last executing test programs:

1m28.497496274s ago: executing program 4 (id=1289):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x301)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
creat(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001100)=ANY=[@ANYBLOB="180100001300010026bd7000fcdbdf25737464726e67000000000000000000000000000000000000000000000000000000000000000000000000000000000000004100000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002400000020"], 0x118}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

1m27.528075555s ago: executing program 4 (id=1294):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[], 0x254}}, 0x40808)
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
r1 = fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x218, 0x0, 0x8, 0xfa04, 0x0, 0x6c02, 0x180, 0x194, 0x194, 0x180, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0xa0, 0xc8, 0x0, {0x0, 0x74020000}, [@common=@inet=@tcp={{0x30}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@multicast2, @dev, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x278)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000001a00), 0x2, 0x0)
writev(r5, &(0x7f0000004900), 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/protocols\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'geneve0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0500000001000000400000004000000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000005fbc3f1b5fca9b5ccd9c5e93e6fa7422e200be0929190dccdb1e98488a6ca7f804038df280e15fc6685645c3bac68751afddebb4995d1715a916ca42ea5dcda24363c49cc0308bf390f8ab57a5f73cc332b384f1cfab67373a79c892af583ca0b4acbb7d42eb3a639a7f7ec086e1fe46e83f02819419dd4891f8821679e211852e0d7f450789108504eb73bcc1399942b39c4fc8d93a997bbdea9f32da3d", @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB='\x00'/28], 0x50)
r7 = socket$alg(0x26, 0x5, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x70bd2c, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x401, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002", 0x17}], 0x1}, 0x0)
bind$alg(r7, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000000), 0x0)

1m24.364848775s ago: executing program 4 (id=1300):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$packet(0x11, 0xfffffffffffffffc, 0x300)
r0 = userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x0, 0x4005840)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x361082, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000f, 0x810, r0, 0x57c68000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
ftruncate(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e20, @empty}, 0x10)
writev(r3, &(0x7f0000000200)=[{&(0x7f0000000400)="0bb1ed7d63b7bf2ce00803a4a2341b4ccf50ab3f68857f5cc70d03cbc0a57e82227542ed941bc9a4db3b281b9ed210e2c4469faaf414f9ff3e1481bbdd7e51c05b4d68e01fe6ef219b3487b6a2b181fce9784feffd46f770a375f9c78fabcffda40d9bc7858a0b1994a1479c2d0a6b165c8cbd5e871f6a8de205f4a0a428ca609ef0aca8764d8f4aca9226074a5a5aa80b037e359ec475a237a13ec997310524663bcdb5a6e5f1e161015beb199255213943b97d3ac07c24ac", 0xb9}, {&(0x7f00000001c0)}], 0x2)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="15000000080000000800"/20, @ANYRES32, @ANYBLOB="0000000000000400"/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000006000000000000000200000018110000", @ANYRES32=r6, @ANYBLOB="231b000000000000b702000000000000897c74213d2d0c6aa8b40e0000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, 0x0)
shutdown(r4, 0x1)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000005)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
r7 = fsopen(&(0x7f0000000180)='nfsd\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)

1m21.300792416s ago: executing program 4 (id=1309):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x81)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x226)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10)

1m21.208491695s ago: executing program 4 (id=1310):
r0 = semget$private(0x0, 0x3, 0x440)
semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{}, {}], 0x2)
semop(r0, &(0x7f0000000140)=[{0x2}, {0x1, 0xa, 0x1000}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000180)=[0x4])
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
r2 = syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r2, 0x0, 0x40000000, &(0x7f0000000080))
capset(&(0x7f00000001c0)={0x20071026, r2}, &(0x7f0000000200)={0xfffffffa, 0x7fff, 0x2, 0x1, 0x4, 0x1})
writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee0000000000000000020000", 0x56}, {&(0x7f0000000000)="abd9", 0x2}], 0x2)

1m20.764311948s ago: executing program 4 (id=1313):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
connect$l2tp(r0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x708, 0x41e3, 0x0, 0x0, 0x0)
unshare(0x62040200)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x402, 0x0, 0x0, {0x0, 0x0, 0x9}}, @NFT_MSG_DELFLOWTABLE={0x40, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000890}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587", @ANYRES16], 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, &(0x7f0000000040)=""/4092, 0xffc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_usb_connect(0x2, 0x3f, 0x0, 0x0)

1m20.430804825s ago: executing program 32 (id=1313):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
connect$l2tp(r0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x708, 0x41e3, 0x0, 0x0, 0x0)
unshare(0x62040200)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x402, 0x0, 0x0, {0x0, 0x0, 0x9}}, @NFT_MSG_DELFLOWTABLE={0x40, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000890}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587", @ANYRES16], 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, &(0x7f0000000040)=""/4092, 0xffc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_usb_connect(0x2, 0x3f, 0x0, 0x0)

12.985466283s ago: executing program 5 (id=1530):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @p_u8=&(0x7f0000000280)}})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={<r5=>0x0, @in6={{0xa, 0x4e22, 0x5, @empty, 0xf}}, 0xfffffff7, 0x200, 0x0, 0x126, 0xbc0}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000004c0)={<r6=>r5, 0x2, 0x2, 0x40, 0x4, 0x4}, &(0x7f0000000500)=0x14)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000440)={r6, 0x9}, 0x8)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x60c580)
r7 = socket(0x10, 0x80000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x4470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r9, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x44080)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000540)={<r10=>r5, 0xc1e}, &(0x7f00000005c0)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000600)={r10, 0x9, 0xfffb, 0x7, 0x0, 0xfff}, &(0x7f0000000640)=0x14)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x79, &(0x7f0000000680)=ANY=[@ANYBLOB="8c529f6f2e7bd4456f0780e0c491556892a270fee84e9ab6186532617749e9c1d7aa949289c666da5833d4c0331862336dac112f01d5491c53db7007938f5b93c68cee5fe53127e4639db517004de7a6", @ANYRESHEX=r0], 0x8)

11.733412432s ago: executing program 0 (id=1531):
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
timer_create(0x3, 0x0, &(0x7f0000000300)=<r0=>0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000400)={0x44, &(0x7f00000001c0)=ANY=[@ANYRES32=r1, @ANYRESHEX=r1, @ANYBLOB='r', @ANYRES64=r1, @ANYRES32=r0, @ANYBLOB="afc01278ef558985f6c7713d17"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0xc2a01)
r3 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x5ca042)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x802, 0x0)
r7 = dup3(r2, r6, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x200)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000100)={0x9, 0x401000}, &(0x7f0000000240))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000780)={0x60, 0x0, &(0x7f0000000480)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @increfs_done={0x40106308, 0x2}, @increfs], 0x1, 0x0, &(0x7f0000000a40)="82"})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00')
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
ioctl$HIDIOCGRDESC(r3, 0x40305829, &(0x7f0000000000)={0xc, "7154bbc8aae250bd23544617"})
unshare(0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r12, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r12, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="380000001a000100000000000000000080000000", @ANYRES64], 0x38}}, 0x4840)

10.732797726s ago: executing program 2 (id=1532):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000000004002, 0x0)
dup(r0) (async)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
write$tun(r1, &(0x7f0000000000)=ANY=[], 0x1c) (async)
write$tun(r1, &(0x7f0000000000)=ANY=[], 0x1c)
ioprio_set$uid(0x3, 0x0, 0x0)
r2 = shmat(0x0, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
shmdt(r2)
shmdt(r2) (async)
shmdt(r2)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0)
fchdir(0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x200008c0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000cc0)={{0x14}, [@NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0xc8a876c2ee451055, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x58}, 0x1, 0x0, 0x0, 0x810}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)

10.596828079s ago: executing program 5 (id=1533):
syz_emit_ethernet(0x52, &(0x7f0000001900)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac141400", @ANYRES32=0x41424344, @ANYBLOB="2923074040e2a74705893cd342c8c2a7975d7917ceb0a8b3922d8fac3750e012a797d87dd2ab57e0e2085091a0c8bbc27df9aed9442f23da9498b5a49980f97771c80de90b8c7aa5a32c52734206e94a0437aa458edc52eaac0bfe060b7b09d91eda54462b759050340903ff5bd3477bb52fda126ca32e7307095c7734ef6eca94a3c98eeebcfd6828358d4ca1de06a5dfea6a64d9d7c1b2951b4f263dc8f8d4b4f627f7cf0ab43e8de64c3a54014a2f2ba1dbaedc87608c7d3aad59938b1ae0ac7b499d9562cd2baa739754c28784de00687ed82ab70ad2cb5a71f7ab7b12d43cffb6913f693bd442240e2d048b90edde7277ceae328aad1b033c8b2d09a79e95fbf9f3ffd1af0e338def8104a09ebcdcf64f72ee5cc6064e87fbd7348ab02cddd8d107c971a8a13b28609525d8925d5bb124433efda068b6352a5ec029b8bc33f478d9c9745cd2a33bc086fbd5679e1344531839c9992c112e164505b14e6ea1871f5c96e942a2c3093cc156e594922cc73c383aa1e0bd3dc0c3f33e3c26556166d5145f3a877d50435c3993c093ab6e29360c8b91ef38657fbb2b6cead438fd779c356f384493321c3585839716dd431ee56dcc1bd7abcf63948b01141997dd15c5186c3ba961952e319805c35e8ad74e3e69e1fa35278604747734be1045138e1f7fa5c583f57208a9c80e93226d9ef19eb72b54c587c5441ada97c0336b9483ac2203feb1e2f6bfc5eed465f8734ab3128ed1f979266b5d9e3257077f8c8d32601b00f5b9ada2dcde0e54c5f67a00a7659a325b74080cee00824efd03987601d3d46f1a5b8e5f41d04f9831fd59d7301cc52a3498b23babf0a0541d8f90c11a8593fae1119fb54e01580ec758e6cb1a9eee0d3e9cd5d052b6741236f83c2a05440fe39182c2c68e5164bcf9ffa44e0f3f194383141c1606e8f5ba8c3805737c12419806379265b7f2fd315635d870a8bc2b11c123f19e312240008d7035b8976510e35c6c0cb5d262f05e4890cfc7b82832bb9bafb16af2a66588748df32da1dc2c25de635d5d145016563a64ef2f7df3f95767781811c12fe7900667d763c6e86ec1e092526e127f6fdce1ef5f0c6f3189aa638b2f1da418597aef46a5ef9451a7f19e24239903b161b9dce67ff40b0b8ad30ac7850714d38a8a669a337ab739a5036d2fb72d1b1b050edeeae10beecf8106f9c877919bccfd5840d09355d1241b97da43cb3f2b2cf441f3da6b87118c73f0c1e75f26b12535e2bef335be9d216860b5e0d8fd31e8db4da59354ed4f48830c84f938f7f1ed118d75b63298c7e8098ea055b858d68de3cb212a4b49c7944c0b323248c17bfdf7ae80c4d6608f0553145464e6fadbf2782694209dfdf4d09fb2c31aaacc79c6a12c849ef1359ccd886c431800f4c62c3a261c1ffc1c63ad68be1517c8dd183fbd002a736266ccb363319cfaaa354747b37ea7e4abf54933b58a998b62b5039d8083f579cd75d2879dc453c5215e4e3d1e1cd8791ef42efd32a227c6ab270e7ae61fca22fa0e138bb05057ff398eb0dce11dadd43924186e64f9c8f5f5fb47f5b2c5424a7e65b711d380b7dcbe36578aa16351b31b47675ff5151000ae29de5e84fcc17f679ee72d8c69a96e8a3c04c07afbd938f4dd243854c3d4beedc6feb336d9513e0a55c023b89d67125879c74085438bce8d63b58c133e265291634877e1015bb2ec65cf5b8e2d1dd1e896c2d30bbf076690f0fe7e1291b1293539b14f04af1fd04ba24104b3303485e1381ede839b2b28ec0074b5100b815f2f06dcbce6c65e2192782fa5466ff5a77c80d01571133503e30a23f7c524548d98dc58874741efdd9c435a591712f6a5413518f3fbc913c440859d0443397404301305b4c592aacba6bfd05b2311058524bf7824d02083b95177010ce317c86f10fbbe986ce8858438ff0d8630448c1b64087ab7d194b5a156ed9641bb370be7f9634fb00491a9f7a3af980f50943a3499b1db3f1861e2407373a9720096312f769e0f8f4ae0960cb2ac16ca3cc1f38ceb08e103c215c33349f825422ab165dea3f446c598c5131f235f87d023ed81f292bc903db8d5dbc739fef1424b50157df79abbf8b6c9b33c252e1267dec871892766228d9daa4273be9aebc510372a6c7dd225306bf8515ec1b4e97e44b16139b80593c08807f1aa6b5a0c7cb178a23d69f77dc8c4f2d80b637310760b1a893b8874cfd0aedc618cda9113fa0cda2da072bafcba20806704fadc522571865274f9f7403fdae2b1a6e80a6d39193829ce623cff3624fb94e6201d2b643e7f1273a55742711614cc307a8133c210cad0efd067a5fb3ac70d8216297534050ffc2c4548a06dcddd0bc8ebd2accbb2775be55ca72bc15fe283dc4f87ff5ac257966bbe277af0acf7b5cf31cb1b7bc304b7e98733fd94c804604298000af8c2e28d2415fa7fe828ea792e668abe7ce634ee2f1b701b143979544365212b7eacf5bf9fb9fc5a35f39002a81a4a66662ab3865e4f251a5966eee84cc97ebea362784a83e54412ab73f7c6dfc17740fcbc6a03f29d007c75c1e3b9dd103ab59ba9cf4a8bd42bcb8887cb5869fc62f12208bc43be7539c4d47fcdadac2f1c95c72b40600ed990987f554ca954056f926330f2e6817bd5b426053903431e17b0b4a90fe0a54e3252714959fe78f14414f189930cab4ffddf8ab205f26874d5db4ad5076f1224e95ba1c44e8c4d08b32db96d7a132c404afc66ff77a9b287bc2dd0ddb7fc7fa5d5ccfce2e39bd5545194e2728ac7a6667cbfe7d9327cedce3e524bc050201bf102eacf287ea5b7302e41c52fcec9878764ab8479d1e21dddfe9a0f11206888e0f7b033761cbac8b60f942c14dd24353ec88ba5168a9db4543114a2281e3f72673128dc6f2a213145eec1e855c857ed782b09ab718616ea3e484764ea3d5c95af2d3e344b9daaf3db027d00ecbf4c41258f2382513b087e970ec9d0eb7a466b2597c7617ec2406b471ae2a5ff56acdde1ffc00477a6aa6a08efedd614922b9e860f953c2ef7e36e9e2a94622d4b4c499dccfb1663226561eb01bb200b13cf951f1fce8e661491ccf987cfe72502a8e2cc20a37b222c53862a5bd99e3fbfee0c248089d648b01d91bdf5f5470806865fbba50bf0f776c9bcf280b6d36184fe6cfea9edd5fca562f66f02016216903ff18397fd25973601bce0a66247d42cfb0ecf27d278618499cdef8ac94c876c05c5300cb80f15f9f80950b5695683aa48e35db8b9389dcc59ce8070acd8a7df07c7a565c5f1e0cf6db9324fe783cae3ec6ce8f8143296ebb57d74fdc52d98d86c7806ca4277ae9fe01014078029f6ab5f053e7fc5171353e322c8fe75f48371d995903ff12d4f660e0aea05be451e49d99222f4aa34fc3e866be149ecaa411885c89f0285571fe7d4f4a953c63e3277d62174695482e1bc8b61c4dd24c3dd4fd144cee3f34d5b14c0c1e98f4efa2785118273659ff8c7cb8059f5bdbf099126406ae2d8a78f0f4bf43ca96ea99e56e9abd5920e16544af5efba0007713f666e2f4e6ade33a0daee0dd7cb4a4cd66a85a264dade38c273238409700d5fd0c1e8593b59cb8ed1ef0b3721891d5ba60484ebab9afc089af2b1ce4d5ae597dbe14b51af5f1ca0926a19ba280dd2bb6c28c7fbf9c98f34ee6f86869de774151752946a74d1937c8d047808937b0f0dd64e01604d70b6fdb8936868971fa93395061ae19dceca25dca1b0083853dda19d12c3e340c6b91b6058709754f9abed130d753652bd2ca01bbb1328c5b429aed6e79ead34f6dd37d0f4cadbb0f62654b2fd7eb9fbb098eba6bee93b23708dad0f3e23baf6dc954572109c7f07dccb354e50d363f381346a179f72368948e394d39cbcc5c67a7814d586f3ba92673dd0d7eaa33349a18d247977af57dabbbb287c5335034e6d386c9ab46cbb075e9a3171d912686f857e595aeec7aaae6549ac9f8fb0f57dbce3a2d6820d9cf4177f6564ad8ae3a750a5ecff11bc6dc1cd10b8f960e0b850584cf19c37cd0f292a0e35d1fd68b97e90c6b5cc24704266444abbea434da33a9ca30cde129e45f81d455b944253c6915a28c513b28c72b94d89ffb7404ffe3e568802c2a9fa7f88a800b5497d1a8a89a58caafc2fc52ac9a3e02fb8f6fae21f4ad25e360670909dc2795747af5417b4ff3855e570d5daf0b7774f4a5e5d84f77b76affefaa10c0321e582318017b94a36cdc394d81ea66a0c9a1053972a6585e72b68675526de18d3348dd5ec218564c9ffcf34bd5be763e62d7b034ec1c4a7b2f510053602111bb8df7f06cb247ad2326086c7ae742ea496ad9559f7eb95dbd5247621256e20a06c24533ec6d01bd7556472b122774a4662c11ebb4d586076b567fa36f500766ec83e501e678f2e222f8ceccc8a45a4da7377e59f57a0cd935cc98828efa87ab374a31a7dd29d89fc052a75fbe94ac0cf1679ec5f192eff608d62c3b8c480d9cd9ee564e10292fe5d5bf61b6ddb63238c5a646dde1179145318da7b1983b663123db8f8814c616eb4b3c66062ae0f030bacd04fa54810a2876afdf1e84ed96cfa99ea0c56653ffa53c1a15350af03d960e0c38395f564588004522e1c0570739f16faae1ec9ce7c23b18747237a7deb9242810b75739a567b4200d0c4ff980bde8a3ae0798107bc75409e9cceef712581a966eebe29861b576777d296632e7c0a70cbfce52d5adf160f3f3c16935cf8698300f8effb8b9795506a39f9a5dc09b1833398095f80a20104dae171e64ddb322af1bba3546ade9b5b9b27a039454c0375a5e9bfb2c00f5211b62377f09a57dffc2143aa2ec81a45dfa700f809863ed74f7bdd99eafdd650067962d5743242a7de", @ANYRES16=0x0], 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0xfffff63d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x80d}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}]}}}]}, 0x3c}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/consoles\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4080, 0xff0}], 0x1, 0x2b, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f00000010c0)="67f0013e66b9030a000066b8855d000066ba000000000f30b868000f00d8670fae5000660f380bc0b8e5008ed00f0097500bbaf80c66b818e1cc8966efbafc0c66b87129000066ef650f01caf3a6", 0x4e}], 0x1, 0x64, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x10}, 0x10)
socket$kcm(0x2, 0x5, 0x84)
pipe2(&(0x7f0000000000)={<r8=>0xffffffffffffffff}, 0x0)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
tee(r8, r10, 0xfffffffffffffc01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

