd1ff6d186827d588ace5a8adf437dea11def7b57b6b8c992b86695d09c65aaf532d6b8cf12686df8b07bfb5a8aef7944f04c8bd00d500b8b7eb24516dbec0f5514dc48f70eb26a2b78042fb6b4726a20fcf73ccc9a14b75bb82e558e8bc4f7ff5453850f83d12896e9abf322e5b81b6efe679c8c98ee092e06302f9f1472931dbe5a815ac38b1bff79363c4f846caa755ab3ed5b60a938d5f1a9e10950aaa0c5d10c5c4f09abb8ce6b98867e6f8644e3b9d603f07f9c2d1044600635d432ce796b0b96baf572238711302f8fe486f3bd4b5a0463eefb0cb04271393cb1b47b033db62840b4c535da356de3db90961deefbf43060d57b303489aaf9c3bed935f8750d47b8e6aed8eba71f08d93246c92c7cfddea99f6e052bf18e787aca4cc04779dda1f67a420cbb5fbcee2f2ae28be664fad18b478e171dc3699116ae71421b86a5fa9732767c994f38519874b33f07b12b8baa5bc672017cb1e2c8e8897e541358da9a9e3bf8bf57ad3541fb434534190ddb95a5ad701e20548b269268fef7c20c15adb8a86dc8ed756f760370ef2bfff1261349b535b77f67a4118dc8f95c70e977ae39c7c77f2d4e2248028439b72325c033c68684fc8dd6050f0449e2c87debc00fb8bd5d1d9b9f31219b4243cb089362b345f2b9aa7089eb618e1407223ef1022dbaa856197f6cd8dcb7fc53afc16731e0f21b45a17fdc2c49bfd9f14e454c98536c507c3aca95ad57be395ea9d737a4a3237825cf102ca080e013230cd7a46e91237b2214a2b175ffb390ac9f12e5dd3124ffe1e152e148371425c6ae5c603715d5439e0f9e49e8048b56489ce79c26df2dab6ad0c8ac0b37e5d4fe10061f44f3d2314e1ee6245ed600c62a9c448faf905267cdb125ed7dd2a7a539770bd1ddeefd13a521991cae16160cadef434edc23fec333ec7b328c4a6213c5040848e835c6b3e0aebcae1d5884f7e8f654adb512c2f0227fae83ddae0dfa848e0ba9344404ef1d6da880f8eac71fb7e02f197859fdc1ec634dca3f46932e5f022689ed253e60f232e1acd96fce398961d62c4d63d7f37d48c26175298658c224bc1db73b8baaeab139065a9bd004bcaa24493c17f09961c09bd0cb828a8cb3cab56df2991646ff370040bc8507d3d16e66dc075c8d302c6586dbee27b32f93ea563a2692f65ada174e35bcd8cd3214c1a38cc00c90067828b9980da7dec04fbeaa2e550c8d069712efd0853e7daf007b0de5c9e361d75c40ad5f9f2923c10ea479e5852ad35f232d6d141ca7b4328c9d72dc5c247d1431688b2a325d88582733953ee50f997a5d8324cdcb01fda11a773093f344fb38b55c5f9e7706e1024cfb4f2e47544ebbaf792de3c4d8f1522e9d9ce73fdaf1740d3dc134a78b53c6167aec45c730016b8ad9d9bc4042b6835a5ff34c9d36da7418719a86be6637c896fa4a4eda862a9e73ab97e5a977aebf0fe64a7d507dc210a677873e155fe4b2cc3a96e558f4d54db6fc5fcdf166c4cd58bb5d1721378ccff170c0eba14b990ef610606909c205e34aabd15eb7a62406df5451871b18ae3cfb5af37b7f7bb2be80590d3be02c5d0c4143be66efcbe13c6927f54ed27884b3d6a73e90516552a0bbd81f7c76ed5f84ecfef2225e52b9cf6021895716aa29b540750eb64b31cd7be1e9fdaaf132681b23cfb2742fbeb4d1f40fd0bb1d13ba044b252f2f04b0d5fcb121977486c5754a569b81be7577cc0c9e918affbf9abc1b6dd567aab66b7e2aca396e79d53ced9695a65a704bbd9700b55ac8c968c5f43557060c6507a3557c8762a7dc8263eaba22d51fb7df435e20beeaa700609d774d1e212e7493b672324e1a907fc1546cdf7d4ff88029dd7e9c92fc530e3f55b6c1b103c69f14859524d07e454a3c5f987e01d21d9a5a6f842370cc3dadcde1b5822b0d0c47883dfee62b9b7209c3a7c399ed34604e164f806e68a5a24a53d0c5beccdc1389e87a5894061f95e7e8e8bf84ead6e7fb155938230f22b426d9041e8bea72dae14911824db9b65bb0ea0d0404cc8fabcb8f1863e13c8475beb68138e043dd67bf1b0d7e038f9f3d25c8ab1a52173af6b46d8260d677bf066058e89dd18b03fa20e79938dab01876102992f9df49dbe983526b9e0bc83c15cb9d52511eff20d18dcdd316bf334b98aed9024051b87bd3d767054470f4b7f59a207e9b9f17827497bec146aa1b0d18ef54ae5927c64b05f34c8508a0cfea02cf59b3c97a1d3e83a00b7ca495167f411b3f41c1409a8ac007e1cb08ef83c4cbe38117d4b1ef9b58dc0092371b1dbb1a1834f780282dc2f3b6bf36fd0dcc7619c28785b76910757376adfb014ca9ff8bfa3e291e7cba2caa05efad48b1506337b61f74b7b0f4abc18846af682f34708bbee9dee76837bcd192876d1861a20b3e77c9984aff5ebf0a2a4741d6e43b4ac056ea138e79230144578bfd4ae82b84ed109e4d5ff0f955ca481ac0231cae963b7d4db76d89d07e265973a16899fb3a6f8dba53473954589134b520e680f4c5e707fd056e75edb194004b81a40bce0407b6c294078b77e8abd8873c01f6918b2c7c6095c9f23b9841e90e8acde53ba60cd78911cac6fc2ef6bb5fcbb0d3da3e63d70b47495f2177afce5da37c59efde49aae133761847a6f0c8aa374790522ba04d466bd1f7860f53371f5eb2f506c5bc7bb6ab449e4a5c37866c31684b285cf5da17f36434b809f69c542c989449fd0eca50f5eacf8080cbbe8b84d1183095ae7416b8f2b98311451cf7cad2d8fb721e589f9e611376430359cf855444fd1415011e8c313834bf0e217ac7b03f8add941427b0d15b56378b2cd1e3925008c16cd5f95dd149c7e050e0a153e4333e63bd14816b4357fbaa5f706af6ee225057eb599bbe5714c9ff23204d1902230569839d8836e6b2525570b00eca8534aa0c29cf62dce61ec66d9c195be81279b698ec8565fd6754f636b9288247657efdb2b6356a82f014a1e6b24926fdd67810ef0a01295c664980f2057ca17362b0a5888c23ac21842f931a7d57cdeea73c4848c6c1cce20be979faa611f86509ce031fb4102a0fd30bea4f4f840c75d238362a2c4f8de16e81733ca90119f8c1ae148b184d0b113685594088ad8a947455dcfb782f8beb69e255dbed46ae2ee6f094168a52501fc68ed669fac390cd9320ba16d69c86d6f642aea836bb1d7c14593f15d8d33d452d8c87003d7ada1995e2b43f788b4ab00ec6f58869968f098218a3ca21a6f369d47a14cd3de7de8357902e8ecfb5f2e6beb5d3d32a6a6224fe3d6dc5c06eb117af0ab396acfcae58b2b1b9981cc71cc1cde07491b6b6d97e04c10ff216393dd28737d31c8f2cc9ebe161b96d407088b2bc456c331b676a0d7dca3df7f7080697d154fa14f351fd467e30b4ac3f4eb7b4adfb173ff20594cfe539c775c4275795d54782bae4b59cc64a45740ff73d21f5d6cf39e10bae4fbc48ac7799023796d7408ff9220a07a49552b18c5e35f98082297d2b4a0932e4d224c6807d49bf9b5de2eff1a8130da56124ecb5509241fe95be11eb0df066f5f819bc7db0f1ee90ea0aaf4ca4458ae7b5105d574de028c82714ad0d53bfc8ffab31c57762b38e433d6991d83ba5616162e27e8ac122c145547c4abe18260c6d32c755a44390ed41241ef375e1f5a4311263881a02dae71f837206413fc37ddf40a9bb72256d1625ee0b94c1c5715809bdb24224cd0698a5802a83e2328dfa22b80e31b9a5c7dc2fe0c68545905368806c308334c194803eed4a24a96bc5021b837a293dde7ba22b9ed27369b3584deda6489bd1b3fa2925beeacb7d3be367fd014547f82b4561c0120978b6ec2b32ac2634589b819a2c94fd20c081fe9eac7b0745f73a1981e21b05b1bd97a9a1d7218c0e6d0e473e15a1a7465cea98ba0c72af2f270b6a61bc51d1a0a9603b91fcdcc7314fe7aa007ecffe6c7eebf5a65e82a96325e86f9aec39feac6eee9501495c74000ec1f0923e79ad1fbf6dc581539047537794151473e00be353b3b8dbb6da0053826c7bdf16c43867cc9cab9d1220466ca29ef2d6172c4c0ff9067eba9d9775225efaeab1b8c634b4001d2a5c01628bd5550c4573fa017afa3f501f1a6b7d7a483dc0885ab9c2ee959a596ffbb68c7ea99e48f4304697edf7fdba5567735ace3433c15aa59863f87e4605206a31ccf268588de7ed37fcacf6bde80c68ad53de63feb4399cce137c5776abd15395402af07250938aa1c466511bd5754f9cf2f938faa37a683996c801c8fc8aae36a706c5d6e2d36e96ab77eec817ce4d56d2bcf5a43702a883b127a1da8b6ceae1b82573a9e9e9e297560f8d65a1f5fd4bf3d45af0841e691b6e637bd8b9f7c8e51b813b818b0baf2d9c5c9d116781d327b4b43309c7265612089f1dce60a41fd0aff4bcd1335d696f01cee7b371e13584c731a3c3ef7e1b9f3f41f91c4dc647b948c93a99c1ae79f5f530c68c3cc28bbd", 0x2000, &(0x7f0000008f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000008600)={0x78, 0x0, 0x0, {0xa93, 0x8, 0x0, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, r3}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)={0x10}, 0x10}, {0x0, 0x100}], 0x2}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="8f0cb979070811"], 0xfdef)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700f00000004000000060ec97000fc83a00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

22.265035838s ago: executing program 4 (id=1087):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000fc0)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0xe0, 0x16, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK={0x94, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6gre0\x00'}, {0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'batadv0\x00'}, {0x14, 0x1, 'syzkaller1\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}, {0x14, 0x1, 'pim6reg\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x1c, 0x2, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSET={0x188, 0xb, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_SET_EXPRESSIONS={0x174, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x38, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_LOOKUP_DREG={0x8}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x3}]}}}, {0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x4}}}, {0xe8, 0x1, 0x0, 0x1, @match={{0xa}, @val={0xd8, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0xa, 0x1, '{-+)*\x00'}, @NFTA_MATCH_NAME={0x10, 0x1, '/dev/uinput\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2c9}, @NFTA_MATCH_NAME={0xf, 0x1, '/dev/hwrng\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0xfffffffc}, @NFTA_MATCH_INFO={0x8d, 0x3, "ee3b576441b2b713bc043ad940d577dd19bc0223f8f14110b0c7c4f8aac29f1b32ad234bd61862e3d29e88bc356ecc209196c98eac7cf3f7dc62ab75425724d9837092fbdec7cd7c96d1394a780d8ab7a6fa06886bfc772ea7470acb6a25d6b3bab8aef1b27d5a6b40261b91cee864bab5f9b69ace80d7447608a13d152e68f83a9d1a36a2da06feea"}]}}}, {0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}]}]}], {0x14}}, 0x2ac}}, 0x10)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_END_FF_UPLOAD(r1, 0x400c55cb, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/igmp6\x00')
read$FUSE(r2, &(0x7f0000002640)={0x2020}, 0x2020)
read$FUSE(r2, &(0x7f0000006980)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x0, 0x2})
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r4, &(0x7f0000000e40)=[{{&(0x7f0000000300)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/16, 0x10}, {&(0x7f0000000ec0)=""/222, 0xde}, {&(0x7f0000000540)=""/78, 0x4e}], 0x3}, 0x10000}, {{&(0x7f00000005c0)=@nfc_llcp, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000640)=""/190, 0xbe}, {&(0x7f0000000700)=""/140, 0x8c}, {&(0x7f00000007c0)=""/231, 0xe7}, {&(0x7f00000008c0)=""/87, 0x57}, {&(0x7f00000001c0)}, {&(0x7f0000000940)=""/77, 0x4d}, {&(0x7f00000009c0)=""/232, 0xe8}, {&(0x7f0000000b40)=""/82, 0x52}, {&(0x7f0000000bc0)=""/130, 0x82}], 0x9, &(0x7f0000000d40)=""/203, 0xcb}, 0x3}], 0x2, 0x20000040, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x5d, &(0x7f0000000280)={@local, @link_local, @void, {@generic={0x88f5, "ff6518c383cec5863063715083f23cc2acca34f1fc85e1420b26920cd30fb56d73b4042f5d87477067ef835e4e96369776501b5aaa28b038677757114c79cb6759f0e6492ff6abad711e0ce1d8ff9e"}}}, 0x0)
io_submit(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

21.747931563s ago: executing program 4 (id=1089):
syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r0=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_open_dev$vim2m(&(0x7f00000007c0), 0x5, 0x2)
socket$inet_udplite(0x2, 0x2, 0x88)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000880)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000b1010000000000004000000c2738ed0000000000000000000000000000000000000038000000050000000000"], 0x40)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="6800000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32, @ANYBLOB="14000600fe800000000000000000000000000015140007"], 0x68}}, 0x0)
io_cancel(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340)="3d4c3a93864f52c49fe402b3f23d5e82334ba88133f41f659bc3120980cf51e8d2e418dc2a2aff9bc38fc17dea1c53b5717d266c3f05792dce2e8d747875d0732b6074b9d21a3609efa55cf0c145e9e098e34b56ff25b6d0e1426fd785c4f33595fd6027217b39f019e861b302d37f94f3e6ce51d366a95b33638c182ca22ba0ef3d2d820eeb2e549964e88c2a47c4d828e761e077a3348d78a79a9872fa14c985ab93b67ddc53d5b9b01a82f28ef55aaf20139f67ba9cb2cb778d4d92571474a49c97e3d9892192a231b4b84c9753886f2bd71bff279546816fecb9689a59c84701833181c45019e9c1baf10294cef092d00b5884e381fac7a8c3bd9b825ce7304c5fe6d0920258e404757c71cd8cdcf68b8bd5294d6631e58ba416ec0f3fe1c58fcdc9da095c56303abb139596f2cd4e8bdb0949a2295bff563deae509c8e74b3807", 0x143, 0x6, 0x0, 0x1}, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004e4aa92082051600578e01020301090236000200000000090400f50003ed0200090503000000000000090400"], 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f00000001c0), &(0x7f0000000200)=0x30)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x101000, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x1, 0x0, 0x0, &(0x7f0000000180)=""/48, 0x0, 0x4000})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74, 0x4})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x1fffe000000})
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
modify_ldt$write(0x1, &(0x7f0000000780)={0x2, 0x20001000}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

18.74941804s ago: executing program 1 (id=1097):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000d40)=[{&(0x7f0000000880)=""/172, 0xac}, {&(0x7f0000000540)=""/76, 0x4c}, {&(0x7f0000000940)=""/167, 0xa7}, {&(0x7f00000006c0)=""/131, 0x83}, {&(0x7f0000000780)=""/247, 0xf7}, {&(0x7f0000000340)=""/104, 0x68}, {&(0x7f00000005c0)=""/224, 0xe0}, {&(0x7f0000000240)=""/58, 0x3a}, {&(0x7f0000000a00)=""/94, 0x5e}, {&(0x7f0000000b40)=""/187, 0xbb}, {&(0x7f0000000c00)=""/163, 0xa3}, {&(0x7f0000000440)=""/64, 0x40}, {&(0x7f0000000cc0)=""/60, 0x3c}, {&(0x7f0000000d00)=""/46, 0x2e}], 0xe, 0x0, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000004000100f0ff000010000000000000002000000000000000"], 0x24, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000280)='net/psched\x00')
getdents64(r5, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000009000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f30660fc7b68f000000660f38412f650f11a005417a26c4e143c20e02b9940b00000f320f01c9c4e275b99a09000000c4c26d36a9720000000f005ad2"}], 0xaaaaaaaaaaaaad7, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000009000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f30660fc7b68f000000660f38412f650f11a005417a26c4e143c20e02b9940b00000f320f01c9c4e275b99a09000000c4c26d36a9720000000f005ad2"}], 0xaaaaaaaaaaaaad7, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r7) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r7)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x30, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x1, 0x63}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x71aaccfef1dc9301}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040005}, 0xc0)
sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x1c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}}, 0x0)
syz_open_procfs(0x0, 0x0)
fsopen(&(0x7f0000000080)='binder\x00', 0x0) (async)
r10 = fsopen(&(0x7f0000000080)='binder\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r10, 0x0, &(0x7f00000003c0)='dirsync\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0)
fsmount(r10, 0x0, 0x88)

17.716030251s ago: executing program 1 (id=1099):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000fc0)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0xe0, 0x16, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK={0x94, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6gre0\x00'}, {0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'batadv0\x00'}, {0x14, 0x1, 'syzkaller1\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}, {0x14, 0x1, 'pim6reg\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x1c, 0x2, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSET={0x188, 0xb, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_SET_EXPRESSIONS={0x174, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x38, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_LOOKUP_DREG={0x8}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x3}]}}}, {0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x4}}}, {0xe8, 0x1, 0x0, 0x1, @match={{0xa}, @val={0xd8, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0xa, 0x1, '{-+)*\x00'}, @NFTA_MATCH_NAME={0x10, 0x1, '/dev/uinput\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2c9}, @NFTA_MATCH_NAME={0xf, 0x1, '/dev/hwrng\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0xfffffffc}, @NFTA_MATCH_INFO={0x8d, 0x3, "ee3b576441b2b713bc043ad940d577dd19bc0223f8f14110b0c7c4f8aac29f1b32ad234bd61862e3d29e88bc356ecc209196c98eac7cf3f7dc62ab75425724d9837092fbdec7cd7c96d1394a780d8ab7a6fa06886bfc772ea7470acb6a25d6b3bab8aef1b27d5a6b40261b91cee864bab5f9b69ace80d7447608a13d152e68f83a9d1a36a2da06feea"}]}}}, {0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}]}]}], {0x14}}, 0x2ac}}, 0x10)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_END_FF_UPLOAD(r1, 0x400c55cb, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/igmp6\x00')
read$FUSE(r2, &(0x7f0000002640)={0x2020}, 0x2020)
read$FUSE(r2, &(0x7f0000006980)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x0, 0x2})
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r4, &(0x7f0000000e40)=[{{&(0x7f0000000300)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/16, 0x10}, {&(0x7f0000000ec0)=""/222, 0xde}, {&(0x7f0000000540)=""/78, 0x4e}], 0x3}, 0x10000}, {{&(0x7f00000005c0)=@nfc_llcp, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000640)=""/190, 0xbe}, {&(0x7f0000000700)=""/140, 0x8c}, {&(0x7f00000007c0)=""/231, 0xe7}, {&(0x7f00000008c0)=""/87, 0x57}, {&(0x7f00000001c0)}, {&(0x7f0000000940)=""/77, 0x4d}, {&(0x7f00000009c0)=""/232, 0xe8}, {&(0x7f0000000b40)=""/82, 0x52}, {&(0x7f0000000bc0)=""/130, 0x82}], 0x9, &(0x7f0000000d40)=""/203, 0xcb}, 0x3}], 0x2, 0x20000040, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x5d, &(0x7f0000000280)={@local, @link_local, @void, {@generic={0x88f5, "ff6518c383cec5863063715083f23cc2acca34f1fc85e1420b26920cd30fb56d73b4042f5d87477067ef835e4e96369776501b5aaa28b038677757114c79cb6759f0e6492ff6abad711e0ce1d8ff9e"}}}, 0x0)
io_submit(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

15.888806424s ago: executing program 1 (id=1102):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x73797a3100000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7ff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff]})

15.516098557s ago: executing program 1 (id=1103):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0xce, &(0x7f0000000040)=0x7, 0x4)
r1 = dup(r0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
r2 = socket$key(0xf, 0x3, 0x2)
copy_file_range(r1, &(0x7f0000000000)=0xf, r2, 0x0, 0xfffffffffffffffb, 0x0)

