last executing test programs:

13.714332111s ago: executing program 2 (id=1089):
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
syz_usb_connect(0x1, 0x24, &(0x7f0000000540)=ANY=[@ANYRES8=r2, @ANYBLOB="581aa69259bbf83ba15a6146f47a096f2edf88fff812816f00cc3b86268fb6e42571c7e7558a88ae188e2d4fb24c163429dbf72da61a20ffa02332957ff3d9046cabb14a1f46bd0d75d71267b571aedcf9d66cbadfcd4067c4bf27d38b3460f2b09c4b16fc474d9cee0544801b76752e2d8edd57032f1fb3bf86", @ANYRESDEC=0x0], 0x0)
getpid()
sendmsg$netlink(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="2400000076001f03000000000000000008000000ffffffff0c000d80080003"], 0x24}, {&(0x7f0000000340)=ANY=[@ANYBLOB="240000002700080026bd7000fbdbdf2501000c00400006000000000000008464d62d0e1031edf0c289693f831ce7bb85d7659a329e30491053e12a4871f13be2561d320d391099f7fc1c9aa514f5e57fbe8f6d294c3894ab84e6f79e24c493bca0fd312f942e288f39b6760eb4de57f8dd0bdd3b28b74839130286eae75d80f2d0d0e9eb325c0672869553de4f92b9205cca67adac614fcc2c741328c275ade5a4b144aec290c4939c3c9d97f5a3fe6725eab9dbd2816ab895b2d5e82bae7e0eae3063e15927fe8e4d3a083402e0f3c00d41619165e350a9da5bd10028f3d4e82aef8a01c2896a44afdc4287e9952f0f9fa865b319dafa74ccf832a035c08edcaeadd431dd016d08785b2425588d37d18943b0558c710e49472f0311f966"], 0x24}], 0x2}, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
listen(r0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_CAPBSET_DROP(0x1c, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
unshare(0x8040080)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'veth0_macvtap\x00', @random="22c2930e4b75"})
fcntl$dupfd(r6, 0x0, r5)

10.638618612s ago: executing program 2 (id=1095):
socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='bond0\x00', 0x10)
bind$inet(r1, &(0x7f0000000080)={0x2, 0xffff, @remote}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xffffffffffffffff, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
syz_open_dev$video(0x0, 0xa7, 0x0)
write$tun(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x28)
socket$xdp(0x2c, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="18bfffffffffffffff0000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="9e36d448b388dd965f7a3312779a", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x40186f40, 0x20000502)

9.494467668s ago: executing program 2 (id=1100):
syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f00000009c0)={{0x12, 0x1, 0x0, 0x3a, 0x98, 0x2a, 0x8, 0xccd, 0x10a3, 0x23a2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x57, 0x33, 0x19}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000001380)={0x2c, &(0x7f0000001180)={0x0, 0x0, 0x6, "dee6eb642785"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000980)={0x0, 0x4}, 0xe)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x76, &(0x7f0000000040)={r5}, &(0x7f0000000080)=0x18)

8.124310135s ago: executing program 0 (id=1104):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendto$inet6(r0, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a0008002ec000000001", 0x1c, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x48, 0x3, 0x8, 0x201, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSING={0x8}, @CTA_TIMEOUT_DCCP_RESPOND={0x8}, @CTA_TIMEOUT_DCCP_TIMEWAIT={0x8}, @CTA_TIMEOUT_DCCP_PARTOPEN={0x8}]}]}, 0x48}}, 0x0)

7.866527971s ago: executing program 0 (id=1105):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000002000000003400000008000300", @ANYRES32=r2, @ANYBLOB="14005500f2a061aa1180009b0e07efaadd67505c0a0006000802110000010000050020013f"], 0x4c}}, 0x0)

7.654560813s ago: executing program 3 (id=1071):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0xffffff1f, 0x40000000, 0x3, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @remote}, @IFLA_BR_AGEING_TIME={0x8, 0x9}]}}}]}, 0x48}, 0x1, 0x0, 0x40000000}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x1, 0x0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000440)=0x10000)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r3, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f00000002c0)={0x18, 0x0, r4, r5, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000300)={0x28, 0x0, r5, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r5})

7.639093692s ago: executing program 0 (id=1106):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_ACTIVE_SLAVE={0x8, 0x2, r2}]}}}]}, 0x44}}, 0x0)
r3 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1, 0x27, 0x48, 0x10, 0x7ca, 0xb808, 0xdb2f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x46, 0x11, 0x3f, 0x6}}]}}]}}, 0x0)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7e, 0x9e, 0xb4, 0x10, 0x54c, 0x38, 0x16f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0xc5, 0x38}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000180)={0x2c, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x8, 0x1}, 0x0, 0x0})
r5 = socket$kcm(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)
recvmmsg(r6, &(0x7f0000003a40)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0xffb}], 0x1}}], 0x1, 0x0, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030021000b12d25a80648c2594f90124fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f00000000c0)={0x44, 0x0, &(0x7f0000000240)={0x0, 0xa, 0xffffffffffffff9a}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x25, &(0x7f00000000c0)=0x7a, 0x4)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r8, 0xc008551a, &(0x7f0000005480)=ANY=[])
r9 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r9, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
r10 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000600)={'team0\x00', <r11=>0x0})
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b40)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x89, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5}]}]}]}}]}, 0x9c}}, 0x0)
syz_usb_control_io$printer(r3, &(0x7f0000002580)={0x14, 0x0, &(0x7f0000002540)={0x0, 0x3, 0x4, @lang_id={0x4}}}, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, &(0x7f0000003080)={0x1c, &(0x7f0000002f80)={0x0, 0x0, 0x1, "9f"}, 0x0, 0x0})

6.358678488s ago: executing program 3 (id=1110):
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x141d00, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffffc3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e22, @local}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0xc3, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000020000202505a1a44000010203010902b1000201000000000006240600013b05240000000d240f010000000000000000ff0624"], 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040), 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x4}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xc)
sendmmsg$inet6(r1, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000480)="78a367bd88eb9c7ed48495fc053ac615ff05f8479f142af391181a8b71f5a34a40c6fbf82fc257286f3d0b00b4130c11fdf6164017ebb15987dd0a87a1f48ead3da61d0187e2a314f402acdbe54e520a2ad28992c026c3dea55526f39dc27c67cafa1e4aedb8568c523d1fda22a092688791e96fe9", 0x75}], 0x1)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

6.217887833s ago: executing program 4 (id=1112):
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8002000000000000000100000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)

6.078214256s ago: executing program 1 (id=1113):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x4000000}, 0x0)

5.942569411s ago: executing program 4 (id=1114):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000400)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5e8ce5b2806ff7171c64a689a0ba35e934506a46a10b9a579dc43630831e2c5400853b58e020c9cb65e44d4957b00ed35a858d44b25d5b8dad1be42", 0x118}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000001080)="63c3b174ab06077f6ee67ac1310d86586b13d2c9e203a9da866b81e20e9fe5c43219396d489c1459ce9cd14fa3b43a0b9b6004118a35444790d7", 0x3a}, {&(0x7f00000003c0)="03d54d843173f8be883a57d9e39cc6c79c415ac50f3e1e9c9373002a5b1918", 0x1f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)="610cb4f6db2105b873df3f7652cc642b85afb69fc18178429903bb6e", 0x1c}, {&(0x7f0000000180)="6fe279d51047ff146af40b78b8d7ae53db8648c2090d72bcfeaf6fabbbfbe8dbc8b8f4cb22ac43d5a0fa87533bb375454751b8dd8aae4808a3", 0x39}, {&(0x7f00000001c0)="6d5edb4b883e266ba8c38aa9d13a78431c9d2cb6d8f4e1e80bb8a936aa105f46c914c46487522bc58054c4b0a523eeda0c76b595b36a515b6d30e34705733bb34bda2f89e92b2a98d2edbcffad9c5ccde0d723423cf07e4ffdbd568d3e263fb3b4086af3f2db1933785e59538bfd61f138ffac9eef7c8b34e4ce506220f43af449d3a72f48d9febe830b04cb3c99425de34cac503014ce74562667d8d6888edcc42f", 0xa2}, {0x0}], 0x4}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb3bf10f3485e399c8b59df5b02c5f2702522", 0x3c}, {&(0x7f0000001480)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e79648b360230b3b91cc2669e2c691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f0800000000000000f7b51dd5319b8016623d1863d7d77ceefde94faf2e36c3920581691a79a6678db1e5e7fa1ca703ee7aa87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c5ed599a1b0cc81b23b7c85adb97f7439d6ef8d81a4bec9f81c1cda55a5852d9794d200e51fe4fd3f64a84db59fb459cc808665c8dcd241146690f33839164f7ffb7fc98d7872c6d65cdb72cd90a31e79c4b13de4188b1693f78b0961bf4cdb9147e69e26ef6575c2e0f69a01dfffee06d820b68f974f873f581ec59196645ab1de9a15e082de3286498f912943040008504bfe654b10507c33c45711cd09cea349caf2d0785d14423dddfea0127dbf78c22dc0001646536ae2275342073c54949eed3dbfa2371fb057bc3f3a9e7e17de4129f6709ca4c71fcc7605e994113f3f56681eeec67fc49a2bd6208ad8d5497b1a5a7c21bedf1e07a074fa12958b4e51e9249e3193e73", 0x1d8}, {&(0x7f0000000940)="5be3b011e12323e4ab88c0472fd012198c3c61bb81e71ba62134303d2db9740143b0374a0d0be875789932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19645f7a1dcf1449fd34eecae5f52fba1e89d6d34b39297bbbc258c2ea547d47f2d89ad6e36e737691a1c6bdd164b2a85cbaaf648c910559f53581c60bd6c80f90c75f664e5b285c738881560f8ae89a4943141ac45fb6995cece6a2e0e62bd79213527a11c34a6e89ca41ead3e2589301279d9b0832d0b5a6ebe2cf0cbfa40ab948b0b9efe108aeded8d12388a459", 0xd4}], 0x3}}], 0x4, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

5.850005475s ago: executing program 1 (id=1115):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000100)={{@my=0x1}, @hyper, 0x0, 0x2925, 0x0, 0x20000000, 0x4})
r1 = socket$key(0xf, 0x3, 0x2)
fcntl$setsig(r1, 0xa, 0x2a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
signalfd(r1, &(0x7f0000000000)={[0x4]}, 0x8)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000000440)=""/102391, 0x18ff7}], 0x1, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r2)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000010)
write$binfmt_script(r5, &(0x7f0000000380)={'#! ', '', [], 0xa, "77eeb0fb8855d6edc36122dc8cfec47481162f2436f8"}, 0x1a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x10010, r4, 0xf9f99000)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbb0000000000000800450000300000000000019078c11e0001ac1414002b00907803000000450000000000000000000000ac1e0001ac1414aa"], 0x0)
r6 = dup(r4)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
write$sequencer(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10)
sendto$inet(r8, &(0x7f0000000280)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r7, 0xae9a)

5.562059234s ago: executing program 4 (id=1116):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ustat(0x801, &(0x7f0000000300))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xa, 0x148, 0x190, 0x10, 0x3e8, 0x2a8, 0x2a8, 0x3e8, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'syz_tun\x00', 'rose0\x00'}, 0x0, 0x120, 0x190, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'dummy0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@inet=@hashlimit1={{0x58}, {'pim6reg0\x00', {0x0, 0x0, 0x10001, 0x0, 0x8, 0x6, 0xa359e000}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc0d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @multicast2, 0x0, 0x0, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0x1f0, 0x258, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve0\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4e0)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000e00)={0x228, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x80, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ID={0x5d, 0x3, "a5579cddb1a26248eebde3c5ccb6ace5bd3ccdf8b8a7a317f209792d116577be1c50fa7be223c6cfc7602b9cdabeac408e50fc6238e2344c006d4094d39899f9fcae86e034fcc91915bd6c95ba5b2fb6e96c4021f937f693f6"}]}, @TIPC_NLA_NODE={0x118, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}, @TIPC_NLA_NODE_ID={0x4}, @TIPC_NLA_NODE_ID={0xb0, 0x3, "91ebef4bcb4edf633aa88d8f091701b2a41fa8fd0382beed591cef12ffab84f7992c78ee4a2b06ae8e01bf0bffba815aa8e115c1887b08c7fc7e29974992898d405cf015e65ed7bede5cd7a171e8d8a8b03a4c32668d1a235621843b94b2d9fa08d7311a575b125c9df4b8036ff9e987b278126fe8a1b888c51fba07e9dea546cf7afe7099b8f7a51029f847c1ddc53f6783836d60621b8704a4892e94476676ba34838b33527e3c5ba798c8"}, @TIPC_NLA_NODE_ID={0x41, 0x3, "aef568770b0ceb16b7f5db9ea64348427c17ada9c54696dfc39e00b5136721a8ceaf0c8d171d21be8be20e62d1e432ea0c8f91d958172e3825e9204718"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fffffffffffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x401}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA={0x4}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x228}, 0x1, 0x0, 0x0, 0x4004000}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x8}}, {}, [], {{0x7, 0x1, 0xb, 0x1, 0x9, 0x10, 0x4000}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ip6erspan0\x00'})
openat$hwrng(0xffffffffffffff9c, 0x0, 0x400500, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="341000003b0007010000000000000000017c00000400000014000180080016000000000006000600800a0000080002"], 0x1034}}, 0x7000000)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7fff, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4b0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x510)
syz_open_dev$admmidi(0x0, 0x20, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)

5.461546073s ago: executing program 0 (id=1117):
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x4e, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="580000000267fe9ba685bd872031c18377924cfe9b6d423d06010300000000000000000000000005000400000000000900020073797a31000000000500010007e0ffff130007800800114000000000050015000200000014"], 0x58}, 0x1, 0x0, 0x0, 0x404c091}, 0x84)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (rerun: 32)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
fcntl$getflags(r1, 0x40a) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x6, 0x0, 0x2a, @dev={0x12}, @mcast2={0xff, 0x3, '\x00', 0xf}, 0x2000, 0xba08}})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket(0x0, 0x0, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) (async)
listen(r5, 0x0) (async)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) (async, rerun: 64)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x28, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) (async)
socket$inet6_sctp(0xa, 0x0, 0x84)

5.218482808s ago: executing program 2 (id=1118):
socket(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r0=>0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000070900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000058000000060a010400000000000000000100000008000b40000000000900010073797a300000000030000480100001800c000100636f756e746572001c0001800a00010071756575650000000c0002800600014000000000140000001100010000000000000000000000000a"], 0xe0}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000300)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0007d1000000"], 0x0, 0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000500), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000000)={0x0, [[0x5, 0x5, 0xfffffffc, 0x0, 0x0, 0x80000000], [0x0, 0x1], [0x7, 0x4, 0x0, 0x0, 0x0, 0x8]], '\x00', [{}, {}, {}, {0x7}], '\x00', 0x0, 0x0, 0x0, 0x2})
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES16=r0], 0x9a)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f22"], 0x22)
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x2, 0x1000, 0x3, 0x1, 0x1d48, 0xffffffffffffffff, 0x5fff, '\x00', 0x0, r3, 0x0, 0x1, 0x4}, 0x48)
r4 = getpgid(0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000020c0)='./file0\x00', 0x0, 0x100)
msgctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000002180)={{0x1, 0xee00, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x0, 0x0, 0x3ff, 0x1, 0x2, 0x9, 0x4, 0x9, 0xe4, 0x9, r4, r4})
r5 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000002240), 0x2, 0x0)
write$6lowpan_control(r5, &(0x7f0000002280)='connect aa:aa:aa:aa:aa:11 0', 0x1b)

4.972888122s ago: executing program 0 (id=1119):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8f4dd086d0492082a6d0000000109021b0001000000000904"], 0x0)
unshare(0x60400)
socket(0x40000000015, 0x5, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210500000000000000004a00000008000300", @ANYRES32=r4], 0x28}}, 0x0)
read(r2, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x10000000000002)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
close(r6)

4.860226616s ago: executing program 1 (id=1120):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtclass={0x48c, 0x28, 0x4, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {0xb, 0xe68cae220a3e3d54}, {0xfff1}}, [@tclass_kind_options=@c_taprio={0xb}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_ingress={0xc}, @tclass_kind_options=@c_htb={{0x8}, {0x408, 0x2, [@TCA_HTB_RTAB={0x404, 0x4, [0x0, 0x80000000, 0x990, 0x8, 0x9, 0x6, 0x5, 0x2, 0x9, 0x3ff, 0xff, 0x0, 0xa1, 0x3, 0x2, 0xd24e, 0x2, 0xc, 0x0, 0x3, 0x2, 0x5, 0xf, 0x0, 0x5, 0xba, 0x8, 0xf3, 0x2, 0x4, 0x458, 0x9, 0x734, 0x1000, 0x9, 0x3, 0x1, 0x1, 0x4, 0x9, 0x8, 0x75e, 0xbf, 0x3, 0x3bcd, 0x9, 0x2fb, 0x3, 0x6, 0x7, 0xffff, 0x10000, 0x8, 0x4, 0xf7, 0x10001, 0xe, 0x4, 0xffff, 0x9, 0x0, 0xfff, 0x0, 0x4, 0xd5f, 0x0, 0x6, 0x0, 0x3, 0x6, 0x2, 0x0, 0xc0000000, 0x5, 0x200, 0x8, 0x1000, 0x0, 0xb3f, 0x7, 0x2, 0x5, 0x1000, 0x2, 0xfffffe01, 0x7fffffff, 0x3, 0x3, 0x1, 0x0, 0x5, 0x8, 0xfffffffe, 0x7, 0x8, 0x8, 0x81, 0x7, 0x8, 0x80000001, 0x5, 0x1, 0x1ff, 0x80000001, 0x2, 0x2, 0x81, 0xff, 0x13e7289a, 0x80000000, 0x0, 0x1, 0x10, 0x2, 0x100, 0x4, 0x0, 0x2, 0x3, 0x846d, 0x7, 0x9, 0x3a, 0xcb5f, 0x7ff, 0x100, 0x5, 0x7, 0x7, 0x6, 0xb4, 0x7fff, 0x3, 0x6, 0x5, 0x67e3, 0x4, 0x8e, 0x1, 0x80, 0x6, 0xbe7f, 0x4, 0x8, 0x9, 0x8, 0x2, 0x7d8, 0x5, 0x0, 0x401, 0x6, 0xd, 0x80000000, 0x9, 0xd5, 0x0, 0x3, 0x101, 0x81, 0xb82, 0xfffff995, 0x401, 0x7, 0x4, 0x9, 0x6, 0x2, 0x4, 0x9, 0x35a5, 0x9, 0x7ff, 0xc2a, 0xe6fd, 0x7, 0x2, 0x9, 0x8, 0x1000, 0x5, 0x7fff, 0x6, 0x7c637be9, 0x1, 0x140000, 0x7, 0x0, 0x3, 0x81, 0x101, 0x1, 0x10001, 0x3, 0x8, 0xe2, 0x0, 0x5, 0xbf, 0x7, 0xb847, 0x44, 0x9, 0x2, 0x0, 0x7, 0xa, 0x4, 0x2, 0x8100, 0x1, 0x6, 0xfffffffa, 0xe0c1, 0x8000, 0x4, 0xbe4, 0x1, 0x9, 0xa48, 0x1, 0x4, 0x5, 0x9, 0x1, 0x7, 0x3, 0x0, 0x9, 0x5, 0x0, 0x2, 0xff, 0x10, 0xd3a, 0x8b, 0xf, 0xfffeffff, 0x3, 0x3b4, 0x10, 0x2, 0x8, 0x8, 0x0, 0x9bb5, 0x10, 0x9, 0xfff, 0x101, 0x81, 0x80000000, 0x8000, 0x3, 0x8, 0x9]}]}}, @tclass_kind_options=@c_sfb={0x8}, @TCA_RATE={0x6}, @tclass_kind_options=@c_tbf={0x8}, @tclass_kind_options=@c_fq_codel={0xd}, @tclass_kind_options=@c_mqprio={0xb}]}, 0x48c}}, 0x1)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