10.052563812s ago: executing program 2 (id=1535):
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000002c0)={0x0, &(0x7f0000000000)=[@code={0x1, 0x8f, {"48b89f000000000000000f23d00f21f835100000080f23f80f013c0066baf80cb8fc344687ef66bafc0cb81a4f0000efc7442400b3000000c744240200000000ff1c240f01c5c744240000100000c7442402bb04cf9ac7442406000000000f011c24c403f9690606c441ddf36896c422693ec06466440f38829d00000000"}}, @uexit={0x0, 0x18, 0x7fff}, @code={0x1, 0x81, {"8f899896ac110000000066baf80cb88845ac88ef66bafc0cb8f9ffffffef66b8be008ed0c7442400e83e0000c744240200480000c7442406000000000f011c2467f3420fc73264650fc72dee6fc0c60f20d835200000000f22d866b816000f00d865440f01df26644f0fc71d7c000000"}}, @code={0x1, 0x4d, {"0f6bde400f32510fc77a5cf247a5674e0fc79d0100000048b80c000000000000000f23c00f21f83502000c000f23f8b95a0a00000f32430f080f01cf"}}, @code={0x1, 0x3e, {"450f01cb66b8ee008ee03ed9f8d9fc0f01ca660f38817e00b9920b00000f322e6cc4427d2a425ac4e2e90349f4"}}, @code={0x1, 0x60, {"64400f49b610000000b9800000c00f3235010000000f302e0f01cab805000000b9db0000000f01d9260f01c20f01cbb9bc030000b800000100ba000000000f308fc878c16d0000650f78e5410f1f00"}}, @code={0x1, 0x67, {"c744240000900000c744240200400000c7442406000000000f011424b8010000000f01c1c461fd28f23e0f01c2c4e1f85a8ce05affffff420f01cb0fc7797bc4425d8c5a00440f20c03503000000440f22c0f0204030"}}, @uexit={0x0, 0x18, 0x8}], 0x292})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
unshare(0x46020000)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, &(0x7f0000000300)=0x1, 0x4)
syz_open_dev$sndmidi(&(0x7f0000000340), 0x5, 0x2)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f00000003c0)={0x1d, r3, 0x2, {0x2, 0x1, 0x3}, 0xfd}, 0x18)
writev(r0, &(0x7f00000014c0)=[{&(0x7f0000000400)="a35a362c67c126a010bba74998a253647d594cf92f3d42485b0520e4348851bfd55f9629c4b985e0324bd670466a15f0cb9754420e16aadb4405f275649b6d781b6e10f3c5323ce1a1626cdd894960213e503ef432d0e3159183066bec3faab5a239bc678146c7bc4c779a661e46e6c87c4b2c5df1b2d02017e1d0c85ba7d556d8c90479ce20f3b54d57e667aab50c1ae456f01a9717452cea002ff9b3767293151b5fca4037330e927bc58cb7e822d3eedc672dbceb4d20fe", 0xb9}, {&(0x7f00000004c0)="1c076b3d0f26ad98c20b702b69c7bdce45f96c7ef8664d1e51a099442daa349eae2d7ebb16335cfb6ee5a1e88f34b4c817669fc146fbb6ce2da0d4cafbc924f5b688bc6ec10b742267f08f8f4f93a51083abbf174dde780c10bf7499fb69172c9d95c999cf18999942a8d7123c0538ca8089008e626987a9ef2baf79e803bd0117381a849307be65386eda29711f9d560144c282035ef869cfcf61a260f340ae150c4aa56123687bf2be9d55c23ec4e5692e94c4c5ba41c896c52bd9ebcc32f1daab6731f3b80c2f26781a05717af0d5e66e7850ba63515e92ea0b2faceb6af610e1c4dc907ff8a762746451909fdb742e5e0e77c1bf288e374832daafda425d6dba1255f466c8d186ec66192d92bce04f10a6a3147aaf488a96365b9a5c01775d6671b86f5398e5e6e17178d497da695ad6dc2c9aabdefb573c90378c1be281ca73eae7cc894bc2a1bf9b3f7dddd222724449251d843c247dfbe41ef17110a1783e0473f5c7cdcc2129429688da5ab8b78f15101230913095e6b3548d300e924a5614560d26b81410b999372716cb062a6ee7950595ec25a534057d2b8a90038981fd66dd398b5f2af570725d073dd8516970c7fead1d97b93506f85ae322f86dbaed6a235ce406821ba55d25c13d795cf09c33c847fa1b46d0535e0a64ef547054e694beca571791ceccad9118c9f33f7103022ccf732b774589f6d4970ac8b3d914b0b17e27a9d5fe057e514a4160a353838fa021c4ba83570d7efbfd5b178825667e6d19f47d687e4b84b280c3ab2d6a80560e5f6d2ffc2c0d5b7803918de0cc6af248fa761e328a4b22b252a89a6aed46d9c334b608aeeee0999054e9ee29dd82594ccb1cff2fed274de6af3f569ae4bcfcda42e61e6dbb6e6f40bd7909e5354b2b436e2c001537cf428842f825f8e9185b52c4f4e6b5e58494004b0b828fe6dca9a17ab8531534c35411d19a13ae48994b4455469c1e9e8f6cdc7534da6e1b0340e097476040904743fe93aea3826d4850d4aa05d43131948e61e2c255b177742f3b86ac338a20fac57ea8baf09932d6e9f3b63326e7f2712ca0d2c7df0089166426944a66e9159a4c34997c74f6489ed96bf247bd6f00d8f04b833c1b0c0b857647ad51ea329e5c7ef8ecd34285017521e2be77866874adf8701d77d48df14610d50707cfa4617d9dfb5478c0ebee432cb17088ad676565fafdf4af15557d423b408b063df414080d2c4c3439fecf8097d4fb13a7956648c1aae7269dbc0c9c2c507228cdffde3342071b27d3e0c162e6d72169833ca66e5b5e6bc4c398e3d0e5e49d8696a650240172d26d7dc7d90cf92ddd9e364ff953b5c621721251b3bc8f13112267c561341747372deb69832b157071c7dd47f3e4d5740c25f8fa97c356778cbf158eca68bca42de9ecc3990d7ac527ab52678f9e264f0eab43729798b3237f155e1b5765cf34ddab194971511512442c049bf00df5305791e92ee4b2c13650f8c9d8155efdb189fd980ca93e4dbd42c897bb86fc67e2e84143966c9634ec3ad6085534213f103911b64591f472e049327f152e575134061c2c9aff9ff4aad91a5eac6de3b6443e555369d80ce25c04468a950193040b8764bd5e654eedb0c8787c25e1eafb426e9354073c62ab8cbea225f90d3aac4699a8079f4ab3abe04d409c0e87c920ad06052eb0dfbd94199ba5348586e9b4555bc1975b493258c54addce237747396405780df60eb096d1fa308f2233d175d4c0411321b5af6f849d71dd1516366d176c321ee212f2151a6c7274fb125f6907afaf78d39f42aef47d7bc1862be4b0f7e9225a8c0ce2dc09691b34fcaac4424468b719344cb132ad5aa46c94e3330c88defa14567734866c3b2429fb6da3bfdf74deae1081d87ad46a7553b8b54b7a0f9cd9da756c5589ea2060bdfbc660c211d81812405cf61b072baf1b94b07a8cebb17a137538d90be7f196895f845d2f3a805a625eee4f548faeee7828f1808bf0dec9eabfd38731ac274ee0f1d3d95b18b94221454d4d38b2938d478776ab3500bf5994f6e377651b69fba8017382c6145d1c5aacf21afd201fd89a498d9316018a95c067dce00653d9f272346c38f1218ba2341a933b0009fac7306d5676d890fb9321d4849b8691ee20ae83837195d8dc30cb01b2f7d6b3a10218c41f14d13c752d7651e099708c92b3cabbdae1aad26afc740d499bf6ee2bd1e19531c20b797254219d606122a37537eb6079b8a718add7f4ab1aceac132b51b2f3642947ecc861a1481dfb9ea180bddde256dc9b89bbe04c710e207909007e7c146195959fbcf161839272085f332f4a0ba2a5abe47c9aa9f728fa0f5bdfba6f9fbd810eb83719670b9d3c0d965846aafe2459627431215f565507736b822fa4141312e9942a7088b23ac02d81e513a375dfc8e03b1debf39495d8213e35c8a715e52ac6056ab08533b8d5770166aa6d9cdc929f9d6548f325b5ca90cecc5618531f677b5fb4dfaa717c3ec7bfac1fc13da702bd713903336c882f7cd4d28a2f364da41e9bde0be0aabf47117259d6889faed4692dfd0d88c084385eba6960d741031346b04a77f283bee06df01fbaf31566a697ccbb8575d64cd0e6bf15524c0197e6d0144bcbb9079e30e91886a04cc553cd31f79c4034418acbef1c1c424408c707d385ac156d5854eb29e324357b27d9a3d9fd57d625ae34c41f6304a0c42d3fae2e89df91f1202caf664b7f08b5dd437d608396e629e8e41710780bacfe604a9f69ff4d0b97ccacdef293cb3f2a6a75d624c2ad3cb1e5a856c7583001a754f06cb391b630612b6da0c013d5bf272b7314654760cc0f73820c6525f0ded25f1c68827d675007c7ade776b71dac48eb2d7a8035a2d625f7beb5f15b4cf3a737e8dd037ccbcdf917e3ed4be6d07a8ca2b814b97bb839b7d2c4bc67314af4201633c4d5f4c2bd7465a08a8c37addb95447af435d1537e9285bebfea67b84f284a8b3f37925fdc5afa72d361d4e0c3d6d0732cbfac4416cd6bff75e48b1b9e656bd92409a725139214dbfb5782d0e7fd1eea71d93d812023b6f44bd955b405cbace9e41d4c52787386105768949af0013de5e7c7db60d43d0beed8c2929c32fc1a078a6a29e4382f47e382b99135e98f553ce52924df997da5ec26e7f31248548cff0b75e0b30fbf4457b1b6fb887a0d4afa9b50302b5f2789267dfc9fce445fe5ad82cd9d61c7d7adaf90a3be6b9addf7b87fdcb49fc6a65ccf2052f9e7c1c15bfe160faaa62b8960b7ec36d76ef0688600c8192068be618ff0052b81ae779072cd7f19232c3d6c70a83bbecddbb890fda8d2623b3cb6e32a2f3159588ec52fb4abf654e9b1fdf00fc4867e9687798dd04c49b170969349e229efa8335f0ff9237492c89db725c08cb210e73d61a33e143f435106b4aed3164d39b6c0e3a7290032302223b573a3e296623bf90fa81a315380b0d8d1c74fc056f6177de7e7f29824b6fc12a719dbdb3cd7f04832e8f74fe73982076a187ab912d39ed6d379f1565c0f6ad53a4cf2d29016090c288d6f2e2fd909cdb7d9bdf4087614ba9c4ca84cf928242fc21c7f53388dc87ba88422a2620e0564838bafbcc4c008af6a69fa2797217e2ac03693533bc2b41e39122c373222d8bce7571032b67f4566d8164558f2b359cf50c9eacf30b0190141d5a3038732c77aef3bb1ef7d0d60afacad18ad662b50c98b447d9011a6e97605d6b05c2e2c2bf7c0d6f5aec4b6e2cb8a2eb176ad4fc67c3d90aa2dcf75d578aeebb1b2372d0e80d66ff885491a41313182b971d9153713c4291374a1d971639c78eba4f5670175a247f962a180c9f44838f2a6718a1310b52bc2c293b8caf741bdb865c5e46340297485da5020620be79854d074f0e0a71afd2d55b56a566ebed197dbc8354debf65d02e61e6a6bbe11f33958124c265b462b5fce4c710aafab9e8a8e34c1048503ff286e2cfa1f65ada59e292dcd37e99db3d2933e7e523d98f9bf370cc0465dc33ddc7f7923b5c6668e9e2c42a7028ccca79c68e36c7bcde1e5613ff442e4852f7852104d2c4fe745a0ba508554cf2842c7e8617f20cbcc4a89a5d02c42dfef9032a14db164a0d038c632ae733ed7d2234936ad9bfa8d51bbf3b4b13fc6702f3b9f1f9a32fbf683f03f5e7f3151513abd43dfa0c008e81deac28061433b5074c9a75342a5fa32ff28cc2d979a4a51b3739256bee91f17516dd5083ff023fbaaa3fe0debb13cec29063be12df78d811a66e90138eb375dc4af25ac9413c5f79555ed137a8f6b2b3916e7d1ca0cea59035f9a3f99485a637a662c258dd9c325f72396ebb6c463eff2979d37af4430d4ab9fdfdb64461c43524ea4f58563afd4a102176ce567dd5425b68a501b47779680aab5106c95822fde54d6bccd054b75ba658a9ba4def827181a8a315b671872a6a2aecc8b9e16a8f86b68431d5e8ab953b3f283ad2287cf353644b13cf2aa6d9f252385dc0f6683d9e364fe64d04cfbbe2a337bed2de0616567014ca7659996c0f9266f504b4cfc37589343e5b1f8cc41766f325cad21b794cb026fe68c9305dcb8473865e98f7137d6d8285cc4c641118968411b75cbeaa17f1e4cb58fb6a0393a4e2cdd6086b49a15b8ed185b060e58895e6e4b522c698f47689685aa4bd9bbbf6962b45401cec8b2028cc7310e60fb4a59fce119124eacb259d39718edd4da23e5587f6e8e5a30af4f02fc93a771fd2024ba2c84a9282aeba37569764457ee9e2f6c224fbd4c13f64e66185194638cdead9c2ed7004141d18e2ecf1a2ba7bbe5c558e816e9a8d2b6a518661c6b9e76a6ca1df885bd7b559d0a9270eb967456068586c22c74c4672ff57cbdfd380830dd02a2ff00c52dea688190410cd3d8c765c69b5e59a8ae434bc94040ea491ec5394c37bc7c9b3342d813e4c93a81200e085fd0b27c79ee011e70d39c296c82950f5994eaca8960a9fe08869b9a9b98645ac015dc15021ca69434cf8b7cffe6dbd959e95ed95709a4da73371f6aac41cc9b69fe2f543b4a5452c7cadac1fbbfa26313ab08af8601f694df9a271182c1d38da118e6003063bb82bb99c3ba139777d931d00abb5ab7616c917cfa8a15c2d7e7215da564e26ed8509737892f6ddaaddcb2aafc8d7bf762fbc8187203aa97c2261e46e4893b7ba76ef71b08934023ca51d07b1c4b05db3f6fed555d96f1173d56822f6315c810c9fa938ff520bf38766d736aed9f81997bf27f11c33593b9b2e6ee6e38822fa381c0244f968d818d3e52016b7a5781c1c9ce7d24a8595df0c07405d7d5d224939fab1b314353f3d5d3008c0df2394caf2446cfacc546960ba8b89536a4504d62430efc6c57e8955ac398d5ae43bd776884a7e0dc352412c0df0248a934abd68e62381d59e91836edb73bcec5ac510bcf1556c2ae576dc6d778ea9c78949720bed7cfbc3b5eed53944b3ccfbc8db1ebd2e3dace70287a5a4dd1c6050f319070f5cd195aaad701986d4c35556db0d2ce72b540e71de1d4082999163f67fffd5b43aa65878f4a8063a5e21c23ff60f7d7e72e01418e33f5671a46afaa50e9aba6358b8f72eae80507ee376210afb30d3ef3fb6d70fc063977aed7a6da95baabeb9490ca58986257981f9760821d4639c371750feff36ac2343c7303abe98164ff53776ee6e34114f7d3978b91fe5c934d7a31a93d8b1cdac849dc59864e3967feb4de19c28da9fe4ec7e9aa5b9436697d37cbc59f3e782bc15dbf89343408eb6bbbb34de720c67e42d7f92b3904", 0x1000}], 0x2)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x1, &(0x7f0000001500), 0x4)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000001540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-neon\x00'}, 0x58)
execve(&(0x7f00000015c0)='./file0\x00', &(0x7f0000001640)={[&(0x7f0000001600)='#$%\x00']}, &(0x7f0000001700)={[&(0x7f0000001680)='\x00', &(0x7f00000016c0)='#}^\x00']})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001740), 0x40003, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000001780), 0x40002, 0x0)
faccessat(r8, &(0x7f00000017c0)='./file0\x00', 0x8)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001800)={0x41, 0xffff1000, 0x4, r8, 0x2})
syz_emit_ethernet(0x4c, &(0x7f0000001840)={@local, @multicast, @void, {@generic={0x200, "b74fc474eeba007aa65e2b86c23db701aed7199416660dfef8ef1536cbf9b8ffafc1f4af8b89ad348930729079246f034cff020ed64b637ec482a7613a87"}}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000001940)={'ip6gre0\x00', &(0x7f00000018c0)={'syztnl2\x00', <r9=>r3, 0x2f, 0x9, 0x1, 0xaf7d, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x7, 0x7, 0xc, 0x3}})
sendmsg$nl_route_sched(r8, &(0x7f0000001a40)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)=@gettfilter={0x3c, 0x2e, 0x10, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x7, 0xb}, {0x8, 0x6}, {0x9, 0x4}}, [{0x8, 0xb, 0x80000001}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0xffff}]}, 0x3c}, 0x1, 0x0, 0x0, 0x840}, 0x8040)
sendmsg$nl_route(r8, &(0x7f0000001b80)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001ac0)=@mpls_getnetconf={0x4c, 0x52, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x1}, @NETCONFA_IFINDEX={0x8, 0x1, r9}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x5}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x7}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x3}, @NETCONFA_IFINDEX={0x8, 0x1, r3}, @NETCONFA_IFINDEX={0x8, 0x1, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1000}, 0x10)
r10 = epoll_create1(0x80000)
write(r10, &(0x7f0000001bc0)="0716dba9b7a3e5032620009be014af6875d60100b577ec9b5722ac5098c6ae1451887cca57179147eadfdaba89545d6f3adf9109717275db68b17174c948b0875ca404cdae62ec8e6363df2a5afe1108d7d2d151d6b3c489fb8c37e756ac73b499ba10d2cc062644a57aceb9a52deca0add7e25ee8daa4c4aa115ff6bb58efdc057d695c3229dfecb381491674366808b5c229ddea27c9929bcdb6a30409989ae18245b8ef39de6a2adffdc4708023dffc53c9a08a67b48ce5d0a62120", 0xbd)
ioctl$SG_SET_TIMEOUT(r8, 0x2201, &(0x7f0000001c80)=0xb)
ioctl$EVIOCGREP(r8, 0x80084503, &(0x7f0000001cc0)=""/59)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000001d00), 0x800000, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000002240)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002200)={&(0x7f0000001d80)=@newae={0x474, 0x1e, 0x100, 0x70bd2b, 0x25dfdbfb, {{@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x4d6, 0x2, 0x2b}, @in6=@remote, 0x0, 0x3502}, [@XFRMA_SET_MARK_MASK={0x8, 0x1e, 0xfffffffb}, @policy_type={0xa}, @migrate={0x180, 0x11, [{@in=@remote, @in6=@empty, @in=@multicast1, @in=@loopback, 0x3c, 0x0, 0x0, 0x3502, 0x2, 0x2}, {@in=@local, @in6=@private1, @in=@private=0xa010102, @in=@rand_addr=0x64010102, 0x3c, 0x1, 0x0, 0x3502, 0xa, 0xa}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@mcast1, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xff, 0x3, 0x0, 0x3506, 0xa, 0x2}, {@in=@loopback, @in6=@loopback, @in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2b, 0x1, 0x0, 0x3507, 0xa, 0x2}, {@in=@empty, @in=@empty, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@local, 0x3c, 0x4, 0x0, 0x3504, 0x0, 0xa}]}, @algo_auth={0x78, 0x1, {{'sha256-mb\x00'}, 0x180, "cfbf3f820c15ddeb64f67ad57b0953d01eb48b869a5aec5a07d14f4bc93954d2b843bcbda301319f30c08d2139ddeb3c"}}, @tmpl={0x144, 0x5, [{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d6, 0x6c}, 0x2, @in6=@dev={0xfe, 0x80, '\x00', 0x14}, 0x3505, 0x4, 0x1, 0x65, 0x400, 0xc, 0xb7f7}, {{@in=@loopback, 0x4d2, 0xff}, 0x2, @in=@loopback, 0x0, 0x4, 0x2, 0x3, 0xa, 0x800, 0xd}, {{@in=@multicast2, 0x4d5, 0x33}, 0xa, @in=@empty, 0x3504, 0x3, 0x0, 0x6d, 0x1000, 0x0, 0x4}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d3, 0x32}, 0x2, @in=@empty, 0x3504, 0x2, 0x3, 0x6, 0x0, 0x4, 0x7}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d2, 0xff}, 0x2, @in6=@dev={0xfe, 0x80, '\x00', 0x1f}, 0xfffffff8, 0x0, 0x3, 0x1, 0x7ff, 0xccd6, 0x6}]}, @sa={0xe4, 0x6, {{@in6=@dev={0xfe, 0x80, '\x00', 0x18}, @in6=@dev={0xfe, 0x80, '\x00', 0x33}, 0x4e23, 0x4, 0x4e22, 0x1, 0xa, 0xc0, 0x20, 0x3c, r3, 0xffffffffffffffff}, {@in6=@mcast2, 0x4d5, 0x6c}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0x44, 0x6, 0xa39e, 0x6, 0x1, 0x1ff, 0x7, 0x2}, {0x6, 0x9, 0x4}, {0xa, 0x2, 0x3}, 0x70bd2a, 0x3500, 0xa, 0x1, 0x10, 0x1}}]}, 0x474}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

9.702566427s ago: executing program 1 (id=1537):
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x42000, 0x0) (async)
r0 = socket$inet_sctp(0x2, 0x5, 0x84) (async)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000280)=[@in6={0xa, 0x4e22, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}]}, &(0x7f0000000080)=0x10) (async)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r2=>0x0]}, &(0x7f0000000240)=0x8) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$netlink(r3, 0x10e, 0xa, &(0x7f00000003c0)=""/21, &(0x7f0000000400)=0x15) (async)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000030000000000000200000006000400280000000b000002", @ANYRES32=r2], 0x20, 0x6044}, 0x6)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0x2, 0x0, &(0x7f0000000300)="d2ff", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
unshare(0x42000000)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1}) (async)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3}) (async, rerun: 64)
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa08, &(0x7f0000000100)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) (rerun: 64)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x3000}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') (async)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) (async)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x6000000, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000008000000000000000000000000000000000000000000000000000068000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000100000000feffffff00000000"]}, 0x108) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (rerun: 32)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0xfffffffffffffffc)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_NMI(r8, 0xae9a) (async)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x108001}, 0x10) (async)
r9 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x0, r9, 0x3, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x5, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0x0, 0x200})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

9.317715109s ago: executing program 5 (id=1538):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) (async)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000340)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={r1, 0x0, 0x7f}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000540)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={r2, 0x3, r0}) (async, rerun: 32)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000017dcb4401e040c4098af000000010902120001000000000904"], 0x0) (async, rerun: 32)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
socket$inet6(0xa, 0x2, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e27}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) (async)
r6 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r6, 0x80108907, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x5, 0x40, 0x1000000, 0x0, 0x40c}, 0x0) (async)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80602, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) (async, rerun: 64)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101) (rerun: 64)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a050600000000000000000100000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001405000d404600000014000000110001"], 0x6c}}, 0x0) (async)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000000a0a010100000000000000000100000048cc667b59dc4b734a1827f66a04a80176277a6b054b70f277db1999221a00abbb5e88f148becc28f6ea75382bf188bcea3d5dcc37afd1f3821698c487d0becdd906ccc20f8b056e79007c06e7657deaafac322ad842f93753e5db0a4bedbed242a52e44bffa62fe4814622f7041a116c602b664b53c8ec85f3c219878ce00f5988d2ad3756fee4ac9c467702faf70b0850c79bfa815a4a57fdc88a22a3c066afaaeafca40a0fc3e"], 0x14}}, 0x0) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (rerun: 32)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x1fe, 0x1, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)

8.901506859s ago: executing program 1 (id=1541):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x3e1, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x51)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x48100)
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000000)=0x7)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0)

8.481023341s ago: executing program 0 (id=1542):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x200000, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x3})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000040)={0x48, 0x1, r1, 0x0, 0x10000, 0xfff})

7.988396703s ago: executing program 1 (id=1543):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902"], 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x28)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$rxrpc(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
dup(r2)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
socket(0x10, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
socket(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r4], 0xc4}}, 0x0)
r5 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r5, 0x1000)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f00000065c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048844}, 0x840)

6.628218924s ago: executing program 0 (id=1544):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @p_u8=&(0x7f0000000280)}})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={<r4=>0x0, @in6={{0xa, 0x4e22, 0x5, @empty, 0xf}}, 0xfffffff7, 0x200, 0x0, 0x126, 0xbc0}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000004c0)={<r5=>r4, 0x2, 0x2, 0x40, 0x4, 0x4}, &(0x7f0000000500)=0x14)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000440)={r5, 0x9}, 0x8)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x60c580)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r7=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x4470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x44080)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000540)={<r8=>r4, 0xc1e}, &(0x7f00000005c0)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000600)={r8, 0x9, 0xfffb, 0x7, 0x0, 0xfff}, &(0x7f0000000640)=0x14)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x79, &(0x7f0000000680)=ANY=[@ANYBLOB="8c529f6f2e7bd4456f0780e0c491556892a270fee84e9ab6186532617749e9c1d7aa949289c666da5833d4c0331862336dac112f01d5491c53db7007938f5b93c68cee5fe53127e4639db517004de7a63c2c4e4ac0cac82764d3499b808b6aa95b4a7619296e5727055682822525abb8bb2392546f7f3d8650076838abe03e334fea2c46e02fc7156648aaf298c1fb435b27f3556398", @ANYRESHEX=r0], 0x8)

6.572766973s ago: executing program 3 (id=1545):
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
timer_create(0x3, 0x0, &(0x7f0000000300)=<r0=>0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000580)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="201109000000ce531e28370fdc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0xc2a01)
r3 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x802, 0x0)
r7 = dup3(r2, r6, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000100)={0x9, 0x401000}, &(0x7f0000000240))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000000a40)="82"})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00')
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
ioctl$HIDIOCGRDESC(r3, 0x40305829, &(0x7f0000000000)={0xc, "7154bbc8aae250bd23544617"})
unshare(0x0)
timer_settime(r0, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)

6.572422911s ago: executing program 5 (id=1546):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'dummy0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="0000001ff49c71554fc9e400ea63627b36ce9382f61c0dcd4b570db26c7b321043fe"], 0x40}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120101020301090212000100000000090c00000005100f00ab0f422de90d34ccb80e96e84386d2632c13c2e86ceff1c56d2ece6fd3a55b7e7229f5f14c8091a160b3ea8982cb8cf8cef4"], 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x6, 0x6a240)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000002580)={&(0x7f00000002c0)=[{0x7, 0x4200, 0x0, 0x0}, {0x794, 0xd250, 0x0, 0x0}], 0x2})
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_GET_XSAVE2(r5, 0x9000aecf, &(0x7f0000fee000/0x10000)=nil)
ioctl$UI_SET_RELBIT(r4, 0x40045566, 0x9)
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4800)
vmsplice(r7, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x1}], 0x1, 0x8)
move_pages(0x0, 0x10, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], &(0x7f0000000040)=[0x1], 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r6, 0x0, 0x0)
fchdir(r8)
mkdir(&(0x7f0000000000)='./file0\x00', 0x26)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r9, 0x2, 0x0)
getdents64(r9, 0x0, 0x22)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='./file2\x00')
getdents64(r9, &(0x7f0000000d00)=""/72, 0x48)
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r10, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000140)={0x7, &(0x7f0000000280)=[{0x7ff, 0x7f, 0x5, 0x27aa00ab}, {0xff, 0x8, 0xf, 0x80000001}, {0x0, 0x0, 0x2, 0x9}, {0x2, 0x2, 0x2, 0xa}, {0x4, 0x1, 0x81, 0x6095}, {0xffff, 0x8, 0x1, 0x1}, {0x4b, 0x10, 0x2, 0x80000001}]}, 0x10)
sendto$inet(r10, 0x0, 0x0, 0x7fd, &(0x7f0000e68000)={0x2, 0x4e22, @remote}, 0x10)
sendmmsg$inet(r10, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000300)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c63262ff67b679ccac305b5cea1dcd151d7bb5f54603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a4703427ddc489486ac878b9728ba6ed8dc65a9028b1c14b029d563a6de1bc1131857901fccea4c504bde735730abcec872a7f23807b37c9bd64f2004b0149af98328d3412ff16d27bf0ed77664e5ab531376f5c30808859945a321fd44d5849f33487e18b84e9126238a4ee89a0eca27e18669af790aac369ea63f0365611598ca49d0586c96a8d58afe8b7114ae16b45434459760f036ab7979df8efa5c1d615b6c5e21011fce00d8f0110a6220a4c", 0x12a}, {&(0x7f0000000740)="c8605474ee573ad5ad5acedf22046d983c7964dad745eb7c8eb102c0d2b166382d3f325806513b1eb3fe7b135bfef85013c74b374f5892a7254e3405eb6c1c", 0x3f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d36", 0x20}, {&(0x7f0000000440)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af443a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd", 0xa5}], 0x2}}], 0x2, 0xc0)
sendto$inet(r10, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

