last executing test programs:

19.228066556s ago: executing program 4 (id=3228):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x57, 0xa, 0x0, "3258c546dacccfae1e008faa00000000f4ff4000"})
prctl$PR_SCHED_CORE(0x3e, 0x4, 0xffffffffffffffff, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000001f00)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000380)='syzkaller\x00'}, 0x90)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newsa={0x180, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in6=@private2, 0x0, 0x6c}, @in=@empty, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_crypt={0x48, 0x2, {{'pcbc(aes)\x00'}}}]}, 0x180}}, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x8, @rand_addr=' \x01\x00', 0xfff}, 0x1c)
listen(r3, 0x80080400)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r4, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10)
getsockopt$inet_int(r4, 0x10d, 0xfa, &(0x7f0000000000), &(0x7f0000000240)=0x4)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000080)={0xa, @vbi={0x3, 0x67b, 0x6, 0x20323159, [0x7, 0x8], [0x6, 0x5]}})
r7 = dup3(r6, r5, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
utimes(&(0x7f0000000280)='./file0\x00', 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001ec0)='f'})
prctl$PR_MCE_KILL(0x43, 0x0, 0x0)

17.484680797s ago: executing program 4 (id=3235):
socket$inet6_tcp(0xa, 0x1, 0x0)
mknod(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRESHEX], 0x82)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c0000000206010100000000270000000000000005000100070000000900020073797a300000000014100300686173683a69702c706f72742c69700005000500020000000500040000000000"], 0x4c}}, 0x0)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

16.114682406s ago: executing program 4 (id=3239):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0xfffbf7f5)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ES={0x5, 0xa, 0x9}, @IFLA_MACSEC_INC_SCI={0x5}]}}}]}, 0x44}}, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f0000000080), &(0x7f00000000c0)=0x8)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x3c, r4, 0x1, 0x0, 0x0, {0x3}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}]}]}, 0x3c}}, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r6, 0xffffffffffffffff, 0x0)

15.850681945s ago: executing program 4 (id=3241):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], 0x0, 0xa, 0x95, &(0x7f0000000180)=""/149}, 0x90)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x25dfdbfd, {0x24}}, 0x14}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(r5, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff80cd0961304b56f2f17b0b82"], 0x84}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)

15.404808826s ago: executing program 4 (id=3242):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
kexec_load(0x0, 0x0, &(0x7f0000000100), 0x0)
socket$netlink(0x10, 0x3, 0x14)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000900), 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x65, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={@cgroup, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, @prog_id}, 0x20)
mkdir(&(0x7f0000004080)='./file1\x00', 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x50}}, 0x0)
rmdir(&(0x7f0000000140)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2040, 0x0)
ioctl$FICLONERANGE(r4, 0x4020940d, &(0x7f0000000340)={{}, 0x0, 0x8000000000000000})
mknodat(r4, &(0x7f0000005080)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8000, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000240)={0x28, 0x0, r6, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
write$usbip_server(r4, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000001a00000400000000000000001c007c000040c80a00000000"], 0x1c}}, 0x0)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r5, 0x3b72, &(0x7f0000002180)=ANY=[@ANYBLOB="1800000000000000004000000000000000000000a7eeab94ca9dacd78612fd0f"])
socket$nl_generic(0x10, 0x3, 0x10)
pivot_root(&(0x7f0000002140)='./file1\x00', &(0x7f0000001140)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

12.497178175s ago: executing program 4 (id=3252):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], 0x0, 0xa, 0x95, &(0x7f0000000180)=""/149}, 0x90)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x25dfdbfd, {0x24}}, 0x14}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(r5, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff80cd0961304b56f2f17b0b82"], 0x84}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)

10.480008762s ago: executing program 0 (id=3257):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000001100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x84880)
fcntl$setstatus(r0, 0x407, 0x0)
syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000080))
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x3c, 0x49, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @nested={0x14, 0x1, 0x0, 0x1, [@generic="0d2a79075827af5aa534d6815c2e93f1"]}, @nested={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x3c}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
r2 = userfaultfd(0x80001)
pipe(0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b5403340861a227536350102f0010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000000)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000214"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c00000010004b0400000000000000", @ANYRES32=r5, @ANYBLOB="00400000000000001c0012800b00010062726964676500000c"], 0x3c}}, 0x0)
syz_open_dev$vbi(&(0x7f0000000200), 0x1, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$video(&(0x7f0000000100), 0x5, 0x1)
ioctl$VIDIOC_QUERYMENU(r6, 0xc02c5625, &(0x7f0000000180)={0x1, 0x0, @value=0x1cb})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='net/ip6_mr_cache\x00')
lseek(r7, 0x67, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af03, &(0x7f00000004c0))
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))

9.954111809s ago: executing program 2 (id=3259):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x8)
mq_open(&(0x7f0000000080)=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001900010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0xb8}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @link_local, @val={@void}, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, 'z?\x00', 0x10, 0x21, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "dba20d", 0x0, "0600"}}}}}}}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r3 = fcntl$dupfd(r1, 0x406, r2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @dev}}]}, 0x30}}, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
pipe2(&(0x7f0000000300), 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r5 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@my=0x0})
syz_io_uring_setup(0x5d0b, &(0x7f0000000200)={0x0, 0x9161, 0x2, 0x3, 0x222}, &(0x7f0000000180), &(0x7f0000000280))
unshare(0x2a020400)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r5, 0x7ab, &(0x7f0000000040)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})
r6 = syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_setup(0x1868, &(0x7f0000000280), &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000100))
syz_io_uring_submit(r8, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r6, 0x184c, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000240), 0x4)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
syz_emit_ethernet(0x26, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000c000000e00002000078de55d1a2d9d18b"], &(0x7f0000000080)={0x1, 0x2, [0x73b, 0x150, 0x275, 0xfb7]})

6.799228373s ago: executing program 2 (id=3265):
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(0x0, 0x22)
r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000380)={"84db8cb4", 0x0, 0x0, 0x0, 0x0, 0x3, "2f3e784b7cc0ab31e7fd3d1fa09814", "aadb641b", '\x00', "f500", ["f56f1a42e3d0ab344d8bc6cc", "22147745eb9df6cf6a880d29", "9ad35c6ed4500f52938453c9", "ac562047f08f7537b6597721"]})
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f63"], 0xd)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180), 0x111, 0x6}}, 0x20)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000780), 0x208e24b)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', &(0x7f0000000000)=@ethtool_dump})
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
lseek(0xffffffffffffffff, 0x4, 0x0)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f0000000340)=""/121, 0x79})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffc, 0xffffffffffffffe1, 0x0, 0x0, 0x10001, 0xfffffffffffff924], 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_emit_vhci(&(0x7f0000000480)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x0, 0x34}, @l2cap_cid_signaling={{0x30}, [@l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0xe, 0x8}}, @l2cap_move_chan_cfm={{0x10, 0x6, 0x4}, {0x52a}}, @l2cap_conn_rsp={{0x3, 0x9, 0x8}, {0x6, 0xb4ea, 0x4, 0x6}}, @l2cap_create_chan_rsp={{0xd, 0xc, 0x8}, {0x2, 0xfffe, 0x8, 0x8}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x5, 0x4}}]}}, 0x39)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="02c800080104010100100c0400050008000d6008000500fcffa70005000300080003000c000000060003a908000000ec67000026070531140003000c00bc000409040000002402000078050100110302000001040251000900ff0304090200150200faff0200040901074201800600040006100002ffff02000000ff7f0000ff07000001020e00"], 0x10d)
socket$inet6(0xa, 0x6, 0x0)
ioctl$TUNGETVNETBE(r2, 0x800454df, &(0x7f00000000c0)=0x1)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r4, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
r5 = socket(0x1, 0x2, 0x0)
syz_io_uring_setup(0x27f3, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x33}})
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
dup2(r6, r6)

5.655407505s ago: executing program 1 (id=3267):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000240)=ANY=[@ANYRES16=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
readv(r3, &(0x7f0000001100)=[{&(0x7f0000000880)=""/1, 0x1}, {0x0, 0x2}], 0x2)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c}, 0x38)
socket$packet(0x11, 0x3, 0x300)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x1480}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x80000, 0x1, 0x10000, 0x203, 0xffffffffffffffff, 0x4256, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11, 0x4, 0x4, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000a40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r4}, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf", @ANYBLOB], 0x398}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wlan1\x00'})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r6, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r7 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000280)={{{@in=@local, @in6=@dev={0xfe, 0x80, '\x00', 0x44}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x536bb728}, {0xffffffffffffffff, 0x1000}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x2a}, 0x0, 0x6c}, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x1f}}, 0xe8)

