last executing test programs:

24.797528317s ago: executing program 1 (id=1725):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5, "00370500072300008fef05f42dac5a00"}}}]}, 0x48}}, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000300))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r5, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x0, 0x0, 0x0, &(0x7f0000000200)=""/148, &(0x7f00000002c0)=""/8})
r6 = dup(r4)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r6})
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000005, 0x12, r8, 0x0)

23.674303971s ago: executing program 1 (id=1728):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r1, 0x1, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x3d}, {0x1}, {0x6, 0x0, 0x0, 0x7}]})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @remote, 0x5}, 0x80, 0x0}, 0x20000000)
sendmsg$kcm(r3, &(0x7f0000002ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86a9}, 0x20000000)
openat$cgroup_type(r2, &(0x7f00000000c0), 0x2, 0x0)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCL_SETSEL(r4, 0x5452, &(0x7f0000000100))
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f0000000080)={'wg2\x00', <r9=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x48, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_PEERS={0x8, 0x8, 0x0, 0x1, [{0x4, 0x0, 0x0, 0x0}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r9}]}, 0x48}}, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000001140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r11 = accept4(r10, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x28, 0x7, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0)
sendto$inet6(r4, &(0x7f00000003c0)="8c7c788bfb94000000243c03b1d9eb5571222bb7261e5fe09cedba815fd3d0549c31e2f41486fc559374cbc926b200000000", 0x44, 0x8000, 0x0, 0x5b)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000040)=ANY=[], 0x38}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