15.237997216s ago: executing program 1 (id=1105):
mkdirat(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000580)='./file0\x00', 0x0, 0x223216, 0x0)
mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0xa03c71, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e08371b0c"], 0xb)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
pipe(0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000040)={{0x3}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x49)
sendmsg$kcm(r3, &(0x7f0000000200)={&(0x7f0000000880)=@phonet={0x23, 0x0, 0x0, 0x2}, 0x80, &(0x7f00000018c0)=[{&(0x7f0000000180)="27050200d40f000fbe00002fb96dbcf706e105000700810000008100", 0x1c}, {&(0x7f0000000900)="cb4e64b0af329873eef12979b76d83000c42c4f9d8bb7db4f5c055a5745a7404536ff6b3130830b22f631d5d507326426cd9f5ad425869cdbf1e03a9657ebcd7b08112e669feba6299d02c2cf0f15e067425e8e26ada52181d0fb880f1fa940bc38a79d88aceaac12fcac277141309af0d5bd4e6f8170ba3320ee4a60c3bee0558c9fa97a197bad492cb15364accac83e2db60c4", 0x94}, {&(0x7f0000000340)="c608178d799f513adcd2d9c592a7acb273f858a8e1f818657df32f69a33f29dc4ce76f5f3629554add7b745bba14b6e4be985238ef4956eb0c0871a590455877713593628bca814bb8e37964c74db603a720d04218959428eb9414b4327abfb20b9502d36d2aa3eea1c3351ffd5e733606c20afac4cb375b33aae32a30bbfb27378dec11e7f39d2b7ec0c940b38899d202bd046a39f37080aed0bce6a5b677e304a65ef9d700b2884daadbf234318e84e147ccbcadcf95d1581c6bb7019d4aabee9d9227685b99d0196420fd035a91822bfb12b363a1958b0969acb3e48ee6a6f330ebbd74a8bf6462282cc96a954106375dd851f68f5466803fafa755dbfd0d89d239e971a7b907bbdc7783dd", 0xffffffd2}, {&(0x7f00000004c0)="a26bb9b15718e8a3ad9316084c150413bc11d64964039adcb06d73e326b5355df6f1bd35ebd086399b22fe06b8716973cd6d4cf1ccfc897a59f1855f7e9acf8d3ee262f039cd7ddabe4525165deae43299707509502e2c78f4aad7041dca3de619cec2c806e2f7092edd4501e5bf8d9a62a581959469b3826d02b801ed600cb7909aca13f10eb9f503f621de91a1", 0x8e}, {&(0x7f0000001f40)="123d9d8f27796161c6671c833045e17c13dce752146312428fccd422cba3ac8031ef43277c3f863e687dcc75bd7d7da3e6e82c0c1d1097b2c38a068f9723f6d97e2a38f54d75afed1784c3a15d37291ba62c9fb5f177f7ccbd5d7e505190bd6f611d28630781d13d707f972c7e2ff34cbb7ad893eb3ec47a947c8be13b245851e709ff87c21d32e28558a837fa0add3d4f57801c17a1ded20dc7efa2215a426bef4dbb68452683fb3f90a8a768dcf7da82df41e97b4582fdfeddfd5ce3088441b44e55eb14f8ec14cac1bda3395c61d727879d60eae9672a0fd23176eab20f19ec146086aa347a19726b10f66ca73b1cbddf0f545fdb4c3858ef8e8fa7d7483e0ab8c269b58f41aad478954ae1396dc1a32079d2af5e943c8c895d9c21071b10ac803aa15e264ff3578c3086f2578e15c0d9042dc768d3528dcc2e7ba755f06b940f61e37aa110a3f58884de4b15d7eb9ad3cfac4fc17a025d0e37d6aa8ee9597ec489f02818b964a6b20bc0a9bb5e7c8e64c78ee1c35881be8365012a38918c1de7a6c885494539a07c5ff5bb8e3c7660a08af0815729f56dfe303305a5cc0d0712cf952f2150ec2ee2aee8b92dfe747ad3f3c8a4342cdcc539274a3f22b189a597158bb528c964d95fa1f93127c48c5941c8f43c4fd4beee90536550ebcf5930d06895784f665b597875719fc7fff6884b4a8adcf411f68ecd2625ad5066d46ef5ce59ab4ae855aafe80d4e7bf6141ac10ff0a0b2c49f202ec6038f8744f760db8248d8fc134dda18f242a4c8e7bff3761b5979850e484de27126922145694ce324378fa35b5c51e8956a9d598db50e92edfef225c0301ddc2055e5a785dea283763f726b023416a7a91671b8b0afc3566179d533a5a49307ad4d664563c8f6cd18c43cd6802c0ff8bf8227ea7dc777449f4c4d91dfc09c4a60cf619b267bba09895d8663145417930a08e6a2ec0733aa7c7c10d26ee0d4aac330079769d5f91a237fa4976719d5b5c66a579326f6c047e2b01ca7aa25de06440dd1e8a78ab9558c88a126e325a1796c74e6f2e281eb1b0ec803657227422491b97cce132ee4444b490b15fef508636758e02a42be8b3afdf4a9f2d47e732a85a63dc6b01159001fb1403f84114b3c0909a95594b77fdab180e76f7eb43afd2050edd5ba8671398e860cb136a56f0ef1e7e115e301374dd86a354476e0db5ad18fd801dd7e609ac97947e6307d879720de698c83a000aa10a1256baedafcac816b26f379cb77d6f0876c4a22eb1d56000c72ef26bfc6970ff54aca1ba8f8d2d069f786f137087d62d6e65eac1f1914884570bf09d028e7044e49ae034a24fb0064a1d54883e37c397f0d9c78b94c0556ddcbbd7f32bc4593019bda1f83020c15e90de0bbf8d54aa46b14b10b443da4059fc6b5b01d84b1f484ae13b639f5948cacdf33c3b2f3180461ba187445056d031d4c4ca55adc2380c59c4dd3cb48aae81b4b1b32ed180c93b957268912046d4a28c8aa1f75a5758f53764d8b72fa40625e18564b27b486540915edc5245bc2544a5d6dc5231b35e22c454dd09f8241614cbcf77329f09423731ed3c9c180b3581ffbde15f83f608b6a3c1c85509c4daab065ae83e48b92f2e9ad38b988e3eeef26241eb37d3193207a0c6a8270dd9e8ca23dc8487392eade8fa896166d918e3d7db3854c0fd9e67c54fcb69eb9eb496a7dfd069dbc63af1686b95bd219e1ce11821d62751bda54e61eb2a3311bb0f942cd232f8675ffd519cfe81c062f7bc18e4dc38ba8333d6486e1fce471978e9e63672aed316a271e1f7ae7b277ddccff9d635fcb4af75d7f84153428f958efd89d1aa4b612ae74ff93256cf367a9711f054fae7211f334fabcb051015c6728587b2c017034c8db220e207a69632cec66c55950fae83632c34e677e88050748ed8bd108709ca977568eed324442e902e99a41770fa60e64ee88dd65e3524cec166995e6bbef7ef84f21cba9b03dc09ca5575405fa6603cf3d23ea591bfcf486144fdd0beea534a6b0193d2b330ff17fcf766dc810c98fb17b5503c41f76f1c8731e157f90f3ac9a936fb44b3d3416511c17d40a80a6ae6674403be25826ceb663394885972dece2dadc4268e59e5e61c0f5c5bc59ef4d0cffca5499f3c4ff025c3b75d4c4c2b0b0a03b7d4098f39aac16e3e42634cd5a413b5c5918fafc9cc8dd544f38984f2e6396ee81a1acd2455e46b668d823e8dee418013f0f8c7669a5970813306a6ae74dd955c1616c458a0b2de841e1b18db98adfb6ac44309358b16903a48d14adeb4e4725087ff2cd1a745c0ad82dbddb68ccf82c1b2b160f9b83eaf4e56ca9fcbe0b0897eff3ff0566ba363f323ff63184e47792980925332810fef36fba51221a8a134639c82e3048b6da6ead3ac111b06a98ec6e8afbd28232d11c33554b3aca23e4fe63e79dd107b5109319e39599231d160d9bd0c09dc0640bdc7d828e752231596ded749bd11abda5995d6749046f701354d8bceb566becfe73238e04dd8237db8f62eab061668d4fc9ef0b10c49c972cf53833df52ded41684e0eab3e120f967b205b4fb14ee6aea6f71a1bdb4297349a5a134e2b8933ea113d9985e99e8a3fde7f94b05abe22b33e4cbaee89da84bd4cb52b5d2f3d4287e95133f232ba4c79a5aae6ebc0e60585edc536fc80c0b5ad25c5921795bbce30176bf8e305c5068601d890e82bf80ba992aa3677ead21a8c7b8f8e150663dbf355230a274cf0cb6f2a80cf17c521f9ed658445a928764edd88ac4b1dd35893642bb771dc77a8916f9762eb2cde4d57bdd2283330b49afa8bcb2645749eacd1e1ea689c5c30491723ee1a75c0e812a75cb5fd277f892346f5533b6f97180673f0d72954c0c7dbb2f9940700bccecd63b635c3b4457849f0d8cef538261a229e99b6549800ecd5f2ff6e1307567f5a3fafbfa8f61815247a549a3a46ddbc9cb519422f508dfaa97045f8c1e86d3312a643466c023779b96d86e5271fd1004be4e56b9b99061994e5887520bfba97dafeb0c52cb57fc7d6cd023f373996b58c74dbc9e14fbbef66f9249640e0603cea9f3996a4ed3771f306879af2d0574fc6527b2bc5b0dd255eafb0e992a5526da715ba77743f2303e59ec6daefc3d94c50388a27ad559088dd5ac02d10ab77ee7a9e5311ad924e92047713304a134b26968c070b28f3d2fb954b8409cb6536ca094f34d50e68ff757f91904d6fadc8f369229693b1a339a031c47a58f0bd539ca47419dbabd666dbce8440bf7cb7bee4f1fa74796b1768f11a883fbf0d6f15369574a7cb548df2931da753d92b201033869bfc7798d1dd6b393a1133718304ef67770faf18a3e1d4f2aba59283909dd3f2e18d767f4c50109c37267d13d225e86920e0845b4da550e206b4dcf85eb4e8841c67fed3d8f392d76d49239a86eae59b3b1ad2e4fd2afd879b947ea98e0cea6fd5b0762f29d6d6fb33e4062fa32b16727990c8e6b33ab7aa1cfb6514f0d490af2eff0cab6671dd505f4370c0da83bf52d526505eaad6513d8a7f86c0284132bdabb5be0a919713998a79ecc1333f4432401fb242a0dda41622c71397e06c99a6fca558df35b4f040eebb111c8672e9ec57871bd85accafef0f4d27a40e90ab2f089fd04c874d0f6c3d1ca3aaa9950c3caecd9dad9bcc02eca5546504810dc107775f0f67b1be3baa40956e4eeb0923dae251f99f175a00b22f8e4ca3099c0a62584f3904d86bbc86eb40ad933f5e6a36a817512ac4c5990075061cb53aed488602d6341d5b397b43e274c8e34fde0f2734db0ff5ecee180c2c07836a7842879bb57d4a2372f7d46dcc94556616c11e90b31c1d7967a2904481180c2500a377fb58e42b62edcdcf9d32911c24cf87af8e60f42cc12a2e48ab529e7aaa579010332d9f089f19993d4a6120bf6621642cd2f64159ac42028b1a20256cbd18820596ae6ce5631fc53c54c60c59b9ea4e13af6174199702389a8e06c9aad4f6d3c222767f357169e2a909af3c5dd31cfc0b49831a4c639b1a5187806e66b6f6d02c9844baf5907f97624e70ae1fcb3a4c16113c4c6e7767263dcc3b8e041b16de73457175029dd8b88cc52d887e0af6a5417e7b33fa0f6ab43940c7abbd6451245065ab22826892b5df214034138bcb7082bd2ecd2ac20fef572296bba0e9f38264aa23ab74e1d25827531d6079076f67aaffaa6496ed0446ea80125f18e604eab4001e299b69ca783fc86aff2cde4be90d97dbdd4079073dafd6510e897ad8b70bcbf55fc804b5bd06b5f5763800943c2b4b4eff8405ca1621d8dfdfca4e720bd401836d71828318fdbffe26540fe92ff57f267752999dd76f59502b21498e7afe42af6d1f8009e089f9d177898558b5259849c6dddf47ba20338935fd85144fb9b6fe4224ddfbafb3dc006d2f99f53a036db8f6fc966e24ad841584460037d4f213b6942ca42c57672c874caa8b8d00cacacd8c4e5d6988a79b12542c8d9ba2d44a1e4c80825d7a21775d6a5667fa5d61ff3248cf1e3595a18575a53894998c78fa1d3d35dc804b9998b704098bf2175d47fb1d4a8b3bd30a56e16a0382a379ca024ee4696f59c0cdd6c0c0f257446f215c176f545f2e6378b4ce86b566cc946f106d10fa9cb28281924b1af2d858e8df3fa70554b5f2ceca32bc78e1b0431cd8e1c99823f7fd9f84ed6d3545e110919c871ea0e7d925135c7fd80b4c54b3602a4d6452d93f666d74a2ea6d50f0d03d095e36db2e4aae518cdb974c21e11569e952385165f67985058154499c1ee94021b0f858ee67df86c9d4016d2b471cfbd1b1d99d591c5bab7973916f3d304e4b835387d02c2eddc6e56df53221a05e5022414a02fdb83f129257d770274889a7eb58646aaf1c9dae01a2e5c3214d3727f6a5b928d94fb697e41234957173e0b09eb5478cb59c02be17d526bc20206a655ccebdfdba2344c79937de6075fa27e5f8463649f4d423920194817e25447c94d4cc7e9ad8e6150e85b8e9e11280d74f519dde98d30a8b0aa4174eeb03e55bbd9202eb1ce6270d1a21e893357f5018ed1b82465f86273de81f974c851b4accc491bab0b909b15165dcc77e05ea973ec0f8062ba4cbe07d1643c5b173e729a8dc09febefedfe307b5068152d04db61e41b53752bc", 0xe49}], 0x5}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r2, 0xc0f85403, &(0x7f0000000040))
setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000080)=0x7, 0x4)
bind$l2tp(r1, &(0x7f00000001c0)={0x2, 0x0, @empty, 0x2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PORT={0x6, 0x8, 0x1, 0x0, 0x400}, @IFLA_MACSEC_ENCRYPT={0x5}]}}}]}, 0x44}}, 0x0)

14.301661565s ago: executing program 1 (id=1108):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfff0, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x20}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

7.567965884s ago: executing program 2 (id=1115):
mmap$xdp(&(0x7f0000b4a000/0x4000)=nil, 0x4000, 0x1ea4b085a4a35340, 0x810, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
getpgid(0xffffffffffffffff)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000080)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
bind$packet(r0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x80}, 0x20000085)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000d80)=ANY=[@ANYBLOB="bc04000000050103000000000000000003000002540201000300000003000000030500800600280073797a300000000000000000000000000000000000000000000000000000000017fba54a11dfc325c5f8dc169a7d1bdeb79b8942959388543c4d7e4b18e3df854fae8cf6a0a92258a2701e77e5b5fb022da3e1d5967ee4acc85a35bf3c0388620700feff01000000080000000400ff010100000007000000cf000300020000000600000006000b0001000000592500000800b23301000000030000000900ffff030000000100000002f43800020000000e00000005000b00020000006a8300001500da000200000008000000910b00000000000002000000ff07040002000000c21f000007000d000300000009000000ca000101000000000100000000000100030000000008000009000500010000000500000001000300020000000500000000000d0001000000fbffffff030000000300000000aeb0004000fdff01000000f8ffffff07000200030000000000000001040500020000000300000004000300000000004b0000007f0007000100000006000000560707000100000005000000020057090200000001000000080007000100000073000000fcffffffffffffff08000000070024430000000002000000050007000200000003000000060003000000000039230000010001000300000004000000dc000107a8b301000000060000001f912b0300010000000500009f0200000004000000050009000000000006000000cb040b0002000000492cb018775606000000000003000000040002000300000005000000800009000300000003000000540201000000000008000000f70f0700ef00230073797a310000000000000000000000000000000000000000000000000000000037cfbfc89cb5d8377550e467f216d49f84637090aea9eec7e3f4452bbb9e60d4a03eb7f20ad5dc1758834121e702a7389ccded98bde9de3f4d50ebd4da2e622e070010000300000075000000b884010000000000f8ffffffff00070001000000010400000400080000000000ffffffff040062000300000003000000af0a040003000000000000400900020002000000050000008100040001000000c30000000400ff7f03000000010000000200010000000000000000000300010002000000080000000300290f03000000080000000800040000000000150000000500060000000000fa0d00000d004000000000000800000007000004000000000700000004000100020000000200000000000400000000000900000002000500020000002b0000000100000803000000800000000a000600010000003d0000000900000403000000ff0100000200a10051"], 0x4bc}, 0x1, 0x0, 0x0, 0x4000840}, 0x20000800)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c000000000000000000000007000000440c00010a2101"], 0x230}, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r2, &(0x7f00000041c0)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x202f)
write$FUSE_INIT(r2, &(0x7f00000000c0)={0x50, 0x0, r3, {0x7, 0x27, 0x0, 0xf1056e22f49a018a}}, 0x50)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [{0x2, 0x4}], {0x4, 0x1}, [{0x8, 0x0, r4}]}, 0x34, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000540)={'syztnl2\x00', 0x0, 0x2f, 0x2, 0xc, 0xffffff80, 0x8, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x80, 0x0, 0x6, 0x4}})
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x16001, 0x0)

7.49444567s ago: executing program 3 (id=1116):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r3=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x28, r1, 0x1, 0x0, 0x0, {{0x38}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1}]}, 0x41}}, 0x0)

7.240233773s ago: executing program 3 (id=1117):
socket$kcm(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000100000000000000", @ANYRES32=0x0, @ANYBLOB="2c00088028000080240001"], 0x48}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x7)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x10000, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102379, 0x18feb}], 0x1, 0x0, 0x0)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x100, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x100, 0x110)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000400)={0x50, 0x0, r5, {0x7, 0x1f, 0x2, 0x404, 0x0, 0x1, 0x0, 0x4}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r6, 0x40806685, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r7 = socket(0x1e, 0x1, 0x0)
connect$tipc(r7, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r8, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r8, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(r8, 0x0, 0x0, 0x0)
sendmmsg(r9, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000240)="7c220752098d1a03003fb4d50b17b9653538f559e8ca1a63dfa1a8f54135abe90913a7bb3930c14e8d1808268429578d92871b8681b42a7a264d4c578a7c26845616d98fc09729e3d8c0aa68e95af732c067f9dd1d9fdd4ee2008561e5a690de23248e60f4ab6390f520377d0a68cc822a17c773be19ee5b51b2428acd21725b17f5fadc10e18e574983e260010d619f74dd4c30b5bf", 0x96}], 0x1, &(0x7f0000000140)=ANY=[], 0x170}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000340)="d29f92", 0x3}, {&(0x7f0000000380)="64bc050e88657b1b4417f4e6de026ff54abb1ce4b87edeea01b4437b09534ebe68d7550c3aae1e5d3f6435e1772f703e2edef9b4b6ed28afc4224ebbe17e", 0x3e}], 0x2}}], 0x2, 0x0)
socket(0x10, 0x3, 0x0)

6.420122401s ago: executing program 0 (id=1118):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x3a)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x68}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r3, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000540)={0x14, 0x17, 0xa, 0x301}, 0x14}}, 0x0)

6.297190452s ago: executing program 3 (id=1119):
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00', @ANYRES16, @ANYBLOB="0100400000000000020344000000080003"], 0x4c}}, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f0000000040)={0x0, [], [{}, {}, {}, {}, {}, {}, {0x0, 0xfffffffd}]})
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
r2 = dup3(r1, r1, 0x0)
sendto$inet6(r1, &(0x7f0000004b40)="c5", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x15}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000080a0504000073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a00"/84], 0x54}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_io_uring_setup(0x6, &(0x7f0000000700)={0x0, 0x3fffffe, 0x800, 0x0, 0x0, 0x0, r2}, 0x0, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r7=>0x0})
sendto(r4, &(0x7f00000003c0)="ce4b3261f0a17bd615ccf514abe0203f552470ad7ce7ff8dfe238ddedb3fb8acc81f1d2f451a09e14177e4d3a9bdf1c7bcabc473a85006de892156ce86c7202b450a13e141780575d0f025", 0x4b, 0x8160beccbab30972, &(0x7f0000000300)=@l2tp6={0xa, 0x0, 0x10001, @local, 0x7, 0x3}, 0x80)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000480)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=<r8=>r7, @ANYBLOB="4900330080000000ffffffffffff08021100000050505050505000"/36], 0x68}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000580)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, @isdn={0x22, 0x0, 0x1, 0x4e, 0x2}, @nl=@kern={0x10, 0x0, 0x0, 0x1000000}, 0xffff, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000380)='veth1\x00', 0xffffffffffffffff, 0x8, 0x7})
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r9, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYRESOCT=0x0, @ANYRES8=r3, @ANYRES32=r8], 0x5c}}, 0x4000000)
r10 = getpgrp(0x0)
r11 = syz_pidfd_open(r10, 0x0)
pidfd_send_signal(r11, 0x2c, &(0x7f0000000140)={0x10000, 0x16, 0xd2000000}, 0x4)
r12 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r12, 0x40603d10, &(0x7f0000000040))

6.109491336s ago: executing program 2 (id=1120):
socket$nl_route(0x10, 0x3, 0x0)
mount$fuse(0x0, &(0x7f0000002880)='.\x00', 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
accept4$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x2711, @hyper}, 0x10, 0x800)
socket$inet_sctp(0x2, 0x5, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f00000001c0)={0x802}, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2800000052000100ffffffff000000000a00"], 0x28}}, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00004093'], 0x2a, 0xfffffffffffffffc)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'veth1_macvtap\x00'}, 0x18)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
set_robust_list(&(0x7f0000000600)={&(0x7f0000000540)={&(0x7f0000000500)}, 0x8000000000000000, &(0x7f00000005c0)={&(0x7f0000000580)}}, 0x18)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r4, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, &(0x7f0000000400))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_OPENQRY(r5, 0x4bfa, &(0x7f0000000100))
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))

5.698133318s ago: executing program 0 (id=1121):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0xa201, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x6]}, 0x45c)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
close(0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
mq_open(0x0, 0x0, 0x0, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmmsg(r2, &(0x7f00000066c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000, 0x0)
syz_mount_image$fuse(&(0x7f0000003640), &(0x7f0000003680)='./file0\x00', 0x400, &(0x7f00000036c0), 0x0, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000002780), &(0x7f00000027c0)='./file0\x00', 0x0, &(0x7f0000002800)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000000000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f8f705f69643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRESDEC=r3], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
ioctl$UI_DEV_CREATE(r1, 0x5501)
r4 = openat$adsp1(0xffffff9c, &(0x7f0000000000), 0xa02, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000080)=0x1)
write$uinput_user_dev(r1, &(0x7f0000000180)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x45c)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x411}}}, 0x7)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
socket(0x30, 0x3, 0x2)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0xc)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x10)
syz_open_dev$dmmidi(&(0x7f0000000480), 0xfc, 0x1)
r5 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="041817000000007bc86c6f00"], 0x1a)
r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r8, 0xc0585604, &(0x7f0000000040)={0x7})
syz_io_uring_submit(r6, r7, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0x0)

5.211516927s ago: executing program 3 (id=1122):
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000003871173b2c612704f8f8ef350a4828395b5504752c381d9924b899b546f1e84cb88dcfd666a0051a33cffdef0ee04c78e0b4f7336db0ed9c2c589bcea0893af03d505e8ea101d6c6410c402e0353956aec42cd7da081f753ab7f7057ff3d9f0bc67a9224c9c9b403c6cf639827531bc9588faf741b2fb972af481f33659d03228b04a913"], 0x24}}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r0, &(0x7f0000000140)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x5, 0x40000000})
syz_open_pts(r0, 0x0)
unshare(0x400)
r1 = socket(0x1e, 0x1, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, 0x0, 0x0)
r2 = getpgrp(0x0)
syz_pidfd_open(r2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @dev}, 0x10, 0x0}, 0x300048c1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffda5, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
preadv(r3, &(0x7f00000001c0)=[{&(0x7f0000000640)=""/102383, 0x18fef}, {0x0}], 0x2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f00000000c0)=ANY=[], 0x31)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100))
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$snddsp(r7, &(0x7f0000000200)="a38d", 0x2)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r7, 0xc0884113, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x800000000040, 0x0, 0x0, 0xfffffffffffffffe})
ioctl$SNDRV_PCM_IOCTL_REWIND(r7, 0x40084146, &(0x7f0000000040)=0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(r3, 0x7)