5.540056832s ago: executing program 1 (id=3268):
r0 = socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r2, @ANYBLOB="0100000000000000240012000c000100627269646765000e14000200080007004a"], 0x44}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x11, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b000100677265746170000014000280080004000104000005000a000100000008000a00", @ANYRES32=r4], 0x4c}}, 0x0)

5.179109096s ago: executing program 0 (id=3269):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)

5.095913909s ago: executing program 3 (id=3270):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0) (fail_nth: 3)

5.013613348s ago: executing program 2 (id=3271):
syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x0)
r0 = syz_io_uring_setup(0x7279, &(0x7f0000000080)={0x0, 0x0, 0x13100}, &(0x7f0000000180), &(0x7f00000001c0))
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, 0x0, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000200), 0x6ff, 0xc0000)
r3 = socket$rds(0x15, 0x5, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000300))
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000280)={0x1})
socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)=0x200000000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_open_dev$I2C(&(0x7f0000001940), 0x0, 0x0)
r5 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0xfffffffffffffff8)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r7, &(0x7f00000016c0)=[{&(0x7f0000000240)=""/137, 0x89}, {0x0}], 0x2)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000340)={'tunl0\x00', &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0, 0x1, 0x10, 0x6, 0x81, {{0x6, 0x4, 0x0, 0x1, 0x18, 0x68, 0x0, 0x1, 0x4, 0x0, @private=0xa010102, @empty, {[@noop]}}}}})
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/image_size', 0x111000, 0x124)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x9, &(0x7f0000000000)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018000000050000000000000027000000"], &(0x7f0000000240)='GPL\x00', 0x3930, 0x6b, &(0x7f00000003c0)=""/107, 0x0, 0x42, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x5, 0x0, 0x1, 0x10}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000004c0)=[r9], &(0x7f0000000500)=[{0x2, 0x1, 0x4}, {0x2, 0x3, 0x10e, 0x7}, {0x3, 0x4, 0xb}, {0x0, 0x2, 0x0, 0xb}, {0x2, 0x2, 0x10, 0x5}], 0x10, 0x5}, 0x90)
write$char_usb(r6, 0x0, 0x0)
syz_usb_disconnect(r5)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

4.995809511s ago: executing program 0 (id=3272):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r1, 0x0, 0x44004)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000010000300"/20, @ANYRES32=0x0, @ANYBLOB="0200000000000000180012800c0001006d6163766c616e000800028004000580"], 0x38}}, 0x0)

4.623782884s ago: executing program 1 (id=3273):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1e)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001780)={0x14, r4, 0x1}, 0x14}}, 0x0)
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xc8, r4, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x64010100}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x4}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xc3}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x10eb}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x20}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x6}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x33}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0xc8}, 0x1, 0x0, 0x0, 0x8}, 0x4010)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$kcm(0x2a, 0x0, 0x0)
r5 = socket(0x840000000002, 0x3, 0x7)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, 0x0, 0x0)

4.602539487s ago: executing program 0 (id=3274):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a0000000000009500000000000000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0x95, &(0x7f0000000180)=""/149}, 0x90)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x25dfdbfd, {0x24}}, 0x14}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(r5, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff80cd0961304b56f2f17b0b82"], 0x84}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fchdir(0xffffffffffffffff)
socket$nl_rdma(0x10, 0x3, 0x14)

4.594133463s ago: executing program 3 (id=3275):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x8)
mq_open(&(0x7f0000000080)=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001900010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0xb8}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @link_local, @val={@void}, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, 'z?\x00', 0x10, 0x21, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "dba20d", 0x0, "0600"}}}}}}}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r3 = fcntl$dupfd(r1, 0x406, r2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @dev}}]}, 0x30}}, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
pipe2(&(0x7f0000000300), 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r5 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@my=0x0})
syz_io_uring_setup(0x5d0b, &(0x7f0000000200)={0x0, 0x9161, 0x2, 0x3, 0x222}, &(0x7f0000000180), &(0x7f0000000280))
unshare(0x2a020400)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r5, 0x7ab, &(0x7f0000000040)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})
r6 = syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_setup(0x1868, &(0x7f0000000280), &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000100))
syz_io_uring_submit(r8, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r6, 0x184c, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000240), 0x4)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
syz_emit_ethernet(0x26, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000c000000e00002000078de55d1a2d9d18b"], &(0x7f0000000080)={0x1, 0x2, [0x73b, 0x150, 0x275, 0xfb7]})

4.443933422s ago: executing program 1 (id=3276):
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000340), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
epoll_create(0x47f)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0))
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x0, 0x4})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0xfff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000100)={0x3, 0x0, 0x80000001, 0x7ffffe02, 0xb, 0x1fd, 0x1})
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x20)
openat$audio(0xffffffffffffff9c, 0x0, 0x4c400, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000000100), 0x8)

3.550007828s ago: executing program 1 (id=3277):
socket$inet6_tcp(0xa, 0x1, 0x0)
mknod(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRESHEX], 0x82)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, 0x0, 0x0)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

3.496357059s ago: executing program 0 (id=3278):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
ioctl$TCSETA(0xffffffffffffffff, 0x802c542a, 0xffffffffffffffff) (async)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) (async)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}], 0x30}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000000f14010029bd700000000000080045006d6164000800030001000000080004"], 0x28}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_io_uring_setup(0x7eff, &(0x7f00000002c0), 0x0, 0x0) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000090a010400000000000000000000000008000a40000000000900010073797a30000000000900020073797a32000000000800054000000033080003400000001408000c4000000000080008"], 0x7c}}, 0x0) (async)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
socket(0x0, 0x0, 0x6)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0) (async)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f00000005c0)=[{0x0}, {0x0}, {&(0x7f0000000400)=""/41, 0x29}, {0x0}], 0x4, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}, {{&(0x7f00000006c0), 0x80, 0x0, 0x0, &(0x7f0000000880)=""/24, 0x18}}], 0x2, 0xcb, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
syz_usb_connect$hid(0x0, 0x0, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x5, 0x0, 0x1, [{0x60, &(0x7f0000000300)=@string={0x60, 0x3, "ac4a6420e2017d519023e8b80840575ea056a1791ccef20df4cfc007a7c019b99ff8c7357e674d9b6175a6e74df0b0eab28dc87fe4c73a6c27157915f1308cf2fbc20b8ed95cd9473f021c8dae4f9b6dad587e34b99f54afae170a6ef996"}}]})
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) (async)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r7=>0xffffffffffffffff}) (async)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
splice(r8, 0x0, r7, 0x0, 0x8, 0x0) (async, rerun: 32)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x9506, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5a8}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) (rerun: 32)

3.016133603s ago: executing program 0 (id=3279):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000001100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x84880)
fcntl$setstatus(r0, 0x407, 0x0)
syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000080))
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x3c, 0x49, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @nested={0x14, 0x1, 0x0, 0x1, [@generic="0d2a79075827af5aa534d6815c2e93f1"]}, @nested={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x3c}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
r2 = userfaultfd(0x80001)
pipe(0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b5403340861a227536350102f0010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000000)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000214"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c00000010004b0400000000000000", @ANYRES32=r5, @ANYBLOB="00400000000000001c0012800b00010062726964676500000c00028005"], 0x3c}}, 0x0)
syz_open_dev$vbi(&(0x7f0000000200), 0x1, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$video(&(0x7f0000000100), 0x5, 0x1)
ioctl$VIDIOC_QUERYMENU(r6, 0xc02c5625, &(0x7f0000000180)={0x1, 0x0, @value=0x1cb})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='net/ip6_mr_cache\x00')
lseek(r7, 0x67, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af03, &(0x7f00000004c0))
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))