21.973964066s ago: executing program 1 (id=1731):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_io_uring_setup(0x3665, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000440)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000003a00)={0x1, &(0x7f00000039c0)=[{0x6}]})
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet6(0xa, 0x200000000003, 0x87)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000302b00fc010000000000b595000000000000000000fe8000000000000000000000000000aa870000000000000000020100000000000000000000000000000000000000c0000000000000109078026ee40000000000"], 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xb}, 0x20)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r6, &(0x7f00000024c0)={0xa, 0x7, 0x0, @loopback}, 0x20)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
readahead(r4, 0x40, 0x7)
r7 = openat$sndseq(0xffffff9c, &(0x7f0000000100), 0x40000)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r7, 0xc08c5334, &(0x7f0000000140)={0x4, 0x2, 0x1, 'queue0\x00', 0x6})
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60ff00f500180600fe8000000000000000000000000000aafe8000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60c20000907800001e036b006e2eeb6a80c00b765e3780856d448d7666ce4352bcb1b6cbcf8527de14e1ce1c386cf74d8c"], 0x0)
openat$tun(0xffffff9c, &(0x7f0000000080), 0x20a140, 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_permissions'], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r8, &(0x7f0000008100)="58785f58471eb4b5b3ff3946acaad41068511507291e72541d949ffc8a54ff637ccef1fe8511899ea7f3c82cbc6539763a34f6760c1608c911801ca672e62708ba4fc023749076ff6a0daba0caa57000acbd9ecf5e97201f7f14e715bc8c089c3d65e92fd65dedb76d61715067ccf6dfec2b56a48f2b274b564d90c3d868f2bdc07b7e636ad78904bca826fa69b7783e7be2b8e7c997b99225467747875695f6d500cb82b479fe9486bb94e06f796f89906bbfccc964830f86986760ade90c3f7a9dde3172a5124c1889075ad30b5ee2a5f257a6ac790a8e89b247ccbc8d241b7b95f8fc649deffc1bc37d51a8c3dfae38ac968eb48695de38df941f9632ef9ad6779e41ccea8a3ff1cac4fa4b47a152a8f9a1bb0094f41580bbf60fa11cfaf2c535a12c866e9414ee9b58226fbdb0d221e1bdc50e3fa300351364f6350030383856f1f809aee19f337f3d3435ae6754916be1eec24643cec1bd1007ffa38418735988cc901603895f66bd6450d54f99e1246ded898499d2a447f899c00368ce1dd4a4f4cf9cdf7d4f8b38dcb98a598ac490f1086ec712b0cb94610abfdb25b0f6947b46e1dd628897ab68445568578049fa6140250a5d821d70f102fadc2fa273a6e486f250712ec847de3b02a121e19775311e8629045f3404bdfa3207aecdac43c3571b86a9423bd716aa67cb688f9ee4f2b14ea42c89f2766c78fd4ec41ab34eebb4256e885bd7e3abe4348772993bb630aa3397084bbc66cdad664d6a9d33767cc375a44dbc0b08931053a6780a796fd31e1d7c512599f9e010883a52c07ec0938ce1acb3fe3baac6af9fb7e9d7942662e41bd3626d240d5ed34ebcbcc0ccf1c3280c76fbf6cdfb04bdb2d3b4ec6a8961b1eb036b211eff6247b95039cc67d222f2ff122340c56d74b4fffa79a202144bb10ad766f1fd6b32abc3e09213da84b36698e5c67dbd76342baf2fdbd26e9563dadd01fce19d7ec025d05d0494e53229379d13c1cae48ec058cff0bc1ccdc94a74b11a9bc87c580bb6a3f45fe15d15d89bf6102dc1085bfe27b2ab462aaf642b8ceed519cf88b31e9e00fdc23e8f6967a72b4c38b2458656dbf26dd75586731bb519a97d0ff43f4358cd40c7ed371ae8a24f46e320d4c4c0a1b8c42f10908a1c283d8032d76f52d4509d78c2f3a0716c37bc0c786ce9174a88d468e88a6d154e4712778aecded0ca5de28e52c04e33672ecea5135438e908aa1bf00e65ba6dacc4bd018b7bb1c30aa5d9acc679220cb5e7207f1759bd7722d10469225aae24973031a21358532a63aab42f33b1f8f40d545fec7799703ba067592b34247fbc7375acdcb3883ace7d34cf33484f2cf662f3f0e18b5c475ae311fb20f6e6b85320b2bc37e56512dc27815b37bfd9f172be1a119197eb53b535c440fd7f24724e1d466309c0f8556965bd02d75c3dbe2baa0c6a515db07af1f77306577d0b38f0aa8cb188cf5523368951b8210f4bfc6afa0d058ad84656d27a46faef225e6268396ecb54a5182591bff3a86792db5454e238afe7c26eae85fd3c1c060760d89223bbdbe8966ae2558f47d799839cd959c974b69ad262cf8ab4fee554288e767ede9bc5d7f0cfba05966ef7858e41db363122680abe978345d45e4b52b73fe9f52ad26371a5b0539d88aa0c572aa01a41b079dde5a14e031ad903629d06c8d85ad82828c25a9ba7ce0fef2316eb011643e47feca7d280833f8b3008841fb2d88ea84df65b03aa5baaa29d6234ed5db8db461fc5df77aad38690277cd5dac1ed3c23c9f2778295578561f9a4d31159a826b4b62b2a867e6e8a9514edddaacad22106880e6633fb2f3b17c8d10bec633d6128489f7253b3e3e38e5942743ddd1547dfab27a152549f61891e3a5ad17f733b042f7ef915ad7423b9719fee9142407fe1d10ec8b64a21cd24fd39de4496ca3f394f07149bdbf1393181b5afee090ff40ee31d34a9c6a113e3823fac425fa85e212de1a9f7c4937ba64f3327961fccf85e6fa29be12de9589671d60d4658b1562ce7dedcde8ec79d265c13f5e197b66989c3f067d2801fcd78bb92b45e55fb4089a7cd3b179284af782ae0327ba56fc307a281772384448ee465dccefe41be8d75c8cd0eb5c0217d7ca706848f9b82500b77c2d838cbd536304556af87d3b6fb9183b5dc9cf2d0f7ecbb24d9f790151b9c6092dfb2c14decbe6448362cd7c13515f66a99c37b56134d12e8c7f1a5b75e14e47f84d8658f0b65ea91014e2e4fd361f03dbf8ca509d426ca1bba7e43ce918268393ff16b17d9e1bb49fb2b4f6eeb8b4b226c79303b19412a55b7ea7c8774ccebd8d66abe117a8be9a3c4faea730902136df57aff991b59dd71610ba4c8e1cded8287c21c56526f4fb6c502ea73ae310d56640990b3e695b278de6e1eebd51108cf7547c0e457e5fdf59691baf080dd3f5dc3c9a10bd4cc5e10ba42d4d3d9dc4f7ebe0bd2981a1d6fb06f7457dca1e56fac3f0fa7ca19ec2fb7940ee837e960d93a73bf085eaa2888fe3025aadd33cae85d63273be6ae3a92e35d78602d8e23b9460f04b7c0e0e710d10fdb0dd3fa9b880865603500d81dc7e968e8046569830b526e441f25f8b0af47d524aa80fd7dd9c3f72facec2032e2c06bc33c6b739c5368bf54e32b6acdca9d2d14276a8348ae92bfbd60f6aceecf98f3c6fe70747499b25667a96c52e21236421b27deafbc6b5e2b8a4ea2a0d3cd5ee1a10f3153b529b5c04a1961223a943842e17ee0cd114ce6983536400fc40f3d4708436954803fd60caf2b5ed7e4ce90bc75385e2424191c6a5038fa15d99aade49fa1affe63fb73078a6bb4ee560b0b521aeb33f507bdf876829f4d3f695197468e41503a10870a8e6df800608ac33dfdecc03f64d03fb6180287a684063c7edfc8db1366f6bb502fe446085f6acc4741b273a0b736f0f55da28967390bc7434db54ad0da9d1d002ceaa5c3e53efa95e7aaa792db32501a072e669da29fb734d771a6fa8c753fb2fcc204e31d668992473e7937fcf751bc79b125db1725f2a495bd2a4207e4db8d44810a4db5113705c5cb8733866ade3375d1bdbcb965cbd927e7d285f2933bf037911959088b64cfac0ff1e39244f2e9416653ed87ec564eb686af1062354a8bd7034c1022cb0d0b6996762ef4a0a3ab4f3deb459f023a867a38fcad2a10fcf0872862b386ff7c5ea7ce13abb112d1f0ed0723870eccc76d16f7e3cc00e28945bb93d9f2bd8e2017993102f0824867ec141f20df951202a2ab1cd796516ca0b4fdd9e6de8b82fcd30f9ab85cf0a5547e1ad1ef1ad5be7a878a16864d7c06b4ae002f3ba485a9bb36b8a591ecb64a4a5c0fd3b4beb015f58ea4cfe190f3b46cc4d9108d10c52a9de859814edac575d2a3d937a9b31db049e70aa76c085ab63d61c1317205c228f7027fa39125de8fec40ed7982e36a7cfa9fedca30f0b692bd4c7794f6b56d69ada1fed168cf03cc57321fe37e3a8cea4bd093e87b657fe5acb13d2591bebb52898362ddf0335810c70a4838faf8fff16301d16707eaa38e52f913f8aa3e27b2387ca1a217ac69966e287ad5cb0286535d5d00b7006661dbc7923a066945c1a2040a4e95d7b0de4dc8217bf1d4e9b6cccc671fdd9a5770c21e749b407df8c463a3bf17e47bfcba6a890a0435d3fbb7252fe072b149b7bfeb185b088686dd70e0c9cda275497b553aff2b319f7d7b0ed64002c5f9f6ccfc3d55d8c908d314487452f37a650f4561326a84c660b6111702a87db03595b5d080c60288203f091de9f78b997e47233f4bab9b044a98ab118a6c45b7ca746cc2fb90182a923d67216412e24a955c0c2307acc47bdd319955249d8412a5ccf444437f53f524c69ba0167c920f0c1f775cd1a225636200a9e4adf61f418d20f717339d0c8c5386af0936f628cc589a8d5581c1c8cad0b564a3f38b606473280a3fa586a5ba932fd38eeb23096df29a92ab54c409f88ef4f03217f0bb90fea539e629d8a025c802f6b5c3d735fe950c8ff7136e6db287851dfbffea1ef81491a50cb75a103367e85afa3484d6af865dfbca91dc05632b0d94aa384ee0c585424a5ddf80babe0b913b0a2eedda34c7ea7814642a69f8eae868274b16fe0f52fb60b201e6685dad3f419413d5b8186992855a25ffe0d4773a14c7977181a120cbc42af4f9acca3fee1d54ccc125ea49b62ab60c58a0ecdf50ee7c16f3b6b12b254fc08fcc85d409eef7c3f30cf705617f926a17e6588a9fd7e34be9fd863a7b157a2d9a336356d568c2d2dbaf76c2d2b2ff8703748b860e36f02b04d6e4f2fd49511f12ce395dc18622cd51948a32cc432cd797d8a68838cebbbdd9bcb6f2e85719785706012e894cb043bb9a53998131fd4aae3321d81fc001e718c4a99c0580af1d4a0c81665cc5adcf337c8bc00fc0fb3c7be0d5e5ff6a6fae5891858eafedbed69223170ccc71ce36ae439d769c3520972601fbab93f54808d6950cb7cf1e5a3b32d8c6a975e3adccca0b2ee28a4eb5ca3b0ceb9d31a8f767c3f4486a62215171738007675a55abf5916513f7eb9b21ff291f2b4b48bbfcf394cf861fe016b3680be422a8bff49963ce096d1bc17186822b1392e68b1a05fa6c70bd2d9a164f12301a6e78caa8f4cd43749704829f54c5d93637aeef80794d3f206741363e74fa181c9f1dc47557553de620794f096c59ccd74a178f5adb466ad5a62fffc1886f56ebceca4ed46ed2396bcbc31160b4eb1b7d69642e33315e3adbdbe1b9794931e7babf745ecfca37dd4190013793d530df12d6521bc069a05a94e0ffe91900a0c2209a6914d2f85bd161ff77284198129a9b1ba600bda3e52769d39c1bd61c4a70c627c3ad89aa0bdf0c93a2c35e166da9a08b4d2f92deacb6e9034274305b6d254c4052868ba32bec9aa3cec75debe24e78e43374efffe444722a983935f9007fe3de37dd83c52be16e034d09592a179275dd0c91281be579cd19c0162123886893713f25cdae19cf258926bf2070741111eee6b3df708c3fc416b7d046c948bf8500779c0cd5460e640bb1f860f58052b8087e6eb2f16e48f4984c9f9fc9fb2652ac5305861ece5362db08ae912ba055af766da1322057d0bfa647d98b8d4f1e7ed43ecdf1050c0eb19dae93b8014da57241cdab4ffacf0ec1348d4a89b3e8ff187098d83d8eba34e5c7ad4215f1977968a9d337d08fd1188754e7cf41baf0189ccaa5f3b1005f807b0255ce1920ca7d919e4684af70c3d089a99922727c607a2b06e713dd61122842a913036f6cd64dfb313fbdf639fcbd712852bb85337d056685b0a54225ae27e1e8c7ce5acd1f017b8f712c268b9cc0ee26d26c63955df0591f52ef3ef5e6f0a8b0a40fccec5f945431a2e81c35720d178feb481092e4f51978493c5fd502f252bc0152f145f268ead14932990069169483ecc7abc901657460c8730715c078b61059bd2621f50fb838376e0b808a3f118f761efea45bbac4274016960063cc67c428e72e516685552dc3bf473e442d76f2d3ed07b319694490054302a538b52e3b8496b7e37fbf4a2ffff2b484f98fdb14c66ecb8447834733f8a7a5a3c83de34b6647842dd56d8201f9d9240f3b3a5b5cbccf174a08853d06fd164fe74e04608ae12df8a35b73517d22a87c7ebca60942932d03102ff7e8644611b5520b5ebce950945498ce19210c866e48284d18fb7e049deaa43ee5283e3dfad7316ba85490e93182d13efe7ba64ee5ceeaabcff3eb24d46a3a129dd5a6b82e8c48210cb1e6564833f3e15dda4dec383b4319741cebf6374cf2c5d64722afccf7c4e2d81ae28d45f2c35b764281f1f08fec8f8e9277277ae1ae8a8981f85e041d2450afc9374e978f73b66da9aadb2087223f28e21e946eb07710ec86cdcad0948d4ca93827ea34e28806d172c3feb83471ed2d4d7ada2360b209d16b9d35861082d85b6be3c3589a6bdaf6f9b5d52ac8fd7388e32b24f1d5d34b5442c1ceebde311decd709f075d064f07bc60ab14c101ef51039eed56ae1e0a374e3e956603737b3a16db684a81e9b8998a0bb9b17a0876a92b2a3b9924f44b16ae4c7ff376ea8a8c91b504c1dbeb522cf846fc3ec6b9a01f452eeb35cade34c6a0463b92c46e013ee7906ee934141870ddd1464ae688805933504a2dc7cb1f947e28bf22f5eea6afb5de3b950056bf44065b84fd5589385d0feec4ef1db4fb4b595957130e575dc383e3686f4674143debb23e17b398f32683fb4805f297369d0e5f2e63af6891491e4e37186b4a3dffbbdcfff63d1fea4e12d24ef96fde3ed7a323a3605cdf5eaa43da738004556c2c20aa30c40079bc2e9ebe102c1fcf5259f1e3acc6b2a2bc9da4d0b1252433c58a1810581152a235e93deabf7f728eace350bcc4db4f249d4234bbd858c4e61a0eda4e3db0ae530c78eb63425502d651fd0cb986341ba69c44ede18eb3ebf25b2336cdda02447a9e20426d8206368c63b5fd6828612d3b99f627e331bab0009579de8270c36aa03861c300d34f2a3703870712325190073e6c17d8699f6744acb1b5468f93b57ab0366796181a4f543511d7ea2b32606c33cda61e81ed1c2194d305be47a3f1a9145d023620af12e79ec188573526ec35b9ce44e95fdb3530bd0431dd12a227d0ffe317cda1bbd787979261d6c9cf728b3d6bec3ba6ae15a595a30fc242bc5f25d837c1c642219afcfe043bb68a82965574b8b2139789235b262cf4af95a538e6954acf8e27ac3c95328df6e4bd615a376cd96bbc9e0d9802fbb40f80a848225e076219e26e0e63f57330b8bda69ec8dbd8b3272798cbfbb085b1885a1c22b3e2df2a879020ac1110b7af4f53ac97f556596ba0e164df0c85842026a87cf9631c9c9d851549efd8ca37e3b863e88436d5da5f4d3b5b5528e2d08d92b0d3ac6a06a0699653718e93a25b5afe254a068e300751eb6c67e3f5a1813d58d428f1ec108b88ec81444ccb50e8452941510c11f2e80bfd712f64b32b686c92ce922baf6c8eed1e9f0717a654d53b3ce1001880de80b5b15362b20286db9dfdf6c41f48aae84d5ab12ac45310f0eefc56e54113bcf95c1b2a259895af2ae9c679de4e2b898bf8a40a199a2059f8248c1303351dca3fb38906a682f66a94ee6ae6eafa7144758fabbaa60debd6eaaee7b2f1051781084b3c9d626263d011a3daf971b708750a77614753b89b5e1a77a52510ced5708083fb48c554dfd6aacfcf97650f3a3b3f97566050e76da968d4eceb83bc1e005ed1596d6e0ec5e2c90231e62496d7435ec5b28f805e3b7aefdd3718e4ff53065b8e4b15175d80eec59218d8278e711c6049bf6d62ae7069578e957135463d7616b37c1e4bf44d60dac6c7aa04cbbc4a64bb0cc0b059abb6b26f8ed5203232ddd8a6c5882e6e6c53068a71bc84c5834104e85bc96db2163798a3881929248b8c788e5bdc9e46e5f7f3f6ad43fad6fa381a0b924bd938702470b330fb90ba73d557c0d203d55edaed6e3a01aeb53b061dad57713ab27e1a9e0d06b534a65d85beb061bb5258bbb38179ea612a6f402affb8ca018ebf0d6f61d44d5a657c080c7d2dbc9b08c07713b17b0f173ada59b57abb401212f4f1fa026491b48d08cf46a704ab43e46de8ea596d68658523b61a156278b3b77bd1f4491381bfd874ed72b00675fd5b4b7c0ec13c6837434ba8e22230d32e7bb1287e488e14f5c5602cd4ca88012b244c7f23f4897e27027aa862ca139bc8b5fe14be7554832ab02e4ba19699a1e66825d94c7c44451062819a38d3376f0a3716b210c7adf4bfbbc303058aa2e054b3bd53539764f177b11b05451705550f90196997de3d1d480e500cd9d234078cb1a09c63d8911381d327402702c2765fe92b8ba3a0189b2b11b7460996c36eaae3ecb4f4e63bfafd7953ff086dfc0b12e616bbdca4707631467b830d244bd3f4371744bc8a4baac728a397818875d1b6a4a2f0d10be607122a6fe813f52e4456b8a5eb6c9ee0cf889f777a03cc26a055f9f259cfc4f8552b568a4b371260af062619dfb215ecfe7b318f8d627d2777bd5103d6ca2948d19d5812112962b63c2bf3d090ff19185dbc5ad49a580451de717c0baa288cd96669babe88a8b1ab6d0936c4c407878786695f46f59ef06c5c2166b661542c598b6e0551d490946182841184a7a0e669c6ccd73a342f65c4525dc7522dccab15fa72bd07588b5bca71635b9466ca72a504c74cca1c573e8d40d83d1b5c5326481ff8a2055a2e0fb997fe8e4787deaa2a8a57afe74a971e7f1f280895f2fc9d99c41416adef7b70ec47e7a12d0ca3c0ab1dba3c2d65bb172fde1fcd7f97692d3d8c9657e3277ce95947d59bf37dde3f35f7a5d76575f5c14caf7f0926c0896995a5f42efd0d38c42de202bea5b5db39bf697f9a96b54aefec723db523893186634763e7399bfa8029c2708dc817984528601c77a1d78bd4b2c85f10f5ca9363badcdab51a1b315cafa5c2ef64f60395f53efb9d60d89e1b2a5f147508c90d2b09476eee3cb9b5957669a77cd2c522909480dea9be3406d1779ffe4539f2e03efb5f8c2d040f0ea776ff869a36862246294d0ced556a129ef78327617052dc1ef5cfb4e5986ba2f0e063b90e1657d8977b58827a3c4e3d556eb3cf0540685f7c9eda461aa2ecc539fec3d2d56be99a518f11752f2be2f670c5fbe8010ac4eae0ede31c1a48f747ff2eac9fc069d3700a40bf5fcda80a3a4f5fa920f117a72de6da51195d2d7f0cc92ff7835bce2ba6b564832f582df56b24cf30c8297a826a4bbfe0afeb1da3e986b3d0a95509e0037d212a70178ecb246061e067238ea9238e4c4a9a7c6fc5dcba290970f50c52598423336c523f2de7580d059fb53934cb0beb208585e897fafeba30853e54badefa197478fe6b9f26ed0d33babb53acee7b7221d8e0cad7a6bd0d9383ced6391bf88ca7aa50c75c136075e87b92445f02fbbc92f7cb65fe2bbe0bf0c9fc2577da63a56f1efbeb276c1f4d01da6f6f7a842212d96dd45edcd2aee7f2c553ace15eb9336bb1804ec252998c5c8b25033894b05c01ce7c77b73ec0e239478c67d5378fe5a53fe6269025d54006e9bb1cbd09b81a39615517c609f3d74e377888f641587121f0f097b48d8be85800295ebab9407978a9cd379966577cb6e1f5261e4305696a2cdd50d8cb1964d3ae18ec730d40f9c782533efba47db8378c6aa15ce85985e211fff2659729599802a7b585cbef3a2762595f67e2054a0fb4457b146e7a656abb2c4b2387d760f7e5b8b7864132317d5ba29a662f50af8dc182d2fbe216db8e997ac856bc59855ca48999699cd6c5576cc47bf8a8c30638c7e08847e5083aa82068940409461d1065c2b53292d3ab145d5bb590bcd278e48ebd34920b18a2e1731c1855ae5a3ed637ff568d205a08cf98c58f5d79c99912e6c1ab257ece0d68ef13d69a56364419aac7df43f43d5faa9ad851c9810648f9050012e55475109ca3ada3452b78a7964377e0d862e022c73ca3ed6cee8c5fbb2d7c12f91c4851fea7c5b02e0a3c5364b7fcca110f20f8858465c498d7e9c6049417fc5c7d4e0059852a6d794af426e938a401cf43b2ba9f4f3f6f0f2eb710ecf3c0c36c4b3072597f805eca9cb14602292ec7d5601e6b1555c8d024aa4bb81a4cff98cb03725cb184ea7dbed6814106a1402bf68a2e51660af930a500d5530651a0dbf2fdc01a31a99be25350b5c8a5fe01155343d028c03e09009ef2c386a24eba8d842cac581402c8faec7dca1623afe25a230d8d4a8bd23df3cf12abedc2a50e387285acf1b3105011a2bdefb204a53b20be213b50f5244511f25852271e05c03fb9a799ac7ea675ffbde8de181368748a9707674e7e70f28a75e4036b6cf9e0693f91a65be4478b6630067ad8dae030a4b7b9784a206b2f7cfeeefc65aae11fc20190f4d6387bab05fa6e17f0bfbfb0c4f604878771aeace0676d12325e61b19a5317c4d4bb9fe6f3fc8b171f1116528b7cbcc4a91c26a729b512196828075f4d0aeac98887e2a6a19b4e1f1f66233962961c0d49df14c3e6123c9ec8dd7152ad045000107365fd5ed7ce6a6d65ae0736a7e227f77c9b0903d4589ac58ceb691583cdb93ae3fc792c886663cb7c5b0640deb66e29b3c69d2f1a3d1d47d7b672ee3c49e90bd406aa84a0189808924c4e67c5495b045e779c58ca65b42889f52d7315c66be3716dc8592b4875629cd0cb02c29d42bdf9ca5c16bc9051c2a6c09d0695bfba58c19a995838c022e9936c407d8999aa65e4a9d6d8eff99f8dcfac9b561375b6d1293441b9d32533161062c053c63ef09f6100cd748700a710f5bfc2a6297b15242b1f41e21bd004b885d6429a0d334a8c115f7d53d278dad24c9d295b97c50eb340d1e6d523f1757e2014c1605c3bd35f0cfdb74f79850423a37e2f95dfe41c56df09724d21065377f1818311f0c70aaf6fb2d4fc8d9eef576136617371d85481770ce9c390859eacfebba34e75a238ce80bcccadd6c42e8e186be3c15451131fbe9e345c05ab8e23f917d269686a9b5f06dd474f95757b9e5a3328416595539cbdfa69efa9702e5a268b1a70c6e5ff2c118a6e574bfecf17b1576e4f2f7ee566b0b2b5388476a68562991ac01412fa463b0f9e586ad4bde59e91a4b303268b5d8644cb7996cfbba422facd59875ed6ac057e563412255c412be0928a0b6fdb6f35d7008b5d5528ca796a4a69bd90b993a52da9c7d62f4b71a2763f822bb39f3ed39cc5ad5a4d51b5c27d31d105000f3f1e705ed5c42067106f3fe6d30151021bcab7f3a1ad9175b3d3644325aa676b9e057bf9d9aa3348b1d9b31bd639c59bb63f46a6c18794ae006db3b1ee20368160a82e26aee5a9fdc6b44df8be294f3ac0a1275e57ebf5e384b141ce89dd51aaf2248274468894645ba54bc4e6b9788b1eb5043c1f0dffe2e13c6179d0238d8cd037b6fe3e484445ab458fa09e4e8010d3288aa6e6cdbfba4b62c7984d058da8993d5de1df75a1ce8e3bd5875709fd2ede4cd5843e7102ed4031ed096a0c6e3ae9d522ad95ef4af83599507dd32fe3325819cdd7718c9797e921e6e365175e1dd53991edcd2baf27df8b1670d01967e97b3e3e75d297f908deedf2e3b91bd61973e8aa75a5a6f9db11525dd35556bbd13873602a320af74677832f93bd01f1e0631c882c8ab254a26b73a60a6c90cf9b96bd576e05b9befbce882c5d29198451bd15acaa894a5276ea9d870f49a33ee9d2429ef35a905b281deb75be54fa0c9e47be5876d7dce01986f2d0e7ae6df9b87a0ba6cfa55cec0c65dd386db5adc427eac18a00c9aded475417add4ebb8880ef3dd218a9ec3e6e13456f8de1630774e918fe5288dbaec3dd2a74698ec9e28ad573761b9e78af3d5c7a61e3eefc1a54c25bb841529b3fc9137836a2e7eff5ffae8e44f0257160da51ec0b3d144b92f1f43d2782513705baf5930903602d40cb4de87feca7243d2248a78a5d684e303ae147acc96e0b755eea77092b5f6efa723afc8a4240c75529dfe1c2fb75aa42d67e6b6c9a44c575738725815a9af1ced5", 0x2000, &(0x7f0000000200)={&(0x7f0000000180)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