5.0686311s ago: executing program 0 (id=1123):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000e40)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x24e, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x6, 0x40, 0x1, [{{0x9, 0x4, 0x0, 0x1, 0x1, 0x3, 0x1, 0x2, 0xaa, {0x9, 0x21, 0xff00, 0xa, 0x1, {0x22, 0xfa4}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x7f, 0x3, 0x3a}}}}}]}}]}}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x8f, &(0x7f0000000040)=@string={0x8f, 0x3, "8e69b6eb160f59ebea3913a3c25e55691c173ad91b8cbed04e5f09d995744ce1123aa157e6fdc7fdd682a3843f0443680cd1935173f667d79b2d6c9c412596fffb95a540bdb2c946502a29020565dd3d46146ba47624c5b7ed6e1f45363b1455d69e5027193a5ff000e155ae54d4536068018a83112a44c6731c0480e16261587d870ba0f95b95a96c16adc26a"}}, {0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x860}}, {0xc9, &(0x7f0000000140)=@string={0xc9, 0x3, "4f0e158a29540bcbf8d122b04f0b81be7c888a5244b5b224ee6fc7c6407b145461eeafc699b908c9658cad7be5451eb8a68e620d04cffb6e2287e6cb0766611ee0dad71df0520318b138fb93dcfea368445a845e659c2108059f6d9255d9c9139b422a1c7e17de8a155239b02c2eb2bbc6381d6c7ba8ae12e72d40f45091020f11b45588e1a6723e90d65f73affb91a06e2ce6c64406bf8e7794b5cf00db8cbd78859eb1bc3c1bbef4e728a154ea41e79d28feb765af769b4a47a13a1ca024b291432469efa304"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0xc04}}]})
syz_open_dev$evdev(&(0x7f0000000000), 0xf, 0x200)

4.078251674s ago: executing program 3 (id=1125):
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000340)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000020000000002b6d00000008000300", @ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000f80)={&(0x7f00000000c0), 0xc, &(0x7f0000000f40)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="20007f5e1117fc9db2f3d961e2acdd2b8c697bf81a8bd682548dd72cc571c059c63e5b864887aa69c4662105ff43bf6a1d4687a6010c831130fa289ddc20df8a999b0391220c7008edc7bb0c11d1537c539d3002bd36e0", @ANYRES16=r3, @ANYBLOB="08002abd7000fbdbdf25340000000c0099000600000062000000"], 0x20}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
r5 = socket$packet(0x11, 0x3, 0x300)
unshare(0x26040000)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x5}, 0x1c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000100)=r2)
r6 = syz_usbip_server_init(0x3)
socket$l2tp6(0xa, 0x2, 0x73)
write(r6, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
preadv(r7, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mbind(&(0x7f0000596000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c0003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000006c040000000000006d400500000000003400000001ed00007b030000000000001d440000000000007a0a00fe00ffffffc303000041000000b7000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd5ef5681b36a30c6471a4bc4d82e4fee5bef7af9aa0d7f300c095199fe3ff31e9883a2a98e64e39732c9cc00eec363e4a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe3326a404000000000000006d31cb467600ade7ee63e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62f84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49e7e383dc5049036b98fb685123b2731514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59601894183a0f95b72df859d5cf25a02a9f6ebb047b96d338666590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c0200a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d14017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744dccc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19fa367256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08c63b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a9245f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31cb6b9ce97f03ca91a01ba2c60ca99e8ebc15ece1ff1675767999d146aef7799738b292fd64bbca48568304b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c655a22d490300800a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d99000518a130f9d01c4b45294fbba468df3e1b393cb4e62e7545010000000000000094bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58588cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d9953243e2bb42b197cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1021829f1a57d3f18f4edaeb5d37918e6fddc785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db6019037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2b8100000000000000f5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f3366bca2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6e0e0d383ffce01881a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c71411c928d8b894d9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f24b72edcff33a40c1b791830ac2478734c8dc0c40ad4072c08dbcfbbb8dc071897d76a410dab1dc7d2aa509b9ef21ac2b2389c2aac7048addbac53cedba2c20fbe18acd5b546102e3e3af296681b0db7ce9b878024bcd504480de0a65df48ae310633c9f7accfa2a5527af3df8cdbc2817cae9b6ff827ea5f850a23fc0f46650d99eaad66119015ef840893fc3348d4fbce1b6b6906bcddff1e825d923b64fd383b1e776a566f2b702f2f4a464ecf3408ed97ffe8b1c813713f1712c48be3ebe6ad7c24c7467c7474c589a08f883a5e7bda74fc0c741eb2bc408a4a9b0b66bec9bee32d7f620942258a7f5cafa2e3bd7b2197c3c77df319e494ef46dfc4eae680d219536f0aa8b1ba291eb2abb0adf8154e00000000000000000000000000000000000046cb14b77f134ec5857b2e683fe6d5cccbf99508e8c8404863528c24da235923f18de34b48e89125a20a216836f6bcd1efc1dd74ac924d8ecfa6fe5f40d4ee50"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
syz_emit_ethernet(0x3e, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000008000000008004500002c0004000000119078ac14140000000000000000000018907804000000000000000000f1ffffff0000"], 0x0)

4.027723652s ago: executing program 2 (id=1126):
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x80000000, 0x2)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000012002927000000000000008b050021"], 0x38}}, 0x0)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x0, {0x3, @vbi}})
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x20}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @remote}, @TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @local}]}}]}, 0x48}}, 0x44050)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="0014"], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000300)={'ip6_vti0\x00', <r6=>0x0, 0x0, 0x3d, 0x0, 0x3, 0x24, @ipv4={'\x00', '\xff\xff', @multicast2}, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x8, 0x1, 0x6, 0x7}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="180000e49a2ce64c81c80000000000000000", @ANYRES16=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})

3.191152756s ago: executing program 0 (id=1127):
syz_usb_connect$cdc_ecm(0x0, 0x156, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
pipe2$9p(0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000066c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0xb, 0x0, 0x0, r4, {}, {}, {0xd}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x44}}, 0x0)

2.500151163s ago: executing program 3 (id=1128):
syz_emit_ethernet(0x86, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x50, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @private1, @empty, [@dstopts={0xbb, 0x0, '\x00', [@ra={0x5, 0x2f}]}], "fb36eeca6fad50b375a22a584d16ca55"}}}}}}}, 0x0)
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000003180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
capset(0x0, 0x0)
r2 = getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r2, 0x3, 0x4002)
sendmsg$NL80211_CMD_JOIN_IBSS(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000cc0)={0x44, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x10, 0x51, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0xff}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0x44}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x48, 0x2, 0x6, 0x0, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xb8}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc0000000}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x80}, @IPSET_ATTR_CIDR={0x5, 0x3, 0xa7}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x20008004}, 0x1)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x2c}}, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000900)={0x114, 0x0, 0x100, 0x70bd27, 0x0, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x114}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "a8"}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "8d"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
keyctl$read(0xf, 0x0, &(0x7f0000000240)=""/112, 0x349b7f55)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r6=>0x0})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="15eaffffffffffff130012800b0001006d61637365630000040002800800", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x40081}, 0x828)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

2.094129625s ago: executing program 0 (id=1129):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
read(r1, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000040), 0x0, 0x4)

1.945937174s ago: executing program 2 (id=1130):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r3=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x28, r1, 0x1, 0x0, 0x0, {{0x38}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1}]}, 0x41}}, 0x0)

1.398561186s ago: executing program 2 (id=1131):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="bf16000000000000b7070000060000005070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f24b8a4efc02d459d9e32a3aa81d36bb3019c13bd23212fb56f040026fb41f2db3b1639b7bbc9af171b856de734cfe3cafafefc40056bdc17487960007102fa9ea41da123741c66be166992b2dcd72fa0fca047d41886d1d4d94f2f4e345c652fbc1626cca2a2ad35806150ae0209e62f51ee988e6e06c8cedf3ceb9fc404000000c588b277beee1cbf9b0a4def42d410f6accd3637110bec4e90a6341965c39e9ebab0e39622200e011ea661c45a3449abe802f5ab3e3101c0932ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8000018ef4aafad197acc7dc1e955c685ceff7f000000000000491b8bc4748eda186872000007ce468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f00000000000000000100fb0000000000000000ff03000000000000b56780260ed652290f58fa64533500ebffffff00ca1276445432997f0000000000000008e75a89faff01210cce39bf405f1e846c12423a163b33e680846f26dc7add65873d9f87463ad6f7c2f3ee1a39244960b318778f2a047f6d0800000000000000e7a6520602a80d608df4d433623c850af895abba72bf14f6fbd7fbad2a436804eeae1de6d2c740cf0c0b74edbcb2d4b7746fa4bc5e32bd378af7c9136adf32ec7bf48cabecead649f96ea24c32872c490637c34360cb5d46ce680eeb80127eb23f9902519a693b85c6552051385e7e87a2db762cbb253fbd76b9117c1a11d18aa21a0c5f0c28999a639c0376678be35ffe99ff799a11d9b219c00c369a12bf8685b862d2000000bda1bae489bcef5ae59136aaacc59608f4d4e6067338b521eaf2e2465da053cfd5e95394e5520545364361d2c1465c5461a7c4174e5cd9c7976c9aa6342c5621dbc2dccedb5ab74e0b119252a23352fca272212d0c0104000014593d65d3f5e1e9b294669bcd2df061a4d6a835e40e7302f53f90da24cb256b34e95bca9c512f737486ecd037ce40d0a706a5b05e72f8c218366e321f9109ae4cf44b3b0104154a93394f42b4ab6125e0ba8b1a1d8c473852910b3cb7e8dc795ac01bad9a6b438b9db5f5c926940a3ac36daf2a9dc9d868ec11f51e08bc67a3d598039d328b4677229e8b587e8a00f1733adabd5d2837c084c164cf30010969c79a09ac7a9bffff5bc7e420baa9000cd49f77782205d3f6f4b6aa751f49a6b76e3d23635f1d33b906707563b8ec92dec767cc09fe9936acb43382bfc81c823ba32f25738d863cf20181208e23ce19966e729a7b4eefa68554fa4ccadac05c8eac1b52dd528b124285a16da468e3fcb3d9a24e9d670500956702fe9be5d8207d426450ca622e8e0197270cbb947231baf36e0567c0f5de639c99bb71ca0e60d2decb185cddd74d4f00000000000000000000006ed429a657a8203f6542e9dd19d7a70431aefcb9f1b673512e25503c603f19fa4c39ee9b08aadd2c7555543837770a812207bc2be9c86f94282b325e30971f0000000099106f0defa59616d3d18a4c8c04a45c204edfc4cefbd94c4c034dcbc90975b097ece2484b5287105335791eb3061ac500a6728677c72b5b76c18186d6f1a5c74aaddd22dc002fd4bd1bc3409e8d7144689c89f7a5e95fce153d4e9bf0fe0aaa3dfaa443c5081606fda5059146ef94586f5d1658ef0389734108a3af432c730175a7c6e3bb997ed39a0da78527b212001e573492190000d3acf262e0baae546c6bc16183f530a951ba461690245945ae55529e1aa0d80e36d945260e977f4dfe8105961ad69511a348fce1d1be1db324fb4e2f463ad9f17b4093e7f2ff1165a277e08bcc5f2411a05abff3b8f2dc2d896e9039181495414718ea32a3a6f786503f9485b3fc89409913883cec74b29aa74cc05a86323a972dc4d5e91460e9771a64bb899d8fb5c0031ae6997a3f512bd47b1748b2569ed5a1d7fd264d431d8aa1651ff99790567622f29c4fd60744b2b8c089869b888ed52ecaaeb123a3b5e699d84ef4341451e217"], &(0x7f0000000140)='GPL\x00'}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0xf, 0x0, @val=@iter={0x0}}, 0x40)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000002000010000000000020000000000000000000000080006000000000000000000"], 0x24}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@ipv4_newrule={0x30, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth1\x00'}]}, 0x30}}, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2, 0x0, 0x0, 0x2}}, 0x2e)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = open(0x0, 0x141042, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x51200, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x4)
fcntl$setsig(r4, 0xa, 0x31)
listen(r1, 0x5)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fadvise64(r6, 0x9, 0x8, 0x3)
setsockopt$sock_int(r3, 0x1, 0x2f, &(0x7f00000001c0), 0x1)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000280)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@private0}}}, &(0x7f0000000200)=0xe8)
quotactl_fd$Q_GETFMT(r5, 0xffffffff80000402, r8, &(0x7f0000000380))
socket$inet6(0xa, 0x3, 0x6)
pwritev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000004c0)="b84f5a627d092d9c2cbbe6fadf433e252d29a793be735474e12653405a4cc5c3c8768dd6d53773017b2f459dea9dbd3e4ed9dcc73fba321b1209a78c147c38631612ece68e", 0x45}], 0x1, 0x20008d1c, 0x0)

149.592145ms ago: executing program 2 (id=1132):
syz_emit_ethernet(0x86, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x50, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @private1, @empty, [@dstopts={0xbb, 0x0, '\x00', [@ra={0x5, 0x2f}]}], "fb36eeca6fad50b375a22a584d16ca55"}}}}}}}, 0x0)
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000003180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
capset(0x0, 0x0)
r2 = getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r2, 0x3, 0x4002)
sendmsg$NL80211_CMD_JOIN_IBSS(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000cc0)={0x44, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x10, 0x51, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0xff}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0x44}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x48, 0x2, 0x6, 0x0, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xb8}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc0000000}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x80}, @IPSET_ATTR_CIDR={0x5, 0x3, 0xa7}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x20008004}, 0x1)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x2c}}, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000900)={0x110, 0x0, 0x100, 0x70bd27, 0x0, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x110}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "a8"}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "8d"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
keyctl$read(0xf, 0x0, &(0x7f0000000240)=""/112, 0x349b7f55)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r6=>0x0})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="15eaffffffffffff130012800b0001006d61637365630000040002800800", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x40081}, 0x828)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

0s ago: executing program 0 (id=1133):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.swap.events\x00', 0x26e1, 0x0)
sendmmsg$unix(r0, &(0x7f0000002480)=[{{&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001800), 0x0, &(0x7f0000001b00)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [r2, r0, r0, r2, r2, r0]}}, @cred={{0x1c}}], 0xc8, 0x40}}, {{&(0x7f0000001c00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002140)=[{&(0x7f0000001c80)="c10fd330f16ff1b0e9c3249325ab6bef858cb1d02492883d6bc7c49219ed4ae577497ccf7488900fc065d18f832b6bbc24513cce9bc5186a9fd095e64c301ec591", 0x41}, {&(0x7f0000001d00)="e58eda19fe4f0212221e99bc795d88c37ab8bfa527ad8e6159f943d0552a7366869fa40a3dd65644ddcdc855e64423f7ccbf0a420bbde59fba876d91df0e6cebf3fe6dcf7d64c6228b574ffec9a1144e7f393e7f646df1f851ac4b922b9a5eba98e6679416fcab722dec7bec6feb91ac502681a71dee92d7c7980b040a3ccb41eb20c1bcc7fa6a9349eb9d67141639089d1880693178cc8ca3a8e858fb83787d6b9ad18a0c17ac2dac13ebfe67909623be6221e2cf07b742d1", 0xb9}, {&(0x7f0000001dc0)="19fee3c80e749b08dbf355e8ffdbbeb5990f", 0x12}, {&(0x7f0000001e00)="1abc94a43ecf7db83de97dc6f90419282ea15c1f349201455cec25e713df88de3b9a96709854d1fc235854e93120a95f6d7c6e46f6bfa8f7611bbf98e00db458b6a7faf5415c114d828a2db1f95b2448da8b62610a6421ce8a6842727f0b9147d8de0370cb3f6cee48aa8eaeba6f86d35203b792dfc8c9979d478ddfe1", 0x7d}, {&(0x7f0000001e80)="699a40b3a1b2b3e95338a840e690316a8b5631c2db05716571875a7df3284e8b415e9627835ca371f6cb70dcb9cc3efade48a75c1136cd24f37c7c754883ddb6ceb35fc5f19feefa5737532e3ae9ba", 0x4f}, {&(0x7f0000001f80)="39997ce9c45467960ac6b22bd591e48f9edcf7ea4d1569cb07d00a2d66f7b93a5703b7c3d37239074fda8c0117134202d0674e5632d5d3a78182d11f0d011e42804f718dd5898dc3718557963e2e98e7daa606ef0c4940badb28b428cd2b72463f0e7490d0cc6240d17be2e17d0272843ab04a2c49b261a2dccf6c11ff234a6791be1ad481bdb8710fba62ca80b6d017f629259d7d0e1870df8bef4e7f1ad7e89f68425bc2975905cfdfea890a4becbda28828c615f9", 0xb6}, {&(0x7f0000002040)="8fe29acd152a82988fb6b3d4d2830fb206c8aa0bea29317ddf503d5f6ba942dd85f15aafee304b9b6d7dc73971394bb1b4ffb098fd0521546542b1f05491845b8be23477db239e30c38b142a46495501f4428969f45c101aa68b753a709ffac2a4256dc4bcf879a59b8869183a91563bf262b67d8c78615745958f8b6c7d3e128ca5ceec38d4fec9cad1e2a01e723abc98bcdabd25828873f91bfd317d71e6bef5fed401d9ff22f4f253339c20343e216bbed8e72f4d541646c6b66165757459d05eaaeff29e7b5f2e05332b2570173becaed98f1ae0df0b", 0xd8}], 0x7, &(0x7f00000023c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r1, r0]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x70, 0x40000}}], 0x2, 0x8000)
close(r2)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0xc, 0x80, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)}, &(0x7f0000000180)=0x10)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0), 0x6db6e559)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
msgctl$MSG_INFO(0x0, 0xc, 0x0)
r4 = socket(0xa, 0x3, 0x3a)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
setsockopt$MRT6_ADD_MIF(r4, 0x29, 0xca, &(0x7f0000000000)={0x4}, 0xc)
r6 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip6_mr_vif\x00')
preadv(r6, &(0x7f0000003400)=[{&(0x7f0000001f00)=""/83, 0x53}], 0x1, 0x4000037, 0x0)
syz_io_uring_setup(0x24f8, 0x0, &(0x7f0000000100), &(0x7f0000000080))
socket$inet6_dccp(0xa, 0x6, 0x0)

kernel console output (not intermixed with test programs):