4.589554005s ago: executing program 1 (id=1121):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ustat(0x801, &(0x7f0000000300))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xa, 0x148, 0x190, 0x10, 0x3e8, 0x2a8, 0x2a8, 0x3e8, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'syz_tun\x00', 'rose0\x00'}, 0x0, 0x120, 0x190, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'dummy0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@inet=@hashlimit1={{0x58}, {'pim6reg0\x00', {0x0, 0x0, 0x10001, 0x0, 0x8, 0x6, 0xa359e000}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc0d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @multicast2, 0x0, 0x0, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0x1f0, 0x258, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve0\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4e0)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000e00)={0x224, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x80, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ID={0x5d, 0x3, "a5579cddb1a26248eebde3c5ccb6ace5bd3ccdf8b8a7a317f209792d116577be1c50fa7be223c6cfc7602b9cdabeac408e50fc6238e2344c006d4094d39899f9fcae86e034fcc91915bd6c95ba5b2fb6e96c4021f937f693f6"}]}, @TIPC_NLA_NODE={0x114, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}, @TIPC_NLA_NODE_ID={0x4}, @TIPC_NLA_NODE_ID={0xb0, 0x3, "91ebef4bcb4edf633aa88d8f091701b2a41fa8fd0382beed591cef12ffab84f7992c78ee4a2b06ae8e01bf0bffba815aa8e115c1887b08c7fc7e29974992898d405cf015e65ed7bede5cd7a171e8d8a8b03a4c32668d1a235621843b94b2d9fa08d7311a575b125c9df4b8036ff9e987b278126fe8a1b888c51fba07e9dea546cf7afe7099b8f7a51029f847c1ddc53f6783836d60621b8704a4892e94476676ba34838b33527e3c5ba798c8"}, @TIPC_NLA_NODE_ID={0x41, 0x3, "aef568770b0ceb16b7f5db9ea64348427c17ada9c54696dfc39e00b5136721a8ceaf0c8d171d21be8be20e62d1e432ea0c8f91d958172e3825e9204718"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fffffffffffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x401}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA={0x4}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x4004000}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x8}}, {}, [], {{0x7, 0x1, 0xb, 0x1, 0x9, 0x10, 0x4000}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ip6erspan0\x00'})
openat$hwrng(0xffffffffffffff9c, 0x0, 0x400500, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="341000003b0007010000000000000000017c00000400000014000180080016000003000006000600800a0000080002"], 0x1034}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7fff, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4b0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x510)
syz_open_dev$admmidi(0x0, 0x20, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)

3.754534908s ago: executing program 4 (id=1122):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b00010100000009040000010701010009050102"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000b40)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)={0x20, 0x0, 0x1}})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006480)={0x2020}, 0x2020)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, 0xffffffffffffffff, 0x0, 0xa0028000}, 0x38)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_io_uring_setup(0x4ea1, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000080), &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_setup(0x5de, &(0x7f0000000200), &(0x7f0000000940)=<r5=>0x0, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
r6 = epoll_create1(0x0)
r7 = eventfd(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000004c0)={0x80000007})
epoll_pwait(r6, &(0x7f0000000340)=[{}], 0x1, 0x0, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000880)={0x2c, 0x1, 0x1, 0xf03, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x4}, @CTA_MARK={0x8}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x140}]}]}, 0x2c}}, 0x0)
close(r0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x5c1341, 0x0)

3.656344445s ago: executing program 2 (id=1123):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b00010100000009040000010701010009050102"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000b40)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)={0x20, 0x0, 0x1}})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006480)={0x2020}, 0x2020)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, 0xffffffffffffffff, 0x0, 0xa0028000}, 0x38)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_io_uring_setup(0x4ea1, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000080), &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_setup(0x5de, &(0x7f0000000200), &(0x7f0000000940)=<r5=>0x0, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
r6 = epoll_create1(0x0)
r7 = eventfd(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000004c0)={0x80000007})
epoll_pwait(r6, &(0x7f0000000340)=[{}], 0x1, 0x0, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000880)={0x2c, 0x1, 0x1, 0xf03, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x4}, @CTA_MARK={0x8}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x140}]}]}, 0x2c}}, 0x0)
close(r0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x5c1341, 0x0)

3.094053668s ago: executing program 3 (id=1124):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x0, 0x40000000}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x20, 0x0, 0x1, 0x0, 0x0, 0x4}) (fail_nth: 2)

2.222731708s ago: executing program 3 (id=1125):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$can_j1939(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)=""/112, 0x70}, {&(0x7f0000000100)=""/72, 0x48}, {&(0x7f0000000180)=""/230, 0xe6}, {&(0x7f0000000280)=""/51, 0x33}, {&(0x7f00000004c0)=""/174, 0xae}, {&(0x7f0000000680)=""/224, 0xe0}, {&(0x7f0000000780)=""/252, 0xfc}], 0x7}, 0x10000)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000880)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="54ac3ae9b043eec1e9d4b550e90f9deb0f0891f499f8b2d1125a6a3491e32c2bd386ece859a61e858e0c0000ce2f3d9dd0f04471fc050e07111c78dadc7f3fe156d60c097cfc80d9962f9ac90e000000"], 0x12f4}}, 0x0)
recvmmsg(r1, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/216, 0xd8}], 0x1}, 0x7}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000022c0)=""/4085, 0xff5}], 0x1}, 0xb64d}], 0x2, 0x2101, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00'})

2.066753886s ago: executing program 1 (id=1126):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
socket(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
write$P9_RMKNOD(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x13, 0x0, {0x0, 0x0, 0x7}}, 0x14)
r0 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000001440))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x18, 0x20000000, r1)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x10000, 0x2, 0x709, 0x80, 0x1, 0xc26, '\x00', 0x0, r2, 0x2, 0x1, 0x1}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x28, 0x0, &(0x7f00000006c0)="e000000000000107ff82762f86dd1f1fba2dff09007ad265128380cf53be2749249d7687a200c778", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc}, 0x50)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x4e21, 0x1, @empty, 0x5}, 0x1c)
bpf$ENABLE_STATS(0x20, &(0x7f00000000c0), 0x4)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
r3 = syz_open_dev$loop(0x0, 0x3, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000280)={'\x00', 0x11, 0x8, 0x401})
r4 = syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x12, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0}, 0x90)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x41, 0x1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="01000000000000000000050000000500020003000000600103800400010008000200000000002a00050000b080ac29824f467e9decc090f8baf0fe4460d8c2722ae5e0e7b86b8dcd92dd59a4e9b26f4e000008000200010000000800020005000000300003801c000180090002003a292c2d00000000040003000800010003000000100001800c000200657468746f6f6c00e4000380340001800f0002002f6465762f6877726e670000080001000500000004000300040003000800010009000000080001000800000030000180090002003a292c2d0000000008000100ed430000040003000b0002002a5e7d5d2d2800000400030004000300540001800f0002002b8f29265e2b2d272f2e00003500020000c5f2371332795050fa74ba3eab9fb115d11765d0f66eccbc3292e0baa8c7fc27a97604b8486aaed05d9f10986b2ed17a0000000800010006000000280001800b000200b6b67d5c212c00000b000200287b4c23285c0000090002000f5dc22300000000"], 0x17c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)

1.942475537s ago: executing program 3 (id=1127):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
socket(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
write$P9_RMKNOD(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x13, 0x0, {0x0, 0x0, 0x7}}, 0x14)
r0 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000001440))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x18, 0x20000000, r1)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x10000, 0x2, 0x709, 0x80, 0x1, 0xc26, '\x00', 0x0, r2, 0x2, 0x1, 0x1}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x28, 0x0, &(0x7f00000006c0)="e000000000000107ff82762f86dd1f1fba2dff09007ad265128380cf53be2749249d7687a200c778", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc}, 0x50)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x4e21, 0x1, @empty, 0x5}, 0x1c)
bpf$ENABLE_STATS(0x20, &(0x7f00000000c0), 0x4)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
r3 = syz_open_dev$loop(0x0, 0x3, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000280)={'\x00', 0x11, 0x8, 0x401})
r4 = syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x12, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0}, 0x90)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x41, 0x1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="01000000000000000000050000000500020003000000600103800400010008000200000000002a00050000b080ac29824f467e9decc090f8baf0fe4460d8c2722ae5e0e7b86b8dcd92dd59a4e9b26f4e000008000200010000000800020005000000300003801c000180090002003a292c2d00000000040003000800010003000000100001800c000200657468746f6f6c00e4000380340001800f0002002f6465762f6877726e670000080001000500000004000300040003000800010009000000080001000800000030000180090002003a292c2d0000000008000100ed430000040003000b0002002a5e7d5d2d2800000400030004000300540001800f0002002b8f29265e2b2d272f2e00003500020000c5f2371332795050fa74ba3eab9fb115d11765d0f66eccbc3292e0baa8c7fc27a97604b8486aaed05d9f10986b2ed17a0000000800010006000000280001800b000200b6b67d5c212c00000b000200287b4c23285c0000090002000f5dc22300000000"], 0x17c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)

1.678884731s ago: executing program 0 (id=1128):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a00009040000010301010009210008000122030009", @ANYRES64], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000001180)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001300)={0x2c, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000680)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB='@0J'], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000006c0)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000001100)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="22000004000000da37"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.018595136s ago: executing program 1 (id=1129):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f00000000c0)=0x100000, 0x4) (async)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x2f) (async)
symlinkat(&(0x7f0000000100)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001740)='./file0\x00') (async)
r1 = syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000080)='./file0/file0\x00', 0x20000, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB="2c726f6f746d6f64acce8346da303098e7ef11988fe300fb330530cb302c757365725f69643d0000000000000800000000000000000ae9a03b443af41cd97a4087abae6276e9cca7c21eac23d9cf34a5fa58657a910dec34806a6896a0548f5858034884dbb5696bfd8732a0cce686a562179f1775f07f471746b29a548589350a365d603c88e5d678e6b162289ea32ad6215a62fca82909d6981e2dad141e678f742390c8dcb6ecb88779f4ba66d8f45d368cbea9edeaf53b03fa30edcd0e42fe23c7b010904ec10fc6a353238bc377a15e5a087df954990e213adb4b9e10ff03338c4bfa36167f8aede2750f44eb677a33809674f395960a9e94aead68592be127a806a4d3cc34a1ff0ee2e532fe5d55d4cf6529549df25e72887cf4f8f0c529f3de6edd093cf8c7d6ef5125e6c3373cd66d7ce13e5f8d831c7df5f1a3fedf84f79af9d23c6ad990ec74c2a98096ee0ddb0eba359136e0e8c2fbfddd4c00adadfc287d643f58ca0796441848255d73303892c8818eeab753d2b3c08ec4c39db076251a566f74caa5c8dd68af6524d495", @ANYRESDEC, @ANYBLOB=',group_id=', @ANYRESDEC, @ANYBLOB=',blksize=0x0000000000001000,max_read=0x0000000000000006,blksize=0x0000000000000800,default_permissions,blksize=0x0000000000000800,max_read=0x0000000000000004,mask=^MAY_EXEC,fsmagic=0x0000000000000003,obj_type=,\x00'], 0x1, 0x0, &(0x7f00000002c0)="1c909d11f9b979741bd323f87c5a5a547a5c24ebfd7b85fbf42149c5f0fa24d185f516d8596946eef17d1e55a305f9fa7a133f7b6fd94f55deef39e52bc068ae8632def97d3684302d2af5064300ea65ce224d368518d84e8c18b6c78d90a7445589a4c37d91217545e13fdfce0d635da6f1a3d187f7c124410297b4dcaaa9e64c36157497cfe7f6df57e94cc6533e56ecc0234f53ac684c95fc95a5e3878c8ad69f07c37132177b4965607b17eb655772be8e5166c4")
openat(r1, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xc) (async)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.015836626s ago: executing program 3 (id=1130):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000140)=@ethtool_cmd={0x0, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x45}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002ac0)=@delchain={0x108, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0xc8, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0xac, 0x6, [@m_nat={0x7c, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @rand_addr, @loopback}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @broadcast}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x2c, 0x1e, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x108}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000001240)={@host})
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f0000000040)={@host})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x229, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000140)={&(0x7f0000001280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24e, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x26f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffed6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], 0x1, 0x400})
r2 = socket(0x11, 0xa, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x47, @ipv4={'\x00', '\xff\xff', @multicast2}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x3}})
r3 = socket(0x10, 0x803, 0x0)
sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x4f}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x140, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000fc38264e4d40587a050fbe4c3d370a9923f24778592bc971ca5a8ecdccd8d4cd3190364cd8f877552eed111931c16d02121707fd9dc71694055685b9c5ca169c8d61d48806f8234ecac7614a6747945fdce481e29a959a19bba0149736229b925acb9191a96378da5fec9feca67da0908af1e5204be6744ea47ddd9db12aed2fe9b656c64488451ad2043ec03ad96050778b8932c10262e4390b492fa3f2e0b40cfd67c186d540e3a804b766633f71337ddc2ea620f302b940c685162ce75cfa904ae9c7faa7c434250e92a4e6390ebe0b469a9c99eb81ff40c91d0a1a996deecc3143a4eedd8a21622d80c21d67c1e1db77bef960627e275b50fc0d96eda04d2682771f06a6f94fc1958a8944d172832ce5c1", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'veth1_to_team\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x1c, 0x2, @TCA_SFB_PARMS={0x28}}}]}, 0x58}}, 0x0)
r8 = socket$kcm(0x21, 0x0, 0xa)
sendmsg$kcm(r8, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x0, 0x2, 0xfffffd9d, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000eb8150f103f36ae593000065000000000023a523b42b496cf500"], 0x18}, 0x20000000)

186.696916ms ago: executing program 4 (id=1131):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtclass={0x48c, 0x28, 0x4, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {0xb, 0xe68cae220a3e3d54}, {0xfff1}}, [@tclass_kind_options=@c_taprio={0xb}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_ingress={0xc}, @tclass_kind_options=@c_htb={{0x8}, {0x408, 0x2, [@TCA_HTB_RTAB={0x404, 0x4, [0x0, 0x80000000, 0x990, 0x8, 0x9, 0x6, 0x5, 0x2, 0x9, 0x3ff, 0xff, 0x0, 0xa1, 0x3, 0x2, 0xd24e, 0x2, 0xc, 0x0, 0x3, 0x2, 0x5, 0xf, 0x0, 0x5, 0xba, 0x8, 0xf3, 0x2, 0x4, 0x458, 0x9, 0x734, 0x1000, 0x9, 0x3, 0x1, 0x1, 0x4, 0x9, 0x8, 0x75e, 0xbf, 0x3, 0x3bcd, 0x9, 0x2fb, 0x3, 0x6, 0x7, 0xffff, 0x10000, 0x8, 0x4, 0xf7, 0x10001, 0xe, 0x4, 0xffff, 0x9, 0x0, 0xfff, 0x0, 0x4, 0xd5f, 0x0, 0x6, 0x0, 0x3, 0x6, 0x2, 0x0, 0xc0000000, 0x5, 0x200, 0x8, 0x1000, 0x0, 0xb3f, 0x7, 0x2, 0x5, 0x1000, 0x2, 0xfffffe01, 0x7fffffff, 0x3, 0x3, 0x1, 0x0, 0x5, 0x8, 0xfffffffe, 0x7, 0x8, 0x8, 0x81, 0x7, 0x8, 0x80000001, 0x5, 0x1, 0x1ff, 0x80000001, 0x2, 0x2, 0x81, 0xff, 0x13e7289a, 0x80000000, 0x0, 0x1, 0x10, 0x2, 0x100, 0x4, 0x0, 0x2, 0x3, 0x846d, 0x7, 0x9, 0x3a, 0xcb5f, 0x7ff, 0x100, 0x5, 0x7, 0x7, 0x6, 0xb4, 0x7fff, 0x3, 0x6, 0x5, 0x67e3, 0x4, 0x8e, 0x1, 0x80, 0x6, 0xbe7f, 0x4, 0x8, 0x9, 0x8, 0x2, 0x7d8, 0x5, 0x0, 0x401, 0x6, 0xd, 0x80000000, 0x9, 0xd5, 0x0, 0x3, 0x101, 0x81, 0xb82, 0xfffff995, 0x401, 0x7, 0x4, 0x9, 0x6, 0x2, 0x4, 0x9, 0x35a5, 0x9, 0x7ff, 0xc2a, 0xe6fd, 0x7, 0x2, 0x9, 0x8, 0x1000, 0x5, 0x7fff, 0x6, 0x7c637be9, 0x1, 0x140000, 0x7, 0x0, 0x3, 0x81, 0x101, 0x1, 0x10001, 0x3, 0x8, 0xe2, 0x0, 0x5, 0xbf, 0x7, 0xb847, 0x44, 0x9, 0x2, 0x0, 0x7, 0xa, 0x4, 0x2, 0x8100, 0x1, 0x6, 0xfffffffa, 0xe0c1, 0x8000, 0x4, 0xbe4, 0x1, 0x9, 0xa48, 0x1, 0x4, 0x5, 0x9, 0x1, 0x7, 0x3, 0x0, 0x9, 0x5, 0x0, 0x2, 0xff, 0x10, 0xd3a, 0x8b, 0xf, 0xfffeffff, 0x3, 0x3b4, 0x10, 0x2, 0x8, 0x8, 0x0, 0x9bb5, 0x10, 0x9, 0xfff, 0x101, 0x81, 0x80000000, 0x8000, 0x3, 0x8, 0x9]}]}}, @tclass_kind_options=@c_sfb={0x8}, @TCA_RATE={0x6}, @tclass_kind_options=@c_tbf={0x8}, @tclass_kind_options=@c_fq_codel={0xd}, @tclass_kind_options=@c_mqprio={0xb}]}, 0x48c}}, 0x1)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

102.001073ms ago: executing program 2 (id=1132):
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000240)=ANY=[], 0x0, 0xc, 0x100b, &(0x7f0000001e40)=""/4107}, 0x90)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000640)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x17, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x0, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x8]}, @generic={0x94, 0xd, "ef731a46d573ccaab38cab"}, @noop, @noop, @generic={0x44, 0xf, "a53688f5220d79bbf6544620c4"}, @lsrr={0x83, 0xb, 0x39, [@private, @empty]}]}}}}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
pipe(&(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team_slave_1\x00'})
write$binfmt_misc(r6, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r5, 0x0, r7, 0x0, 0x8f8, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx\x00'}, 0x58)
r9 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05640, &(0x7f0000000440)={0x1, @pix_mp={0x77, 0x0, 0x47425247}})
r10 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_UPDATE_FT_IES(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x2c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MDID={0x6}, @NL80211_ATTR_MDID={0x6}]}, 0x2c}}, 0x0)
r11 = dup(r3)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000001000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000"], 0xcc}}, 0x0)