6.535334358s ago: executing program 2 (id=1547):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @p_u8=&(0x7f0000000280)}})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={<r5=>0x0, @in6={{0xa, 0x4e22, 0x5, @empty, 0xf}}, 0xfffffff7, 0x200, 0x0, 0x126, 0xbc0}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000004c0)={<r6=>r5, 0x2, 0x2, 0x40, 0x4, 0x4}, &(0x7f0000000500)=0x14)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000440)={r6, 0x9}, 0x8)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x60c580)
r7 = socket(0x10, 0x80000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x4470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r9, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x44080)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000540)={<r10=>r5, 0xc1e}, &(0x7f00000005c0)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000600)={r10, 0x9, 0xfffb, 0x7, 0x0, 0xfff}, &(0x7f0000000640)=0x14)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x79, &(0x7f0000000680)=ANY=[@ANYBLOB="8c529f6f2e7bd4456f0780e0c491556892a270fee84e9ab6186532617749e9c1d7aa949289c666da5833d4c0331862336dac112f01d5491c53db7007938f5b93c68cee5fe53127e4639db517004de7a63c2c4e4ac0cac82764d3499b808b6aa95b4a7619296e5727055682822525abb8bb2392546f7f3d86", @ANYRESHEX=r0], 0x8)

4.789392757s ago: executing program 0 (id=1548):
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffff2f)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
r2 = memfd_secret(0x0)
fcntl$setlease(r2, 0x400, 0x1)
fremovexattr(r2, &(0x7f00000000c0)=@known='system.posix_acl_access\x00')
socket(0x1e, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x2710, @local}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x10)
r5 = socket(0x8000000010, 0x2, 0x0)
unshare(0x62040200)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000}, 0x4000884)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGKBLED(r7, 0x4b64, &(0x7f0000000000))
write(r5, &(0x7f0000000580)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x17, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x4000)

4.71371344s ago: executing program 3 (id=1549):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

4.598328913s ago: executing program 1 (id=1550):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x7d}], 0x1}, 0x20004044)
pipe2$watch_queue(&(0x7f0000000280)={<r1=>0xffffffffffffffff}, 0x80)
r2 = add_key(&(0x7f0000000040)='cifs.spnego\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000600)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x242, 0x1, {0x1}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
keyctl$revoke(0x3, r2)
keyctl$clear(0x7, r2)

4.258613919s ago: executing program 2 (id=1551):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, 0x0, 0x4004000)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="0000003b000000f32c00128009000100626f6e64000000001c000280080007003b"], 0x4c}}, 0x0)

4.212797639s ago: executing program 3 (id=1552):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @p_u8=&(0x7f0000000280)}})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={<r4=>0x0, @in6={{0xa, 0x4e22, 0x5, @empty, 0xf}}, 0xfffffff7, 0x200, 0x0, 0x126, 0xbc0}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000004c0)={<r5=>r4, 0x2, 0x2, 0x40, 0x4, 0x4}, &(0x7f0000000500)=0x14)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000440)={r5, 0x9}, 0x8)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x60c580)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r7=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x4470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x44080)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000540)={<r8=>r4, 0xc1e}, &(0x7f00000005c0)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000600)={r8, 0x9, 0xfffb, 0x7, 0x0, 0xfff}, &(0x7f0000000640)=0x14)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x79, &(0x7f0000000680)=ANY=[@ANYBLOB="8c529f6f2e7bd4456f0780e0c491556892a270fee84e9ab6186532617749e9c1d7aa949289c666da5833d4c0331862336dac112f01d5491c53db7007938f5b93c68cee5fe53127e4639db517004de7a63c2c4e4ac0cac82764d3499b808b6aa95b4a7619296e5727055682822525abb8bb2392546f7f3d8650076838abe03e334fea2c46e02fc7156648aaf298c1fb435b27f3556398", @ANYRESHEX=r0], 0x8)

3.979530428s ago: executing program 2 (id=1553):
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
timer_create(0x3, 0x0, &(0x7f0000000300))
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000cf8bed20d90f1a3808ac000000010902120001000000000904000000cafb1a00"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="201109000000ce531e28370fdc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0xc2a01)
syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x802, 0x0)
r5 = dup3(r1, r4, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000100)={0x9, 0x401000}, &(0x7f0000000240))
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000000a40)="82"})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r8 = memfd_create(&(0x7f0000000240)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\v)\x06B\xf0\xed\x91 )y\xb4\xba\xba\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\xb8\xfa\xbbb\xb1\x03\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5pe,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0\b\x00\x00\x00\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x05x\x1a\x90\xf4\x03\xe7\xe9\xa9', 0x0)
ioctl$FS_IOC_RESVSP(r8, 0x4030582b, &(0x7f0000000180)={0x0, 0x2, 0x102, 0x100000002})
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00')
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
request_key(&(0x7f0000000180)='rxrpc\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000400)='\x00', 0xfffffffffffffffa)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000440)="2e360f01df660f5d452f3e260f22450f770f20d86635080000000f22d83e0f070f01c50f16d5660f388133660fdbfd", 0x2f}], 0x1, 0xa, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa"], 0x0)

3.532634304s ago: executing program 0 (id=1554):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0x80045505, &(0x7f00000001c0)=@usbdevfs_connect)
r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501)
ioctl$USBDEVFS_SETCONFIGURATION(r4, 0x80045505, &(0x7f00000022c0)=0x1)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x6, 0x0, 0x0, 0x971a, 0xfffffffffffffffe}, 0x0)
r5 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r6 = gettid()
r7 = syz_open_procfs(r6, &(0x7f0000000140)='coredump_filter\x00')
write$apparmor_current(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB='permprofile && \r'], 0xff)
syz_open_dev$sg(&(0x7f0000000080), 0xffffffffffff7fff, 0x400200)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r7, &(0x7f0000000200)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
sendfile(r9, r9, 0x0, 0x200000)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xd6, &(0x7f0000000240), &(0x7f00000003c0)=0x4)
sendmsg$nl_xfrm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000240035b90000000000fb86ceab011e00af40b71e8030bba0283f9d5cbe30aced2bba67bc5749386c4a5f44f0e3c626c183cfe84c177b03f8cf190d83209be262bba960113f105cef5d6bd808f3743069667e72c601692065e167b388d3cfdcfd0fc1d7c03530787932a92fc351b95fe3479d544e2d778b7b27a7f5752bfe8f3806c5566945f271c82ab67f751c2dfbc45d075139947becfb3d7e3858a6e303f6172a02359ac0fa830b6db6d6f5"], 0x5}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e040000000000002d000000000000005504000001ed0a001700000017ffffff9f044100000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184a0b139d8d4209c8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d680000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1300000010000000"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000005000000bf0900000000000055090100000000005e00000000000000bf91000000000000b70200000000000085000000a0000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.404752158s ago: executing program 5 (id=1555):
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
timer_create(0x3, 0x0, &(0x7f0000000300)=<r0=>0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000580)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="201109000000ce531e28370fdc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0xc2a01)
r3 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x802, 0x0)
r7 = dup3(r2, r6, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000100)={0x9, 0x401000}, &(0x7f0000000240))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000000a40)="82"})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00')
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
ioctl$HIDIOCGRDESC(r3, 0x40305829, &(0x7f0000000000)={0xc, "7154bbc8aae250bd23544617"}) (fail_nth: 4)
unshare(0x0)
timer_settime(r0, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)

2.847954421s ago: executing program 1 (id=1556):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4044004)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d9600010000000000000000000000000000000000000000fd00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

2.130402521s ago: executing program 1 (id=1557):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$inet(0xa, 0x80003, 0x84) (async)
r1 = socket$inet(0xa, 0x80003, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x5, 0x0, 0x5, 0x20000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(0xffffffffffffffff, 0x3b71, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r2], 0x4c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x1c1842, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x1c1842, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b00"], 0x28}}, 0x0)
r5 = accept4(r1, 0x0, 0x0, 0x0)
write(r5, &(0x7f0000000000)="ea", 0x1)
sendmmsg$alg(r5, &(0x7f0000000340)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000440)="95", 0x1}], 0x1, 0x0, 0x0, 0x400401c}], 0x1, 0x8000)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet6(r5, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
close_range(r1, r1, 0x2)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x1}, 0x1e)
close(r5)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

1.620907556s ago: executing program 5 (id=1558):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x200, &(0x7f0000000140)={<r4=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r3, &(0x7f0000000200)={0x9, 0x108, 0xfa00, {r4, 0xff, "000002", "38b1b923825f136cc24bbf1a2d2fd4c316836c72920c115e6ce160cbb680e6d77c99c088378c3d3b65123b8ab23b7eb2dbc3c71952e15169f3875da4a1d0b96c6a99fe40db166b61c506e9b11fb7e0d5aaaed898898eeedc118a13232c378413ae6bd2be597edbc85a87dc507d7e2e5e24af535603a0f94a1f8153c5e880783b12195f16de7107fce1888626ab4033c60cc6742c3fd2c5b6cde2aa7f22b41f483328f44901a5eca046709c6342fc85a2961c39204c73bc85336373e761afba65ea3a96fb21e68fcef984683f43ceefa32c1a1770e93220316baddd03d0730caa3ea9746046afe689efdc3c550000000000000000000000000100"}}, 0x110)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000005ec0)={0x0, 0x0})
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r6, &(0x7f0000000240)="76da87bfec44d625459f3ea9381f5331d4a9bdab4cdd7211391435ebc1eb1f21eec50028cf9836d335c829c4b79a4960cc8c31ba72d1b10b6e20ff008bd34ee011ddad447302f92631795b4eb2ca8c874091cd7b35030000000000000074269aedf536cfdfc633c107aa6449ca7a86f1177288520ae84c4b685dc78ede3d8cb91d925b188db90eca14b6d5db682020cc5c16a0f8156ff8866a9ef36b0f78877d56ebe993a2", 0xa5, 0x4, &(0x7f0000000140)={0xa, 0x4e25, 0x800, @dev={0xfe, 0x80, '\x00', 0x10}, 0xb}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000500)='net/ip_tables_targets\x00')
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d000000140000001100"], 0xa8}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002980)=ANY=[@ANYBLOB="340000001100010027bd7000ffdb3e16142e7975", @ANYRES32=0x0, @ANYBLOB="c0000000001400001400350077673200"/28], 0x34}, 0x1, 0x0, 0x0, 0x40000100}, 0x40004)
preadv(r0, &(0x7f00000006c0), 0x0, 0x3, 0x80)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x20000004)
r9 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000180)={0x53, 0x0, 0x0, 0x3, @scatter={0x0, 0x0, 0x0}, &(0x7f00000023c0), 0x0, 0x0, 0x0, 0xffffffff, 0x0})
syz_usb_connect(0x1, 0x3d, 0x0, 0x0)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="10000000161409"], 0x10}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

803.757746ms ago: executing program 3 (id=1559):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x24, 0x40, 0x107, 0x0, 0x25dfdbfd, {0x4, 0x7c}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}]}, 0x24}}, 0x8004)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=ANY=[@ANYBLOB="d80000001b00010025bd7000fddbdf25ff020000000000000000000000000001ac1e00010000000000000000000000004e2200004e230004080000805c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00080000000000008000000000000000f8ffffffffffffff0002000000000000010000000000000001000000000000800900000000000000000000008015010002004000000000000100000000000000fd0000000000000001000000000000000700000000000000000002030000000029000000000000000c00150053073500040000000c0008"], 0xd8}, 0x1, 0x0, 0x0, 0xc040}, 0x8010)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000680)={0x38, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0x0, 0x0, 0x0, @uid=0xee00}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x1, 0x0, 0x0, @binary="98d4c0b8fd27f3a45e44e813022bd729"}]}]}, 0x38}], 0x1}, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f90e, 0xffffbfff, '\x00', @p_u32=&(0x7f0000000040)}})
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000002080)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "f2a400", 0x44, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}, {}, {}, {0xfb88}}}}}}}, 0x0)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0xe0040, 0x40, 0x12}, 0x18)
renameat2(r6, &(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000300)='./file0\x00', 0x6)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$netlink(0x10, 0x3, 0x9)
bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_BYTEORDER_DREG={0x8}, @NFTA_BYTEORDER_LEN={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_BYTEORDER_OP={0x8}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0xaf}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}}, 0x0)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000240)=[@timestamp, @mss={0x2, 0x7}, @mss={0x2, 0x3}, @sack_perm, @window={0x3, 0x2}, @window={0x3, 0x0, 0x52c}, @sack_perm, @window={0x3, 0x0, 0x6}], 0x8)

802.966531ms ago: executing program 0 (id=1560):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x306) (async)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) (async, rerun: 32)
r2 = socket$kcm(0x11, 0x3, 0x0) (async, rerun: 32)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r3, &(0x7f0000002580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f0000002600)=ANY=[@ANYBLOB="3c0000008da53f19a84c693737483bc78208e6301b56d847dd16", @ANYRES16=0x0, @ANYBLOB="200027bd7000fddbdf250a0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000800030002000000"], 0x3c}, 0x1, 0x0, 0x0, 0x24000004}, 0x10) (async, rerun: 64)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (rerun: 64)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'team_slave_0\x00', 0xc002})
mkdir(&(0x7f00000003c0)='./file0\x00', 0x83) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) (async)
r6 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000000000/0x4000)=nil)
shmat(r6, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmctl$IPC_RMID(r6, 0x0) (async)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r7, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRESOCT, @ANYBLOB="0104000000000000000001000000000000000841000100000018ff"], 0x68}}, 0x0) (async)
sendmsg$kcm(r2, &(0x7f0000000180)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000000040)=[{&(0x7f00000000c0)="27050200340f14000600002fb96dbcf70606000017000000", 0x18}], 0x1}, 0x9cdc2384256b08bc)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x111, 0x9}}, 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={&(0x7f0000000580)="72b47309f90e8cd1de4caccc8ac4be4bbed6a9d8af74231ef160546891dc57c6036301bf877c2f9be8033cc54d844d88305335321b423cb6bbefa639998f1de1ef24c8c1f56700b02abc0f33828ade0766f30449d4b84eb764c62283c57a9fbbc36deb6b302304b1e8a43d14367fb9c91e944a5281383869418d8b3788fc80f515f2a640c7cc010754baa7bad99591a36d33bd26947f5d207c99fe32d3bf0ac506969eee0683616429c2e17a3207601d96c019477a175cdfa6bc3247948196cf3b9a3e2a3017c2013e1960774b0a159c8511eee1faad0db8e0ee531a921f3a59caec3a9209faa2dcf6ccccbecd3a5594a5c94b34e66b6bf4df4a70038478998d6496c143ec6c179d4f69d281afc21032988c38ce828c172f996f73d222b0bf7a3a441038ae4feb83c794c1d8f58bdb5fb9313a95587f86159b601d93e0d5258bbfc2ac1e65b0b96246ef3fc5c82614284be462b1b81a12d93bb0fe917af012b254bf94c06350bd79e7802b024f6ae07cf63481964f95059ff56caffb0b8053add4bde42b5b22fa1ed8e2fac6ad690844581c5920076b038241573e50a67ad549c20b9ee61d27d42556cc06b5b4e9c480e01d9eba63e8d64cb5938a93acdbe8a18c474d3db47e2fbda9ecbe1c6844fc38a44e0a87ed230b8ce05d60f78f03a3b6901e98111af06a91d874fc6dce76eff09a055c579bf1aaaf273b29232774cad0a111af3fe78f43653cedfb4a7dfdb5f0f815b1226001d97202f5de4aa380ce7aa5acad1b24e8a406da19b6c6853d14bc6c601bf75ba35fd2eb79a300f7b675d06b178f672fe92d8ddafa84c21c3b18ac57c7bd0bde2719db572fff802bbe8187ddbeee5cbf44ebf126e77d8956393cd089fd984435876fafda3be9bddea631e3e0f8f409137f30eda23232fd7f590884000aef006e97d9b60e7e1c9355ca4bf76921de4e87081c2e3f508bc1da84813b3cc654739e6bde38ec7850cc3054a588edcb89cede6899bef1f3a7c11266a40736d699cf76ece8714a35244718e939122b4a8fd154ee2b604788183a8d20a611ea4d442c917710e62bd6a6cf2cd93cf58639f463dbfc55d47108b65b2b87926191ba582a56446ee9226e358fcb13ccf08a363fe1392302188b636c2a54b81d548c948ea8c831a185f42e3448e5c096dfa8a6f224f1fd80559eb837713a4c4a1a9ab74c76d29ade0cd84bfe083bb5c87c43190aa978f5c468452ab1ae433bf01a14168d70e8d67484609ab9a03a16b377159a354793200b36439b14df48ba06ea141a8d4c889994cb4dbfc512d2a4e4c746ac2955b027f91fa64e43e5ba6af397dccbd296699ae157de3ee205b1ec37d6fbd187b8c45ce4c5b9187b9f3610d09cbc6f61d863e4078f2ba1eeb341661379c51a02f4f2710bc05345fbd1b1202d922e856a973d58716cb786d8beb4626a681d89336253659d67b3318c5bb9f0591c1325f4584bb2480b68fc9b623714281ea8def80ca8860218d6e08a9dd3c84c703f95be2d0544b0e375ec5afc2df76fad7324a5a89833c37af9f09b03bfd5b031e505fd8e159bada790c8dc5ee6051deb2b49f6340616ff1afad3957b05f1a5c091f53b6baa5168c75d2374542e12b696c6c132b1598ddd4f9e16603edd4ed21fd7309191ebf3f2f6b0e79b0c95be8b7102a481bc35b6276ec6d282e14dea513b8f04b8077cc902514ea5ce6fa33cf2d156ca2791db558b073f5cc7383eeebcc0d39415bc40340bbf01a2d55a4568f4b094b078745894d1a9c15d9e6e0c4aeb1383b51a708bcb271a3e70d8519cfc1896b30cd3f29f5a86b1bd4347b343369da72e72fcd1cd329d89e004fdbcaf5e7847e79cf3d3c0e5713afe0fbdaec8dc1b5ff541ae6ef990f74c4dfa28a3860dda78bbce66131b30a4f76b8d26e81cd30959fab8513720a919ef50a0c0c7dcfbca376ad968d98a6b701eb0462307e67866aea684734d7974ff21882f62618fd2e230f6d1d6748fad69f32aca4ec90c4b66422b5469fae3fa12d17dd35f45ff742e7bc6ca55828e6b4891afe858d558dfd926294f1b545614c3ffbac4dabd97156795549aae31fd4132477cff5312ab945606e8e33b10684fdaeba1f8fc014ff265d15b09dba9dd4b6b4e5a16821e154c5209cb21fd010eec601f6987707112f11232c0ac0acb9785eace68825593bc8f94f56285a33c8d80b265ef9f48f99f7a0c9878b62ac12db2f857a15ba434cc80fb35b7497557b7c7749cdbecc3ff14db55e079f836a0df05504a9148cbd9c3b49f09fd2666a36b8d9d5c7e434bda4a863c26e32e1aa59cbd10cd21dcfb7ab83618de5c5f32b38bd376d81b4ba95b1c0e970e8d9e911cd37b8dd50213cc3629dc4221c5b4fedcb94090dfdf85c67bc07cf8d967d1fd022da7740cc218d61e1aafa51380c4586b1e3c13d9598b473edb76cb05701f83216a562ebdd24f40e0ae3dd6f98a900558836508906bf1538224622b1dc81a95959d459e79020237da5021123d02ec9ac79dd0421b36f62217dda0bd55ad4ddd33b7355b26f1eb69be5c642da13679b386949ad7397337f2f9cfae61eac08a177e921888f1c1b6d887e85c3bdf2d8e726bf53971f9fa77b6ea9cc1308fe62fbdceeb897136fa795ad04900efd8959468c26b071f8fbb6a9a67d6dc4b5316d01805fef13e5b9fc6f68f10e82e6b98dfffe7d73a47f0d11f99abd9307d007b5032f299fc0d74e8d8fa7237376d8d503c0d8baccac8dacf2ab653440454fdf02cc81a0c5e38fb6c056de34fc9d6f392b9081dab4796c5ac83e0b219e5e710ece89de2d68e5bc31f7d932db74125718ae46dfd966a78b7ec35b0d0b2916ecdcb60049506ed58325bb9ba60ce8ba456723214798fb0171b4c6147364e7e9dd807576f2933e561f1038ecc7bf7b6c7e7a5c8a134477b3515ebcca800d4c3f9823be4aab0c7c7e25438c7499d8d26b549cefb9a80ce6c042ae9bdb8277a4d2e96e8083850b66088cc0f7c96cb36efcafcb1e330cbba4ca9dabd6beb6dc15c32af84a05f004856d5871211fe56f76ad1add9ba0da686b0562dfae8bf96091c81a621c3a12d9acf91e94c7653652bd4663549f1a7e9ba0e99e861abd70f4e8c18e78586dced90fd155a229b047908e30d512456d033a7aabab63fb8e0b86a8cf0b921ac5ea4dbbc15b7a2a8fd98e931c343701e9c29b64d67760fc9d9af3b4e4fb3101c004078233f7acab96cd9acf5b23482c93cbed596cc38b721357addc7650c287034422004bcda34237f62e6f4911d9c60c28e6546bebb7d4acda7f1c2bc370629e90c8a753808642cac573eaabd8312413d2d15d0574e458c496dffb9447d63649138c66ce5062c219808498c8b308383d0d520f87cbec23294736cf44577498f17e80116729ac5262947d2effd68283826f49b1f8f48be040acd0459559137f038a0be0ea117e4d370a7f345fcae35942e97670cc98c600260f0275b644d6407bf93722b459462bc7c210f3d65ae7bee4948f4af8cd0c4bd03da56533724223d5bce25e5055a7c3547f0a098f78899219436df22ade7d73b53d6c967313f93a2113526c3c14f4e0a3b10e7a9db9fef1ea7ad0a41fd0fa5800db0dd00f3a2604ae3491c0d91393e25058444b3baf7c5308de08ab7c9695e15d69948cd057e053a43991dc00ade39107785e81734461b73268076032c243e15fc5fe8ac7788e417d6431a6e03b208ffed17f8a410b7b078dd20e8de8832687358e787e6659388f2ac03bb82ea7f4d8fad8b2a33dbea40eac35e63362b5e676e27fd0bcb71394cd3e9eebb7e73c81008a298f4baa2248dd271060cc3388bd59cfbebf522dbe5b76de4e4f7efd8d908f7ce96e0f157153195d379df1b0602004d2a3e7d41edea4edbee919fc9379ee2c213fb45270010de30e3e27e7c1200433ccc510d213f194b3a4f2e06700bf95d2aa17eab309c7b303b8ccc44bfac23fa26198a9dff916126cc0b38aa209b20aaaafa1594eb5217f9317d8af4d7c4d1f11edd6f10346cdba323d5689d9f6f6c125badbfca0c10759da263f9e684361aa713c0b3d438ca45621cb49fa3b67ef7ddaaeea8559be0f95221d5acd9e7a7bbd43d79cade5db13827e5bbfe25a4b8bd55e7d63edc190402f34a81124a793e67c91b369f4de66be2132af74ed49c3f908a14c665a8c84f837a8901ffbf13ccb9555975a251393806881e0a3773f2ca65ac6da5457881535e68874304dd73ad9b0b9d6b3b8a2568a0a4487ed49052b6cc292a95fc2d7baa162275cf8ab12f12f6a3ec9018549bb9380117d0a1f02093f6d4b3e4bf960ad074ad79d1b63acffc6cfcbd1bc8da0f7d0082efcffef889540fdf774828c802ae0c4f7014ffe837f160ddae855068cb10755455ffa270f9314107390f7e0808bd05fd375ab48a4a8646a765327726fc4ba418aed889bda7d38524e323a75db0d8ba630ac9bfe0a0c52377eb5bcca9483e4144366af2ba6b20e5e0d9c1be7e99557669b4c545b5ef0e16d22b811e0be1970a3c36e49ed25558777841a01fb6822d875539aa6e5101c07da58773af121f51339b51cd1c6dc2c6d4b843716e4661f0e87e663ff215fb2432d905552d2cdd14db51158bfe86c8f3fb2ab928956f650fa98b68a6e10bbbb11e3a5127a0c79eb4f6e90c648b0825f723fe458485d2f7bf470b721ddd6429ab6993cf9fd9e271ef87e2915ec9a513a90563cb53fbb93225ae965569af1afe8c555c09b5c66ab5edfce83d02b4c91fd6d323f0a9ca7869dceea537377e1e82fa757dd38a1d9f4721083f4c6660259643e37149e4dda7c2777be0a47b1c4969cbceac3d6ec1a7ee11ff866e4274df7bc170ce7200efb8fc603872c1c15ec97e3c1204bd49d2f3ea75f89a3e1d62e4255b207280ea4b2a1c5734ac9f30ca22096f008a38f5745781c790a40ad94d24cff89e279430c94bf319a35471fea603147d9a12320e50ccf89917cd3a646597cdb97a1aaf43314630df0726d228d578c530bd166158767cda4723d483b77a7d4a4c3c3201b7d06917222f80ea0b239fd5de4d7c73e7d6be0afd486615a991cf2f8f58d73914175a35d0580f25963b3c53aeb5a2ce06dd2022d3caf6142af902d1cab57ff106e24114cc0f72b7c8b3e3dc1679bfb308fe6632a2dd0576d9289eb279ce296193202770bcce821102a030220240a08c11bfed24c3f96bb0a373a59e78ab45f56636c455fb606f9b6e2aabd1db9e1f53c269bbc871b58d72643158fbbf444b133c51dbb1ef7230f4f2a7ad6b6b0386a5f7114876c16fe38429ed72f68f93e4aee05224303b2b9a6dc9b9eeeaf370898361da1289355ddabf63b81224fa5d74d4f08ce9216e02cc937f1954a6e48ba59bce4f12dd3a1c3e0a71fb2ad03da8feb6810ef8aa629d5d7ef1087b3ec8f2c4a5b1c9f0ba4abd804e0679e565aa9691eee22e37aef27caea608be8df461685d2c6641f46e10226e9a231d04304ed96ecb64754330cc5f329df535b5b4ef0507a692cd81f60bb51bd643d1d9dbff14be4439dbf52679ad4f23533e52491c0d9dc83b759217f79e60e0daa7b4d927660bf488cbf112d3594fd460bd7131f3d5b4fbbbd1ecb152e39e714f384a82a4fe8fc81e3bd297b717edc4f083b452703d17d531db99fcb92fbe9655183ef04edc4c6b829fd3bff1a1135ea072573dc43bd152708740352fc299dce2a934b05bc1e28a7219d672c1a81f9b1e2d374f36fe1bbea6e4765e190941e9f6633eafc7570c90e7f86b6912e6bc6ed4930499d0c7e1f32bd990c03a06", &(0x7f0000001580)=""/4096, &(0x7f0000000240)="ddf087f46efcbd095e9f2e7ef40a8e6200bcc89f3eae26d1c6c0b6120ba08c466e7c17a05dac71d47637f5966f9be234ed643bc641e1508b54a0e2ea18738001f12107be77fbe5a3258ca027f9e2a6b8287c88a61af7e5f36ee0c3f9b5236de1a2f446b2df95aa637007c3f71c17fa628fca3512", &(0x7f00000002c0)="c4ddca6d79ce628f3ce772c7badefde5b8c1c49a6625331460fb64b298c6846d7574bc8ec7ed8f362e219a9eabf6584c55cb3c40c137853a4131ef695e2a70c396b95d52b6d14610d0e80a30388834dd3b969e5e08078d7a104f7a14a5f32ee248284f1a84cc7728f79382115710819566d14afe3491a3ceaab34efc04a22f6f2cd9f56be55b468a932db476c2465009ccebd47471efbbffcce46773e8ce8086f267385f9137072e88c07591b92c28cf95d49253362c604771d21417e5ef708aacf1b44166929a6c1fdcec1bbcd53a8bb228b11ed3f394b249f4b5c7b88867b63061a6daa6a0df48514eba6a6ad4", 0x3}, 0x38) (async)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0xfffe, 0x7, @private2}, {0xa, 0x0, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}, r8}}, 0x48)