2.942474969s ago: executing program 2 (id=3280):
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000500)={'wlan1\x00'})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
clock_gettime(0x0, &(0x7f00000002c0)={<r2=>0x0, <r3=>0x0})
futex(&(0x7f00000001c0)=0x2, 0x3, 0x2, &(0x7f0000000300)={r2, r3+60000000}, &(0x7f0000000340)=0x2, 0x8)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x1)
socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0x2a, 0x0, 0x0, 0x1}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000001200)={0x1d, r8, 0x0, {}, 0xfe}, 0x18)
connect$can_j1939(r7, &(0x7f0000000080)={0x1d, r8, 0x0, {0x2, 0x1}, 0xfe}, 0x18)
writev(r7, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000300)={'vxcan0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x62}}, 0x0)

2.610783189s ago: executing program 1 (id=3281):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
r0 = socket(0x2, 0x3, 0x9)
socket$inet6(0xa, 0x1, 0x7ff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1700000000000000000000000700000001441c0003ac1414aa00000000ac1e000100200000ffffffff00000000000000"], 0x30}}], 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x4, 0x800, 0xd1c, 0x1000, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x1}, 0x48)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
capget(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpgid(0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r4 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000002800)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58341d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a44c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e957ebf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c8d5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3b1d11f9f6eb08e6d7b6fa2573afe8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c08c9434a4ac8cc8c794e3120edf8ddf71c8cd11207d3905913e9388a8fe155ce0c0767c5250b6bbba02269ea6e57c8297b481d60663c7678f684e7a1a62a4b9d8c8cf21c636e3b41063c149ac327ad080ef8ed3dfe263fab924571c6d65b382a33d249c94c388c7a66c78176288d0c4bad8e5d32f717bdc26a7a6d70782cee5de39d3f6a3dfc3f268a51b0f5246c210b037a65f75eaefe41709184ce862353991d81d3ad79945f797234162e4737df9a098a34e4df6d8e45fae417a9a25e9b6950a0304fe2dd3fab49f0db13c027914206c1be2d47c812d72d0ea20e86b342b4a3ba7223272edb908ad58ac5d0043983ea70b98c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
write$binfmt_misc(r4, &(0x7f0000000740)=ANY=[], 0xff67)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$addseals(r4, 0x409, 0x8)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)

1.806000742s ago: executing program 2 (id=3282):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="3c75c2015e8724b5a4c586f2ae924b277f0443ec773eab27570e28988217c9b0", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000940)="758a016f03006fc0e2c950d6087c5b75ba83f244c7d0c518961437f1c302aff0af75", 0x22}], 0x1}, 0x0)
recvmmsg(r1, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000000)=""/24, 0x10}, {&(0x7f0000000800)=""/103, 0x11}], 0x2}}], 0x1, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x5a4, 0x8003, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, &(0x7f0000000500)={0x0, 0x0, 0x41, &(0x7f0000000200)={0x5, 0xf, 0x41, 0x1, [@generic={0x3c, 0x10, 0xa, "750bb1aed92b4e0191017e0dff205103d217b345e13b749b596a9aad5095f43998b9b7f6e654c0042217a67cce1e1b5b045fa81e415e1f153a"}]}})

1.444141943s ago: executing program 3 (id=3283):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$packet(0x11, 0x0, 0x300)
syz_clone3(&(0x7f00000005c0)={0x3c947200, 0x0, 0x0, &(0x7f00000003c0), {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$uinput_user_dev(r4, &(0x7f0000001100)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x15)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = dup(r5)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r7=>r2}, './file0\x00'})
fcntl$dupfd(r7, 0x0, r1)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000200000000000000000a64000000060a010400000000000000000200000038000480340001800c0001007061796c6f6164002400028008000440000000000800014000000013080003400000000008000240000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x8c}}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_setup(0x3c97, &(0x7f0000000400)={0x0, 0x79a9, 0x4, 0x0, 0x6d, 0x0, r6}, &(0x7f0000000480), &(0x7f00000004c0))
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f00000007c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x610, 0x420, 0x338, 0xf8, 0x420, 0x0, 0x540, 0x540, 0x540, 0x540, 0x540, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {}, 0xf3dd}}}, {{@ipv6={@mcast1, @remote, [], [], '\x00', 'dummy0\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @local, @empty}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x670)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="141000001000010000000000010000000000000a14000000110001009f666fe9e87354407e0000000000000a"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0xc004000)
r9 = socket(0x10, 0x2, 0x0)
sendto$inet6(r9, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006050a0000000d0085a168d0bf46d32345653600648d27000b000a00070849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e21800003b6ed538f6523250", 0x78, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r9, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x8c, 0x0, 0x8, 0x201, 0x0, 0x0, {0x1212291a8baaf914}, [@CTA_TIMEOUT_DATA={0x3c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0x581}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x1ff}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x400}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0x10}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_DCCP_TIMEWAIT={0x8}, @CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0x8}]}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_TIME_WAIT={0x8, 0x7, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8, 0x2, 0x1, 0x0, 0x5a}, @CTA_TIMEOUT_TCP_TIME_WAIT={0x8, 0x7, 0x1, 0x0, 0x77d8000}, @CTA_TIMEOUT_TCP_SYN_SENT={0x8, 0x1, 0x1, 0x0, 0x5}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x200}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x815}]}, 0x8c}, 0x1, 0x0, 0x0, 0x80}, 0x5dc486e125fa39ea)

1.199670578s ago: executing program 3 (id=3284):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000010000300"/20, @ANYRES32=0x0, @ANYBLOB="0200000000000000180012800c0001006d6163766c616e000800028004000580"], 0x38}}, 0x0)

1.018452117s ago: executing program 3 (id=3285):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f00000056c0)=[{&(0x7f0000000280)="5b4ea50f20d7", 0x6}], 0x1}}], 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000400)=[@timestamp, @mss={0x2, 0xd}], 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000180), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000002e80), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r1, 0x29, 0x37, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000001e4eba4ac09d7f500e1738296734833ba098732a5c1c869f1496ed59fdc940f9644acdde94ba5d1bd5c1c62d304586227a49a8a32333a56d26211964c5c617367ae416bc439cf0e8f691ab687f96070d52b059e4ab8132d7112f246ddd23f15c443768b33174b2309a429b61ca"], 0x8)
listen(r1, 0x100101)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYRESHEX=0x0], 0x0, 0x2e, 0x0, 0x0, 0x1000}, 0x20)
socket$netlink(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000003c0)={0x1, &(0x7f0000000380)=[{0x4, 0xf9, 0x9, 0xd}]})
socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000340)=@assoc_value, &(0x7f0000000200)=0xfffffffffffffc62)
ppoll(&(0x7f00000001c0)=[{}], 0x1, 0x0, 0x0, 0x0)

226.990237ms ago: executing program 2 (id=3286):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)="625262f88ae2ae639de37e741f9985d0009f7ac8a2819dd32b9f9d62b5886e3e94b344bc0d0b58317a7d6c1db5a71bbe888d3b6d92ef7f9ee1219f683103e1dbd06315666424b05316a99a017ad673995de4dfdb357ce633eecf0f82394f19", 0x5f, r0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, 0x0, 0x2, &(0x7f0000000380)=""/4096)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
times(0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000580)=ANY=[@ANYBLOB="500000000802110000010802110000000802110000000000000000000000000064000100ff"], 0x2b)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r8 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = syz_io_uring_setup(0x7279, &(0x7f0000000080)={0x0, 0x0, 0x13100}, &(0x7f0000000180)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
write$binfmt_script(r1, &(0x7f00000013c0)={'#! ', './file0', [{0x20, '\x00'}], 0xa, "2e9ed4ff6ad09a192b4d353a843e6c2d80ce21ea7a7b7341562e3f4fbfb8241a992aff4b482bf5e93899ff3771691f9e07ec7d6c791038b96e2defb74058c4dee5c2ac8e503f1954ad0bf59a08642cc6c44f19944f548fe4091cb54fbc8b4f9c05e819f166380bcdfe70beee9c6f29cacb05844110ab0808a870"}, 0x87)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r9, 0x2def, 0x0, 0x0, 0x0, 0x0)
signalfd(r8, &(0x7f0000002340), 0x8)
syz_emit_ethernet(0x7c, &(0x7f0000000680)=ANY=[@ANYBLOB="853fa9aba937ad61bc9b98fb86dd60381f3400462f00fc000000000000000000000000000000ff02000000000000000000000000000104208100c45f00000000080000000000"], 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x280803)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, 0x0}, 0x0)