syz_fuse_handle_req(r8, &(0x7f00000040c0)="6d797d42fb74562ec642068eb410c60f8cdc42cf09864b1dd1d244ec3ecfb9103306a02bd120cd2c684eee7cd734914ad7ec2bdd4402eeab7a2972f1672f126c4b5f6c5ff748548170bdf1020c2c3d09186940feb185436981cd578c3a2bdc19c16209468100cc1d67247885420cbc0ea004f07283bc4a5cf8499ad5ef4df93b2fa2eb26895ed9260cc61afbc766adadf7809b3a8f76d9f835acae2dac8abc42896374a6a82a8894552441bd0202daa10048b49d3bc74bba1e5258ab8ac5169facb96d9f68705a7709f6d9a66a9988c13d13a2b8b34d9f234e1c5fae79e4cb76ff3102184ed9032d2402087dcb3eff6bfac7bc4d2fdc9ea25f5289d52ed75ffcd83a2781eb4a23fdd078d1e53495305e3ed5bb4e060e89d6eb2b13586f7f5df32e34390d70f074b4f92c4624312698d86578f3d951021db151806fc314c98d819604d8d9572efc7dd71c0d1a9176ffbd48361908e927e03caa4c1ccc805fe755e616d983442660299e9dd34e5612eff964a45d613a832a0ef8e4410fcdb0313712795b369c08f907c91a4f20e5c18ff903e0ee410d77bc076f49debfd6e411104cace38e0318023527d1c54cec66790638c9ee70c29de0406b3483ca1663245edcda56dc9612e93f40f19cbde5cabb8816d7b75a266e404a8e5364d43c08cf5cc645b533c4b6fe349819c5374fac7a923a7a803ab138c873aee3718921043a60a0ce84df8b991dfa525f0955acbc866182f2409d032981ad824f037ef068501f955898c4500049f0b30014832e3b668f5873305ebd1e094f244caa90610be83a5f674decf451a82d9edca6664da89cad8dc212943828570fb365b41993f89c6d36c579157c4055a77eb1dad1dc466e743129e5e3098f4432fbe289111e102223ff04d02e8108b0925ce76118445efa09233e579f398ab373303c0bb64ff82ddb597040e58a61f82cc5614beaec13ed297a8daa9514468283037e5d0077c9803b69421070718fba4865e4b9c6d7d272c562cc4dd998e16fe288dac68b0bdf05eb2a02fd40b900944d10a94f2b3be9b6c6dc628044aa9eaf34e0474771c10bef03f6af2029643acc1e97efa0748cfca63aa9546bbfa6d7533c4dab0b931ac35b331aef91a80d5ea08ba35cf66e1779298d3338114c12f024970d12af8d67f9b165c15a8b7e37c14c2d512dca76cf6077e2011bb47cc993f3088027b2d53daca574e8b443fddf5c252788854be8aec357db43f2147f23061641d2910a4a503a3a9ca86b3656d37d443e5e4207bb38b6e8879bf3de21309eb90113ccaa75e1d1e0900efc17aecd35078b8f3d579d2d4fb576127278290d6a9ea379e22dcc4ad369d3405311efbc74702020d6cdb31267c2e4dfc6a34bf39c9db32da7f387760909843fbd02e9e291e838fcd8faac4c9ad909cc19440bb775070496ef69250f4cf90372c0f1835dacd4d605a69334d73b1228cce41fe3c6457a37531bbab6d8b15a8214ff3002d29016932de969f05ed64b720ad249b8164ea82fde08303277e7d5f0d3e86bd6021024bdb1d24afe3ae28cece041943db60034fa11c3b6ec7b09c117b086fa4016e68e46678a7c5e91c40d2866295247276109a8778b043b51ffe3ec33dbb665806cf6ca41e7143885b6ca920fd8caf475ddcc698a09d368c721f048efe9e0d372d9cc58deba32f81e7e7f6d53209050d72545bbf04356ea95c9bcec3b8b87f56963111c5454b30a12b8479afc26361a7e00a66c03aae8ebc3348ac2e9b0f52453a32efa9b8ec038e671122dc2965d3b7395051974088f4aa47a76327a0dffce6db0a2cd65e2da5539fd7673911d5605cadf30d85563a60afd58767b6adc549173818de01b0de192894a76bc4e62d8c9e341729e6ef37574cf63c27674081202b8ab9cb9d92d346b1c2dadb253532c1674b2440504f8430c0a2ae5829b016af877831ecce9b13743e821436a6c1c46a1176922dbf2721d9722edf72817f8d15fa5c7ecad046df91bb57b8d16244527c855a40403ddf1757c31361c8bec9b5701b5c10a1e96547fa2c93e03f264a366a96666e24d7f908f6fa4c3f26722961e70adfc4ccd413c2c05adeda400de500babfb80a4e4ae5e9e04444c55f006337c0a98c33f04ae0a6620a1acbc26b5c7d125c30ca542c64604a109c6022029da452a717b219456cca6bc9959f088a5f2360c390b531baf92ae2429a2d0b6c7a20c137a3a0050ae2216b871c03c56410d28472d1035bb870f94589b93ceb57a504bba5acb7a6f77699fc10ea96d8e8fb913ca78c0af33a8435344b71531207344d78ac349894aab972c1b471d52b266bbe4313ef2ba71e7a4680ff442a358699c1e18322dfd50c55b637b6e6d5f02fa61b0e8ae4ef7cbb6359f70028a6b60fe901b2ad97a62b5d527efaf5ebe23fccd80d80e02eabb1be14d40faac8a56b4785fe47c8ff4ac4ad7fcef2134b1ec599074dd45d2b7a5c45845787e0490d9d7db95b58b18f14ae6ccc39623ba0fdf64c8d027f1e7652cc90e82732d4292f4ab0f959a44ff906484fcf83e222088345541ba2b1c50b63711d8adb63c8556452c142de8a06f4b28a86f629cc1dc713dcddcfebc8b1420a603fb970ddaedfc82250637327beb5c0ad04947477bc9aec0914cd78cbf5060e4ef7806b3443c85dbe79b8e87807b1a8d141583998c412d89c23dca4aa16af321dead51a12a73be98bd8ebb4d58b3ccd2d67ec936f2596afff2ba4166015aa4cc6c433acf33df30e3d40a0d6468944a07d1f9eba1bb9eb03dbfb42ba790dc1e7f66ad1834fad94440bffe3879509120b6a5cd1890281bf0f4c2d1be00fbe6b2d09ebdf594110f2bda035262d4830dbe64aa3152612df991a6fe1d035e0b301cf527d74140c85ad79acc001fd2ddb3f283c21e8d253c6c4685584f753e01aae2dee4158c68e2e612f056eb602ad8199d84784e05b363292956247d1fd8e4201330d6060d66e10e316143015908554e5325550d61b8af87a92237edd75cf687919ed0164de95042cbcfe96b9102fe3b71f43bbb1fc24d9d2d0d81dad29ac18cce353ca7c4a7c32e12e451654addc5dc6a44d001c40913eaaf14dacab7037a68e9875ae51321d1852820794206fcc1cdd51443d5e3fcdedc4dbf728d1ed8dc29437db0154c2f59d1d0d0b0048cb56ad965682afeda337b172cf6a77be36ab8424b919e493628846bbf485d5fefd73228e40295fa2070027f6f2ed565024b82d1058a1be0d0c364b765f2a58f382e378692d1ca4fc7f09f867ed4684dd82dd4c76e0e640f5f87d1c6c2fafdb733f1cef6572cb5e104ae9c94d26c81cbc9a5fd8fbe61ddbdc683b7f4030132b932abf0d66afafc9a9d3121f0ed962a14294bf0ba7b1d33d7808efa427b5531cd881b5c87ec159bc9557009d9762010a497ad52b57283cde9715b48a3e35a22aec3730a0cb476a59f438684346ce0c14f22d5f1e5826d3f670e9ef60f6dd51a11fd32eed673b9d0a12d8eeb8046b96c51cfc54c21b2c48c4a89273963b8345b01159f53f6b6589333afd871875b930d7a4e2e1f5dfb44157ca004a739b0e98562c83b1d8414220f677f2882ef6ab1039fc5f132d7f55046d0c9545033624338e2ca6bdfcdd9d78306818c6214f524a7d036c80b5506f97fe383c1cae3c73dd2a0c628bff47d13dc7d9f88a3c1bb84ccbcb82fd881c6f5e9aa7516bec86fd6bee49f4db3bbf468922f1ef37c499b011e36173edc0ccb92d13dda668cf88bb99649e606fee23d3d3bc1fcbdfb40c7d4a4a60b89c63e65d02a283137561ccacd0c71cf70c6f039ebd1d29cd58571fa07d74187a7931d3d8b7db3062594b696b0e11a587724440bd77aa01fbe26a031a4c3f16ef3ba7f7544d01e8b7dd0b74f3025fe54cd01be16ee80ab0cd7c56671390f2e9bd62b212cf3ff58da7207846bacf85858130a89a2cb45da85b3ee574e8bb43c6642a3060b6f07228951aeab0fe4f4099b86bf07ec39262acca7319df3d5d057baa794234b89eccf36da5d32e4a5283386a0a271be30f75917ffd9f6d96eb8b50a7f6a0b861c5d12a624f3630a18e3bc94eb58bc835cef0a1b77952df6443cc12f221fb8460f4862f382abe13b409056644ec46fde96e1992e79ec0acdf3066f77bbcd6cf1a24d9b49ce84bd3bc58cd898da801d6b1ab12fd7cecc29894b98d616ccff855116a8985653ca88722dc00aed777dfe1839251be42716824dc0c40b6548319f613faffb2f1900a1f563724b0dcb7aa694110d268e945747d860d4bcaba7837342e3d7f207547ba8c093e8d2a1a5e3e098d19343de5fa773642cfb1a2e49f98df7e13254787cc35b2d689db16e551917c0db1034b175d1f4647c35c4cfe8a871cc7983b052050be9d24ed6e6f70d9d4b7cdebc9ba7a761b8c5f2207761a6fe9db5d4ac975dbe398ae05ed180f028037f2d9684dd3b28135e150db8a8adc6c34d0cca2cb95e6babf8702f26062d0ff0f88fc915caee5597a006e211c61f6fa4ca685e79655af85cb3489f94cd9836af4b80cd20ed23ed8f3f4107814407715b471354c5274595963b00482f3723ca88f4eee346c78bd29d65899163d848c9844991e976ff817120a13ce40aab11632b6fdd9d00acb82a5ac7769a0a7ed5d30ae077bf393f5de5b12114e4d1a32c7297bc5e14b673c78cc675b097d56f7a35c3206b1584996972153e2446465492528e0565718252139e1cf500f05a0ca529d58f5b91fa9bb2822c21248a7a8a92d0a7be5f4d249087176c7c23e27d72bd232fca3f7b36970daf2ccd64be4a798a6c30a068fbae324b4c158715949b37c3942f0eee35b90d2fe9d322420917532f6dceaf8633f4f9618f099ece4186e1adc1323b827c984ba54c887b462e169867c2e063fb60b7906434ef362200559e4d02413667dde0c6111750995824c316305f2ddfa3035ee09fdbc28c7f3c095f5a4382ce033746394a37b4d8a61ae8c7270d3863df7382a4786d7bed9543538166dfd01d122a384a7a3de7958c0272a35856f175fa29ee100d2a0f3a6dacbbe8702cf7e8d307ac0cc7921539a371a1c2e7f834db5a903069c07ff562fee851ac9cc3f2f045146db26b13401258733c67d820d06aa068b789300ac90481f84725311544e9a2363f2ce502c02c100bb41e18a103c79bd2bf14f6b52290fa60d978c284f927829b5027ae0ea842efb3450a8ddcabf0eaff6a6a8300de389e78cee73bd8de9a2809e346ff6c79dceca4277eee4b0dae1a3e1740f306044d6e67a5783e665f9637a8f8154f9ebecf95f48146c750826fccebbb1bef247666a710cd71dcf3ac3aa9d0bcbd4c4ad432bba642366e4a3b12981901358ee1d7babbb7e10737cbd8a1c159d8dd9dd521c48d2911ebb8162b51ea32185c37097c299c0e477914b49d04cabf5033a5a3660f829ce4dfb2f821e6cb19ce37df64f79eca0649ea8c6b41c6c5d08fb1dae021314609946310c833d08d46c026ddc5dbb7ac62f1123be2004729daa8156ee12bdde9529c7498c8d1a3fd59aa07b9ab7870c4e57b2f54dcc26edd206b28870cf346d741b46bcb508a5f9805ed63c6cb03a9334abfea33626b0681e59b1cecb02202c3190260b8e2963ee84d9a6b5e6be99cbf6a17e4a11e154c2a50d625ef1fd4690cb8e030e46e07c891e6db43626525d464302c44dbf65f71a485f9ea05c347b870bf63fddeaaa2336d9eca1d4c56e8a2734287f0f8a185bd8e3165a681175d1ee9d24f48c9182fd40179ea3d128c0b43c4e2c85eeefa4c932fcaf9297488a3d44e602477d94193410728a0ef0f6730e64b8cfb3e2235c6241d1252196f943d9eb9b2ce70f8c5cf21394875081f56ceb6749a8bfa43e0e545fbc6903b63c55b67ba1e064a682d58fb7117eab5407d1c998aa53a0ca190b0a4aaaa657299cee41be166a7622789b81cff0e892ba87c6ff22f29ed512ebe40cf7306b7597607de5c1c6fb2980a03cc0c6f396ecc27b6b5a3fb0a3f3375fccc397527797f6d1e98f9a873882f85a4e5b11eea65cddb12b0cec9e531a3b5de958963e20d8a520aa71588aa3ab92186e64a710ef07debe3fce6313ea69fd5bd45ca3d50e5c98ac632d5479bc0763b05509ffca67158ad8665cb858e4a8eae29ae667cfa8e39dbd15ca03846298faf7169187feae6e84deaee4ae51cd2016a867b3d11c4e6ec3ae39aeb8c8ec36a885e475f3e1e47e1fa464ef9569aba053cd066907a112612de411a5be0868543116f32d0781323c744dfeef87601981afe063122bac14b9059a68d9f356e85ec04c2767cbe79e245d7916daf222b5134ce684f7dec8fc0630cc9aeb5fbc38dfd19628ece15342c941e52be8abf0d82ed7b0b4bf5e6184edcae53949ef5987fd7fc479fc9921f2f332ae68f5dde23a3dd0b4713c3d18913edd9ce59870f7d50fdf33f3d2e8e5045d35555b4db5f48946e1b8d8d682f0c2bdd2d0de6bfff349e5e826cfb2d18d7bb43347362f13f5e80619451527bf0d3cc617881ef718466bf2efcb5f1404c573df09e00a5c0d1648b04860ee20d9e79d4ebac94a35e0a4919b1ab0db9e9dbdce1324223850e2e137ebb0c0e1cd690a3c5c9f8576538cba5e3831e6ba56809644e389ee984df3ea8e4743d5d03619b713c984fe8b43c589b78715b9147384b5bb15af8898cd82b31aca722cbe7938f119251d9142f2661f09b49f99d8988c66198dfb9db7f225086bed1deffa78995a56f905a7ab978a9c557ea1ad306bc0cd1cd8e5acaec1e4430a42068adec4a73f891c8010f0271c38685ca66c36313d15ab5bb6948c089b1fccf7fbb340eb03446a9bcda34b2d14a11e09f71e799fda19dd85293e2b0e2ca3e68145b4ea5705592562962cc6c0b65c88d06067903716656a0a7742850b956b609740c913f54225ae18ffb46162d6a0c1dac8b6c59541c8ef6bfcfa87ad59cb0e8ef6ef1d7f739c0a56cf975f9cca9ee89bac15cae197d02fc72505d23ebc6153491adccd22262979d2909fb8abd25683894e5a776824b81598a833e339a582b9ce3f8d7ce59fc3147eb3e92751867ee9c3506692b25b2d7f38d97280e85c01bf6d71a602d039aec747620d33660a9d5c9cf4010d01f9cb86db4704872307942df56f04cf6c17e57612635e769218cc91da9e2de29aac4563d695a6ebe249c14ba5332b54150a291bec28417febc4c3efae9e14a0323e561dbc80e98bf71deccff5babbcdc8015ef7a86a52781a67a4915645cfb18379084c58110f1294b2e08a6994d1a3dd4fb79437a75cdb05f36a7b3fdb449c0cea5682d37e5b0217676ff7a383a19d48860476b23ccb66779093b0f6b5b6a1ff0cef503dadf5b67382b2a501d0c13d89eec496374f43fcfa751864330479e0d1f7aa0883c2aafbb5c21b06cbea3c8b515fb1f6d061e269c3de372dc48f0b1c0a935de648a0fc4a1a32ce6aaa8432240bbc977a0ece5fd60d92ba49f1443bfc83668e8251260a5b275098e4a072d44726b91d850bd9c2485cacbf2b33be73785421c2fb259b0c1c0955339713f75ca72b9bc56a7167d8a942015385eb4f1bc3e07b23a71779d043a4f420b0fd9e889d398c955f13542c811683636b71a2fb178e951e37ed5519146c5d61e697d1148458c2f224dc6911363edd1b4d30c5cb12d0e2fb035adc33656615c05266f32c2faf5144e24086c97816c87569feb1fd41775263999ff057d9832b872506aba01db7482251f65a74c66cc01b83056970f843ef58df0d89c44f9265d5bfb50c287f330795b30848341dd26683e5df82bfc1cd1a3f2df3dae99fc38edcc614b39c8a8fa6ada4b5dff08914a92b6a16b05f13bbdbdc5e9f14a08e827ee5f364ce115e12bce05122f0dea62d8dd41222fafa3c6bdecea63d3fbd0bfdef667d6ac12b6918273631bf0ec25da2783f06f77a9a0ef2490afe43f3e8b0f553c0c1078141ec0d8f426b1924bd464e4240cda50e9b8a97050360a617eb4f88baa158da8672572f641b20ab3bcbab3d38ff3c84c5c3bf309e26c8ba735503700028c0806c29e02d0a0ed73b9c5c2f2a39f57ee08b935e6e056f01733a12b08603987b14aa7fc542c65a0c03e278723127bced6ac65d2386cf847a73057d19795d5a7517e71d5e480b7380866a64da32fcd1158af9a82559898a7931535a4b75326e2769711ff857d180f16acf316130574fd37bdb658b877f06db42ab96641bc75e3d4ad7fdd9028072139dd3019b03aad32907debef345bcc57423ddfc94683884a00c5f864b8c2dd5af081fa970da251d3afc65dd360c661d8ee2ab58dc9060e2d98b39ae95bb89c319cc93c9e653bf9db205338dc5528c11a391137fe496d726f1407945b243a49a1f3a786047fc47d5e5074e0ec678f26f30cba747d50070c00323d16cff4b06089830931ca704d386140f9c201a5b50a116410be001135aeaf30d7918ccdaf35482659fbb2933e97f1a2e0fc20e6a610e37511d06d4cf931e54ce8f5ab5f688e460e3943bbbe6949a8b4ae309ee31330ece6cb9dfcae0035f3808b7295776ae7bdafffadb6113faac5cd966c2875abb7b20f1b298b48cb78c467f1be92cd3a9d0fd35b7720334274a53a6cbd041b85b6f8f9d622293f0e95a8835204de1faeb7fcdcc57fbdf0afc2e6422bc114355cb5bc979f1bf6d0fb6eb31ee98e06cdcaa1ac36ed3246d85cbdaf999da5d6a7187e8622e6d224c5549a2f2802691a08242ed44a47fc9ad627af949ec3ab5b191025ac75ee7746e2762b530a622a716edbf341e4f9e04fa5d3f77c78dcde06f3845f45c8c1954120ac5949da541882d99adbbca4b0e422e4364289ff1a903bfd1ee63faaa40ef43d3e54249909066e1727591a9632cc8440dcedf931a823e9b542d51aee43897bbbc1f652ae774c326e8400a3a6ab8d90a04e5724fb39c05875ce5afff0502bb6164bc65c107593c155da4b77f136a34c9ec39a4e70cdc4f7fec68245402b2c0fb508eac623ab41a184d3bebe5e9f24c6590c1fee571ed55a76b8554b12116a36101691397d532b46924e6ccb688ab52ffc44f8a670d542477ebd3756d6ef5373024d3f915c187a35feaf39b76453ff835f73862bad13f19e76d47c70122911431e5f71b05a9728631df66b162e708584e83349db1a68368a37cfb4e16c9987a956b3018f2f12c639bf90b5fb0f0560fa7c19887a9d12316dab9bb515cddbae2e9056a556919476b47546c0dae631a88eb8bb9da49879f56efd3d1b65d50bb01c8b4ddc20374877189915cc5824200dfac8f422364b7178f2e7799665b464ac9ec54ffd87fc8dc68e08ab178059ec02bff4ae3c683d0c96796765bdc188c1a4ef46cfa9e6376678245f8d0c907e83e6eb78ffb19e75534925b5b5bfa489fb9cd2c68f00a079c9b34dc45e76044bbfc87c75bbdc5ed0ea7ca0f249007be79116fefa74085f982f670f821ccd0bb14e1086b677f379fd1a1c96bbb4a7338e867d3f91f41b0a7eb2f1104c2ed1593691e601f2e045b3db1cac5dc0d3b302b54967558057e767c4a96f0355d97beace9fe05f0513629b2dd4e86e523d16d7e2e129264e1749b07c062d3a92d96fff5cc976855540eb441a3cef8fc59bf236c85e778b04e30fa807c3ea634af17f005fb55b55f082ca54fc154e6b9df95b951ab9612da7223efc8b63f4528dc3353a15988790d507d9fda18dc8c4adefebc12567e040fd49d2d571437bada1c08054f45545e5cb33c8db8e5b4f2d6735a7fad407fea2ac6e516016c186b7a9b5586650178b3c201eb4fcda3a22291c1f5d66557675dfc73b17edd463abd17a3ec0f1b28adeb4c294c3792c5d2665d504610d37de5dc68fa03e16243ebca169797205d2b24cd64cb1e37328530d68c9a279e36aa0c7f718831ac30607633eab2c9e1b8d6b78649a78fd573d07f0edc18d2f52da2213e2ad44a4bfb3a80ae71d8cf57a2ae2658999d542f7c46da5a30f0f4a82296d0c95e4c6f046db42a00d8631b120a64ee260bf4dbf29103d4e2233fed2ec9ae65fb109f212f967c34e0efb52f56a9a7ab4de472f9cdb0fbcd19fed42d80216c4c717e77a5e6a9118423e0a6dc9d2f3cef598fb9bed6b4e66b279ebbc265560a471d132a854ff230673e843338dcb1ae202c797cfa59dd18eb46e313f1b0dcafdb6518c1da6b08aa1c92bd433a0b65358356a8d03a454f96add1237380049b2567a24836b7bfbdfa58186f2e295e0911dcad6c5413fb36a6e637156291efc016e8513664d515d3ddba1d2c63fa6c5a3331c3cb2f5e2eaad83a75588aca785ada46973d8a2d89686a416720a8f98e1a1eaa8c95aa0bea1dad03ec69bc4bf8300a821f67db4e0c1aab57ef1d1e06880130f6ffe76297acc62879f60e03933666a0da462b7a6b584d28041a3fbafe9a08b7a4664c46b8d40ce4f31a14b122ad74cc4a003f591e019e23cf764795d4235cc8d491c58d3be78a781a708d9fda492306a5afa7c0a43f52f39cafc6a6abc850bbbfa6254fdfd5115727210e19ec8a8857c10a9e9d5cb3001c6e04132667a30a6528e8b59661b483e5365761ac0f5c61e339833b35fd8159875177ed2b78df49ef83b45584c4609562ed2e8bb9add69e88fc0774517a15575f0250d26ae8f6f138daba5311b492c986005bef123a6fc3c1912e378cae2b64e58542293489d5a0f8b582b089c1b05f3ad0aec776b9dcfc0feb1386a98b7e2e09671a73f0eca92364d7f6da861280815b71e48934bc3d321da07878290ec81d3c5c64b8d7f55c1d2e2713edbb5fef28bc36d02302b01c4c29e5df4a9692b41e8d9364e2e408c55b9b14d3ad93889a48787df0673c3df6ba3d9222ee348199aba478e2d398b1e4ae012ca19473b3454327e5bfefb3c56576b6a6c035466f7641464806e63d7086223395a58d886b0dbedd365ce840a6990f56d697605b7d0ac60809270e4e392e89413cc94cea1cb277c4aee023bf90ded9910c96eeead4c6a10ca17151c4966f84bea565746eab573e4295e564d41bc5a6cc9df38c3d7cbd4cd618bd9f292daf95472839fe71c1edc202b6b8b5b939250b089b0dc978397fbaa7533fcce0c4b2eed8ad47779aa4b21504307c7d15e0bcb01bb60e5bafabe66e4b689e4873a1067063e17ba7d647a9a047b1b4ef7350402653b564ae1b34b8597a2357891c90ca2af6b68b794680a0511279fd213eec48dfddba7cbeeb9f9335a0679b1e6db44f27b12d898575d157c2159a86f676df18858857582bffdc006d4732257ade5dde2d1b2cf316fe2a7c5b44505cc808eae5427c43d50e9b99f9317e437df2bc640351e3e8ac249c42f782d07886b6d8875c253ee0e489f1196fa604747586df87e18a893721e6cecfe61dd82daf9b3e4f1eb745c93402c121bb639c56b91bdc77262acfa55389ede1f092733d8a69ae759f82ceda537ffbf32b65138aa3e43e8883048eccf0929de8dee297c5eee97ac7633beae01198e1b00c11276502e7660cd1f59ac619200042656c6e9757b082d374c80182290845f1bc8f2589eaf96948f148ebe675ee7fdb83e32a18eade32f99cca160a4d3504c4bea9c82cfdfe1dd80fbda7c484f2c17c20eea", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})