413.186518ms ago: executing program 2 (id=1561):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @p_u8=&(0x7f0000000280)}})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={<r5=>0x0, @in6={{0xa, 0x4e22, 0x5, @empty, 0xf}}, 0xfffffff7, 0x200, 0x0, 0x126, 0xbc0}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000004c0)={<r6=>r5, 0x2, 0x2, 0x40, 0x4, 0x4}, &(0x7f0000000500)=0x14)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000440)={r6, 0x9}, 0x8)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x60c580)
r7 = socket(0x10, 0x80000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x4470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r9, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x44080)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000540)={<r10=>r5, 0xc1e}, &(0x7f00000005c0)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000600)={r10, 0x9, 0xfffb, 0x7, 0x0, 0xfff}, &(0x7f0000000640)=0x14)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x79, &(0x7f0000000680)=ANY=[@ANYBLOB="8c529f6f2e7bd4456f0780e0c491556892a270fee84e9ab6186532617749e9c1d7aa949289c666da5833d4c0331862336dac112f01d5491c53db7007938f5b93c68cee5fe53127e4639db517004de7a63c2c4e4ac0cac82764d3499b808b6aa95b4a7619296e5727055682822525abb8bb2392546f7f3d86", @ANYRESHEX=r0], 0x8)

328.854729ms ago: executing program 3 (id=1562):
r0 = socket$netlink(0x10, 0x3, 0x0)
close(r0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x2}]}}}]}, 0x3c}}, 0x0)

0s ago: executing program 3 (id=1563):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, 0x0, 0x4004000)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="ffffffd9000000f32c00128009000100626f6e64000000001c000280080007003b"], 0x4c}}, 0x0)

kernel console output (not intermixed with test programs):