0s ago: executing program 3 (id=3287):
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000340), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
epoll_create(0x47f)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0))
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0xfff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000100)={0x3, 0x0, 0x80000001, 0x7ffffe02, 0xb, 0x1fd, 0x1})
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x20)
openat$audio(0xffffffffffffff9c, 0x0, 0x4c400, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000000100), 0x8)

kernel console output (not intermixed with test programs):

ed USB device number 78 using dummy_hcd
[  774.328452][T17478] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2943'.
[  774.382616][  T932] usb 2-1: USB disconnect, device number 94
[  774.414715][ T5151] usb 1-1: Using ep0 maxpacket: 8
[  774.435262][ T5151] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  774.460224][ T5151] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  774.482589][ T5151] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.518912][ T5151] usb 1-1: config 0 descriptor??
[  774.546537][ T5151] gspca_main: vc032x-2.14.0 probing 046d:0892
[  774.955075][T17468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  774.985510][T17468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  775.007618][T17504] ptrace attach of "./syz-executor exec"[11854] was attempted by "./syz-executor exec"[17504]
[  775.023159][T17503] fuse: Unknown parameter '017777777777777777777770x0000000000000009'
[  775.148675][T17509] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2953'.
[  775.342552][T17513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  775.373688][T17513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  775.399728][ T5151] gspca_vc032x: reg_r err -32
[  775.410412][ T5151] vc032x 1-1:0.0: probe with driver vc032x failed with error -32
[  775.728101][T17516] binder: 17515:17516 ioctl c0306201 20000580 returned -14
[  776.076248][T17526] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2959'.
[  776.101914][T17526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2959'.
[  776.211125][ T5151] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[  776.232076][T17532] FAULT_INJECTION: forcing a failure.
[  776.232076][T17532] name failslab, interval 1, probability 0, space 0, times 0
[  776.245028][T17532] CPU: 1 PID: 17532 Comm: syz.3.2962 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  776.255237][T17532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  776.265337][T17532] Call Trace:
[  776.268651][T17532]  <TASK>
[  776.271655][T17532]  dump_stack_lvl+0x241/0x360
[  776.276376][T17532]  ? __pfx_dump_stack_lvl+0x10/0x10
[  776.281625][T17532]  ? __pfx__printk+0x10/0x10
[  776.286368][T17532]  should_fail_ex+0x3b0/0x4e0
[  776.291105][T17532]  ? __alloc_skb+0x1c3/0x440
[  776.295743][T17532]  should_failslab+0x9/0x20
[  776.300296][T17532]  kmem_cache_alloc_node_noprof+0x71/0x320
[  776.306347][T17532]  __alloc_skb+0x1c3/0x440
[  776.310821][T17532]  ? __pfx___alloc_skb+0x10/0x10
[  776.315912][T17532]  ? netlink_ack_tlv_len+0x6e/0x200
[  776.321242][T17532]  netlink_ack+0x13f/0xa30
[  776.321770][T17536] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2964'.
[  776.325674][T17532]  ? __pfx_lock_acquire+0x10/0x10
[  776.325716][T17532]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  776.344987][T17532]  ? __pfx_nl80211_post_doit+0x10/0x10
[  776.350498][T17532]  netlink_rcv_skb+0x262/0x430
[  776.355291][T17532]  ? __pfx_genl_rcv_msg+0x10/0x10
[  776.360359][T17532]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  776.365725][T17532]  ? __netlink_deliver_tap+0x77e/0x7c0
[  776.371255][T17532]  genl_rcv+0x28/0x40
[  776.375277][T17532]  netlink_unicast+0x7ea/0x980
[  776.380097][T17532]  ? __pfx_netlink_unicast+0x10/0x10
[  776.385606][T17532]  ? __virt_addr_valid+0x183/0x530
[  776.390771][T17532]  ? __check_object_size+0x49c/0x900
[  776.396117][T17532]  ? bpf_lsm_netlink_send+0x9/0x10
[  776.401368][T17532]  netlink_sendmsg+0x8db/0xcb0
[  776.406199][T17532]  ? __pfx_netlink_sendmsg+0x10/0x10
[  776.411535][T17532]  ? __import_iovec+0x536/0x820
[  776.416427][T17532]  ? aa_sock_msg_perm+0x91/0x160
[  776.421419][T17532]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  776.426752][T17532]  ? security_socket_sendmsg+0x87/0xb0
[  776.432269][T17532]  ? __pfx_netlink_sendmsg+0x10/0x10
[  776.437693][T17532]  __sock_sendmsg+0x221/0x270
[  776.442419][T17532]  ____sys_sendmsg+0x525/0x7d0
[  776.447246][T17532]  ? __pfx_____sys_sendmsg+0x10/0x10
[  776.451548][ T5151] usb 5-1: Using ep0 maxpacket: 16
[  776.452571][T17532]  __sys_sendmsg+0x2b0/0x3a0
[  776.462291][T17532]  ? __pfx___sys_sendmsg+0x10/0x10
[  776.467530][T17532]  ? vfs_write+0x7c4/0xc90
[  776.469430][ T5151] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  776.472011][T17532]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  776.489227][T17532]  ? do_syscall_64+0x100/0x230
[  776.494044][T17532]  ? do_syscall_64+0xb6/0x230
[  776.498782][T17532]  do_syscall_64+0xf3/0x230
[  776.503335][T17532]  ? clear_bhb_loop+0x35/0x90
[  776.508055][T17532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.513739][ T5151] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  776.513974][T17532] RIP: 0033:0x7f71ddf75bd9
[  776.514002][T17532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.514022][T17532] RSP: 002b:00007f71dee30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  776.514050][T17532] RAX: ffffffffffffffda RBX: 00007f71de103f60 RCX: 00007f71ddf75bd9
[  776.514068][T17532] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[  776.514084][T17532] RBP: 00007f71dee300a0 R08: 0000000000000000 R09: 0000000000000000
[  776.514101][T17532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.514117][T17532] R13: 000000000000000b R14: 00007f71de103f60 R15: 00007f71de22fa78
[  776.514154][T17532]  </TASK>
[  776.636679][ T5151] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  776.650264][ T5151] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.663740][ T5151] usb 5-1: config 0 descriptor??
[  776.740218][T17545] fuse: Unknown parameter '017777777777777777777770x0000000000000009'
[  776.784758][T17543] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  776.805889][T17543] kvm: pic: level sensitive irq not supported
[  776.806255][T17543] kvm: pic: non byte read
[  776.946778][T17548] ptrace attach of "./syz-executor exec"[16825] was attempted by "./syz-executor exec"[17548]
[  776.999420][  T929] usb 1-1: USB disconnect, device number 78
[  777.094693][T17518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  777.110850][T17518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  777.139482][ T5151] hid (null): bogus close delimiter
[  777.154785][ T5151] hid (null): invalid report_count 58028
[  777.161513][ T5151] hid (null): unknown global tag 0xd
[  777.184793][ T5151] hid-generic 0003:0158:0100.004C: unknown main item tag 0x0
[  777.201541][ T5151] hid-generic 0003:0158:0100.004C: unknown main item tag 0x0
[  777.215989][ T5151] hid-generic 0003:0158:0100.004C: bogus close delimiter
[  777.233308][ T5151] hid-generic 0003:0158:0100.004C: item 0 0 2 10 parsing failed
[  777.250641][T17555] netlink: 'syz.1.2970': attribute type 3 has an invalid length.
[  777.256675][ T5151] hid-generic 0003:0158:0100.004C: probe with driver hid-generic failed with error -22
[  777.605952][T17562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2972'.
[  777.640308][T17564] FAULT_INJECTION: forcing a failure.
[  777.640308][T17564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  777.686094][T17564] CPU: 1 PID: 17564 Comm: syz.3.2973 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  777.688614][T17562] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2972'.
[  777.696294][T17564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  777.696350][T17564] Call Trace:
[  777.696362][T17564]  <TASK>
[  777.696374][T17564]  dump_stack_lvl+0x241/0x360
[  777.696418][T17564]  ? __pfx_dump_stack_lvl+0x10/0x10
[  777.731538][T17564]  ? __pfx__printk+0x10/0x10
[  777.736194][T17564]  ? snprintf+0xda/0x120
[  777.740574][T17564]  should_fail_ex+0x3b0/0x4e0
[  777.745314][T17564]  _copy_to_user+0x2f/0xb0
[  777.749778][T17564]  simple_read_from_buffer+0xca/0x150
[  777.755210][T17564]  proc_fail_nth_read+0x1e9/0x250
[  777.760283][T17564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  777.765893][T17564]  ? rw_verify_area+0x520/0x6b0
[  777.770794][T17564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  777.776388][T17564]  vfs_read+0x204/0xbc0