21.689239384s ago: executing program 4 (id=1732):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@getchain={0x24, 0x24, 0xffffffffffffffff, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x1}}}, 0x24}}, 0x0)

21.016460991s ago: executing program 1 (id=1734):
socket$inet_mptcp(0x2, 0x1, 0x106)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
io_uring_setup(0x3eae, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x3)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{}, 'syz0\x00'})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)=0xfffffffd, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendto(r2, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={0x0}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0500780df9dddbcb538202000000ce9f00060000", @ANYRES32=r6, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'rr\x00', 0x37}, 0x2c)
syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@ra={0x94, 0x4, 0x8d1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
ioctl$UI_DEV_CREATE(r1, 0x5501)

20.637936546s ago: executing program 1 (id=1736):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x1f4, 0x0, 0x0)

9.076907788s ago: executing program 3 (id=1752):
r0 = socket(0x10, 0x3, 0x0)
gettid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)=ANY=[@ANYRES16=0x0, @ANYRES32=r3, @ANYRES32=0x0, @ANYBLOB="c302"], 0x2e0}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}}}]}}]}, 0x58}}, 0x0)
sendmsg$nl_crypto(r0, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="f8000000130000032bbd7000fbdbdf25736d33000000000000000000000000000000000000000000005c00000000000000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ff000000000000000000000000000000000000000000000000000000000000000000000000009756b5cc0000000000000000000000000800010006000000080001000700000008000100080000004193d771b502d359f45d6fe9f6280057050db037cd761da9bd201d37ce8c80f06ad3c796f09492bb48019698e24033faa48869329c58f25ea79c76b11d5101c8fee4324fc94623a056aef641aba4a922deb61aa6167a0cf1ddada4eb0ee58e3a62c3e7ae8d522984025bac713094e2cc21e9c2ef4bb6767c295ee493cf7f7c7eae0c4c50db355041af4c7cd6b564334cdc01c5"], 0xf8}, 0x1, 0x0, 0x0, 0x1}, 0x884)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x3c}}, 0x0)
sendmsg(r7, 0x0, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
r9 = syz_io_uring_setup(0x6aa6, &(0x7f0000000380)={0x0, 0x2c01, 0x8, 0x1, 0x8d}, &(0x7f0000000180), &(0x7f0000000300))
syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x20, 0x800, 0x2f1, 0x0, r9}, &(0x7f0000000100), &(0x7f0000000340)=<r10=>0x0)
syz_io_uring_setup(0xeba, &(0x7f0000000280)={0x0, 0x0, 0x80}, &(0x7f0000000040)=<r11=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r11, r10, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0x3, 0x0, 0x0})
write(r8, &(0x7f0000000040), 0x0)
ioctl$VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000080)={0xf0f046})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
getgid()

7.706212497s ago: executing program 3 (id=1754):
socket$inet_mptcp(0x2, 0x1, 0x106)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
io_uring_setup(0x3eae, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x3)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{}, 'syz0\x00'})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)=0xfffffffd, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendto(r2, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={0x0}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0500780df9dddbcb538202000000ce9f00060000", @ANYRES32=r6, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'rr\x00', 0x37}, 0x2c)
syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r1, 0x5501)

7.229830317s ago: executing program 3 (id=1756):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0904009a1d7a356257409400000018000480140001800a0001006c696d6974e00000040002800900010073797a3000000000b8000000050007409c000000140000008b02000000000000000000000000000a"], 0x74}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x4, 0x1000, &(0x7f0000000300)=""/4096}, 0x90)
syz_open_dev$video4linux(&(0x7f0000000500), 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001380)={r3, 0xfe, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff3c, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001380)={r3, 0xfe, &(0x7f0000000480)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff3c, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r4}, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001380)={@cgroup=r0, 0x0, 0x0, 0x4, &(0x7f0000000200)=[0x0], 0x1, 0x0, &(0x7f0000000240)=[0x0, 0x0], &(0x7f0000001300), &(0x7f0000001340)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
sendmsg$AUDIT_TTY_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$key(0xf, 0x3, 0x2)
execveat(r0, &(0x7f0000001440)='./file0\x00', &(0x7f0000001540)=[&(0x7f0000001480)='-\x00', &(0x7f00000014c0)='/}#\x00', &(0x7f0000001500)='\x00'], &(0x7f00000015c0)=[&(0x7f0000001580)='syz'], 0x100)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1101"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0) (async)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
getsockopt$inet6_int(r1, 0x29, 0x5, &(0x7f00000000c0), &(0x7f0000000180)=0x4)
fanotify_init(0x0, 0x0) (async)
fanotify_init(0x0, 0x0)
memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0) (async)
r5 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0)
dup(r5) (async)
r6 = dup(r5)
fanotify_mark(r0, 0x2, 0x40000000, r6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000001400))
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) (async)
r7 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r7, &(0x7f0000000300)=""/4096, 0x1000) (async)
keyctl$read(0xb, r7, &(0x7f0000000300)=""/4096, 0x1000)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c)
connect$inet(0xffffffffffffffff, 0x0, 0x0)

7.032416816s ago: executing program 3 (id=1757):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd(0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="1e20070000000000c099"], 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0xc2}}}, 0x4)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r5, 0x8982, &(0x7f0000000a40)={0x0, 'macsec0\x00'})
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04fdcb0500e6d6006cad8d7a549c5f76109e299ea7f666daa4a63971f4b2774c2ede1ae5cbacd02d35e437d591deadf000b8c7331ad51fc198bd5bbc26cc0fdb98811616758b2cb2bc659a9ad9c036b9d1974cfb7e195384974014982c93ab30e9ae380cd7e4fc0872571eb4e98cc4a18361f95b907f60f02de5f2d3c2457d4a8f09331bd64552f77eee73c36c9a3163c1301dfc573cc01e2e35829d21b9318e37b47f61b72a600c58b44a8bafad268f97a78b068a9896fe135498eb3dbbf4d0538d63b6338115c821e982834481e376927f5ab446c2012839527e0456e4240f8eeb39e62e31"], 0xce)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x96, 0xc8, 0x3}}}, 0x7)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

6.234815386s ago: executing program 0 (id=1702):
syz_open_dev$evdev(&(0x7f0000000a00), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$EVIOCGRAB(r0, 0x400445a0, &(0x7f0000000440))
r1 = creat(0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100010000002c00018014000300fc00000000000000000000000000000014000400fe8800000000000000000000000000013c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400000000000000000000000000000000013c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400ff020000000000000000000000000001dca434bda38c8debb471848e24273996e2a4ec02935b7ea8d361fbb01c76227bdd4d47049e886493583398d423b4633090904a7c31f64bd68c751592360c55f877cc16795ada1d90a2816d118cbaffbc3d5097910ce7fb88c17c609fb87d670d69ba84e3a6f843d978c8ccc6a54321c6b2c4707692b2da6564c48918495276ee184885c5f3357168b4d3aa97c14baf27e537446655354950883a471d94c4bb4abbdad3ab13731e400d5853cec460859b666f6f4cb427c3e16cfb3ba88c49021a768a6579482607f9625e8d071d2fe846948630b76f012c11d929163c0d49e212b59274cca6fabc8aa1591b8a440b22de9e1b232222b3a8b6618a0e92ef8f1e0fc29d1f251c81e79952a8ec10006335623bfb5f9370a87d881033f364d685255ac14b6c9cddd342406f82d2c21774ec27357856eed7ec90429e77531af246960266c754b0b50bfe228b289474041ca12f715db62b25970a5c8dc9bb90d4c359e1855e0de8d8d9"], 0xc8}}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x45c, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729a81e4ef2fed2f18732f0038e079e561eea96eb665219070f42139c627dd5f185d23fdc316d38eb99826bcb63938d6cd1af3b5274f57009f87854ad98bef03025c32e7aa4a721d28e94ec5feff3a279c2e1c18002e39eaaefec3dfd1eae45a61e4283e8a7ef1eaf70d93a0333a9ff9ef048332f3fcc797076f8c02858548418e34a9967282de2eb4cc6438f0b6c9dcc204cdd732dd88624b39c16e8f80819cb72be6ab07492ed05ade4caf1ae3d723830523e32c02786c50ac1f47b994ed49fc4b9b318a4c86b4f7fb0d3c6a8763ef27cd52936cc55ef5ac50935a7f706464be90ea4b5f894ad92910de17889a6236a4bda8aac5e1daa70a8fcf248360cdd4e86f854f23e3e4792d91c85f1ed6cf7c36bbe9d879fc86b55e55e0566b6451aad55b1b2"})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0xc0a85322, &(0x7f0000000100)={{0x0, 0x80}})
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f00000006c0)=0x1, 0x4)
tkill(0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f0000000040)={'pimreg0\x00'})
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r1, &(0x7f00000005c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x8800)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
open(&(0x7f0000000740)='./file0\x00', 0x12000, 0x12)
sendto$inet6(r5, 0x0, 0x0, 0x400ad00, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @dev}, 0x1c)
sendto$inet6(r5, 0x0, 0x2, 0x0, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0xaa, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x98, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x9c4c}, [@country_functional={0x10, 0x24, 0x7, 0x80, 0x0, [0x0, 0xfffe, 0x0, 0x0, 0x6]}, @call_mgmt={0x5}, @mdlm_detail={0x27, 0x24, 0x13, 0x0, "d9f62b8b787a06263152755fc26d0ffd3185cc6f4ec2b3ca3f875b6e356f9c5682cf3d"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x0, 0x1}}}}}}}]}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xdc}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4.329321173s ago: executing program 0 (id=1760):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000005000)=""/102381, 0x18fed}], 0x1, 0x0, 0x0)
getpid()
socket$inet_sctp(0x2, 0x1, 0x84)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000080)={'wg0\x00', <r5=>0x0})
sendmsg$WG_CMD_GET_DEVICE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="270300000000000000000000000008000100", @ANYRES32=r5], 0x1c}}, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0x3)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x6)