ch=c000003e syscall=293 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  436.509638][   T30] audit: type=1326 audit(1747712223.728:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10461 comm="syz.0.1297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  436.957730][ T5888] vhci_hcd: vhci_device speed not set
[  437.421443][ T5893] usb 5-1: USB disconnect, device number 79
[  438.187713][ T5893] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  438.298985][T10485] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.323315][T10488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1301'.
[  438.333316][T10488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1301'.
[  438.342489][ T5893] usb 5-1: device descriptor read/64, error -71
[  438.349372][T10488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1301'.
[  438.448759][T10485] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.577623][ T5893] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  438.608324][   T24] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  438.643404][T10495] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1304'.
[  438.717746][ T5893] usb 5-1: device descriptor read/64, error -71
[  438.747675][   T24] usb 2-1: device descriptor read/64, error -71
[  438.850922][ T5893] usb usb5-port1: attempt power cycle
[  438.987666][   T24] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  439.117639][   T24] usb 2-1: device descriptor read/64, error -71
[  439.208242][ T5893] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  439.228104][   T24] usb usb2-port1: attempt power cycle
[  439.244849][ T5893] usb 5-1: device descriptor read/8, error -71
[  439.487694][ T5893] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  439.529901][ T5893] usb 5-1: device descriptor read/8, error -71
[  439.537663][ T5889] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  439.567558][   T24] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  439.613210][   T24] usb 2-1: device descriptor read/8, error -71
[  439.649237][ T5893] usb usb5-port1: unable to enumerate USB device
[  439.664799][T10503] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1307'.
[  439.677550][ T5889] usb 3-1: device descriptor read/64, error -71
[  439.734874][T10505] program syz.3.1308 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  439.857563][   T24] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  439.873440][T10505] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1308'.
[  439.883986][   T24] usb 2-1: device descriptor read/8, error -71
[  439.892796][T10505] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1308'.
[  439.917600][ T5889] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  440.007976][   T24] usb usb2-port1: unable to enumerate USB device
[  440.047699][ T5889] usb 3-1: device descriptor read/64, error -71
[  440.160660][ T5889] usb usb3-port1: attempt power cycle
[  440.362568][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  440.369314][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  440.519481][ T5889] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  440.568996][ T5889] usb 3-1: device descriptor read/8, error -71
[  440.827689][ T5889] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  440.869382][ T5889] usb 3-1: device descriptor read/8, error -71
[  440.990477][ T5889] usb usb3-port1: unable to enumerate USB device
[  441.151138][ T6861] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.258253][   T24] usb 4-1: new full-speed USB device number 54 using dummy_hcd
[  441.273008][ T6861] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.403332][ T6861] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.428041][   T24] usb 4-1: device descriptor read/64, error -71
[  441.545729][ T6861] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.667640][   T24] usb 4-1: new full-speed USB device number 55 using dummy_hcd
[  441.833021][   T24] usb 4-1: device descriptor read/64, error -71
[  441.857850][ T6861] bridge_slave_1: left allmulticast mode
[  441.881428][ T6861] bridge_slave_1: left promiscuous mode
[  441.888850][ T6861] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.953338][ T6861] bridge_slave_0: left allmulticast mode
[  441.968978][ T6861] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.977780][   T24] usb usb4-port1: attempt power cycle
[  442.069862][ T5829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  442.085813][ T5829] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  442.097251][ T5829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  442.109419][ T5829] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  442.123503][ T5829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  442.158807][   T30] kauditd_printk_skb: 274 callbacks suppressed
[  442.158823][   T30] audit: type=1800 audit(1747712230.148:2616): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1317" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  442.274579][T10536] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1318'.
[  442.298333][T10532] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1317'.
[  442.312358][T10532] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1317'.
[  442.322251][T10532] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1317'.
[  442.478733][   T24] usb 4-1: new full-speed USB device number 56 using dummy_hcd
[  442.558415][   T24] usb 4-1: device descriptor read/8, error -71
[  442.810035][   T24] usb 4-1: new full-speed USB device number 57 using dummy_hcd
[  442.839516][   T24] usb 4-1: device descriptor read/8, error -71
[  442.950627][   T24] usb usb4-port1: unable to enumerate USB device
[  444.106348][T10556] program syz.3.1321 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  444.200215][ T5833] Bluetooth: hci3: command tx timeout
[  444.352221][   T30] audit: type=1326 audit(1747712232.338:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.440767][ T6861] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  444.468252][   T30] audit: type=1326 audit(1747712232.338:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.494341][   T30] audit: type=1326 audit(1747712232.338:2619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.521912][ T6861] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  444.538575][   T30] audit: type=1326 audit(1747712232.338:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.565465][   T30] audit: type=1326 audit(1747712232.338:2621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.570195][ T6861] bond0 (unregistering): Released all slaves
[  444.588701][   T30] audit: type=1326 audit(1747712232.338:2622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.651782][   T30] audit: type=1326 audit(1747712232.338:2623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.898095][   T30] audit: type=1326 audit(1747712232.338:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.943976][   T30] audit: type=1326 audit(1747712232.338:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  444.993027][T10559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1321'.
[  445.007032][T10559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1321'.
[  445.371737][T10574] loop2: detected capacity change from 0 to 7
[  445.382097][ T5910]  loop2: p1
[  445.385393][ T5910] loop2: partition table partially beyond EOD, truncated
[  445.394857][ T5910] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  445.511577][T10574]  loop2: p1
[  445.521789][T10574] loop2: partition table partially beyond EOD, truncated
[  445.568115][T10574] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  445.699650][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  445.825072][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  445.943158][ T6861] hsr_slave_0: left promiscuous mode
[  445.989700][ T6861] hsr_slave_1: left promiscuous mode
[  446.063216][ T6861] veth1_macvtap: left promiscuous mode
[  446.094581][ T6861] veth0_macvtap: left promiscuous mode
[  446.119323][ T6861] veth1_vlan: left promiscuous mode
[  446.187863][ T6861] veth0_vlan: left promiscuous mode
[  446.278140][ T5833] Bluetooth: hci3: command tx timeout
[  446.447643][ T5893] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  446.580953][T10608] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1329'.
[  446.595339][T10608] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1329'.
[  446.606439][T10608] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1329'.
[  446.717843][ T6861] pim6reg9 (unregistering): left allmulticast mode
[  446.725945][ T5893] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  446.846316][ T5893] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  446.855866][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.883425][ T5893] usb 3-1: Product: syz
[  446.933162][ T5893] usb 3-1: Manufacturer: syz
[  446.955604][ T5893] usb 3-1: SerialNumber: syz
[  447.272959][ T5893] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 66 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  447.384361][ T5893] usb 3-1: USB disconnect, device number 66
[  447.427529][ T5890] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  447.450152][ T5893] usblp0: removed
[  447.672634][ T5890] usb 4-1: Using ep0 maxpacket: 16
[  447.687284][ T5890] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.734276][ T5890] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.776571][ T5890] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  447.819533][ T5890] usb 4-1: config 0 interface 0 has no altsetting 0
[  447.827727][ T5890] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  447.856664][ T5890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.900180][ T5890] usb 4-1: config 0 descriptor??
[  448.330798][ T5890] hid-generic 0003:045E:05DA.000F: unknown main item tag 0x0
[  448.362035][ T5833] Bluetooth: hci3: command tx timeout
[  448.375127][ T5890] hid-generic 0003:045E:05DA.000F: unknown main item tag 0x0
[  448.400317][ T5890] hid-generic 0003:045E:05DA.000F: unknown main item tag 0x0
[  448.416002][T10620] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1332'.
[  448.455228][ T5890] hid-generic 0003:045E:05DA.000F: unknown main item tag 0x0
[  448.525707][ T5890] hid-generic 0003:045E:05DA.000F: unknown main item tag 0x0
[  448.539904][ T5890] hid-generic 0003:045E:05DA.000F: unknown main item tag 0x0
[  448.552054][ T5890] hid-generic 0003:045E:05DA.000F: unbalanced collection at end of report description
[  448.579351][ T5890] hid-generic 0003:045E:05DA.000F: probe with driver hid-generic failed with error -22
[  448.864611][ T6861] team0 (unregistering): Port device team_slave_1 removed
[  449.001306][ T6861] team0 (unregistering): Port device team_slave_0 removed
[  449.400770][   T30] kauditd_printk_skb: 103 callbacks suppressed
[  449.400790][   T30] audit: type=1326 audit(1747712237.378:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.470545][   T30] audit: type=1326 audit(1747712237.378:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.510331][   T30] audit: type=1326 audit(1747712237.378:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.534333][   T30] audit: type=1326 audit(1747712237.378:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.562538][   T30] audit: type=1326 audit(1747712237.378:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.610998][   T30] audit: type=1326 audit(1747712237.388:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.652590][   T30] audit: type=1326 audit(1747712237.388:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.690522][   T30] audit: type=1326 audit(1747712237.388:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.733995][   T30] audit: type=1326 audit(1747712237.388:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  449.770871][   T30] audit: type=1326 audit(1747712237.388:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10623 comm="syz.2.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  450.148087][   T24] usb 4-1: USB disconnect, device number 58
[  450.437838][ T5833] Bluetooth: hci3: command tx timeout
[  450.884732][ T6861] IPVS: stop unused estimator thread 0...
[  451.091940][T10533] chnl_net:caif_netlink_parms(): no params data found
[  451.110345][ T5890] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  451.299568][ T5890] usb 3-1: Using ep0 maxpacket: 32
[  451.413166][ T5890] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=66.3d
[  451.570642][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.613632][ T5890] usb 3-1: config 0 descriptor??
[  451.702010][ T5890] cx82310_eth 3-1:0.0: probe with driver cx82310_eth failed with error -22
[  451.990294][ T5890] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  452.383735][T10533] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.509550][T10533] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.537272][T10533] bridge_slave_0: entered allmulticast mode
[  452.559679][T10533] bridge_slave_0: entered promiscuous mode
[  452.612709][T10533] bridge0: port 2(bridge_slave_1) entered blocking state
[  452.657863][T10533] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.665192][T10533] bridge_slave_1: entered allmulticast mode
[  452.730449][T10533] bridge_slave_1: entered promiscuous mode
[  453.026113][ T5890] usb 3-1: USB disconnect, device number 67
[  453.193047][T10533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  453.265755][T10533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.611211][T10533] team0: Port device team_slave_0 added
[  453.757788][ T5893] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  453.770907][T10533] team0: Port device team_slave_1 added
[  453.792747][T10693] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1345'.
[  453.909388][T10533] batman_adv: batadv0: Adding interface: batadv_slave_0
[  453.921275][T10696] netlink: 412 bytes leftover after parsing attributes in process `syz.2.1346'.
[  453.935176][T10533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  453.977676][ T5893] usb 4-1: Using ep0 maxpacket: 32
[  453.994143][T10533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  454.013934][ T5893] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  454.025330][T10533] batman_adv: batadv0: Adding interface: batadv_slave_1
[  454.036900][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.045577][T10533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  454.072663][T10533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  454.083548][ T5893] usb 4-1: config 0 descriptor??
[  454.114500][T10696] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1346'.
[  454.273768][T10697] netlink: 'syz.0.1343': attribute type 10 has an invalid length.
[  454.294349][ T5893] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  454.306757][ T5893] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  454.318400][ T5893] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  454.326077][ T5893] usb 4-1: media controller created
[  454.420708][ T5893] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  454.430725][   T30] kauditd_printk_skb: 242 callbacks suppressed
[  454.430742][   T30] audit: type=1326 audit(1747712242.398:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e82385927 code=0x7ffc0000
[  454.604657][   T30] audit: type=1326 audit(1747712242.398:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8232ab39 code=0x7ffc0000
[  454.638938][T10697] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  454.641068][T10705] loop6: detected capacity change from 0 to 63
[  454.666225][T10690] binder: 10688:10690 ioctl c0306201 0 returned -14
[  454.674534][T10690] binder: 10688:10690 ioctl 4018620d 0 returned -22
[  454.698332][   T30] audit: type=1326 audit(1747712242.398:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f1e8238e969 code=0x7ffc0000
[  454.741696][   T30] audit: type=1326 audit(1747712242.418:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e82385927 code=0x7ffc0000
[  454.786255][   T30] audit: type=1326 audit(1747712242.418:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8232ab39 code=0x7ffc0000
[  454.813505][T10697] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  454.916802][   T30] audit: type=1326 audit(1747712242.418:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f1e8238e969 code=0x7ffc0000
[  454.917939][ T5893] az6027: usb out operation failed. (-71)
[  454.939813][   T30] audit: type=1326 audit(1747712242.418:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e82385927 code=0x7ffc0000
[  454.967672][   T30] audit: type=1326 audit(1747712242.418:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8232ab39 code=0x7ffc0000
[  454.990143][   T30] audit: type=1326 audit(1747712242.418:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f1e8238e969 code=0x7ffc0000
[  455.028656][   T30] audit: type=1326 audit(1747712242.428:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.1.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e82385927 code=0x7ffc0000
[  455.251293][ T5893] az6027: usb out operation failed. (-71)
[  455.257185][ T5893] stb0899_attach: Driver disabled by Kconfig
[  455.279136][ T5893] az6027: no front-end attached
[  455.279136][ T5893] 
[  455.319539][ T5893] az6027: usb out operation failed. (-71)
[  455.325498][ T5893] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  455.403987][T10533] hsr_slave_0: entered promiscuous mode
[  455.433989][ T5893] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input28
[  455.459593][ T5893] dvb-usb: schedule remote query interval to 400 msecs.
[  455.466607][ T5893] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  455.481534][ T5893] usb 4-1: USB disconnect, device number 59
[  455.495803][T10533] hsr_slave_1: entered promiscuous mode
[  455.737672][ T5821] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  455.789131][ T5893] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  455.930314][ T5821] usb 2-1: config index 0 descriptor too short (expected 8192, got 77)
[  455.942985][ T5821] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  455.983652][T10718] loop2: detected capacity change from 0 to 7
[  455.990774][ T5821] usb 2-1: config 0 has no interfaces?
[  456.042443][T10718]  loop2: p1
[  456.045792][T10718] loop2: partition table partially beyond EOD, truncated
[  456.171424][T10718] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  456.294136][ T5821] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  456.337758][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.345817][ T5821] usb 2-1: Product: syz
[  456.378110][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  456.422305][ T5821] usb 2-1: Manufacturer: syz
[  456.426978][ T5821] usb 2-1: SerialNumber: syz
[  456.548931][ T5821] usb 2-1: config 0 descriptor??
[  457.123650][T10533] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  457.175811][T10533] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  457.295206][T10533] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  457.337238][T10533] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  457.599669][T10744] FAULT_INJECTION: forcing a failure.
[  457.599669][T10744] name failslab, interval 1, probability 0, space 0, times 0
[  457.632192][T10744] CPU: 1 UID: 0 PID: 10744 Comm: syz.0.1355 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  457.632222][T10744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  457.632235][T10744] Call Trace:
[  457.632244][T10744]  <TASK>
[  457.632253][T10744]  dump_stack_lvl+0x189/0x250
[  457.632292][T10744]  ? __pfx_dump_stack_lvl+0x10/0x10
[  457.632321][T10744]  ? __pfx__printk+0x10/0x10
[  457.632348][T10744]  ? __pfx___might_resched+0x10/0x10
[  457.632367][T10744]  ? fs_reclaim_acquire+0x7d/0x100
[  457.632404][T10744]  should_fail_ex+0x414/0x560
[  457.632432][T10744]  should_failslab+0xa8/0x100
[  457.632462][T10744]  __kmalloc_noprof+0xcb/0x4f0
[  457.632487][T10744]  ? kfree+0x4d/0x440
[  457.632508][T10744]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  457.632541][T10744]  tomoyo_realpath_from_path+0xe3/0x5d0
[  457.632571][T10744]  ? tomoyo_domain+0xda/0x130
[  457.632604][T10744]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  457.632625][T10744]  tomoyo_path_number_perm+0x1e8/0x5a0
[  457.632650][T10744]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  457.632691][T10744]  ? __lock_acquire+0xaac/0xd20
[  457.632741][T10744]  ? __fget_files+0x2a/0x420
[  457.632773][T10744]  ? __fget_files+0x3a0/0x420
[  457.632799][T10744]  ? __fget_files+0x2a/0x420
[  457.632830][T10744]  security_file_ioctl+0xcb/0x2d0
[  457.632853][T10744]  __se_sys_ioctl+0x47/0x170
[  457.632883][T10744]  do_syscall_64+0xf6/0x210
[  457.632918][T10744]  ? clear_bhb_loop+0x60/0xb0
[  457.632945][T10744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.632964][T10744] RIP: 0033:0x7f5214b8e969
[  457.632983][T10744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.632999][T10744] RSP: 002b:00007f52159eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  457.633020][T10744] RAX: ffffffffffffffda RBX: 00007f5214db6080 RCX: 00007f5214b8e969
[  457.633035][T10744] RDX: 0000200000000000 RSI: 000000000000127f RDI: 0000000000000005
[  457.633048][T10744] RBP: 00007f52159eb090 R08: 0000000000000000 R09: 0000000000000000
[  457.633060][T10744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  457.633072][T10744] R13: 0000000000000000 R14: 00007f5214db6080 R15: 00007f5214edfa28
[  457.633103][T10744]  </TASK>
[  457.634470][T10744] ERROR: Out of memory at tomoyo_realpath_from_path.
[  457.649512][ T7606] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.045904][ T7606] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.252431][ T7606] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.614740][ T5821] usb 2-1: USB disconnect, device number 63
[  458.714940][ T7606] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.995418][T10533] 8021q: adding VLAN 0 to HW filter on device bond0
[  459.074738][T10533] 8021q: adding VLAN 0 to HW filter on device team0
[  459.438048][ T7610] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.445227][ T7610] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.553706][ T7610] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.560972][ T7610] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.628177][ T5829] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  459.641459][ T5829] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  459.650757][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  459.662317][ T5829] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  459.683019][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  459.688473][T10769] FAULT_INJECTION: forcing a failure.
[  459.688473][T10769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.718200][T10769] CPU: 1 UID: 0 PID: 10769 Comm: syz.1.1361 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  459.718228][T10769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  459.718241][T10769] Call Trace:
[  459.718249][T10769]  <TASK>
[  459.718257][T10769]  dump_stack_lvl+0x189/0x250
[  459.718289][T10769]  ? __lock_acquire+0xaac/0xd20
[  459.718321][T10769]  ? __pfx_dump_stack_lvl+0x10/0x10
[  459.718368][T10769]  ? __pfx__printk+0x10/0x10
[  459.718388][T10769]  ? __might_fault+0xb0/0x130
[  459.718424][T10769]  should_fail_ex+0x414/0x560
[  459.718452][T10769]  _copy_from_iter+0x1db/0x15a0
[  459.718486][T10769]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  459.718532][T10769]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  459.718561][T10769]  ? __pfx__copy_from_iter+0x10/0x10
[  459.718589][T10769]  ? __build_skb_around+0x257/0x3e0
[  459.718620][T10769]  ? netlink_sendmsg+0x642/0xb30
[  459.718643][T10769]  ? skb_put+0x11b/0x210
[  459.718673][T10769]  netlink_sendmsg+0x6b2/0xb30
[  459.718708][T10769]  ? __pfx_netlink_sendmsg+0x10/0x10
[  459.718736][T10769]  ? aa_sock_msg_perm+0x94/0x160
[  459.718762][T10769]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  459.718785][T10769]  ? __pfx_netlink_sendmsg+0x10/0x10
[  459.718811][T10769]  __sock_sendmsg+0x219/0x270
[  459.718836][T10769]  ____sys_sendmsg+0x505/0x830
[  459.718871][T10769]  ? __pfx_____sys_sendmsg+0x10/0x10
[  459.718909][T10769]  ? import_iovec+0x74/0xa0
[  459.718940][T10769]  ___sys_sendmsg+0x21f/0x2a0
[  459.718972][T10769]  ? __pfx____sys_sendmsg+0x10/0x10
[  459.719039][T10769]  ? __fget_files+0x2a/0x420
[  459.719065][T10769]  ? __fget_files+0x3a0/0x420
[  459.719103][T10769]  __x64_sys_sendmsg+0x19b/0x260
[  459.719135][T10769]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  459.719183][T10769]  ? do_syscall_64+0xba/0x210
[  459.719215][T10769]  do_syscall_64+0xf6/0x210
[  459.719241][T10769]  ? clear_bhb_loop+0x60/0xb0
[  459.719262][T10769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.719278][T10769] RIP: 0033:0x7f1e8238e969
[  459.719293][T10769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  459.719308][T10769] RSP: 002b:00007f1e831b2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  459.719328][T10769] RAX: ffffffffffffffda RBX: 00007f1e825b6160 RCX: 00007f1e8238e969
[  459.719343][T10769] RDX: 0000000000000000 RSI: 0000200000006040 RDI: 0000000000000004
[  459.719355][T10769] RBP: 00007f1e831b2090 R08: 0000000000000000 R09: 0000000000000000
[  459.719367][T10769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  459.719378][T10769] R13: 0000000000000001 R14: 00007f1e825b6160 R15: 00007f1e826dfa28
[  459.719407][T10769]  </TASK>
[  460.065802][T10533] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  460.076531][T10533] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  460.111740][T10533] 8021q: adding VLAN 0 to HW filter on device batadv0
[  460.165541][ T7606] bridge_slave_1: left allmulticast mode
[  460.171731][ T7606] bridge_slave_1: left promiscuous mode
[  460.182056][ T7606] bridge0: port 2(bridge_slave_1) entered disabled state
[  460.210072][ T7606] bridge_slave_0: left allmulticast mode
[  460.262572][ T7606] bridge_slave_0: left promiscuous mode
[  460.273259][ T7606] bridge0: port 1(bridge_slave_0) entered disabled state
[  460.747559][ T5893] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  460.859626][T10794] netlink: 2004 bytes leftover after parsing attributes in process `syz.1.1365'.
[  460.917579][ T5893] usb 3-1: Using ep0 maxpacket: 8
[  460.924657][ T5893] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  460.932967][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  460.945748][ T5893] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  460.957822][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  460.969123][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  460.981699][ T5893] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  460.989420][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  461.000892][ T5893] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  461.012908][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  461.024527][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  461.041106][ T5893] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  461.049959][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  461.061426][ T5893] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  461.073354][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  461.084940][ T5893] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  461.101376][ T5893] usb 3-1: string descriptor 0 read error: -22
[  461.108140][ T5893] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  461.117369][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.142428][ T5893] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  461.366217][ T7606] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  461.388264][ T7606] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  461.399424][ T7606] bond0 (unregistering): Released all slaves
[  461.668756][T10804] FAULT_INJECTION: forcing a failure.
[  461.668756][T10804] name failslab, interval 1, probability 0, space 0, times 0
[  461.687274][T10804] CPU: 0 UID: 0 PID: 10804 Comm: syz.0.1367 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  461.687304][T10804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  461.687318][T10804] Call Trace:
[  461.687326][T10804]  <TASK>
[  461.687335][T10804]  dump_stack_lvl+0x189/0x250
[  461.687373][T10804]  ? __pfx_dump_stack_lvl+0x10/0x10
[  461.687407][T10804]  ? __pfx__printk+0x10/0x10
[  461.687430][T10804]  ? __pfx___might_resched+0x10/0x10
[  461.687449][T10804]  ? fs_reclaim_acquire+0x7d/0x100
[  461.687484][T10804]  should_fail_ex+0x414/0x560
[  461.687512][T10804]  should_failslab+0xa8/0x100
[  461.687550][T10804]  __kmalloc_noprof+0xcb/0x4f0
[  461.687575][T10804]  ? tomoyo_encode+0x28b/0x550
[  461.687607][T10804]  tomoyo_encode+0x28b/0x550
[  461.687639][T10804]  tomoyo_realpath_from_path+0x58d/0x5d0
[  461.687678][T10804]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  461.687701][T10804]  tomoyo_path_number_perm+0x1e8/0x5a0
[  461.687726][T10804]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  461.687765][T10804]  ? __lock_acquire+0xaac/0xd20
[  461.687814][T10804]  ? __fget_files+0x2a/0x420
[  461.687848][T10804]  ? __fget_files+0x3a0/0x420
[  461.687873][T10804]  ? __fget_files+0x2a/0x420
[  461.687905][T10804]  security_file_ioctl+0xcb/0x2d0
[  461.687928][T10804]  __se_sys_ioctl+0x47/0x170
[  461.687953][T10804]  do_syscall_64+0xf6/0x210
[  461.687983][T10804]  ? clear_bhb_loop+0x60/0xb0
[  461.688008][T10804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.688028][T10804] RIP: 0033:0x7f5214b8e969
[  461.688046][T10804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  461.688064][T10804] RSP: 002b:00007f52159ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  461.688085][T10804] RAX: ffffffffffffffda RBX: 00007f5214db6160 RCX: 00007f5214b8e969
[  461.688100][T10804] RDX: 0000200000000000 RSI: 000000000000127f RDI: 0000000000000005
[  461.688113][T10804] RBP: 00007f52159ca090 R08: 0000000000000000 R09: 0000000000000000
[  461.688125][T10804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  461.688136][T10804] R13: 0000000000000001 R14: 00007f5214db6160 R15: 00007f5214edfa28
[  461.688167][T10804]  </TASK>
[  461.910358][T10804] ERROR: Out of memory at tomoyo_realpath_from_path.
[  462.038100][T10808] loop2: detected capacity change from 0 to 7
[  462.052458][ T5910]  loop2: p1
[  462.055738][ T5910] loop2: partition table partially beyond EOD, truncated
[  462.064296][T10533] veth0_vlan: entered promiscuous mode
[  462.068140][T10809] netlink: 'syz.1.1368': attribute type 1 has an invalid length.
[  462.079388][ T5910] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  462.124307][ T5829] Bluetooth: hci4: command tx timeout
[  462.144794][T10808]  loop2: p1
[  462.149516][T10808] loop2: partition table partially beyond EOD, truncated
[  462.159801][T10808] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  462.200903][T10809] 8021q: adding VLAN 0 to HW filter on device bond3
[  462.247103][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  462.286779][ T7606] hsr_slave_0: left promiscuous mode
[  462.316140][ T7606] hsr_slave_1: left promiscuous mode
[  462.331826][ T7606] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  462.345118][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  462.378802][ T7606] batman_adv: batadv0: Removing interface: batadv_slave_0