[  777.780590][T17564]  ? __pfx_lock_release+0x10/0x10
[  777.785665][T17564]  ? __pfx_vfs_read+0x10/0x10
[  777.790394][T17564]  ? __fget_files+0x29/0x470
[  777.795046][T17564]  ? __fget_files+0x3f6/0x470
[  777.799786][T17564]  ksys_read+0x1a0/0x2c0
[  777.804172][T17564]  ? __pfx_ksys_read+0x10/0x10
[  777.808993][T17564]  ? do_syscall_64+0x100/0x230
[  777.813854][T17564]  ? do_syscall_64+0xb6/0x230
[  777.818657][T17564]  do_syscall_64+0xf3/0x230
[  777.823225][T17564]  ? clear_bhb_loop+0x35/0x90
[  777.827959][T17564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.833915][T17564] RIP: 0033:0x7f71ddf746bc
[  777.838375][T17564] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  777.858035][T17564] RSP: 002b:00007f71dee30040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  777.866518][T17564] RAX: ffffffffffffffda RBX: 00007f71de103f60 RCX: 00007f71ddf746bc
[  777.874567][T17564] RDX: 000000000000000f RSI: 00007f71dee300b0 RDI: 0000000000000004
[  777.882586][T17564] RBP: 00007f71dee300a0 R08: 0000000000000000 R09: 0000000000000000
[  777.890608][T17564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  777.898628][T17564] R13: 000000000000000b R14: 00007f71de103f60 R15: 00007f71de22fa78
[  777.906667][T17564]  </TASK>
[  778.395294][T17578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2976'.
[  778.641192][   T45] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  778.695645][T17592] FAULT_INJECTION: forcing a failure.
[  778.695645][T17592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  778.701494][ T5152] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  778.709846][T17592] CPU: 0 PID: 17592 Comm: syz.1.2984 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  778.726496][T17592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  778.736594][T17592] Call Trace:
[  778.739913][T17592]  <TASK>
[  778.742898][T17592]  dump_stack_lvl+0x241/0x360
[  778.747622][T17592]  ? __pfx_dump_stack_lvl+0x10/0x10
[  778.752864][T17592]  ? __pfx__printk+0x10/0x10
[  778.757502][T17592]  ? __pfx_lock_release+0x10/0x10
[  778.762575][T17592]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  778.768598][T17592]  should_fail_ex+0x3b0/0x4e0
[  778.773336][T17592]  _copy_from_user+0x2f/0xe0
[  778.778009][T17592]  copy_msghdr_from_user+0xae/0x680
[  778.780340][T17594] FAULT_INJECTION: forcing a failure.
[  778.780340][T17594] name failslab, interval 1, probability 0, space 0, times 0
[  778.783236][T17592]  ? exc_page_fault+0x590/0x8c0
[  778.783280][T17592]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  778.783335][T17592]  __sys_sendmmsg+0x374/0x740
[  778.783377][T17592]  ? __pfx___sys_sendmmsg+0x10/0x10
[  778.783459][T17592]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  778.783489][T17592]  ? ksys_write+0x23e/0x2c0
[  778.783522][T17592]  ? __pfx_lock_release+0x10/0x10
[  778.783553][T17592]  ? vfs_write+0x7c4/0xc90
[  778.783586][T17592]  ? __mutex_unlock_slowpath+0x21d/0x750
[  778.838355][   T45] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  778.842598][T17592]  ? __pfx_vfs_write+0x10/0x10
[  778.842661][T17592]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  778.842693][T17592]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  778.842722][T17592]  ? do_syscall_64+0x100/0x230
[  778.842761][T17592]  __x64_sys_sendmmsg+0xa0/0xb0
[  778.842795][T17592]  do_syscall_64+0xf3/0x230
[  778.870731][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.873803][T17592]  ? clear_bhb_loop+0x35/0x90
[  778.873839][T17592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.873876][T17592] RIP: 0033:0x7ff806575bd9
[  778.873898][T17592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.873919][T17592] RSP: 002b:00007ff807418048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  778.873946][T17592] RAX: ffffffffffffffda RBX: 00007ff806703f60 RCX: 00007ff806575bd9
[  778.873965][T17592] RDX: 0000000000000213 RSI: 0000000020001dc0 RDI: 0000000000000003
[  778.873981][T17592] RBP: 00007ff8074180a0 R08: 0000000000000000 R09: 0000000000000000
[  778.873998][T17592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  778.874013][T17592] R13: 000000000000000b R14: 00007ff806703f60 R15: 00007ff80682fa78
[  778.874047][T17592]  </TASK>
[  778.899949][T17594] CPU: 0 PID: 17594 Comm: syz.0.2985 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  778.917175][   T45] usb 4-1: config 0 descriptor??
[  778.926387][T17594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  778.926409][T17594] Call Trace:
[  778.926420][T17594]  <TASK>
[  778.926432][T17594]  dump_stack_lvl+0x241/0x360
[  778.926475][T17594]  ? __pfx_dump_stack_lvl+0x10/0x10
[  778.926517][T17594]  ? __pfx__printk+0x10/0x10
[  778.926553][T17594]  ? __pfx___might_resched+0x10/0x10
[  778.935090][ T5152] usb 3-1: Using ep0 maxpacket: 8
[  778.942929][T17594]  should_fail_ex+0x3b0/0x4e0
[  778.942976][T17594]  ? ep_insert+0x4ce/0x1ac0
[  778.953595][ T5152] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  778.958901][T17594]  should_failslab+0x9/0x20
[  778.958943][T17594]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  778.978258][   T45] gspca_main: abcd:cdee too many config
[  778.988078][T17594]  ep_insert+0x4ce/0x1ac0
[  778.988138][T17594]  ? __pfx_ep_insert+0x10/0x10
[  778.988173][T17594]  ? do_epoll_ctl+0x43e/0xf70
[  778.988207][T17594]  ? __pfx___mutex_lock+0x10/0x10
[  778.993827][ T5152] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  779.003200][T17594]  ? __fget_files+0x29/0x470
[  779.003255][T17594]  do_epoll_ctl+0x8d2/0xf70
[  779.003311][T17594]  ? do_epoll_ctl+0x821/0xf70
[  779.003350][T17594]  __x64_sys_epoll_ctl+0x161/0x1a0
[  779.010368][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.014265][T17594]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  779.014308][T17594]  ? do_syscall_64+0x100/0x230
[  779.014346][T17594]  ? do_syscall_64+0xb6/0x230
[  779.014382][T17594]  do_syscall_64+0xf3/0x230
[  779.014416][T17594]  ? clear_bhb_loop+0x35/0x90
[  779.014443][T17594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.014477][T17594] RIP: 0033:0x7f73c6b75bd9
[  779.046335][ T5152] usb 3-1: config 0 descriptor??
[  779.053907][T17594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.053938][T17594] RSP: 002b:00007f73c78b0048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  779.053968][T17594] RAX: ffffffffffffffda RBX: 00007f73c6d03f60 RCX: 00007f73c6b75bd9
[  779.053987][T17594] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  779.054002][T17594] RBP: 00007f73c78b00a0 R08: 0000000000000000 R09: 0000000000000000
[  779.054018][T17594] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  779.054034][T17594] R13: 000000000000000b R14: 00007f73c6d03f60 R15: 00007f73c6e2fa78
[  779.054078][T17594]  </TASK>
[  779.078102][ T5152] gspca_main: vc032x-2.14.0 probing 046d:0892
[  779.241430][ T5151] usb 5-1: USB disconnect, device number 118
[  779.307556][   T25] usb 4-1: USB disconnect, device number 76
[  779.324979][T17596] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2986'.
[  779.545080][T17580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  779.562142][T17580] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  779.831161][ T5151] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[  779.966899][T17617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  780.016884][T17617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  780.060876][ T5152] gspca_vc032x: reg_r err -32
[  780.062120][ T5151] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  780.066077][ T5152] vc032x 3-1:0.0: probe with driver vc032x failed with error -32
[  780.089632][ T5151] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  780.112151][ T5151] usb 5-1: Product: syz
[  780.121343][ T5151] usb 5-1: Manufacturer: syz
[  780.131561][ T5151] usb 5-1: SerialNumber: syz
[  780.157313][ T5151] usb 5-1: config 0 descriptor??
[  780.183784][ T5151] ch341 5-1:0.0: ch341-uart converter detected
[  780.404015][T17626] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  780.422449][ T5151] usb 5-1: failed to receive control message: -32
[  780.426088][T17626] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  780.442010][ T5151] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  780.808884][T17640] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2988'.
[  781.169071][T17647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2999'.
[  781.197900][T17647] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2999'.
[  781.363767][T17656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  781.386846][T17656] xt_TCPMSS: Only works on TCP SYN packets