4.177189487s ago: executing program 3 (id=1761):
r0 = socket(0x10, 0x3, 0x0)
gettid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)=ANY=[@ANYRES16=0x0, @ANYRES32=r3, @ANYRES32=0x0, @ANYBLOB="c302"], 0x2e0}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x800)
r5 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}}}]}}]}, 0x58}}, 0x0)
sendmsg$nl_crypto(r0, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="f8000000130000032bbd7000fbdbdf25736d33000000000000000000000000000000000000000000005c00000000000000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ff000000000000000000000000000000000000000000000000000000000000000000000000009756b5cc0000000000000000000000000800010006000000080001000700000008000100080000004193d771b502d359f45d6fe9f6280057050db037cd761da9bd201d37ce8c80f06ad3c796f09492bb48019698e24033faa48869329c58f25ea79c76b11d5101c8fee4324fc94623a056aef641aba4a922deb61aa6167a0cf1ddada4eb0ee58e3a62c3e7ae8d522984025bac713094e2cc21e9c2ef4bb6767c295ee493cf7f7c7eae0c4c50db355041af4c7cd6b564334cdc01c5"], 0xf8}, 0x1, 0x0, 0x0, 0x1}, 0x884)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x3c}}, 0x0)
sendmsg(r7, 0x0, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
r9 = syz_io_uring_setup(0x6aa6, &(0x7f0000000380)={0x0, 0x2c01, 0x8, 0x1, 0x8d}, &(0x7f0000000180), &(0x7f0000000300))
syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x20, 0x800, 0x2f1, 0x0, r9}, &(0x7f0000000100), &(0x7f0000000340)=<r10=>0x0)
syz_io_uring_setup(0xeba, &(0x7f0000000280)={0x0, 0x0, 0x80}, &(0x7f0000000040)=<r11=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r11, r10, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0x3, 0x0, 0x0})
write(r8, &(0x7f0000000040), 0x0)
ioctl$VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000080)={0xf0f046})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
getgid()

3.966788365s ago: executing program 4 (id=1733):
r0 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f00000004c0)=0x2, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
io_setup(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000680)=ANY=[@ANYBLOB="043e320d02"], 0x35)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000602, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB], 0xc3}, 0x1, 0x100000000000000}, 0x0)
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f00000001c0)={0x5c, 0xa, 0x0, "b75c89e7a20c8eac82ad0416bb1844038d2cd97c945462f31638b5394c00"})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f00000001c0)={0x48, 0x2, r3})
set_mempolicy(0x6005, &(0x7f0000000080)=0xffffffffffff7ffd, 0x2)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="010000ff0200000000000000ca"])
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000740)=[0xffffffffffffffff], 0x1}, 0x58)

3.66512659s ago: executing program 2 (id=1762):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x4}]}, 0x38}, 0x1, 0x2}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b707000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090800000000007baaf0ff00000000bd8a00000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018270000", @ANYRES32=r2, @ANYBLOB="000000000000524fde560000000000004608f0ff76000000bf9100000000680104000023709d00008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.506236611s ago: executing program 0 (id=1763):
socket$inet_mptcp(0x2, 0x1, 0x106)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
io_uring_setup(0x3eae, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x3)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{}, 'syz0\x00'})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)=0xfffffffd, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendto(r2, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={0x0}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0500780df9dddbcb538202000000ce9f00060000", @ANYRES32=r6, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'rr\x00', 0x37}, 0x2c)
syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r1, 0x5501)

3.35839426s ago: executing program 2 (id=1764):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
io_setup(0x5, &(0x7f0000000000))

2.933305191s ago: executing program 2 (id=1765):
syz_emit_ethernet(0x4d0, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000008100000086dd60ea382704962f0000000000000000000000000000000001fe8000000000000000000000000000000420880b0000000000000800000086dd34a09e4e79e717a4d0dcb9770f59945aade78d9549b1fd990f232f0619197b747fcdeb83f586ba83e523dbc6ba5b1cba9a691d80c041011c9e0bc642f47934a1747b59ba8a263ed7e283d281b37aea191356851bad789eeb8b63b2c5b91373bc8f1166154c91a44f02bb2d87db08904c06ccc3496458ace4040ed4fe9916f748e363f4e71ff815b74521a1405beb319af9c5b775bbea787c7b9e68933cb4909aa409fd009a78e45ffdaa5ce6ad5e3ca26e0fee664967dbbe7ad84728d4d36b47082f0d01d0f16daae177f6d81094164d07dc1297d00d42608a8f5ac750917745588b6aca183bb2f6245db83226bd859ea3d64d053a15ac9cdf894f2fa4b4b126feca95d58e4bbbe6be1c4bb522ff4ba11ef6c63478813cc2e103ea351d475b81ed1603fb2f485c10d6f8bc2deec37e906af542b4eced6b80c86ee9740eb2f2007b3e98728ca966fca6a9ac551298e996452f4861db2309a30d1cdf58ec08f78971398cc73c85cab220121d18e5f17a8e5c2211e29cd5be11d064ef42a196865a9f9692de67cfa270760fae0ded908defefabb0b87e9aacc7b78479b3f33715ad7794dc77345afc4869168e5d5ee44c88cd675b60a500bfc4b035cf4c4ac779a1ff59f2881f3dcc553e2aa22b584f0d454b69f5633b6936ef4fc45f0a57"], 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x282, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3"})
set_mempolicy(0x6, &(0x7f0000000000)=0x3, 0xf5)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0}, 0x90)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x401d031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

2.843587276s ago: executing program 0 (id=1766):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f0000000080))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000200000014001680100008800c000180050001"], 0x38}}, 0x0)

2.698214972s ago: executing program 4 (id=1767):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r1, 0x1, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x3d}, {0x1}, {0x6, 0x0, 0x0, 0x7}]})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @remote, 0x5}, 0x80, 0x0}, 0x20000000)
sendmsg$kcm(r3, &(0x7f0000002ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86a9}, 0x20000000)
openat$cgroup_type(r2, &(0x7f00000000c0), 0x2, 0x0)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCL_SETSEL(r4, 0x5452, &(0x7f0000000100))
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
write$FUSE_BMAP(r4, &(0x7f0000000280)={0x18, 0x0, 0x0, {0x5}}, 0x18)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000080)={'wg2\x00', <r8=>0x0})
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x48, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_PEERS={0x8, 0x8, 0x0, 0x1, [{0x4, 0x0, 0x0, 0x0}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r8}]}, 0x48}}, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000001140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r10 = accept4(r9, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x28, 0x7, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0)
sendto$inet6(r4, &(0x7f00000003c0)="8c7c788bfb94000000243c03b1d9eb5571222bb7261e5fe09cedba815fd3d0549c31e2f41486fc559374cbc926b200000000", 0x44, 0x8000, 0x0, 0x5b)
sendmsg$nl_route(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000040)=ANY=[], 0x38}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

2.441695555s ago: executing program 0 (id=1768):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = socket$inet6(0xa, 0x3, 0xff)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6000000000103afffe8000000000000000000000000800bbff02000000000000000000d8ed94a00186009078ff00000200000000000000003a1108df859474c71d4da595765e25aeeaa2d86ed2da9595b37db2cfc3a10d15b1c5e46116d6cc917d432227dd79660503bb8a970b9216033db8b4298d8071b8100729dc70dfda9a3bb5c17a9b709c78e536ce262c7c57ed4c73e23a771bdbe1ceca98d4a0cfd6086f6dbcfa5b0d"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8d}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(r1, 0x0, &(0x7f0000000040)=0x6)
futex(&(0x7f0000001300)=0x80000001, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x54, &(0x7f0000000140)})
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4')
prctl$PR_SET_SECCOMP(0x10, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x87, 0x0, 0x0, 0x0, 0x5}, [@exit, @btf_id={0x18, 0x6, 0x3, 0x0, 0x4}, @ringbuf_query, @ringbuf_query, @tail_call, @call={0x85, 0x0, 0x0, 0x12}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f0000000100)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5, 0x9, 0x3}], 0x10, 0x1}, 0x90)
accept4$packet(r2, &(0x7f00000002c0), &(0x7f00000003c0)=0x14, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000500)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/159)
getuid()
socket(0x10, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x15, 0x0, 0x1}, {0x4, 0x0, 0x0, 0x7}, {0x6, 0x0, 0x0, 0x6}]})

2.209196393s ago: executing program 3 (id=1769):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd(0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="1e20070000000000c099"], 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0xc2}}}, 0x4)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r5, 0x8982, &(0x7f0000000a40)={0x0, 'macsec0\x00'})
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04fdcb0500e6d6006cad8d7a549c5f76109e299ea7f666daa4a63971f4b2774c2ede1ae5cbacd02d35e437d591deadf000b8c7331ad51fc198bd5bbc26cc0fdb98811616758b2cb2bc659a9ad9c036b9d1974cfb7e195384974014982c93ab30e9ae380cd7e4fc0872571eb4e98cc4a18361f95b907f60f02de5f2d3c2457d4a8f09331bd64552f77eee73c36c9a3163c1301dfc573cc01e2e35829d21b9318e37b47f61b72a600c58b44a8bafad268f97a78b068a9896fe135498eb3dbbf4d0538d63b6338115c821e982834481e376927f5ab446c2012839527e0456e4240f8eeb39e62e31"], 0xce)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x96, 0xc8, 0x3}}}, 0x7)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

1.710520318s ago: executing program 4 (id=1770):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffed7, &(0x7f00000001c0)=0x5)
eventfd2(0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x2)
r1 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f00000000c0))
ioctl$PPPOEIOCSFWD(r1, 0x4008b100, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r3, 0x9, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f000001aa80)='cgroup.freeze\x00', 0x275a, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r5, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000300)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x28, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "4c72c74590cd07156b723813e6d31ac4"}]}}}}}}}}, 0x0)
write$binfmt_elf64(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="7f454c460000000600"/23], 0x78)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
setitimer(0x0, &(0x7f0000000000)={{0x0, 0x2710}}, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socket$tipc(0x1e, 0x2, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x1})
socket$nl_route(0x10, 0x3, 0x0)

1.475992822s ago: executing program 1 (id=1738):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = io_uring_setup(0x30d3, &(0x7f0000000240))
close_range(r4, 0xffffffffffffffff, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x800)
io_setup(0x9, &(0x7f0000000180))
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000480)=@newqdisc={0x8c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x5}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffbfffd, {0x0, 0x0, 0x96, 0x0, 0x0, 0x4}}}}, @qdisc_kind_options=@q_ingress={0xc}, @TCA_RATE={0x6, 0x5, {0x2, 0x7}}]}, 0x8c}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
kexec_load(0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
io_getevents(0x0, 0x10000, 0x3, &(0x7f0000000400)=[{}, {}, {}], &(0x7f0000000000)={0x77359400})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x0, 0x0, 0xc}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d000110000000090400", @ANYRESDEC=0x0], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000066c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0xb, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_DIVISOR={0x8}]}}]}, 0x3c}}, 0x0)

1.027582488s ago: executing program 2 (id=1771):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = epoll_create1(0x0)
epoll_pwait2(r0, &(0x7f0000000140)=[{}], 0x1, &(0x7f00000001c0), &(0x7f0000000240), 0x8)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)

1.027077844s ago: executing program 4 (id=1772):
r0 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$inet6(r0, &(0x7f0000000480)={&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c, 0x0}, 0x4000816)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000ac0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) (async)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)={0x2c, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @typed={0xc, 0x3, 0x0, 0x0, @u64}]}, 0x2c}], 0x1}, 0x0)
sendmmsg$unix(r3, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000300)="fb", 0x1}, {&(0x7f0000000000)="7df96d9198953cb7bf2bc0a3b28751a1", 0x10}], 0x2}}], 0x1, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x5, 0x4, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @private, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty}]}]}}}}}}}, 0x0)
recvmmsg(r3, &(0x7f0000000980)=[{{&(0x7f0000000040)=@un=@abs, 0x80, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/150, 0x96}, {&(0x7f0000000100)=""/2, 0x2}, {&(0x7f0000000340)=""/240, 0xf0}, {&(0x7f0000000440)=""/176, 0xb0}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f0000000500)=""/83, 0x53}], 0x6, &(0x7f0000000b40)=""/4096, 0x1000}, 0x5}, {{&(0x7f00000005c0)=@in={0x2, 0x0, @private}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000640)=""/154, 0x9a}, {&(0x7f0000000700)=""/50, 0x32}, {&(0x7f0000000740)=""/48, 0x30}, {&(0x7f00000007c0)=""/187, 0xbb}], 0x4, &(0x7f00000008c0)=""/165, 0xa5}, 0x6}], 0x2, 0x183, 0x0) (async)
recvmmsg(r3, &(0x7f0000000980)=[{{&(0x7f0000000040)=@un=@abs, 0x80, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/150, 0x96}, {&(0x7f0000000100)=""/2, 0x2}, {&(0x7f0000000340)=""/240, 0xf0}, {&(0x7f0000000440)=""/176, 0xb0}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f0000000500)=""/83, 0x53}], 0x6, &(0x7f0000000b40)=""/4096, 0x1000}, 0x5}, {{&(0x7f00000005c0)=@in={0x2, 0x0, @private}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000640)=""/154, 0x9a}, {&(0x7f0000000700)=""/50, 0x32}, {&(0x7f0000000740)=""/48, 0x30}, {&(0x7f00000007c0)=""/187, 0xbb}], 0x4, &(0x7f00000008c0)=""/165, 0xa5}, 0x6}], 0x2, 0x183, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0xffffffffffffff0c, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x5}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_CLASS={0x6}}}}]}, 0x38}}, 0x0)

817.402391ms ago: executing program 2 (id=1773):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x4}]}, 0x38}, 0x1, 0x2}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b707000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090800000000007baaf0ff00000000bd8a00000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018270000", @ANYRES32=r2, @ANYBLOB="000000000000524fde560000000000004608f0ff76000000bf9100000000680104000023709d00008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

745.772175ms ago: executing program 4 (id=1774):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd(0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{}, {0x0, [{@any, 0x2, 0x4, 0x80, "0cee66", 0x101}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x5, 0x10, 0x0, "777493", 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5, 0x6d, 0x1, "991065", 0x80}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9, 0xff, 0xd5, "b3827a", 0xe17e}]}}}, 0x4)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r5, 0x8982, &(0x7f0000000a40)={0x0, 'macsec0\x00'})
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x2d}, @l2cap_cid_signaling={{0x29}, [@l2cap_conf_req={{0x4, 0x2, 0x25}, {0x800, 0xfff, [@l2cap_conf_efs={0x6, 0x10, {0x4, 0x1, 0x7, 0x4, 0x9, 0x539}}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x2, 0x9, 0xe91, 0x4, 0x71c}}, @l2cap_conf_flushto={0x2, 0x2, 0xb}]}}]}}, 0x32)
syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x0, 0xc9, "4bddfc52fd3a5399"}}}, 0xe)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="0405049fcf33a2eeb9c59af4471c1d6d2c272d21dd571d2ec4665ec248785fbca26badc4f984c3a6a61cd8c71ce465b0210f22ee4a4ff8aa394360f23300756b8e85e6c138ed8d582041adbedf960e"], 0x7)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

469.042529ms ago: executing program 2 (id=1775):
socket$inet_mptcp(0x2, 0x1, 0x106)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
io_uring_setup(0x3eae, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x3)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{}, 'syz0\x00'})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)=0xfffffffd, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendto(r2, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={0x0}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0500780df9dddbcb538202000000ce9f00060000", @ANYRES32=r6, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@ra={0x94, 0x4, 0x8d1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r1, 0x5501)

0s ago: executing program 0 (id=1776):
r0 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f00000004c0)=0x2, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
io_setup(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000680)=ANY=[@ANYBLOB="043e320d02"], 0x35)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000602, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB], 0xc3}, 0x1, 0x100000000000000}, 0x0)
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f00000001c0)={0x5c, 0xa, 0x0, "b75c89e7a20c8eac82ad0416bb1844038d2cd97c945462f31638b5394c00"})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f00000001c0)={0x48, 0x2, r3})
set_mempolicy(0x6005, &(0x7f0000000080)=0xffffffffffff7ffd, 0x2)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="010000ff0200000000000000ca"])
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000740)=[0xffffffffffffffff], 0x1}, 0x58)

kernel console output (not intermixed with test programs):