0s ago: executing program 4 (id=1133):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x73)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000580)={0x41}, 0xe)
recvmmsg(r1, &(0x7f00000007c0), 0x10, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r5], 0x38}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001dc0)={0x1f0, r6, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME={0x1bb, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {}, @device_b, @broadcast, @from_mac=@device_b, {0xb, 0xff9}, @value=@ver_80211n={0x0, 0x3584, 0x2, 0x0, 0x0, 0x1, 0x1}}, 0x7124, 0x8, {0x0, 0x6, @default_ibss_ssid}, @val={0x1, 0x5, [{0x1b, 0x1}, {0x5}, {0x12, 0x1}, {0x60, 0x1}, {0x60, 0x1}]}, @void, [{0xdd, 0x5e, "a1a51fdd868e7e520a46ef8332828070ee9e40854f2af90f264277531bd68c0fdeacb9b5d28e81b4a9a5bc2118cf6f525a7d9249d888b9f5fd12ffd1629b7d036ae01a433afe0b2846eeaf1f72433062e13b5999e62c59c695272a83ae52"}, {0xdd, 0xd4, "b624305579deaa5f95355c8cac5bbd67b2463fdf91b867f5dc79d6dafe3c5495898ee4f9bdfb66c3296942328c637b37a296e5b9eb2e272486f08af08f231336e7eef29ec09cb620a2cbfd37382ca47a36d45c9bf142253533134437572e00d7ca823d1dca7aed1688068f789ba72457a4515b0f018a8b87b7be6ac519fd04148a8bacbdb81c642087ac6751c9c38b3655f2b05de0541da8cb573d60fbc56d28a496720d4f33dd0211c7128bbe352cc9692480585cb62495ece9a6134b3986e2c7b580a453831024462f3c9cb33f2e9838a6ee60"}, {0xdd, 0x50, "20c7fd3d639727c9f20378e59c74a43e808c5df68bb672c65343ba2838373f1ed0d2d566b90fb1a098056282ed1030b6b419465e32ef11efeed88db1b2221e1f11adbc5b4f4123020c2094bdb2ec0506"}]}}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7eb}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x4f}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x44}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000002000010000000000fedbdf250200000000000000000000000c00144000000000000000110500160073000000"], 0x30}, 0x1, 0x0, 0x0, 0x6000011}, 0x24008884)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r9=>0x0})
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r10, 0x6, 0x19, &(0x7f0000000000)=0x800, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000880)=[{{&(0x7f00000003c0)={0xa, 0x4e23, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffa}, 0x1c, &(0x7f0000001bc0)=[{&(0x7f0000000940)="c5f8b3862b0bb039663dd71fbc37c7fc307a7690fe68cae2628e91a3ca4a20dd5aaf3f64b5bf5844e0a5ec02b4173d27d42682721737693ab90724ada6cd1ce5f8dcf6fdc28705c94102f5283ec53020d234f9792fc84462e51db5cdc57a6af60b6c25492766a78384e293d91a169e16bed18acfd25132bd25f8ccdaae0a33777b42ba2cba4cc7ac293de2e7738ae083d0ea669a50b3d4fdb5dbfa3f29917b1e5829d002c0a8ee49ade70da6abf44fb65ac3f006f33723ca5ee3f98fbb7ec77baf47759042c48f0f492c1539223d44a255d1f13060f161d06db846579f7c80cc6fbb8807fcd92b6ca5eec9027db5df1902cbe02752f3be267dc355c3e04e043e647211ad3fec9f6bbc1a7e3fc020e5e46f8fc63d74c539e416e2b45d3acdb69a4d975e42d0f901dd7efa546a2582265be7d6370a75251ec48fd5813b2b0f7769e5b3d593f4eb851b46c7803b90ffb1bcebbb65b040d6cccfdcc340e75e3c4b211d2264f30f6691ec3d2f5aee9aec5c5bcad476bb90c5af13731612a24f2d2609df0f27e80609f433d94098e3a50d23d39abac8d7eaa1b7e537734547879faa10e1b89013c74fb3e5520a55f2b73341775deb46dc9149900705ad0ff04e75ea8079bef563487d283f58e6fefe286794c5defa5ac2511d0df63426daa186b15a67436f9c797fbbf8d6bb609baba1c427b7df0cec97a595ddfab46f2978e1b814605b3db3103c928a78935f4cea14fe223b3175f71ff150ac4299b8b01dcc85f2bc0fc5dfa1c4fa34f636e703512ea1aed3ad5bba0623518ed8bbdd375f0b2a7023f7b277e13be2af905028c10124d04f961144fce8a6211b599e58fad36be4e777b49e4291bcf10f320db3e3fd1f25397c9b94b3625cd949f37aced32439bbcab60a0a382b7be90990b95f18c7b98d54fb2f61813f1f6f43ae3afdee3fb1c1f21baf91b88b5ff06af9e72d9c830cb7bf7d44da32c0dc0bb2980208d71b6c22294ce482346d4238cc14e999872907ed8ca951048ec7b47a3b4d3725c0ad095bdf10089826150e19c93634160e4e2c67352a52aa09ed2d53b9aeb2b5a0c43d1ce380e0af0fad3f93df8be2c215d46d306f6e234b43a648605de85b8dee0768db79d283a70639e48060f56faff2d35a1028488e00f63f9326cba1af7d3fa3cdae6d1e8f3562b6df4fbe34c785dfb514ea4472eed7dacad4fa082c54a6eca250280eb40823f23bd5458cd7731d98baf451c857067adcb756f6d62614c2111dcad5c08613fad6835b5eb7c7edce39f9a75f16b28c4114ad5099ad98653b9a44d630f73aaf05f4752aa58b8a75ba397e3f637dded61542f9612bc047bd2815fac058d9dd9fa8ce41276df7efc85cf67208c87df3215a3ec533f24c3f2afc3bd7572ef66bb879ec94d0a9ae148ed00966ba2c2f7acad16f11b6c6fe01aa795d95edd67716e2e2bed03ce0380bb808a757f87e94416b278ca1f6d09ae439f1b2644a58b1e92d19af8c24719fb5ce5a8b166ffca157ccde6a5756f177941c49517885b4786bb72b7976fb8bfc86024b29e167f5664c2b7ccd084bbd4972a3f0fdc16d294a9fb0a1e8165c5f729c8ca09001a0726340290043e38c81882690243a6440e70ed81de61ca1b18bed0d0e181340be79a96de1cd01fad5ea3673a4252d442318830e650423508f002afec1273cbe1426c7087fabee9b9746fe2ae2708ea56326da327d19a6ffea715dcdfaa0263420fad47571520b2a1b706172bd9b812f2dd37f88fd5985baae3c82069e43c3f464ab2a26cd3ab80c031457e8127d10ba27ac48df0c825cce0121bfe62f46fd6a4dac53bcf115a39adbef783b139023147921cb78c4a095cfd9c2e5847dc01bba51d60103edbbe064075fbfd7db8f0795724f0ca9eff3f379702028abab2a977de0badeca16c018a7c9b43aae3ca21066fd4b7547fc3a290d9b2b492b35b9c56bf1dd986eebf4483176b947ce297aa8f8dc1a45e7e72f392764ed76f7d683f89475682f9dd81325afc77c2c9c8a4dbbe1ef2c9738a34483e149931ffdf884db422e678b72e63fcef84a982d7ea4aec98de722dacf2c71e7c3e0241e72477a2b82f62c7de1ad5ad0fdf6c09771900bbdf00ae080e77048d66789d3384f41f695298f44850cca1207d6545cd5e84138879a255be6d92bc1b0e3b18e9ecda34bfb4f1da58b1ff54e7bbef9c1687c0e4440bdc2268af364c056ca08d3de419809032cddf615ecd20366c8c226021080b89872e84842b97dda4fb10db5744ea7e4f5c1c2a1c9d77b5f04aa3f6f21d32409c0855357d1c1add490558702c0f3b7e3fa08e5928de16e89db20dd360f821de81e10c3a3c6c5879a816ca3166f1628b49018f57e7211c551879019db81934127fc7d48eed4e6c8528a213bc3032fe7b32e23d65579c3b5704ccf9e9306c3eef645486c79073c14ce562a57bd34b91e34af6a004b6303d06f557444684baf9682df6b6905059ac7c9fb8188e3cda58aa34c7c6ab34d62b47142ab51bf46dd756f3bb8411252ea10ed6297d67e5a970f7ef79cc0ec646585195c482ab0b8813d31f05f75f7d808389b4e662f578f621c347960b7969cfc4670eb723b69459cdd193931ff5c7f124658bd1505452ca05344adfd1e136e0ff335e653c5659d87cbb79f1d6e0a81d55ad72d05cbfe55511921730e32a713c2d7516e6c44003dd384daf7732ab00a51810358b5e3c3bb8d4338a270e6c4a7b48168fe88cc62ed4aa62f4a026701286205b8cbf7b042872dbdd8a4dc3827b9eaa7e1f953d575723fd1f7192c6e4b9c76fdde7ee8fae8bf3b7cb461372604e8f3315c00cce49f8b5d33c72c8c8545324a330997ba61bb6022328e1655d499a2ddaeec79c2feb58058f345853ba802ecf1a738528b3e70bd3e6150b26920cc85382adfe5ad2f03fcfe45d90bdfbf9abc90d76ddd3d6d482200fc68b3e78cf2d8856308994426c7c91f6eda258340387d0c441dd7744573b887937242c875856949254e2e1171da2d6dd9dbded25804ec9ad0a41997e1643241d3c706bcc3f92a7624d59627c7337a64955adf3535bc9b78832e1b76402341d5dd8707d56a3f9ddd54e8cc1adbe5d33c46dbab8bb8287d248ed1190c3e40b0942f9cf00ca430d9a3c109620a66d215ac367e5ef83309e967be3836815695692923cc00febefc2d0bffd9ff5b1f0a6bdc239bc424dbedc9708eb2c8a3e353b6b312c4df210bf757f79cba9ab196e34ea1492e0c5f44a8806a30380eb48602e5680b21685c9022c5a162f407f11f4533ac35a7981ee32809990780093d6b63bc1b33f5440b2b229d8c002ce222a6b8f8b982dcd41dec918d9f4e5e8a2127f46c53c3ba568f378e9b317d86c829338b502df6ce2a84dbc7707a3688e5048fcb713debd0789ebfbd6a72b42dec43479ae66f72c4267cb49b026212723cc57e569696980ebb97ccd1b8e2e86ea056e086c01eef16b80631ea52e43512fdd15f07862780f3d8c99e2737715a7524df71dcc87b4cceb95f172606337aef0f2e08bc232fceaa8c90a047ccc0b82da57b819469ed041b3f2aafc94dae0f578ee21fdb97ae14c50babe982a14bd88d3b9506d09d5ce25cc6472333595cb067b24bf31d100c7aed0b4487fe92274c2a8ce32af941b660254dd7a82d98c280e0dc02d9de80b06096debe22cb1c3af6074deddcf6c1f0e26082c9515d6dd19697e643dd06da2a479832a8b68e6f3b8cc72189d7a84d5f9848f5ff9123804369cf120799f1cab27da8384b5060009b591c3515088bcab717f7b037387c4e41df916a598c6a9ae2d826abb26f8d20666babb7638d47760570be92fbd049ddfcffc0e2e5ca980d539031de2d8c9b33773264236eab8d755f025fc631ce8bc10815730d0644a41d9b42538a7c59419c2a091116d6628220b989ade0c24c3bbf4feed3a3e59fc36a46740cf0aa694da7a296db726ac7f217dd8ac051c3d466a6301cf2997ad5b765cdf8d3696b77fdd61a651372191e09c9478bd8e63e4d7165516082ace2799323648260240cd3d538979c7f3cfc0c45baa34c25bbbaabec3caaecbeab304193aad3b4c2828dc1a8550a8b30487d272ca8245953f8765136f99f739a7ca78bbc10588101a5862156c5e23771c0314ccd9dff5916c71b7459f9071b635aa078c4a7fead5b03db5ad6084e6ec1b3101284231cbfad449843fc2d6fc4f5cddf57f99a39c0c74ec98a6b7b5a83c7e916711ac60422bbb6baf5fd156aff1768b23a1dca61307afd86ef38fd763602b755a02a13905f69cf3f185ca4ae9d45d7942df919b9c84545ac93051da8bd8f2a846b5fe2595d2d132294bc31ddb493acd1724d1998d16389f0eb0cd800a540d10b569e32b19bb23381917e30510975417ad5413997f1176886861a311d7e05fe2e76e380287fc28ad3d6218347ef2b625bd7a4f4cf6957d0a43c4d3715372754b201dff08d307b09a5c01a0505723d7c3c9a3739221264987f74e45e45ca007ea6a1cc73707ecfd94db3ba1946c314739a0fcc7efe9638d5eae79094f00f695137973ab58a5e2f255439c7a79fe655059117edaf6bb5f156fb26b238ba37e57fa487a4593382b5c7e0ed0aafe52a95cf82083bcd44ac5a07071af5986f87352c703e04d5e158e0b236023d7add07a05b44bf3b0decb60b1c3ecc38c20f5a54a864dca4fe8a775a4015f570011c68a074f51c78b2738b3c5b9fbdc8346341d702585ee7ad1cf79895577bad14ee74b24615af74397504262f8cc32ea83962204ba3fdf5fbc345d1d9b5c2466920f122ea9df1e029f5346f6df4217dc41a236195294eee827e8fbb1ba40be27e5307d1a2296967ace8609ae681a397356b18e4579a45647ec4fbf8a3e6f0d935bec876e2f83ac431f6d0a3dbad22ec51b5c6ff1080dfca70ca2452f281d6243a80aebb9a92ca410d694de0bde6fd8ed233d02fd22cbdbf1108bfae67a7312052ac54b38d0a6197fddb35273ce937b2ede656ebc71b50a53b265a74767b6114fdb4d2e1d6a535e602823d5cbb0c0d0b8ce89fbbb16dc9e258cc9afaa3603bf9a886052733005d77debe52c623cb8171cb85e451b6e510e37cd42f41f6509cd232337aa98a3c762948dd97f51f859079234af02c08e740c30499dfd46547e867dd457f39b5799c17aec3088a7e6dbadfee27af1ca655fcd43a8723479102b0525b78aed0330777678754e219ab06b0e4e32494d9dcf8c89c18479b941b78ffd3e83fe05a5f2cdc7efc70dc647e290022f7b3c3c6a459dbbbecb0b95b77b2cfa63340e1285be724d399da22f4f62ecf0e3972a8036d9b71bace3ee457867e01029444714c6b6c64f7e2236d572edc8b90661dacd35a2ed7d5077caa0e75efa350f9b0fac985d6e8cfa4d15e305e5e0bf5040c1d24186edfea7060b262b0f4d4b5aa733da44cc85a784e0ebdf0f5ca1273b4df6c84ccbaa5b7aa607419a611d63056f51ab3d4be21dd27292f364811463542b969a71ac9404b0ba1bd492c21c30a572beb4c70c7224eb0bba4fb123280aa77379a279d911d9aa1261e49a074debcfc57c72411c2ceae47c6c37ee64ecae4b59c50b02992ef24847fec787127b4c5d357d7daef8c6d01121d6dca20dea7a80d4a5f2bfd5c22d7414142b619406f6a43e8d5ae64963a05b12020264f982f93c156a27651a9d5a65229953d9902114d6240434a2cd6031ea32fd8cbd82915366dad29c8e6b1d0e3bbdd1c103d1eb6c04f2e948ecb94f308cbd81f86bc97dbf506bfaf0a4a65a0599ac82351b135824675b3", 0x1000}, {&(0x7f0000000400)="e3afed53bd417049ae83a6e97aa210d10a886c810dbc259827ea651f0893f98e2e52a392e088b003ddc3c317ace0e1cf25645c03819da5b2a92543e9149a404d4faf43ce48fd79553a2c4ff3f7e69db939aa7a1a4ab6475b4e2c28317c5fcd28fb09fb59f3ec421421e5a941e1a97e0a21a54b837607bacf8321fc183046dbec9fbb38011b750cfd01a1d710c383dfc12f50719af1f1d312094684ee8c8415a59a73d09b49ccc023d4205e91f3057b04606a748cd468", 0xb6}, {&(0x7f00000004c0)}, {&(0x7f0000000500)="6f26d57ec9105dfa354241", 0xb}, {&(0x7f0000000680)="f472f7192043f5731b653ec3f344d8fcfe754d0788f5c230cc5398419b3a3e41ad7413f538e7a750dfb9843396388b3e0f35e8e70bf26e393a34bcbd1a7f8144bbb81eb63553289d7e2b3815c7ee4ab118eb5ac60e7c35026a8fef64ea0223b85083cbdcee286603591f3ceffea0a62ebd74117666b8b8f4092d62b2fb03be9f29500639b3af2d3a20a480abae6e2af0d7c3319c336614b2f888d83aab116ec1e0089d002c88cdb3b45ccd0d9353eb513b9f5c957d3d2bfecd75b2ad50cb15b864b682d860a42debc7dabf64a22dc00cf903fc10f4a6e47d002d3fed040692b3bdbc88b421a7c3", 0xe7}, {&(0x7f0000000780)="ba926c3402901db55917163ed20fb23a50524f01f3e59f275c204f676dee94dce7aeb369f910ba4c49d108adb0f68539d309e4d2eb810a48d57905e4179a720e954e5bdbaaa8859649c159cf22ac0100d9ab832e681eff66d85e39b4c7148b63cafa571d91cfa6fcfc68e30c564741ad0303edf004801ec51423adbf4d18bd47abffa209b8e4077f175aa8831b6ecf313fc3ab957c9b357c241cc0cc59128fd251b46431860414dd18bef0965f1a8edee5f0f45df1d1d95165416d3dee80330545fed2d3fcd4e0e99c978f5bdb704594e57e117017ae69e8803e64a3a187024f125860faf059a17950c325b05471ba10d839badc5a10", 0xf6}, {&(0x7f0000001940)="99ca2d515e984be387485232bbe5391c56dc1db0bf8e09e3fca78d19abd2fe5ed72238e41e9329420b22d223f0fed06d370cef23a6f0b051f3acb40ad0217ecf289338fd2291762aa71bed18706f97cdea1f9f58e735bcda56722ffc083a789bc5c5ba3a9639d5688bd58319f32a6e8daddd02c5250fc1a50b3fa20485419d161dacd87f72ad8071f748c6ed02f66ccd9c186fef1a6c5689463ae14a65581b7450414fd3fb275465d5fb37d48bd11d642f0e2f0593464b906c33e57541bd33934d111833dd46c7f3addf3f0e09bc331873bea33f5810226a2f00f68c4d57acc58ac0f55e348f8283e31e", 0xea}, {&(0x7f0000001a40)="237b5fe7f61d98abb565010e5c1e991aaaa8b2037252eb75163abb86a7e4cc32d4308c1dffdedf49e770858f98b71313c4823a49dfaad0641c5c17764f92df554b2e93dc144d37b19346d793d6378b87a681a8cedb3adbea80af14f3216cc104d41d8ec4cf77b5fe4fd1632fadaea1d52cf74cee91e2d56ddef04f478a74c019be9390b20498caecd18928b88dc869b91b868edc144bf15a01f66f587538b3bfd18a6f1eca5ccf04ab818955c93347f84bcce6d3812f0a622902a5e522e489cffca2dcce1f63fbd4fb01ffe8046456d3f1a97c9d", 0xd4}, {&(0x7f0000001b40)="90f61046e78ac5b41c3eba9c77596860758b4acae19de3bf2dcfd156c6330bbcfda0bc220c39b8db94cc6e066e0ddb642d66cf452e799b54d55147971fb34f30277d07", 0x43}, {&(0x7f0000000540)="e223aef8c266a29ad16d7953fb2bb0e399b5a6843a72fa5bed5f134e2d6f5862958cf4fc601acaa4ba1a15f801db28e76641483dcc6cf880b6d43900a69e378d", 0x40}], 0xa, &(0x7f0000001c80)=[@hopopts={{0x78, 0x29, 0x36, {0x51, 0xb, '\x00', [@generic={0x0, 0x32, "58ac81e06a860e494e290c41a26476c2ecf6d5a42092181d6bb2eae8b75d1614954a8bb0b9688989be9bcc38f1e10a52ea1b"}, @calipso={0x7, 0x10, {0x1, 0x2, 0xe, 0x1, [0x40]}}, @hao={0xc9, 0x10, @local}, @pad1]}}}, @dstopts_2292={{0x98, 0x29, 0x4, {0x3b, 0xf, '\x00', [@enc_lim={0x4, 0x1, 0xe}, @generic={0xe, 0x6c, "1d5780427e5759a0a8fb53529b1c858a8e4af6b954d7484fd8da0df5fc4113a88be6b6999c6d6f35232628542a035ded831e33af41be48bde0d68c81cca441664d2626f3b577a64fb8e277730d734d4bb524e1e18c1077baceafb34047a80aeff2a372d99cae309d9b457036"}, @pad1, @jumbo={0xc2, 0x4, 0x7}]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x1d, 0x2, 0x0, 0x5, 0x0, [@dev={0xfe, 0x80, '\x00', 0x27}]}}}], 0x138}}], 0x1, 0x804)
setsockopt$MRT_DEL_VIF(r10, 0x0, 0xcb, &(0x7f00000000c0)={0x0, 0x4, 0x9, 0x27b, @vifc_lcl_ifindex=r9, @multicast1}, 0x10)
recvmsg(r10, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)

kernel console output (not intermixed with test programs):