[  462.406633][ T7606] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  462.439976][ T7606] batman_adv: batadv0: Removing interface: batadv_slave_1
[  462.523267][ T7606] veth1_macvtap: left promiscuous mode
[  462.532306][ T7606] veth0_macvtap: left promiscuous mode
[  462.541360][ T7606] veth1_vlan: left promiscuous mode
[  462.556589][ T7606] veth0_vlan: left promiscuous mode
[  462.791967][T10832] FAULT_INJECTION: forcing a failure.
[  462.791967][T10832] name failslab, interval 1, probability 0, space 0, times 0
[  462.805339][T10832] CPU: 1 UID: 0 PID: 10832 Comm: syz.0.1372 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  462.805366][T10832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  462.805379][T10832] Call Trace:
[  462.805388][T10832]  <TASK>
[  462.805396][T10832]  dump_stack_lvl+0x189/0x250
[  462.805435][T10832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  462.805465][T10832]  ? __pfx__printk+0x10/0x10
[  462.805493][T10832]  ? ref_tracker_alloc+0x318/0x460
[  462.805519][T10832]  should_fail_ex+0x414/0x560
[  462.805546][T10832]  should_failslab+0xa8/0x100
[  462.805577][T10832]  kmem_cache_alloc_noprof+0x73/0x3c0
[  462.805602][T10832]  ? skb_clone+0x212/0x3a0
[  462.805638][T10832]  skb_clone+0x212/0x3a0
[  462.805672][T10832]  __netlink_deliver_tap+0x404/0x850
[  462.805712][T10832]  ? netlink_deliver_tap+0x2e/0x1b0
[  462.805739][T10832]  netlink_deliver_tap+0x19c/0x1b0
[  462.805765][T10832]  netlink_unicast+0x72f/0x8d0
[  462.805799][T10832]  netlink_sendmsg+0x805/0xb30
[  462.805835][T10832]  ? __pfx_netlink_sendmsg+0x10/0x10
[  462.805863][T10832]  ? aa_sock_msg_perm+0x94/0x160
[  462.805889][T10832]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  462.805913][T10832]  ? __pfx_netlink_sendmsg+0x10/0x10
[  462.805939][T10832]  __sock_sendmsg+0x219/0x270
[  462.805965][T10832]  ____sys_sendmsg+0x505/0x830
[  462.806000][T10832]  ? __pfx_____sys_sendmsg+0x10/0x10
[  462.806039][T10832]  ? import_iovec+0x74/0xa0
[  462.806072][T10832]  ___sys_sendmsg+0x21f/0x2a0
[  462.806104][T10832]  ? __pfx____sys_sendmsg+0x10/0x10
[  462.806174][T10832]  ? __fget_files+0x2a/0x420
[  462.806200][T10832]  ? __fget_files+0x3a0/0x420
[  462.806240][T10832]  __x64_sys_sendmsg+0x19b/0x260
[  462.806280][T10832]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  462.806328][T10832]  ? do_syscall_64+0xba/0x210
[  462.806361][T10832]  do_syscall_64+0xf6/0x210
[  462.806389][T10832]  ? clear_bhb_loop+0x60/0xb0
[  462.806415][T10832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  462.806435][T10832] RIP: 0033:0x7f5214b8e969
[  462.806453][T10832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  462.806470][T10832] RSP: 002b:00007f52159ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  462.806492][T10832] RAX: ffffffffffffffda RBX: 00007f5214db6160 RCX: 00007f5214b8e969
[  462.806507][T10832] RDX: 0000000000000000 RSI: 0000200000006040 RDI: 0000000000000004
[  462.806520][T10832] RBP: 00007f52159ca090 R08: 0000000000000000 R09: 0000000000000000
[  462.806532][T10832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  462.806544][T10832] R13: 0000000000000001 R14: 00007f5214db6160 R15: 00007f5214edfa28
[  462.806577][T10832]  </TASK>
[  463.407141][   T24] usb 3-1: USB disconnect, device number 68
[  463.522137][ T7606] team0 (unregistering): Port device team_slave_1 removed
[  463.572363][ T7606] team0 (unregistering): Port device team_slave_0 removed
[  464.081429][T10533] veth1_vlan: entered promiscuous mode
[  464.215330][ T5829] Bluetooth: hci4: command tx timeout
[  464.724834][T10533] veth0_macvtap: entered promiscuous mode
[  464.753431][T10533] veth1_macvtap: entered promiscuous mode
[  464.783189][ T7606] IPVS: stop unused estimator thread 0...
[  464.801699][T10533] batman_adv: batadv0: Interface activated: batadv_slave_0
[  464.826800][T10772] chnl_net:caif_netlink_parms(): no params data found
[  464.881072][T10533] batman_adv: batadv0: Interface activated: batadv_slave_1
[  465.156496][T10533] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  465.190143][T10533] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  465.205186][T10533] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  465.215434][T10533] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  465.719698][T10863] trusted_key: encrypted_key: insufficient parameters specified
[  465.747034][T10772] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.771243][T10772] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.792247][T10772] bridge_slave_0: entered allmulticast mode
[  465.820183][T10772] bridge_slave_0: entered promiscuous mode
[  465.842897][T10772] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.855196][T10772] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.866945][T10772] bridge_slave_1: entered allmulticast mode
[  465.881043][T10772] bridge_slave_1: entered promiscuous mode
[  465.893342][T10863] batadv_slave_1: entered promiscuous mode
[  466.081953][T10862] batadv_slave_1: left promiscuous mode
[  466.139635][T10772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  466.170314][T10772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  466.204576][ T7611] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.232755][ T7611] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.277709][ T5829] Bluetooth: hci4: command tx timeout
[  466.372457][T10772] team0: Port device team_slave_0 added
[  466.387139][ T7610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.408817][ T7610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.459763][T10772] team0: Port device team_slave_1 added
[  466.543112][T10772] batman_adv: batadv0: Adding interface: batadv_slave_0
[  466.565234][T10772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.603352][T10772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  466.632008][T10772] batman_adv: batadv0: Adding interface: batadv_slave_1
[  466.639164][T10772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.678744][T10772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  466.683564][   T30] kauditd_printk_skb: 65 callbacks suppressed
[  466.683584][   T30] audit: type=1326 audit(1747712254.668:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.718788][   T30] audit: type=1326 audit(1747712254.678:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.741544][   T30] audit: type=1326 audit(1747712254.678:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.764631][   T30] audit: type=1326 audit(1747712254.678:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.798934][   T30] audit: type=1326 audit(1747712254.678:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.825658][   T30] audit: type=1326 audit(1747712254.678:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.849718][   T30] audit: type=1326 audit(1747712254.678:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.885544][   T30] audit: type=1326 audit(1747712254.678:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.922739][   T30] audit: type=1326 audit(1747712254.678:3064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  466.947110][   T30] audit: type=1326 audit(1747712254.678:3065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10878 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  467.073086][T10772] hsr_slave_0: entered promiscuous mode
[  467.081240][T10772] hsr_slave_1: entered promiscuous mode
[  467.088867][T10772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  467.096500][T10772] Cannot create hsr debugfs directory
[  467.099913][T10886] loop2: detected capacity change from 0 to 7
[  467.127036][T10886]  loop2: p1
[  467.131842][T10886] loop2: partition table partially beyond EOD, truncated
[  467.141083][T10886] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  467.271990][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  467.746938][T10907] FAULT_INJECTION: forcing a failure.
[  467.746938][T10907] name failslab, interval 1, probability 0, space 0, times 0
[  467.760508][T10903] ipvlan0: entered promiscuous mode
[  467.765783][T10903] ipvlan0: entered allmulticast mode
[  467.794352][T10903] veth0_vlan: entered allmulticast mode
[  467.815283][T10907] CPU: 1 UID: 0 PID: 10907 Comm: syz.2.1384 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  467.815313][T10907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  467.815325][T10907] Call Trace:
[  467.815333][T10907]  <TASK>
[  467.815342][T10907]  dump_stack_lvl+0x189/0x250
[  467.815381][T10907]  ? __pfx_dump_stack_lvl+0x10/0x10
[  467.815411][T10907]  ? __pfx__printk+0x10/0x10
[  467.815437][T10907]  ? __pfx___might_resched+0x10/0x10
[  467.815456][T10907]  ? fs_reclaim_acquire+0x7d/0x100
[  467.815493][T10907]  should_fail_ex+0x414/0x560
[  467.815521][T10907]  should_failslab+0xa8/0x100
[  467.815550][T10907]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  467.815597][T10907]  ? __alloc_skb+0x112/0x2d0
[  467.815628][T10907]  __alloc_skb+0x112/0x2d0
[  467.815659][T10907]  netlink_ack+0x146/0xa50
[  467.815681][T10907]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  467.815710][T10907]  ? ref_tracker_free+0x63a/0x7d0
[  467.815731][T10907]  ? __copy_skb_header+0xa7/0x550
[  467.815770][T10907]  netlink_rcv_skb+0x2a0/0x490
[  467.815796][T10907]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  467.815822][T10907]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  467.815868][T10907]  ? netlink_deliver_tap+0x2e/0x1b0
[  467.815891][T10907]  ? netlink_deliver_tap+0x2e/0x1b0
[  467.815922][T10907]  netlink_unicast+0x758/0x8d0
[  467.815955][T10907]  netlink_sendmsg+0x805/0xb30
[  467.815991][T10907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  467.816019][T10907]  ? aa_sock_msg_perm+0x94/0x160
[  467.816054][T10907]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  467.816077][T10907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  467.816104][T10907]  __sock_sendmsg+0x219/0x270
[  467.816129][T10907]  ____sys_sendmsg+0x505/0x830
[  467.816164][T10907]  ? __pfx_____sys_sendmsg+0x10/0x10
[  467.816202][T10907]  ? import_iovec+0x74/0xa0
[  467.816235][T10907]  ___sys_sendmsg+0x21f/0x2a0
[  467.816266][T10907]  ? __pfx____sys_sendmsg+0x10/0x10
[  467.816334][T10907]  ? __fget_files+0x2a/0x420
[  467.816360][T10907]  ? __fget_files+0x3a0/0x420
[  467.816398][T10907]  __x64_sys_sendmsg+0x19b/0x260
[  467.816430][T10907]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  467.816478][T10907]  ? do_syscall_64+0xba/0x210
[  467.816510][T10907]  do_syscall_64+0xf6/0x210
[  467.816538][T10907]  ? clear_bhb_loop+0x60/0xb0
[  467.816564][T10907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.816583][T10907] RIP: 0033:0x7f005bb8e969
[  467.816602][T10907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.816620][T10907] RSP: 002b:00007f00599f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  467.816641][T10907] RAX: ffffffffffffffda RBX: 00007f005bdb6160 RCX: 00007f005bb8e969
[  467.816655][T10907] RDX: 0000000000000000 RSI: 0000200000006040 RDI: 0000000000000004
[  467.816668][T10907] RBP: 00007f00599f6090 R08: 0000000000000000 R09: 0000000000000000
[  467.816679][T10907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  467.816690][T10907] R13: 0000000000000001 R14: 00007f005bdb6160 R15: 00007f005bedfa28
[  467.816721][T10907]  </TASK>
[  468.367621][ T5829] Bluetooth: hci4: command tx timeout
[  468.419355][  T975] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  468.602673][  T975] usb 6-1: config 4 has an invalid interface number: 231 but max is 0
[  468.632635][  T975] usb 6-1: config 4 has no interface number 0
[  468.677139][  T975] usb 6-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  468.707718][  T975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.747484][  T975] usb 6-1: Product: syz
[  468.762798][  T975] usb 6-1: Manufacturer: syz
[  468.777577][  T975] usb 6-1: SerialNumber: syz
[  468.819852][  T975] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  469.008722][T10932] loop2: detected capacity change from 0 to 7
[  469.016367][T10913] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  469.016657][ T5951]  loop2: p1
[  469.027378][ T5951] loop2: partition table partially beyond EOD, truncated
[  469.047852][T10913] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  469.066107][ T5951] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  469.110403][T10932]  loop2: p1
[  469.114207][T10932] loop2: partition table partially beyond EOD, truncated
[  469.122691][T10772] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  469.130235][T10932] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  469.203618][T10772] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  469.250562][T10772] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  469.268024][ T5951] udevd[5951]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  469.286139][  T975] vp7045: USB control message 'in' went wrong.
[  469.305275][  T975] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  469.315883][T10772] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  469.330592][ T5951] udevd[5951]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  469.369032][  T975] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  469.411530][  T975] usb 6-1: USB disconnect, device number 2
[  469.560620][T10772] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.590283][T10772] 8021q: adding VLAN 0 to HW filter on device team0
[  469.597541][ T5890] usb 3-1: new low-speed USB device number 69 using dummy_hcd
[  469.614947][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.622146][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  469.627525][ T5893] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  469.656570][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.663795][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.760704][ T5890] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  469.787375][ T5890] usb 3-1: config 0 has no interface number 0
[  469.798048][ T5893] usb 2-1: Using ep0 maxpacket: 32
[  469.808838][ T5893] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  469.826136][T10772] 8021q: adding VLAN 0 to HW filter on device batadv0
[  469.833550][ T5890] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  469.845274][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.859331][ T5890] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  469.890872][ T5890] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  469.906285][ T5890] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  469.923476][ T5893] usb 2-1: config 0 descriptor??
[  469.973038][ T5890] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  470.011042][T10772] veth0_vlan: entered promiscuous mode
[  470.016822][ T5890] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  470.042141][T10772] veth1_vlan: entered promiscuous mode
[  470.048087][ T5890] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  470.067133][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.094256][ T5890] usb 3-1: config 0 descriptor??
[  470.108220][T10937] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  470.127051][T10937] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  470.138149][T10772] veth0_macvtap: entered promiscuous mode
[  470.146415][ T5893] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  470.167492][ T5890] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  470.180321][ T5893] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  470.200618][T10772] veth1_macvtap: entered promiscuous mode
[  470.201426][ T5893] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  470.230632][ T5893] usb 2-1: media controller created
[  470.270764][T10772] batman_adv: batadv0: Interface activated: batadv_slave_0
[  470.274954][ T5893] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  470.294707][T10772] batman_adv: batadv0: Interface activated: batadv_slave_1
[  470.312618][T10772] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  470.324837][T10772] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  470.347366][T10772] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  470.350674][T10938] binder: 10936:10938 ioctl c0306201 0 returned -14
[  470.357222][T10772] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  470.380641][T10938] binder: 10936:10938 ioctl 4018620d 0 returned -22
[  470.424442][ T5890] usb 3-1: USB disconnect, device number 69
[  470.455155][ T5890] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  470.494116][ T5893] az6027: usb out operation failed. (-71)
[  470.515140][ T5893] az6027: usb out operation failed. (-71)
[  470.526703][ T5893] stb0899_attach: Driver disabled by Kconfig
[  470.534387][ T5893] az6027: no front-end attached
[  470.534387][ T5893] 
[  470.565831][ T5893] az6027: usb out operation failed. (-71)
[  470.578567][ T5893] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  470.611744][ T5893] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input29
[  470.648071][ T5893] dvb-usb: schedule remote query interval to 400 msecs.
[  470.660572][ T5893] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  470.705899][ T5893] usb 2-1: USB disconnect, device number 64
[  470.719111][ T7606] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.734174][ T7606] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.819985][ T5893] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  470.873798][ T7611] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.893148][ T7611] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  471.093305][T10960] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1356'.
[  471.187994][  T975] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  471.343275][T10967] netlink: 440 bytes leftover after parsing attributes in process `syz.2.1398'.
[  471.348019][  T975] usb 6-1: Using ep0 maxpacket: 16
[  471.365420][  T975] usb 6-1: config 1 interface 0 altsetting 6 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  471.385921][  T975] usb 6-1: config 1 interface 0 has no altsetting 0
[  471.404114][  T975] usb 6-1: New USB device found, idVendor=2453, idProduct=0100, bcdDevice= 0.40
[  471.424085][  T975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.454031][  T975] usb 6-1: Product: syz
[  471.466497][  T975] usb 6-1: Manufacturer: שּׁᵧ酒뗢漖䚆煌｛⃳䨨흥ᤝ恹燩獉╤筡뫦罚懁덊䴘쀧聞湯唯냺鑀쭳伜펿冲䟠ϒ徘撧饷댸䄴궬歵๗窩쫋튲뿄릚씇㶒䜱ฝ右ᙰ믎᪈⻹튛ݐ砇愃좳︖′불걜醄悔Ԥὖ
[  471.516679][T10970] FAULT_INJECTION: forcing a failure.
[  471.516679][T10970] name failslab, interval 1, probability 0, space 0, times 0
[  471.521917][  T975] usb 6-1: SerialNumber: syz
[  471.536591][T10970] CPU: 1 UID: 0 PID: 10970 Comm: syz.1.1399 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  471.536618][T10970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  471.536631][T10970] Call Trace:
[  471.536640][T10970]  <TASK>
[  471.536650][T10970]  dump_stack_lvl+0x189/0x250
[  471.536695][T10970]  ? __pfx_dump_stack_lvl+0x10/0x10
[  471.536724][T10970]  ? __pfx__printk+0x10/0x10
[  471.536750][T10970]  ? __pfx___might_resched+0x10/0x10
[  471.536775][T10970]  should_fail_ex+0x414/0x560
[  471.536802][T10970]  should_failslab+0xa8/0x100
[  471.536830][T10970]  __kmalloc_cache_noprof+0x70/0x3d0
[  471.536856][T10970]  ? tcf_proto_create+0x65/0x330
[  471.536888][T10970]  tcf_proto_create+0x65/0x330
[  471.536922][T10970]  tc_new_tfilter+0x11aa/0x15b0
[  471.536966][T10970]  ? __local_bh_enable_ip+0x12d/0x1c0
[  471.536992][T10970]  ? __pfx_tc_new_tfilter+0x10/0x10
[  471.537054][T10970]  ? __pfx_tc_new_tfilter+0x10/0x10
[  471.537079][T10970]  rtnetlink_rcv_msg+0x7cf/0xb70
[  471.537107][T10970]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  471.537129][T10970]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  471.537156][T10970]  ? ref_tracker_free+0x63a/0x7d0
[  471.537177][T10970]  ? __copy_skb_header+0xa7/0x550
[  471.537215][T10970]  netlink_rcv_skb+0x21c/0x490
[  471.537240][T10970]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  471.537264][T10970]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  471.537326][T10970]  ? netlink_deliver_tap+0x2e/0x1b0
[  471.537349][T10970]  ? netlink_deliver_tap+0x2e/0x1b0
[  471.537380][T10970]  netlink_unicast+0x758/0x8d0
[  471.537418][T10970]  netlink_sendmsg+0x805/0xb30
[  471.537454][T10970]  ? __pfx_netlink_sendmsg+0x10/0x10
[  471.537483][T10970]  ? aa_sock_msg_perm+0x94/0x160
[  471.537510][T10970]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  471.537533][T10970]  ? __pfx_netlink_sendmsg+0x10/0x10
[  471.537559][T10970]  __sock_sendmsg+0x219/0x270
[  471.537585][T10970]  ____sys_sendmsg+0x505/0x830
[  471.537620][T10970]  ? __pfx_____sys_sendmsg+0x10/0x10
[  471.537679][T10970]  ? import_iovec+0x74/0xa0
[  471.537712][T10970]  ___sys_sendmsg+0x21f/0x2a0
[  471.537742][T10970]  ? __pfx____sys_sendmsg+0x10/0x10
[  471.537809][T10970]  ? __fget_files+0x2a/0x420
[  471.537834][T10970]  ? __fget_files+0x3a0/0x420
[  471.537871][T10970]  __x64_sys_sendmsg+0x19b/0x260
[  471.537902][T10970]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  471.537948][T10970]  ? do_syscall_64+0xba/0x210
[  471.537978][T10970]  do_syscall_64+0xf6/0x210
[  471.538006][T10970]  ? clear_bhb_loop+0x60/0xb0
[  471.538031][T10970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.538050][T10970] RIP: 0033:0x7f1e8238e969
[  471.538068][T10970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  471.538085][T10970] RSP: 002b:00007f1e831f4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  471.538106][T10970] RAX: ffffffffffffffda RBX: 00007f1e825b5fa0 RCX: 00007f1e8238e969
[  471.538121][T10970] RDX: 0000000000000000 RSI: 0000200000006040 RDI: 0000000000000004
[  471.538134][T10970] RBP: 00007f1e831f4090 R08: 0000000000000000 R09: 0000000000000000
[  471.538146][T10970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  471.538158][T10970] R13: 0000000000000000 R14: 00007f1e825b5fa0 R15: 00007f1e826dfa28
[  471.538189][T10970]  </TASK>
[  471.998802][T10950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  472.008994][ T5890] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  472.039684][T10950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.050470][T10979] xt_bpf: check failed: parse error
[  472.116715][  T975] usbhid 6-1:1.0: can't add hid device: -71
[  472.136983][  T975] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  472.161724][  T975] usb 6-1: USB disconnect, device number 3
[  472.167905][ T5890] usb 3-1: device descriptor read/64, error -71
[  472.229661][T10983] input: syz1 as /devices/virtual/input/input30
[  472.439262][ T5890] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  472.587827][ T5890] usb 3-1: device descriptor read/64, error -71
[  472.708449][ T5890] usb usb3-port1: attempt power cycle
[  472.807801][T10999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1408'.
[  472.827721][T11002] loop2: detected capacity change from 0 to 7
[  472.840246][T11002]  loop2: p1
[  472.854187][T11002] loop2: partition table partially beyond EOD, truncated
[  472.880014][T11002] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  472.917934][ T5889] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  473.073334][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  473.087952][ T5890] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  473.097450][ T5889] usb 4-1: Using ep0 maxpacket: 32
[  473.145551][ T5889] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  473.159204][ T5890] usb 3-1: device descriptor read/8, error -71
[  473.196089][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.268621][ T5889] usb 4-1: config 0 descriptor??
[  473.278080][T11012] netlink: 440 bytes leftover after parsing attributes in process `syz.5.1410'.
[  473.447592][ T5890] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  473.484550][ T5889] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  473.506080][ T5890] usb 3-1: device descriptor read/8, error -71
[  473.530141][ T5889] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  473.585876][ T5889] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  473.626624][ T5889] usb 4-1: media controller created
[  473.658020][ T5890] usb usb3-port1: unable to enumerate USB device
[  473.686015][T10996] binder: 10995:10996 ioctl c0306201 0 returned -14
[  473.735323][T10996] binder: 10995:10996 ioctl 4018620d 0 returned -22
[  473.753103][ T5889] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  473.785501][T11017] batman_adv: batadv0: Adding interface: ip6gretap1
[  473.813038][T11017] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  473.843410][T11017] batman_adv: batadv0: Interface activated: ip6gretap1
[  473.939972][ T5889] az6027: usb out operation failed. (-71)
[  473.975355][ T5889] az6027: usb out operation failed. (-71)
[  473.985880][ T5889] stb0899_attach: Driver disabled by Kconfig
[  473.994246][ T5889] az6027: no front-end attached
[  473.994246][ T5889] 
[  474.023968][ T5889] az6027: usb out operation failed. (-71)
[  474.037733][ T5889] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  474.082042][ T5889] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input31
[  474.145331][ T5889] dvb-usb: schedule remote query interval to 400 msecs.
[  474.176088][ T5889] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  474.206838][ T5889] usb 4-1: USB disconnect, device number 60
[  474.450981][T11032] trusted_key: syz.5.1413 sent an empty control message without MSG_MORE.
[  474.634761][ T5889] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  474.722101][   T24] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  474.880870][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  475.161841][   T24] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  475.227934][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.257937][   T24] usb 2-1: Product: syz
[  475.262181][   T24] usb 2-1: Manufacturer: syz
[  475.266847][   T24] usb 2-1: SerialNumber: syz
[  475.383640][   T24] usb 2-1: config 0 descriptor??
[  475.427602][   T48] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  475.577563][   T48] usb 3-1: Using ep0 maxpacket: 8
[  475.603682][   T48] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  475.625630][   T48] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  475.642713][   T48] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  475.659894][   T48] usb 3-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad
[  475.671187][   T48] usb 3-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3
[  475.682429][   T48] usb 3-1: Product: syz
[  475.686740][   T48] usb 3-1: Manufacturer: syz
[  475.694415][   T48] usb 3-1: SerialNumber: syz
[  475.726034][   T48] usb 3-1: config 0 descriptor??
[  475.745772][   T48] smsusb:smsusb_probe: board id=2, interface number 0
[  475.754797][   T48] smsusb:smsusb_probe: Device initialized with return code -19
[  475.983208][   T48] usb 3-1: USB disconnect, device number 74
[  476.832574][T11065] loop2: detected capacity change from 0 to 7
[  476.853795][T11065]  loop2: p1
[  476.858856][T11065] loop2: partition table partially beyond EOD, truncated
[  476.876564][T11065] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  477.047677][ T5951] udevd[5951]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  477.197715][T11067] netlink: 440 bytes leftover after parsing attributes in process `syz.5.1421'.
[  477.572949][   T30] kauditd_printk_skb: 169 callbacks suppressed
[  477.572969][   T30] audit: type=1326 audit(1747712265.558:3235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.5.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  477.601795][    C0] vkms_vblank_simulate: vblank timer overrun
[  477.613739][   T30] audit: type=1326 audit(1747712265.558:3236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.5.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  477.640891][   T30] audit: type=1326 audit(1747712265.598:3237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.5.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  477.663280][    C0] vkms_vblank_simulate: vblank timer overrun
[  477.689838][   T24] usb 2-1: USB disconnect, device number 65
[  477.776876][ T7216] udevd[7216]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  477.834548][T11073] netlink: 'syz.5.1422': attribute type 61 has an invalid length.
[  477.922197][T11076] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  477.992252][T11073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1422'.
[  478.023785][T11073] netlink: 'syz.5.1422': attribute type 10 has an invalid length.
[  478.031793][T11073] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1422'.
[  478.045980][T11073] batman_adv: batadv0: Adding interface: virt_wifi0
[  478.052887][T11073] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.098956][T11073] batman_adv: batadv0: Interface activated: virt_wifi0
[  478.217486][   T24] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  478.387644][   T24] usb 2-1: Using ep0 maxpacket: 8
[  478.415496][   T24] usb 2-1: config 14 has an invalid interface number: 120 but max is 1
[  478.431745][   T24] usb 2-1: config 14 has an invalid interface number: 80 but max is 1
[  478.445431][   T24] usb 2-1: config 14 contains an unexpected descriptor of type 0x2, skipping
[  478.463854][   T24] usb 2-1: config 14 has an invalid descriptor of length 204, skipping remainder of the config
[  478.474744][   T24] usb 2-1: config 14 has no interface number 0
[  478.495826][   T24] usb 2-1: config 14 has no interface number 1
[  478.517156][   T24] usb 2-1: config 14 interface 120 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  478.539698][ T5893] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  478.567167][   T24] usb 2-1: config 14 interface 120 altsetting 3 endpoint 0xC has invalid maxpacket 512, setting to 64
[  478.594122][   T24] usb 2-1: config 14 interface 120 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  478.627545][   T24] usb 2-1: config 14 interface 120 altsetting 3 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  478.643807][   T24] usb 2-1: config 14 interface 120 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  478.672927][T11087] program syz.5.1427 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  478.718472][ T5893] usb 3-1: Using ep0 maxpacket: 32
[  478.724374][   T24] usb 2-1: config 14 interface 120 altsetting 3 has a duplicate endpoint with address 0xA, skipping
[  478.749185][ T5893] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  478.771106][   T24] usb 2-1: config 14 interface 120 altsetting 3 has an endpoint descriptor with address 0x47, changing to 0x7
[  478.782950][   T24] usb 2-1: config 14 interface 120 altsetting 3 endpoint 0x7 has invalid maxpacket 62362, setting to 64
[  478.803266][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.807622][   T24] usb 2-1: config 14 interface 120 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  478.822342][   T24] usb 2-1: config 14 interface 120 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[  478.860823][   T24] usb 2-1: config 14 interface 120 altsetting 3 has a duplicate endpoint with address 0xA, skipping
[  478.880854][ T5893] usb 3-1: config 0 descriptor??
[  478.885920][   T24] usb 2-1: config 14 interface 120 altsetting 3 has 13 endpoint descriptors, different from the interface descriptor's value: 12
[  478.937263][   T24] usb 2-1: config 14 interface 80 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  478.975323][   T24] usb 2-1: config 14 interface 120 has no altsetting 0