[  781.590081][ T5151] usb 3-1: USB disconnect, device number 85
[  781.740581][T17660] netlink: 'syz.2.3003': attribute type 1 has an invalid length.
[  781.794791][T17660] 8021q: adding VLAN 0 to HW filter on device bond1
[  782.027350][T17666] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3005'.
[  782.093834][T17673] FAULT_INJECTION: forcing a failure.
[  782.093834][T17673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  782.119812][T17673] CPU: 0 PID: 17673 Comm: syz.0.3008 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  782.130034][T17673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  782.140132][T17673] Call Trace:
[  782.143456][T17673]  <TASK>
[  782.146414][T17673]  dump_stack_lvl+0x241/0x360
[  782.151146][T17673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.156395][T17673]  ? __pfx__printk+0x10/0x10
[  782.161032][T17673]  ? snprintf+0xda/0x120
[  782.165311][T17673]  should_fail_ex+0x3b0/0x4e0
[  782.170037][T17673]  _copy_to_user+0x2f/0xb0
[  782.174497][T17673]  simple_read_from_buffer+0xca/0x150
[  782.179927][T17673]  proc_fail_nth_read+0x1e9/0x250
[  782.184995][T17673]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  782.190665][T17673]  ? rw_verify_area+0x520/0x6b0
[  782.195630][T17673]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  782.201193][T17673]  vfs_read+0x204/0xbc0
[  782.205444][T17673]  ? __pfx_lock_release+0x10/0x10
[  782.210476][T17673]  ? __pfx_vfs_read+0x10/0x10
[  782.215256][T17673]  ? __fget_files+0x29/0x470
[  782.219857][T17673]  ? __fget_files+0x3f6/0x470
[  782.224724][T17673]  ksys_read+0x1a0/0x2c0
[  782.228980][T17673]  ? __pfx_ksys_read+0x10/0x10
[  782.233759][T17673]  ? do_syscall_64+0x100/0x230
[  782.238543][T17673]  ? do_syscall_64+0xb6/0x230
[  782.243239][T17673]  do_syscall_64+0xf3/0x230
[  782.247784][T17673]  ? clear_bhb_loop+0x35/0x90
[  782.252482][T17673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.258426][T17673] RIP: 0033:0x7f73c6b746bc
[  782.262898][T17673] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  782.282518][T17673] RSP: 002b:00007f73c78b0040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  782.290948][T17673] RAX: ffffffffffffffda RBX: 00007f73c6d03f60 RCX: 00007f73c6b746bc
[  782.298935][T17673] RDX: 000000000000000f RSI: 00007f73c78b00b0 RDI: 0000000000000005
[  782.306917][T17673] RBP: 00007f73c78b00a0 R08: 0000000000000000 R09: 0000000000000000
[  782.314898][T17673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  782.322881][T17673] R13: 000000000000000b R14: 00007f73c6d03f60 R15: 00007f73c6e2fa78
[  782.330873][T17673]  </TASK>
[  782.446882][ T5152] usb 5-1: USB disconnect, device number 119
[  782.455488][ T5152] ch341 5-1:0.0: device disconnected
[  782.897246][T17703] FAULT_INJECTION: forcing a failure.
[  782.897246][T17703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  782.916376][T17703] CPU: 1 PID: 17703 Comm: syz.3.3016 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  782.926586][T17703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  782.936670][T17703] Call Trace:
[  782.939981][T17703]  <TASK>
[  782.942967][T17703]  dump_stack_lvl+0x241/0x360
[  782.947687][T17703]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.952916][T17703]  ? __pfx__printk+0x10/0x10
[  782.957562][T17703]  ? __pfx_lock_release+0x10/0x10
[  782.962638][T17703]  should_fail_ex+0x3b0/0x4e0
[  782.967366][T17703]  _copy_from_user+0x2f/0xe0
[  782.972000][T17703]  copy_msghdr_from_user+0xae/0x680
[  782.977261][T17703]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  782.980539][T17705] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  782.983112][T17703]  __sys_sendmsg+0x23d/0x3a0
[  782.983155][T17703]  ? __pfx___sys_sendmsg+0x10/0x10
[  782.995349][T17705] xt_TCPMSS: Only works on TCP SYN packets
[  782.997449][T17703]  ? vfs_write+0x7c4/0xc90
[  782.997529][T17703]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  783.011826][T17705] random: crng reseeded on system resumption
[  783.012811][T17703]  ? do_syscall_64+0x100/0x230
[  783.012857][T17703]  ? do_syscall_64+0xb6/0x230
[  783.034637][T17703]  do_syscall_64+0xf3/0x230
[  783.034686][T17703]  ? clear_bhb_loop+0x35/0x90
[  783.043976][T17703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.044019][T17703] RIP: 0033:0x7f71ddf75bd9
[  783.044041][T17703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.044061][T17703] RSP: 002b:00007f71dee30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  783.044087][T17703] RAX: ffffffffffffffda RBX: 00007f71de103f60 RCX: 00007f71ddf75bd9
[  783.044106][T17703] RDX: 0000000000000000 RSI: 0000000020001040 RDI: 0000000000000003
[  783.054388][T17703] RBP: 00007f71dee300a0 R08: 0000000000000000 R09: 0000000000000000
[  783.054411][T17703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.054427][T17703] R13: 000000000000000b R14: 00007f71de103f60 R15: 00007f71de22fa78
[  783.122431][T17703]  </TASK>
[  783.290777][T17710] netlink: 'syz.3.3018': attribute type 1 has an invalid length.
[  783.385842][T17710] 8021q: adding VLAN 0 to HW filter on device bond1
[  783.471627][T17717] bond1: (slave ip6gretap1): making interface the new active one
[  783.490346][T17717] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  783.566106][T17721] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3021'.
[  783.591139][T17692] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3014'.
[  783.608244][T17692] geneve2: entered promiscuous mode
[  783.657185][T17724] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3022'.
[  783.666567][T17724] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3022'.
[  783.778849][T17725] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3022'.
[  784.286924][T17744] FAULT_INJECTION: forcing a failure.
[  784.286924][T17744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.310063][T17744] CPU: 1 PID: 17744 Comm: syz.1.3029 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  784.320310][T17744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  784.330469][T17744] Call Trace:
[  784.333773][T17744]  <TASK>
[  784.336706][T17744]  dump_stack_lvl+0x241/0x360
[  784.341406][T17744]  ? __pfx_dump_stack_lvl+0x10/0x10
[  784.346650][T17744]  ? __pfx__printk+0x10/0x10
[  784.351281][T17744]  ? dev_ifsioc+0xaec/0xe70
[  784.355835][T17744]  should_fail_ex+0x3b0/0x4e0
[  784.360587][T17744]  _copy_to_user+0x2f/0xb0
[  784.365034][T17744]  put_user_ifreq+0xe8/0x130
[  784.369658][T17744]  sock_ioctl+0x84d/0x8e0
[  784.374015][T17744]  ? __pfx_sock_ioctl+0x10/0x10
[  784.378892][T17744]  ? __fget_files+0x3f6/0x470
[  784.383952][T17744]  ? __fget_files+0x29/0x470
[  784.388567][T17744]  ? bpf_lsm_file_ioctl+0x9/0x10
[  784.393537][T17744]  ? security_file_ioctl+0x87/0xb0
[  784.398680][T17744]  ? __pfx_sock_ioctl+0x10/0x10
[  784.401513][ T5151] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[  784.403634][T17744]  __se_sys_ioctl+0xfc/0x170
[  784.403674][T17744]  do_syscall_64+0xf3/0x230
[  784.420429][T17744]  ? clear_bhb_loop+0x35/0x90
[  784.425132][T17744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.431102][T17744] RIP: 0033:0x7ff806575bd9
[  784.435540][T17744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.455336][T17744] RSP: 002b:00007ff807418048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  784.463776][T17744] RAX: ffffffffffffffda RBX: 00007ff806703f60 RCX: 00007ff806575bd9
[  784.471798][T17744] RDX: 0000000020000300 RSI: 00000000000089f3 RDI: 0000000000000003
[  784.479812][T17744] RBP: 00007ff8074180a0 R08: 0000000000000000 R09: 0000000000000000
[  784.487790][T17744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.495786][T17744] R13: 000000000000000b R14: 00007ff806703f60 R15: 00007ff80682fa78
[  784.503877][T17744]  </TASK>
[  784.635180][ T5151] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  784.648172][ T5151] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  784.661252][   T25] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  784.673310][ T5151] usb 5-1: Product: syz
[  784.677537][ T5151] usb 5-1: Manufacturer: syz
[  784.683126][ T5151] usb 5-1: SerialNumber: syz
[  784.692553][ T5151] usb 5-1: config 0 descriptor??
[  784.708566][ T5151] ch341 5-1:0.0: ch341-uart converter detected
[  784.850142][   T25] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  784.895643][   T25] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  784.910311][ T5151] usb 5-1: failed to receive control message: -32