0288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.665651][   T46] usb 4-1: config 0 descriptor??
[  366.016295][  T941] hub 5-1:0.0: hub_ext_port_status failed (err = -71)
[  366.024703][ T5283] usb 5-1: USB disconnect, device number 32
[  366.102989][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.121099][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.144412][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.177199][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.197058][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.219714][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.243704][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.269503][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.278069][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.303961][   T46] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  366.329527][   T46] microsoft 0003:045E:07DA.0012: No inputs registered, leaving
[  366.369717][   T46] microsoft 0003:045E:07DA.0012: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  366.391234][   T46] microsoft 0003:045E:07DA.0012: no inputs found
[  366.400700][   T46] microsoft 0003:045E:07DA.0012: could not initialize ff, continuing anyway
[  366.427798][   T46] usb 4-1: USB disconnect, device number 43
[  366.567712][T10302] binder: BINDER_SET_CONTEXT_MGR already set
[  366.574499][T10302] binder: 10300:10302 ioctl 4018620d 20000040 returned -16
[  366.778400][T10306] netlink: 'syz.4.909': attribute type 7 has an invalid length.
[  366.799430][   T46] usb 1-1: USB disconnect, device number 26
[  366.805403][T10306] netlink: 'syz.4.909': attribute type 39 has an invalid length.
[  366.837460][   T46] usblp0: removed
[  366.879742][T10307] netlink: 'syz.4.909': attribute type 7 has an invalid length.
[  367.338691][   T46] usb 2-1: USB disconnect, device number 44
[  367.797647][ T5283] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  367.925474][T10342] xt_l2tp: v2 sid > 0xffff: 16777216
[  367.963793][T10342] netlink: 28 bytes leftover after parsing attributes in process `syz.0.920'.
[  368.039240][ T5283] usb 4-1: Using ep0 maxpacket: 16
[  368.070742][ T5283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  368.105281][ T5283] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  368.126199][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.142971][   T46] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  368.143619][ T5283] usb 4-1: Product: syz
[  368.155987][ T5283] usb 4-1: Manufacturer: syz
[  368.176080][ T5283] usb 4-1: SerialNumber: syz
[  368.197869][ T5283] usb 4-1: config 0 descriptor??
[  368.210000][ T5283] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  368.221238][ T5283] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  368.359170][   T46] usb 2-1: Using ep0 maxpacket: 16
[  368.370903][   T46] usb 2-1: config 229 has an invalid descriptor of length 129, skipping remainder of the config
[  368.390703][   T46] usb 2-1: config 229 has 0 interfaces, different from the descriptor's value: 1
[  368.415573][   T46] usb 2-1: New USB device found, idVendor=05ac, idProduct=0217, bcdDevice=2d.9c
[  368.429734][  T941] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  368.432124][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.446395][   T46] usb 2-1: Product: syz
[  368.459284][T10329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.478613][   T46] usb 2-1: Manufacturer: syz
[  368.496580][   T46] usb 2-1: SerialNumber: syz
[  368.511146][T10329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.597730][   T29] kauditd_printk_skb: 88 callbacks suppressed
[  368.597744][   T29] audit: type=1326 audit(1724979408.778:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa507379ef9 code=0x7ffc0000
[  368.645222][   T29] audit: type=1326 audit(1724979408.818:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa507379ef9 code=0x7ffc0000
[  368.659201][  T941] usb 5-1: Using ep0 maxpacket: 32
[  368.684998][   T29] audit: type=1326 audit(1724979408.818:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa507378890 code=0x7ffc0000
[  368.685048][   T29] audit: type=1326 audit(1724979408.818:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  368.685112][   T29] audit: type=1326 audit(1724979408.818:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  368.685157][   T29] audit: type=1326 audit(1724979408.828:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  368.685197][   T29] audit: type=1326 audit(1724979408.828:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  368.788102][  T941] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  368.801432][    C1] vkms_vblank_simulate: vblank timer overrun
[  368.930062][   T29] audit: type=1326 audit(1724979409.118:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  368.954559][    C1] vkms_vblank_simulate: vblank timer overrun
[  368.961445][  T941] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  368.992100][   T29] audit: type=1326 audit(1724979409.178:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  369.057209][  T941] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  369.057261][  T941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.057274][  T941] usb 5-1: Product: syz
[  369.057283][  T941] usb 5-1: Manufacturer: syz
[  369.057291][  T941] usb 5-1: SerialNumber: syz
[  369.059200][ T5280] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  369.145295][   T29] audit: type=1326 audit(1724979409.328:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10345 comm="syz.2.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa507379afb code=0x7ffc0000
[  369.167537][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.322702][ T5280] usb 3-1: Using ep0 maxpacket: 16
[  369.335333][ T5280] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  369.354332][  T941] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 33 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  369.399278][ T5280] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  369.456338][ T5283] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  369.482874][ T5280] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  369.509934][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.546416][ T5280] usb 3-1: config 0 descriptor??
[  370.031862][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.075423][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.129448][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.151080][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.214774][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.265691][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.306989][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.356889][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.381526][T10351] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.923'.
[  370.392137][T10351] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  370.399460][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.415786][ T5280] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  370.476039][ T5280] microsoft 0003:045E:07DA.0013: No inputs registered, leaving
[  370.500162][ T5280] microsoft 0003:045E:07DA.0013: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  370.515965][ T5280] microsoft 0003:045E:07DA.0013: no inputs found
[  370.527643][ T5280] microsoft 0003:045E:07DA.0013: could not initialize ff, continuing anyway
[  370.544098][ T5283] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  370.618764][ T5283] em28xx 4-1:0.0: board has no eeprom
[  370.636333][ T5280] usb 3-1: USB disconnect, device number 24
[  370.769218][ T5283] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  370.780794][   T46] usb 2-1: USB disconnect, device number 45
[  370.835344][ T5283] em28xx 4-1:0.0: dvb set to bulk mode.
[  370.903545][ T5241] em28xx 4-1:0.0: Binding DVB extension
[  370.940643][ T5283] usb 4-1: USB disconnect, device number 44
[  370.982502][ T5283] em28xx 4-1:0.0: Disconnecting em28xx
[  371.149046][ T5241] em28xx 4-1:0.0: Registering input extension
[  371.174779][ T5283] em28xx 4-1:0.0: Closing input extension
[  371.214588][ T5283] em28xx 4-1:0.0: Freeing device
[  371.365158][T10374] FAULT_INJECTION: forcing a failure.
[  371.365158][T10374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.406995][T10374] CPU: 0 UID: 0 PID: 10374 Comm: syz.1.928 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  371.417708][T10374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  371.427760][T10374] Call Trace:
[  371.431049][T10374]  <TASK>
[  371.434143][T10374]  dump_stack_lvl+0x241/0x360
[  371.438842][T10374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.444035][T10374]  ? __pfx__printk+0x10/0x10
[  371.448610][T10374]  ? __pfx_lock_release+0x10/0x10
[  371.449672][ T5323] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  371.453622][T10374]  should_fail_ex+0x3b0/0x4e0
[  371.465850][T10374]  _copy_from_user+0x2f/0xe0
[  371.470454][T10374]  do_fb_ioctl+0x2cb/0x7b0
[  371.474860][T10374]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  371.480828][T10374]  ? __pfx_do_fb_ioctl+0x10/0x10
[  371.485771][T10374]  ? __fget_files+0x29/0x470
[  371.490375][T10374]  ? bpf_lsm_file_ioctl+0x9/0x10
[  371.495298][T10374]  ? security_file_ioctl+0x87/0xb0
[  371.500396][T10374]  ? __pfx_fb_ioctl+0x10/0x10
[  371.505063][T10374]  __se_sys_ioctl+0xfc/0x170
[  371.509639][T10374]  do_syscall_64+0xf3/0x230
[  371.514127][T10374]  ? clear_bhb_loop+0x35/0x90
[  371.518814][T10374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.524690][T10374] RIP: 0033:0x7fd876779ef9
[  371.529096][T10374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.548799][T10374] RSP: 002b:00007fd8774ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  371.557206][T10374] RAX: ffffffffffffffda RBX: 00007fd876915f80 RCX: 00007fd876779ef9
[  371.565167][T10374] RDX: 0000000020000100 RSI: 0000000000004601 RDI: 0000000000000004
[  371.573127][T10374] RBP: 00007fd8774ce090 R08: 0000000000000000 R09: 0000000000000000
[  371.581105][T10374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.589071][T10374] R13: 0000000000000000 R14: 00007fd876915f80 R15: 00007fd876a3fa28
[  371.597068][T10374]  </TASK>
[  371.654222][ T5280] usb 5-1: USB disconnect, device number 33
[  371.668696][ T5280] usblp0: removed
[  371.779165][ T5323] usb 3-1: Using ep0 maxpacket: 32
[  371.794089][ T5323] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  371.807450][ T5323] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  371.818228][ T5323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.828353][ T5323] usb 3-1: Product: syz
[  371.864290][ T5323] usb 3-1: Manufacturer: syz
[  371.872159][ T5323] usb 3-1: SerialNumber: syz
[  371.895853][ T5323] usb 3-1: config 0 descriptor??
[  371.924764][ T5323] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  372.034451][   T58] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  372.126402][ T5323] usb 3-1: USB disconnect, device number 25
[  372.200739][   T12] usb 3-1: Failed to submit usb control message: -71
[  372.225992][   T12] usb 3-1: unable to send the bmi data to the device: -71
[  372.240753][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.253979][   T12] usb 3-1: unable to get target info from device
[  372.266168][   T12] usb 3-1: could not get target info (-71)
[  372.289914][   T12] usb 3-1: could not probe fw (-71)
[  372.295217][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  372.314433][   T58] usb 2-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00
[  372.346577][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.354786][ T5230] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  372.406245][   T58] usb 2-1: config 0 descriptor??
[  372.565270][ T5230] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  372.578159][ T5230] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  372.603912][ T5230] usb 1-1: New USB device found, idVendor=0c70, idProduct=f00e, bcdDevice= 0.00
[  372.631398][ T5230] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.654703][ T5230] usb 1-1: config 0 descriptor??
[  372.676958][ T5230] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  372.875297][   T58] usbhid 2-1:0.0: can't add hid device: -71
[  372.910132][   T58] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  372.931813][   T58] usb 2-1: USB disconnect, device number 46
[  372.948886][T10400] SET target dimension over the limit!
[  373.003151][ T5324] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  373.021173][T10401] raw_sendmsg: syz.2.935 forgot to set AF_INET. Fix it!
[  373.239272][ T5324] usb 5-1: Using ep0 maxpacket: 8
[  373.254249][ T5324] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13
[  373.284624][ T5324] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  373.302067][ T5324] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.320404][T10388] netlink: 144 bytes leftover after parsing attributes in process `syz.0.931'.
[  373.330654][ T5324] usb 5-1: Product: syz
[  373.336305][ T5324] usb 5-1: Manufacturer: syz
[  373.341515][ T5324] usb 5-1: SerialNumber: syz
[  373.358264][ T5324] usb 5-1: config 0 descriptor??
[  373.367485][T10408] Cannot find add_set index 0 as target
[  373.375349][T10388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  373.387176][ T5324] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  373.404195][T10388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  373.548704][ T5240] Bluetooth: hci0: unexpected event 0x05 length: 23 > 4
[  374.027629][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.155896][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.328234][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.488217][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.630296][   T58] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  374.719936][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  374.730120][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  374.740847][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  374.758015][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  374.766892][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  374.776351][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  374.849852][   T58] usb 3-1: Using ep0 maxpacket: 32
[  374.862156][   T58] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  374.874249][   T58] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  374.906233][ T5323] usb 1-1: USB disconnect, device number 27
[  374.919662][   T58] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  374.932303][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.945514][ T5230] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  374.967053][   T58] usb 3-1: Product: syz
[  374.972337][   T12] bridge_slave_1: left allmulticast mode
[  374.973100][   T58] usb 3-1: Manufacturer: syz
[  374.987015][   T58] usb 3-1: SerialNumber: syz
[  374.994322][   T12] bridge_slave_1: left promiscuous mode
[  375.006423][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.043301][   T12] bridge_slave_0: left allmulticast mode
[  375.056065][   T12] bridge_slave_0: left promiscuous mode
[  375.063813][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.159680][ T5230] usb 2-1: Using ep0 maxpacket: 16
[  375.161630][ T5230] usb 2-1: config 0 has no interfaces?
[  375.163143][ T5230] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  375.163172][ T5230] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  375.163236][ T5230] usb 2-1: SerialNumber: syz
[  375.172817][ T5230] usb 2-1: config 0 descriptor??
[  375.237742][   T58] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 26 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  375.415675][ T5324] gspca_zc3xx: reg_r err -32
[  375.847097][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.863138][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  375.882381][   T12] bond0 (unregistering): Released all slaves
[  375.912912][T10422] vlan2: entered promiscuous mode
[  375.919555][T10422] batadv0: entered promiscuous mode
[  375.979833][T10422] team0: Port device vlan2 added
[  376.057748][ T5323] usb 2-1: USB disconnect, device number 47
[  376.063790][ T5324] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  376.094520][ T5324] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -32
[  376.133626][   T12] tipc: Disabling bearer <eth:macvlan1>
[  376.152786][   T12] tipc: Left network mode
[  376.463037][ T5323] usb 5-1: USB disconnect, device number 34
[  376.869550][ T5240] Bluetooth: hci1: command tx timeout
[  376.930758][   T12] hsr_slave_0: left promiscuous mode
[  376.936677][   T12] hsr_slave_1: left promiscuous mode
[  376.985389][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  377.000337][ T5323] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  377.014943][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.037497][T10460] netlink: 8 bytes leftover after parsing attributes in process `syz.0.951'.
[  377.050410][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  377.066874][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.140664][   T12] veth1_macvtap: left promiscuous mode
[  377.149240][ T5283] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  377.157631][   T12] veth0_macvtap: left promiscuous mode
[  377.178942][   T12] veth1_vlan: left promiscuous mode
[  377.205881][   T12] veth0_vlan: left promiscuous mode
[  377.234745][ T5323] usb 5-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=68.24
[  377.272221][ T5323] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.336151][ T5323] usb 5-1: Product: syz
[  377.353896][ T5323] usb 5-1: Manufacturer: syz
[  377.355708][ T5283] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  377.378724][   T58] usb 3-1: USB disconnect, device number 26
[  377.383333][ T5283] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  377.406765][ T5283] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  377.436421][ T5283] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  377.470192][ T5323] usb 5-1: SerialNumber: syz
[  377.470298][ T5283] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  377.521672][   T58] usblp0: removed
[  377.530069][ T5323] usb 5-1: config 0 descriptor??
[  377.547652][ T5283] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.568887][ T5323] ipw 5-1:0.0: IPWireless converter converter detected
[  377.618354][ T5283] usb 2-1: config 0 descriptor??
[  377.824560][T10448] validate_nla: 1 callbacks suppressed
[  377.824584][T10448] netlink: 'syz.4.949': attribute type 1 has an invalid length.
[  377.837877][T10448] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.949'.
[  378.872327][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  378.885622][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  378.893588][   T12] team0 (unregistering): Port device team_slave_1 removed
[  378.965753][ T5240] Bluetooth: hci1: command tx timeout
[  379.033327][   T12] team0 (unregistering): Port device team_slave_0 removed
[  379.146656][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  379.385331][T10475] input: syz0 as /devices/virtual/input/input43
[  380.119690][T10456] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  380.216424][T10424] chnl_net:caif_netlink_parms(): no params data found
[  380.229876][   T58] usb 5-1: USB disconnect, device number 35
[  380.243366][   T58] ipw 5-1:0.0: device disconnected
[  380.455289][T10482] netlink: 'syz.4.955': attribute type 10 has an invalid length.
[  380.495401][ T5283] usbhid 2-1:0.0: can't add hid device: -71
[  380.509456][ T5283] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  380.529030][T10482] bond0: (slave netdevsim0): Releasing backup interface
[  380.548538][ T5323] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  380.554919][ T5283] usb 2-1: USB disconnect, device number 48
[  380.613206][T10482] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  380.630143][T10482] team0: Failed to send options change via netlink (err -105)
[  380.656849][T10482] team0: Port device netdevsim0 added
[  380.745799][T10484] netlink: 'syz.4.955': attribute type 10 has an invalid length.
[  380.760052][ T5323] usb 1-1: Using ep0 maxpacket: 32
[  380.771502][T10484] team0: Failed to send options change via netlink (err -105)
[  380.812537][ T5323] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  380.839185][ T5323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  380.842994][T10484] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  380.851862][ T5323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  380.873096][ T5323] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  380.882780][ T5323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.921987][ T5323] usb 1-1: config 0 descriptor??
[  380.923450][T10484] team0: Port device netdevsim0 removed
[  380.940453][T10480] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  380.954370][ T5323] hub 1-1:0.0: USB hub found
[  380.983685][T10484] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  381.039521][ T5240] Bluetooth: hci1: command tx timeout
[  381.170782][ T5323] hub 1-1:0.0: 2 ports detected
[  381.215311][T10499] i2c i2c-0: Invalid block write size 65
[  381.262615][T10424] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.287942][T10424] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.314926][T10424] bridge_slave_0: entered allmulticast mode
[  381.345408][T10424] bridge_slave_0: entered promiscuous mode
[  381.395783][T10424] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.477629][T10424] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.501829][T10424] bridge_slave_1: entered allmulticast mode
[  381.520204][T10424] bridge_slave_1: entered promiscuous mode
[  381.681935][T10424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  381.722966][T10424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  381.826111][T10515] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  381.856843][T10424] team0: Port device team_slave_0 added
[  381.866444][T10424] team0: Port device team_slave_1 added
[  381.926126][T10424] batman_adv: batadv0: Adding interface: batadv_slave_0
[  381.936314][T10424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  381.972507][T10424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.014655][T10424] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.028245][T10424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.054504][   T58] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  382.067238][T10424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  382.082909][T10520] netlink: 8 bytes leftover after parsing attributes in process `syz.4.962'.
[  382.096314][   T46] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  382.247435][T10424] hsr_slave_0: entered promiscuous mode
[  382.282033][   T58] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26
[  382.309116][   T46] usb 3-1: Using ep0 maxpacket: 32
[  382.327708][   T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  382.348607][   T58] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  382.362859][T10424] hsr_slave_1: entered promiscuous mode
[  382.380992][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  382.389186][   T46] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  382.402841][   T58] usb 2-1: SerialNumber: syz
[  382.421877][   T46] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  382.433920][T10424] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  382.484422][T10424] Cannot create hsr debugfs directory
[  382.490111][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.498220][   T46] usb 3-1: Product: syz
[  382.556552][   T46] usb 3-1: Manufacturer: syz
[  382.563528][   T46] usb 3-1: SerialNumber: syz
[  382.711278][ T5324] usb 1-1: reset high-speed USB device number 28 using dummy_hcd