fter parsing attributes in process `syz.0.1520'.
[  750.733643][  T952] hsr_slave_0: left promiscuous mode
[  750.772442][  T952] hsr_slave_1: left promiscuous mode
[  750.823504][  T952] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  750.843627][  T952] batman_adv: batadv0: Removing interface: batadv_slave_0
[  750.901547][  T952] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  750.938524][  T952] batman_adv: batadv0: Removing interface: batadv_slave_1
[  751.042245][  T952] veth1_macvtap: left promiscuous mode
[  751.070135][  T952] veth0_macvtap: left promiscuous mode
[  751.079385][  T952] veth1_vlan: left promiscuous mode
[  751.094150][  T952] veth0_vlan: left promiscuous mode
[  751.484236][ T5173] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  751.684237][ T5173] usb 1-1: Using ep0 maxpacket: 32
[  751.696270][ T5173] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  751.719475][ T5173] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  751.733431][ T5173] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  751.753463][ T5173] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  751.773479][ T5173] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  751.786854][ T5173] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  751.796335][ T5173] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  751.805099][ T5173] usb 1-1: Product: syz
[  751.809479][ T5173] usb 1-1: Manufacturer: syz
[  751.814634][ T5173] usb 1-1: SerialNumber: syz
[  752.152951][  T952] team0 (unregistering): Port device team_slave_1 removed
[  752.208618][  T952] team0 (unregistering): Port device team_slave_0 removed
[  752.324285][ T5092] Bluetooth: hci3: command tx timeout
[  752.391688][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  752.391705][   T29] audit: type=1326 audit(1720293684.860:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.2.1529" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0
[  753.067716][ T5173] cdc_ncm 1-1:1.0: bind() failure
[  753.084955][T13903] chnl_net:caif_netlink_parms(): no params data found
[  753.100525][ T5173] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  753.141738][ T5173] cdc_ncm 1-1:1.1: bind() failure
[  753.186803][ T5173] usb 1-1: USB disconnect, device number 39
[  753.396195][T13987] program syz.4.1531 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  753.630328][T13994] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1533'.
[  753.912763][T14003] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1533'.
[  754.006333][T13903] bridge0: port 1(bridge_slave_0) entered blocking state
[  754.031585][T13903] bridge0: port 1(bridge_slave_0) entered disabled state
[  754.050054][T13903] bridge_slave_0: entered allmulticast mode
[  754.071942][T13903] bridge_slave_0: entered promiscuous mode
[  754.120844][T14007] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1534'.
[  754.133624][T13903] bridge0: port 2(bridge_slave_1) entered blocking state
[  754.171102][T13903] bridge0: port 2(bridge_slave_1) entered disabled state
[  754.212072][T13903] bridge_slave_1: entered allmulticast mode
[  754.248958][T13903] bridge_slave_1: entered promiscuous mode
[  754.408410][ T5092] Bluetooth: hci3: command tx timeout
[  754.449036][T13903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  754.535519][T13903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  754.740205][T13903] team0: Port device team_slave_0 added
[  754.784897][T13903] team0: Port device team_slave_1 added
[  754.864560][ T5154] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  754.947963][T13903] batman_adv: batadv0: Adding interface: batadv_slave_0
[  754.983595][T13903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  755.030345][T13903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  755.049817][T14022] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1538'.
[  755.089571][ T5154] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  755.093093][T13903] batman_adv: batadv0: Adding interface: batadv_slave_1
[  755.105195][ T5154] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.136702][ T5154] usb 5-1: config 0 descriptor??
[  755.157793][T13903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  755.216107][T13903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  755.311989][T13903] hsr_slave_0: entered promiscuous mode
[  755.328834][T13903] hsr_slave_1: entered promiscuous mode
[  755.345908][T13903] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  755.353535][T13903] Cannot create hsr debugfs directory
[  755.382960][   T29] audit: type=1326 audit(1720293687.850:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.420891][   T29] audit: type=1326 audit(1720293687.850:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.474255][ T5155] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  755.501364][   T29] audit: type=1326 audit(1720293687.850:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.550198][   T29] audit: type=1326 audit(1720293687.860:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.550686][ T5151] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  755.594279][   T29] audit: type=1326 audit(1720293687.860:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.674326][ T5155] usb 1-1: Using ep0 maxpacket: 32
[  755.694232][   T29] audit: type=1326 audit(1720293687.860:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.694718][ T5155] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  755.796584][   T29] audit: type=1326 audit(1720293687.860:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.828808][ T5155] usb 1-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[  755.844617][ T5151] usb 4-1: Using ep0 maxpacket: 32
[  755.866204][ T5151] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.893366][ T5155] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.901836][ T5151] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.904580][   T29] audit: type=1326 audit(1720293687.860:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  755.946604][ T5151] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  755.975277][ T5155] usb 1-1: config 0 descriptor??
[  755.999253][ T5155] usb 1-1: bad CDC descriptors
[  756.016471][ T5151] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  756.040043][   T29] audit: type=1326 audit(1720293687.860:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14037 comm="syz.2.1542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7ffc0000
[  756.084948][ T5151] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  756.138351][ T5151] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  756.156707][ T5151] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  756.193018][ T5151] usb 4-1: Product: syz
[  756.220760][ T5151] usb 4-1: Manufacturer: syz
[  756.245139][   T58] usb 1-1: USB disconnect, device number 40
[  756.269860][ T5154] usb 5-1: Cannot read MAC address
[  756.287965][ T5151] usb 4-1: SerialNumber: syz
[  756.321728][ T5154] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  756.375494][ T5154] usb 5-1: USB disconnect, device number 67
[  756.474950][ T5092] Bluetooth: hci3: command tx timeout
[  756.571361][ T5151] cdc_ncm 4-1:1.0: bind() failure
[  756.614397][ T5151] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  756.623865][ T5151] cdc_ncm 4-1:1.1: bind() failure
[  756.626025][T14040] FAULT_INJECTION: forcing a failure.
[  756.626025][T14040] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  756.686143][ T5151] usb 4-1: USB disconnect, device number 45
[  756.690563][T14040] CPU: 1 PID: 14040 Comm: syz.2.1543 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  756.702449][T14040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  756.712530][T14040] Call Trace:
[  756.715825][T14040]  <TASK>
[  756.718861][T14040]  dump_stack_lvl+0x241/0x360
[  756.723573][T14040]  ? __pfx_dump_stack_lvl+0x10/0x10
[  756.728800][T14040]  ? __pfx__printk+0x10/0x10
[  756.733409][T14040]  should_fail_ex+0x3b0/0x4e0
[  756.738117][T14040]  prepare_alloc_pages+0x1da/0x5d0
[  756.743253][T14040]  __alloc_pages_noprof+0x166/0x6c0
[  756.748464][T14040]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  756.754225][T14040]  alloc_pages_mpol_noprof+0x3e8/0x680
[  756.759734][T14040]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  756.765765][T14040]  ? xas_load+0x58d/0x5c0
[  756.770138][T14040]  ? mpol_shared_policy_lookup+0x148/0x1f0
[  756.775965][T14040]  shmem_alloc_and_add_folio+0x24d/0xdb0
[  756.781629][T14040]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  756.787798][T14040]  ? filemap_map_pages+0x24f/0x1e70
[  756.793103][T14040]  ? __pfx_lock_release+0x10/0x10
[  756.798143][T14040]  shmem_get_folio_gfp+0x82d/0x1f50
[  756.803355][T14040]  ? mark_lock+0x9a/0x350
[  756.807689][T14040]  ? __pfx_lock_acquire+0x10/0x10
[  756.812736][T14040]  ? filemap_map_pages+0x18e0/0x1e70
[  756.818305][T14040]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  756.823945][T14040]  shmem_fault+0x252/0x6f0
[  756.828394][T14040]  ? __pfx_shmem_fault+0x10/0x10
[  756.833351][T14040]  ? __pfx_lock_release+0x10/0x10
[  756.838375][T14040]  ? pte_offset_map_nolock+0x137/0x1f0
[  756.843848][T14040]  __do_fault+0x135/0x460
[  756.848180][T14040]  ? handle_pte_fault+0x222c/0x7090
[  756.853394][T14040]  handle_pte_fault+0x3d15/0x7090
[  756.858427][T14040]  ? __pfx_validate_chain+0x10/0x10
[  756.863655][T14040]  ? __pfx_handle_pte_fault+0x10/0x10
[  756.869076][T14040]  ? __lock_acquire+0x1346/0x1fd0
[  756.874160][T14040]  ? __pfx_lock_release+0x10/0x10
[  756.879316][T14040]  handle_mm_fault+0x10df/0x1ba0
[  756.884298][T14040]  ? __pfx_handle_mm_fault+0x10/0x10
[  756.889620][T14040]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  756.895962][T14040]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  756.901285][T14040]  exc_page_fault+0x2b9/0x8c0
[  756.905992][T14040]  asm_exc_page_fault+0x26/0x30
[  756.910937][T14040] RIP: 0010:strnlen_user+0xab/0x200
[  756.916140][T14040] Code: 32 ae fc 48 89 d8 4c 01 f8 0f 88 4c 01 00 00 4c 39 f8 0f 82 43 01 00 00 48 89 6c 24 08 0f 01 cb 0f ae e8 4c 89 f8 48 83 e0 f8 <48> 8b 28 45 89 fc 41 83 e4 07 42 8d 0c e5 00 00 00 00 48 c7 c0 ff
[  756.935926][T14040] RSP: 0018:ffffc90008d97e50 EFLAGS: 00050202
[  756.942099][T14040] RAX: 0000000020003340 RBX: 00000000000000fa RCX: ffff888026f11e00
[  756.950086][T14040] RDX: 0000000000000000 RSI: 0000000020003340 RDI: 000000002000343a
[  756.958345][T14040] RBP: 00000000000000fa R08: ffffffff84e7f734 R09: 1ffffffff1f5a92d
[  756.966336][T14040] R10: dffffc0000000000 R11: fffffbfff1f5a92e R12: 000000002000343a
[  756.974331][T14040] R13: 0000000000000010 R14: dffffc0000000000 R15: 0000000020003340
[  756.982330][T14040]  ? strnlen_user+0x84/0x200
[  756.986961][T14040]  __se_sys_memfd_create+0x20a/0x850
[  756.992280][T14040]  __do_fast_syscall_32+0xb4/0x120
[  756.997413][T14040]  ? exc_page_fault+0x590/0x8c0
[  757.002273][T14040]  do_fast_syscall_32+0x34/0x80
[  757.007148][T14040]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  757.013552][T14040] RIP: 0023:0xf742e579
[  757.017636][T14040] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  757.037357][T14040] RSP: 002b:00000000f5d4757c EFLAGS: 00000206 ORIG_RAX: 0000000000000164
[  757.045949][T14040] RAX: ffffffffffffffda RBX: 0000000020003340 RCX: 0000000000000000
[  757.053946][T14040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  757.061945][T14040] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  757.070098][T14040] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  757.078103][T14040] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  757.086123][T14040]  </TASK>
[  757.708575][   T63] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  757.765088][T14065] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1547'.
[  758.056323][   T63] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.403621][   T63] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.504439][T13903] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  758.631577][   T63] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.713335][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  758.713357][   T29] audit: type=1326 audit(1720293691.180:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14063 comm="syz.0.1545" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x0
[  758.754999][T13903] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  758.810440][T13903] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  758.890337][ T5102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  758.901821][ T5102] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  758.920384][ T5102] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  758.934523][ T5102] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  758.952236][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  758.964480][ T5102] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  758.987763][T13903] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  759.131421][   T29] audit: type=1326 audit(1720293691.600:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.221945][   T29] audit: type=1326 audit(1720293691.600:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.279982][   T29] audit: type=1326 audit(1720293691.640:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.392020][   T29] audit: type=1326 audit(1720293691.650:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.443068][ T5102] Bluetooth: hci2: unexpected event 0x0f length: 17 > 4
[  759.455762][   T29] audit: type=1326 audit(1720293691.650:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.526254][   T63] bridge_slave_1: left allmulticast mode
[  759.542358][   T63] bridge_slave_1: left promiscuous mode
[  759.551580][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  759.605893][   T63] bridge_slave_0: left allmulticast mode
[  759.614145][   T63] bridge_slave_0: left promiscuous mode
[  759.631113][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  759.633061][   T29] audit: type=1326 audit(1720293691.650:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.707289][   T29] audit: type=1326 audit(1720293691.650:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.735561][   T29] audit: type=1326 audit(1720293691.650:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.759769][   T29] audit: type=1326 audit(1720293691.650:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.0.1552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  759.894577][ T5154] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  759.944188][ T5152] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  760.114885][ T5154] usb 4-1: Using ep0 maxpacket: 32
[  760.123244][ T5154] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  760.140362][ T5152] usb 3-1: Using ep0 maxpacket: 16
[  760.145722][ T5154] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  760.173241][ T5152] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  760.174379][ T5154] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  760.219647][ T5154] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  760.222459][ T5152] usb 3-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=d5.24
[  760.238484][ T5154] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  760.248884][ T5152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  760.248918][ T5152] usb 3-1: Product: syz
[  760.248937][ T5152] usb 3-1: Manufacturer: syz
[  760.248957][ T5152] usb 3-1: SerialNumber: syz
[  760.252486][ T5152] usb 3-1: config 0 descriptor??
[  760.288211][T14102] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  760.299383][ T5152] gspca_main: conex-2.14.0 probing 0572:0041
[  760.352445][ T5154] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  760.362618][ T5154] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  760.378759][ T5154] usb 4-1: Product: syz
[  760.386562][ T5154] usb 4-1: Manufacturer: syz
[  760.391217][ T5154] usb 4-1: SerialNumber: syz
[  760.397202][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  760.429519][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  760.434858][T14104] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1557'.
[  760.455980][   T63] bond0 (unregistering): Released all slaves
[  760.578406][T14094] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[  760.596957][T14094] netdevsim netdevsim2: Falling back to sysfs fallback for: ng
[  760.754682][ T5154] cdc_ncm 4-1:1.0: bind() failure
[  760.809459][ T5154] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  760.854479][ T5154] cdc_ncm 4-1:1.1: bind() failure
[  760.916744][ T5154] usb 4-1: USB disconnect, device number 46
[  761.034680][ T5102] Bluetooth: hci0: command tx timeout
[  761.382837][   T63] hsr_slave_0: left promiscuous mode
[  761.405013][   T63] hsr_slave_1: left promiscuous mode
[  761.432640][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  761.451918][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  761.480099][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  761.495007][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  761.549463][   T63] veth1_macvtap: left promiscuous mode
[  761.562045][   T63] veth0_macvtap: left promiscuous mode
[  761.575586][   T63] veth1_vlan: left promiscuous mode
[  761.581363][   T63] veth0_vlan: left promiscuous mode
[  762.449729][ T5152] usb 3-1: USB disconnect, device number 55
[  762.857748][   T63] team0 (unregistering): Port device team_slave_1 removed
[  762.933566][   T63] team0 (unregistering): Port device team_slave_0 removed
[  763.044325][ T5152] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[  763.114917][ T5102] Bluetooth: hci0: command tx timeout
[  763.248142][ T5152] usb 3-1: not running at top speed; connect to a high speed hub
[  763.281069][ T5152] usb 3-1: config 8 has an invalid interface number: 11 but max is 3
[  763.292197][ T5152] usb 3-1: config 8 has an invalid interface number: 139 but max is 3
[  763.317891][ T5152] usb 3-1: config 8 has an invalid interface number: 195 but max is 3
[  763.326569][ T5152] usb 3-1: config 8 has an invalid interface number: 32 but max is 3
[  763.336602][ T5152] usb 3-1: config 8 has no interface number 0
[  763.342730][ T5152] usb 3-1: config 8 has no interface number 1
[  763.364798][ T5152] usb 3-1: config 8 has no interface number 2
[  763.370936][ T5152] usb 3-1: config 8 has no interface number 3
[  763.390014][ T5152] usb 3-1: config 8 interface 11 altsetting 1 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  763.402779][ T5152] usb 3-1: config 8 interface 11 altsetting 1 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  763.433850][ T5152] usb 3-1: config 8 interface 11 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  763.474392][ T5152] usb 3-1: config 8 interface 11 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[  763.502791][ T5152] usb 3-1: config 8 interface 11 altsetting 1 endpoint 0xB has invalid maxpacket 512, setting to 64
[  763.544137][ T5152] usb 3-1: config 8 interface 11 altsetting 1 has a duplicate endpoint with address 0x8F, skipping
[  763.555296][ T5152] usb 3-1: config 8 interface 11 altsetting 1 has a duplicate endpoint with address 0xB, skipping
[  763.581344][ T5152] usb 3-1: config 8 interface 11 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  763.603748][ T5152] usb 3-1: config 8 interface 11 altsetting 1 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  763.640822][ T5152] usb 3-1: config 8 interface 139 altsetting 90 has a duplicate endpoint with address 0x9, skipping
[  763.680719][ T5152] usb 3-1: config 8 interface 139 altsetting 90 has a duplicate endpoint with address 0xE, skipping
[  763.692192][ T5152] usb 3-1: config 8 interface 139 altsetting 90 endpoint 0xA has invalid maxpacket 512, setting to 64
[  763.730034][ T5152] usb 3-1: config 8 interface 139 altsetting 90 has a duplicate endpoint with address 0xD, skipping
[  763.751476][ T5152] usb 3-1: config 8 interface 139 altsetting 90 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  763.778955][ T5152] usb 3-1: config 8 interface 139 altsetting 90 has a duplicate endpoint with address 0x7, skipping
[  763.798465][ T5152] usb 3-1: config 8 interface 139 altsetting 90 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  763.825875][ T5152] usb 3-1: config 8 interface 139 altsetting 90 has a duplicate endpoint with address 0x3, skipping
[  763.844594][ T5152] usb 3-1: config 8 interface 139 altsetting 90 has an invalid descriptor for endpoint zero, skipping
[  763.866939][ T5152] usb 3-1: config 8 interface 139 altsetting 90 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  763.893401][ T5152] usb 3-1: config 8 interface 195 altsetting 2 has a duplicate endpoint with address 0x8, skipping
[  763.920254][ T5152] usb 3-1: config 8 interface 195 altsetting 2 endpoint 0x5 has invalid maxpacket 991, setting to 64
[  763.939715][ T5152] usb 3-1: config 8 interface 195 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  763.958505][ T5152] usb 3-1: config 8 interface 195 altsetting 2 endpoint 0x4 has an invalid bInterval 164, changing to 4
[  763.990534][ T5152] usb 3-1: config 8 interface 195 altsetting 2 has a duplicate endpoint with address 0x5, skipping
[  764.018703][ T5152] usb 3-1: config 8 interface 195 altsetting 2 has a duplicate endpoint with address 0xC, skipping
[  764.031669][ T5152] usb 3-1: config 8 interface 195 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[  764.062848][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0x2, skipping
[  764.075970][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0x7, skipping
[  764.088818][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0xD, skipping
[  764.100918][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0xB, skipping
[  764.116218][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0xC, skipping
[  764.152143][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0xA, skipping
[  764.171968][ T5152] usb 3-1: config 8 interface 32 altsetting 6 has a duplicate endpoint with address 0x1, skipping
[  764.172769][T13903] 8021q: adding VLAN 0 to HW filter on device bond0
[  764.183421][ T5152] usb 3-1: config 8 interface 11 has no altsetting 0
[  764.201518][ T5152] usb 3-1: config 8 interface 139 has no altsetting 0
[  764.213370][ T5152] usb 3-1: config 8 interface 195 has no altsetting 0
[  764.263692][ T5152] usb 3-1: config 8 interface 32 has no altsetting 0
[  764.324949][ T5152] usb 3-1: Dual-Role OTG device on HNP port
[  764.350828][ T5152] usb 3-1: New USB device found, idVendor=1b80, idProduct=e349, bcdDevice=a4.ad
[  764.369247][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  764.369268][   T29] audit: type=1326 audit(1720293696.840:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.381973][T13903] 8021q: adding VLAN 0 to HW filter on device team0
[  764.402502][ T5152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.413214][ T5152] usb 3-1: Product: ᒣ⪉⪂嶣ᮻ炏኿ꎯ࣎駃쀤빥䐺띢Ꮘ픥辁Ƶӡڭᣛ踜빭쫺될獩⇗閼呢싎Ⅵ쟗뢮೭㷹퉺嶜赵羾앾ā⟵虷뒗꼹㷤烐ꉟⱩꩈ祷氽軼芅䕠ⶖ氙㼲騏ヹꀺ﮾ꦄ㌄䕮ா㞢ﴉ幧錊핑烹뵫╧焺헦蕝䚮Ẍఎ墫횙⥅
[  764.472154][ T5152] usb 3-1: Manufacturer: ࠔ
[  764.472804][   T29] audit: type=1326 audit(1720293696.840:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.477168][ T5152] usb 3-1: SerialNumber: 慤ꎹ䌱杨鑢毂鞱实զ愢畵⧝亟಩澜꾲캁ೡ‹閫ⱹⴹ⇻䊤枉牳羰戒捘䝙䗼煕〉ḿ蔤獩齛姷䂼潴ພ衠䔰຦ꛦ횵滘ᐸ⯽袅㊏䪶꒾젅袅㌒Ⓖ馦ؾ֏膡䷸䶫沛릈뉵熊㼴ꩇ둁鳱ൂ㡙奷䔝Ꝉ⇛
[  764.511330][   T29] audit: type=1326 audit(1720293696.880:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.539217][T14086] chnl_net:caif_netlink_parms(): no params data found
[  764.583358][ T5151] bridge0: port 1(bridge_slave_0) entered blocking state
[  764.590660][ T5151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  764.602711][   T29] audit: type=1326 audit(1720293696.880:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.651304][T14158] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  764.659512][   T29] audit: type=1326 audit(1720293696.880:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.693704][   T29] audit: type=1326 audit(1720293696.920:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.726756][   T29] audit: type=1326 audit(1720293696.920:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.760973][   T29] audit: type=1326 audit(1720293696.920:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.792422][   T29] audit: type=1326 audit(1720293696.920:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.825754][   T29] audit: type=1326 audit(1720293696.920:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x7ffc0000
[  764.918490][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state
[  764.925761][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  764.935027][T14158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  764.969496][T14158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  765.011228][T14158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  765.039941][T14158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  765.194469][ T5102] Bluetooth: hci0: command tx timeout
[  765.201166][T14086] bridge0: port 1(bridge_slave_0) entered blocking state
[  765.231958][T14086] bridge0: port 1(bridge_slave_0) entered disabled state
[  765.260733][T14086] bridge_slave_0: entered allmulticast mode
[  765.287830][T14086] bridge_slave_0: entered promiscuous mode
[  765.311356][ T5152] usb 3-1: USB disconnect, device number 56
[  765.330613][T14086] bridge0: port 2(bridge_slave_1) entered blocking state
[  765.369641][T14086] bridge0: port 2(bridge_slave_1) entered disabled state
[  765.390123][T14086] bridge_slave_1: entered allmulticast mode
[  765.417219][T14086] bridge_slave_1: entered promiscuous mode
[  765.545454][T14086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  765.585117][T14086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  765.727861][T14086] team0: Port device team_slave_0 added
[  765.737976][T14086] team0: Port device team_slave_1 added
[  765.927496][T14086] batman_adv: batadv0: Adding interface: batadv_slave_0
[  765.961664][T14086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  766.021949][T14086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  766.210912][   T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.315024][T14086] batman_adv: batadv0: Adding interface: batadv_slave_1
[  766.322052][T14086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  766.406241][T14086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  766.530661][   T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.623293][T13903] 8021q: adding VLAN 0 to HW filter on device batadv0
[  766.795453][   T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.911105][T14086] hsr_slave_0: entered promiscuous mode
[  766.944721][T14086] hsr_slave_1: entered promiscuous mode
[  766.984459][T14086] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  767.003869][T14086] Cannot create hsr debugfs directory
[  767.020927][ T5092] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  767.060455][ T5092] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  767.074720][ T5092] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  767.083032][ T5092] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  767.094451][ T5092] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  767.112165][ T5092] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  767.126050][   T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  767.293414][ T5092] Bluetooth: hci0: command tx timeout
[  767.473634][T14244] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1572'.
[  767.546641][T14249] input: syz0 as /devices/virtual/input/input55
[  767.812186][T13903] veth0_vlan: entered promiscuous mode
[  768.040866][   T51] bridge_slave_1: left allmulticast mode
[  768.052987][   T51] bridge_slave_1: left promiscuous mode
[  768.058917][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  768.086485][   T51] bridge_slave_0: left allmulticast mode
[  768.092203][   T51] bridge_slave_0: left promiscuous mode
[  768.101286][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  768.718922][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  768.747343][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  768.770125][   T51] bond0 (unregistering): Released all slaves
[  769.075966][T14265] FAULT_INJECTION: forcing a failure.
[  769.075966][T14265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  769.092746][T13903] veth1_vlan: entered promiscuous mode
[  769.144200][T14265] CPU: 0 PID: 14265 Comm: syz.0.1578 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  769.154440][T14265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  769.164515][T14265] Call Trace:
[  769.167809][T14265]  <TASK>
[  769.170748][T14265]  dump_stack_lvl+0x241/0x360
[  769.175481][T14265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  769.180871][T14265]  ? __pfx__printk+0x10/0x10
[  769.185491][T14265]  ? __pfx_lock_release+0x10/0x10
[  769.190534][T14265]  should_fail_ex+0x3b0/0x4e0
[  769.195242][T14265]  _copy_from_user+0x2f/0xe0
[  769.200007][T14265]  get_compat_msghdr+0xae/0x730
[  769.204881][T14265]  ? __fget_files+0x29/0x470
[  769.209494][T14265]  ? __pfx_get_compat_msghdr+0x10/0x10
[  769.214986][T14265]  ? __fget_files+0x3f6/0x470
[  769.219691][T14265]  __sys_sendmsg+0x273/0x3a0
[  769.224299][T14265]  ? __pfx___sys_sendmsg+0x10/0x10
[  769.229446][T14265]  ? vfs_write+0x7c4/0xc90
[  769.233913][T14265]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  769.240519][T14265]  ? lockdep_hardirqs_on+0x99/0x150
[  769.245739][T14265]  __do_fast_syscall_32+0xb4/0x120
[  769.250876][T14265]  ? exc_page_fault+0x590/0x8c0
[  769.255782][T14265]  do_fast_syscall_32+0x34/0x80
[  769.260831][T14265]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  769.267170][T14265] RIP: 0023:0xf73d0579
[  769.271247][T14265] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  769.290861][T14265] RSP: 002b:00000000f5ce957c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  769.299290][T14265] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  769.307272][T14265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  769.315278][T14265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  769.323340][T14265] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  769.331316][T14265] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  769.339313][T14265]  </TASK>
[  769.343768][ T5092] Bluetooth: hci2: command tx timeout
[  769.427455][T14267] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1579'.
[  769.453128][T14267] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1579'.
[  769.738843][T13903] veth0_macvtap: entered promiscuous mode
[  769.782179][T13903] veth1_macvtap: entered promiscuous mode
[  769.864550][ T5162] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  770.053140][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.075621][ T5162] usb 1-1: Using ep0 maxpacket: 32
[  770.084222][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.092611][ T5162] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  770.104795][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.122717][ T5162] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  770.124415][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.143326][ T5162] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  770.153871][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.165316][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.174504][ T5162] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  770.186484][ T5162] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  770.194206][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.199976][ T5162] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  770.214794][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.224055][ T5162] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.237137][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.244070][ T5162] usb 1-1: Product: syz
[  770.251983][ T5162] usb 1-1: Manufacturer: syz
[  770.262153][ T5162] usb 1-1: SerialNumber: syz
[  770.262635][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.300943][T13903] batman_adv: batadv0: Interface activated: batadv_slave_0
[  770.316271][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  770.326986][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.339139][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  770.350123][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.361780][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  770.375451][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.386944][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  770.399453][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.409914][T13903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  770.429898][T13903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.443701][T13903] batman_adv: batadv0: Interface activated: batadv_slave_1
[  770.523656][T13903] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  770.533509][T13903] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  770.545861][T13903] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  770.555187][T13903] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  770.568033][T14239] chnl_net:caif_netlink_parms(): no params data found
[  770.588919][ T5162] cdc_ncm 1-1:1.0: bind() failure
[  770.632965][ T5162] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  770.666334][ T5162] cdc_ncm 1-1:1.1: bind() failure
[  770.704840][ T5162] usb 1-1: USB disconnect, device number 41
[  770.956935][T14239] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.972532][T14239] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.980721][T14239] bridge_slave_0: entered allmulticast mode
[  770.988988][T14239] bridge_slave_0: entered promiscuous mode
[  770.993506][T14296] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1582'.
[  771.004630][T14086] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  771.017558][T14086] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  771.031324][T14086] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  771.043076][T14239] bridge0: port 2(bridge_slave_1) entered blocking state
[  771.055981][T14239] bridge0: port 2(bridge_slave_1) entered disabled state
[  771.063525][T14239] bridge_slave_1: entered allmulticast mode
[  771.072044][T14239] bridge_slave_1: entered promiscuous mode
[  771.095995][T14086] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  771.115025][ T5092] Bluetooth: hci4: command 0x0c1a tx timeout
[  771.121440][ T5146] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  771.134748][ T5146] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[  771.162817][T14239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  771.184830][T14239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  771.370795][T14239] team0: Port device team_slave_0 added
[  771.397607][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  771.397626][   T29] audit: type=1326 audit(1720293703.870:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.1584" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x0
[  771.441299][ T5092] Bluetooth: hci2: command tx timeout
[  771.491070][T14239] team0: Port device team_slave_1 added
[  771.666594][T14239] batman_adv: batadv0: Adding interface: batadv_slave_0
[  771.673874][T14239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  771.710627][T14239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  771.735744][T14239] batman_adv: batadv0: Adding interface: batadv_slave_1
[  771.742765][T14239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  771.772596][T14239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  771.885998][T14239] hsr_slave_0: entered promiscuous mode
[  771.895111][T14239] hsr_slave_1: entered promiscuous mode
[  771.914054][T14239] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  771.921695][T14239] Cannot create hsr debugfs directory
[  772.149140][T14086] 8021q: adding VLAN 0 to HW filter on device bond0
[  772.244153][T14086] 8021q: adding VLAN 0 to HW filter on device team0
[  772.279216][ T5173] bridge0: port 1(bridge_slave_0) entered blocking state
[  772.286687][ T5173] bridge0: port 1(bridge_slave_0) entered forwarding state
[  772.343590][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state
[  772.350824][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state
[  772.495808][T14086] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  772.798234][T14086] 8021q: adding VLAN 0 to HW filter on device batadv0
[  772.962971][T14239] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  772.994824][T14239] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  773.011709][T14239] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  773.027809][T14086] veth0_vlan: entered promiscuous mode
[  773.038613][T14239] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  773.099234][T14086] veth1_vlan: entered promiscuous mode
[  773.223744][T14086] veth0_macvtap: entered promiscuous mode
[  773.244402][T14086] veth1_macvtap: entered promiscuous mode
[  773.306878][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  773.329295][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.342180][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  773.353096][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.363507][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  773.376853][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.386944][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  773.397507][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.407494][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  773.419299][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.429304][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  773.441071][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.453274][T14086] batman_adv: batadv0: Interface activated: batadv_slave_0