ckdep_hardirqs_on_prepare+0x43d/0x780
[  334.834324][ T8759]  __x64_sys_sendmmsg+0xa0/0xb0
[  334.839289][ T8759]  do_syscall_64+0xf3/0x230
[  334.843862][ T8759]  ? clear_bhb_loop+0x35/0x90
[  334.848670][ T8759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.854620][ T8759] RIP: 0033:0x7f3db3979ef9
[  334.859068][ T8759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.878737][ T8759] RSP: 002b:00007f3db47e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  334.887171][ T8759] RAX: ffffffffffffffda RBX: 00007f3db3b16058 RCX: 00007f3db3979ef9
[  334.895551][ T8759] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  334.903546][ T8759] RBP: 00007f3db47e6090 R08: 0000000000000000 R09: 0000000000000000
[  334.911713][ T8759] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  334.919703][ T8759] R13: 0000000000000000 R14: 00007f3db3b16058 R15: 00007f3db3c3fa28
[  334.927704][ T8759]  </TASK>
[  334.967898][ T5282] usb 1-1: Using ep0 maxpacket: 8
[  334.976880][ T5282] usb 1-1: unable to get BOS descriptor or descriptor too short
[  334.993478][ T5282] usb 1-1: config 8 has an invalid interface number: 255 but max is 0
[  335.002030][ T5282] usb 1-1: config 8 has no interface number 0
[  335.008301][ T5282] usb 1-1: config 8 interface 255 has no altsetting 0
[  335.018620][ T2640] pegasus 4-1:0.0: probe with driver pegasus failed with error -32
[  335.031373][ T5282] usb 1-1: string descriptor 0 read error: -22
[  335.037901][ T5282] usb 1-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  335.049164][ T5282] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.313139][ T8726] input: syz1 as /devices/virtual/input/input32
[  335.410523][ T2640] usb 4-1: USB disconnect, device number 48
[  335.527840][ T5282] eth%d: CATC EL1210A NetMate USB Ethernet at usb-dummy_hcd.0-1, 00:00:00:00:00:00.
[  335.563708][ T5277] usb 2-1: unable to get BOS descriptor or descriptor too short
[  335.601633][ T5277] usb 2-1: unable to read config index 0 descriptor/start: -71
[  335.657487][ T5277] usb 2-1: can't read configurations, error -71
[  335.674955][ T5282] usb 1-1: USB disconnect, device number 45
[  335.807824][ T8764] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  335.908317][  T943] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  336.127508][  T943] usb 5-1: Using ep0 maxpacket: 32
[  336.148754][  T943] usb 5-1: New USB device found, idVendor=1d6f, idProduct=0010, bcdDevice= a.a7
[  336.187274][  T943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.206850][  T943] usb 5-1: Product: syz
[  336.230533][  T943] usb 5-1: Manufacturer: syz
[  336.235204][  T943] usb 5-1: SerialNumber: syz
[  336.272929][  T943] usb 5-1: config 0 descriptor??
[  336.312499][  T943] usb 5-1: bad CDC descriptors
[  336.332634][  T943] cp210x 5-1:0.0: cp210x converter detected
[  336.347409][ T5277] usb 2-1: new low-speed USB device number 46 using dummy_hcd
[  336.512514][ T8761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.537465][ T5277] usb 2-1: device descriptor read/64, error -71
[  336.570070][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.817'.
[  336.580672][ T8761] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.657508][   T25] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  336.692542][ T5277] usb usb2-port1: attempt power cycle
[  336.725192][  T943] cp210x 5-1:0.0: failed to get vendor val 0x370b size 1: -71
[  336.763896][  T943] cp210x 5-1:0.0: querying part number failed
[  336.824004][  T943] usb 5-1: cp210x converter now attached to ttyUSB0
[  336.851998][   T25] usb 4-1: New USB device found, idVendor=12d1, idProduct=6748, bcdDevice=49.0b
[  336.854079][  T943] usb 5-1: USB disconnect, device number 54
[  336.879428][ T8785] netlink: 40 bytes leftover after parsing attributes in process `syz.2.819'.
[  336.900348][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.919638][   T25] usb 4-1: Product: syz
[  336.929548][   T25] usb 4-1: Manufacturer: syz
[  336.951430][  T943] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  336.959557][   T25] usb 4-1: SerialNumber: syz
[  336.978891][   T25] usb 4-1: config 0 descriptor??
[  337.008649][   T25] huawei_cdc_ncm 4-1:0.0: CDC Union missing and no IAD found
[  337.020487][  T943] cp210x 5-1:0.0: device disconnected
[  337.036385][   T25] huawei_cdc_ncm 4-1:0.0: bind() failure
[  337.122838][ T5277] usb 2-1: new low-speed USB device number 47 using dummy_hcd
[  337.171261][ T5277] usb 2-1: device descriptor read/8, error -71
[  337.213969][   T25] usb 4-1: USB disconnect, device number 49
[  337.446656][ T8792] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  337.467455][ T8794] loop0: detected capacity change from 0 to 7
[  337.477893][ T5277] usb 2-1: new low-speed USB device number 48 using dummy_hcd
[  337.485486][ T8794] Dev loop0: unable to read RDB block 7
[  337.495566][ T8794]  loop0: AHDI p1 p2
[  337.501450][ T8794] loop0: partition table partially beyond EOD, truncated
[  337.522003][ T8794] loop0: p1 start 6514546 is beyond EOD, truncated
[  337.560946][ T5277] usb 2-1: device descriptor read/8, error -71
[  337.677767][ T5277] usb usb2-port1: unable to enumerate USB device
[  337.686494][ T8792] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  338.468838][ T1304] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.536045][ T1304] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.618252][ T8809] netlink: 16 bytes leftover after parsing attributes in process `syz.3.827'.
[  339.023066][ T1304] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  339.047333][ T1304] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.301580][ T1304] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  339.348311][ T1304] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.427816][ T8817] netlink: 12 bytes leftover after parsing attributes in process `syz.1.832'.
[  339.451848][ T8822] loop0: detected capacity change from 0 to 7
[  339.484878][ T8822] Dev loop0: unable to read RDB block 7
[  339.518572][ T8822]  loop0: AHDI p1 p2
[  339.527700][ T8822] loop0: partition table partially beyond EOD, truncated
[  339.575039][ T8822] loop0: p1 start 6514546 is beyond EOD, truncated
[  339.719569][ T1304] bond0: (slave netdevsim0): Releasing backup interface
[  339.759212][ T1304] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  339.809440][ T1304] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.017327][ T5233] Bluetooth: hci1: command 0x0406 tx timeout
[  340.314724][ T1304] bridge_slave_1: left allmulticast mode
[  340.314756][ T1304] bridge_slave_1: left promiscuous mode
[  340.314976][ T1304] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.332413][ T5233] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  340.337665][ T5233] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  340.338784][ T5233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  340.344038][ T5233] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  340.369694][ T5233] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  340.385263][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  340.548980][ T1304] bridge_slave_0: left allmulticast mode
[  340.549010][ T1304] bridge_slave_0: left promiscuous mode
[  340.549318][ T1304] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.698775][   T25] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  340.887677][   T25] usb 4-1: Using ep0 maxpacket: 8
[  340.907470][   T25] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=73.60
[  340.957412][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.987577][   T25] usb 4-1: Product: syz
[  341.002039][   T25] usb 4-1: Manufacturer: syz
[  341.017491][   T25] usb 4-1: SerialNumber: syz
[  341.046274][   T25] r8152-cfgselector 4-1: Unknown version 0x0000
[  341.077355][   T25] r8152-cfgselector 4-1: config 0 descriptor??
[  341.161680][ T5229] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  341.171427][ T5229] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  341.181456][ T5229] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  341.192804][ T5229] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  341.200914][ T5229] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  341.208783][ T5229] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  341.556168][ T8826] xt_TPROXY: Can be used only with -p tcp or -p udp
[  341.595068][ T1304] bridge0 (unregistering): left allmulticast mode
[  341.956847][ T1304] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.978844][ T1304] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  342.004821][ T1304] bond0 (unregistering): Released all slaves
[  342.123073][ T8825] netlink: 'syz.3.836': attribute type 4 has an invalid length.
[  342.262752][    T8] r8152-cfgselector 4-1: USB disconnect, device number 50
[  342.287291][ T1304] tipc: Disabling bearer <udp:syz2>
[  342.319325][ T1304] tipc: Left network mode
[  342.422009][ T5229] Bluetooth: hci3: command tx timeout
[  342.422925][ T1304] IPVS: stopping backup sync thread 7458 ...
[  343.217676][ T8861] netlink: 36 bytes leftover after parsing attributes in process `syz.3.841'.
[  343.307653][ T5233] Bluetooth: hci4: command tx timeout
[  343.498100][ T1304] hsr_slave_0: left promiscuous mode
[  343.521561][ T1304] 0�: left promiscuous mode
[  343.529783][ T1304] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.537831][ T1304] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.549833][ T1304] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.569240][ T1304] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.725244][ T1304] veth1_macvtap: left promiscuous mode
[  343.747434][ T1304] veth0_macvtap: left promiscuous mode
[  343.754979][ T1304] veth1_vlan: left promiscuous mode
[  343.793792][ T1304] veth0_vlan: left promiscuous mode
[  344.503751][ T5233] Bluetooth: hci3: command tx timeout
[  345.024016][ T8888] netlink: 12 bytes leftover after parsing attributes in process `syz.1.845'.
[  345.137536][ T5233] Bluetooth: hci2: command 0x0406 tx timeout
[  345.377551][ T5229] Bluetooth: hci4: command tx timeout
[  345.923976][ T1304] team0 (unregistering): Port device team_slave_1 removed
[  346.061626][ T1304] team0 (unregistering): Port device team_slave_0 removed
[  346.302946][ T8893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  346.338656][ T8893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  346.399100][ T8893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  346.421936][ T8893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  346.577495][ T5229] Bluetooth: hci3: command tx timeout
[  347.457408][ T5229] Bluetooth: hci4: command tx timeout
[  347.733041][ T8838] chnl_net:caif_netlink_parms(): no params data found
[  347.931053][ T8829] chnl_net:caif_netlink_parms(): no params data found
[  348.137337][ T8912] loop0: detected capacity change from 0 to 7
[  348.191287][ T8912] Dev loop0: unable to read RDB block 7
[  348.214732][ T8912]  loop0: AHDI p1 p2
[  348.240389][ T8912] loop0: partition table partially beyond EOD, truncated
[  348.304995][ T8912] loop0: p1 start 6514546 is beyond EOD, truncated
[  348.411419][ T1304] IPVS: stop unused estimator thread 0...
[  348.671260][ T5229] Bluetooth: hci3: command tx timeout
[  348.880616][ T8838] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.929800][ T8838] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.937141][ T8838] bridge_slave_0: entered allmulticast mode
[  348.959372][ T8838] bridge_slave_0: entered promiscuous mode
[  348.988560][ T8838] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.006364][ T8838] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.028287][ T8838] bridge_slave_1: entered allmulticast mode
[  349.054752][ T8838] bridge_slave_1: entered promiscuous mode
[  349.071377][ T8829] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.088537][ T8829] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.117174][ T8829] bridge_slave_0: entered allmulticast mode
[  349.175387][ T8829] bridge_slave_0: entered promiscuous mode
[  349.259201][ T8829] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.275039][ T8829] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.294237][ T8829] bridge_slave_1: entered allmulticast mode
[  349.315547][ T8829] bridge_slave_1: entered promiscuous mode
[  349.337494][ T5277] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  349.538080][ T5229] Bluetooth: hci4: command tx timeout
[  349.549053][ T8829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.579275][ T8838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.589564][ T5277] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  349.609032][ T5277] usb 4-1: config 0 has no interfaces?
[  349.619935][ T5277] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  349.639648][ T5277] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.641353][ T8838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.655222][ T5277] usb 4-1: config 0 descriptor??
[  349.705202][ T8829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.761564][ T8953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.857'.
[  350.012283][ T8838] team0: Port device team_slave_0 added
[  350.056739][ T8829] team0: Port device team_slave_0 added
[  350.083667][ T8955] netlink: 44 bytes leftover after parsing attributes in process `syz.2.856'.
[  350.094685][ T8955] netlink: 24 bytes leftover after parsing attributes in process `syz.2.856'.
[  350.105635][ T8955] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.132110][ T8955] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.139545][ T8955] bridge0: port 2(bridge_slave_1) entered forwarding state
[  350.196120][ T8838] team0: Port device team_slave_1 added
[  350.309246][ T8829] team0: Port device team_slave_1 added
[  350.321732][ T8961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.397225][ T8961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.652487][ T8838] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.696722][ T8838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.848898][ T8838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.864501][ T8829] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.888474][ T8829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.975242][ T8829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.037784][ T8838] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.071882][ T8838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.185928][ T8838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.237867][ T8829] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.281954][ T8829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.411894][ T8829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.710908][ T8838] hsr_slave_0: entered promiscuous mode
[  351.744044][ T8838] hsr_slave_1: entered promiscuous mode
[  352.020554][ T8829] hsr_slave_0: entered promiscuous mode
[  352.084301][ T8829] hsr_slave_1: entered promiscuous mode
[  352.101925][ T8829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  352.117412][ T8829] Cannot create hsr debugfs directory
[  352.182090][ T5277] usb 4-1: USB disconnect, device number 51
[  352.604640][ T8987] FAULT_INJECTION: forcing a failure.
[  352.604640][ T8987] name failslab, interval 1, probability 0, space 0, times 0
[  352.634077][ T8987] CPU: 1 UID: 0 PID: 8987 Comm: syz.1.861 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  352.644740][ T8987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  352.655016][ T8987] Call Trace:
[  352.658340][ T8987]  <TASK>
[  352.661313][ T8987]  dump_stack_lvl+0x241/0x360
[  352.666056][ T8987]  ? __pfx_dump_stack_lvl+0x10/0x10
[  352.671663][ T8987]  ? __pfx__printk+0x10/0x10
[  352.676530][ T8987]  should_fail_ex+0x3b0/0x4e0
[  352.681273][ T8987]  should_failslab+0xac/0x100
[  352.686095][ T8987]  ? sctp_add_bind_addr+0x89/0x3a0
[  352.691275][ T8987]  __kmalloc_cache_noprof+0x6c/0x2c0
[  352.696626][ T8987]  sctp_add_bind_addr+0x89/0x3a0
[  352.701629][ T8987]  sctp_copy_local_addr_list+0x311/0x500
[  352.707336][ T8987]  ? sctp_copy_local_addr_list+0xab/0x500
[  352.713115][ T8987]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  352.719326][ T8987]  ? sctp_v6_is_any+0x60/0x70
[  352.724084][ T8987]  sctp_bind_addr_copy+0xad/0x3b0
[  352.729180][ T8987]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  352.735575][ T8987]  sctp_connect_new_asoc+0x2f3/0x6c0
[  352.740913][ T8987]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  352.746748][ T8987]  ? sctp_sendmsg+0xbb9/0x3520
[  352.751541][ T8987]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  352.757297][ T8987]  ? security_sctp_bind_connect+0x90/0xb0
[  352.763240][ T8987]  sctp_sendmsg+0x219a/0x3520
[  352.768017][ T8987]  ? __pfx_sctp_sendmsg+0x10/0x10
[  352.773133][ T8987]  ? __pfx_aa_sk_perm+0x10/0x10
[  352.778105][ T8987]  ? inet_sendmsg+0x330/0x390
[  352.782900][ T8987]  __sock_sendmsg+0x1a6/0x270
[  352.787643][ T8987]  ____sys_sendmsg+0x525/0x7d0
[  352.792444][ T8987]  ? __pfx_____sys_sendmsg+0x10/0x10
[  352.797767][ T8987]  __sys_sendmmsg+0x3b2/0x740
[  352.802481][ T8987]  ? __pfx___sys_sendmmsg+0x10/0x10
[  352.807727][ T8987]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  352.813757][ T8987]  ? ksys_write+0x23e/0x2c0
[  352.818302][ T8987]  ? __pfx_lock_release+0x10/0x10
[  352.823483][ T8987]  ? vfs_write+0x7c4/0xc90
[  352.828172][ T8987]  ? __mutex_unlock_slowpath+0x21d/0x750
[  352.833933][ T8987]  ? __pfx_vfs_write+0x10/0x10
[  352.838858][ T8987]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  352.844911][ T8987]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  352.851283][ T8987]  ? do_syscall_64+0x100/0x230
[  352.856068][ T8987]  __x64_sys_sendmmsg+0xa0/0xb0
[  352.860973][ T8987]  do_syscall_64+0xf3/0x230
[  352.865521][ T8987]  ? clear_bhb_loop+0x35/0x90
[  352.870252][ T8987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.876211][ T8987] RIP: 0033:0x7fcb53179ef9
[  352.880686][ T8987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.900538][ T8987] RSP: 002b:00007fcb53e9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  352.909224][ T8987] RAX: ffffffffffffffda RBX: 00007fcb53316058 RCX: 00007fcb53179ef9
[  352.917306][ T8987] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  352.925298][ T8987] RBP: 00007fcb53e9f090 R08: 0000000000000000 R09: 0000000000000000
[  352.933286][ T8987] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  352.941268][ T8987] R13: 0000000000000000 R14: 00007fcb53316058 R15: 00007fcb5343fa28
[  352.949269][ T8987]  </TASK>
[  353.544986][ T8838] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.563105][ T9002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.864'.
[  353.657378][   T25] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  353.859485][   T25] usb 4-1: device descriptor read/64, error -71
[  353.869005][ T8838] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.081226][ T8838] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.155292][   T25] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  354.338043][   T25] usb 4-1: device descriptor read/64, error -71
[  354.383321][ T8838] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.467683][   T25] usb usb4-port1: attempt power cycle
[  354.560934][ T9019] netlink: 12 bytes leftover after parsing attributes in process `syz.2.866'.
[  354.897518][   T25] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  354.938037][   T25] usb 4-1: device descriptor read/8, error -71
[  355.221773][   T25] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  355.278278][   T25] usb 4-1: device descriptor read/8, error -71
[  355.377474][ T5233] Bluetooth: hci0: command 0x0406 tx timeout
[  355.418143][   T25] usb usb4-port1: unable to enumerate USB device
[  356.236890][ T8829] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  356.259867][ T8829] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  356.292033][ T8829] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  356.351701][ T8829] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  356.747460][ T8838] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  356.796551][ T8838] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  356.843529][ T8838] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  356.890752][ T8838] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  357.280696][ T8829] 8021q: adding VLAN 0 to HW filter on device bond0
[  357.327355][    T8] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  357.456899][ T8829] 8021q: adding VLAN 0 to HW filter on device team0
[  357.467898][ T5282] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  357.512149][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.519463][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.546836][    T8] usb 4-1: device descriptor read/64, error -71
[  357.594096][ T9064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.875'.
[  357.605870][ T1304] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.613072][ T1304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  357.670006][ T5282] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  357.707710][ T5282] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  357.728826][ T8838] 8021q: adding VLAN 0 to HW filter on device bond0
[  357.780992][ T5282] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  357.827842][    T8] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  357.836265][ T5282] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  357.852061][ T8838] 8021q: adding VLAN 0 to HW filter on device team0
[  357.868531][ T5282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.921810][ T5282] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  357.971947][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.979144][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.992966][ T5282] usb 2-1: invalid MIDI out EP 0
[  358.024596][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.031953][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.038961][    T8] usb 4-1: device descriptor read/64, error -71
[  358.156567][ T7165] udevd[7165]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  358.178325][    T8] usb usb4-port1: attempt power cycle
[  358.215857][ T5282] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[  358.307480][ T5282] usb 2-1: USB disconnect, device number 49
[  358.532483][ T8838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.637575][    T8] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  358.656401][ T8829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.708286][    T8] usb 4-1: device descriptor read/8, error -71
[  358.894826][ T8829] veth0_vlan: entered promiscuous mode
[  358.988972][ T8829] veth1_vlan: entered promiscuous mode
[  359.000229][    T8] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  359.050999][ T9078] netlink: 12 bytes leftover after parsing attributes in process `syz.2.876'.
[  359.073061][ T8838] veth0_vlan: entered promiscuous mode
[  359.077512][    T8] usb 4-1: device descriptor read/8, error -71
[  359.189084][ T8838] veth1_vlan: entered promiscuous mode
[  359.237385][    T8] usb usb4-port1: unable to enumerate USB device
[  359.254006][ T8829] veth0_macvtap: entered promiscuous mode
[  359.347718][ T8838] veth0_macvtap: entered promiscuous mode
[  359.374676][ T8829] veth1_macvtap: entered promiscuous mode
[  359.401287][ T8838] veth1_macvtap: entered promiscuous mode
[  359.494986][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.516891][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.534948][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.566901][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.589228][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.607136][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.629644][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.652496][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.674943][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.692307][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.733646][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.778599][  T943] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  359.786463][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.820856][ T8829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  359.865011][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.898766][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.934527][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.957744][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.998483][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.023366][  T943] usb 2-1: config 1 has an invalid descriptor of length 149, skipping remainder of the config
[  360.037285][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.054700][  T943] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  360.083976][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.113475][  T943] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  360.136782][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  360.147461][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.163792][ T9099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.168611][  T943] usb 2-1: SerialNumber: syz