[  382.792265][   T46] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 27 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  382.899437][ T5324] usb 1-1: device descriptor read/64, error -32
[  383.109258][ T5240] Bluetooth: hci1: command tx timeout
[  383.136827][   T58] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[  383.422556][T10544] netlink: 'syz.1.959': attribute type 10 has an invalid length.
[  383.479014][T10544] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.487999][T10544] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.571115][T10544] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.578544][T10544] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.587119][T10544] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.594280][T10544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.641736][T10544] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  383.658408][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  383.658422][   T29] audit: type=1326 audit(1724979423.838:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10545 comm="syz.4.963" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d9379ef9 code=0x0
[  383.832669][T10549] netlink: 'syz.0.964': attribute type 7 has an invalid length.
[  383.851649][T10549] netlink: 'syz.0.964': attribute type 39 has an invalid length.
[  383.864345][ T5324] hub 1-1:0.0: set hub depth failed
[  383.869970][ T5230] usb 1-1: USB disconnect, device number 28
[  384.394339][T10424] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  384.438295][T10424] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  384.498172][T10424] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  384.598125][T10424] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  384.931115][   T46] usb 2-1: USB disconnect, device number 49
[  385.049693][ T5324] usb 3-1: USB disconnect, device number 27
[  385.066279][   T46] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[  385.116168][ T5324] usblp0: removed
[  385.230100][T10424] 8021q: adding VLAN 0 to HW filter on device bond0
[  385.389513][T10424] 8021q: adding VLAN 0 to HW filter on device team0
[  385.478298][ T2540] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.485447][ T2540] bridge0: port 1(bridge_slave_0) entered forwarding state
[  385.509809][T10580] netlink: 'syz.4.969': attribute type 4 has an invalid length.
[  385.640842][ T2540] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.648021][ T2540] bridge0: port 2(bridge_slave_1) entered forwarding state
[  385.716811][T10580] netlink: 'syz.4.969': attribute type 4 has an invalid length.
[  385.856970][T10424] 8021q: adding VLAN 0 to HW filter on device batadv0
[  386.109259][T10559] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.965'.
[  386.122444][T10424] veth0_vlan: entered promiscuous mode
[  386.131858][T10559] openvswitch: netlink: ct_state flags 00000300 unsupported
[  386.164653][T10424] veth1_vlan: entered promiscuous mode
[  386.277509][T10424] veth0_macvtap: entered promiscuous mode
[  386.320740][T10424] veth1_macvtap: entered promiscuous mode
[  386.381487][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.492368][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.521078][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.541724][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  386.552201][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.562553][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.578322][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.590519][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.601808][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.612328][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.623399][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.726748][T10424] batman_adv: batadv0: Interface activated: batadv_slave_0
[  386.748450][T10603] netlink: 40 bytes leftover after parsing attributes in process `syz.2.971'.
[  386.767880][T10604] input: syz0 as /devices/virtual/input/input44
[  386.821613][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.876343][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.911881][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.986755][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.017170][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.042831][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.069305][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.094392][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.144752][T10424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.177622][T10424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.222249][T10424] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.288246][T10424] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.333108][T10424] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.393510][T10424] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.412230][T10424] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.466683][T10616] netlink: 'syz.0.974': attribute type 7 has an invalid length.
[  387.481137][T10616] netlink: 'syz.0.974': attribute type 39 has an invalid length.
[  387.582706][T10622] netlink: 'syz.4.976': attribute type 7 has an invalid length.
[  387.604074][T10622] netlink: 'syz.4.976': attribute type 39 has an invalid length.
[  387.759571][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.807387][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.864103][T10622] netlink: 'syz.4.976': attribute type 7 has an invalid length.
[  387.946555][ T1085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.985806][ T1085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.199990][   T58] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  388.361054][T10643] netlink: 28 bytes leftover after parsing attributes in process `syz.4.979'.
[  388.405697][   T58] usb 3-1: Using ep0 maxpacket: 32
[  388.429486][   T58] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  388.485873][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  388.523996][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  388.565367][   T58] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  388.607171][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.618337][T10654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.982'.
[  388.675595][   T58] usb 3-1: config 0 descriptor??
[  388.691892][T10633] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  388.702134][   T58] hub 3-1:0.0: USB hub found
[  388.729228][   T29] audit: type=1326 audit(1724979428.908:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a7d79ef9 code=0x7ffc0000
[  388.823440][   T29] audit: type=1326 audit(1724979428.908:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a7d79ef9 code=0x7ffc0000
[  388.873728][    T8] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  388.896628][   T29] audit: type=1326 audit(1724979428.938:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f20a7d78890 code=0x7ffc0000
[  388.925404][   T29] audit: type=1326 audit(1724979428.938:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  388.926185][   T58] hub 3-1:0.0: 2 ports detected
[  388.948487][   T29] audit: type=1326 audit(1724979428.938:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  389.002624][   T29] audit: type=1326 audit(1724979428.938:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  389.026444][   T29] audit: type=1326 audit(1724979428.938:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  389.029338][   T46] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  389.057105][   T29] audit: type=1326 audit(1724979429.058:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  389.086483][    T8] usb 1-1: Using ep0 maxpacket: 8
[  389.113413][    T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  389.129200][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.144886][    T8] usb 1-1: Product: syz
[  389.152832][    T8] usb 1-1: Manufacturer: syz
[  389.158164][    T8] usb 1-1: SerialNumber: syz
[  389.163245][ T5241] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  389.169850][   T29] audit: type=1326 audit(1724979429.138:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  389.196573][   T29] audit: type=1326 audit(1724979429.248:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.3.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20a7d79afb code=0x7ffc0000
[  389.257831][    T8] usb 1-1: config 0 descriptor??
[  389.270144][   T46] usb 4-1: Using ep0 maxpacket: 16
[  389.284454][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.313270][   T46] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  389.330473][   T46] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  389.348461][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.359219][ T5241] usb 2-1: Using ep0 maxpacket: 16
[  389.370115][   T46] usb 4-1: config 0 descriptor??
[  389.392887][ T5241] usb 2-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice= 6.8a
[  389.403793][ T5241] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.418347][ T5241] usb 2-1: Product: syz
[  389.423397][ T5241] usb 2-1: Manufacturer: syz
[  389.428053][ T5241] usb 2-1: SerialNumber: syz
[  389.478489][ T5241] usb 2-1: config 0 descriptor??
[  389.503969][    T8] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  389.521326][ T5241] mcba_usb 2-1:0.0: Can't find endpoints
[  389.606123][T10678] validate_nla: 1 callbacks suppressed
[  389.606144][T10678] netlink: 'syz.4.986': attribute type 7 has an invalid length.
[  389.627495][T10678] netlink: 'syz.4.986': attribute type 39 has an invalid length.
[  389.727014][ T5241] usb 2-1: USB disconnect, device number 50
[  389.800678][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.818045][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.826402][T10685] openvswitch: netlink: Message has 8 unknown bytes.
[  389.834659][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.847236][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.857342][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.873146][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.881234][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.888505][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.906401][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.922922][   T46] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  389.938252][   T46] microsoft 0003:045E:07DA.0014: No inputs registered, leaving
[  389.969985][   T46] microsoft 0003:045E:07DA.0014: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  390.010229][   T46] microsoft 0003:045E:07DA.0014: no inputs found
[  390.022929][   T46] microsoft 0003:045E:07DA.0014: could not initialize ff, continuing anyway
[  390.054112][   T46] usb 4-1: USB disconnect, device number 45
[  390.398134][T10707] netlink: 'syz.4.990': attribute type 7 has an invalid length.
[  390.407099][T10707] netlink: 'syz.4.990': attribute type 39 has an invalid length.
[  390.513762][T10709] bridge4: port 1(gretap1) entered blocking state
[  390.569320][T10709] bridge4: port 1(gretap1) entered disabled state
[  390.593251][T10709] gretap1: entered allmulticast mode
[  390.620353][T10709] gretap1: entered promiscuous mode
[  390.736216][T10716] IPv6: addrconf: prefix option has invalid lifetime
[  390.995234][T10655] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.981'.
[  391.000518][ T5284] hub 3-1:0.0: hub_ext_port_status failed (err = -71)
[  391.011501][ T5323] usb 3-1: USB disconnect, device number 28
[  391.038116][T10655] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  391.326596][T10655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  391.349766][T10655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.567882][T10735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.995'.
[  391.612070][    T8] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  391.670224][    T8] usb 1-1: USB disconnect, device number 29
[  391.933593][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  392.037558][T10751] netlink: 'syz.3.997': attribute type 7 has an invalid length.
[  392.081108][T10751] netlink: 'syz.3.997': attribute type 39 has an invalid length.
[  392.170470][ T5323] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  392.187253][T10754] input: syz0 as /devices/virtual/input/input47
[  392.389826][ T5323] usb 3-1: Using ep0 maxpacket: 32
[  392.412498][ T5323] usb 3-1: config index 0 descriptor too short (expected 26, got 21)
[  392.450398][ T5323] usb 3-1: config 0 has an invalid descriptor of length 203, skipping remainder of the config
[  392.557328][ T5323] usb 3-1: New USB device found, idVendor=04e2, idProduct=1403, bcdDevice=1c.b2
[  392.583201][T10765] FAULT_INJECTION: forcing a failure.
[  392.583201][T10765] name failslab, interval 1, probability 0, space 0, times 0
[  392.585905][ T5323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.615263][ T5323] usb 3-1: Product: syz
[  392.622122][T10765] CPU: 1 UID: 0 PID: 10765 Comm: syz.3.998 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  392.632827][T10765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  392.642887][T10765] Call Trace:
[  392.646153][T10765]  <TASK>
[  392.649073][T10765]  dump_stack_lvl+0x241/0x360
[  392.653762][T10765]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.658944][T10765]  ? __pfx__printk+0x10/0x10
[  392.663524][T10765]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  392.669068][T10765]  ? __pfx___might_resched+0x10/0x10
[  392.674362][T10765]  should_fail_ex+0x3b0/0x4e0
[  392.679055][T10765]  ? fuse_get_req+0x3e7/0xad0
[  392.683818][T10765]  should_failslab+0xac/0x100
[  392.688482][T10765]  ? fuse_get_req+0x3e7/0xad0
[  392.693146][T10765]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  392.698507][T10765]  fuse_get_req+0x3e7/0xad0
[  392.703087][T10765]  ? __pfx_fuse_get_req+0x10/0x10
[  392.708100][T10765]  fuse_simple_request+0x140/0x1b90
[  392.713290][T10765]  ? process_measurement+0x793/0x1fb0
[  392.718647][T10765]  ? __pfx_fuse_simple_request+0x10/0x10
[  392.724271][T10765]  ? __pfx_validate_chain+0x10/0x10
[  392.729452][T10765]  ? up_write+0x1a9/0x590
[  392.733772][T10765]  ? __pfx_validate_chain+0x10/0x10
[  392.738948][T10765]  ? ima_get_action+0x75/0xb0
[  392.743628][T10765]  fuse_do_getattr+0x39a/0x7f0
[  392.748390][T10765]  ? __pfx_fuse_do_getattr+0x10/0x10
[  392.753697][T10765]  ? __pfx_validate_chain+0x10/0x10
[  392.758973][T10765]  ? __lock_acquire+0x137a/0x2040
[  392.764009][T10765]  fuse_update_get_attr+0xa01/0x1870
[  392.769307][T10765]  ? mark_lock+0x9a/0x350
[  392.773650][T10765]  ? __pfx_fuse_update_get_attr+0x10/0x10
[  392.779376][T10765]  ? __pfx_lock_acquire+0x10/0x10
[  392.784399][T10765]  ? aa_file_perm+0x137/0xf60
[  392.789068][T10765]  ? register_lock_class+0x102/0x980
[  392.794362][T10765]  ? __pfx_lock_release+0x10/0x10
[  392.799418][T10765]  ? aa_file_perm+0x137/0xf60
[  392.804131][T10765]  ? aa_file_perm+0x3ef/0xf60
[  392.808808][T10765]  ? __lock_acquire+0x137a/0x2040
[  392.813828][T10765]  ? __pfx_aa_file_perm+0x10/0x10
[  392.818845][T10765]  fuse_file_read_iter+0x3df/0x600
[  392.823945][T10765]  ? __pfx_fuse_file_read_iter+0x10/0x10
[  392.829572][T10765]  ? __mutex_trylock_common+0x183/0x2e0
[  392.835124][T10765]  ? end_current_label_crit_section+0x151/0x180
[  392.841362][T10765]  vfs_read+0x9bd/0xbc0
[  392.845511][T10765]  ? __pfx_lock_release+0x10/0x10
[  392.850528][T10765]  ? __pfx_vfs_read+0x10/0x10
[  392.855225][T10765]  ksys_read+0x1a0/0x2c0
[  392.859459][T10765]  ? __pfx_ksys_read+0x10/0x10
[  392.864202][T10765]  ? do_syscall_64+0x100/0x230
[  392.868950][T10765]  ? do_syscall_64+0xb6/0x230
[  392.873617][T10765]  do_syscall_64+0xf3/0x230
[  392.878106][T10765]  ? clear_bhb_loop+0x35/0x90
[  392.882775][T10765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.888656][T10765] RIP: 0033:0x7f20a7d79ef9
[  392.893058][T10765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.912674][T10765] RSP: 002b:00007f20a8b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  392.921079][T10765] RAX: ffffffffffffffda RBX: 00007f20a7f16058 RCX: 00007f20a7d79ef9
[  392.929043][T10765] RDX: 000000007ffff000 RSI: 0000000020012400 RDI: 0000000000000005
[  392.937012][T10765] RBP: 00007f20a8b86090 R08: 0000000000000000 R09: 0000000000000000
[  392.944967][T10765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.952941][T10765] R13: 0000000000000000 R14: 00007f20a7f16058 R15: 00007f20a803fa28
[  392.960929][T10765]  </TASK>
[  392.970945][ T5323] usb 3-1: Manufacturer: syz
[  392.978002][ T5323] usb 3-1: SerialNumber: syz
[  393.010967][ T5323] usb 3-1: config 0 descriptor??
[  393.234283][ T5230] usb 3-1: USB disconnect, device number 29
[  393.465240][T10783] syz_tun: refused to change device tx_queue_len
[  393.762912][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.903429][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.033366][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.294861][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.560467][T10799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1009'.
[  394.709153][T10801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1011'.
[  394.793119][   T12] bridge_slave_1: left allmulticast mode
[  394.798816][   T12] bridge_slave_1: left promiscuous mode
[  394.868690][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.946043][   T12] bridge_slave_0: left allmulticast mode
[  394.978630][   T12] bridge_slave_0: left promiscuous mode
[  394.994153][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.007758][T10817] input: syz0 as /devices/virtual/input/input48
[  395.029460][T10817] input: failed to attach handler leds to device input48, error: -6
[  395.121241][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  395.132283][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  395.149504][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  395.159609][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  395.185267][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  395.195309][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  395.238194][T10822] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1014'.
[  395.287210][T10822] openvswitch: netlink: VXLAN extension message has 3 unknown bytes.
[  395.811610][ T5230] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  395.848628][T10835] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  396.026611][T10836] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  396.041230][ T5230] usb 2-1: Using ep0 maxpacket: 32
[  396.072111][ T5230] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  396.083739][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  396.092461][ T5230] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  396.105572][ T5230] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  396.117195][ T5230] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.128822][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  396.139675][ T5230] usb 2-1: Product: syz
[  396.144531][ T5230] usb 2-1: Manufacturer: syz
[  396.154450][   T12] bond0 (unregistering): Released all slaves
[  396.164492][ T5230] usb 2-1: SerialNumber: syz
[  396.186767][T10817] netlink: 'syz.0.1013': attribute type 10 has an invalid length.
[  396.216277][T10817] team0: Cannot enslave team device to itself
[  396.296569][T10831] netlink: 'syz.2.1017': attribute type 10 has an invalid length.
[  396.372204][T10831] team0: Failed to send options change via netlink (err -105)
[  396.386554][ T5230] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 51 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  396.409824][T10831] team0: Port device netdevsim0 added
[  396.431479][T10834] netlink: 'syz.2.1017': attribute type 10 has an invalid length.
[  396.498434][T10834] team0: Failed to send options change via netlink (err -105)
[  396.525788][T10834] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  396.565460][T10834] team0: Port device netdevsim0 removed
[  396.593243][T10834] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  397.269529][   T54] Bluetooth: hci1: command tx timeout
[  397.286616][   T12] hsr_slave_0: left promiscuous mode
[  397.324054][   T12] hsr_slave_1: left promiscuous mode
[  397.381460][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  397.449019][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  397.483385][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  397.506261][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  397.648557][   T12] veth1_macvtap: left promiscuous mode
[  397.654681][   T12] veth0_macvtap: left promiscuous mode
[  397.671863][   T12] veth1_vlan: left promiscuous mode
[  397.677677][   T12] veth0_vlan: left promiscuous mode
[  397.989127][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  398.457546][ T5323] usb 2-1: USB disconnect, device number 51
[  398.492193][ T5323] usblp0: removed
[  398.739248][   T29] kauditd_printk_skb: 37 callbacks suppressed
[  398.739264][   T29] audit: type=1326 audit(1724979438.928:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadf0f79ef9 code=0x7ffc0000
[  398.796683][   T29] audit: type=1326 audit(1724979438.958:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadf0f78890 code=0x7ffc0000
[  398.828135][   T29] audit: type=1326 audit(1724979438.958:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  398.866410][   T29] audit: type=1326 audit(1724979438.958:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  398.896334][   T29] audit: type=1326 audit(1724979438.968:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  398.940662][   T29] audit: type=1326 audit(1724979438.968:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  398.970663][   T29] audit: type=1326 audit(1724979439.108:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  399.012245][ T5323] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  399.020862][   T29] audit: type=1326 audit(1724979439.188:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  399.071231][   T46] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  399.081162][   T29] audit: type=1326 audit(1724979439.268:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  399.148110][T10883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1026'.
[  399.164952][   T29] audit: type=1326 audit(1724979439.268:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10877 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  399.219412][ T5323] usb 2-1: Using ep0 maxpacket: 16
[  399.229485][ T5323] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  399.242595][ T5323] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  399.268575][ T5323] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  399.281807][   T46] usb 1-1: Using ep0 maxpacket: 16
[  399.309422][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  399.329380][ T5323] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  399.348461][   T46] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  399.363133][   T54] Bluetooth: hci1: command tx timeout
[  399.370805][ T5323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.392231][   T46] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  399.410549][ T5323] usb 2-1: config 0 descriptor??
[  399.430678][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.455095][   T46] usb 1-1: config 0 descriptor??
[  399.697177][   T12] team0 (unregistering): Port device team_slave_1 removed
[  399.792348][   T12] team0 (unregistering): Port device team_slave_0 removed
[  399.874091][ T5323] HID 045e:07da: Invalid code 65791 type 1
[  399.945222][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  399.990219][ T5323] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0015/input/input49