[  784.928114][ T5151] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  784.929544][   T25] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  784.951496][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.005350][T17742] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  785.243485][   T45] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  785.292731][T17760] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3024'.
[  785.415906][T17764] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3035'.
[  785.441086][   T45] usb 3-1: Using ep0 maxpacket: 16
[  785.452927][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  785.464348][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  785.474636][   T45] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  785.490263][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.516836][   T45] usb 3-1: config 0 descriptor??
[  785.600592][T17766] netlink: 'syz.3.3036': attribute type 1 has an invalid length.
[  785.655075][T17766] 8021q: adding VLAN 0 to HW filter on device bond2
[  785.678390][T17769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  785.696174][T17769] xt_TCPMSS: Only works on TCP SYN packets
[  785.718553][T17769] random: crng reseeded on system resumption
[  786.038786][T17756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  786.052284][T17756] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  786.076772][   T45] hid (null): bogus close delimiter
[  786.084783][   T45] hid (null): invalid report_count 58028
[  786.090862][   T45] hid (null): unknown global tag 0xd
[  786.104791][   T45] hid-generic 0003:0158:0100.004D: unknown main item tag 0x0
[  786.114097][   T45] hid-generic 0003:0158:0100.004D: unknown main item tag 0x0
[  786.121771][   T45] hid-generic 0003:0158:0100.004D: bogus close delimiter
[  786.129244][   T45] hid-generic 0003:0158:0100.004D: item 0 0 2 10 parsing failed
[  786.137998][   T45] hid-generic 0003:0158:0100.004D: probe with driver hid-generic failed with error -22
[  786.294687][T17756] __nla_validate_parse: 1 callbacks suppressed
[  786.294711][T17756] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3033'.
[  786.998769][   T45] usb 3-1: USB disconnect, device number 86
[  787.020223][  T932] usb 5-1: USB disconnect, device number 120
[  787.042109][  T932] ch341 5-1:0.0: device disconnected
[  787.057017][T17791] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3043'.
[  787.140330][T17791] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  787.308340][ T5152] usb 1-1: USB disconnect, device number 79
[  787.343484][T17803] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3046'.
[  787.479064][T17803] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3046'.
[  787.483871][T17806] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3047'.
[  787.510816][T17806] fuse: Bad value for 'fd'
[  787.672209][T17814] netlink: 'syz.3.3048': attribute type 1 has an invalid length.
[  787.718461][T17814] 8021q: adding VLAN 0 to HW filter on device bond3
[  787.731566][  T932] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  787.941531][  T932] usb 3-1: Using ep0 maxpacket: 8
[  787.953818][  T932] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  787.971886][  T932] usb 3-1: config 0 has no interface number 0
[  787.978136][  T932] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  788.009270][T17826] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  788.019683][  T932] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  788.032184][T17826] xt_TCPMSS: Only works on TCP SYN packets
[  788.037179][  T932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.053171][T17826] random: crng reseeded on system resumption
[  788.062396][  T932] usb 3-1: config 0 descriptor??
[  788.085037][  T932] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  788.261552][ T5101] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  788.275639][ T5101] Bluetooth: hci4: Injecting HCI hardware error event
[  788.285213][T10720] Bluetooth: hci4: hardware error 0x00
[  788.419318][T17833] tipc: Resetting bearer <eth:bridge0>
[  788.439371][T17833] bridge0: port 2(bridge_slave_1) entered disabled state
[  788.447245][T17833] bridge0: port 1(bridge_slave_0) entered disabled state
[  788.497027][T17833] bridge_slave_1: left allmulticast mode
[  788.508107][T17833] bridge_slave_1: left promiscuous mode
[  788.516706][T17833] bridge0: port 2(bridge_slave_1) entered disabled state
[  788.537237][T17833] bridge_slave_0: left allmulticast mode
[  788.551172][T17833] bridge_slave_0: left promiscuous mode
[  788.557257][T17833] bridge0: port 1(bridge_slave_0) entered disabled state
[  788.604460][T17833] tipc: Disabling bearer <eth:bridge0>
[  788.691153][ T5152] usb 5-1: new low-speed USB device number 121 using dummy_hcd
[  788.862347][ T5152] usb 5-1: device descriptor read/64, error -71
[  789.088212][T17847] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3056'.
[  789.101549][   T25] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  789.131323][ T5152] usb 5-1: new low-speed USB device number 122 using dummy_hcd
[  789.220614][ T5151] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  789.281241][ T5152] usb 5-1: device descriptor read/64, error -71
[  789.308182][   T25] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  789.318695][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  789.327042][   T25] usb 1-1: Product: syz
[  789.334631][   T25] usb 1-1: Manufacturer: syz
[  789.339575][   T25] usb 1-1: SerialNumber: syz
[  789.354380][   T25] usb 1-1: config 0 descriptor??
[  789.364428][   T25] ch341 1-1:0.0: ch341-uart converter detected
[  789.391345][ T5151] usb 4-1: device descriptor read/64, error -71
[  789.402679][ T5152] usb usb5-port1: attempt power cycle
[  789.481159][   T45] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[  789.564747][   T25] usb 1-1: failed to receive control message: -32
[  789.571749][   T25] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  789.663588][   T45] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  789.676189][   T45] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  789.686621][   T45] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  789.691186][ T5151] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  789.697232][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.727549][T17850] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  789.821379][ T5152] usb 5-1: new low-speed USB device number 123 using dummy_hcd
[  789.882446][ T5151] usb 4-1: device descriptor read/64, error -71
[  789.892421][ T5152] usb 5-1: device descriptor read/8, error -71
[  789.957711][T17851] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3054'.
[  790.037581][ T5151] usb usb4-port1: attempt power cycle
[  790.171670][ T5152] usb 5-1: new low-speed USB device number 124 using dummy_hcd
[  790.254713][   T45] usb 3-1: USB disconnect, device number 87
[  790.268734][ T5152] usb 5-1: device descriptor read/8, error -71
[  790.277561][   T45] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected
[  790.401651][ T5152] usb usb5-port1: unable to enumerate USB device
[  790.411523][T10720] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  790.481771][ T5151] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[  790.532131][ T5151] usb 4-1: device descriptor read/8, error -71
[  790.813527][ T5151] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[  790.851862][ T5151] usb 4-1: device descriptor read/8, error -71
[  790.993714][ T5151] usb usb4-port1: unable to enumerate USB device
[  791.731468][T17871] netlink: 'syz.2.3063': attribute type 1 has an invalid length.
[  791.816675][ T5151] usb 1-1: USB disconnect, device number 80
[  791.863046][ T5151] ch341 1-1:0.0: device disconnected
[  791.895113][T17871] 8021q: adding VLAN 0 to HW filter on device bond2
[  792.062179][T17873] bond2: (slave ip6gretap1): making interface the new active one
[  792.130913][T17873] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  792.151192][T17878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  792.180936][T17878] xt_TCPMSS: Only works on TCP SYN packets
[  792.290457][T17880] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3064'.
[  792.306114][T17878] random: crng reseeded on system resumption
[  792.351838][  T929] usb 2-1: USB disconnect, device number 95
[  792.388823][T17876] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3064'.
[  792.528353][T17885] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3066'.
[  792.618817][T17885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3066'.
[  792.824225][T17889] netlink: 'syz.2.3069': attribute type 1 has an invalid length.