[  360.178632][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.190681][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.214950][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.227017][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.237810][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.250139][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.288987][ T8838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  360.311498][ T9099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  360.333018][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.349538][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.364934][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.378585][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.389146][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.404619][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.431330][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.454015][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.475920][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.498332][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.527384][ T8838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.557372][ T8838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.616144][ T8838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  360.651018][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.672838][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.690062][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.708529][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.731341][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.759637][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.811153][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.843783][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.876674][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.893010][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.926049][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.970715][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  361.017682][ T8829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  361.054322][ T8829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  361.085842][ T8829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  361.166965][ T8838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.211857][ T8838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.243623][ T8838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.270711][ T8838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.363726][ T8829] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.402804][ T8829] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.435192][ T8829] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.474742][ T8829] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.898951][ T1304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.929340][ T1304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.097728][ T5277] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  362.262692][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.311248][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.337492][ T5277] usb 4-1: Using ep0 maxpacket: 16
[  362.367972][ T1075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.375873][ T1075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.467004][  T943] usb 2-1: 0:2 : does not exist
[  362.486182][  T943] usb 2-1: unit 5 not found!
[  362.629180][  T943] usb 2-1: USB disconnect, device number 50
[  362.662095][ T1075] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.693085][ T9129] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  362.736871][ T1075] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.892583][ T5372] udevd[5372]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  363.157573][  T943] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  363.218884][ T9148] xt_recent: hitcount (134217728) is larger than allowed maximum (65535)
[  363.374025][  T943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  363.467555][  T943] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  363.584188][  T943] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  363.637920][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.704667][  T943] usb 2-1: config 0 descriptor??
[  364.022521][  T943] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  364.219050][  T943] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  364.477596][ T5284] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  364.724440][ T5284] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  364.750311][ T5277] usb 4-1: unable to get BOS descriptor or descriptor too short
[  364.785220][ T5277] usb 4-1: unable to read config index 0 descriptor/start: -71
[  364.793072][ T5284] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  364.825109][ T5277] usb 4-1: can't read configurations, error -71
[  364.838128][ T5284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.901199][ T5284] usb 1-1: config 0 descriptor??
[  364.941277][ T5284] pwc: Askey VC010 type 2 USB webcam detected.
[  365.704752][ T9184] netlink: 36 bytes leftover after parsing attributes in process `syz.3.889'.
[  365.815022][    T9] usb 2-1: USB disconnect, device number 51
[  366.087488][   T47] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  366.148856][ T9191] loop0: detected capacity change from 0 to 7
[  366.156805][ T5284] pwc: recv_control_msg error -71 req 02 val 2c00
[  366.185279][ T9191] Dev loop0: unable to read RDB block 7
[  366.205759][ T5284] pwc: recv_control_msg error -71 req 04 val 1000
[  366.233478][ T9191]  loop0: AHDI p1 p2
[  366.235133][ T5284] pwc: recv_control_msg error -71 req 04 val 1300
[  366.279727][ T5284] pwc: recv_control_msg error -71 req 04 val 1400
[  366.288942][ T9191] loop0: partition table partially beyond EOD, truncated
[  366.327765][ T5284] pwc: recv_control_msg error -71 req 02 val 2000
[  366.347526][   T47] usb 5-1: Using ep0 maxpacket: 32
[  366.358662][ T5284] pwc: recv_control_msg error -71 req 02 val 2100
[  366.362545][ T9191] loop0: p1 start 6514546 is beyond EOD, truncated
[  366.387413][   T47] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.402091][ T5284] pwc: recv_control_msg error -71 req 04 val 1500
[  366.432895][   T47] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice=ff.ed
[  366.448853][ T5284] pwc: recv_control_msg error -71 req 02 val 2500
[  366.477265][   T47] usb 5-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[  366.485573][   T47] usb 5-1: Product: syz
[  366.497609][ T5284] pwc: recv_control_msg error -71 req 02 val 2400
[  366.549147][ T5284] pwc: recv_control_msg error -71 req 02 val 2600
[  366.584241][   T47] usb 5-1: config 0 descriptor??
[  366.608810][   T25] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  366.638609][ T5284] pwc: recv_control_msg error -71 req 02 val 2900
[  366.672143][ T5284] pwc: recv_control_msg error -71 req 02 val 2800
[  366.755128][ T5284] pwc: recv_control_msg error -71 req 04 val 1100
[  366.844212][ T5284] pwc: recv_control_msg error -71 req 04 val 1200
[  366.894672][ T5284] pwc: Registered as video71.
[  366.959262][   T25] usb 2-1: New USB device found, idVendor=0830, idProduct=0060, bcdDevice=13.2b
[  366.973041][ T5284] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input33
[  367.026793][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.087514][   T25] usb 2-1: Product: syz
[  367.115467][   T25] usb 2-1: Manufacturer: syz
[  367.127436][ T5284] usb 1-1: USB disconnect, device number 46
[  367.157559][   T25] usb 2-1: SerialNumber: syz
[  367.419640][ T9214] xt_recent: hitcount (201326592) is larger than allowed maximum (65535)
[  367.512934][   T25] usb 2-1: palm_os_4_probe - error -110 getting connection info
[  367.603351][   T25] visor 2-1:1.0: Handspring Visor / Palm OS converter detected
[  367.668897][   T25] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  367.740495][   T25] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  368.758281][  T943] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  368.952119][   T47] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  368.980245][  T943] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  368.989087][   T47] usb 5-1: USB disconnect, device number 55
[  369.047151][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.143174][  T943] usb 1-1: config 0 descriptor??
[  369.248252][ T5277] usb 2-1: USB disconnect, device number 52
[  369.258929][  T943] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  369.393770][ T5277] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  369.634970][ T5277] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  369.751915][ T5277] visor 2-1:1.0: device disconnected
[  370.477996][  T943] gspca_stv06xx: I2C: Read error writing address: -71
[  370.542625][  T943] usb 1-1: USB disconnect, device number 47
[  371.377823][ T5271] usb 5-1: new low-speed USB device number 56 using dummy_hcd
[  371.572588][  T943] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  371.607602][ T5271] usb 5-1: string descriptor 0 read error: -22
[  371.624663][ T5271] usb 5-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  371.644701][ T5271] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.684137][ T5271] usb 5-1: config 0 descriptor??
[  371.710546][ T5271] usbtest 5-1:0.0: FX2 device
[  371.728560][ T5271] usbtest 5-1:0.0: low-speed {control intr-in intr-out} tests (+alt)
[  371.813169][  T943] usb 4-1: Using ep0 maxpacket: 32
[  371.851537][  T943] usb 4-1: New USB device found, idVendor=04e2, idProduct=1403, bcdDevice=1c.b2
[  371.907406][  T943] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.984513][  T943] usb 4-1: Product: syz
[  372.021771][  T943] usb 4-1: Manufacturer: syz
[  372.070584][  T943] usb 4-1: SerialNumber: syz
[  372.104081][  T943] usb 4-1: config 0 descriptor??
[  372.821363][ T9314] netlink: 16 bytes leftover after parsing attributes in process `syz.0.911'.
[  373.106057][  T943] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  373.370634][  T943] usb 2-1: descriptor type invalid, skip
[  373.376339][  T943] usb 2-1: descriptor type invalid, skip
[  373.422930][  T943] usb 2-1: descriptor type invalid, skip
[  373.572445][  T943] usb 2-1: descriptor type invalid, skip
[  373.578864][  T943] usb 2-1: descriptor type invalid, skip
[  373.586235][  T943] usb 2-1: config 1 interface 0 altsetting 231 bulk endpoint 0x1 has invalid maxpacket 32
[  373.601459][  T943] usb 2-1: config 1 interface 0 has no altsetting 0
[  373.633992][  T943] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  373.647691][  T943] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.681414][  T943] usb 2-1: Product: ࠌ
[  373.691721][  T943] usb 2-1: Manufacturer: ȗ⩪㞄밽屠莅㩁齟୾ᗞ洫뜠ඓ睗ǽ馊䚭讇㕁㣸ꗌ㓛Ὃ楄銹ꋥ껗⊻矤ك琮褟ᄆ言晔飧쳾慧핀匥忋呑듄쯮ဈ톉薓䆻翳켊ﹰ杈
[  373.755522][  T943] usb 2-1: SerialNumber: ц
[  373.801658][ T9312] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  373.953728][ T9330] kernel read not supported for file / 
 (pid: 9330 comm: syz.0.916)
[  373.975578][ T5284] usb 4-1: USB disconnect, device number 62
[  374.007485][   T29] audit: type=1800 audit(1724949543.853:4309): pid=9330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.916" name=2001 dev="mqueue" ino=30414 res=0 errno=0
[  374.114610][  T943] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 54 if 0 alt 231 proto 1 vid 0x0525 pid 0xA4A8
[  374.156971][  T943] usb 2-1: USB disconnect, device number 54
[  374.211423][  T943] usblp0: removed
[  374.521129][ T9334] FAULT_INJECTION: forcing a failure.
[  374.521129][ T9334] name failslab, interval 1, probability 0, space 0, times 0
[  374.542332][ T9334] CPU: 1 UID: 0 PID: 9334 Comm: syz.4.917 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  374.552978][ T9334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  374.563604][ T9334] Call Trace:
[  374.566923][ T9334]  <TASK>
[  374.569888][ T9334]  dump_stack_lvl+0x241/0x360
[  374.574609][ T9334]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.579882][ T9334]  ? __pfx__printk+0x10/0x10
[  374.584730][ T9334]  should_fail_ex+0x3b0/0x4e0
[  374.589484][ T9334]  should_failslab+0xac/0x100
[  374.594229][ T9334]  ? sctp_add_bind_addr+0x89/0x3a0
[  374.599696][ T9334]  __kmalloc_cache_noprof+0x6c/0x2c0
[  374.605218][ T9334]  sctp_add_bind_addr+0x89/0x3a0
[  374.610237][ T9334]  sctp_copy_local_addr_list+0x311/0x500
[  374.615936][ T9334]  ? sctp_copy_local_addr_list+0xab/0x500
[  374.621720][ T9334]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  374.627943][ T9334]  ? sctp_v6_is_any+0x60/0x70
[  374.632692][ T9334]  sctp_bind_addr_copy+0xad/0x3b0
[  374.637764][ T9334]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  374.644141][ T9334]  sctp_connect_new_asoc+0x2f3/0x6c0
[  374.649511][ T9334]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  374.655483][ T9334]  ? sctp_sendmsg+0xbb9/0x3520
[  374.660294][ T9334]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  374.665881][ T9334]  ? security_sctp_bind_connect+0x90/0xb0
[  374.671650][ T9334]  sctp_sendmsg+0x219a/0x3520
[  374.676513][ T9334]  ? __pfx_sctp_sendmsg+0x10/0x10
[  374.681688][ T9334]  ? __pfx_bpf_lsm_socket_sendmsg+0x10/0x10
[  374.687703][ T9334]  ? tomoyo_socket_sendmsg_permission+0x12e/0x420
[  374.694169][ T9334]  ? inet_sendmsg+0x330/0x390
[  374.698908][ T9334]  __sock_sendmsg+0x1a6/0x270
[  374.703636][ T9334]  ____sys_sendmsg+0x525/0x7d0
[  374.708438][ T9334]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.713766][ T9334]  __sys_sendmmsg+0x3b2/0x740
[  374.718474][ T9334]  ? __pfx___sys_sendmmsg+0x10/0x10
[  374.723703][ T9334]  ? __pfx_lock_release+0x10/0x10
[  374.728766][ T9334]  ? __lock_acquire+0x137a/0x2040
[  374.733901][ T9334]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  374.739945][ T9334]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  374.746323][ T9334]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  374.752698][ T9334]  ? __irq_exit_rcu+0x100/0x1c0
[  374.757599][ T9334]  __x64_sys_sendmmsg+0xa0/0xb0
[  374.762601][ T9334]  do_syscall_64+0xf3/0x230
[  374.767129][ T9334]  ? clear_bhb_loop+0x35/0x90
[  374.771837][ T9334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.777762][ T9334] RIP: 0033:0x7f27fd379ef9
[  374.782231][ T9334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.801972][ T9334] RSP: 002b:00007f27fe1c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  374.810406][ T9334] RAX: ffffffffffffffda RBX: 00007f27fd516058 RCX: 00007f27fd379ef9
[  374.818404][ T9334] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  374.826495][ T9334] RBP: 00007f27fe1c7090 R08: 0000000000000000 R09: 0000000000000000
[  374.834510][ T9334] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  374.842516][ T9334] R13: 0000000000000000 R14: 00007f27fd516058 R15: 00007f27fd63fa28
[  374.850537][ T9334]  </TASK>
[  374.959850][ T9339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.918'.
[  375.977565][    T9] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  376.187329][    T9] usb 2-1: Using ep0 maxpacket: 16
[  376.255785][ T9357] syz.0.924 (9357): attempted to duplicate a private mapping with mremap.  This is not supported.
[  376.267520][ T9353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.923'.
[  376.316459][ T9353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.923'.
[  376.336255][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.923'.
[  376.922876][ T9370] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.931366][ T9370] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.010220][ T9370] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.018982][ T9370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  377.028100][ T9370] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.036331][ T9370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  377.281717][ T9370] team0: Port device bridge0 added
[  377.567775][  T943] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  377.758374][  T943] usb 1-1: Using ep0 maxpacket: 32
[  377.787666][  T943] usb 1-1: config index 0 descriptor too short (expected 1316, got 36)
[  377.825828][  T943] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  377.863043][  T943] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  377.909395][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.949553][ T9391] FAULT_INJECTION: forcing a failure.
[  377.949553][ T9391] name failslab, interval 1, probability 0, space 0, times 0
[  377.967655][ T9391] CPU: 1 UID: 0 PID: 9391 Comm: syz.4.931 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  377.978331][ T9391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  377.988524][ T9391] Call Trace:
[  377.991852][ T9391]  <TASK>
[  377.994849][ T9391]  dump_stack_lvl+0x241/0x360
[  377.999578][ T9391]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.004818][ T9391]  ? __pfx__printk+0x10/0x10
[  378.009476][ T9391]  should_fail_ex+0x3b0/0x4e0
[  378.014216][ T9391]  should_failslab+0xac/0x100
[  378.018946][ T9391]  ? sctp_add_bind_addr+0x89/0x3a0
[  378.024199][ T9391]  __kmalloc_cache_noprof+0x6c/0x2c0
[  378.029535][ T9391]  sctp_add_bind_addr+0x89/0x3a0
[  378.034533][ T9391]  sctp_copy_local_addr_list+0x311/0x500
[  378.040221][ T9391]  ? sctp_copy_local_addr_list+0xab/0x500
[  378.046017][ T9391]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  378.052225][ T9391]  ? sctp_v6_is_any+0x60/0x70
[  378.057040][ T9391]  sctp_bind_addr_copy+0xad/0x3b0
[  378.062127][ T9391]  sctp_connect_new_asoc+0x2f3/0x6c0
[  378.067561][ T9391]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  378.073433][ T9391]  ? sctp_sendmsg+0xbb9/0x3520
[  378.078277][ T9391]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  378.083865][ T9391]  ? security_sctp_bind_connect+0x90/0xb0
[  378.089652][ T9391]  sctp_sendmsg+0x219a/0x3520
[  378.094402][ T9391]  ? __pfx_sctp_sendmsg+0x10/0x10
[  378.099472][ T9391]  ? __pfx_aa_sk_perm+0x10/0x10
[  378.104477][ T9391]  ? inet_sendmsg+0x330/0x390
[  378.109200][ T9391]  __sock_sendmsg+0x1a6/0x270
[  378.113917][ T9391]  ____sys_sendmsg+0x525/0x7d0
[  378.118736][ T9391]  ? __pfx_____sys_sendmsg+0x10/0x10
[  378.124459][ T9391]  ? __sys_sendmmsg+0x394/0x740
[  378.129436][ T9391]  __sys_sendmmsg+0x3b2/0x740
[  378.134547][ T9391]  ? __pfx___sys_sendmmsg+0x10/0x10
[  378.139941][ T9391]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  378.145890][ T9391]  ? ksys_write+0x23e/0x2c0
[  378.150442][ T9391]  ? __pfx_lock_release+0x10/0x10
[  378.155511][ T9391]  ? vfs_write+0x7c4/0xc90
[  378.159958][ T9391]  ? __mutex_unlock_slowpath+0x21d/0x750
[  378.165627][ T9391]  ? __pfx_vfs_write+0x10/0x10
[  378.170453][ T9391]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  378.176479][ T9391]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  378.182856][ T9391]  ? do_syscall_64+0x100/0x230
[  378.187644][ T9391]  __x64_sys_sendmmsg+0xa0/0xb0
[  378.192518][ T9391]  do_syscall_64+0xf3/0x230
[  378.197078][ T9391]  ? clear_bhb_loop+0x35/0x90
[  378.201780][ T9391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.207697][ T9391] RIP: 0033:0x7f27fd379ef9
[  378.212126][ T9391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.231954][ T9391] RSP: 002b:00007f27fe1c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  378.240407][ T9391] RAX: ffffffffffffffda RBX: 00007f27fd516058 RCX: 00007f27fd379ef9
[  378.248458][ T9391] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  378.256546][ T9391] RBP: 00007f27fe1c7090 R08: 0000000000000000 R09: 0000000000000000
[  378.264553][ T9391] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  378.272555][ T9391] R13: 0000000000000000 R14: 00007f27fd516058 R15: 00007f27fd63fa28
[  378.280576][ T9391]  </TASK>
[  378.289585][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.307409][  T943] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  378.316586][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.351802][  T943] usb 1-1: config 0 descriptor??
[  378.771866][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  378.777783][ T9396] loop0: detected capacity change from 0 to 7
[  378.796262][ T9396] Dev loop0: unable to read RDB block 7
[  378.802251][ T9396]  loop0: AHDI p1 p2
[  378.812409][  T943] ft260 0003:0403:6030.000F: item fetching failed at offset 0/2
[  378.815633][ T9396] loop0: partition table partially beyond EOD, 
[  378.826845][    T9] usb 2-1: unable to read config index 0 descriptor/start: -71
[  378.848049][  T943] ft260 0003:0403:6030.000F: failed to parse HID
[  378.857507][ T9396] truncated
[  378.870771][ T9396] loop0: p1 start 6514546 is beyond EOD, truncated
[  378.887479][  T943] ft260 0003:0403:6030.000F: probe with driver ft260 failed with error -22
[  378.909781][    T9] usb 2-1: can't read configurations, error -71
[  378.918663][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[  378.925117][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[  379.037863][  T943] usb 1-1: USB disconnect, device number 48
[  379.045741][ T9400] netlink: 209840 bytes leftover after parsing attributes in process `syz.1.934'.
[  379.048550][ T9401] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  379.110415][ T9401] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  379.121148][ T9401] gretap1: entered promiscuous mode
[  379.139945][ T9401] gretap1: entered allmulticast mode
[  379.223616][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.935'.
[  380.538857][ T5277] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  380.807425][ T5277] usb 2-1: Using ep0 maxpacket: 8
[  380.851790][ T5277] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  380.877808][ T5277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.896649][ T9431] xt_CT: You must specify a L4 protocol and not use inversions on it
[  380.926806][ T5277] usb 2-1: config 0 descriptor??
[  381.056378][ T9436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.080593][ T9438] FAULT_INJECTION: forcing a failure.
[  381.080593][ T9438] name failslab, interval 1, probability 0, space 0, times 0
[  381.097757][ T9438] CPU: 1 UID: 0 PID: 9438 Comm: syz.0.943 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  381.108674][ T9438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  381.118787][ T9438] Call Trace:
[  381.122267][ T9438]  <TASK>
[  381.125304][ T9438]  dump_stack_lvl+0x241/0x360
[  381.129998][ T9438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  381.135223][ T9438]  ? __pfx__printk+0x10/0x10
[  381.139858][ T9438]  should_fail_ex+0x3b0/0x4e0
[  381.144670][ T9438]  should_failslab+0xac/0x100
[  381.149492][ T9438]  ? sctp_add_bind_addr+0x89/0x3a0
[  381.154715][ T9438]  __kmalloc_cache_noprof+0x6c/0x2c0
[  381.160038][ T9438]  sctp_add_bind_addr+0x89/0x3a0
[  381.165145][ T9438]  sctp_copy_local_addr_list+0x311/0x500
[  381.170844][ T9438]  ? sctp_copy_local_addr_list+0xab/0x500
[  381.176601][ T9438]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  381.182772][ T9438]  ? sctp_v6_is_any+0x60/0x70
[  381.187482][ T9438]  sctp_bind_addr_copy+0xad/0x3b0
[  381.192524][ T9438]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  381.198882][ T9438]  sctp_connect_new_asoc+0x2f3/0x6c0
[  381.204221][ T9438]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  381.210067][ T9438]  ? sctp_sendmsg+0xbb9/0x3520
[  381.214885][ T9438]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  381.220473][ T9438]  ? security_sctp_bind_connect+0x90/0xb0
[  381.226226][ T9438]  sctp_sendmsg+0x219a/0x3520
[  381.230943][ T9438]  ? __pfx_sctp_sendmsg+0x10/0x10
[  381.236011][ T9438]  ? __pfx_aa_sk_perm+0x10/0x10
[  381.240909][ T9438]  ? inet_sendmsg+0x330/0x390
[  381.245635][ T9438]  __sock_sendmsg+0x1a6/0x270
[  381.250351][ T9438]  ____sys_sendmsg+0x525/0x7d0
[  381.255150][ T9438]  ? __pfx_____sys_sendmsg+0x10/0x10
[  381.260477][ T9438]  __sys_sendmmsg+0x3b2/0x740
[  381.265193][ T9438]  ? __pfx___sys_sendmmsg+0x10/0x10
[  381.270456][ T9438]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  381.276393][ T9438]  ? ksys_write+0x23e/0x2c0
[  381.281058][ T9438]  ? __pfx_lock_release+0x10/0x10
[  381.286178][ T9438]  ? vfs_write+0x7c4/0xc90
[  381.290627][ T9438]  ? __mutex_unlock_slowpath+0x21d/0x750
[  381.296294][ T9438]  ? __pfx_vfs_write+0x10/0x10
[  381.301106][ T9438]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  381.307132][ T9438]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  381.313481][ T9438]  ? do_syscall_64+0x100/0x230
[  381.318306][ T9438]  __x64_sys_sendmmsg+0xa0/0xb0
[  381.323215][ T9438]  do_syscall_64+0xf3/0x230
[  381.327767][ T9438]  ? clear_bhb_loop+0x35/0x90
[  381.332468][ T9438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.338384][ T9438] RIP: 0033:0x7ff17d179ef9
[  381.342808][ T9438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.362495][ T9438] RSP: 002b:00007ff17df3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  381.370949][ T9438] RAX: ffffffffffffffda RBX: 00007ff17d316058 RCX: 00007ff17d179ef9
[  381.378943][ T9438] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  381.386946][ T9438] RBP: 00007ff17df3c090 R08: 0000000000000000 R09: 0000000000000000
[  381.395025][ T9438] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  381.403048][ T9438] R13: 0000000000000000 R14: 00007ff17d316058 R15: 00007ff17d43fa28
[  381.411058][ T9438]  </TASK>
[  381.612900][ T9436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  381.869413][ T9445] loop0: detected capacity change from 0 to 7
[  381.897877][ T9440] syzkaller1: entered promiscuous mode
[  381.919258][ T9440] syzkaller1: entered allmulticast mode
[  381.926171][ T9445] Dev loop0: unable to read RDB block 7
[  381.933585][ T9445]  loop0: AHDI p1 p2
[  381.957350][ T9445] loop0: partition table partially beyond EOD, truncated
[  381.973409][ T9445] loop0: p1 start 6514546 is beyond EOD, truncated
[  382.121353][ T5229] Bluetooth: hci1: unexpected event for opcode 0x080f
[  382.129081][ T5229] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  382.278294][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.336239][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.358378][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.371285][ T5284] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  382.406252][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.436956][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.482486][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.491452][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.499793][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.507817][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.515512][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.534311][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.542949][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.560384][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.577364][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.585994][ T5284] usb 1-1: config 0 has an invalid interface number: 4 but max is 0