[  400.004850][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.028099][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.036314][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.044683][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.052765][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.079512][ T5323] microsoft 0003:045E:07DA.0015: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  400.107256][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.127835][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.139555][ T5323] usb 2-1: USB disconnect, device number 52
[  400.154549][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.163714][   T46] microsoft 0003:045E:07DA.0016: unknown main item tag 0x0
[  400.177668][   T46] microsoft 0003:045E:07DA.0016: No inputs registered, leaving
[  400.266601][   T46] microsoft 0003:045E:07DA.0016: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  400.309429][   T46] microsoft 0003:045E:07DA.0016: no inputs found
[  400.322644][   T46] microsoft 0003:045E:07DA.0016: could not initialize ff, continuing anyway
[  400.389480][   T46] usb 1-1: USB disconnect, device number 30
[  400.518021][T10895] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1027'.
[  401.106234][T10913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1031'.
[  401.440119][   T54] Bluetooth: hci1: command tx timeout
[  401.490033][T10918] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1032'.
[  401.854563][T10823] chnl_net:caif_netlink_parms(): no params data found
[  402.015863][T10944] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1037'.
[  402.433870][T10823] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.479642][ T5323] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  402.492726][T10823] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.536462][T10823] bridge_slave_0: entered allmulticast mode
[  402.612705][T10823] bridge_slave_0: entered promiscuous mode
[  402.661682][T10823] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.726750][ T5323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11
[  402.732490][T10823] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.784508][T10823] bridge_slave_1: entered allmulticast mode
[  402.785523][T10823] bridge_slave_1: entered promiscuous mode
[  402.818752][ T5323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024
[  402.818799][ T5323] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  402.818813][ T5323] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.830338][ T5323] usb 5-1: config 0 descriptor??
[  402.831402][T10942] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  402.834613][ T5323] gspca_main: spca561-2.14.0 probing abcd:cdee
[  403.012538][T10823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  403.015409][T10823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.347023][ T5323] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  403.348165][ T5323] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  403.348216][ T5323] usb 5-1: MIDIStreaming interface descriptor not found
[  403.385919][T10823] team0: Port device team_slave_0 added
[  403.486643][T10823] team0: Port device team_slave_1 added
[  403.509441][   T54] Bluetooth: hci1: command tx timeout
[  403.655596][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  404.020511][T10823] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.074259][T10823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.222714][T10823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.240461][T10823] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.285483][T10823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.379234][T10823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  404.395616][T10942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  404.441463][T10942] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  404.553594][T10991] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1044'.
[  404.642244][T10823] hsr_slave_0: entered promiscuous mode
[  404.661984][T10823] hsr_slave_1: entered promiscuous mode
[  404.677531][T10823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  404.690172][T10823] Cannot create hsr debugfs directory
[  405.380796][T11001] x_tables: eb_tables: quota.0 match: invalid size 24 (kernel) != (user) 0
[  405.679949][ T5230] usb 5-1: USB disconnect, device number 36
[  405.909978][ T5283] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[  406.132197][ T5283] usb 3-1: device descriptor read/64, error -71
[  406.259204][ T5230] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  406.449195][ T5230] usb 1-1: Using ep0 maxpacket: 32
[  406.469753][ T5283] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[  406.471016][ T5230] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  406.528044][ T5230] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  406.549301][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  406.571877][ T5230] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  406.588756][ T5230] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.597468][ T5230] usb 1-1: Product: syz
[  406.604179][ T5230] usb 1-1: Manufacturer: syz
[  406.609546][ T5230] usb 1-1: SerialNumber: syz
[  406.637034][T10823] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  406.663313][T10823] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  406.670284][ T5283] usb 3-1: device descriptor read/64, error -71
[  406.686920][T10823] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  406.705893][T10823] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  406.789639][ T5283] usb usb3-port1: attempt power cycle
[  406.855368][ T5230] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 31 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  406.909716][ T5323] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  406.943711][T10823] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.996843][T10823] 8021q: adding VLAN 0 to HW filter on device team0
[  407.017668][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.024896][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.048339][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.055600][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.129259][ T5323] usb 2-1: Using ep0 maxpacket: 8
[  407.142704][ T5323] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  407.176374][ T5323] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  407.187139][ T5323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.222246][   T29] kauditd_printk_skb: 39 callbacks suppressed
[  407.222264][   T29] audit: type=1800 audit(1724979447.398:731): pid=11047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1054" name="/" dev="fuse" ino=1 res=0 errno=0
[  407.249598][ T5283] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  407.258541][ T5323] usb 2-1: config 0 descriptor??
[  407.296829][ T5323] gspca_main: vc032x-2.14.0 probing 046d:0892
[  407.303803][T11042] FAULT_INJECTION: forcing a failure.
[  407.303803][T11042] name failslab, interval 1, probability 0, space 0, times 0
[  407.312195][ T5283] usb 3-1: device descriptor read/8, error -71
[  407.335076][T11042] CPU: 1 UID: 0 PID: 11042 Comm: syz.4.1054 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  407.345874][T11042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  407.356033][T11042] Call Trace:
[  407.359303][T11042]  <TASK>
[  407.362219][T11042]  dump_stack_lvl+0x241/0x360
[  407.366909][T11042]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.372112][T11042]  ? __pfx__printk+0x10/0x10
[  407.376721][T11042]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  407.382181][T11042]  ? __pfx___might_resched+0x10/0x10
[  407.387459][T11042]  ? lockdep_init_map_type+0xa1/0x910
[  407.392837][T11042]  should_fail_ex+0x3b0/0x4e0
[  407.397512][T11042]  should_failslab+0xac/0x100
[  407.402178][T11042]  ? fuse_direct_IO+0x2cc/0x13a0
[  407.407109][T11042]  __kmalloc_cache_noprof+0x6c/0x2c0
[  407.412405][T11042]  ? __init_swait_queue_head+0xae/0x150
[  407.417978][T11042]  fuse_direct_IO+0x2cc/0x13a0
[  407.422747][T11042]  ? filemap_check_errors+0xe1/0x140
[  407.428132][T11042]  ? kiocb_write_and_wait+0x318/0x400
[  407.433505][T11042]  ? __pfx_kiocb_write_and_wait+0x10/0x10
[  407.439250][T11042]  ? __pfx_fuse_direct_IO+0x10/0x10
[  407.444452][T11042]  ? register_lock_class+0x102/0x980
[  407.449731][T11042]  ? __pfx_lock_release+0x10/0x10
[  407.454759][T11042]  ? atime_needs_update+0x202/0x6c0
[  407.459954][T11042]  ? aa_file_perm+0x3ef/0xf60
[  407.464620][T11042]  ? touch_atime+0xf8/0x690
[  407.469121][T11042]  generic_file_read_iter+0x231/0x430
[  407.474488][T11042]  fuse_file_read_iter+0x4e2/0x600
[  407.479591][T11042]  ? __pfx_fuse_file_read_iter+0x10/0x10
[  407.485209][T11042]  ? __mutex_trylock_common+0x183/0x2e0
[  407.490738][T11042]  ? end_current_label_crit_section+0x151/0x180
[  407.496981][T11042]  vfs_read+0x9bd/0xbc0
[  407.501123][T11042]  ? __pfx_lock_release+0x10/0x10
[  407.506147][T11042]  ? __pfx_vfs_read+0x10/0x10
[  407.511024][T11042]  ksys_read+0x1a0/0x2c0
[  407.515284][T11042]  ? __pfx_ksys_read+0x10/0x10
[  407.520065][T11042]  ? do_syscall_64+0x100/0x230
[  407.524832][T11042]  ? do_syscall_64+0xb6/0x230
[  407.529504][T11042]  do_syscall_64+0xf3/0x230
[  407.533995][T11042]  ? clear_bhb_loop+0x35/0x90
[  407.538665][T11042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.544547][T11042] RIP: 0033:0x7f57d9379ef9
[  407.548952][T11042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.568583][T11042] RSP: 002b:00007f57da1e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  407.576991][T11042] RAX: ffffffffffffffda RBX: 00007f57d9516058 RCX: 00007f57d9379ef9
[  407.584955][T11042] RDX: 000000007ffff000 RSI: 0000000020012400 RDI: 0000000000000005
[  407.592920][T11042] RBP: 00007f57da1e6090 R08: 0000000000000000 R09: 0000000000000000
[  407.600914][T11042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.609054][T11042] R13: 0000000000000000 R14: 00007f57d9516058 R15: 00007f57d963fa28
[  407.617054][T11042]  </TASK>
[  407.712395][T10823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.877373][T10823] veth0_vlan: entered promiscuous mode
[  407.899419][ T5283] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  407.916894][T10823] veth1_vlan: entered promiscuous mode
[  407.935063][T11056] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1052'.
[  407.970660][ T5283] usb 3-1: device descriptor read/8, error -71
[  408.004681][T10823] veth0_macvtap: entered promiscuous mode
[  408.024970][T10823] veth1_macvtap: entered promiscuous mode
[  408.088476][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.109527][ T5283] usb usb3-port1: unable to enumerate USB device
[  408.123433][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.175046][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.200358][ T5323] gspca_vc032x: reg_w err -110
[  408.209214][ T5323] vc032x 2-1:0.0: probe with driver vc032x failed with error -110
[  408.217292][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.233537][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.254874][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.278296][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.300156][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.319874][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.341623][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.385995][T10823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  408.446378][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.465290][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.476021][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.487809][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.498134][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.509391][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.519840][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.553121][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.567854][T10823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.580565][T10823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.604862][T10823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  408.634608][T10823] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  408.661687][T10823] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  408.672080][T10823] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  408.682978][T10823] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.924622][ T1085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.933116][ T5283] usb 1-1: USB disconnect, device number 31
[  408.967103][ T1085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.987271][ T5283] usblp0: removed
[  409.077728][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  409.203618][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  409.539246][ T5283] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  409.694030][    T8] usb 2-1: USB disconnect, device number 53
[  409.740511][ T5283] usb 3-1: Using ep0 maxpacket: 32
[  409.770256][ T5283] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  409.815631][ T5283] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  409.855184][ T5283] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  409.864721][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.880235][ T5283] usb 3-1: config 0 descriptor??
[  409.897612][ T5283] hub 3-1:0.0: bad descriptor, ignoring hub
[  409.930920][ T5283] hub 3-1:0.0: probe with driver hub failed with error -5
[  409.951470][ T5283] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  410.245402][    T8] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  410.452800][    T8] usb 2-1: Using ep0 maxpacket: 16
[  410.491222][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  410.506205][    T8] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  410.516523][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.534976][    T8] usb 2-1: Product: syz
[  410.543549][    T8] usb 2-1: Manufacturer: syz
[  410.548226][    T8] usb 2-1: SerialNumber: syz
[  410.574807][    T8] usb 2-1: config 0 descriptor??
[  410.631565][    T8] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  410.646223][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.675485][    T8] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  410.836308][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.841792][T11103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  410.932495][T11103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  411.050395][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.214103][   T35] bond0: (slave netdevsim0): Releasing backup interface
[  411.232893][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.510597][   T35] bridge_slave_1: left allmulticast mode
[  411.510626][   T35] bridge_slave_1: left promiscuous mode
[  411.510808][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.538040][   T35] bridge_slave_0: left allmulticast mode
[  411.538064][   T35] bridge_slave_0: left promiscuous mode
[  411.538220][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.584366][   T35] gretap1: left allmulticast mode
[  411.584394][   T35] gretap1: left promiscuous mode
[  411.584560][   T35] bridge4: port 1(gretap1) entered disabled state
[  411.588035][    T8] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  412.052843][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  412.065166][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  412.102012][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  412.126650][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  412.135564][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  412.144430][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  412.479662][ T5283] usb 3-1: USB disconnect, device number 34
[  412.944380][    T8] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  412.975063][    T8] em28xx 2-1:0.0: board has no eeprom
[  413.109573][    T8] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  413.123622][    T8] em28xx 2-1:0.0: dvb set to bulk mode.
[  413.163255][ T5283] em28xx 2-1:0.0: Binding DVB extension
[  413.186327][    T8] usb 2-1: USB disconnect, device number 54
[  413.207680][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  413.237366][    T8] em28xx 2-1:0.0: Disconnecting em28xx
[  413.261655][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  413.263280][ T5283] em28xx 2-1:0.0: Registering input extension
[  413.283934][    T8] em28xx 2-1:0.0: Closing input extension
[  413.286354][   T35] bond0 (unregistering): Released all slaves
[  413.328128][    T8] em28xx 2-1:0.0: Freeing device
[  413.388698][T11156] tipc: Started in network mode
[  413.413752][T11156] tipc: Node identity 3a1414aa, cluster identity 4711
[  413.435390][T11156] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  413.800203][T11166] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1068'.
[  413.842695][T11166] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1068'.
[  413.860217][T11169] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1069'.
[  413.896034][T11169] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1069'.
[  413.986890][   T35] hsr_slave_0: left promiscuous mode
[  414.009967][   T35] hsr_slave_1: left promiscuous mode
[  414.036964][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  414.060926][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  414.083450][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  414.093401][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  414.139948][   T35] veth1_macvtap: left promiscuous mode
[  414.146006][   T35] veth0_macvtap: left promiscuous mode
[  414.163804][   T35] veth1_vlan: left promiscuous mode
[  414.177045][   T35] veth0_vlan: left promiscuous mode
[  414.241772][   T54] Bluetooth: hci4: command tx timeout
[  414.525773][ T5240] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  414.539902][ T5240] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  414.548832][ T5240] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  414.566790][ T5240] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  414.585035][ T5240] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  414.592625][ T5240] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  414.903613][   T35] team0 (unregistering): Port device team_slave_1 removed
[  414.951276][   T35] team0 (unregistering): Port device team_slave_0 removed
[  415.642883][T11143] chnl_net:caif_netlink_parms(): no params data found
[  415.758389][T11199] FAULT_INJECTION: forcing a failure.
[  415.758389][T11199] name failslab, interval 1, probability 0, space 0, times 0
[  415.785428][T11199] CPU: 1 UID: 0 PID: 11199 Comm: syz.1.1073 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  415.796322][T11199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  415.806407][T11199] Call Trace:
[  415.809700][T11199]  <TASK>
[  415.812646][T11199]  dump_stack_lvl+0x241/0x360
[  415.817347][T11199]  ? __pfx_dump_stack_lvl+0x10/0x10
[  415.822546][T11199]  ? __pfx__printk+0x10/0x10
[  415.827133][T11199]  ? __pfx_lock_acquire+0x10/0x10
[  415.832152][T11199]  ? __pfx___might_resched+0x10/0x10
[  415.837432][T11199]  ? __pfx_lock_release+0x10/0x10
[  415.842449][T11199]  should_fail_ex+0x3b0/0x4e0
[  415.847128][T11199]  should_failslab+0xac/0x100
[  415.851801][T11199]  ? zswap_store+0x646/0x1620
[  415.856466][T11199]  kmem_cache_alloc_node_noprof+0x71/0x320
[  415.862265][T11199]  zswap_store+0x646/0x1620
[  415.866768][T11199]  ? __pfx_zswap_store+0x10/0x10
[  415.871783][T11199]  ? _raw_spin_unlock+0x28/0x50
[  415.876625][T11199]  ? folio_free_swap+0x514/0xbf0
[  415.881566][T11199]  swap_writepage+0x79/0x1a0
[  415.886146][T11199]  shrink_folio_list+0x35fe/0x8c90
[  415.891288][T11199]  ? __pfx_shrink_folio_list+0x10/0x10
[  415.896741][T11199]  ? validate_chain+0x11e/0x5900
[  415.901666][T11199]  ? __pfx_validate_chain+0x10/0x10
[  415.906856][T11199]  ? __pfx_validate_chain+0x10/0x10
[  415.912046][T11199]  ? __pfx_validate_chain+0x10/0x10
[  415.917238][T11199]  ? folio_prealloc+0x31/0x170
[  415.922031][T11199]  ? __pfx_validate_chain+0x10/0x10
[  415.927218][T11199]  ? __pfx_validate_chain+0x10/0x10
[  415.932428][T11199]  ? __lock_acquire+0x137a/0x2040
[  415.937452][T11199]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[  415.943169][T11199]  reclaim_pages+0x918/0xc60
[  415.947767][T11199]  ? __pfx_reclaim_pages+0x10/0x10
[  415.952992][T11199]  ? madvise_cold_or_pageout_pte_range+0x213a/0x32a0
[  415.959658][T11199]  ? madvise_cold_or_pageout_pte_range+0x293b/0x32a0
[  415.966322][T11199]  ? __pfx_lock_release+0x10/0x10
[  415.971343][T11199]  ? folio_isolate_lru+0x754/0xee0
[  415.976452][T11199]  madvise_cold_or_pageout_pte_range+0x2964/0x32a0
[  415.982960][T11199]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  415.989821][T11199]  walk_pgd_range+0xba1/0x1810
[  415.994603][T11199]  ? __pfx_mt_find+0x10/0x10
[  415.999190][T11199]  ? __pfx_walk_pgd_range+0x10/0x10
[  416.004392][T11199]  __walk_page_range+0x132/0x720
[  416.009324][T11199]  ? find_vma+0xf9/0x170
[  416.013568][T11199]  ? __pfx_find_vma+0x10/0x10
[  416.018254][T11199]  ? process_vma_walk_lock+0x135/0x390
[  416.023712][T11199]  walk_page_range+0x58f/0x7c0
[  416.028477][T11199]  ? __pfx_walk_page_range+0x10/0x10
[  416.033761][T11199]  ? tlb_gather_mmu+0x24e/0x310
[  416.038602][T11199]  do_madvise+0x3384/0x4760
[  416.043125][T11199]  ? __pfx_do_madvise+0x10/0x10
[  416.047965][T11199]  ? __pfx_lock_release+0x10/0x10
[  416.052986][T11199]  ? kstrtouint_from_user+0x128/0x190
[  416.058380][T11199]  ? vfs_write+0x7c4/0xc90
[  416.062790][T11199]  ? __mutex_unlock_slowpath+0x21d/0x750
[  416.068412][T11199]  ? __pfx_vfs_write+0x10/0x10
[  416.073170][T11199]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  416.079146][T11199]  ? __fget_files+0x3f6/0x470
[  416.083834][T11199]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  416.090156][T11199]  ? do_syscall_64+0x100/0x230
[  416.094938][T11199]  __x64_sys_madvise+0xa6/0xc0
[  416.099701][T11199]  do_syscall_64+0xf3/0x230
[  416.104195][T11199]  ? clear_bhb_loop+0x35/0x90
[  416.108864][T11199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.114753][T11199] RIP: 0033:0x7fd876779ef9
[  416.119172][T11199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.138782][T11199] RSP: 002b:00007fd8774ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  416.147283][T11199] RAX: ffffffffffffffda RBX: 00007fd876915f80 RCX: 00007fd876779ef9
[  416.155248][T11199] RDX: 0000000000000015 RSI: 000000000040001e RDI: 0000000020000000
[  416.163211][T11199] RBP: 00007fd8774ce090 R08: 0000000000000000 R09: 0000000000000000
[  416.171173][T11199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.179160][T11199] R13: 0000000000000000 R14: 00007fd876915f80 R15: 00007fd876a3fa28
[  416.187134][T11199]  </TASK>
[  416.190278][    C1] vkms_vblank_simulate: vblank timer overrun
[  416.340622][   T54] Bluetooth: hci4: command tx timeout
[  416.709236][   T54] Bluetooth: hci1: command tx timeout
[  416.769471][ T5283] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  416.811457][T11143] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.892702][T11143] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.915539][T11143] bridge_slave_0: entered allmulticast mode
[  416.934650][T11143] bridge_slave_0: entered promiscuous mode
[  416.966504][ T5283] usb 3-1: Using ep0 maxpacket: 32
[  416.972386][T11143] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.985675][T11143] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.987687][ T5283] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  417.003465][T11143] bridge_slave_1: entered allmulticast mode
[  417.014977][T11143] bridge_slave_1: entered promiscuous mode
[  417.026092][T11188] chnl_net:caif_netlink_parms(): no params data found
[  417.067060][ T5283] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  417.101301][ T5283] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  417.115435][ T5283] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.146730][ T5283] usb 3-1: Product: syz