[  773.487018][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.502042][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.513106][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.525441][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.531353][ T5092] Bluetooth: hci2: command tx timeout
[  773.535481][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.556566][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.566676][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.577291][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.588401][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.600106][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.621756][T14086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.643836][T14086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  773.656755][T14086] batman_adv: batadv0: Interface activated: batadv_slave_1
[  773.676477][ T5092] Bluetooth: hci3: command 0x0c1a tx timeout
[  773.687081][ T5146] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  773.693222][ T5146] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  773.713632][T14086] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  773.736581][T14086] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  773.753614][T14086] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  773.765846][T14086] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  773.786610][T14239] 8021q: adding VLAN 0 to HW filter on device bond0
[  773.870546][T14239] 8021q: adding VLAN 0 to HW filter on device team0
[  773.901467][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state
[  773.908723][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  773.927845][T14292] bridge0: port 2(bridge_slave_1) entered blocking state
[  773.935105][T14292] bridge0: port 2(bridge_slave_1) entered forwarding state
[  774.095266][T14239] 8021q: adding VLAN 0 to HW filter on device batadv0
[  774.188211][T14239] veth0_vlan: entered promiscuous mode
[  774.220757][T14239] veth1_vlan: entered promiscuous mode
[  774.324057][T14239] veth0_macvtap: entered promiscuous mode
[  774.351844][T14239] veth1_macvtap: entered promiscuous mode
[  774.393915][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.416857][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.429030][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.449683][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.463877][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.484335][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.504806][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.527703][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.544239][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.575716][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.586870][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.597967][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.609423][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  774.620999][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.635679][T14239] batman_adv: batadv0: Interface activated: batadv_slave_0
[  774.659447][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.671565][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.683465][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.696145][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.706681][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.718258][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.728731][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.741322][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.751724][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.762985][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.773543][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.785126][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.797141][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  774.808154][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.830681][T14239] batman_adv: batadv0: Interface activated: batadv_slave_1
[  774.872894][T14239] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  774.892976][T14239] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  774.912765][T14239] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  774.921863][T14239] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  775.594383][ T5092] Bluetooth: hci2: command tx timeout
[  775.754368][ T5092] Bluetooth: hci0: command 0x0c1a tx timeout
[  775.761928][ T5146] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  775.768936][ T5146] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  777.844563][ T5092] Bluetooth: hci2: command 0x0c1a tx timeout
[  777.854066][ T5146] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  777.860251][ T5146] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  778.157474][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  778.186122][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  778.245709][   T51] hsr_slave_0: left promiscuous mode
[  778.252105][   T51] hsr_slave_1: left promiscuous mode
[  778.269280][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  778.277507][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  778.286600][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  778.295588][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  778.325866][   T51] veth1_macvtap: left promiscuous mode
[  778.331475][   T51] veth0_macvtap: left promiscuous mode
[  778.337432][   T51] veth1_vlan: left promiscuous mode
[  778.342805][   T51] veth0_vlan: left promiscuous mode
[  779.086033][   T51] team0 (unregistering): Port device team_slave_1 removed
[  779.141379][   T51] team0 (unregistering): Port device team_slave_0 removed
[  779.340501][T14492] FAULT_INJECTION: forcing a failure.
[  779.340501][T14492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.353967][T14492] CPU: 1 PID: 14492 Comm: syz.0.1589 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  779.364174][T14492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  779.374344][T14492] Call Trace:
[  779.377631][T14492]  <TASK>
[  779.380569][T14492]  dump_stack_lvl+0x241/0x360
[  779.385360][T14492]  ? __pfx_dump_stack_lvl+0x10/0x10
[  779.390576][T14492]  ? __pfx__printk+0x10/0x10
[  779.395185][T14492]  ? __pfx_lock_release+0x10/0x10
[  779.400225][T14492]  should_fail_ex+0x3b0/0x4e0
[  779.404954][T14492]  _copy_from_user+0x2f/0xe0
[  779.409557][T14492]  get_compat_msghdr+0xae/0x730
[  779.414431][T14492]  ? __fget_files+0x29/0x470
[  779.419039][T14492]  ? __pfx_get_compat_msghdr+0x10/0x10
[  779.424511][T14492]  ? __fget_files+0x3f6/0x470
[  779.429210][T14492]  __sys_sendmsg+0x273/0x3a0
[  779.433898][T14492]  ? __pfx___sys_sendmsg+0x10/0x10
[  779.439058][T14492]  ? vfs_write+0x7c4/0xc90
[  779.443530][T14492]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  779.450143][T14492]  ? lockdep_hardirqs_on+0x99/0x150
[  779.455361][T14492]  __do_fast_syscall_32+0xb4/0x120
[  779.460490][T14492]  ? exc_page_fault+0x590/0x8c0
[  779.465373][T14492]  do_fast_syscall_32+0x34/0x80
[  779.470253][T14492]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  779.476687][T14492] RIP: 0023:0xf73d0579
[  779.480941][T14492] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  779.500571][T14492] RSP: 002b:00000000f5ce957c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  779.508997][T14492] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  779.516992][T14492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  779.524974][T14492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  779.533044][T14492] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  779.541029][T14492] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  779.549021][T14492]  </TASK>
[  779.646955][   T29] audit: type=1326 audit(1720293712.110:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.679153][   T29] audit: type=1326 audit(1720293712.110:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.708617][   T29] audit: type=1326 audit(1720293712.110:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.731107][   T29] audit: type=1326 audit(1720293712.110:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.732468][T14496] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1590'.
[  779.765837][   T29] audit: type=1326 audit(1720293712.110:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=299 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.803391][   T29] audit: type=1326 audit(1720293712.110:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.807173][T14496] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1590'.
[  779.834603][   T29] audit: type=1326 audit(1720293712.110:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.858773][   T29] audit: type=1326 audit(1720293712.110:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.883293][   T29] audit: type=1326 audit(1720293712.270:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  779.913584][   T29] audit: type=1326 audit(1720293712.270:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14493 comm="syz.0.1590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x7ffc0000
[  780.210277][ T1061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  780.224730][ T1061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  780.253660][T14500] bridge0: entered allmulticast mode
[  780.306666][ T1061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  780.359705][ T1061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  780.390313][ T1061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  780.403063][ T1061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  780.483248][ T1061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  780.507626][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  780.521221][ T1061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  780.534277][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  780.674620][T14508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1546'.
[  780.704144][ T5162] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  780.832584][   T51] IPVS: stop unused estimator thread 0...
[  780.841384][T14513] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1510'.
[  780.871026][T14510] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1570'.
[  780.914256][T14508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1546'.
[  780.914269][ T5162] usb 4-1: Using ep0 maxpacket: 32
[  780.918725][ T5162] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  780.969737][T14513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1510'.
[  781.001641][   T51] bridge_slave_1: left allmulticast mode
[  781.013558][T14513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1510'.
[  781.028848][ T5162] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.039644][   T51] bridge_slave_1: left promiscuous mode
[  781.054340][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  781.073385][ T5162] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  781.092304][ T5162] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  781.104589][ T5162] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  781.122389][   T51] bridge_slave_0: left allmulticast mode
[  781.130240][   T51] bridge_slave_0: left promiscuous mode
[  781.137305][ T5162] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  781.147170][ T5162] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.156172][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  781.167264][ T5162] usb 4-1: Product: syz
[  781.177639][ T5162] usb 4-1: Manufacturer: syz
[  781.188392][ T5162] usb 4-1: SerialNumber: syz
[  781.776205][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  781.789574][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  781.802597][   T51] bond0 (unregistering): Released all slaves
[  781.821796][   T51] bond1 (unregistering): Released all slaves
[  781.888957][ T5162] cdc_ncm 4-1:1.0: bind() failure
[  781.938049][ T5162] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  781.952338][ T5162] cdc_ncm 4-1:1.1: bind() failure
[  782.014639][ T5162] usb 4-1: USB disconnect, device number 47
[  782.463094][T14541] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1602'.
[  782.574891][T14545] FAULT_INJECTION: forcing a failure.
[  782.574891][T14545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  782.623289][T14545] CPU: 0 PID: 14545 Comm: syz.0.1602 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  782.633523][T14545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  782.643708][T14545] Call Trace:
[  782.647023][T14545]  <TASK>
[  782.649985][T14545]  dump_stack_lvl+0x241/0x360
[  782.654728][T14545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.659988][T14545]  ? __pfx__printk+0x10/0x10
[  782.664647][T14545]  ? __pfx_lock_release+0x10/0x10
[  782.669725][T14545]  should_fail_ex+0x3b0/0x4e0
[  782.674464][T14545]  _copy_from_user+0x2f/0xe0
[  782.679203][T14545]  get_compat_msghdr+0xae/0x730
[  782.684106][T14545]  ? __fget_files+0x29/0x470
[  782.688737][T14545]  ? __pfx_get_compat_msghdr+0x10/0x10
[  782.694219][T14545]  ? __fget_files+0x3f6/0x470
[  782.698931][T14545]  __sys_sendmsg+0x273/0x3a0
[  782.703555][T14545]  ? __pfx___sys_sendmsg+0x10/0x10
[  782.708679][T14545]  ? vfs_write+0x7c4/0xc90
[  782.713234][T14545]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  782.719848][T14545]  ? lockdep_hardirqs_on+0x99/0x150
[  782.725177][T14545]  __do_fast_syscall_32+0xb4/0x120
[  782.730403][T14545]  ? exc_page_fault+0x590/0x8c0
[  782.735275][T14545]  do_fast_syscall_32+0x34/0x80
[  782.740151][T14545]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  782.746582][T14545] RIP: 0023:0xf73d0579
[  782.750660][T14545] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  782.770275][T14545] RSP: 002b:00000000f5ca757c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  782.778788][T14545] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000100
[  782.786785][T14545] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  782.794875][T14545] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  782.802861][T14545] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  782.810859][T14545] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  782.818951][T14545]  </TASK>
[  782.822095][    C0] vkms_vblank_simulate: vblank timer overrun
[  783.047026][   T51] hsr_slave_0: left promiscuous mode
[  783.053464][   T51] hsr_slave_1: left promiscuous mode
[  783.070811][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  783.095623][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  783.149860][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  783.165237][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  783.253522][   T51] veth1_macvtap: left promiscuous mode
[  783.282443][   T51] veth0_macvtap: left promiscuous mode
[  783.302271][   T51] veth1_vlan: left promiscuous mode
[  783.317928][   T51] veth0_vlan: left promiscuous mode
[  783.440171][T14568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1607'.
[  784.041494][   T51] team0 (unregistering): Port device team_slave_1 removed
[  784.103185][   T51] team0 (unregistering): Port device team_slave_0 removed
[  784.828886][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  784.828907][   T29] audit: type=1326 audit(1720293717.300:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.0.1610" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73d0579 code=0x0
[  784.955006][T14292] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  785.104166][   T58] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  785.168702][T14292] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  785.193570][T14292] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.215363][T14292] usb 5-1: Product: syz
[  785.223590][T14292] usb 5-1: Manufacturer: syz
[  785.230018][T14292] usb 5-1: SerialNumber: syz
[  785.238850][T14292] usb 5-1: config 0 descriptor??
[  785.279328][   T51] bridge_slave_1: left allmulticast mode
[  785.293218][   T51] bridge_slave_1: left promiscuous mode
[  785.301261][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.325068][   T58] usb 4-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  785.341241][   T51] bridge_slave_0: left allmulticast mode
[  785.356401][   T58] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  785.367354][   T51] bridge_slave_0: left promiscuous mode
[  785.380419][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.400657][   T58] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  785.443708][   T58] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  785.485110][   T58] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.494224][ T5162] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  785.532651][   T58] usb 4-1: Product: syz
[  785.537815][   T58] usb 4-1: Manufacturer: syz
[  785.547066][   T58] usb 4-1: SerialNumber: syz
[  785.567315][   T58] usb 4-1: config 0 descriptor??
[  785.590544][   T58] usb-storage 4-1:0.0: USB Mass Storage device detected
[  785.667914][   T58] usb-storage 4-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  785.707239][ T5162] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  785.719543][ T5173] usb 5-1: USB disconnect, device number 68
[  785.801625][ T5162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.866196][   T58] usb 4-1: USB disconnect, device number 48
[  785.915815][ T5162] usb 3-1: config 0 descriptor??
[  785.986359][ T5162] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  786.325488][T14609] __nla_validate_parse: 5 callbacks suppressed
[  786.325509][T14609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1619'.
[  786.406353][T14612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1619'.
[  786.791279][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  786.815830][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  786.865211][   T51] bond0 (unregistering): Released all slaves
[  786.906458][T14603] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1619'.
[  786.946011][ T5162] usb 3-1: USB disconnect, device number 57
[  787.201794][T14622] FAULT_INJECTION: forcing a failure.
[  787.201794][T14622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  787.225489][T14622] CPU: 1 PID: 14622 Comm: syz.4.1623 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  787.235834][T14622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  787.245954][T14622] Call Trace:
[  787.249246][T14622]  <TASK>
[  787.252192][T14622]  dump_stack_lvl+0x241/0x360
[  787.256903][T14622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  787.262487][T14622]  ? __pfx__printk+0x10/0x10
[  787.267100][T14622]  ? vfs_write+0x7c4/0xc90
[  787.271545][T14622]  should_fail_ex+0x3b0/0x4e0
[  787.276268][T14622]  _copy_from_user+0x2f/0xe0
[  787.280884][T14622]  move_addr_to_kernel+0x82/0x150
[  787.285943][T14622]  __sys_connect+0xc1/0x310
[  787.290496][T14622]  ? __pfx___sys_connect+0x10/0x10
[  787.295662][T14622]  __ia32_sys_connect+0x7a/0x90
[  787.300530][T14622]  __do_fast_syscall_32+0xb4/0x120
[  787.305672][T14622]  ? exc_page_fault+0x590/0x8c0
[  787.310545][T14622]  do_fast_syscall_32+0x34/0x80
[  787.315428][T14622]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  787.321766][T14622] RIP: 0023:0xf73c7579
[  787.325933][T14622] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  787.345649][T14622] RSP: 002b:00000000f5ce057c EFLAGS: 00000206 ORIG_RAX: 000000000000016a
[  787.354172][T14622] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  787.362256][T14622] RDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000
[  787.370245][T14622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  787.378241][T14622] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  787.386266][T14622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  787.394283][T14622]  </TASK>
[  787.593235][   T29] audit: type=1326 audit(1720293720.050:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14626 comm="syz.4.1626" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0
[  787.697981][   T51] hsr_slave_0: left promiscuous mode
[  787.732144][   T51] hsr_slave_1: left promiscuous mode
[  787.753806][T14630] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1627'.
[  787.781830][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  787.801977][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  787.826321][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  787.833814][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  787.987015][   T51] veth1_macvtap: left promiscuous mode
[  787.992885][   T51] veth0_macvtap: left promiscuous mode
[  788.002568][   T51] veth1_vlan: left promiscuous mode
[  788.008609][   T51] veth0_vlan: left promiscuous mode
[  788.219377][   T29] audit: type=1326 audit(1720293720.690:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14637 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf7417579 code=0x0
[  789.814749][T14654] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1634'.
[  789.881348][   T51] team0 (unregistering): Port device team_slave_1 removed
[  789.901490][T14657] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1634'.
[  790.038704][   T51] team0 (unregistering): Port device team_slave_0 removed
[  790.611127][T14652] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1634'.
[  791.014353][   T29] audit: type=1326 audit(1720293723.480:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14676 comm="syz.2.1641" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0
[  791.059929][T14668] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  791.152304][T14668] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  791.491161][   T29] audit: type=1326 audit(1720293723.960:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf73eb579 code=0x0
[  791.520622][    C1] vkms_vblank_simulate: vblank timer overrun
[  792.210045][T14698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1647'.
[  792.305932][T14704] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1649'.
[  792.561558][T14706] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1650'.
[  792.747328][T14712] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1652'.
[  792.989584][   T29] audit: type=1326 audit(1720293725.460:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14720 comm="syz.4.1656" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0
[  793.221027][T14718] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  793.309100][T14718] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  793.816974][T14740] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1660'.
[  794.207897][T14752] program syz.4.1664 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  794.623311][T14759] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1665'.
[  794.678561][T14764] xt_TCPMSS: Only works on TCP SYN packets
[  794.981191][T14292] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  795.105318][ T5162] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  795.145291][   T29] audit: type=1326 audit(1720293727.620:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14773 comm="syz.1.1672" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73eb579 code=0x0
[  795.166863][    C1] vkms_vblank_simulate: vblank timer overrun
[  795.174088][ T5150] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  795.204167][T14292] usb 4-1: Using ep0 maxpacket: 32
[  795.215865][T14292] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  795.232711][T14292] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  795.253660][T14292] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  795.271636][T14292] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  795.282452][ T5162] usb 5-1: device descriptor read/64, error -71
[  795.289147][T14292] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  795.308709][T14292] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  795.308747][T14292] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  795.308770][T14292] usb 4-1: Product: syz
[  795.308789][T14292] usb 4-1: Manufacturer: syz
[  795.308806][T14292] usb 4-1: SerialNumber: syz
[  795.384688][ T5150] usb 1-1: Using ep0 maxpacket: 32
[  795.389750][ T5150] usb 1-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=cb.c8
[  795.389777][ T5150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  795.389794][ T5150] usb 1-1: Product: syz
[  795.389825][ T5150] usb 1-1: Manufacturer: syz
[  795.389838][ T5150] usb 1-1: SerialNumber: syz
[  795.392626][ T5150] usb 1-1: config 0 descriptor??
[  795.548676][T14292] cdc_ncm 4-1:1.0: bind() failure
[  795.552070][T14292] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  795.552122][T14292] cdc_ncm 4-1:1.1: bind() failure
[  795.556587][T14292] usb 4-1: USB disconnect, device number 49
[  795.565946][ T5162] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  795.692546][ T5146] usb 1-1: USB disconnect, device number 42
[  795.714768][ T5162] usb 5-1: device descriptor read/64, error -71
[  795.841666][T14780] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1673'.
[  795.865099][ T5162] usb usb5-port1: attempt power cycle
[  796.115520][T14786] program syz.1.1676 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  796.304204][ T5162] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  796.375403][ T5162] usb 5-1: device descriptor read/8, error -71
[  796.404931][T14793] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1679'.
[  796.524244][ T5173] usb 2-1: new full-speed USB device number 43 using dummy_hcd
[  796.664412][ T5162] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  796.705165][ T5173] usb 2-1: device descriptor read/64, error -71
[  796.720819][ T5162] usb 5-1: device descriptor read/8, error -71
[  796.849882][T14801] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1681'.
[  796.874797][ T5162] usb usb5-port1: unable to enumerate USB device
[  796.993232][ T5173] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[  797.164313][ T5173] usb 2-1: device descriptor read/64, error -71
[  797.284777][ T5173] usb usb2-port1: attempt power cycle
[  797.307701][T14810] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1684'.
[  797.483201][   T29] audit: type=1326 audit(1720293729.950:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14815 comm="syz.2.1686" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0
[  797.511415][ T5146] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  797.704944][ T5146] usb 1-1: Using ep0 maxpacket: 32
[  797.706196][ T5173] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[  797.725688][ T5146] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  797.740783][ T5146] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  797.751674][ T5146] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  797.758647][ T5173] usb 2-1: device descriptor read/8, error -71
[  797.761987][ T5146] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  797.778596][ T5146] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  797.792199][ T5146] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  797.807344][ T5146] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.824696][ T5146] usb 1-1: Product: syz
[  797.838696][T14820] program syz.4.1687 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  797.854056][ T5146] usb 1-1: Manufacturer: syz
[  797.858837][ T5146] usb 1-1: SerialNumber: syz
[  798.044317][ T5173] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[  798.084933][ T5173] usb 2-1: device descriptor read/8, error -71
[  798.106386][ T5146] cdc_ncm 1-1:1.0: bind() failure
[  798.119215][ T5146] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  798.126369][ T5146] cdc_ncm 1-1:1.1: bind() failure
[  798.141680][ T5146] usb 1-1: USB disconnect, device number 43
[  798.213610][ T5173] usb usb2-port1: unable to enumerate USB device
[  798.241590][   T29] audit: type=1326 audit(1720293730.710:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf73b4579 code=0x0
[  798.334184][ T5162] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  798.509938][T14829] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1691'.
[  798.519918][ T5162] usb 5-1: Using ep0 maxpacket: 32
[  798.531866][ T5162] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  798.542984][ T5162] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  798.552326][ T5162] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  798.564677][ T5162] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  798.580883][ T5162] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  798.591222][ T5162] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  798.610401][ T5162] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  798.623001][ T5162] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.653494][ T5162] usb 5-1: config 0 descriptor??
[  798.881313][ T5162] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 73 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  798.953464][ T5162] usb 5-1: USB disconnect, device number 73
[  798.999817][ T5162] usblp0: removed
[  799.114991][T14836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1693'.
[  799.162249][T14838] xt_connbytes: Forcing CT accounting to be enabled
[  799.447230][ T5162] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  799.572689][T14843] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1695'.
[  799.662994][ T5162] usb 5-1: Using ep0 maxpacket: 32
[  799.699273][ T5162] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  799.717040][ T5162] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  799.749750][ T5162] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  799.810441][ T5162] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  799.847571][ T5162] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  799.892450][ T5162] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  799.893871][T14852] program syz.2.1698 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  799.973035][ T5162] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  799.991806][ T5162] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.031637][ T5162] usb 5-1: config 0 descriptor??
[  800.264595][ T5162] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 74 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  800.445341][    C1] usblp0: nonzero read bulk status received: -71
[  800.455357][ T5162] usb 5-1: USB disconnect, device number 74
[  800.490479][ T1061] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  800.548560][T14822] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  800.567727][T14822] batman_adv: batadv0: Removing interface: batadv_slave_0
[  800.618317][T14822] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  800.779939][T14822] usblp0: removed
[  800.876885][ T1061] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.031329][ T1061] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.100276][T14864] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) !
[  801.229938][ T1061] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.375717][T14871] tipc: Started in network mode
[  801.396710][T14871] tipc: Node identity , cluster identity 4711
[  801.437667][T14871] tipc: Failed to set node id, please configure manually
[  801.474607][T14871] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  801.577411][ T5102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  801.588570][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  801.598609][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  801.608293][ T5102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  801.635869][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  801.656511][ T5102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  801.686309][T14879] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1706'.
[  801.835156][T14878] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1707'.
[  801.869631][ T1061] bridge_slave_1: left allmulticast mode
[  801.877506][ T1061] bridge_slave_1: left promiscuous mode
[  801.909803][ T1061] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.923820][T14878] netlink: 'syz.3.1707': attribute type 1 has an invalid length.
[  801.953845][T14878] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.1707'.
[  801.968634][ T1061] bridge_slave_0: left allmulticast mode
[  801.977946][ T1061] bridge_slave_0: left promiscuous mode
[  801.983709][ T1061] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.325368][T14888] input: syz0 as /devices/virtual/input/input63
[  802.442973][   T29] audit: type=1326 audit(1720293734.910:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14889 comm="syz.2.1710" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0
[  802.515106][ T1061] bridge0 (unregistering): left allmulticast mode
[  802.670925][ T1061] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  802.682840][ T1061] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  802.695974][ T1061] bond0 (unregistering): Released all slaves
[  802.726902][T14884] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  802.908635][   T29] audit: type=1326 audit(1720293735.370:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14894 comm="syz.1.1711" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73eb579 code=0x0
[  803.031101][T14897] program syz.4.1712 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  803.755086][ T5092] Bluetooth: hci1: command tx timeout
[  803.790025][T14880] chnl_net:caif_netlink_parms(): no params data found
[  803.884315][ T5104] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  804.006110][T14931] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) !
[  804.114238][ T5104] usb 3-1: Using ep0 maxpacket: 32
[  804.137127][ T5104] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  804.190843][ T5104] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  804.214872][   T29] audit: type=1326 audit(1720293736.690:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14924 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x0
[  804.238213][ T5104] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  804.238292][ T5104] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  804.238337][ T5104] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  804.238379][ T5104] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  804.238427][ T5104] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  804.238460][ T5104] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.255279][ T5104] usb 3-1: config 0 descriptor??
[  804.336345][T14880] bridge0: port 1(bridge_slave_0) entered blocking state
[  804.343568][T14880] bridge0: port 1(bridge_slave_0) entered disabled state
[  804.373883][T14880] bridge_slave_0: entered allmulticast mode
[  804.404584][T14880] bridge_slave_0: entered promiscuous mode
[  804.424308][T14880] bridge0: port 2(bridge_slave_1) entered blocking state
[  804.451793][T14880] bridge0: port 2(bridge_slave_1) entered disabled state
[  804.503892][T14880] bridge_slave_1: entered allmulticast mode
[  804.537186][T14880] bridge_slave_1: entered promiscuous mode
[  804.711535][ T5104] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 58 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  804.787570][ T5104] usb 3-1: USB disconnect, device number 58
[  804.792611][T14880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  804.825928][ T5104] usblp0: removed
[  804.843589][T14880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  805.043108][T14880] team0: Port device team_slave_0 added
[  805.068185][T14880] team0: Port device team_slave_1 added
[  805.196415][T14947] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  805.240606][T14880] batman_adv: batadv0: Adding interface: batadv_slave_0
[  805.255253][T14880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  805.312858][T14880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  805.339011][T14880] batman_adv: batadv0: Adding interface: batadv_slave_1
[  805.347784][ T5104] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  805.356377][T14880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  805.399958][T14880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  805.418276][T14952] program syz.3.1723 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  805.431951][T14950] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1722'.
[  805.492739][T14953] input: syz0 as /devices/virtual/input/input64
[  805.530234][ T5155] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  805.556737][ T5155] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  805.564917][ T5104] usb 3-1: Using ep0 maxpacket: 32
[  805.575839][ T5104] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  805.604256][ T5104] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  805.615210][ T5104] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  805.631508][T14880] hsr_slave_0: entered promiscuous mode
[  805.659938][ T5104] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  805.676068][ T5104] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  805.696504][T14880] hsr_slave_1: entered promiscuous mode
[  805.721394][ T5104] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  805.761011][ T5104] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  805.776440][ T5104] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  805.830128][ T5104] usb 3-1: config 0 descriptor??
[  806.115089][   T29] audit: type=1326 audit(1720293738.590:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14962 comm="syz.1.1725" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73eb579 code=0x0
[  806.289351][ T5104] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 59 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  806.304110][ T5146] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  806.425287][ T1061] hsr_slave_0: left promiscuous mode