[  382.586029][ T5284] usb 1-1: config 0 has no interface number 0
[  382.586073][ T5284] usb 1-1: config 0 interface 4 has no altsetting 0
[  382.586113][ T5284] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  382.586141][ T5284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.588978][ T5284] usb 1-1: config 0 descriptor??
[  382.624872][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.664961][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.699708][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.736042][ T5284] cp210x 1-1:0.4: cp210x converter detected
[  382.744622][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.757744][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.765596][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.777044][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.795047][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.804555][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.812627][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.833172][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.843402][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.855158][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.872251][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.895507][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.923427][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.955034][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  382.955074][   T25] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  383.029453][   T25] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  383.286254][ T5284] cp210x 1-1:0.4: failed to get vendor val 0x000e size 3: -71
[  383.326655][ T9469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.951'.
[  383.350625][ T5284] usb 1-1: cp210x converter now attached to ttyUSB0
[  383.394675][ T5284] usb 1-1: USB disconnect, device number 49
[  383.438006][ T5284] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  383.474252][ T5284] cp210x 1-1:0.4: device disconnected
[  383.840904][ T9481] xt_CT: You must specify a L4 protocol and not use inversions on it
[  384.067926][ T5277] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  384.123213][ T5277] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  384.194075][ T5277] asix 2-1:0.0: probe with driver asix failed with error -71
[  384.260433][ T5277] usb 2-1: USB disconnect, device number 57
[  384.358187][ T9485] netlink: 12 bytes leftover after parsing attributes in process `syz.4.956'.
[  384.401022][ T9487] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  384.757712][ T9499] netlink: 20 bytes leftover after parsing attributes in process `syz.0.959'.
[  384.816372][ T9501] FAULT_INJECTION: forcing a failure.
[  384.816372][ T9501] name failslab, interval 1, probability 0, space 0, times 0
[  384.834483][ T9501] CPU: 1 UID: 0 PID: 9501 Comm: syz.2.957 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  384.845226][ T9501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  384.855321][ T9501] Call Trace:
[  384.858637][ T9501]  <TASK>
[  384.861603][ T9501]  dump_stack_lvl+0x241/0x360
[  384.866412][ T9501]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.871644][ T9501]  ? __pfx__printk+0x10/0x10
[  384.876396][ T9501]  should_fail_ex+0x3b0/0x4e0
[  384.881223][ T9501]  should_failslab+0xac/0x100
[  384.885932][ T9501]  ? sctp_add_bind_addr+0x89/0x3a0
[  384.891068][ T9501]  __kmalloc_cache_noprof+0x6c/0x2c0
[  384.896480][ T9501]  sctp_add_bind_addr+0x89/0x3a0
[  384.901477][ T9501]  sctp_copy_local_addr_list+0x311/0x500
[  384.907150][ T9501]  ? sctp_copy_local_addr_list+0xab/0x500
[  384.912914][ T9501]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  384.919115][ T9501]  ? sctp_v6_is_any+0x60/0x70
[  384.923835][ T9501]  sctp_bind_addr_copy+0xad/0x3b0
[  384.928879][ T9501]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  384.935235][ T9501]  sctp_connect_new_asoc+0x2f3/0x6c0
[  384.940655][ T9501]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  384.946650][ T9501]  ? sctp_sendmsg+0xbb9/0x3520
[  384.951534][ T9501]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  384.957290][ T9501]  ? security_sctp_bind_connect+0x90/0xb0
[  384.963060][ T9501]  sctp_sendmsg+0x219a/0x3520
[  384.967784][ T9501]  ? __pfx_sctp_sendmsg+0x10/0x10
[  384.972874][ T9501]  ? __pfx_aa_sk_perm+0x10/0x10
[  384.977764][ T9501]  ? inet_sendmsg+0x330/0x390
[  384.982517][ T9501]  __sock_sendmsg+0x1a6/0x270
[  384.987235][ T9501]  ____sys_sendmsg+0x525/0x7d0
[  384.992043][ T9501]  ? __pfx_____sys_sendmsg+0x10/0x10
[  384.997391][ T9501]  __sys_sendmmsg+0x3b2/0x740
[  385.002521][ T9501]  ? __pfx___sys_sendmmsg+0x10/0x10
[  385.007796][ T9501]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  385.013745][ T9501]  ? ksys_write+0x23e/0x2c0
[  385.018292][ T9501]  ? __pfx_lock_release+0x10/0x10
[  385.023357][ T9501]  ? vfs_write+0x7c4/0xc90
[  385.027802][ T9501]  ? __mutex_unlock_slowpath+0x21d/0x750
[  385.033466][ T9501]  ? __pfx_vfs_write+0x10/0x10
[  385.038459][ T9501]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  385.044489][ T9501]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  385.050851][ T9501]  ? do_syscall_64+0x100/0x230
[  385.055627][ T9501]  __x64_sys_sendmmsg+0xa0/0xb0
[  385.060493][ T9501]  do_syscall_64+0xf3/0x230
[  385.065013][ T9501]  ? clear_bhb_loop+0x35/0x90
[  385.069774][ T9501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.075704][ T9501] RIP: 0033:0x7f3db3979ef9
[  385.080158][ T9501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.099876][ T9501] RSP: 002b:00007f3db47e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  385.108342][ T9501] RAX: ffffffffffffffda RBX: 00007f3db3b16058 RCX: 00007f3db3979ef9
[  385.116340][ T9501] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  385.124331][ T9501] RBP: 00007f3db47e6090 R08: 0000000000000000 R09: 0000000000000000
[  385.132499][ T9501] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  385.140599][ T9501] R13: 0000000000000000 R14: 00007f3db3b16058 R15: 00007f3db3c3fa28
[  385.148729][ T9501]  </TASK>
[  385.158879][ T9500] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[  385.257559][ T5277] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  385.303077][ T5229] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  385.314617][ T5229] Bluetooth: hci1: ISO packet for unknown connection handle 48
[  385.449069][ T5277] usb 2-1: device descriptor read/64, error -71
[  385.517432][    T8] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  385.694395][ T9505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  385.755444][ T9505] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  385.759012][ T5277] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  385.773113][    T8] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  385.818171][    T8] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  385.845729][    T8] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  385.864681][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.889332][ T9493] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  385.912263][    T8] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  385.962330][ T5277] usb 2-1: device descriptor read/64, error -71
[  386.117606][    T8] usb 1-1: USB disconnect, device number 50
[  386.134498][ T5277] usb usb2-port1: attempt power cycle
[  386.180765][ T5229] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  386.191220][ T5229] Bluetooth: hci1: Injecting HCI hardware error event
[  386.202232][ T5233] Bluetooth: hci1: hardware error 0x00
[  386.253636][ T9520] FAULT_INJECTION: forcing a failure.
[  386.253636][ T9520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.268329][ T9520] CPU: 0 UID: 0 PID: 9520 Comm: syz.2.966 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  386.279068][ T9520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  386.289171][ T9520] Call Trace:
[  386.292549][ T9520]  <TASK>
[  386.295518][ T9520]  dump_stack_lvl+0x241/0x360
[  386.300351][ T9520]  ? __pfx_dump_stack_lvl+0x10/0x10
[  386.307082][ T9520]  ? __pfx__printk+0x10/0x10
[  386.311752][ T9520]  ? __pfx_lock_release+0x10/0x10
[  386.316856][ T9520]  ? validate_chain+0x11e/0x5900
[  386.321824][ T9520]  should_fail_ex+0x3b0/0x4e0
[  386.326534][ T9520]  _copy_from_iter+0x1f6/0x1960
[  386.331420][ T9520]  ? __pfx_validate_chain+0x10/0x10
[  386.336657][ T9520]  ? __pfx__copy_from_iter+0x10/0x10
[  386.341992][ T9520]  tun_get_user+0x25f/0x4720
[  386.346664][ T9520]  ? __pfx_lock_release+0x10/0x10
[  386.351752][ T9520]  ? __lock_acquire+0x137a/0x2040
[  386.357019][ T9520]  ? __pfx_tun_get_user+0x10/0x10
[  386.362177][ T9520]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  386.367675][ T9520]  ? tun_get+0x1e/0x2f0
[  386.371879][ T9520]  ? __pfx_lock_release+0x10/0x10
[  386.376951][ T9520]  ? tun_get+0x1e/0x2f0
[  386.381219][ T9520]  ? tun_get+0x27d/0x2f0
[  386.385504][ T9520]  tun_chr_write_iter+0x113/0x1f0
[  386.390684][ T9520]  vfs_write+0xa72/0xc90
[  386.394956][ T9520]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  386.400537][ T9520]  ? __pfx_vfs_write+0x10/0x10
[  386.405342][ T9520]  ksys_write+0x1a0/0x2c0
[  386.409699][ T9520]  ? __pfx_ksys_write+0x10/0x10
[  386.414592][ T9520]  ? do_syscall_64+0x100/0x230
[  386.419420][ T9520]  ? do_syscall_64+0xb6/0x230
[  386.424145][ T9520]  do_syscall_64+0xf3/0x230
[  386.428692][ T9520]  ? clear_bhb_loop+0x35/0x90
[  386.433419][ T9520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.439520][ T9520] RIP: 0033:0x7f3db3979ef9
[  386.444078][ T9520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.463813][ T9520] RSP: 002b:00007f3db4807038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  386.472256][ T9520] RAX: ffffffffffffffda RBX: 00007f3db3b15f80 RCX: 00007f3db3979ef9
[  386.480365][ T9520] RDX: 0000000000000ffe RSI: 00000000200000c0 RDI: 0000000000000003
[  386.488374][ T9520] RBP: 00007f3db4807090 R08: 0000000000000000 R09: 0000000000000000
[  386.496380][ T9520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.504477][ T9520] R13: 0000000000000000 R14: 00007f3db3b15f80 R15: 00007f3db3c3fa28
[  386.512487][ T9520]  </TASK>
[  386.515706][    C0] vkms_vblank_simulate: vblank timer overrun
[  386.610907][ T5277] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  386.668489][ T5277] usb 2-1: device descriptor read/8, error -71
[  386.957523][ T5277] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  387.121357][ T5277] usb 2-1: device descriptor read/8, error -71
[  387.222777][ T9532] netlink: 4 bytes leftover after parsing attributes in process `syz.2.970'.
[  387.297955][ T5277] usb usb2-port1: unable to enumerate USB device
[  387.506590][ T9542] FAULT_INJECTION: forcing a failure.
[  387.506590][ T9542] name failslab, interval 1, probability 0, space 0, times 0
[  387.536387][ T9542] CPU: 0 UID: 0 PID: 9542 Comm: syz.0.972 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  387.547023][ T9542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  387.557088][ T9542] Call Trace:
[  387.560378][ T9542]  <TASK>
[  387.563382][ T9542]  dump_stack_lvl+0x241/0x360
[  387.568187][ T9542]  ? __pfx_dump_stack_lvl+0x10/0x10
[  387.573497][ T9542]  ? __pfx__printk+0x10/0x10
[  387.578131][ T9542]  should_fail_ex+0x3b0/0x4e0
[  387.582845][ T9542]  should_failslab+0xac/0x100
[  387.588006][ T9542]  ? sctp_add_bind_addr+0x89/0x3a0
[  387.593171][ T9542]  __kmalloc_cache_noprof+0x6c/0x2c0
[  387.598530][ T9542]  sctp_add_bind_addr+0x89/0x3a0
[  387.603505][ T9542]  sctp_copy_local_addr_list+0x311/0x500
[  387.609159][ T9542]  ? sctp_copy_local_addr_list+0xab/0x500
[  387.614895][ T9542]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  387.621064][ T9542]  ? sctp_v6_is_any+0x60/0x70
[  387.625759][ T9542]  sctp_bind_addr_copy+0xad/0x3b0
[  387.630807][ T9542]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  387.637155][ T9542]  sctp_connect_new_asoc+0x2f3/0x6c0
[  387.642474][ T9542]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  387.648355][ T9542]  ? sctp_sendmsg+0xbb9/0x3520
[  387.653140][ T9542]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  387.658722][ T9542]  ? security_sctp_bind_connect+0x90/0xb0
[  387.664495][ T9542]  sctp_sendmsg+0x219a/0x3520
[  387.669238][ T9542]  ? __pfx_sctp_sendmsg+0x10/0x10
[  387.674395][ T9542]  ? __pfx_aa_sk_perm+0x10/0x10
[  387.679357][ T9542]  ? inet_sendmsg+0x330/0x390
[  387.684056][ T9542]  __sock_sendmsg+0x1a6/0x270
[  387.688757][ T9542]  ____sys_sendmsg+0x525/0x7d0
[  387.693679][ T9542]  ? __pfx_____sys_sendmsg+0x10/0x10
[  387.699057][ T9542]  __sys_sendmmsg+0x3b2/0x740
[  387.703822][ T9542]  ? __pfx___sys_sendmmsg+0x10/0x10
[  387.709173][ T9542]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  387.715119][ T9542]  ? ksys_write+0x23e/0x2c0
[  387.719653][ T9542]  ? __pfx_lock_release+0x10/0x10
[  387.724814][ T9542]  ? vfs_write+0x7c4/0xc90
[  387.729281][ T9542]  ? __mutex_unlock_slowpath+0x21d/0x750
[  387.734954][ T9542]  ? __pfx_vfs_write+0x10/0x10
[  387.739770][ T9542]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  387.745825][ T9542]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  387.752183][ T9542]  ? do_syscall_64+0x100/0x230
[  387.757032][ T9542]  __x64_sys_sendmmsg+0xa0/0xb0
[  387.761932][ T9542]  do_syscall_64+0xf3/0x230
[  387.766523][ T9542]  ? clear_bhb_loop+0x35/0x90
[  387.771370][ T9542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.777312][ T9542] RIP: 0033:0x7ff17d179ef9
[  387.781762][ T9542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.801437][ T9542] RSP: 002b:00007ff17df3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  387.809924][ T9542] RAX: ffffffffffffffda RBX: 00007ff17d316058 RCX: 00007ff17d179ef9
[  387.818010][ T9542] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000004
[  387.826021][ T9542] RBP: 00007ff17df3c090 R08: 0000000000000000 R09: 0000000000000000
[  387.834100][ T9542] R10: 000000000000c0c0 R11: 0000000000000246 R12: 0000000000000002
[  387.842103][ T9542] R13: 0000000000000000 R14: 00007ff17d316058 R15: 00007ff17d43fa28
[  387.850125][ T9542]  </TASK>
[  387.853342][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.257920][ T5233] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  388.319446][ T9550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.973'.
[  388.808319][ T9558] FAULT_INJECTION: forcing a failure.
[  388.808319][ T9558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.847576][ T9558] CPU: 0 UID: 0 PID: 9558 Comm: syz.0.977 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  388.858205][ T9558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  388.868365][ T9558] Call Trace:
[  388.871777][ T9558]  <TASK>
[  388.874725][ T9558]  dump_stack_lvl+0x241/0x360
[  388.879433][ T9558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.884644][ T9558]  ? __pfx__printk+0x10/0x10
[  388.889272][ T9558]  ? __pfx_lock_release+0x10/0x10
[  388.894414][ T9558]  should_fail_ex+0x3b0/0x4e0
[  388.899205][ T9558]  _copy_from_user+0x2f/0xe0
[  388.903830][ T9558]  copy_msghdr_from_user+0xae/0x680
[  388.909065][ T9558]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  388.914932][ T9558]  __sys_sendmsg+0x23d/0x3a0
[  388.919568][ T9558]  ? __pfx___sys_sendmsg+0x10/0x10
[  388.924723][ T9558]  ? vfs_write+0x7c4/0xc90
[  388.929218][ T9558]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  388.935577][ T9558]  ? do_syscall_64+0x100/0x230
[  388.940415][ T9558]  ? do_syscall_64+0xb6/0x230
[  388.945148][ T9558]  do_syscall_64+0xf3/0x230
[  388.949682][ T9558]  ? clear_bhb_loop+0x35/0x90
[  388.954439][ T9558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.960385][ T9558] RIP: 0033:0x7ff17d179ef9
[  388.964841][ T9558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.984573][ T9558] RSP: 002b:00007ff17df5d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  388.993235][ T9558] RAX: ffffffffffffffda RBX: 00007ff17d315f80 RCX: 00007ff17d179ef9
[  389.001249][ T9558] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  389.009330][ T9558] RBP: 00007ff17df5d090 R08: 0000000000000000 R09: 0000000000000000
[  389.017317][ T9558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.025316][ T9558] R13: 0000000000000000 R14: 00007ff17d315f80 R15: 00007ff17d43fa28
[  389.033330][ T9558]  </TASK>
[  389.036505][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.591520][ T9566] netlink: 20 bytes leftover after parsing attributes in process `syz.2.978'.
[  389.667026][ T9572] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[  389.787109][ T9566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  389.888683][ T9566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.106686][ T9582] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  390.288005][ T5277] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  390.440272][ T9586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.986'.
[  390.527379][ T5277] usb 1-1: Using ep0 maxpacket: 8
[  390.539574][ T5277] usb 1-1: config index 0 descriptor too short (expected 5924, got 36)
[  390.557340][ T5277] usb 1-1: config 250 has an invalid interface number: 228 but max is -1
[  390.578300][ T5277] usb 1-1: config 250 has 1 interface, different from the descriptor's value: 0
[  390.617481][ T5277] usb 1-1: config 250 has no interface number 0
[  390.643783][ T5277] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  390.703315][ T5277] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  390.736755][ T5277] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  390.776667][ T5277] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  390.821012][ T5277] usb 1-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  390.862300][ T5277] usb 1-1: config 250 interface 228 has no altsetting 0
[  390.886290][ T5277] usb 1-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  390.932350][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  390.952856][ T5277] usb 1-1: Product: syz
[  390.963146][ T5277] usb 1-1: SerialNumber: syz
[  391.005336][ T5277] hub 1-1:250.228: bad descriptor, ignoring hub
[  391.036508][ T5277] hub 1-1:250.228: probe with driver hub failed with error -5
[  391.221471][ T5277] usblp 1-1:250.228: usblp0: USB Bidirectional printer dev 51 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  391.221483][ T9576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  391.375659][ T9576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.495921][ T9592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  391.569538][ T9592] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.762504][ T9603] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  391.822207][ T9603] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.840744][ T9606] netlink: 12 bytes leftover after parsing attributes in process `syz.2.989'.
[  391.977379][  T943] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  392.137410][  T943] usb 4-1: device descriptor read/64, error -71
[  392.296359][ T9614] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.994'.
[  392.327446][ T9614] netlink: zone id is out of range
[  392.340416][ T9614] netlink: zone id is out of range
[  392.359121][ T9614] netlink: zone id is out of range
[  392.373372][ T9614] netlink: zone id is out of range
[  392.386089][ T9614] netlink: zone id is out of range
[  392.392417][ T9614] netlink: zone id is out of range
[  392.399109][ T9614] netlink: zone id is out of range
[  392.420569][ T9614] netlink: zone id is out of range
[  392.425926][ T9614] netlink: zone id is out of range
[  392.431585][ T9614] netlink: zone id is out of range
[  392.433802][  T943] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  392.647355][  T943] usb 4-1: device descriptor read/64, error -71
[  392.787093][ T9617] netlink: 32 bytes leftover after parsing attributes in process `syz.2.995'.
[  392.800041][  T943] usb usb4-port1: attempt power cycle
[  393.197703][    T9] usb 1-1: USB disconnect, device number 51
[  393.220327][  T943] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  393.245225][    T9] usblp0: removed
[  393.301538][  T943] usb 4-1: device descriptor read/8, error -71
[  393.352184][ T5233] Bluetooth: hci4: unexpected cc 0x2007 length: 100 > 2
[  393.506304][ T9628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.552813][ T9628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.577708][  T943] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  393.618949][  T943] usb 4-1: device descriptor read/8, error -71
[  393.717373][ T5277] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  393.757592][  T943] usb usb4-port1: unable to enumerate USB device
[  393.929561][ T5277] usb 1-1: Using ep0 maxpacket: 16
[  393.952023][ T5277] usb 1-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config
[  393.983016][ T5277] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  393.992814][ T5277] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  394.010643][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.046162][ T5277] usb 1-1: config 0 descriptor??
[  394.181943][ T9630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.290526][ T5277] usb 1-1: string descriptor 0 read error: -71
[  394.306862][ T5277] usb 1-1: USB disconnect, device number 52
[  394.313772][ T9630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.416930][ T9633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1001'.
[  395.564205][ T9654] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1005'.
[  395.792155][ T9659] FAULT_INJECTION: forcing a failure.
[  395.792155][ T9659] name failslab, interval 1, probability 0, space 0, times 0
[  395.849119][ T9659] CPU: 0 UID: 0 PID: 9659 Comm: syz.2.1007 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  395.859848][ T9659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  395.869921][ T9659] Call Trace:
[  395.873204][ T9659]  <TASK>
[  395.876138][ T9659]  dump_stack_lvl+0x241/0x360
[  395.880844][ T9659]  ? __pfx_dump_stack_lvl+0x10/0x10
[  395.886049][ T9659]  ? __pfx__printk+0x10/0x10
[  395.890662][ T9659]  ? __lruvec_stat_mod_folio+0x7d/0x300
[  395.896248][ T9659]  ? __phys_addr+0xba/0x170
[  395.900800][ T9659]  should_fail_ex+0x3b0/0x4e0
[  395.905491][ T9659]  ? __build_skb+0x4b/0x90
[  395.909943][ T9659]  should_failslab+0xac/0x100
[  395.914744][ T9659]  ? __build_skb+0x4b/0x90
[  395.919165][ T9659]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  395.924568][ T9659]  __build_skb+0x4b/0x90
[  395.928822][ T9659]  netlink_alloc_large_skb+0x65/0x100
[  395.934218][ T9659]  netlink_sendmsg+0x638/0xcb0
[  395.939009][ T9659]  ? __pfx_netlink_sendmsg+0x10/0x10
[  395.944662][ T9659]  ? __import_iovec+0x536/0x820
[  395.949547][ T9659]  ? aa_sock_msg_perm+0x91/0x160
[  395.954493][ T9659]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  395.959888][ T9659]  ? security_socket_sendmsg+0x87/0xb0
[  395.965384][ T9659]  ? __pfx_netlink_sendmsg+0x10/0x10
[  395.970676][ T9659]  __sock_sendmsg+0x221/0x270
[  395.975368][ T9659]  ____sys_sendmsg+0x525/0x7d0
[  395.980148][ T9659]  ? __pfx_____sys_sendmsg+0x10/0x10
[  395.985476][ T9659]  __sys_sendmsg+0x2b0/0x3a0
[  395.990104][ T9659]  ? __pfx___sys_sendmsg+0x10/0x10
[  395.995228][ T9659]  ? vfs_write+0x7c4/0xc90
[  395.999824][ T9659]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  396.006237][ T9659]  ? do_syscall_64+0x100/0x230
[  396.011030][ T9659]  ? do_syscall_64+0xb6/0x230
[  396.016344][ T9659]  do_syscall_64+0xf3/0x230
[  396.020861][ T9659]  ? clear_bhb_loop+0x35/0x90
[  396.025560][ T9659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.031459][ T9659] RIP: 0033:0x7f3db3979ef9
[  396.036058][ T9659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.055793][ T9659] RSP: 002b:00007f3db4807038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  396.064398][ T9659] RAX: ffffffffffffffda RBX: 00007f3db3b15f80 RCX: 00007f3db3979ef9
[  396.072647][ T9659] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  396.080634][ T9659] RBP: 00007f3db4807090 R08: 0000000000000000 R09: 0000000000000000
[  396.088831][ T9659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.096854][ T9659] R13: 0000000000000000 R14: 00007f3db3b15f80 R15: 00007f3db3c3fa28
[  396.105046][ T9659]  </TASK>
[  396.337924][   T55] Bluetooth: hci5: command 0x0406 tx timeout
[  396.427735][ T9658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  396.591827][ T9658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  396.861177][ T9671] xt_CT: You must specify a L4 protocol and not use inversions on it
[  397.064653][ T9676] veth0_to_bridge: entered promiscuous mode
[  397.110991][ T9674] veth0_to_bridge: left promiscuous mode
[  397.137400][ T5233] Bluetooth: hci4: command tx timeout
[  397.377503][ T5233] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  397.386493][ T5233] Bluetooth: hci4: Injecting HCI hardware error event
[  397.395651][ T5233] Bluetooth: hci4: hardware error 0x00
[  397.527791][ T9682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.735731][ T9682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.755232][ T9682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.781295][ T9684] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1016'.
[  397.811327][ T9686] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1017'.
[  397.820752][ T9684] net_ratelimit: 34 callbacks suppressed
[  397.820952][ T9684] openvswitch: netlink: Key type 29 is not supported
[  397.833880][ T9682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.959634][ T9688] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  398.013471][ T9688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  399.335661][ T9706] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1021'.
[  399.587297][  T943] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  399.617546][ T5233] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  399.725067][ T9709] No such timeout policy "syz0"