[  417.159130][ T5283] usb 3-1: Manufacturer: syz
[  417.180795][ T5283] usb 3-1: SerialNumber: syz
[  417.353964][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.407933][T11143] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  417.435392][ T5283] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 35 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  417.442458][T11143] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  417.666889][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.693313][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  417.758965][T11143] team0: Port device team_slave_0 added
[  417.862118][T11235] input: syz0 as /devices/virtual/input/input53
[  417.879385][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.931029][T11143] team0: Port device team_slave_1 added
[  418.086162][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.164948][T11188] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.185344][T11188] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.195508][T11188] bridge_slave_0: entered allmulticast mode
[  418.204847][T11188] bridge_slave_0: entered promiscuous mode
[  418.215483][T11188] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.224714][T11188] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.233341][T11188] bridge_slave_1: entered allmulticast mode
[  418.244789][T11188] bridge_slave_1: entered promiscuous mode
[  418.283529][T11143] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.290831][    T8] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  418.308974][T11143] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.340563][T11143] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  418.392264][T11143] batman_adv: batadv0: Adding interface: batadv_slave_1
[  418.399661][   T54] Bluetooth: hci4: command tx timeout
[  418.411835][T11143] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.441476][T11143] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  418.461284][T11188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.519124][    T8] usb 1-1: Using ep0 maxpacket: 8
[  418.526114][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  418.538970][T11188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.568014][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  418.614847][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  418.657143][    T8] usb 1-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  418.720163][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.753667][    T8] usb 1-1: config 0 descriptor??
[  418.799409][   T54] Bluetooth: hci1: command tx timeout
[  418.849834][T11143] hsr_slave_0: entered promiscuous mode
[  418.865524][T11143] hsr_slave_1: entered promiscuous mode
[  418.926039][T11188] team0: Port device team_slave_0 added
[  419.006130][T11188] team0: Port device team_slave_1 added
[  419.184461][   T35] bridge_slave_1: left allmulticast mode
[  419.195007][T11243] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  419.241328][T11243] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  419.250375][   T35] bridge_slave_1: left promiscuous mode
[  419.277077][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.332249][    T8] belkin 0003:050D:3201.0017: item fetching failed at offset 5/7
[  419.340380][   T35] bridge_slave_0: left allmulticast mode
[  419.347248][   T35] bridge_slave_0: left promiscuous mode
[  419.373977][    T8] belkin 0003:050D:3201.0017: parse failed
[  419.381615][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.410475][    T8] belkin 0003:050D:3201.0017: probe with driver belkin failed with error -22
[  419.442742][ T5284] usb 3-1: USB disconnect, device number 35
[  419.497506][ T5284] usblp0: removed
[  419.629645][    T8] usb 1-1: USB disconnect, device number 32
[  419.744211][T11259] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1081'.
[  419.757034][T11259] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1081'.
[  420.106251][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  420.120247][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  420.134594][   T35] bond0 (unregistering): Released all slaves
[  420.169204][ T5284] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  420.271207][T11188] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.278268][T11188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.306487][   T29] audit: type=1326 audit(1724979460.488:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadf0f79ef9 code=0x7ffc0000
[  420.308248][T11188] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  420.355734][   T29] audit: type=1326 audit(1724979460.518:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadf0f79ef9 code=0x7ffc0000
[  420.379908][   T29] audit: type=1326 audit(1724979460.528:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadf0f78890 code=0x7ffc0000
[  420.407968][   T29] audit: type=1326 audit(1724979460.528:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.414874][T11188] batman_adv: batadv0: Adding interface: batadv_slave_1
[  420.443195][   T29] audit: type=1326 audit(1724979460.528:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.466383][T11188] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.494447][   T29] audit: type=1326 audit(1724979460.528:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.501670][   T54] Bluetooth: hci4: command tx timeout
[  420.518740][T11188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  420.522808][ T5284] usb 2-1: Using ep0 maxpacket: 32
[  420.522990][   T29] audit: type=1326 audit(1724979460.528:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.523279][   T29] audit: type=1326 audit(1724979460.678:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.585115][ T5284] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  420.595011][ T5284] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  420.626439][ T5284] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  420.634593][   T29] audit: type=1326 audit(1724979460.798:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.635903][ T5284] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.669190][ T5323] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  420.685110][ T5284] usb 2-1: Product: syz
[  420.685134][ T5284] usb 2-1: Manufacturer: syz
[  420.685150][ T5284] usb 2-1: SerialNumber: syz
[  420.688482][   T29] audit: type=1326 audit(1724979460.868:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz.0.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadf0f79afb code=0x7ffc0000
[  420.812373][T11188] hsr_slave_0: entered promiscuous mode
[  420.825511][T11188] hsr_slave_1: entered promiscuous mode
[  420.835946][T11188] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  420.851824][T11188] Cannot create hsr debugfs directory
[  420.869225][   T54] Bluetooth: hci1: command tx timeout
[  420.894003][ T5323] usb 1-1: Using ep0 maxpacket: 16
[  420.903706][ T5323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.930260][ T5323] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  420.951127][ T5284] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 55 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  420.962631][ T5323] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  420.981314][ T5323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.995513][ T5323] usb 1-1: config 0 descriptor??
[  421.193594][   T35] hsr_slave_0: left promiscuous mode
[  421.200309][   T35] hsr_slave_1: left promiscuous mode
[  421.208397][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.219397][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.232360][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.250886][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.287748][   T35] veth1_macvtap: left promiscuous mode
[  421.293693][   T35] veth0_macvtap: left promiscuous mode
[  421.300239][   T35] veth1_vlan: left promiscuous mode
[  421.305644][   T35] veth0_vlan: left promiscuous mode
[  421.443982][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.456637][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.475594][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.505479][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.522269][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.544938][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.562824][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.571199][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.579444][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.586891][ T5323] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  421.606503][ T5323] microsoft 0003:045E:07DA.0018: No inputs registered, leaving
[  421.628857][ T5323] microsoft 0003:045E:07DA.0018: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  421.641056][ T5323] microsoft 0003:045E:07DA.0018: no inputs found
[  421.647836][ T5323] microsoft 0003:045E:07DA.0018: could not initialize ff, continuing anyway
[  421.688978][ T5323] usb 1-1: USB disconnect, device number 33
[  422.234507][   T35] team0 (unregistering): Port device team_slave_1 removed
[  422.328111][   T35] team0 (unregistering): Port device team_slave_0 removed
[  422.549341][ T5280] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  422.752197][ T5280] usb 1-1: Using ep0 maxpacket: 32
[  422.787120][ T5280] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  422.802002][ T5280] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  422.814495][ T5280] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.834710][ T5280] usb 1-1: config 0 descriptor??
[  422.842550][ T5280] hub 1-1:0.0: bad descriptor, ignoring hub
[  422.858061][ T5280] hub 1-1:0.0: probe with driver hub failed with error -5
[  422.867668][ T5280] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  422.954543][   T54] Bluetooth: hci1: command tx timeout
[  423.121665][    T8] usb 2-1: USB disconnect, device number 55
[  423.134208][    T8] usblp0: removed
[  423.309429][ T5280] usb 3-1: new low-speed USB device number 36 using dummy_hcd
[  423.479187][ T5280] usb 3-1: device descriptor read/64, error -71
[  423.705185][T11143] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  423.730862][T11143] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  423.749845][ T5280] usb 3-1: new low-speed USB device number 37 using dummy_hcd
[  423.767691][T11143] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  423.818150][T11143] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  423.919363][ T5280] usb 3-1: device descriptor read/64, error -71
[  424.049642][ T5280] usb usb3-port1: attempt power cycle
[  424.067791][T11143] 8021q: adding VLAN 0 to HW filter on device bond0
[  424.132732][T11143] 8021q: adding VLAN 0 to HW filter on device team0
[  424.276636][ T1071] bridge0: port 1(bridge_slave_0) entered blocking state
[  424.283852][ T1071] bridge0: port 1(bridge_slave_0) entered forwarding state
[  424.308829][T11188] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  424.322980][T11188] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  424.342449][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  424.371081][T11188] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  424.396388][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.403557][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  424.418853][T11188] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  424.459438][ T5280] usb 3-1: new low-speed USB device number 38 using dummy_hcd
[  424.589912][ T5280] usb 3-1: device descriptor read/8, error -71
[  424.597612][T11309] input: syz0 as /devices/virtual/input/input55
[  424.818154][T11143] 8021q: adding VLAN 0 to HW filter on device batadv0
[  424.889969][ T5280] usb 3-1: new low-speed USB device number 39 using dummy_hcd
[  424.961244][ T5280] usb 3-1: device descriptor read/8, error -71
[  424.987815][T11188] 8021q: adding VLAN 0 to HW filter on device bond0
[  425.018860][T11143] veth0_vlan: entered promiscuous mode
[  425.043228][T11188] 8021q: adding VLAN 0 to HW filter on device team0
[  425.102578][ T5280] usb usb3-port1: unable to enumerate USB device
[  425.166108][T11143] veth1_vlan: entered promiscuous mode
[  425.187634][ T1071] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.194790][ T1071] bridge0: port 1(bridge_slave_0) entered forwarding state
[  425.263600][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.270733][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  425.364216][T11143] veth0_macvtap: entered promiscuous mode
[  425.396908][T11143] veth1_macvtap: entered promiscuous mode
[  425.469536][ T5280] usb 1-1: USB disconnect, device number 34
[  425.546743][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.562738][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.576439][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.588776][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.603376][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.614514][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.625002][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.642713][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.659819][T11143] batman_adv: batadv0: Interface activated: batadv_slave_0
[  425.726816][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.745111][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.757420][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.769573][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.783794][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.795577][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.806091][T11143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.817749][T11143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.832574][T11143] batman_adv: batadv0: Interface activated: batadv_slave_1
[  425.853620][T11321] tipc: Started in network mode
[  425.881887][T11321] tipc: Node identity 00000000000001060000000000000001, cluster identity 4711
[  425.895642][T11321] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  425.942830][T11143] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  425.959260][T11143] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  425.973955][T11143] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  425.986394][T11143] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  426.187715][T11188] 8021q: adding VLAN 0 to HW filter on device batadv0
[  426.336814][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.386199][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.400744][T11333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1096'.
[  426.530166][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.578768][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.701269][T11188] veth0_vlan: entered promiscuous mode
[  426.842764][T11188] veth1_vlan: entered promiscuous mode
[  427.178680][T11188] veth0_macvtap: entered promiscuous mode
[  427.282932][T11188] veth1_macvtap: entered promiscuous mode
[  427.496917][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.548208][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.581892][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.600080][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.615665][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.627658][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  427.627674][   T29] audit: type=1326 audit(1724979467.808:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876779ef9 code=0x7ffc0000
[  427.664357][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.676237][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.687770][   T29] audit: type=1326 audit(1724979467.848:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7fd876779ef9 code=0x7ffc0000
[  427.721667][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.735481][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.746704][   T29] audit: type=1326 audit(1724979467.848:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876779ef9 code=0x7ffc0000
[  427.760519][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.772522][   T29] audit: type=1326 audit(1724979467.848:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876779ef9 code=0x7ffc0000
[  427.806309][   T29] audit: type=1326 audit(1724979467.848:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd876778890 code=0x7ffc0000
[  427.847348][   T29] audit: type=1326 audit(1724979467.848:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd876779afb code=0x7ffc0000
[  427.894807][T11188] batman_adv: batadv0: Interface activated: batadv_slave_0
[  427.909227][ T5241] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  427.918337][   T29] audit: type=1326 audit(1724979467.848:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd876779afb code=0x7ffc0000
[  427.987466][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.019248][ T5284] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  428.042918][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.139195][ T5241] usb 3-1: Using ep0 maxpacket: 8
[  428.151462][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.163309][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.174280][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.185076][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.195513][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.208383][ T5284] usb 2-1: config 0 has an invalid interface number: 182 but max is 0
[  428.208400][   T29] audit: type=1326 audit(1724979467.898:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd876779afb code=0x7ffc0000
[  428.255237][ T5241] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  428.259682][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.275198][ T5284] usb 2-1: config 0 has no interface number 0
[  428.281600][T11188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.292811][ T5284] usb 2-1: New USB device found, idVendor=eb1a, idProduct=e350, bcdDevice=f8.fa
[  428.292966][   T29] audit: type=1326 audit(1724979467.898:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd876779afb code=0x7ffc0000
[  428.303035][T11188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.337283][ T5284] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.350093][T11188] batman_adv: batadv0: Interface activated: batadv_slave_1
[  428.366586][ T5284] usb 2-1: config 0 descriptor??
[  428.404872][ T5241] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.416859][T11188] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  428.427402][T11188] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  428.436476][   T29] audit: type=1326 audit(1724979468.028:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.1.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd876779afb code=0x7ffc0000
[  428.490729][T11188] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  428.500174][ T5241] usb 3-1: Product: syz
[  428.504688][ T5241] usb 3-1: Manufacturer: syz
[  428.506022][T11188] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  428.526323][ T5241] usb 3-1: SerialNumber: syz
[  428.578472][ T5241] usb 3-1: config 0 descriptor??
[  428.723122][T11370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  428.755480][T11382] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1103'.
[  428.779276][T11370] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  428.790489][ T1071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.808966][ T5241] usb 3-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  428.849421][ T1071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.923609][ T5284] usb 2-1: USB disconnect, device number 56
[  428.949553][ T1071] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.958811][ T1071] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.026056][T11390] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1105'.
[  429.204429][T11395] (unnamed net_device) (uninitialized): (slave veth0_to_bridge): Device is not bonding slave
[  429.251046][T11395] (unnamed net_device) (uninitialized): option active_slave: invalid value (veth0_to_bridge)
[  429.292959][T11399] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  429.475268][T11402] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  429.539875][ T5323] usb 1-1: new full-speed USB device number 35 using dummy_hcd
[  429.758296][ T5323] usb 1-1: New USB device found, idVendor=07ca, idProduct=b808, bcdDevice=db.2f
[  429.773383][ T5323] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.814610][ T5323] usb 1-1: Product: syz
[  429.831219][ T5323] usb 1-1: Manufacturer: syz
[  429.839500][ T5323] usb 1-1: SerialNumber: syz
[  429.866856][ T5323] usb 1-1: config 0 descriptor??
[  430.097318][T11395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  430.117453][T11395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  430.136901][T11395] netlink: 198116 bytes leftover after parsing attributes in process `syz.0.1106'.
[  430.164611][T11395] TCP: TCP_TX_DELAY enabled
[  430.193002][T11395] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1106'.
[  430.432591][ T5323] dvb-usb: found a 'AVerMedia AVerTV DVB-T Volar' in warm state.
[  430.493132][ T5323] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  430.531864][ T5323] dvbdev: DVB: registering new adapter (AVerMedia AVerTV DVB-T Volar)
[  430.565712][ T5323] usb 1-1: media controller created
[  430.605865][ T5323] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  430.664367][ T5241] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  430.716114][ T5241] dvbdev: DVB: registering new adapter (Terratec H7)
[  430.769210][ T5241] usb 3-1: media controller created
[  430.812045][ T5323] DVB: Unable to find symbol dib7000p_attach()
[  430.831697][ T5323] dvb-usb: no frontend was attached by 'AVerMedia AVerTV DVB-T Volar'
[  430.873661][ T5241] usb read operation failed. (-71)
[  430.889522][ T5230] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  430.921606][ T5241] dvb_usb_az6007 3-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  431.001329][ T5241] usb 3-1: USB disconnect, device number 40
[  431.099719][ T5323] rc_core: IR keymap rc-dib0700-rc5 not found
[  431.116062][ T5230] usb 4-1: Using ep0 maxpacket: 32
[  431.130770][ T5323] Registered IR keymap rc-empty
[  431.143612][ T5230] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  431.156955][ T5323] dvb-usb: could not initialize remote control.
[  431.178565][ T5230] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[  431.192151][ T5323] dvb-usb: AVerMedia AVerTV DVB-T Volar successfully initialized and connected.
[  431.229273][ T5230] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  431.249353][ T5323] usb 1-1: USB disconnect, device number 35
[  431.263425][ T5230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.304600][ T5230] usb 4-1: Product: syz
[  431.308850][ T5230] usb 4-1: Manufacturer: syz
[  431.344160][ T5230] usb 4-1: SerialNumber: syz
[  431.351679][ T5323] dvb-usb: AVerMedia AVerTV DVB-T Volar successfully deinitialized and disconnected.
[  431.600693][T11436] sctp: [Deprecated]: syz.3.1110 (pid 11436) Use of int in max_burst socket option deprecated.
[  431.600693][T11436] Use struct sctp_assoc_value instead
[  432.121326][ T5280] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  432.159175][ T5240] Bluetooth: hci5: command 0x0406 tx timeout
[  432.345174][T11465] netlink: 4096 bytes leftover after parsing attributes in process `syz.4.1116'.
[  432.372738][T11465] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  432.390203][ T5280] usb 1-1: Using ep0 maxpacket: 8
[  432.404075][ T5280] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  432.447195][ T5280] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  432.494409][ T5280] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.543389][ T5280] usb 1-1: config 0 descriptor??