[  806.435761][ T1061] hsr_slave_1: left promiscuous mode
[  806.458814][ T1061] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  806.475708][ T1061] batman_adv: batadv0: Removing interface: batadv_slave_0
[  806.504717][ T1061] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  806.523910][ T1061] batman_adv: batadv0: Removing interface: batadv_slave_1
[  806.549027][ T5146] usb 4-1: Using ep0 maxpacket: 32
[  806.568328][ T5146] usb 4-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=cb.c8
[  806.588306][ T5146] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.611061][ T1061] veth1_macvtap: left promiscuous mode
[  806.618218][ T5146] usb 4-1: Product: syz
[  806.622528][ T5146] usb 4-1: Manufacturer: syz
[  806.628583][ T1061] veth0_macvtap: left promiscuous mode
[  806.648650][ T5146] usb 4-1: SerialNumber: syz
[  806.662029][ T1061] veth1_vlan: left promiscuous mode
[  806.674330][ T1061] veth0_vlan: left promiscuous mode
[  806.686269][ T5146] usb 4-1: config 0 descriptor??
[  806.843883][    C0] usblp0: nonzero read bulk status received: -71
[  806.895057][ T5173] usb 3-1: USB disconnect, device number 59
[  806.996751][   T29] audit: type=1326 audit(1720293739.470:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14978 comm="syz.4.1727" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0
[  807.078149][   T29] audit: type=1326 audit(1720293739.550:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14980 comm="syz.1.1728" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73eb579 code=0x0
[  807.116990][T14982] FAULT_INJECTION: forcing a failure.
[  807.116990][T14982] name failslab, interval 1, probability 0, space 0, times 0
[  807.133704][T14982] CPU: 0 PID: 14982 Comm: syz.4.1727 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  807.143919][T14982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  807.154012][T14982] Call Trace:
[  807.157329][T14982]  <TASK>
[  807.160287][T14982]  dump_stack_lvl+0x241/0x360
[  807.165002][T14982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  807.170211][T14982]  ? __pfx__printk+0x10/0x10
[  807.174897][T14982]  ? _copy_from_iter+0x26b/0x1960
[  807.179943][T14982]  should_fail_ex+0x3b0/0x4e0
[  807.184635][T14982]  ? build_skb+0x52/0x2a0
[  807.188990][T14982]  should_failslab+0x9/0x20
[  807.193506][T14982]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  807.198910][T14982]  ? __pfx_lock_release+0x10/0x10
[  807.204044][T14982]  build_skb+0x52/0x2a0
[  807.208242][T14982]  ? __tun_build_skb+0x25/0x2f0
[  807.213111][T14982]  __tun_build_skb+0x33/0x2f0
[  807.217812][T14982]  tun_get_user+0x2084/0x4560
[  807.222587][T14982]  ? tun_get_user+0x84c/0x4560
[  807.227392][T14982]  ? __pfx_tun_get_user+0x10/0x10
[  807.232431][T14982]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  807.237998][T14982]  ? tun_get+0x1e/0x2f0
[  807.242186][T14982]  ? tun_get+0x1e/0x2f0
[  807.246376][T14982]  ? tun_get+0x27d/0x2f0
[  807.250629][T14982]  tun_chr_write_iter+0x113/0x1f0
[  807.255664][T14982]  vfs_write+0xa72/0xc90
[  807.259933][T14982]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  807.265509][T14982]  ? __pfx_vfs_write+0x10/0x10
[  807.270292][T14982]  ksys_write+0x1a0/0x2c0
[  807.274651][T14982]  ? __pfx_ksys_write+0x10/0x10
[  807.279507][T14982]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  807.286115][T14982]  ? lockdep_hardirqs_on+0x99/0x150
[  807.291340][T14982]  __do_fast_syscall_32+0xb4/0x120
[  807.296483][T14982]  ? exc_page_fault+0x590/0x8c0
[  807.301359][T14982]  do_fast_syscall_32+0x34/0x80
[  807.306238][T14982]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  807.312683][T14982] RIP: 0023:0xf73c7579
[  807.316854][T14982] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  807.336482][T14982] RSP: 002b:00000000f5b3e540 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  807.344913][T14982] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000100
[  807.352898][T14982] RDX: 000000000000008e RSI: 00000000f73b2ff4 RDI: 0000000000000000
[  807.360896][T14982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  807.368888][T14982] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  807.376877][T14982] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  807.384873][T14982]  </TASK>
[  807.473554][T14975] usblp0: removed
[  807.934916][ T1061] team0 (unregistering): Port device team_slave_1 removed
[  807.984832][ T1061] team0 (unregistering): Port device team_slave_0 removed
[  808.486907][T14911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  808.499865][T14911] batman_adv: batadv0: Removing interface: batadv_slave_0
[  808.515651][T14911] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  808.654658][ T5162] usb 4-1: USB disconnect, device number 50
[  808.726106][   T29] audit: type=1326 audit(1720293741.200:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14987 comm="syz.1.1731" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73eb579 code=0x0
[  808.751458][T14990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1730'.
[  808.823894][T14990] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) !
[  809.125396][ T1252] ieee802154 phy0 wpan0: encryption failed: -22
[  809.131814][ T1252] ieee802154 phy1 wpan1: encryption failed: -22
[  810.136826][ T5102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  810.148137][ T5102] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  810.185154][ T5102] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  810.212599][ T5102] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  810.230918][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  810.244530][ T5102] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  810.279128][ T5092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  810.294227][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  810.305173][ T5092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  810.335887][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  810.343922][ T5092] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  810.354448][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  810.546950][ T1061] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.793472][ T1061] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.866000][T14880] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  810.901160][T14880] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  811.010129][ T1061] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  811.050048][T14880] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  811.100514][T14880] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  811.207772][ T5092] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  811.230659][ T5092] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  811.243502][ T5092] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  811.254899][ T5092] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  811.264560][ T5092] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  811.272627][ T5092] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  811.376871][ T1061] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  811.694220][ T5146] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  811.859938][ T1061] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  811.894481][ T5146] usb 4-1: Using ep0 maxpacket: 16
[  811.908510][ T5146] usb 4-1: New USB device found, idVendor=0b05, idProduct=1736, bcdDevice= d.b1
[  811.964781][ T5146] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.972843][ T5146] usb 4-1: Product: syz
[  812.005594][ T5146] usb 4-1: Manufacturer: syz
[  812.010275][ T5146] usb 4-1: SerialNumber: syz
[  812.032392][ T5146] usb 4-1: config 0 descriptor??
[  812.076517][ T1061] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.176637][   T29] audit: type=1326 audit(1720293744.650:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15034 comm="syz.2.1740" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0
[  812.204728][ T1061] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.221845][T15017] chnl_net:caif_netlink_parms(): no params data found
[  812.283719][ T1061] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.298177][ T5146] dvb-usb: found a 'Asus My Cinema-U3000Hybrid' in cold state, will try to load a firmware
[  812.394194][ T5102] Bluetooth: hci0: command tx timeout
[  812.428587][ T5146] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  812.437249][ T5146] dib0700: firmware download failed at 7 with -22
[  812.448660][ T5146] usb 4-1: USB disconnect, device number 51
[  812.533392][T15025] chnl_net:caif_netlink_parms(): no params data found
[  812.593313][T15017] bridge0: port 1(bridge_slave_0) entered blocking state
[  812.601117][T15017] bridge0: port 1(bridge_slave_0) entered disabled state
[  812.610870][T15017] bridge_slave_0: entered allmulticast mode
[  812.619984][T15017] bridge_slave_0: entered promiscuous mode
[  812.684349][T15017] bridge0: port 2(bridge_slave_1) entered blocking state
[  812.695065][T15017] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.713217][T15017] bridge_slave_1: entered allmulticast mode
[  812.733791][T15017] bridge_slave_1: entered promiscuous mode
[  812.924899][T15017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  812.977286][T15017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  813.012109][T14880] 8021q: adding VLAN 0 to HW filter on device bond0
[  813.084663][ T1061] bridge_slave_1: left allmulticast mode
[  813.090851][ T1061] bridge_slave_1: left promiscuous mode
[  813.104401][ T1061] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.143330][ T1061] bridge_slave_0: left allmulticast mode
[  813.152256][ T1061] bridge_slave_0: left promiscuous mode
[  813.174465][ T1061] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.179144][T15057] kvm: pic: non byte read
[  813.190223][T15057] kvm: pic: non byte read
[  813.200440][ T1061] bridge_slave_1: left allmulticast mode
[  813.206738][T15057] kvm: pic: non byte read
[  813.211706][T15057] kvm: pic: non byte read
[  813.216322][ T1061] bridge_slave_1: left promiscuous mode
[  813.222526][T15057] kvm: pic: non byte read
[  813.227629][ T1061] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.241662][T15057] kvm: pic: non byte read
[  813.249142][ T1061] bridge_slave_0: left allmulticast mode
[  813.255247][ T1061] bridge_slave_0: left promiscuous mode
[  813.261938][T15057] kvm: pic: level sensitive irq not supported
[  813.262104][T15057] kvm: pic: non byte read
[  813.273484][ T1061] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.283026][T15057] kvm: pic: non byte read
[  813.289339][T15057] kvm: pic: single mode not supported
[  813.289430][T15057] kvm: pic: non byte read
[  813.319140][T15057] kvm: pic: level sensitive irq not supported
[  813.319220][T15057] kvm: pic: non byte read
[  813.340988][T15057] kvm: pic: level sensitive irq not supported
[  813.341197][T15057] kvm: pic: level sensitive irq not supported
[  813.355463][ T5102] Bluetooth: hci3: command tx timeout
[  813.379453][T15057] kvm: pic: level sensitive irq not supported
[  813.504155][ T5173] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  813.702457][ T5173] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  813.723474][ T5173] usb 3-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  813.734612][ T5173] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  813.742685][ T5173] usb 3-1: Product: syz
[  813.753384][ T5173] usb 3-1: Manufacturer: syz
[  813.759222][ T5173] usb 3-1: SerialNumber: syz
[  814.474511][ T5102] Bluetooth: hci0: command tx timeout
[  814.637331][ T1061] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  814.663293][ T1061] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  814.687721][ T1061] bond0 (unregistering): Released all slaves
[  814.913688][ T1061] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  814.937696][ T1061] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  814.950839][ T1061] bond0 (unregistering): Released all slaves
[  815.250863][T15017] team0: Port device team_slave_0 added
[  815.260684][T15017] team0: Port device team_slave_1 added
[  815.313860][T15025] bridge0: port 1(bridge_slave_0) entered blocking state
[  815.331285][T15025] bridge0: port 1(bridge_slave_0) entered disabled state
[  815.351984][T15025] bridge_slave_0: entered allmulticast mode
[  815.377171][T15025] bridge_slave_0: entered promiscuous mode
[  815.391179][T15114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1743'.
[  815.403060][T15025] bridge0: port 2(bridge_slave_1) entered blocking state
[  815.410480][T15025] bridge0: port 2(bridge_slave_1) entered disabled state
[  815.426823][T15025] bridge_slave_1: entered allmulticast mode
[  815.434495][ T5102] Bluetooth: hci3: command tx timeout
[  815.442459][T15025] bridge_slave_1: entered promiscuous mode
[  815.521974][T15117] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) !
[  815.736962][T15025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  815.778469][T15025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  815.797677][T15017] batman_adv: batadv0: Adding interface: batadv_slave_0
[  815.812647][T15017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  815.859611][T15017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  815.969330][T15017] batman_adv: batadv0: Adding interface: batadv_slave_1
[  815.992951][T15017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  816.070039][T15017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  816.121826][T14880] 8021q: adding VLAN 0 to HW filter on device team0
[  816.190537][ T5173] qmi_wwan 3-1:1.0: skipping garbage
[  816.211274][ T5173] qmi_wwan 3-1:1.0: probe with driver qmi_wwan failed with error -22
[  816.251310][T15025] team0: Port device team_slave_0 added
[  816.252939][ T5173] usb 3-1: USB disconnect, device number 60
[  816.292125][T15025] team0: Port device team_slave_1 added
[  816.523507][T15017] hsr_slave_0: entered promiscuous mode
[  816.530858][T15017] hsr_slave_1: entered promiscuous mode
[  816.564087][ T5102] Bluetooth: hci0: command tx timeout
[  816.584702][T15017] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  816.592415][T15017] Cannot create hsr debugfs directory
[  816.645913][T15025] batman_adv: batadv0: Adding interface: batadv_slave_0
[  816.660689][T15025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  816.683583][T15130] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1744'.
[  816.687323][T15025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  816.712933][ T5104] bridge0: port 1(bridge_slave_0) entered blocking state
[  816.720173][ T5104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  816.731924][ T5104] bridge0: port 2(bridge_slave_1) entered blocking state
[  816.739169][ T5104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  816.762953][T15132] input: syz0 as /devices/virtual/input/input65
[  816.829830][T15025] batman_adv: batadv0: Adding interface: batadv_slave_1
[  816.839627][T15025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  816.935285][T15025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  817.041974][ T1061] hsr_slave_0: left promiscuous mode
[  817.055400][ T1061] hsr_slave_1: left promiscuous mode
[  817.095360][ T1061] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  817.102945][ T1061] batman_adv: batadv0: Removing interface: batadv_slave_0
[  817.119740][ T1061] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  817.134230][ T1061] batman_adv: batadv0: Removing interface: batadv_slave_1
[  817.164817][ T1061] hsr_slave_0: left promiscuous mode
[  817.177777][ T1061] hsr_slave_1: left promiscuous mode
[  817.212028][ T1061] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  817.224242][ T1061] batman_adv: batadv0: Removing interface: batadv_slave_1
[  817.323457][ T1061] veth1_macvtap: left promiscuous mode
[  817.334575][ T1061] veth0_macvtap: left promiscuous mode
[  817.345668][ T1061] veth1_vlan: left promiscuous mode
[  817.361274][ T1061] veth0_vlan: left promiscuous mode
[  817.393010][ T1061] veth1_macvtap: left promiscuous mode
[  817.398790][ T1061] veth0_macvtap: left promiscuous mode
[  817.406323][ T1061] veth1_vlan: left promiscuous mode
[  817.414522][ T1061] veth0_vlan: left promiscuous mode
[  817.525409][ T5102] Bluetooth: hci3: command tx timeout
[  818.456258][ T1061] team0 (unregistering): Port device team_slave_1 removed
[  818.512870][ T1061] team0 (unregistering): Port device team_slave_0 removed
[  818.635268][ T5102] Bluetooth: hci0: command tx timeout
[  819.034546][ T5155] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  819.043680][ T5155] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  819.355647][ T1061] team0 (unregistering): Port device team_slave_1 removed
[  819.433028][ T1061] team0 (unregistering): Port device team_slave_0 removed
[  819.595185][ T5102] Bluetooth: hci3: command tx timeout
[  820.257688][T15025] hsr_slave_0: entered promiscuous mode
[  820.264844][   T29] audit: type=1326 audit(1720293752.730:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15146 comm="syz.3.1749" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73b4579 code=0x0
[  820.296161][T15025] hsr_slave_1: entered promiscuous mode
[  820.303746][T15025] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  820.311833][T15025] Cannot create hsr debugfs directory
[  820.603437][   T29] audit: type=1326 audit(1720293753.070:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15148 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0
[  820.643214][T14880] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  821.126867][ T5155] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  821.143137][ T5155] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  821.358148][T14880] 8021q: adding VLAN 0 to HW filter on device batadv0
[  821.590198][T15172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1752'.
[  821.639267][T15172] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) !
[  821.879584][T14880] veth0_vlan: entered promiscuous mode
[  821.912179][T15017] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  821.968928][T15017] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  822.162797][T14880] veth1_vlan: entered promiscuous mode
[  822.195104][T15017] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  822.281181][T15017] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  822.798595][T15191] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1753'.
[  822.846676][T14880] veth0_macvtap: entered promiscuous mode
[  822.923541][T14880] veth1_macvtap: entered promiscuous mode
[  823.023205][T14880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.049471][T14880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.071040][T14880] batman_adv: batadv0: Interface activated: batadv_slave_0
[  823.086861][T14880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  823.110593][T15196] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1754'.
[  823.128017][T14880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.139656][T14880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  823.154586][T14880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.172497][T14880] batman_adv: batadv0: Interface activated: batadv_slave_1
[  823.196112][T15197] input: syz0 as /devices/virtual/input/input66
[  823.228050][T14880] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  823.261260][T14880] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  823.280143][T14880] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  823.289920][T14880] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  823.431185][T15017] 8021q: adding VLAN 0 to HW filter on device bond0
[  823.510623][T15025] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  823.560859][T15025] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  823.579315][T15025] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  823.611934][T15025] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  823.762865][T15017] 8021q: adding VLAN 0 to HW filter on device team0
[  823.851236][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  823.858522][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  823.971832][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  823.979131][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  824.043522][ T1061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  824.064805][ T1061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  824.118942][   T29] audit: type=1326 audit(1720293756.580:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15211 comm="syz.2.1758" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0
[  824.164724][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  824.172620][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  824.480927][T15017] 8021q: adding VLAN 0 to HW filter on device batadv0
[  824.510352][T15025] 8021q: adding VLAN 0 to HW filter on device bond0
[  824.610638][T15025] 8021q: adding VLAN 0 to HW filter on device team0
[  824.648514][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  824.655809][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  824.712166][ T5162] bridge0: port 2(bridge_slave_1) entered blocking state
[  824.719445][ T5162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  824.780047][T15017] veth0_vlan: entered promiscuous mode
[  824.799627][    T8] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  824.847112][T15017] veth1_vlan: entered promiscuous mode
[  825.009139][    T8] usb 1-1: Using ep0 maxpacket: 32
[  825.022681][    T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  825.035332][T15017] veth0_macvtap: entered promiscuous mode
[  825.064417][    T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  825.069336][T15017] veth1_macvtap: entered promiscuous mode
[  825.105143][    T8] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  825.125004][    T8] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  825.139510][T15025] 8021q: adding VLAN 0 to HW filter on device batadv0
[  825.147626][    T8] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  825.169945][    T8] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  825.190158][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.224367][    T8] usb 1-1: Product: syz
[  825.231911][    T8] usb 1-1: Manufacturer: syz
[  825.244040][    T8] usb 1-1: SerialNumber: syz
[  825.270766][T15017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  825.314107][T15017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  825.341781][T15017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  825.370456][T15017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  825.392419][T15017] batman_adv: batadv0: Interface activated: batadv_slave_0
[  825.438509][T15017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  825.463195][T15017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  825.504166][T15017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  825.532591][T15017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  825.561202][T15017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  825.604098][T15017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  825.636101][T15017] batman_adv: batadv0: Interface activated: batadv_slave_1
[  825.649814][    T8] cdc_ncm 1-1:1.0: bind() failure
[  825.682111][T15017] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  825.683806][    T8] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  825.709248][T15017] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  825.728245][    T8] cdc_ncm 1-1:1.1: bind() failure
[  825.744075][T15017] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  825.760711][    T8] usb 1-1: USB disconnect, device number 44
[  825.764159][T15017] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  825.831040][T15230] picdev_read: 9 callbacks suppressed
[  825.831064][T15230] kvm: pic: non byte read
[  825.865492][T15230] kvm: pic: level sensitive irq not supported
[  825.865577][T15230] kvm: pic: non byte read
[  825.929524][T15230] kvm: pic: non byte read
[  825.943149][T15025] veth0_vlan: entered promiscuous mode
[  825.950074][T15230] kvm: pic: level sensitive irq not supported
[  825.950151][T15230] kvm: pic: non byte read
[  825.963311][T15230] kvm: pic: level sensitive irq not supported
[  825.963385][T15230] kvm: pic: non byte read
[  825.976767][T15230] kvm: pic: non byte read
[  825.981440][T15230] kvm: pic: non byte read
[  825.990229][T15230] kvm: pic: non byte read
[  825.997605][T15230] kvm: pic: single mode not supported
[  825.997629][T15230] kvm: pic: level sensitive irq not supported
[  826.003219][T15230] kvm: pic: non byte read
[  826.038816][T15025] veth1_vlan: entered promiscuous mode
[  826.184834][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  826.197030][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  826.253745][T15025] veth0_macvtap: entered promiscuous mode
[  826.278877][ T1061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  826.298917][T15025] veth1_macvtap: entered promiscuous mode
[  826.315112][ T1061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  826.407316][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.430281][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.448305][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.456167][T15253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1761'.
[  826.467724][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.467753][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.467774][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.509267][T15025] batman_adv: batadv0: Interface activated: batadv_slave_0
[  826.532423][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.543349][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.573401][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.620930][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.669408][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.693117][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.737270][T15025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.788561][T15025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.823173][T15260] program syz.4.1733 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  826.834782][T15025] batman_adv: batadv0: Interface activated: batadv_slave_1
[  826.936659][T15025] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  826.974156][T15025] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  826.983007][T15025] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  827.014118][T15025] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  827.345028][T15264] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1763'.
[  827.422273][T15266] input: syz0 as /devices/virtual/input/input67
[  827.826455][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  827.860208][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  828.028348][   T29] audit: type=1326 audit(1720293760.500:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15273 comm="syz.4.1767" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x0
[  828.096461][T15272] netlink: 'syz.0.1766': attribute type 1 has an invalid length.
[  828.427957][   T29] audit: type=1326 audit(1720293760.900:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15278 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf7498579 code=0x0
[  829.271786][   T63] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.610427][   T63] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.792651][   T63] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.977217][   T63] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  830.361681][T15310] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1775'.
[  830.420800][T15310] input: syz0 as /devices/virtual/input/input68
[  830.436591][ T5092] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  830.447200][ T5092] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  830.464190][ T5092] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  830.482645][ T5092] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  830.499486][ T5092] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  830.508505][ T5092] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  830.526354][ T5102] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  830.535995][ T5102] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  830.544203][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  830.590677][ T5102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  830.647792][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  830.667926][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  830.678910][   T63] bridge_slave_1: left allmulticast mode
[  830.694488][T15292] ------------[ cut here ]------------
[  830.700018][T15292] WARNING: CPU: 1 PID: 15292 at kernel/workqueue.c:2282 __queue_work+0xc5e/0xee0
[  830.709180][T15292] Modules linked in:
[  830.713104][T15292] CPU: 1 PID: 15292 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  830.723475][T15292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  830.733565][T15292] RIP: 0010:__queue_work+0xc5e/0xee0
[  830.738892][T15292] Code: ff e8 76 83 36 00 90 0f 0b 90 e9 20 fd ff ff e8 68 83 36 00 eb 13 e8 61 83 36 00 eb 0c e8 5a 83 36 00 eb 05 e8 53 83 36 00 90 <0f> 0b 90 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[  830.758519][T15292] RSP: 0018:ffffc900033ef750 EFLAGS: 00010002
[  830.764600][T15292] RAX: ffffffff815fa44f RBX: ffff888022111e00 RCX: ffff888022111e00
[  830.772581][T15292] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  830.780559][T15292] RBP: 0000000000000000 R08: ffffffff815f9923 R09: 0000000000000000
[  830.788537][T15292] R10: ffffc900033ef820 R11: fffff5200067df05 R12: ffff88807d01b1c0
[  830.796605][T15292] R13: dffffc0000000000 R14: ffff88807d01b000 R15: 0000000000000008
[  830.804599][T15292] FS:  0000000000000000(0000) GS:ffff8880b9500000(0063) knlGS:0000000058532440
[  830.813630][T15292] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  830.820220][T15292] CR2: 00007ffdcdbbcc48 CR3: 0000000061e46000 CR4: 00000000003526f0
[  830.828202][T15292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  830.836185][T15292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  830.844182][T15292] Call Trace:
[  830.847479][T15292]  <TASK>
[  830.850428][T15292]  ? __warn+0x163/0x4e0
[  830.854616][T15292]  ? __queue_work+0xc5e/0xee0
[  830.859341][T15292]  ? report_bug+0x2b3/0x500
[  830.863882][T15292]  ? __queue_work+0xc5e/0xee0
[  830.868582][T15292]  ? handle_bug+0x3e/0x70
[  830.872951][T15292]  ? exc_invalid_op+0x1a/0x50
[  830.877660][T15292]  ? asm_exc_invalid_op+0x1a/0x20
[  830.882717][T15292]  ? __queue_work+0x123/0xee0
[  830.887406][T15292]  ? __queue_work+0xc4f/0xee0
[  830.892095][T15292]  ? __queue_work+0xc5e/0xee0
[  830.896792][T15292]  queue_work_on+0x1c2/0x380
[  830.901571][T15292]  ? __pfx_queue_work_on+0x10/0x10
[  830.906706][T15292]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  830.912716][T15292]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  830.919058][T15292]  ? skb_queue_tail+0x36/0x120
[  830.923834][T15292]  __hci_cmd_sync_sk+0x7b1/0x1130
[  830.928875][T15292]  ? __pfx___hci_cmd_sync_sk+0x10/0x10
[  830.934345][T15292]  ? __pfx_lock_release+0x10/0x10
[  830.939375][T15292]  ? aa_get_newest_label+0xff/0x6f0
[  830.944628][T15292]  __hci_cmd_sync_status+0x37/0x130
[  830.949840][T15292]  hci_dev_cmd+0x51c/0xa50
[  830.954270][T15292]  ? __pfx_hci_dev_cmd+0x10/0x10
[  830.959219][T15292]  ? proc_do_large_bitmap+0x110/0x13c0
[  830.964695][T15292]  ? hci_sock_ioctl+0x6c4/0xa40
[  830.969558][T15292]  compat_sock_ioctl+0x18b/0xf20
[  830.974521][T15292]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  830.980010][T15292]  ? __fget_files+0x29/0x470
[  830.984618][T15292]  ? __fget_files+0x3f6/0x470
[  830.989322][T15292]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  830.994889][T15292]  ? security_file_ioctl_compat+0x87/0xb0
[  831.000632][T15292]  __se_compat_sys_ioctl+0x51c/0xca0
[  831.005945][T15292]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  831.011852][T15292]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  831.017850][T15292]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  831.023856][T15292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  831.030202][T15292]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  831.036828][T15292]  ? lockdep_hardirqs_on+0x99/0x150
[  831.042087][T15292]  __do_fast_syscall_32+0xb4/0x120
[  831.047239][T15292]  do_fast_syscall_32+0x34/0x80
[  831.052111][T15292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  831.058449][T15292] RIP: 0023:0xf743a579
[  831.062526][T15292] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  831.082139][T15292] RSP: 002b:00000000ffa4a3b4 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  831.090563][T15292] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400448dd
[  831.098540][T15292] RDX: 00000000ffa4a404 RSI: 00000000f7425ff4 RDI: 0000000000000003
[  831.106524][T15292] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[  831.114527][T15292] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  831.122530][T15292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  831.130522][T15292]  </TASK>
[  831.133549][T15292] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  831.140916][T15292] CPU: 1 PID: 15292 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[  831.151245][T15292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  831.161309][T15292] Call Trace:
[  831.164596][T15292]  <TASK>
[  831.167531][T15292]  dump_stack_lvl+0x241/0x360
[  831.172227][T15292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  831.177526][T15292]  ? __pfx__printk+0x10/0x10
[  831.182128][T15292]  ? _printk+0xd5/0x120
[  831.186306][T15292]  ? vscnprintf+0x5d/0x90
[  831.190732][T15292]  panic+0x349/0x860
[  831.194642][T15292]  ? __warn+0x172/0x4e0
[  831.198815][T15292]  ? __pfx_panic+0x10/0x10
[  831.203240][T15292]  ? show_trace_log_lvl+0x4e6/0x520
[  831.208500][T15292]  __warn+0x346/0x4e0
[  831.212506][T15292]  ? __queue_work+0xc5e/0xee0
[  831.217205][T15292]  report_bug+0x2b3/0x500
[  831.221671][T15292]  ? __queue_work+0xc5e/0xee0
[  831.226385][T15292]  handle_bug+0x3e/0x70
[  831.230557][T15292]  exc_invalid_op+0x1a/0x50
[  831.235076][T15292]  asm_exc_invalid_op+0x1a/0x20
[  831.239940][T15292] RIP: 0010:__queue_work+0xc5e/0xee0
[  831.245237][T15292] Code: ff e8 76 83 36 00 90 0f 0b 90 e9 20 fd ff ff e8 68 83 36 00 eb 13 e8 61 83 36 00 eb 0c e8 5a 83 36 00 eb 05 e8 53 83 36 00 90 <0f> 0b 90 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[  831.265126][T15292] RSP: 0018:ffffc900033ef750 EFLAGS: 00010002
[  831.271201][T15292] RAX: ffffffff815fa44f RBX: ffff888022111e00 RCX: ffff888022111e00
[  831.279181][T15292] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  831.287157][T15292] RBP: 0000000000000000 R08: ffffffff815f9923 R09: 0000000000000000
[  831.295143][T15292] R10: ffffc900033ef820 R11: fffff5200067df05 R12: ffff88807d01b1c0
[  831.303117][T15292] R13: dffffc0000000000 R14: ffff88807d01b000 R15: 0000000000000008
[  831.311115][T15292]  ? __queue_work+0x123/0xee0
[  831.315800][T15292]  ? __queue_work+0xc4f/0xee0
[  831.320500][T15292]  queue_work_on+0x1c2/0x380
[  831.325100][T15292]  ? __pfx_queue_work_on+0x10/0x10
[  831.330223][T15292]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  831.336131][T15292]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  831.342646][T15292]  ? skb_queue_tail+0x36/0x120
[  831.347423][T15292]  __hci_cmd_sync_sk+0x7b1/0x1130
[  831.352466][T15292]  ? __pfx___hci_cmd_sync_sk+0x10/0x10
[  831.357946][T15292]  ? __pfx_lock_release+0x10/0x10
[  831.362981][T15292]  ? aa_get_newest_label+0xff/0x6f0
[  831.368294][T15292]  __hci_cmd_sync_status+0x37/0x130
[  831.373525][T15292]  hci_dev_cmd+0x51c/0xa50
[  831.377952][T15292]  ? __pfx_hci_dev_cmd+0x10/0x10
[  831.382898][T15292]  ? proc_do_large_bitmap+0x110/0x13c0
[  831.388392][T15292]  ? hci_sock_ioctl+0x6c4/0xa40
[  831.393254][T15292]  compat_sock_ioctl+0x18b/0xf20
[  831.398219][T15292]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  831.403703][T15292]  ? __fget_files+0x29/0x470
[  831.408306][T15292]  ? __fget_files+0x3f6/0x470
[  831.413009][T15292]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  831.418736][T15292]  ? security_file_ioctl_compat+0x87/0xb0
[  831.424483][T15292]  __se_compat_sys_ioctl+0x51c/0xca0
[  831.429954][T15292]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  831.435771][T15292]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  831.441767][T15292]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  831.447755][T15292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  831.454202][T15292]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  831.460826][T15292]  ? lockdep_hardirqs_on+0x99/0x150
[  831.466058][T15292]  __do_fast_syscall_32+0xb4/0x120
[  831.471192][T15292]  do_fast_syscall_32+0x34/0x80
[  831.476060][T15292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  831.482392][T15292] RIP: 0023:0xf743a579
[  831.486468][T15292] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  831.506082][T15292] RSP: 002b:00000000ffa4a3b4 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  831.514503][T15292] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400448dd
[  831.522477][T15292] RDX: 00000000ffa4a404 RSI: 00000000f7425ff4 RDI: 0000000000000003
[  831.530448][T15292] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[  831.538424][T15292] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  831.546401][T15292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  831.554412][T15292]  </TASK>
[  831.557821][T15292] Kernel Offset: disabled
[  831.562245][T15292] Rebooting in 86400 seconds..