[  399.792551][ T9710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  399.817284][  T943] usb 1-1: Using ep0 maxpacket: 8
[  399.844651][  T943] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  399.901590][  T943] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  399.911883][ T9710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  399.915072][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  399.961028][  T943] usb 1-1: SerialNumber: syz
[  399.976676][ T9709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  399.993991][  T943] usb 1-1: config 0 descriptor??
[  400.031265][ T9715] raw_sendmsg: syz.3.1023 forgot to set AF_INET. Fix it!
[  400.062109][  T943] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  400.098676][ T9709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  400.159850][  T943] usb 1-1: No valid video chain found.
[  400.291068][ T9719] FAULT_INJECTION: forcing a failure.
[  400.291068][ T9719] name failslab, interval 1, probability 0, space 0, times 0
[  400.334982][ T9719] CPU: 0 UID: 0 PID: 9719 Comm: syz.1.1024 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  400.345707][ T9719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  400.355772][ T9719] Call Trace:
[  400.359075][ T9719]  <TASK>
[  400.362045][ T9719]  dump_stack_lvl+0x241/0x360
[  400.366765][ T9719]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.371990][ T9719]  ? __pfx__printk+0x10/0x10
[  400.376600][ T9719]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  400.382598][ T9719]  ? __pfx___might_resched+0x10/0x10
[  400.387899][ T9719]  should_fail_ex+0x3b0/0x4e0
[  400.392587][ T9719]  should_failslab+0xac/0x100
[  400.397296][ T9719]  ? __alloc_skb+0x1c3/0x440
[  400.401945][ T9719]  kmem_cache_alloc_node_noprof+0x71/0x320
[  400.407772][ T9719]  __alloc_skb+0x1c3/0x440
[  400.412210][ T9719]  ? __pfx___alloc_skb+0x10/0x10
[  400.417185][ T9719]  ? __pfx___might_resched+0x10/0x10
[  400.422505][ T9719]  alloc_skb_with_frags+0xc3/0x770
[  400.427641][ T9719]  ? validate_chain+0x11e/0x5900
[  400.432605][ T9719]  sock_alloc_send_pskb+0x91a/0xa60
[  400.437857][ T9719]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  400.443624][ T9719]  ? iov_iter_advance+0x8f/0x1b0
[  400.448578][ T9719]  tun_get_user+0xcf3/0x4720
[  400.453188][ T9719]  ? __lock_acquire+0x137a/0x2040
[  400.458244][ T9719]  ? __pfx_tun_get_user+0x10/0x10
[  400.463310][ T9719]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  400.468785][ T9719]  ? tun_get+0x1e/0x2f0
[  400.472963][ T9719]  ? __pfx_lock_release+0x10/0x10
[  400.478113][ T9719]  ? tun_get+0x1e/0x2f0
[  400.482337][ T9719]  ? tun_get+0x27d/0x2f0
[  400.486603][ T9719]  tun_chr_write_iter+0x113/0x1f0
[  400.491678][ T9719]  vfs_write+0xa72/0xc90
[  400.495940][ T9719]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  400.501509][ T9719]  ? __pfx_vfs_write+0x10/0x10
[  400.506331][ T9719]  ksys_write+0x1a0/0x2c0
[  400.510679][ T9719]  ? __pfx_ksys_write+0x10/0x10
[  400.515549][ T9719]  ? do_syscall_64+0x100/0x230
[  400.520339][ T9719]  ? do_syscall_64+0xb6/0x230
[  400.525034][ T9719]  do_syscall_64+0xf3/0x230
[  400.529550][ T9719]  ? clear_bhb_loop+0x35/0x90
[  400.534241][ T9719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.540152][ T9719] RIP: 0033:0x7fcb53179ef9
[  400.544584][ T9719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.564314][ T9719] RSP: 002b:00007fcb53ec0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  400.572745][ T9719] RAX: ffffffffffffffda RBX: 00007fcb53315f80 RCX: 00007fcb53179ef9
[  400.580735][ T9719] RDX: 0000000000000ffe RSI: 00000000200000c0 RDI: 0000000000000003
[  400.588726][ T9719] RBP: 00007fcb53ec0090 R08: 0000000000000000 R09: 0000000000000000
[  400.596714][ T9719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.604701][ T9719] R13: 0000000000000000 R14: 00007fcb53315f80 R15: 00007fcb5343fa28
[  400.612785][ T9719]  </TASK>
[  400.957742][  T943] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  401.137353][  T943] usb 4-1: device descriptor read/64, error -71
[  401.308412][ T9724] sch_tbf: peakrate 6 is lower than or equals to rate 37092 !
[  401.321154][ T9724] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1025'.
[  401.417334][  T943] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  401.587323][  T943] usb 4-1: device descriptor read/64, error -71
[  401.745844][  T943] usb usb4-port1: attempt power cycle
[  402.187434][ T5271] usb 1-1: USB disconnect, device number 53
[  402.198119][  T943] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  402.249196][  T943] usb 4-1: device descriptor read/8, error -71
[  402.387584][ T9732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1030'.
[  402.548205][  T943] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  402.631652][  T943] usb 4-1: device descriptor read/8, error -71
[  402.760208][  T943] usb usb4-port1: unable to enumerate USB device
[  403.228519][ T9746] loop0: detected capacity change from 0 to 7
[  403.284378][ T9746] Dev loop0: unable to read RDB block 7
[  403.301495][ T9746]  loop0: AHDI p1 p2
[  403.323219][ T9746] loop0: partition table partially beyond EOD, truncated
[  403.364080][ T9746] loop0: p1 start 6514546 is beyond EOD, truncated
[  403.740195][ T9749] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1034'.
[  403.897519][  T943] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  403.957871][   T29] audit: type=1326 audit(1724949573.803:4310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9751 comm="syz.3.1036" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6005d79ef9 code=0x0
[  404.177463][  T943] usb 2-1: Using ep0 maxpacket: 8
[  404.251478][  T943] usb 2-1: config index 0 descriptor too short (expected 5924, got 36)
[  404.316139][  T943] usb 2-1: config 250 has an invalid interface number: 228 but max is -1
[  404.371589][  T943] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0
[  404.423258][  T943] usb 2-1: config 250 has no interface number 0
[  404.477014][  T943] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  404.527378][  T943] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  404.572885][  T943] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  404.630198][  T943] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  404.677319][  T943] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  404.703914][  T943] usb 2-1: config 250 interface 228 has no altsetting 0
[  404.727335][  T943] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  404.761270][  T943] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  404.779756][ T9770] xt_CT: You must specify a L4 protocol and not use inversions on it
[  404.799023][  T943] usb 2-1: Product: syz
[  404.813207][  T943] usb 2-1: SerialNumber: syz
[  404.840967][  T943] hub 2-1:250.228: bad descriptor, ignoring hub
[  404.869566][  T943] hub 2-1:250.228: probe with driver hub failed with error -5
[  405.041749][ T9752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  405.055016][  T943] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 62 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  405.116252][ T9752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  405.326364][ T9779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  405.354691][ T9779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  406.015796][ T9768] syz.4.1038 (9768): drop_caches: 2
[  406.797424][ T2640] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  406.805484][ T5277] usb 2-1: USB disconnect, device number 62
[  406.853689][ T5277] usblp0: removed
[  406.912527][ T9785] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1045'.
[  407.016328][ T9787] FAULT_INJECTION: forcing a failure.
[  407.016328][ T9787] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  407.038029][ T2640] usb 1-1: Using ep0 maxpacket: 8
[  407.062654][ T9790] loop0: detected capacity change from 0 to 7
[  407.076764][ T2640] usb 1-1: config 0 has no interfaces?
[  407.084433][ T2640] usb 1-1: config 0 has no interfaces?
[  407.092851][ T2640] usb 1-1: config 0 has no interfaces?
[  407.099488][ T9790] Dev loop0: unable to read RDB block 7
[  407.108575][ T2640] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  407.126243][ T9790]  loop0: AHDI p1 p2
[  407.130775][ T2640] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.140750][ T9771] syz.4.1038 (9771): drop_caches: 2
[  407.146397][ T9790] loop0: partition table partially beyond EOD, truncated
[  407.164059][ T9787] CPU: 1 UID: 0 PID: 9787 Comm: syz.2.1044 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  407.174884][ T9787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  407.185169][ T9787] Call Trace:
[  407.188472][ T9787]  <TASK>
[  407.191406][ T9787]  dump_stack_lvl+0x241/0x360
[  407.196124][ T9787]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.201446][ T9787]  ? __pfx__printk+0x10/0x10
[  407.206093][ T9787]  should_fail_ex+0x3b0/0x4e0
[  407.210831][ T9787]  prepare_alloc_pages+0x1da/0x5d0
[  407.216013][ T9787]  __alloc_pages_noprof+0x166/0x6c0
[  407.217524][ T9790] loop0: p1 start 6514546 is beyond EOD, 
[  407.221266][ T9787]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  407.221287][ T9790] truncated
[  407.221312][ T9787]  ? kmalloc_reserve+0xa8/0x2a0
[  407.240783][ T9787]  ? __build_skb_around+0x245/0x3d0
[  407.246040][ T9787]  alloc_pages_mpol_noprof+0x3e8/0x680
[  407.251574][ T9787]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  407.257613][ T9787]  ? __pfx___might_resched+0x10/0x10
[  407.262949][ T9787]  ? alloc_pages_noprof+0xef/0x170
[  407.268204][ T9787]  alloc_skb_with_frags+0x21c/0x770
[  407.273473][ T9787]  sock_alloc_send_pskb+0x91a/0xa60
[  407.278745][ T9787]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  407.284536][ T9787]  ? iov_iter_advance+0x8f/0x1b0
[  407.289525][ T9787]  tun_get_user+0xcf3/0x4720
[  407.294173][ T9787]  ? __lock_acquire+0x137a/0x2040
[  407.299255][ T9787]  ? __pfx_tun_get_user+0x10/0x10
[  407.304348][ T9787]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  407.309871][ T9787]  ? tun_get+0x1e/0x2f0
[  407.314083][ T9787]  ? __pfx_lock_release+0x10/0x10
[  407.319182][ T9787]  ? tun_get+0x1e/0x2f0
[  407.323383][ T9787]  ? tun_get+0x27d/0x2f0
[  407.327679][ T9787]  tun_chr_write_iter+0x113/0x1f0
[  407.332760][ T9787]  vfs_write+0xa72/0xc90
[  407.337050][ T9787]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  407.342733][ T9787]  ? __pfx_vfs_write+0x10/0x10
[  407.347548][ T9787]  ksys_write+0x1a0/0x2c0
[  407.351910][ T9787]  ? __pfx_ksys_write+0x10/0x10
[  407.356826][ T9787]  ? do_syscall_64+0x100/0x230
[  407.361643][ T9787]  ? do_syscall_64+0xb6/0x230
[  407.366546][ T9787]  do_syscall_64+0xf3/0x230
[  407.371096][ T9787]  ? clear_bhb_loop+0x35/0x90
[  407.375816][ T9787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.381916][ T9787] RIP: 0033:0x7f3db3979ef9
[  407.386377][ T9787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.406025][ T9787] RSP: 002b:00007f3db4807038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  407.414570][ T9787] RAX: ffffffffffffffda RBX: 00007f3db3b15f80 RCX: 00007f3db3979ef9
[  407.422756][ T9787] RDX: 0000000000000ffe RSI: 00000000200000c0 RDI: 0000000000000003
[  407.430762][ T9787] RBP: 00007f3db4807090 R08: 0000000000000000 R09: 0000000000000000
[  407.438772][ T9787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.446774][ T9787] R13: 0000000000000000 R14: 00007f3db3b15f80 R15: 00007f3db3c3fa28
[  407.454797][ T9787]  </TASK>
[  407.468181][ T2640] usb 1-1: Product: syz
[  407.472533][ T2640] usb 1-1: Manufacturer: syz
[  407.477161][ T2640] usb 1-1: SerialNumber: syz
[  407.518447][ T2640] usb 1-1: config 0 descriptor??
[  407.745102][ T9783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.789997][ T9783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.828515][ T9783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.907570][ T9783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.918266][ T5284] usb 1-1: USB disconnect, device number 54
[  408.307039][ T9802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1049'.
[  408.707453][   T25] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  408.917287][   T25] usb 4-1: Using ep0 maxpacket: 16
[  409.707116][ T9826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.780948][ T9829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.802758][ T9826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  409.811325][ T9829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  409.870143][ T9829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.943096][ T9826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.957655][ T9829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  410.031532][ T9826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  410.084086][ T9826] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1054'.
[  410.164694][ T9833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  410.222526][ T9833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  411.292915][ T9844] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1059'.
[  411.433792][   T25] usb 4-1: unable to get BOS descriptor or descriptor too short
[  411.486231][   T25] usb 4-1: unable to read config index 0 descriptor/start: -71
[  411.500044][   T25] usb 4-1: can't read configurations, error -71
[  411.631809][ T9848] loop0: detected capacity change from 0 to 7
[  411.646531][ T9848] Dev loop0: unable to read RDB block 7
[  411.677775][ T9848]  loop0: AHDI p1 p2
[  411.681925][ T9848] loop0: partition table partially beyond EOD, truncated
[  411.698892][ T9848] loop0: p1 start 6514546 is beyond EOD, truncated
[  412.042001][ T9858] caif0: entered promiscuous mode
[  412.146750][ T9860] netlink: 'syz.1.1062': attribute type 10 has an invalid length.
[  412.262141][ T9860] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1062'.
[  412.357755][   T25] usb usb4-port1: Cannot enable. Maybe the USB cable is bad?
[  412.398805][   T25] usb usb4-port1: attempt power cycle
[  412.416438][ T9860] bond0: entered promiscuous mode
[  412.475739][ T9860] bond_slave_0: entered promiscuous mode
[  412.513768][ T9860] bond_slave_1: entered promiscuous mode
[  412.592891][ T9860] bridge0: port 3(bond0) entered blocking state
[  412.676511][ T9860] bridge0: port 3(bond0) entered disabled state
[  412.682757][ T9862] x_tables: duplicate underflow at hook 3
[  412.779534][ T9860] bond0: entered allmulticast mode
[  412.814612][ T9860] bond_slave_0: entered allmulticast mode
[  412.821270][   T25] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  412.866806][ T9860] bond_slave_1: entered allmulticast mode
[  412.875914][   T25] usb 4-1: Using ep0 maxpacket: 16
[  413.028043][ T9860] bridge0: port 3(bond0) entered blocking state
[  413.034543][ T9860] bridge0: port 3(bond0) entered forwarding state
[  413.340549][ T9875] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  414.097839][ T2640] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  414.195966][ T9885] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1071'.
[  414.213730][ T9885] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1071'.
[  414.276655][    T9] IPVS: starting estimator thread 0...
[  414.317727][ T5284] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  414.317743][ T2640] usb 2-1: Using ep0 maxpacket: 16
[  414.361539][ T2640] usb 2-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  414.387589][ T9887] IPVS: using max 16 ests per chain, 38400 per kthread
[  414.429018][ T2640] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.474600][ T2640] usb 2-1: Product: syz
[  414.491061][ T2640] usb 2-1: Manufacturer: syz
[  414.550702][ T2640] usb 2-1: SerialNumber: syz
[  414.567492][ T2640] usb 2-1: config 0 descriptor??
[  414.567586][ T5284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  414.575967][ T2640] hub 2-1:0.0: bad descriptor, ignoring hub
[  414.613421][ T2640] hub 2-1:0.0: probe with driver hub failed with error -5
[  414.674823][ T5284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  414.780871][ T5284] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  414.853836][ T5284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.898173][ T2640] usb 2-1: USB disconnect, device number 63
[  414.965749][ T5284] usb 1-1: config 0 descriptor??
[  415.260107][   T25] usb 4-1: unable to get BOS descriptor or descriptor too short
[  415.315958][ T5284] usbhid 1-1:0.0: can't add hid device: -71
[  415.343287][   T25] usb 4-1: unable to read config index 0 descriptor/start: -71
[  415.389390][ T5284] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  415.407352][   T25] usb 4-1: can't read configurations, error -71
[  415.533348][ T5284] usb 1-1: USB disconnect, device number 55
[  415.768546][ T9906] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1076'.
[  416.347316][ T2640] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  416.550066][ T2640] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.573697][ T2640] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  416.645871][ T2640] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  416.667341][ T2640] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  416.705445][ T2640] usb 1-1: SerialNumber: syz
[  416.970316][ T2640] usb 1-1: 0:2 : does not exist
[  417.026943][ T2640] usb 1-1: unit 49 not found!
[  417.140620][ T2640] usb 1-1: USB disconnect, device number 56
[  417.216536][ T9924] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1080'.
[  417.257694][ T5372] udevd[5372]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  417.381337][   T29] audit: type=1326 audit(1724949587.233:4311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9935 comm="syz.1.1084" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb53179ef9 code=0x0
[  417.410505][ T9937] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  417.423953][ T9937] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  417.950882][   T25] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  418.057444][ T2640] usb 1-1: new full-speed USB device number 57 using dummy_hcd
[  418.147310][   T25] usb 4-1: Using ep0 maxpacket: 8
[  418.198375][   T25] usb 4-1: config 1 interface 0 has no altsetting 0
[  418.219620][   T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=0215, bcdDevice= 0.40
[  418.234782][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.250900][   T25] usb 4-1: Product: 꺫怅젱灃⪇漛膐鶔맠呴峊꬧넌虞埰ꏘꉹྦ숾全仳큼资죎ⲑ⎑㒂狝幢顾ꉤ檅犍롙漍叶奅퐭셀噳瓭⡪ᰩギ훬羝话ﯡ紭婬까쁚刯ⴐέ䳚歽䑍ᖃ薋ᖔ㳳砘⡇俞콠즦셯঺笸맵撵藺浧㔚鋳⮺쏼㴡
[  418.299969][   T25] usb 4-1: Manufacturer: Њ
[  418.305891][ T2640] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  418.318956][ T2640] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  418.330584][ T2640] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.341454][   T25] usb 4-1: SerialNumber: 꿼ਇ鎪虉鸵닎籞툵ᬖⳈגּổↇ⸾㑐ꛧˁ扱䚝㉢»䳶⾬모畡顶愝買⬋溲
[  418.393132][ T2640] usb 1-1: config 0 descriptor??
[  418.396932][    T9] usb 5-1: USB disconnect, device number 56
[  418.628828][ T9943] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  418.674439][   T25] usbhid 4-1:1.0: can't add hid device: -71
[  418.722699][   T25] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  418.733384][ T9943] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  418.770424][ T2640] ath6kl: Failed to submit usb control message: -71
[  418.785822][ T1109] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.832001][   T25] usb 4-1: USB disconnect, device number 75
[  418.838311][ T2640] ath6kl: unable to send the bmi data to the device: -71
[  418.845476][ T2640] ath6kl: Unable to send get target info: -71
[  418.904006][ T2640] ath6kl: Failed to init ath6kl core: -71
[  418.946796][ T2640] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -71
[  419.010199][ T2640] usb 1-1: USB disconnect, device number 57
[  419.112876][ T1109] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.336410][ T1109] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.651747][ T9951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1091'.
[  419.760391][ T1109] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.378005][ T1109] bridge_slave_1: left allmulticast mode
[  420.399989][ T1109] bridge_slave_1: left promiscuous mode
[  420.405767][ T1109] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.519083][ T1109] bridge_slave_0: left allmulticast mode
[  420.524829][ T1109] bridge_slave_0: left promiscuous mode
[  420.561797][ T1109] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.576865][   T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  420.645009][   T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  420.666599][   T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  420.712508][   T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  420.727700][   T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  420.736008][   T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  421.428498][ T5281] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  421.615063][ T9986] loop0: detected capacity change from 0 to 7
[  421.675544][ T5281] usb 4-1: New USB device found, idVendor=0830, idProduct=0060, bcdDevice=13.2b
[  421.699195][ T9986] Dev loop0: unable to read RDB block 7
[  421.708816][ T5281] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.732726][ T5281] usb 4-1: Product: syz
[  421.743061][ T9986]  loop0: AHDI p1 p2
[  421.747710][ T5281] usb 4-1: Manufacturer: syz
[  421.769770][ T5281] usb 4-1: SerialNumber: syz
[  421.774644][ T9986] loop0: partition table partially beyond EOD, truncated
[  421.817769][ T9986] loop0: p1 start 6514546 is beyond EOD, truncated
[  422.138840][ T5281] usb 4-1: palm_os_4_probe - error -110 getting connection info
[  422.171343][ T5281] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  422.245050][ T5281] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  422.300400][ T5281] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  422.898142][   T55] Bluetooth: hci3: command tx timeout
[  423.681946][ T1109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  423.736894][ T1109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  423.786982][ T1109] bond0 (unregistering): Released all slaves
[  424.071145][ T5281] usb 4-1: USB disconnect, device number 76
[  424.112253][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1098'.
[  424.122207][ T5281] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  424.172544][ T5281] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  424.229172][ T5281] visor 4-1:1.0: device disconnected
[  424.608456][   T29] audit: type=1400 audit(1724949594.443:4312): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F pid=10007 comm="syz.3.1101"
[  424.980859][   T55] Bluetooth: hci3: command tx timeout
[  425.047476][ T5281] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  425.239976][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11
[  425.296324][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024
[  425.345666][ T5281] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  425.357958][T10021] =======================================================
[  425.357958][T10021] WARNING: The mand mount option has been deprecated and
[  425.357958][T10021]          and is ignored by this kernel. Remove the mand
[  425.357958][T10021]          option from the mount to silence this warning.
[  425.357958][T10021] =======================================================
[  425.394485][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.410194][ T5281] usb 4-1: config 0 descriptor??
[  425.416537][T10011] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  425.435930][ T5281] gspca_main: spca561-2.14.0 probing abcd:cdee
[  425.460495][   T55] Bluetooth: hci0: unexpected event for opcode 0x0c1b
[  425.678193][T10021] netlink: 'syz.1.1105': attribute type 8 has an invalid length.
[  425.709729][T10011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.727897][ T5271] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  425.794515][T10011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.917659][ T5271] usb 1-1: device descriptor read/64, error -71
[  425.934718][ T1109] hsr_slave_0: left promiscuous mode
[  425.970171][ T5281] spca561 4-1:0.0: probe with driver spca561 failed with error -22
[  425.999157][ T1109] hsr_slave_1: left promiscuous mode
[  426.013320][ T5281] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  426.031851][ T5281] usb 4-1: MIDIStreaming interface descriptor not found
[  426.047031][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  426.068502][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  426.089567][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  426.097066][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  426.238138][ T5271] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  426.247660][T10030] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1107'.
[  426.298081][ T1109] veth1_macvtap: left promiscuous mode
[  426.320610][ T1109] veth0_macvtap: left promiscuous mode
[  426.334949][ T1109] veth1_vlan: left promiscuous mode
[  426.342945][ T1109] veth0_vlan: left promiscuous mode
[  426.427807][ T5271] usb 1-1: device descriptor read/64, error -71
[  426.569302][ T5271] usb usb1-port1: attempt power cycle
[  427.017536][ T5271] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  427.058118][   T55] Bluetooth: hci3: command tx timeout
[  427.134696][ T5271] usb 1-1: device descriptor read/8, error -71
[  427.482638][ T5271] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  427.549546][ T5271] usb 1-1: device descriptor read/8, error -71
[  427.707729][ T5271] usb usb1-port1: unable to enumerate USB device
[  428.570134][ T1109] team0 (unregistering): Port device team_slave_1 removed
[  428.779384][ T1109] team0 (unregistering): Port device team_slave_0 removed
[  429.139344][   T55] Bluetooth: hci3: command tx timeout
[  429.408379][ T5284] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  429.709007][ T5284] usb 1-1: New USB device found, idVendor=0830, idProduct=0060, bcdDevice=13.2b
[  429.738828][ T5284] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.757343][ T5284] usb 1-1: Product: syz