[  432.565931][ T5280] gspca_main: vc032x-2.14.0 probing 046d:0892
[  433.287399][ T5280] gspca_vc032x: reg_w err -110
[  433.303482][ T5280] vc032x 1-1:0.0: probe with driver vc032x failed with error -110
[  433.489192][ T5241] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  433.559250][   T46] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  433.621299][ T5280] usb 4-1: USB disconnect, device number 46
[  433.689357][ T5241] usb 5-1: Using ep0 maxpacket: 32
[  433.736112][ T5241] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  433.749730][ T5240] Bluetooth: hci1: command 0x0405 tx timeout
[  433.760855][ T5241] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  433.769705][   T46] usb 3-1: Using ep0 maxpacket: 32
[  433.790454][ T5241] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  433.817253][   T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  433.828206][   T46] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  433.846574][T11511] FAULT_INJECTION: forcing a failure.
[  433.846574][T11511] name failslab, interval 1, probability 0, space 0, times 0
[  433.869313][T11511] CPU: 1 UID: 0 PID: 11511 Comm: syz.3.1124 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  433.875407][ T5241] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.880103][T11511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  433.880124][T11511] Call Trace:
[  433.880134][T11511]  <TASK>
[  433.880144][T11511]  dump_stack_lvl+0x241/0x360
[  433.880178][T11511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.880203][T11511]  ? __pfx__printk+0x10/0x10
[  433.880229][T11511]  ? fs_reclaim_acquire+0x93/0x140
[  433.880253][T11511]  ? __pfx___might_resched+0x10/0x10
[  433.880280][T11511]  should_fail_ex+0x3b0/0x4e0
[  433.934048][T11511]  ? tomoyo_encode+0x26f/0x540
[  433.938826][T11511]  should_failslab+0xac/0x100
[  433.943517][T11511]  ? tomoyo_encode+0x26f/0x540
[  433.948265][T11511]  __kmalloc_noprof+0xd8/0x400
[  433.953018][T11511]  tomoyo_encode+0x26f/0x540
[  433.957598][T11511]  tomoyo_realpath_from_path+0x59e/0x5e0
[  433.963220][T11511]  tomoyo_path_number_perm+0x23a/0x880
[  433.968669][T11511]  ? tomoyo_path_number_perm+0x208/0x880
[  433.974287][T11511]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  433.980281][T11511]  ? __fget_files+0x29/0x470
[  433.984853][T11511]  ? __fget_files+0x3f6/0x470
[  433.989525][T11511]  ? __fget_files+0x29/0x470
[  433.994120][T11511]  security_file_ioctl+0x75/0xb0
[  433.999053][T11511]  __se_sys_ioctl+0x47/0x170
[  434.003644][T11511]  do_syscall_64+0xf3/0x230
[  434.008129][T11511]  ? clear_bhb_loop+0x35/0x90
[  434.012793][T11511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.018671][T11511] RIP: 0033:0x7fc0fad79ef9
[  434.023070][T11511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.042666][T11511] RSP: 002b:00007fc0fba93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  434.051067][T11511] RAX: ffffffffffffffda RBX: 00007fc0faf15f80 RCX: 00007fc0fad79ef9
[  434.059024][T11511] RDX: 0000000020000100 RSI: 0000000000004601 RDI: 0000000000000003
[  434.066988][T11511] RBP: 00007fc0fba93090 R08: 0000000000000000 R09: 0000000000000000
[  434.074942][T11511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.082896][T11511] R13: 0000000000000000 R14: 00007fc0faf15f80 R15: 00007fc0fb03fa28
[  434.090866][T11511]  </TASK>
[  434.093988][    C1] vkms_vblank_simulate: vblank timer overrun
[  434.109397][T11489] netlink: 4096 bytes leftover after parsing attributes in process `syz.1.1121'.
[  434.118687][ T5241] usb 5-1: Product: syz
[  434.127461][ T5241] usb 5-1: Manufacturer: syz
[  434.127786][   T46] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  434.139865][T11489] openvswitch: netlink: ct_state flags 00000300 unsupported
[  434.151973][ T5241] usb 5-1: SerialNumber: syz
[  434.186687][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.189293][T11511] ERROR: Out of memory at tomoyo_realpath_from_path.
[  434.196319][   T46] usb 3-1: Product: syz
[  434.220617][   T46] usb 3-1: Manufacturer: syz
[  434.226717][   T46] usb 3-1: SerialNumber: syz
[  434.372485][ T5241] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 37 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  434.455707][   T46] usblp 3-1:1.0: usblp1: USB Unidirectional printer dev 41 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  435.063423][ T5283] usb 1-1: USB disconnect, device number 36
[  435.569269][ T5283] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  435.870519][ T5283] usb 1-1: Using ep0 maxpacket: 32
[  435.887944][ T5283] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  435.954265][T11556] syz.1.1129: vmalloc error: size 16781312, failed to allocated page array size 32776, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  436.028950][T11556] CPU: 1 UID: 0 PID: 11556 Comm: syz.1.1129 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  436.039749][T11556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  436.049821][T11556] Call Trace:
[  436.053112][T11556]  <TASK>
[  436.056057][T11556]  dump_stack_lvl+0x241/0x360
[  436.060730][T11556]  ? __pfx_dump_stack_lvl+0x10/0x10
[  436.066013][T11556]  ? __pfx__printk+0x10/0x10
[  436.070595][T11556]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  436.076999][T11556]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  436.083488][T11556]  warn_alloc+0x278/0x410
[  436.087825][T11556]  ? __pfx_warn_alloc+0x10/0x10
[  436.092704][T11556]  ? xskq_create+0xb6/0x170
[  436.097215][T11556]  ? __get_vm_area_node+0x23d/0x270
[  436.102406][T11556]  __vmalloc_node_range_noprof+0x6a2/0x1400
[  436.108322][T11556]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  436.114639][T11556]  ? __kasan_kmalloc+0x98/0xb0
[  436.119395][T11556]  ? xskq_create+0x54/0x170
[  436.123888][T11556]  vmalloc_user_noprof+0x74/0x80
[  436.128812][T11556]  ? xskq_create+0xb6/0x170
[  436.133305][T11556]  xskq_create+0xb6/0x170
[  436.137624][T11556]  xsk_init_queue+0xa1/0x100
[  436.142201][T11556]  xsk_setsockopt+0x598/0x950
[  436.146866][T11556]  ? __pfx_xsk_setsockopt+0x10/0x10
[  436.152119][T11556]  ? __pfx_lock_acquire+0x10/0x10
[  436.157148][T11556]  ? aa_sock_opt_perm+0x79/0x120
[  436.162074][T11556]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  436.167614][T11556]  ? security_socket_setsockopt+0x87/0xb0
[  436.173408][T11556]  ? __pfx_xsk_setsockopt+0x10/0x10
[  436.178596][T11556]  do_sock_setsockopt+0x3af/0x720
[  436.183610][T11556]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  436.189152][T11556]  ? __fget_files+0x29/0x470
[  436.193748][T11556]  ? __fget_files+0x3f6/0x470
[  436.198417][T11556]  __sys_setsockopt+0x1ae/0x250
[  436.203258][T11556]  __x64_sys_setsockopt+0xb5/0xd0
[  436.208276][T11556]  do_syscall_64+0xf3/0x230
[  436.212766][T11556]  ? clear_bhb_loop+0x35/0x90
[  436.217430][T11556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.223308][T11556] RIP: 0033:0x7fd876779ef9
[  436.227708][T11556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.247479][T11556] RSP: 002b:00007fd8774ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  436.255887][T11556] RAX: ffffffffffffffda RBX: 00007fd876915f80 RCX: 00007fd876779ef9
[  436.263845][T11556] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  436.271801][T11556] RBP: 00007fd8767e793e R08: 0000000000000004 R09: 0000000000000000
[  436.279757][T11556] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  436.287720][T11556] R13: 0000000000000000 R14: 00007fd876915f80 R15: 00007fd876a3fa28
[  436.295694][T11556]  </TASK>
[  436.298760][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.345082][   T46] usb 5-1: USB disconnect, device number 37
[  436.349192][T11556] Mem-Info:
[  436.356165][   T46] usblp0: removed
[  436.371591][T11556] active_anon:7496 inactive_anon:1 isolated_anon:0
[  436.371591][T11556]  active_file:12070 inactive_file:38368 isolated_file:0
[  436.371591][T11556]  unevictable:768 dirty:159 writeback:0
[  436.371591][T11556]  slab_reclaimable:9257 slab_unreclaimable:102812
[  436.371591][T11556]  mapped:26279 shmem:1244 pagetables:968
[  436.371591][T11556]  sec_pagetables:0 bounce:0
[  436.371591][T11556]  kernel_misc_reclaimable:0
[  436.371591][T11556]  free:1353859 free_pcp:2295 free_cma:0
[  436.422126][ T5283] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  436.445087][ T5280] usb 3-1: USB disconnect, device number 41
[  436.458679][ T5283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.468718][ T5280] usblp1: removed
[  436.483907][ T5283] usb 1-1: config 0 descriptor??
[  436.498652][T11556] Node 0 active_anon:28184kB inactive_anon:4kB active_file:48228kB inactive_file:153392kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103940kB dirty:636kB writeback:0kB shmem:3440kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10240kB pagetables:3772kB sec_pagetables:0kB all_unreclaimable? no
[  436.544740][ T5283] hub 1-1:0.0: bad descriptor, ignoring hub
[  436.567577][ T5283] hub 1-1:0.0: probe with driver hub failed with error -5
[  436.575213][T11556] Node 1 active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  436.585845][ T5283] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  436.605470][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.687704][T11556] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  436.714841][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.863689][T11577] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1133'.
[  436.878714][T11556] lowmem_reserve[]: 0 2561 2562 0 0
[  436.899700][T11556] Node 0 DMA32 free:1466364kB boost:0kB min:35020kB low:43772kB high:52524kB reserved_highatomic:0KB active_anon:24324kB inactive_anon:4kB active_file:48228kB inactive_file:152072kB unevictable:1536kB writepending:636kB present:3129332kB managed:2651236kB mlocked:0kB bounce:0kB free_pcp:3692kB local_pcp:1016kB free_cma:0kB
[  436.935332][T11577] ------------[ cut here ]------------
[  436.941173][T11577] WARNING: CPU: 1 PID: 11577 at kernel/kcov.c:871 kcov_remote_start+0x542/0x7d0
[  436.950217][T11577] Modules linked in:
[  436.954132][T11577] CPU: 1 UID: 0 PID: 11577 Comm: syz.4.1133 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  436.964905][T11577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  436.975061][T11577] RIP: 0010:kcov_remote_start+0x542/0x7d0
[  436.980824][T11577] Code: 4c 89 ff be 03 00 00 00 e8 cb 55 1e 03 e9 04 fb ff ff e8 51 40 25 0a 41 f7 c6 00 02 00 00 0f 84 f2 fa ff ff e9 7f fc ff ff 90 <0f> 0b 90 e8 76 5d 25 0a 89 c0 48 c7 c7 c8 d4 02 00 48 03 3c c5 40
[  436.988753][T11556] lowmem_reserve[]:
[  437.000433][T11577] RSP: 0018:ffffc90004cc6bf0 EFLAGS: 00010002
[  437.000493][T11577] RAX: 0000000080000200 RBX: ffff888022128000 RCX: 0000000000000002
[  437.000509][T11577] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c608500
[  437.000526][T11577] RBP: 0000000000000000 R08: ffffffff937408af R09: 1ffffffff26e8115
[  437.000540][T11577] R10: dffffc0000000000 R11: fffffbfff26e8116 R12: ffffffff819395d7
[  437.000554][T11577] R13: ffff888067eda280 R14: 0000000000000246 R15: ffff8880b932d4c8
[  437.000567][T11577] FS:  00007f9a524116c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  437.000584][T11577] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  437.000598][T11577] CR2: 00007f6c281a5ba8 CR3: 0000000026572000 CR4: 00000000003526f0
[  437.000616][T11577] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  437.000630][T11577] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  437.000646][T11577] Call Trace:
[  437.000655][T11577]  <TASK>
[  437.000666][T11577]  ? __warn+0x163/0x4e0
[  437.000692][T11577]  ? kcov_remote_start+0x542/0x7d0
[  437.000724][T11577]  ? report_bug+0x2b3/0x500
[  437.000751][T11577]  ? kcov_remote_start+0x542/0x7d0
[  437.000778][T11577]  ? handle_bug+0x3e/0x70
[  437.119127][T11577]  ? exc_invalid_op+0x1a/0x50
[  437.123809][T11577]  ? asm_exc_invalid_op+0x1a/0x20
[  437.128829][T11577]  ? kcov_remote_start+0x97/0x7d0
[  437.133863][T11577]  ? kcov_remote_start+0x542/0x7d0
[  437.138972][T11577]  ? mark_lock+0x9a/0x350
[  437.143303][T11577]  ieee80211_rx_list+0x799/0x3780
[  437.148322][T11577]  ? __lock_acquire+0x137a/0x2040
[  437.153352][T11577]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  437.158818][T11577]  ? __pfx_lock_acquire+0x10/0x10
[  437.163840][T11577]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  437.169819][T11577]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  437.176148][T11577]  ? ieee80211_rx_napi+0xd6/0x3c0
[  437.181169][T11577]  ieee80211_rx_napi+0x18a/0x3c0
[  437.186117][T11577]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  437.192443][T11577]  ? __local_bh_disable_ip+0x179/0x220
[  437.197896][T11577]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  437.203440][T11577]  ? skb_dequeue+0x113/0x150
[  437.208029][T11577]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  437.214011][T11577]  ? ieee80211_stop_device+0x2a/0xf0
[  437.219299][T11577]  ieee80211_stop_device+0x3f/0xf0
[  437.224418][T11577]  ieee80211_do_stop+0x1917/0x1f40
[  437.229542][T11577]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  437.234998][T11577]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  437.241325][T11577]  ? wiphy_work_cancel+0x1f0/0x3e0
[  437.246434][T11577]  ieee80211_stop+0x436/0x4a0
[  437.251112][T11577]  ? __pfx_ieee80211_stop+0x10/0x10
[  437.256306][T11577]  __dev_close_many+0x219/0x300
[  437.261156][T11577]  ? __pfx___dev_close_many+0x10/0x10
[  437.266527][T11577]  ? nl80211_del_interface+0xa3/0x140
[  437.271913][T11577]  ? __pfx_lock_release+0x10/0x10
[  437.276961][T11577]  dev_close_many+0x24e/0x4c0
[  437.281652][T11577]  ? __mutex_lock+0x2ef/0xd70
[  437.286342][T11577]  ? ref_tracker_alloc+0x332/0x490
[  437.291463][T11577]  ? __pfx_dev_close_many+0x10/0x10
[  437.296664][T11577]  ? __mutex_unlock_slowpath+0x21d/0x750
[  437.302299][T11577]  ? nl80211_pre_doit+0x59f/0x8b0
[  437.307335][T11577]  dev_close+0x1c0/0x2c0
[  437.311584][T11577]  ? __pfx_dev_close+0x10/0x10
[  437.316362][T11577]  ? __nla_parse+0x40/0x60
[  437.320790][T11577]  nl80211_del_interface+0xd5/0x140
[  437.326006][T11577]  genl_rcv_msg+0xb14/0xec0
[  437.330518][T11577]  ? mark_lock+0x9a/0x350
[  437.334860][T11577]  ? __pfx_genl_rcv_msg+0x10/0x10
[  437.339997][T11577]  ? __pfx_lock_acquire+0x10/0x10
[  437.345192][T11577]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  437.350570][T11577]  ? __pfx_nl80211_del_interface+0x10/0x10
[  437.356372][T11577]  ? __pfx_nl80211_post_doit+0x10/0x10
[  437.361833][T11577]  ? __pfx___might_resched+0x10/0x10
[  437.367124][T11577]  netlink_rcv_skb+0x1e3/0x430
[  437.371890][T11577]  ? __pfx_genl_rcv_msg+0x10/0x10
[  437.376949][T11577]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  437.382248][T11577]  ? __netlink_deliver_tap+0x77e/0x7c0
[  437.387718][T11577]  genl_rcv+0x28/0x40
[  437.391693][T11577]  netlink_unicast+0x7f6/0x990
[  437.396486][T11577]  ? __pfx_netlink_unicast+0x10/0x10
[  437.401791][T11577]  ? __virt_addr_valid+0x183/0x530
[  437.406907][T11577]  ? __check_object_size+0x49c/0x900
[  437.412200][T11577]  ? bpf_lsm_netlink_send+0x9/0x10
[  437.417325][T11577]  netlink_sendmsg+0x8e4/0xcb0
[  437.422105][T11577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  437.427390][T11577]  ? __import_iovec+0x536/0x820
[  437.432323][T11577]  ? aa_sock_msg_perm+0x91/0x160
[  437.437260][T11577]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  437.442545][T11577]  ? security_socket_sendmsg+0x87/0xb0
[  437.448004][T11577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  437.453278][T11577]  __sock_sendmsg+0x221/0x270
[  437.457958][T11577]  ____sys_sendmsg+0x525/0x7d0
[  437.462729][T11577]  ? __pfx_____sys_sendmsg+0x10/0x10
[  437.468019][T11577]  __sys_sendmsg+0x2b0/0x3a0
[  437.472609][T11577]  ? __pfx___sys_sendmsg+0x10/0x10
[  437.477712][T11577]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  437.483726][T11577]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  437.490052][T11577]  ? do_syscall_64+0x100/0x230
[  437.494896][T11577]  ? do_syscall_64+0xb6/0x230
[  437.499567][T11577]  do_syscall_64+0xf3/0x230
[  437.504062][T11577]  ? clear_bhb_loop+0x35/0x90
[  437.508736][T11577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.514621][T11577] RIP: 0033:0x7f9a51579ef9
[  437.519038][T11577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.538741][T11577] RSP: 002b:00007f9a52411038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  437.547155][T11577] RAX: ffffffffffffffda RBX: 00007f9a51716058 RCX: 00007f9a51579ef9
[  437.555121][T11577] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000006
[  437.563099][T11577] RBP: 00007f9a515e793e R08: 0000000000000000 R09: 0000000000000000
[  437.571065][T11577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  437.579029][T11577] R13: 0000000000000000 R14: 00007f9a51716058 R15: 00007f9a5183fa28
[  437.587016][T11577]  </TASK>
[  437.590032][T11577] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  437.597299][T11577] CPU: 1 UID: 0 PID: 11577 Comm: syz.4.1133 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  437.608138][T11577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  437.618186][T11577] Call Trace:
[  437.621457][T11577]  <TASK>
[  437.624381][T11577]  dump_stack_lvl+0x241/0x360
[  437.629067][T11577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.634275][T11577]  ? __pfx__printk+0x10/0x10
[  437.638860][T11577]  ? _printk+0xd5/0x120
[  437.643019][T11577]  ? vscnprintf+0x5d/0x90
[  437.647344][T11577]  panic+0x349/0x860
[  437.651240][T11577]  ? __warn+0x172/0x4e0
[  437.655390][T11577]  ? __pfx_panic+0x10/0x10
[  437.659800][T11577]  ? show_trace_log_lvl+0x4e6/0x520
[  437.665012][T11577]  __warn+0x346/0x4e0
[  437.668986][T11577]  ? kcov_remote_start+0x542/0x7d0
[  437.674100][T11577]  report_bug+0x2b3/0x500
[  437.678425][T11577]  ? kcov_remote_start+0x542/0x7d0
[  437.683536][T11577]  handle_bug+0x3e/0x70
[  437.687686][T11577]  exc_invalid_op+0x1a/0x50
[  437.692635][T11577]  asm_exc_invalid_op+0x1a/0x20
[  437.697493][T11577] RIP: 0010:kcov_remote_start+0x542/0x7d0
[  437.703221][T11577] Code: 4c 89 ff be 03 00 00 00 e8 cb 55 1e 03 e9 04 fb ff ff e8 51 40 25 0a 41 f7 c6 00 02 00 00 0f 84 f2 fa ff ff e9 7f fc ff ff 90 <0f> 0b 90 e8 76 5d 25 0a 89 c0 48 c7 c7 c8 d4 02 00 48 03 3c c5 40
[  437.722834][T11577] RSP: 0018:ffffc90004cc6bf0 EFLAGS: 00010002
[  437.728911][T11577] RAX: 0000000080000200 RBX: ffff888022128000 RCX: 0000000000000002
[  437.736877][T11577] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c608500
[  437.744874][T11577] RBP: 0000000000000000 R08: ffffffff937408af R09: 1ffffffff26e8115
[  437.752844][T11577] R10: dffffc0000000000 R11: fffffbfff26e8116 R12: ffffffff819395d7
[  437.760811][T11577] R13: ffff888067eda280 R14: 0000000000000246 R15: ffff8880b932d4c8
[  437.768779][T11577]  ? kcov_remote_start+0x97/0x7d0
[  437.773823][T11577]  ? mark_lock+0x9a/0x350
[  437.778152][T11577]  ieee80211_rx_list+0x799/0x3780
[  437.783177][T11577]  ? __lock_acquire+0x137a/0x2040
[  437.788213][T11577]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  437.793678][T11577]  ? __pfx_lock_acquire+0x10/0x10
[  437.798699][T11577]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  437.804678][T11577]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  437.811007][T11577]  ? ieee80211_rx_napi+0xd6/0x3c0
[  437.816027][T11577]  ieee80211_rx_napi+0x18a/0x3c0
[  437.820963][T11577]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  437.827291][T11577]  ? __local_bh_disable_ip+0x179/0x220
[  437.833012][T11577]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  437.838478][T11577]  ? skb_dequeue+0x113/0x150
[  437.843071][T11577]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  437.849061][T11577]  ? ieee80211_stop_device+0x2a/0xf0
[  437.854352][T11577]  ieee80211_stop_device+0x3f/0xf0
[  437.859461][T11577]  ieee80211_do_stop+0x1917/0x1f40
[  437.864585][T11577]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  437.870052][T11577]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  437.876401][T11577]  ? wiphy_work_cancel+0x1f0/0x3e0
[  437.881600][T11577]  ieee80211_stop+0x436/0x4a0
[  437.886279][T11577]  ? __pfx_ieee80211_stop+0x10/0x10
[  437.891476][T11577]  __dev_close_many+0x219/0x300
[  437.896330][T11577]  ? __pfx___dev_close_many+0x10/0x10
[  437.901700][T11577]  ? nl80211_del_interface+0xa3/0x140
[  437.907071][T11577]  ? __pfx_lock_release+0x10/0x10
[  437.912100][T11577]  dev_close_many+0x24e/0x4c0
[  437.916862][T11577]  ? __mutex_lock+0x2ef/0xd70
[  437.921532][T11577]  ? ref_tracker_alloc+0x332/0x490
[  437.926644][T11577]  ? __pfx_dev_close_many+0x10/0x10
[  437.931850][T11577]  ? __mutex_unlock_slowpath+0x21d/0x750
[  437.937477][T11577]  ? nl80211_pre_doit+0x59f/0x8b0
[  437.942501][T11577]  dev_close+0x1c0/0x2c0
[  437.946743][T11577]  ? __pfx_dev_close+0x10/0x10
[  437.951500][T11577]  ? __nla_parse+0x40/0x60
[  437.955914][T11577]  nl80211_del_interface+0xd5/0x140
[  437.961122][T11577]  genl_rcv_msg+0xb14/0xec0
[  437.965709][T11577]  ? mark_lock+0x9a/0x350
[  437.970051][T11577]  ? __pfx_genl_rcv_msg+0x10/0x10
[  437.975087][T11577]  ? __pfx_lock_acquire+0x10/0x10
[  437.980106][T11577]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  437.985475][T11577]  ? __pfx_nl80211_del_interface+0x10/0x10
[  437.991272][T11577]  ? __pfx_nl80211_post_doit+0x10/0x10
[  437.996724][T11577]  ? __pfx___might_resched+0x10/0x10
[  438.002013][T11577]  netlink_rcv_skb+0x1e3/0x430
[  438.006778][T11577]  ? __pfx_genl_rcv_msg+0x10/0x10
[  438.011892][T11577]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  438.017188][T11577]  ? __netlink_deliver_tap+0x77e/0x7c0
[  438.022656][T11577]  genl_rcv+0x28/0x40
[  438.026631][T11577]  netlink_unicast+0x7f6/0x990
[  438.031399][T11577]  ? __pfx_netlink_unicast+0x10/0x10
[  438.036679][T11577]  ? __virt_addr_valid+0x183/0x530
[  438.041785][T11577]  ? __check_object_size+0x49c/0x900
[  438.047072][T11577]  ? bpf_lsm_netlink_send+0x9/0x10
[  438.052184][T11577]  netlink_sendmsg+0x8e4/0xcb0
[  438.056952][T11577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.062230][T11577]  ? __import_iovec+0x536/0x820
[  438.067071][T11577]  ? aa_sock_msg_perm+0x91/0x160
[  438.072003][T11577]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  438.077281][T11577]  ? security_socket_sendmsg+0x87/0xb0
[  438.082737][T11577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.088052][T11577]  __sock_sendmsg+0x221/0x270
[  438.092731][T11577]  ____sys_sendmsg+0x525/0x7d0
[  438.097497][T11577]  ? __pfx_____sys_sendmsg+0x10/0x10
[  438.102811][T11577]  __sys_sendmsg+0x2b0/0x3a0
[  438.107394][T11577]  ? __pfx___sys_sendmsg+0x10/0x10
[  438.112758][T11577]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  438.118680][T11577]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  438.125090][T11577]  ? do_syscall_64+0x100/0x230
[  438.129851][T11577]  ? do_syscall_64+0xb6/0x230
[  438.134524][T11577]  do_syscall_64+0xf3/0x230
[  438.139016][T11577]  ? clear_bhb_loop+0x35/0x90
[  438.143702][T11577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.149591][T11577] RIP: 0033:0x7f9a51579ef9
[  438.153999][T11577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.173597][T11577] RSP: 002b:00007f9a52411038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  438.182093][T11577] RAX: ffffffffffffffda RBX: 00007f9a51716058 RCX: 00007f9a51579ef9
[  438.190063][T11577] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000006
[  438.198025][T11577] RBP: 00007f9a515e793e R08: 0000000000000000 R09: 0000000000000000
[  438.205987][T11577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  438.213949][T11577] R13: 0000000000000000 R14: 00007f9a51716058 R15: 00007f9a5183fa28
[  438.221930][T11577]  </TASK>
[  438.225176][T11577] Kernel Offset: disabled
[  438.229579][T11577] Rebooting in 86400 seconds..