[  478.984509][   T24] usb 2-1: config 14 interface 80 has no altsetting 0
[  479.004464][   T24] usb 2-1: New USB device found, idVendor=050d, idProduct=1102, bcdDevice=d6.25
[  479.020616][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.045016][   T24] usb 2-1: Product: Ⲋꇣ䫿ﰬ嬙ੲ弹儗쏲㎕琘ᩡ쾂ᰢ凰拕䟙퇥멿ힸ汼쿴츥퇠鹿쥘鯛ﮂ斝립អ
[  479.090050][   T24] usb 2-1: Manufacturer: 㷒᛹姗뮠今뵆衿㿬㐞ｨ쑙＠ā篯煖醙愼촕꤬㽣ꪰզ狌믐鈑豝뙅淽ꃍ☒ᠿ삻邉蹙Ë稘⁻䉔䙬竞ꃲ羁蛀䅱嫂纁얷ǚ瓠궒쯵唿匧嚱帋祌烫ꦌÀ䏹鶩챘䂁庇Ἴ䍒桽픮⪧᳁蟹坦灼銘澃容쏻䅮疣ᄂ嶵▛淽䙙走쀧備䓏崅탳
[  479.141690][ T5893] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  479.177510][   T30] audit: type=1800 audit(1747712267.148:3238): pid=11100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1429" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  479.185704][   T24] usb 2-1: SerialNumber: Н
[  479.248058][T11075] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  479.266402][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1429'.
[  479.308211][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1429'.
[  479.370579][T11080] binder: 11079:11080 ioctl c0306201 0 returned -14
[  479.376694][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1429'.
[  479.399485][T11080] binder: 11079:11080 ioctl 4018620d 0 returned -22
[  479.452881][ T5893] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  479.468448][ T5893] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  479.468502][ T5893] usb 3-1: media controller created
[  479.596984][   T24] usb 2-1: USB disconnect, device number 66
[  479.608133][ T5893] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  479.725420][ T5893] az6027: usb out operation failed. (-71)
[  479.874091][ T5893] az6027: usb out operation failed. (-71)
[  479.936490][ T5893] stb0899_attach: Driver disabled by Kconfig
[  479.975499][ T5893] az6027: no front-end attached
[  479.975499][ T5893] 
[  479.992327][ T5893] az6027: usb out operation failed. (-71)
[  480.009078][ T5893] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  480.037610][ T5893] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input32
[  480.064010][ T5893] dvb-usb: schedule remote query interval to 400 msecs.
[  480.077488][ T5893] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  480.152443][ T5893] usb 3-1: USB disconnect, device number 75
[  480.416370][T11088] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1427'.
[  480.467635][T11088] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1427'.
[  480.498677][T11115] netlink: 440 bytes leftover after parsing attributes in process `syz.2.1432'.
[  480.519236][ T5893] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  480.543891][T11117] loop2: detected capacity change from 0 to 7
[  480.644076][   T30] audit: type=1326 audit(1747712268.628:3239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.0.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  480.669047][T11117]  loop2: p1
[  480.679175][T11117] loop2: partition table partially beyond EOD, truncated
[  480.687319][   T30] audit: type=1326 audit(1747712268.628:3240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.0.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  480.711426][T11117] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  480.799865][   T30] audit: type=1326 audit(1747712268.648:3241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.0.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  480.847180][T11087] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  480.855179][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  480.892544][   T30] audit: type=1326 audit(1747712268.648:3242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.0.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  480.973578][   T30] audit: type=1326 audit(1747712268.648:3243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.0.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  480.973632][   T30] audit: type=1326 audit(1747712268.658:3244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.0.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f5214b8e969 code=0x7ffc0000
[  480.996681][    C1] vkms_vblank_simulate: vblank timer overrun
[  481.036243][T11127] input: syz1 as /devices/virtual/input/input33
[  481.041450][T11127] program syz.2.1434 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  481.338413][ T5893] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  481.419982][ T5890] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  481.497511][ T5893] usb 3-1: Using ep0 maxpacket: 16
[  481.512664][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.599925][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  481.625892][ T5890] usb 2-1: config 0 has no interfaces?
[  481.769277][ T5893] usb 3-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  481.791173][ T5890] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  481.862510][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.909911][ T5890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.973812][ T5890] usb 2-1: Product: syz
[  481.979422][ T5893] usb 3-1: config 0 descriptor??
[  482.016555][ T5890] usb 2-1: Manufacturer: syz
[  482.026453][ T5890] usb 2-1: SerialNumber: syz
[  482.065011][ T5890] usb 2-1: config 0 descriptor??
[  482.474790][T11152] binder: BINDER_SET_CONTEXT_MGR already set
[  482.537108][T11152] binder: 11145:11152 ioctl 4018620d 200000000040 returned -16
[  483.207918][ T5890] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  483.239078][  T975] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  483.387728][ T5890] usb 6-1: Using ep0 maxpacket: 8
[  483.405744][ T5890] usb 6-1: too many endpoints for config 0 interface 0 altsetting 254: 242, using maximum allowed: 30
[  483.417713][  T975] usb 4-1: Using ep0 maxpacket: 32
[  483.430257][  T975] usb 4-1: config 0 interface 0 has no altsetting 0
[  483.476095][  T975] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  483.566529][  T975] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.583271][T11175] netlink: 440 bytes leftover after parsing attributes in process `syz.0.1444'.
[  483.592870][ T5890] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  483.604839][  T975] usb 4-1: Product: syz
[  483.620946][  T975] usb 4-1: Manufacturer: syz
[  483.662800][ T5890] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.674977][  T975] usb 4-1: SerialNumber: syz
[  483.734880][ T5890] usb 6-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 242
[  483.756506][  T975] usb 4-1: config 0 descriptor??
[  483.818625][ T5890] usb 6-1: config 0 interface 0 has no altsetting 0
[  483.832970][ T5890] usb 6-1: New USB device found, idVendor=045e, idProduct=01f9, bcdDevice= 0.00
[  483.857006][ T5890] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.926814][ T5890] usb 6-1: config 0 descriptor??
[  483.952596][T11178] loop2: detected capacity change from 0 to 7
[  483.993929][T11178]  loop2: p1
[  484.007667][ T5893] usbhid 3-1:0.0: can't add hid device: -71
[  484.008981][T11178] loop2: partition table partially beyond EOD, 
[  484.013751][ T5893] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  484.026273][T11178] truncated
[  484.056521][T11178] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  484.137836][ T5893] usb 3-1: USB disconnect, device number 76
[  484.274207][ T5951] udevd[5951]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  484.314077][  T975] gs_usb 4-1:0.0: Configuring for 1 interfaces
[  484.406253][T11164] x_tables: duplicate underflow at hook 1
[  484.470474][ T5890] hid-generic 0003:045E:01F9.0010: hidraw0: USB HID v0.03 Device [HID 045e:01f9] on usb-dummy_hcd.5-1/input0
[  484.516098][T11165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  484.539719][T11165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.561107][T11190] netlink: zone id is out of range
[  484.566293][T11190] netlink: zone id is out of range
[  484.588117][T11190] netlink: zone id is out of range
[  484.593689][T11190] netlink: zone id is out of range
[  484.621703][T11190] netlink: zone id is out of range
[  484.647656][T11190] netlink: zone id is out of range
[  484.684377][  T975] gs_usb 4-1:0.0: Couldn't get bit timing const for channel 0 (-EREMOTEIO)
[  484.714976][   T24] usb 2-1: USB disconnect, device number 67
[  484.723998][  T975] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -121
[  484.749673][T11190] netlink: zone id is out of range
[  484.754860][T11190] netlink: zone id is out of range
[  484.811755][T11190] netlink: zone id is out of range
[  484.887515][ T5888] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  485.047541][ T5888] usb 3-1: Using ep0 maxpacket: 16
[  485.063086][ T5888] usb 3-1: config 2 has an invalid interface number: 32 but max is 3
[  485.087734][ T5888] usb 3-1: config 2 has an invalid interface number: 55 but max is 3
[  485.096454][ T5888] usb 3-1: config 2 has an invalid interface number: 196 but max is 3
[  485.127512][ T5888] usb 3-1: config 2 has no interface number 1
[  485.144114][ T5888] usb 3-1: config 2 has no interface number 2
[  485.187781][ T5888] usb 3-1: config 2 has no interface number 3
[  485.195116][ T5888] usb 3-1: config 2 interface 32 has no altsetting 0
[  485.208097][ T5888] usb 3-1: config 2 interface 0 has no altsetting 0
[  485.216047][ T5888] usb 3-1: config 2 interface 55 has no altsetting 0
[  485.228044][ T5888] usb 3-1: config 2 interface 196 has no altsetting 0
[  485.436571][ T5888] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=65.11
[  485.456805][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  485.479655][ T5888] usb 3-1: Product: syz
[  485.484417][ T5888] usb 3-1: Manufacturer: syz
[  485.490960][ T5888] usb 3-1: SerialNumber: syz
[  485.546686][ T5890] usb 6-1: USB disconnect, device number 4
[  485.713799][T11196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  485.727788][T11196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  485.983320][ T5890] usb 4-1: USB disconnect, device number 61
[  486.073562][T11226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1455'.
[  486.261801][T11233] program syz.3.1456 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  486.315736][ T5888] usb 3-1: USB disconnect, device number 77
[  486.494315][T11240] loop2: detected capacity change from 0 to 7
[  486.568017][T11240]  loop2: p1
[  486.606438][T11240] loop2: partition table partially beyond EOD, truncated
[  486.650309][T11240] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  486.730141][ T6437] udevd[6437]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:2.32/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  486.731787][ T5885] udevd[5885]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:2.55/sound/card5/controlC5/../uevent} for writing: No such file or directory
[  486.749332][T11245] netlink: 'syz.2.1458': attribute type 23 has an invalid length.
[  486.836233][ T6056] udevd[6056]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:2.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  486.880861][ T5884] udevd[5884]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:2.196/sound/card6/controlC6/../uevent} for writing: No such file or directory
[  487.047200][T11243] netlink: 'syz.2.1458': attribute type 15 has an invalid length.
[  487.214713][ T7313] udevd[7313]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  487.635120][T11262] netlink: 'syz.2.1460': attribute type 2 has an invalid length.
[  487.644011][T11262] net_ratelimit: 25 callbacks suppressed
[  487.644038][T11262] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  488.108086][ T5888] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  488.277764][ T5888] usb 3-1: device descriptor read/64, error -71
[  488.427941][T11272] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1464'.
[  488.549074][ T5888] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  488.635065][T11278] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  488.684712][T11237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1456'.
[  488.702492][T11237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1456'.
[  488.723475][ T5888] usb 3-1: device descriptor read/64, error -71
[  488.750472][T11233] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  488.863780][ T5888] usb usb3-port1: attempt power cycle
[  488.927589][   T24] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  489.057685][   T24] usb 6-1: device descriptor read/64, error -71
[  489.227694][ T5888] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  489.259665][ T5888] usb 3-1: device descriptor read/8, error -71
[  489.297770][   T24] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  489.437730][   T24] usb 6-1: device descriptor read/64, error -71
[  489.519788][ T5888] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  489.570886][ T5888] usb 3-1: device descriptor read/8, error -71
[  489.578508][   T24] usb usb6-port1: attempt power cycle
[  489.768216][ T5888] usb usb3-port1: unable to enumerate USB device
[  490.027501][   T24] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  490.189915][   T24] usb 6-1: device descriptor read/8, error -71
[  490.245126][T11298] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1467'.
[  490.410939][T11302] netlink: 'syz.0.1468': attribute type 4 has an invalid length.
[  490.447032][T11302] netlink: 'syz.0.1468': attribute type 4 has an invalid length.
[  490.488496][   T24] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  490.523632][   T24] usb 6-1: device descriptor read/8, error -71
[  490.553884][T11310] loop2: detected capacity change from 0 to 7
[  490.588139][T11310]  loop2: p1
[  490.591429][T11310] loop2: partition table partially beyond EOD, truncated
[  490.617708][T11310] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  490.657920][   T24] usb usb6-port1: unable to enumerate USB device
[  490.732685][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  491.941371][T11340] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  492.716915][   T30] kauditd_printk_skb: 158 callbacks suppressed
[  492.716935][   T30] audit: type=1326 audit(1747712280.698:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  492.745758][    C0] vkms_vblank_simulate: vblank timer overrun
[  492.779124][   T30] audit: type=1326 audit(1747712280.698:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  492.813198][   T30] audit: type=1326 audit(1747712280.748:3405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  492.968232][   T30] audit: type=1326 audit(1747712280.748:3406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.056397][   T30] audit: type=1326 audit(1747712280.758:3407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.079034][    C0] vkms_vblank_simulate: vblank timer overrun
[  493.093863][   T30] audit: type=1326 audit(1747712280.758:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.158575][   T30] audit: type=1326 audit(1747712280.758:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.181124][    C0] vkms_vblank_simulate: vblank timer overrun
[  493.585549][   T30] audit: type=1326 audit(1747712280.758:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.707721][   T24] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  493.771747][   T30] audit: type=1326 audit(1747712280.788:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.794199][    C0] vkms_vblank_simulate: vblank timer overrun
[  493.894373][   T24] usb 2-1: config 0 has no interfaces?
[  493.916940][   T24] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  493.926879][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.971239][   T24] usb 2-1: Product: syz
[  493.984026][   T30] audit: type=1326 audit(1747712280.788:3412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11351 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f005bb8e969 code=0x7ffc0000
[  493.988936][   T24] usb 2-1: Manufacturer: syz
[  494.195540][   T24] usb 2-1: SerialNumber: syz
[  494.258649][   T24] usb 2-1: config 0 descriptor??
[  494.475428][T11340] syz.5.1475 (11340): drop_caches: 2
[  494.995832][T11379] loop2: detected capacity change from 0 to 7
[  495.025644][T11379]  loop2: p1
[  495.027564][   T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  495.048281][T11379] loop2: partition table partially beyond EOD, truncated
[  495.056222][T11379] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  495.190319][   T24] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  495.228275][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  495.263096][   T24] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  495.274149][   T24] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  495.295037][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  495.318502][   T24] usb 6-1: Product: syz
[  495.331272][   T24] usb 6-1: Manufacturer: syz
[  495.344321][   T24] usb 6-1: SerialNumber: syz
[  495.370946][   T24] usb 6-1: config 0 descriptor??
[  495.409940][   T24] usb 6-1: selecting invalid altsetting 0
[  495.429285][T11385] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1484'.
[  495.509196][T11385] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1484'.
[  495.989269][T11399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  496.091611][T11399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  496.235469][T11374] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1481'.
[  496.619246][T11404] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  496.911343][ T5890] usb 2-1: USB disconnect, device number 68
[  497.767548][ T5888] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  497.859746][T11424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  497.918415][T11424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  497.937302][T11424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  497.947870][ T5888] usb 2-1: device descriptor read/64, error -71
[  497.953263][T11424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.025462][T11424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.056137][T11424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.087889][ T5890] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  498.217639][ T5888] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  498.388949][T11430] netlink: 440 bytes leftover after parsing attributes in process `syz.2.1492'.
[  498.437718][ T5888] usb 2-1: device descriptor read/64, error -71
[  498.560970][ T5888] usb usb2-port1: attempt power cycle
[  498.798859][T11440] loop2: detected capacity change from 0 to 7
[  498.828236][T11440]  loop2: p1
[  498.843706][T11440] loop2: partition table partially beyond EOD, truncated
[  498.861334][T11443] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1495'.
[  498.894641][T11440] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  498.979671][ T5888] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  498.989675][ T5916] usb 6-1: USB disconnect, device number 9
[  499.039182][ T5888] usb 2-1: device descriptor read/8, error -71
[  499.087271][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  499.327670][ T5888] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  499.365023][ T5888] usb 2-1: device descriptor read/8, error -71
[  499.500365][ T5888] usb usb2-port1: unable to enumerate USB device
[  499.934299][T11471] vcan0: tx drop: invalid da for name 0x0000000000000002
[  499.987529][ T5888] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  500.163173][ T5888] usb 6-1: config 0 has no interfaces?
[  500.177695][ T5888] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  500.187718][ T5890] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  500.201054][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.233397][ T5888] usb 6-1: Product: syz
[  500.270810][ T5888] usb 6-1: Manufacturer: syz
[  500.286707][ T5888] usb 6-1: SerialNumber: syz
[  500.317850][ T5888] usb 6-1: config 0 descriptor??
[  500.350832][ T5890] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.381301][ T5890] usb 4-1: config 0 has no interfaces?
[  500.463330][ T5890] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  500.553326][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.594884][ T5890] usb 4-1: Product: syz
[  500.641718][ T5890] usb 4-1: Manufacturer: syz
[  500.646393][ T5890] usb 4-1: SerialNumber: syz
[  500.745504][T11486] IPv6: addrconf: prefix option has invalid lifetime
[  500.791005][ T5890] usb 4-1: config 0 descriptor??
[  500.815185][T11489] netlink: 'syz.1.1504': attribute type 4 has an invalid length.
[  501.183355][    C0] vcan0: j1939_tp_rxtimer: 0xffff888029e35000: rx timeout, send abort
[  501.195177][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888029e35000: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  501.677622][ T5888] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  501.802219][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.819205][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  501.819582][T11503] loop2: detected capacity change from 0 to 7
[  501.845160][T11503]  loop2: p1
[  501.883052][ T5888] usb 3-1: Using ep0 maxpacket: 32
[  501.913422][T11503] loop2: partition table partially beyond EOD, truncated
[  501.933200][ T5888] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  501.958138][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.969583][T11503] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  502.034996][ T5888] usb 3-1: config 0 descriptor??
[  502.180287][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  502.251089][ T5888] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  502.299865][ T5888] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  502.333207][ T5888] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  502.452383][T11498] binder: 11494:11498 ioctl c0306201 0 returned -14
[  502.464230][T11498] binder: 11494:11498 ioctl 4018620d 0 returned -22
[  502.488067][T11498] FAULT_INJECTION: forcing a failure.
[  502.488067][T11498] name failslab, interval 1, probability 0, space 0, times 0
[  502.536134][T11498] CPU: 1 UID: 0 PID: 11498 Comm: syz.2.1505 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  502.536166][T11498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  502.536179][T11498] Call Trace:
[  502.536189][T11498]  <TASK>
[  502.536199][T11498]  dump_stack_lvl+0x189/0x250
[  502.536238][T11498]  ? __pfx_dump_stack_lvl+0x10/0x10
[  502.536268][T11498]  ? __pfx__printk+0x10/0x10
[  502.536296][T11498]  ? __pfx___might_resched+0x10/0x10
[  502.536316][T11498]  ? fs_reclaim_acquire+0x7d/0x100
[  502.536350][T11498]  should_fail_ex+0x414/0x560
[  502.536377][T11498]  should_failslab+0xa8/0x100
[  502.536407][T11498]  __kmalloc_noprof+0xcb/0x4f0
[  502.536432][T11498]  ? kfree+0x4d/0x440
[  502.536454][T11498]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  502.536488][T11498]  tomoyo_realpath_from_path+0xe3/0x5d0
[  502.536516][T11498]  ? tomoyo_domain+0xda/0x130
[  502.536548][T11498]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  502.536570][T11498]  tomoyo_path_number_perm+0x1e8/0x5a0
[  502.536596][T11498]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  502.536636][T11498]  ? __lock_acquire+0xaac/0xd20
[  502.536694][T11498]  ? __fget_files+0x2a/0x420
[  502.536736][T11498]  ? __fget_files+0x3a0/0x420
[  502.536762][T11498]  ? __fget_files+0x2a/0x420
[  502.536793][T11498]  security_file_ioctl+0xcb/0x2d0
[  502.536816][T11498]  __se_sys_ioctl+0x47/0x170
[  502.536840][T11498]  do_syscall_64+0xf6/0x210
[  502.536870][T11498]  ? clear_bhb_loop+0x60/0xb0
[  502.536896][T11498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.536916][T11498] RIP: 0033:0x7f005bb8e969
[  502.536936][T11498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.536952][T11498] RSP: 002b:00007f005c93a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  502.536975][T11498] RAX: ffffffffffffffda RBX: 00007f005bdb5fa0 RCX: 00007f005bb8e969
[  502.537002][T11498] RDX: 0000200000000000 RSI: 0000000040305829 RDI: 0000000000000005
[  502.537015][T11498] RBP: 00007f005c93a090 R08: 0000000000000000 R09: 0000000000000000
[  502.537027][T11498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.537038][T11498] R13: 0000000000000000 R14: 00007f005bdb5fa0 R15: 00007f005bedfa28
[  502.537066][T11498]  </TASK>
[  502.537075][T11498] ERROR: Out of memory at tomoyo_realpath_from_path.
[  502.767789][   T24] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  502.797020][ T5888] usb 3-1: media controller created
[  502.896839][ T5888] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  502.930795][ T5916] usb 4-1: USB disconnect, device number 62
[  502.963231][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  502.996622][   T24] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  503.036487][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.066978][   T24] usb 2-1: Product: syz
[  503.072389][ T5888] az6027: usb out operation failed. (-71)
[  503.087701][   T24] usb 2-1: Manufacturer: syz
[  503.092352][   T24] usb 2-1: SerialNumber: syz
[  503.102566][ T5888] az6027: usb out operation failed. (-71)
[  503.125368][ T5888] stb0899_attach: Driver disabled by Kconfig
[  503.143312][   T24] usb 2-1: config 0 descriptor??
[  503.177665][ T5888] az6027: no front-end attached
[  503.177665][ T5888] 
[  503.206689][   T24] adutux 2-1:0.0: interrupt endpoints not found
[  503.217050][ T5888] az6027: usb out operation failed. (-71)
[  503.266600][ T5888] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  503.295818][ T5888] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input34
[  503.355611][ T5890] usb 6-1: USB disconnect, device number 10
[  503.381310][ T5888] dvb-usb: schedule remote query interval to 400 msecs.
[  503.420923][   T24] usb 2-1: USB disconnect, device number 73
[  503.433782][ T5888] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  503.533947][ T5888] usb 3-1: USB disconnect, device number 83
[  503.535158][T11524] "syz.3.1510" (11524) uses obsolete ecb(arc4) skcipher
[  503.558453][T11527] program syz.0.1511 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  503.714856][T11534] usb usb8: usbfs: process 11534 (syz.2.1513) did not claim interface 0 before use
[  503.733619][ T5888] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  504.040731][   T24] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  504.207631][   T24] usb 6-1: Using ep0 maxpacket: 16
[  504.226022][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  504.237285][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.247991][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  504.261114][   T24] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  504.270645][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.283121][   T24] usb 6-1: config 0 descriptor??
[  504.325612][   T24] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input35
[  504.373971][ T5185] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.404120][ T5185] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.473628][T11252] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.509326][ T5185] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.563181][T11531] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.596819][ T5185] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.611828][T11535] netlink: 136 bytes leftover after parsing attributes in process `syz.5.1512'.
[  504.627778][ T5916] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  504.648220][T11535] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check.
[  504.695227][ T5185] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.713897][ T5185] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  504.730324][T11531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.756293][T11531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.793890][T11531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.810810][T11531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.858070][ T5916] usb 3-1: Using ep0 maxpacket: 8
[  504.872900][ T5916] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  504.875087][ T5889] usb 6-1: USB disconnect, device number 11
[  504.898685][ T5916] usb 3-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00
[  504.925356][T11527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1511'.
[  504.958380][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.977629][ T5916] usb 3-1: config 0 descriptor??
[  504.977997][T11527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1511'.
[  505.193932][T11548] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  505.220150][T11548] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.347253][ T5916] usb 3-1: string descriptor 0 read error: -71
[  505.375860][ T5916] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  505.428304][ T5916] usb 3-1: USB disconnect, device number 84
[  506.013812][T11572] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1518'.
[  506.794115][ T5890] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  506.873421][ T5889] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  506.986658][ T5890] usb 6-1: config 0 has an invalid interface number: 246 but max is 0
[  507.024786][ T5890] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.105019][ T5889] usb 3-1: config 0 has no interfaces?
[  507.119003][ T5890] usb 6-1: config 0 has no interface number 0
[  507.130746][ T5889] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  507.164026][ T5890] usb 6-1: New USB device found, idVendor=28a7, idProduct=71ab, bcdDevice=df.39
[  507.175731][ T5889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.198382][ T5890] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.208463][ T5889] usb 3-1: Product: syz
[  507.215783][ T5889] usb 3-1: Manufacturer: syz
[  507.224910][ T5890] usb 6-1: Product: syz
[  507.235137][ T5889] usb 3-1: SerialNumber: syz
[  507.272097][ T5890] usb 6-1: Manufacturer: syz
[  507.469811][ T5890] usb 6-1: SerialNumber: syz
[  507.497649][ T5889] usb 3-1: config 0 descriptor??
[  507.555393][ T5890] usb 6-1: config 0 descriptor??
[  507.597358][ T5890] cdc_wdm 6-1:0.246: More than one union descriptor, skipping ...
[  507.683838][ T5890] cdc_wdm 6-1:0.246: probe with driver cdc_wdm failed with error -22
[  508.150949][ T5888] usb 6-1: USB disconnect, device number 12
[  508.508854][ T5916] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  508.565347][T11619] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1528'.
[  508.669455][ T5916] usb 4-1: Using ep0 maxpacket: 32
[  508.683919][ T5916] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  508.699636][ T5916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.744859][ T5916] usb 4-1: config 0 descriptor??
[  508.971880][ T5916] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  508.989802][ T5916] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  509.032913][ T5916] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  509.043872][ T5916] usb 4-1: media controller created
[  509.130181][ T5916] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  509.196055][T11616] binder: 11615:11616 ioctl c0306201 0 returned -14
[  509.255699][T11616] binder: 11615:11616 ioctl 4018620d 0 returned -22
[  510.902196][ T5916] az6027: usb out operation failed. (-71)
[  510.911670][ T5916] az6027: usb out operation failed. (-71)
[  510.927444][ T5916] stb0899_attach: Driver disabled by Kconfig
[  510.947445][ T5916] az6027: no front-end attached