[  429.761586][ T5284] usb 1-1: Manufacturer: syz
[  429.777451][ T5284] usb 1-1: SerialNumber: syz
[  430.150446][ T5284] usb 1-1: palm_os_4_probe - error -110 getting connection info
[  430.187347][ T5284] visor 1-1:1.0: Handspring Visor / Palm OS converter detected
[  430.229484][ T5284] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  430.267682][ T5284] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  431.245314][ T9977] chnl_net:caif_netlink_parms(): no params data found
[  431.251332][ T5277] usb 4-1: USB disconnect, device number 77
[  432.033356][T10064] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1113'.
[  432.172653][ T5284] usb 1-1: USB disconnect, device number 62
[  432.234181][ T5284] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  432.314232][ T5284] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  432.335484][ T9977] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.354662][ T9977] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.372960][ T5284] visor 1-1:1.0: device disconnected
[  432.412099][ T9977] bridge_slave_0: entered allmulticast mode
[  432.440352][ T9977] bridge_slave_0: entered promiscuous mode
[  432.498522][ T9977] bridge0: port 2(bridge_slave_1) entered blocking state
[  432.505727][ T9977] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.539129][ T9977] bridge_slave_1: entered allmulticast mode
[  432.595703][ T9977] bridge_slave_1: entered promiscuous mode
[  432.915363][ T1109] IPVS: stop unused estimator thread 0...
[  432.925547][ T9977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  433.006665][ T9977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  433.091546][T10086] fuse: Bad value for 'fd'
[  433.112245][T10082] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1115'.
[  433.214922][T10082] netlink: zone id is out of range
[  433.220469][T10082] netlink: zone id is out of range
[  433.225980][T10082] netlink: zone id is out of range
[  433.232947][T10082] netlink: zone id is out of range
[  433.239724][T10082] netlink: zone id is out of range
[  433.246442][T10082] netlink: zone id is out of range
[  433.252151][T10082] netlink: zone id is out of range
[  433.261181][T10082] netlink: zone id is out of range
[  433.278620][T10082] netlink: zone id is out of range
[  433.287695][T10082] netlink: zone id is out of range
[  433.335698][ T9977] team0: Port device team_slave_0 added
[  433.385562][ T9977] team0: Port device team_slave_1 added
[  433.544086][ T9977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  433.567836][ T9977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.677789][ T9977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.780467][ T9977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.861649][ T9977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.964326][ T9977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  434.452838][ T9977] hsr_slave_0: entered promiscuous mode
[  434.501027][ T9977] hsr_slave_1: entered promiscuous mode
[  434.526129][ T9977] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  434.537676][T10103] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1120'.
[  434.562752][ T9977] Cannot create hsr debugfs directory
[  434.714833][T10109] fuse: Bad value for 'fd'
[  434.726942][T10109] fuse: Bad value for 'fd'
[  434.745474][T10109] input: syz1 as /devices/virtual/input/input39
[  434.806150][T10103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.863586][T10103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  435.597487][ T5281] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  435.807414][ T5281] usb 1-1: Using ep0 maxpacket: 8
[  435.831916][ T5281] usb 1-1: unable to get BOS descriptor or descriptor too short
[  435.882158][ T5281] usb 1-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 127, changing to 10
[  435.928551][ T5281] usb 1-1: config 1 interface 0 has no altsetting 0
[  435.985440][ T5281] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice= 0.40
[  436.007471][ T5281] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.043760][ T5281] usb 1-1: Product: ๏訕吩쬋퇸뀢୏뺁衼劊땄⒲濮웇筀吔욯릙줈豥箭䗥렞躦ൢ켄滻蜢쯦昇ṡᷗ勰᠃㢱鏻ﻜ梣婄庄鱥ࠡ鼅鉭Ꮙ䊛ᰪ᝾諞刕뀹⸬뮲㣆氝꡻ኮⷧ酐༂됑衕ꛡ㹲횐獟ﮯꂑⱮ웦ل躿鑷쾵붌蕸놞㲼븛ꄨ⢝럾꽥魶䝊㪡ꀜ눤䎑椤ꏯ
[  436.155433][ T5281] usb 1-1: Manufacturer: ࡠ
[  436.173400][ T5281] usb 1-1: SerialNumber: ఄ
[  436.364717][T10128] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1125'.
[  436.462203][ T5281] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input40
[  436.522313][ T4665] bcm5974 1-1:1.0: could not read from device
[  436.538231][T10128] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  436.545253][T10128] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  436.572841][ T4665] bcm5974 1-1:1.0: could not read from device
[  436.597399][T10128] vhci_hcd vhci_hcd.0: Device attached
[  436.637739][ T5281] usb 1-1: USB disconnect, device number 63
[  436.858255][ T2640] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[  437.016660][T10137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1126'.
[  437.112054][T10132] vhci_hcd: connection reset by peer
[  437.183867][   T62] vhci_hcd: stop threads
[  437.197071][   T62] vhci_hcd: release socket
[  437.243622][   T62] vhci_hcd: disconnect device
[  437.423408][ T5233] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  437.439179][ T5233] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  437.456584][ T5233] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  437.467840][ T5233] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  437.476211][ T5233] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  437.483924][ T5233] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  437.543691][T10143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1127'.
[  437.767702][ T1075] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.022752][ T1075] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.137510][ T5281] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  438.231126][ T1075] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.320584][ T5281] usb 4-1: Using ep0 maxpacket: 8
[  438.337871][ T5281] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  438.361898][ T5281] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  438.397240][ T5281] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  438.415971][ T5281] usb 4-1: config 250 has no interface number 0
[  438.449464][ T5281] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  438.481577][ T5281] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  438.507384][ T5281] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  438.510161][ T1075] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.546093][ T5281] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  438.558292][ T5281] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  438.566404][ T9977] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  438.585646][ T5281] usb 4-1: config 250 interface 228 has no altsetting 0
[  438.606929][ T5281] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  438.616864][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  438.631321][ T5281] usb 4-1: Product: syz
[  438.635563][ T5281] usb 4-1: SerialNumber: syz
[  438.637964][ T9977] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  438.669883][ T5281] hub 4-1:250.228: bad descriptor, ignoring hub
[  438.683115][ T5281] hub 4-1:250.228: probe with driver hub failed with error -5
[  438.710294][ T9977] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  438.783809][ T9977] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  438.871575][T10149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.885518][ T5281] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 78 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  438.918382][T10149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.102305][T10158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  439.116365][T10158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.537730][   T55] Bluetooth: hci0: command tx timeout
[  439.671242][T10160] net_ratelimit: 45 callbacks suppressed
[  439.671266][T10160] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  439.729079][ T1075] bond0: left allmulticast mode
[  439.741076][ T1075] bond_slave_0: left allmulticast mode
[  439.762467][ T1075] bond_slave_1: left allmulticast mode
[  439.777815][ T1075] bridge0: port 3(bond0) entered disabled state
[  439.811306][ T1075] bridge_slave_1: left allmulticast mode
[  439.827477][ T1075] bridge_slave_1: left promiscuous mode
[  439.837777][ T1075] bridge0: port 2(bridge_slave_1) entered disabled state
[  439.861335][ T1075] bridge_slave_0: left allmulticast mode
[  439.872860][ T1075] bridge_slave_0: left promiscuous mode
[  439.887231][ T1075] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.298364][T10166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.338945][   T30] INFO: task syz.2.538:7593 blocked for more than 143 seconds.
[  440.344777][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[  440.346536][   T30]       Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  440.346571][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  440.346584][   T30] task:syz.2.538       state:D
[  440.354299][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  440.408303][   T30]  stack:24496 pid:7593  tgid:7588  ppid:7303   flags:0x00024004
[  440.416526][   T30] Call Trace:
[  440.420852][   T30]  <TASK>
[  440.424398][   T30]  __schedule+0x1800/0x4a60
[  440.429404][   T30]  ? __pfx___schedule+0x10/0x10
[  440.435825][   T30]  ? __pfx_lock_release+0x10/0x10
[  440.441972][   T30]  ? schedule+0x90/0x320
[  440.446464][   T30]  schedule+0x14b/0x320
[  440.451157][   T30]  schedule_timeout+0xb0/0x310
[  440.459480][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  440.465241][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  440.471828][   T30]  ? wait_for_completion+0x2fe/0x620
[  440.477629][   T30]  ? wait_for_completion+0x2fe/0x620
[  440.483239][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  440.489686][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  440.495234][   T30]  ? wait_for_completion+0x2fe/0x620
[  440.510737][   T30]  wait_for_completion+0x355/0x620
[  440.538596][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  440.590865][   T30]  ? io_wq_worker_wake+0x90/0xc0
[  440.613007][   T30]  ? io_wq_put_and_exit+0x190/0x720
[  440.637527][   T30]  io_wq_put_and_exit+0x344/0x720
[  440.674193][   T30]  ? io_wq_put_and_exit+0x1b1/0x720
[  440.708442][   T30]  ? __pfx_xa_find_after+0x10/0x10
[  440.720921][   T30]  ? __pfx_io_wq_put_and_exit+0x10/0x10
[  440.737841][   T30]  ? kfree+0x149/0x360
[  440.764174][   T30]  io_uring_clean_tctx+0x168/0x1e0
[  440.770177][   T30]  ? __pfx_io_uring_clean_tctx+0x10/0x10
[  440.777570][   T30]  ? percpu_counter_add_batch+0x1a2/0x1f0
[  440.783336][   T30]  io_uring_cancel_generic+0x76a/0x820
[  440.797869][   T30]  ? __pfx_io_uring_cancel_generic+0x10/0x10
[  440.803910][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  440.818460][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  440.824598][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  440.830246][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  440.835580][   T30]  do_exit+0x6a8/0x27f0
[  440.847328][   T30]  ? __pfx_do_exit+0x10/0x10
[  440.852037][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  440.858298][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  440.867602][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  440.873998][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  440.879797][   T30]  do_group_exit+0x207/0x2c0
[  440.884420][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  440.921840][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  440.927106][   T30]  get_signal+0x16a1/0x1740
[  440.943745][   T30]  ? __pfx_get_signal+0x10/0x10
[  440.949801][   T30]  arch_do_signal_or_restart+0x96/0x860
[  440.955386][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  440.987930][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  440.997914][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  441.003716][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  441.009657][   T30]  do_syscall_64+0x100/0x230
[  441.014439][   T30]  ? clear_bhb_loop+0x35/0x90
[  441.027322][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.037222][   T30] RIP: 0033:0x7fe76f779ef9
[  441.041695][   T30] RSP: 002b:00007fe7704fe0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  441.105405][   T30] RAX: fffffffffffffe00 RBX: 00007fe76f916060 RCX: 00007fe76f779ef9
[  441.113662][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe76f916060
[  441.127384][   T30] RBP: 00007fe76f916058 R08: 0000000000000000 R09: 0000000000000000
[  441.157335][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe76f916064
[  441.167455][   T30] R13: 0000000000000000 R14: 00007fe76fa3f940 R15: 00007fe76fa3fa28
[  441.177402][   T30]  </TASK>
[  441.180592][   T30] 
[  441.180592][   T30] Showing all locks held in the system:
[  441.188711][   T30] 1 lock held by khungtaskd/30:
[  441.193611][   T30]  #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  441.205094][   T30] 3 locks held by kworker/u8:5/79:
[  441.217413][   T30]  #0: ffff888015889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  441.237586][   T30]  #1: ffffc9000211fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  441.248966][   T30]  #2: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  441.259626][   T30] 5 locks held by kworker/u8:6/1075:
[  441.273639][   T30]  #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  441.299422][   T30]  #1: ffffc900042c7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  441.317281][   T30]  #2: ffffffff8fc77f90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  441.326753][   T30]  #3: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0
[  441.344219][   T30]  #4: ffffffff8e93d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  441.367569][   T30] 3 locks held by kworker/u8:7/1109:
[  441.372908][   T30]  #0: ffff88802afdb948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  441.386177][   T30]  #1: ffffc900043d7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  441.399503][   T30]  #2: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  441.409376][   T30] 5 locks held by kworker/1:2/2640:
[  441.414677][   T30]  #0: ffff88801d2b6148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  441.426600][   T30]  #1: ffffc900099b7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  441.440264][   T30]  #2: ffff888024741190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  441.465540][   T30]  #3: ffff888024744518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150
[  441.487299][   T30]  #4: ffff8880244dad68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150
[  441.513425][   T30] 2 locks held by dhcpcd/4894:
[  441.537347][   T30]  #0: ffff888022c34678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcb/0xd80
[  441.548919][   T30]  #1: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x99/0x200
[  441.559806][   T30] 2 locks held by getty/4987:
[  441.567958][   T30]  #0: ffff88802ba830a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  441.578197][   T30]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  441.597331][   T30] 3 locks held by kworker/1:5/5281:
[  441.602669][   T30]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  441.614152][   T30]  #1: ffffc90003fd7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  441.617428][   T55] Bluetooth: hci0: command tx timeout
[  441.630241][   T30]  #2: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  441.641505][   T30] 1 lock held by iou-wrk-7593/7594:
[  441.646743][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.665586][   T30] 1 lock held by iou-wrk-7593/7597:
[  441.677110][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.694552][   T30] 1 lock held by iou-wrk-7593/7598:
[  441.713030][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.737280][   T30] 1 lock held by iou-wrk-7593/7600:
[  441.742496][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.757655][   T30] 1 lock held by iou-wrk-7593/7601:
[  441.762877][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.813968][   T30] 1 lock held by iou-wrk-7593/7602:
[  441.819604][   T30] 1 lock held by iou-wrk-7593/7603:
[  441.824821][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.857876][   T30] 1 lock held by iou-wrk-7593/7604:
[  441.877236][   T30]  #0: ffff88807929a0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_provide_buffers+0xd06/0x1010
[  441.907494][   T30] 1 lock held by syz-executor/9977:
[  441.912765][   T30]  #0: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  441.957406][   T30] 1 lock held by syz-executor/10147:
[  441.962820][   T30]  #0: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_newlink+0xab7/0x20a0
[  441.993269][   T30] 1 lock held by syz.2.1132/10166:
[  442.017535][ T2640] vhci_hcd: vhci_device speed not set
[  442.017720][   T30]  #0: ffffffff8e93d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  442.057317][   T30] 1 lock held by syz.0.1133/10169:
[  442.062466][   T30]  #0: ffffffff8fc84b48 (rtnl_mutex){+.+.}-{3:3}, at: ip6_mroute_setsockopt+0xe34/0x1340
[  442.087675][T10166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.112331][   T30] 
[  442.114687][   T30] =============================================
[  442.114687][   T30] 
[  442.207843][   T30] NMI backtrace for cpu 0
[  442.212240][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  442.222782][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  442.232874][   T30] Call Trace:
[  442.236159][   T30]  <TASK>
[  442.239097][   T30]  dump_stack_lvl+0x241/0x360
[  442.243799][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.249021][   T30]  ? __pfx__printk+0x10/0x10
[  442.253655][   T30]  ? vprintk_emit+0x667/0x7c0
[  442.258371][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  442.263440][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  442.268420][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  442.273921][   T30]  ? _printk+0xd5/0x120
[  442.278125][   T30]  ? __pfx__printk+0x10/0x10
[  442.282765][   T30]  ? __wake_up_klogd+0xcc/0x110
[  442.287656][   T30]  ? __pfx__printk+0x10/0x10
[  442.292384][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  442.297441][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  442.303438][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  442.309454][   T30]  watchdog+0xff4/0x1040
[  442.313742][   T30]  ? watchdog+0x1ea/0x1040
[  442.318217][   T30]  ? __pfx_watchdog+0x10/0x10
[  442.322938][   T30]  kthread+0x2f0/0x390
[  442.327020][   T30]  ? __pfx_watchdog+0x10/0x10
[  442.331728][   T30]  ? __pfx_kthread+0x10/0x10
[  442.336373][   T30]  ret_from_fork+0x4b/0x80
[  442.340835][   T30]  ? __pfx_kthread+0x10/0x10
[  442.345503][   T30]  ret_from_fork_asm+0x1a/0x30
[  442.350317][   T30]  </TASK>
[  442.354443][   T30] Sending NMI from CPU 0 to CPUs 1:
[  442.360498][    C1] NMI backtrace for cpu 1
[  442.360513][    C1] CPU: 1 UID: 0 PID: 10158 Comm: syz.3.1128 Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  442.360534][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  442.360546][    C1] RIP: 0010:__lock_acquire+0x1264/0x2040
[  442.360578][    C1] Code: 40 48 89 d8 48 c1 e8 03 80 3c 38 00 74 12 48 89 df e8 50 ea 8a 00 48 bf 00 00 00 00 00 fc ff df 48 83 3b 00 0f 84 64 04 00 00 <41> 0f b6 04 3e 84 c0 0f 85 0b 0a 00 00 48 8b 44 24 10 8b 18 81 e3
[  442.360593][    C1] RSP: 0018:ffffc9000e15f450 EFLAGS: 00000046
[  442.360610][    C1] RAX: 0000000000000000 RBX: 00000000ec10647d RCX: 000000000000827d
[  442.360623][    C1] RDX: 00000000828181f6 RSI: 00000000916d12f1 RDI: dffffc0000000000
[  442.360635][    C1] RBP: 784bb2a7ec10647d R08: ffffffff93734847 R09: 1ffffffff26e6908
[  442.360648][    C1] R10: dffffc0000000000 R11: fffffbfff26e6909 R12: 0000000000000001
[  442.360662][    C1] R13: ffff88802797e4d8 R14: 1ffff11004f2fca0 R15: ffff88802797e500
[  442.360676][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  442.360691][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  442.360703][    C1] CR2: 0000000000000008 CR3: 00000000625ba000 CR4: 00000000003506f0
[  442.360719][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  442.360730][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  442.360741][    C1] Call Trace:
[  442.360748][    C1]  <NMI>
[  442.360755][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  442.360778][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  442.360804][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  442.360834][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  442.360856][    C1]  ? nmi_handle+0x14f/0x5a0
[  442.360873][    C1]  ? nmi_handle+0x2a/0x5a0
[  442.360891][    C1]  ? __lock_acquire+0x1264/0x2040
[  442.360915][    C1]  ? default_do_nmi+0x63/0x160
[  442.360937][    C1]  ? exc_nmi+0x123/0x1f0
[  442.360958][    C1]  ? end_repeat_nmi+0xf/0x53
[  442.360985][    C1]  ? __lock_acquire+0x1264/0x2040
[  442.361010][    C1]  ? __lock_acquire+0x1264/0x2040
[  442.361035][    C1]  ? __lock_acquire+0x1264/0x2040
[  442.361060][    C1]  </NMI>
[  442.361065][    C1]  <TASK>
[  442.361077][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  442.361103][    C1]  lock_acquire+0x1ed/0x550
[  442.361126][    C1]  ? debug_check_no_obj_freed+0x234/0x580
[  442.361152][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  442.361178][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  442.361204][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  442.361233][    C1]  _raw_spin_lock_irqsave+0xd5/0x120
[  442.361259][    C1]  ? debug_check_no_obj_freed+0x234/0x580
[  442.361279][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  442.361315][    C1]  debug_check_no_obj_freed+0x234/0x580
[  442.361338][    C1]  ? __pfx_lock_release+0x10/0x10
[  442.361364][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  442.361389][    C1]  ? _raw_spin_unlock+0x28/0x50
[  442.361412][    C1]  ? find_unlink_vmap_area+0x2b6/0x2d0
[  442.361443][    C1]  remove_vm_area+0x1d3/0x300
[  442.361473][    C1]  vfree+0x7c/0x2e0
[  442.361500][    C1]  kcov_close+0x2b/0x50
[  442.361524][    C1]  ? __pfx_kcov_close+0x10/0x10
[  442.361547][    C1]  __fput+0x24a/0x8a0
[  442.361572][    C1]  task_work_run+0x24f/0x310
[  442.361594][    C1]  ? __pfx_task_work_run+0x10/0x10
[  442.361613][    C1]  ? do_exit+0xa2a/0x27f0
[  442.361628][    C1]  ? kmem_cache_free+0x145/0x350
[  442.361649][    C1]  do_exit+0xa2f/0x27f0
[  442.361669][    C1]  ? __pfx_do_exit+0x10/0x10
[  442.361685][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  442.361709][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  442.361734][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  442.361758][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  442.361784][    C1]  do_group_exit+0x207/0x2c0
[  442.361800][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.361824][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  442.361852][    C1]  get_signal+0x16a1/0x1740
[  442.361880][    C1]  ? __pfx_get_signal+0x10/0x10
[  442.361905][    C1]  arch_do_signal_or_restart+0x96/0x860
[  442.361930][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  442.361952][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  442.361983][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  442.362012][    C1]  syscall_exit_to_user_mode+0xc9/0x370
[  442.362042][    C1]  do_syscall_64+0x100/0x230
[  442.362059][    C1]  ? clear_bhb_loop+0x35/0x90
[  442.362083][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.362104][    C1] RIP: 0033:0x7f6005d79ef9
[  442.362119][    C1] Code: Unable to access opcode bytes at 0x7f6005d79ecf.
[  442.362129][    C1] RSP: 002b:00007f6006a810e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  442.362147][    C1] RAX: fffffffffffffe00 RBX: 00007f6005f16060 RCX: 00007f6005d79ef9
[  442.362162][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6005f16060
[  442.362174][    C1] RBP: 00007f6005f16058 R08: 0000000000000000 R09: 0000000000000000
[  442.362186][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6005f16064
[  442.362198][    C1] R13: 0000000000000000 R14: 00007f600603f940 R15: 00007f600603fa28
[  442.362219][    C1]  </TASK>
[  442.887339][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  442.894258][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00079-g928f79a188aa #0
[  442.904805][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  442.914898][   T30] Call Trace:
[  442.918185][   T30]  <TASK>
[  442.921165][   T30]  dump_stack_lvl+0x241/0x360
[  442.925884][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.931105][   T30]  ? __pfx__printk+0x10/0x10
[  442.935714][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  442.941733][   T30]  ? vscnprintf+0x5d/0x90
[  442.946275][   T30]  panic+0x349/0x860
[  442.951099][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  442.957275][   T30]  ? __pfx_panic+0x10/0x10
[  442.961727][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  442.967296][   T30]  ? __irq_work_queue_local+0x137/0x410
[  442.972993][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  442.978380][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  442.984560][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  442.990732][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  442.997076][   T30]  watchdog+0x1033/0x1040
[  443.001435][   T30]  ? watchdog+0x1ea/0x1040
[  443.005900][   T30]  ? __pfx_watchdog+0x10/0x10
[  443.010593][   T30]  kthread+0x2f0/0x390
[  443.014675][   T30]  ? __pfx_watchdog+0x10/0x10
[  443.019464][   T30]  ? __pfx_kthread+0x10/0x10
[  443.024096][   T30]  ret_from_fork+0x4b/0x80
[  443.028575][   T30]  ? __pfx_kthread+0x10/0x10
[  443.033197][   T30]  ret_from_fork_asm+0x1a/0x30
[  443.037990][   T30]  </TASK>
[  443.041388][   T30] Kernel Offset: disabled
[  443.045727][   T30] Rebooting in 86400 seconds..