[  510.947445][ T5916] 
[  510.968044][ T5916] az6027: usb out operation failed. (-71)
[  510.973865][ T5916] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  511.042567][ T5888] usb 3-1: USB disconnect, device number 85
[  511.079607][ T5916] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input36
[  511.147438][ T5916] dvb-usb: schedule remote query interval to 400 msecs.
[  511.170925][ T5916] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  511.209756][ T5916] usb 4-1: USB disconnect, device number 63
[  511.482651][ T5916] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  511.645382][T11646] loop2: detected capacity change from 0 to 7
[  511.699083][T11646]  loop2: p1
[  511.702368][T11646] loop2: partition table partially beyond EOD, truncated
[  511.719119][   T30] kauditd_printk_skb: 169 callbacks suppressed
[  511.719139][   T30] audit: type=1326 audit(1747712299.708:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  511.733450][T11646] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  511.945779][   T30] audit: type=1326 audit(1747712299.708:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  511.987515][   T30] audit: type=1326 audit(1747712299.708:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.036238][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  512.054439][   T30] audit: type=1326 audit(1747712299.708:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.242145][   T30] audit: type=1326 audit(1747712299.708:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.308967][   T30] audit: type=1326 audit(1747712299.708:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.396505][   T30] audit: type=1326 audit(1747712299.708:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.435621][   T30] audit: type=1326 audit(1747712299.708:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.459368][   T30] audit: type=1326 audit(1747712299.708:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.482421][   T30] audit: type=1326 audit(1747712299.708:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11642 comm="syz.5.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa402f8e969 code=0x7ffc0000
[  512.651477][T11667] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1539'.
[  512.723508][ T7611] bond0: (slave bond_slave_0): interface is now down
[  512.734057][ T7611] bond0: (slave bond_slave_1): interface is now down
[  512.748714][ T7611] bond0: now running without any active interface!
[  512.845047][T11673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1540'.
[  512.857914][T11673] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1540'.
[  514.517732][ T5829] Bluetooth: hci0: command 0x0406 tx timeout
[  514.524001][T11652] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  515.016138][T11652] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  515.036520][T11652] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  515.042758][T11652] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  515.056227][T11652] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  515.063343][T11652] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  515.076427][T11652] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  515.084796][T11652] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  515.106190][T11652] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  515.122016][T11652] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  515.130414][T11652] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  515.141534][T11652] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  515.440939][   T48] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  515.608415][   T48] usb 2-1: Using ep0 maxpacket: 32
[  515.618224][   T48] usb 2-1: config 0 has no interfaces?
[  515.623975][   T48] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  515.633475][   T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.653789][ T5889] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  515.656561][   T48] usb 2-1: config 0 descriptor??
[  515.677739][ T5890] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  515.847023][ T5890] usb 6-1: device descriptor read/64, error -71
[  515.855590][ T5889] usb 4-1: Using ep0 maxpacket: 32
[  515.875856][ T5889] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  515.891813][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.903766][ T5889] usb 4-1: config 0 descriptor??
[  515.921062][T11686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  515.934909][T11686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.107597][ T5890] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  516.120330][ T5889] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  516.136195][ T5889] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  516.155217][ T5889] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  516.163151][ T5889] usb 4-1: media controller created
[  516.348755][T11693] binder: 11690:11693 ioctl c0306201 0 returned -14
[  516.388320][T11693] binder: 11690:11693 ioctl 4018620d 0 returned -22
[  516.395569][ T5890] usb 6-1: device descriptor read/64, error -71
[  516.477334][ T5889] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  516.517969][ T5890] usb usb6-port1: attempt power cycle
[  516.543972][ T5889] az6027: usb out operation failed. (-71)
[  516.554991][ T5889] az6027: usb out operation failed. (-71)
[  516.567658][  T975] usb 2-1: USB disconnect, device number 74
[  516.584658][ T5889] stb0899_attach: Driver disabled by Kconfig
[  516.599514][ T5889] az6027: no front-end attached
[  516.599514][ T5889] 
[  516.600848][ T5829] Bluetooth: hci0: command 0x0406 tx timeout
[  516.607286][ T5889] az6027: usb out operation failed. (-71)
[  516.628061][ T5889] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  516.678458][ T5889] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input37
[  516.812222][ T5889] dvb-usb: schedule remote query interval to 400 msecs.
[  516.838354][ T5889] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  516.857547][ T5890] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  516.898633][ T5889] usb 4-1: USB disconnect, device number 64
[  516.928438][ T5890] usb 6-1: device descriptor read/8, error -71
[  517.077644][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  517.077717][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  517.083720][ T5829] Bluetooth: hci1: command 0x0406 tx timeout
[  517.098916][ T5889] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  517.161293][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  517.187670][ T5890] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  517.208524][ T5890] usb 6-1: device descriptor read/8, error -71
[  517.318034][ T5890] usb usb6-port1: unable to enumerate USB device
[  517.386525][T11710] netlink: 'syz.1.1550': attribute type 10 has an invalid length.
[  517.395637][T11709] netlink: 'syz.0.1548': attribute type 12 has an invalid length.
[  517.526315][T11710] team0: Port device dummy0 added
[  517.777104][T11717] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1551'.
[  518.633898][T11729] hub 1-0:1.0: USB hub found
[  518.643112][T11729] hub 1-0:1.0: 1 port detected
[  518.837580][  T975] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  518.968644][   T24] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  519.038471][  T975] usb 6-1: Using ep0 maxpacket: 32
[  519.059719][  T975] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  519.097787][  T975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.210431][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  519.216532][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  519.224134][   T56] Bluetooth: hci3: command 0x0c1a tx timeout
[  519.247468][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  519.267636][   T24] usb 3-1: Using ep0 maxpacket: 32
[  519.282267][   T24] usb 3-1: New USB device found, idVendor=0fd9, idProduct=381a, bcdDevice=ac.08
[  519.301611][  T975] usb 6-1: config 0 descriptor??
[  519.316860][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.328793][   T24] usb 3-1: config 0 descriptor??
[  519.454099][T11734] loop2: detected capacity change from 0 to 7
[  519.510118][T11734]  loop2: p1
[  519.536751][T11734] loop2: partition table partially beyond EOD, truncated
[  519.557117][T11734] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  519.606049][  T975] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  519.629605][  T975] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  519.661590][  T975] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  519.728297][  T975] usb 6-1: media controller created
[  519.762938][ T5910] udevd[5910]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  519.807210][T11727] binder: 11725:11727 ioctl c0306201 0 returned -14
[  519.815305][T11727] binder: 11725:11727 ioctl 4018620d 0 returned -22
[  519.834314][T11727] FAULT_INJECTION: forcing a failure.
[  519.834314][T11727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  519.851135][T11727] CPU: 0 UID: 0 PID: 11727 Comm: syz.5.1555 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  519.851157][T11727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  519.851167][T11727] Call Trace:
[  519.851173][T11727]  <TASK>
[  519.851179][T11727]  dump_stack_lvl+0x189/0x250
[  519.851220][T11727]  ? __pfx_dump_stack_lvl+0x10/0x10
[  519.851241][T11727]  ? __pfx__printk+0x10/0x10
[  519.851283][T11727]  should_fail_ex+0x414/0x560
[  519.851303][T11727]  _copy_to_user+0x31/0xb0
[  519.851327][T11727]  simple_read_from_buffer+0xe1/0x170
[  519.851349][T11727]  proc_fail_nth_read+0x1df/0x250
[  519.851374][T11727]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  519.851398][T11727]  ? rw_verify_area+0x258/0x650
[  519.851414][T11727]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  519.851437][T11727]  vfs_read+0x1fd/0x980
[  519.851458][T11727]  ? __pfx___mutex_lock+0x10/0x10
[  519.851484][T11727]  ? __pfx_vfs_read+0x10/0x10
[  519.851503][T11727]  ? __fget_files+0x2a/0x420
[  519.851526][T11727]  ? __fget_files+0x3a0/0x420
[  519.851544][T11727]  ? __fget_files+0x2a/0x420
[  519.851571][T11727]  ksys_read+0x145/0x250
[  519.851586][T11727]  ? __fget_files+0x2a/0x420
[  519.851607][T11727]  ? __pfx_ksys_read+0x10/0x10
[  519.851627][T11727]  ? do_syscall_64+0xba/0x210
[  519.851650][T11727]  do_syscall_64+0xf6/0x210
[  519.851670][T11727]  ? clear_bhb_loop+0x60/0xb0
[  519.851689][T11727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.851716][T11727] RIP: 0033:0x7fa402f8d37c
[  519.851730][T11727] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  519.851742][T11727] RSP: 002b:00007fa403ec8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  519.851758][T11727] RAX: ffffffffffffffda RBX: 00007fa4031b5fa0 RCX: 00007fa402f8d37c
[  519.851769][T11727] RDX: 000000000000000f RSI: 00007fa403ec80a0 RDI: 000000000000000e
[  519.851778][T11727] RBP: 00007fa403ec8090 R08: 0000000000000000 R09: 0000000000000000
[  519.851787][T11727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.851796][T11727] R13: 0000000000000000 R14: 00007fa4031b5fa0 R15: 00007fa4032dfa28
[  519.851818][T11727]  </TASK>
[  519.893608][T11736] binder: 11721:11736 ioctl c0306201 0 returned -14
[  519.906239][  T975] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  520.108308][T11737] binder: 11721:11737 ioctl 4018620d 0 returned -22
[  520.227660][  T975] az6027: usb out operation failed. (-71)
[  520.240636][  T975] az6027: usb out operation failed. (-71)
[  520.253805][  T975] stb0899_attach: Driver disabled by Kconfig
[  520.273307][  T975] az6027: no front-end attached
[  520.273307][  T975] 
[  520.291077][  T975] az6027: usb out operation failed. (-71)
[  520.302598][  T975] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  520.347500][ T5916] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  520.356149][  T975] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input38
[  520.491774][  T975] dvb-usb: schedule remote query interval to 400 msecs.
[  520.509011][  T975] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  520.539813][ T5916] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  520.568294][  T975] usb 6-1: USB disconnect, device number 17
[  520.604701][ T5916] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  520.763368][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.940539][ T5916] usb 2-1: config 0 descriptor??
[  521.152052][T11749] netlink: 'syz.3.1559': attribute type 1 has an invalid length.
[  521.182064][T11753] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  521.189391][T11753] IPv6: NLM_F_CREATE should be set when creating new route
[  521.223375][T11751] lo: entered allmulticast mode
[  521.229411][T11751] tunl0: entered allmulticast mode
[  521.243181][T11751] gre0: entered allmulticast mode
[  521.245851][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  521.279158][ T5916] keytouch 0003:0926:3333.0011: fixing up Keytouch IEC report descriptor
[  521.300679][T11751] gretap0: entered allmulticast mode
[  521.300844][ T5916] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0011/input/input39
[  521.319539][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  521.330712][T11751] erspan0: entered allmulticast mode
[  521.365897][T11751] ip_vti0: entered allmulticast mode
[  521.400070][T11751] ip6_vti0: entered allmulticast mode
[  521.408528][T11751] sit0: entered allmulticast mode
[  521.430082][T11751] ip6tnl0: entered allmulticast mode
[  521.434891][ T5889] usb 3-1: USB disconnect, device number 86
[  521.445323][  T975] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  521.448061][T11751] ip6gre0: entered allmulticast mode
[  521.623885][T11751] syz_tun: entered allmulticast mode
[  521.692628][ T5916] keytouch 0003:0926:3333.0011: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  521.741784][T11751] ip6gretap0: entered allmulticast mode
[  521.826123][T11751] bridge0: entered allmulticast mode
[  521.934572][T11751] vcan0: entered allmulticast mode
[  521.972985][T11751] bond0: entered allmulticast mode
[  522.031463][T11751] team0: entered allmulticast mode
[  522.075953][T11751] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578
[  522.081804][T11766] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1563'.
[  522.129509][T11751] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 11751, name: syz.1.1557
[  522.170906][T11751] preempt_count: 0, expected: 0
[  522.198984][T11751] RCU nest depth: 1, expected: 0
[  522.204656][T11751] 2 locks held by syz.1.1557/11751:
[  522.212763][T11751]  #0: ffffffff8f2fa848 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  522.237043][T11751]  #1: ffffffff8df3dee0 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x29/0x330
[  522.295545][T11751] CPU: 0 UID: 0 PID: 11751 Comm: syz.1.1557 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  522.295574][T11751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.295592][T11751] Call Trace:
[  522.295601][T11751]  <TASK>
[  522.295611][T11751]  dump_stack_lvl+0x189/0x250
[  522.295650][T11751]  ? __pfx_dump_stack_lvl+0x10/0x10
[  522.295688][T11751]  ? print_lock_name+0xde/0x100
[  522.295728][T11751]  __might_resched+0x495/0x610
[  522.295749][T11751]  ? __wake_up_klogd+0xd9/0x110
[  522.295776][T11751]  ? __wake_up_klogd+0x1c/0x110
[  522.295800][T11751]  ? __pfx___might_resched+0x10/0x10
[  522.295822][T11751]  ? __mutex_trylock_common+0x153/0x260
[  522.295849][T11751]  ? __pfx___mutex_trylock_common+0x10/0x10
[  522.295870][T11751]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  522.295904][T11751]  __mutex_lock+0x106/0xe80
[  522.295932][T11751]  ? _printk+0xcf/0x120
[  522.295958][T11751]  ? __pfx__printk+0x10/0x10
[  522.295975][T11751]  ? dev_set_allmulti+0x10e/0x260
[  522.296005][T11751]  ? __pfx___mutex_lock+0x10/0x10
[  522.296030][T11751]  ? __lock_acquire+0xaac/0xd20
[  522.296080][T11751]  ? team_change_rx_flags+0x29/0x330
[  522.296119][T11751]  dev_set_allmulti+0x10e/0x260
[  522.296151][T11751]  team_change_rx_flags+0x20f/0x330
[  522.296178][T11751]  ? team_change_rx_flags+0x29/0x330
[  522.296208][T11751]  ? __pfx_team_change_rx_flags+0x10/0x10
[  522.296239][T11751]  netif_set_allmulti+0x212/0x380
[  522.296275][T11751]  __dev_change_flags+0x52e/0x6d0
[  522.296312][T11751]  ? __pfx___dev_change_flags+0x10/0x10
[  522.296349][T11751]  netif_change_flags+0x88/0x1a0
[  522.296383][T11751]  do_setlink+0xcb9/0x40d0
[  522.296428][T11751]  ? __pfx_do_setlink+0x10/0x10
[  522.296460][T11751]  ? __lock_acquire+0xaac/0xd20
[  522.296496][T11751]  ? __mutex_trylock_common+0x153/0x260
[  522.296523][T11751]  ? __pfx___mutex_trylock_common+0x10/0x10
[  522.296551][T11751]  ? rcu_is_watching+0x15/0xb0
[  522.296572][T11751]  ? trace_contention_end+0x39/0x120
[  522.296596][T11751]  ? __mutex_lock+0x330/0xe80
[  522.296625][T11751]  ? __pfx_aa_get_newest_label+0x10/0x10
[  522.296655][T11751]  ? rtnl_newlink+0x8db/0x1c70
[  522.296679][T11751]  ? rcu_is_watching+0x15/0xb0
[  522.296699][T11751]  ? __pfx___mutex_lock+0x10/0x10
[  522.296739][T11751]  ? ns_capable+0x8a/0xf0
[  522.296761][T11751]  ? rtnl_link_get_net_capable+0x16a/0x350
[  522.296792][T11751]  rtnl_newlink+0x149f/0x1c70
[  522.296815][T11751]  ? kasan_save_track+0x3e/0x80
[  522.296853][T11751]  ? __pfx_rtnl_newlink+0x10/0x10
[  522.296913][T11751]  ? kasan_quarantine_put+0xdd/0x220
[  522.296937][T11751]  ? lockdep_hardirqs_on+0x9c/0x150
[  522.296969][T11751]  ? nlmon_xmit+0xb0/0x100
[  522.296998][T11751]  ? kmem_cache_free+0x192/0x3f0
[  522.297033][T11751]  ? __local_bh_enable_ip+0x12d/0x1c0
[  522.297064][T11751]  ? lockdep_hardirqs_on+0x9c/0x150
[  522.297091][T11751]  ? __local_bh_enable_ip+0x12d/0x1c0
[  522.297111][T11751]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  522.297141][T11751]  ? aa_get_newest_label+0xf7/0x5d0
[  522.297169][T11751]  ? __lock_acquire+0xaac/0xd20
[  522.297224][T11751]  ? __pfx_rtnl_newlink+0x10/0x10
[  522.297248][T11751]  rtnetlink_rcv_msg+0x7cf/0xb70
[  522.297277][T11751]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  522.297300][T11751]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  522.297330][T11751]  ? ref_tracker_free+0x63a/0x7d0
[  522.297352][T11751]  ? __copy_skb_header+0xa7/0x550
[  522.297389][T11751]  netlink_rcv_skb+0x21c/0x490
[  522.297416][T11751]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  522.297449][T11751]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  522.297496][T11751]  ? netlink_deliver_tap+0x2e/0x1b0
[  522.297521][T11751]  ? netlink_deliver_tap+0x2e/0x1b0
[  522.297553][T11751]  netlink_unicast+0x758/0x8d0
[  522.297588][T11751]  netlink_sendmsg+0x805/0xb30
[  522.297626][T11751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  522.297655][T11751]  ? aa_sock_msg_perm+0x94/0x160
[  522.297682][T11751]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  522.297706][T11751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  522.297733][T11751]  __sock_sendmsg+0x219/0x270
[  522.297759][T11751]  ____sys_sendmsg+0x505/0x830
[  522.297798][T11751]  ? __pfx_____sys_sendmsg+0x10/0x10
[  522.297838][T11751]  ? import_iovec+0x74/0xa0
[  522.297872][T11751]  ___sys_sendmsg+0x21f/0x2a0
[  522.297904][T11751]  ? __pfx____sys_sendmsg+0x10/0x10
[  522.297976][T11751]  ? __fget_files+0x2a/0x420
[  522.298003][T11751]  ? __fget_files+0x3a0/0x420
[  522.298050][T11751]  __x64_sys_sendmsg+0x19b/0x260
[  522.298084][T11751]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  522.298132][T11751]  ? do_syscall_64+0xba/0x210
[  522.298166][T11751]  do_syscall_64+0xf6/0x210
[  522.298195][T11751]  ? clear_bhb_loop+0x60/0xb0
[  522.298221][T11751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.298242][T11751] RIP: 0033:0x7f1e8238e969
[  522.298261][T11751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.298279][T11751] RSP: 002b:00007f1e831d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  522.298302][T11751] RAX: ffffffffffffffda RBX: 00007f1e825b6080 RCX: 00007f1e8238e969
[  522.298319][T11751] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 000000000000000b
[  522.298331][T11751] RBP: 00007f1e82410ab1 R08: 0000000000000000 R09: 0000000000000000
[  522.298344][T11751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.298356][T11751] R13: 0000000000000000 R14: 00007f1e825b6080 R15: 00007f1e826dfa28
[  522.298389][T11751]  </TASK>
[  522.828016][T11751] 
[  522.830373][T11751] =============================
[  522.835215][T11751] [ BUG: Invalid wait context ]
[  522.840053][T11751] 6.15.0-rc7-syzkaller #0 Tainted: G        W          
[  522.846975][T11751] -----------------------------
[  522.851809][T11751] syz.1.1557/11751 is trying to lock:
[  522.857186][T11751] ffff88802e08ad30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: dev_set_allmulti+0x10e/0x260
[  522.867290][T11751] other info that might help us debug this:
[  522.873166][T11751] context-{5:5}
[  522.876618][T11751] 2 locks held by syz.1.1557/11751:
[  522.881818][T11751]  #0: ffffffff8f2fa848 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  522.890890][T11751]  #1: ffffffff8df3dee0 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x29/0x330
[  522.900730][T11751] stack backtrace:
[  522.904448][T11751] CPU: 1 UID: 0 PID: 11751 Comm: syz.1.1557 Tainted: G        W           6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  522.904470][T11751] Tainted: [W]=WARN
[  522.904475][T11751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.904485][T11751] Call Trace:
[  522.904493][T11751]  <TASK>
[  522.904501][T11751]  dump_stack_lvl+0x189/0x250
[  522.904525][T11751]  ? __pfx_dump_stack_lvl+0x10/0x10
[  522.904546][T11751]  ? __pfx__printk+0x10/0x10
[  522.904560][T11751]  ? print_lock_name+0xde/0x100
[  522.904585][T11751]  __lock_acquire+0xbcf/0xd20
[  522.904608][T11751]  ? dev_set_allmulti+0x10e/0x260
[  522.904626][T11751]  lock_acquire+0x120/0x360
[  522.904646][T11751]  ? dev_set_allmulti+0x10e/0x260
[  522.904666][T11751]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  522.904686][T11751]  __mutex_lock+0x182/0xe80
[  522.904705][T11751]  ? dev_set_allmulti+0x10e/0x260
[  522.904724][T11751]  ? _printk+0xcf/0x120
[  522.904738][T11751]  ? __pfx__printk+0x10/0x10
[  522.904751][T11751]  ? dev_set_allmulti+0x10e/0x260
[  522.904770][T11751]  ? __pfx___mutex_lock+0x10/0x10
[  522.904788][T11751]  ? __lock_acquire+0xaac/0xd20
[  522.904811][T11751]  ? team_change_rx_flags+0x29/0x330
[  522.904836][T11751]  dev_set_allmulti+0x10e/0x260
[  522.904855][T11751]  team_change_rx_flags+0x20f/0x330
[  522.904878][T11751]  ? team_change_rx_flags+0x29/0x330
[  522.904900][T11751]  ? __pfx_team_change_rx_flags+0x10/0x10
[  522.904922][T11751]  netif_set_allmulti+0x212/0x380
[  522.904945][T11751]  __dev_change_flags+0x52e/0x6d0
[  522.904966][T11751]  ? __pfx___dev_change_flags+0x10/0x10
[  522.904989][T11751]  netif_change_flags+0x88/0x1a0
[  522.905010][T11751]  do_setlink+0xcb9/0x40d0
[  522.905034][T11751]  ? __pfx_do_setlink+0x10/0x10
[  522.905053][T11751]  ? __lock_acquire+0xaac/0xd20
[  522.905075][T11751]  ? __mutex_trylock_common+0x153/0x260
[  522.905092][T11751]  ? __pfx___mutex_trylock_common+0x10/0x10
[  522.905110][T11751]  ? rcu_is_watching+0x15/0xb0
[  522.905123][T11751]  ? trace_contention_end+0x39/0x120
[  522.905138][T11751]  ? __mutex_lock+0x330/0xe80
[  522.905158][T11751]  ? __pfx_aa_get_newest_label+0x10/0x10
[  522.905176][T11751]  ? rtnl_newlink+0x8db/0x1c70
[  522.905198][T11751]  ? rcu_is_watching+0x15/0xb0
[  522.905211][T11751]  ? __pfx___mutex_lock+0x10/0x10
[  522.905233][T11751]  ? ns_capable+0x8a/0xf0
[  522.905247][T11751]  ? rtnl_link_get_net_capable+0x16a/0x350
[  522.905267][T11751]  rtnl_newlink+0x149f/0x1c70
[  522.905283][T11751]  ? kasan_save_track+0x3e/0x80
[  522.905304][T11751]  ? __pfx_rtnl_newlink+0x10/0x10
[  522.905331][T11751]  ? kasan_quarantine_put+0xdd/0x220
[  522.905347][T11751]  ? lockdep_hardirqs_on+0x9c/0x150
[  522.905367][T11751]  ? nlmon_xmit+0xb0/0x100
[  522.905387][T11751]  ? kmem_cache_free+0x192/0x3f0
[  522.905408][T11751]  ? __local_bh_enable_ip+0x12d/0x1c0
[  522.905421][T11751]  ? lockdep_hardirqs_on+0x9c/0x150
[  522.905439][T11751]  ? __local_bh_enable_ip+0x12d/0x1c0
[  522.905452][T11751]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  522.905467][T11751]  ? aa_get_newest_label+0xf7/0x5d0
[  522.905484][T11751]  ? __lock_acquire+0xaac/0xd20
[  522.905511][T11751]  ? __pfx_rtnl_newlink+0x10/0x10
[  522.905527][T11751]  rtnetlink_rcv_msg+0x7cf/0xb70
[  522.905544][T11751]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  522.905561][T11751]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  522.905579][T11751]  ? ref_tracker_free+0x63a/0x7d0
[  522.905596][T11751]  ? __copy_skb_header+0xa7/0x550
[  522.905620][T11751]  netlink_rcv_skb+0x21c/0x490
[  522.905638][T11751]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  522.905655][T11751]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  522.905678][T11751]  ? netlink_deliver_tap+0x2e/0x1b0
[  522.905695][T11751]  ? netlink_deliver_tap+0x2e/0x1b0
[  522.905713][T11751]  netlink_unicast+0x758/0x8d0
[  522.905732][T11751]  netlink_sendmsg+0x805/0xb30
[  522.905753][T11751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  522.905771][T11751]  ? aa_sock_msg_perm+0x94/0x160
[  522.905787][T11751]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  522.905804][T11751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  522.905821][T11751]  __sock_sendmsg+0x219/0x270
[  522.905837][T11751]  ____sys_sendmsg+0x505/0x830
[  522.905860][T11751]  ? __pfx_____sys_sendmsg+0x10/0x10
[  522.905882][T11751]  ? import_iovec+0x74/0xa0
[  522.905904][T11751]  ___sys_sendmsg+0x21f/0x2a0
[  522.905925][T11751]  ? __pfx____sys_sendmsg+0x10/0x10
[  522.905956][T11751]  ? __fget_files+0x2a/0x420
[  522.905976][T11751]  ? __fget_files+0x3a0/0x420
[  522.905998][T11751]  __x64_sys_sendmsg+0x19b/0x260
[  522.906019][T11751]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  522.906058][T11751]  ? do_syscall_64+0xba/0x210
[  522.906079][T11751]  do_syscall_64+0xf6/0x210
[  522.906098][T11751]  ? clear_bhb_loop+0x60/0xb0
[  522.906114][T11751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.906129][T11751] RIP: 0033:0x7f1e8238e969
[  522.906143][T11751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.906155][T11751] RSP: 002b:00007f1e831d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  522.906170][T11751] RAX: ffffffffffffffda RBX: 00007f1e825b6080 RCX: 00007f1e8238e969
[  522.906181][T11751] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 000000000000000b
[  522.906216][T11751] RBP: 00007f1e82410ab1 R08: 0000000000000000 R09: 0000000000000000
[  522.906226][T11751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.906235][T11751] R13: 0000000000000000 R14: 00007f1e825b6080 R15: 00007f1e826dfa28
[  522.906251][T11751]  </TASK>
[  523.462154][T11751] dummy0: entered allmulticast mode
[  523.475613][T11751] nlmon0: entered allmulticast mode
[  523.483057][T11751] caif0: entered allmulticast mode
[  523.488675][T11751] batadv0: entered allmulticast mode
[  523.498443][T11751] veth0: entered allmulticast mode
[  523.506782][T11751] veth1: entered allmulticast mode
[  523.515975][T11751] wg0: entered allmulticast mode
[  523.526379][T11751] wg1: entered allmulticast mode
[  523.535979][T11751] wg2: entered allmulticast mode
[  523.543593][T11751] veth0_to_bridge: entered allmulticast mode
[  523.552115][T11751] bridge_slave_0: entered allmulticast mode
[  523.560961][T11751] veth1_to_bridge: entered allmulticast mode
[  523.570951][T11751] bridge_slave_1: entered allmulticast mode
[  523.578845][T11751] veth0_to_bond: entered allmulticast mode
[  523.600714][T11751] bond_slave_0: entered allmulticast mode
[  523.611210][T11751] veth1_to_bond: entered allmulticast mode
[  523.829043][T11751] bond_slave_1: entered allmulticast mode
[  523.871771][T11751] veth0_to_team: entered allmulticast mode
[  523.883007][T11751] team_slave_0: entered allmulticast mode
[  523.893670][T11751] veth1_to_team: entered allmulticast mode
[  523.917679][T11751] team_slave_1: entered allmulticast mode
[  523.925134][T11751] veth0_to_batadv: entered allmulticast mode
[  523.934198][T11751] batadv_slave_0: entered allmulticast mode
[  523.942503][T11751] veth1_to_batadv: entered allmulticast mode
[  523.950587][T11751] batadv_slave_1: entered allmulticast mode
[  523.961644][T11751] xfrm0: entered allmulticast mode
[  523.969477][T11751] veth0_to_hsr: entered allmulticast mode
[  523.976960][T11751] hsr_slave_0: entered allmulticast mode
[  523.984608][T11751] veth1_to_hsr: entered allmulticast mode
[  523.992701][T11751] hsr_slave_1: entered allmulticast mode
[  524.001319][T11751] hsr0: entered allmulticast mode
[  524.011694][T11751] veth1_virt_wifi: entered allmulticast mode
[  524.019477][T11751] veth0_virt_wifi: entered allmulticast mode
[  524.027209][T11751] veth1_vlan: entered allmulticast mode
[  524.040628][T11751] vlan0: entered allmulticast mode
[  524.045904][T11751] vlan1: entered allmulticast mode
[  524.051741][T11751] macvlan0: entered allmulticast mode
[  524.059905][T11751] macvlan1: entered allmulticast mode
[  524.067030][T11751] ipvlan0: left promiscuous mode
[  524.074643][T11751] veth1_macvtap: entered allmulticast mode
[  524.082507][T11751] veth0_macvtap: entered allmulticast mode
[  524.090930][T11751] macvtap0: entered allmulticast mode
[  524.098884][T11751] macsec0: entered allmulticast mode
[  524.106087][T11751] geneve0: entered allmulticast mode
[  524.113444][T11751] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  524.122845][T11751] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  524.131882][T11751] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  524.142693][T11751] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  524.151799][T11751] geneve1: entered allmulticast mode
[  524.161451][T11751] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  524.170278][T11751] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  524.180213][T11751] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[  524.189160][T11751] netdevsim netdevsim1 netdevsim3: entered allmulticast mode
[  524.200064][T11751] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode
[  524.207277][T11751] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  524.214954][T11751] bridge1: entered allmulticast mode
[  524.221893][T11751] bond1: entered allmulticast mode
[  524.227761][T11751] veth2: entered allmulticast mode
[  524.234130][T11751] veth3: entered allmulticast mode
[  524.240538][T11751] bridge2: entered allmulticast mode
[  524.247023][T11751] mac80211_hwsim hwsim14 wlan2: entered allmulticast mode
[  524.254482][T11751] syztnl2: entered allmulticast mode
[  524.260440][T11751] macvlan2: left promiscuous mode
[  524.265510][T11751] macvlan2: entered allmulticast mode
[  524.271655][T11751] vxlan0: entered allmulticast mode
[  524.277000][T11751] bond2: entered allmulticast mode
[  524.282631][T11751] : entered allmulticast mode
[  524.287998][T11751] bridge3: entered allmulticast mode
[  524.295330][T11751] bridge4: entered allmulticast mode
[  524.302522][T11751] xfrm1: entered allmulticast mode
[  524.308294][T11751] bridge5: entered allmulticast mode
[  524.315180][T11751] bond3: entered allmulticast mode
[  524.335813][ T5889] usb 2-1: USB disconnect, device number 75