[  793.301148][   T25] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[  793.461831][ T5152] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[  793.491977][   T25] usb 5-1: Using ep0 maxpacket: 8
[  793.506163][   T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  793.515903][   T25] usb 5-1: config 0 has no interface number 0
[  793.522400][   T25] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  793.546043][   T25] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  793.560431][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.570178][T17914] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3076'.
[  793.595765][   T25] usb 5-1: config 0 descriptor??
[  793.644736][   T25] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  793.667829][ T5152] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  793.706732][ T5152] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  793.754019][ T5152] usb 4-1: Product: syz
[  793.778299][ T5152] usb 4-1: Manufacturer: syz
[  793.789418][ T5152] usb 4-1: SerialNumber: syz
[  793.803134][ T5152] usb 4-1: config 0 descriptor??
[  793.823741][ T5152] ch341 4-1:0.0: ch341-uart converter detected
[  794.016408][  T932] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  794.029662][ T5152] usb 4-1: failed to receive control message: -32
[  794.039185][ T5152] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  794.085449][T17920] netlink: 'syz.1.3079': attribute type 1 has an invalid length.
[  794.178302][T17920] 8021q: adding VLAN 0 to HW filter on device bond6
[  794.257071][  T932] usb 1-1: config 0 interface 0 has no altsetting 0
[  794.276205][  T932] usb 1-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f
[  794.297142][  T932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  794.319211][  T932] usb 1-1: config 0 descriptor??
[  794.338269][  T932] usb 1-1: selecting invalid altsetting 0
[  794.403424][T17924] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3075'.
[  794.552612][   T25] usb 1-1: USB disconnect, device number 81
[  794.915658][T17931] FAULT_INJECTION: forcing a failure.
[  794.915658][T17931] name failslab, interval 1, probability 0, space 0, times 0
[  794.929721][T17931] CPU: 0 PID: 17931 Comm: syz.1.3081 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  794.939931][T17931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  794.950022][T17931] Call Trace:
[  794.953337][T17931]  <TASK>
[  794.956296][T17931]  dump_stack_lvl+0x241/0x360
[  794.961029][T17931]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.966287][T17931]  ? __pfx__printk+0x10/0x10
[  794.970945][T17931]  ? netlink_insert+0x10b7/0x14b0
[  794.976024][T17931]  should_fail_ex+0x3b0/0x4e0
[  794.980753][T17931]  ? __alloc_skb+0x1c3/0x440
[  794.985377][T17931]  should_failslab+0x9/0x20
[  794.989904][T17931]  kmem_cache_alloc_node_noprof+0x71/0x320
[  794.995745][T17931]  __alloc_skb+0x1c3/0x440
[  795.000279][T17931]  ? __pfx___alloc_skb+0x10/0x10
[  795.005262][T17931]  ? netlink_autobind+0xd6/0x2f0
[  795.010236][T17931]  ? netlink_autobind+0x2b0/0x2f0
[  795.015339][T17931]  netlink_sendmsg+0x631/0xcb0
[  795.020176][T17931]  ? __pfx_netlink_sendmsg+0x10/0x10
[  795.025537][T17931]  ? __import_iovec+0x536/0x820
[  795.030435][T17931]  ? aa_sock_msg_perm+0x91/0x160
[  795.035509][T17931]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  795.040806][T17931]  ? security_socket_sendmsg+0x87/0xb0
[  795.046309][T17931]  ? __pfx_netlink_sendmsg+0x10/0x10
[  795.051735][T17931]  __sock_sendmsg+0x221/0x270
[  795.056475][T17931]  ____sys_sendmsg+0x525/0x7d0
[  795.061273][T17931]  ? __pfx_____sys_sendmsg+0x10/0x10
[  795.066797][T17931]  __sys_sendmsg+0x2b0/0x3a0
[  795.071436][T17931]  ? __pfx___sys_sendmsg+0x10/0x10
[  795.076583][T17931]  ? vfs_write+0x7c4/0xc90
[  795.081081][T17931]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  795.087436][T17931]  ? do_syscall_64+0x100/0x230
[  795.092235][T17931]  ? do_syscall_64+0xb6/0x230
[  795.096945][T17931]  do_syscall_64+0xf3/0x230
[  795.101488][T17931]  ? clear_bhb_loop+0x35/0x90
[  795.106195][T17931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.112105][T17931] RIP: 0033:0x7ff806575bd9
[  795.116524][T17931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.136162][T17931] RSP: 002b:00007ff8073f4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  795.144605][T17931] RAX: ffffffffffffffda RBX: 00007ff806704038 RCX: 00007ff806575bd9
[  795.152618][T17931] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000006
[  795.160596][T17931] RBP: 00007ff8073f40a0 R08: 0000000000000000 R09: 0000000000000000
[  795.168594][T17931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.176672][T17931] R13: 000000000000006e R14: 00007ff806704038 R15: 00007ff80682fa78
[  795.184700][T17931]  </TASK>
[  795.263719][T17935] netlink: 'syz.0.3082': attribute type 1 has an invalid length.
[  795.578877][T17947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3087'.
[  795.582468][T17943] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  795.601217][T17947] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3087'.
[  795.622991][T17943] xt_TCPMSS: Only works on TCP SYN packets
[  795.635054][T17943] random: crng reseeded on system resumption
[  795.711333][   T25] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[  795.831644][ T5152] usb 5-1: USB disconnect, device number 125
[  795.858523][ T5152] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected
[  795.904894][   T25] usb 1-1: Using ep0 maxpacket: 8
[  795.912974][   T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  795.932032][   T25] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  795.947512][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  795.973843][   T25] usb 1-1: config 0 descriptor??
[  795.982562][   T25] gspca_main: vc032x-2.14.0 probing 046d:0892
[  796.198869][  T929] usb 4-1: USB disconnect, device number 81
[  796.221360][  T929] ch341 4-1:0.0: device disconnected
[  796.389135][T17939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  796.401764][T17939] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  796.559002][T17962] netlink: 'syz.1.3090': attribute type 1 has an invalid length.
[  796.665729][T17962] 8021q: adding VLAN 0 to HW filter on device bond7
[  796.743588][T17967] random: crng reseeded on system resumption
[  796.951375][   T25] gspca_vc032x: reg_r err -110
[  796.957600][   T25] vc032x 1-1:0.0: probe with driver vc032x failed with error -110
[  797.457320][T17974] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3092'.
[  797.491887][T17939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  797.500606][T17939] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  797.502570][T17973] netlink: 'syz.1.3093': attribute type 1 has an invalid length.
[  797.727915][T17978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3094'.
[  798.702343][T10552] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  798.789813][T17994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  798.800847][T17994] xt_TCPMSS: Only works on TCP SYN packets
[  798.816979][T17994] random: crng reseeded on system resumption
[  798.825542][  T929] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  798.917389][T10552] usb 3-1: Using ep0 maxpacket: 8
[  798.941588][T10552] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  798.966439][T10552] usb 3-1: config 0 has no interface number 0
[  798.991311][T10552] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  799.023658][T10552] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  799.038201][T10552] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.052657][  T932] usb 1-1: USB disconnect, device number 82
[  799.075079][  T929] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  799.095615][T10552] usb 3-1: config 0 descriptor??
[  799.105394][  T929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  799.124261][T17998] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3102'.
[  799.133925][T10552] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  799.152779][  T929] usb 4-1: Product: syz
[  799.161746][  T929] usb 4-1: Manufacturer: syz
[  799.166406][  T929] usb 4-1: SerialNumber: syz
[  799.167001][T17998] netlink: 'syz.1.3102': attribute type 21 has an invalid length.
[  799.202970][  T929] usb 4-1: config 0 descriptor??
[  799.226710][  T929] ch341 4-1:0.0: ch341-uart converter detected
[  799.414750][  T929] usb 4-1: failed to receive control message: -32
[  799.422936][  T929] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  799.610026][T18006] random: crng reseeded on system resumption
[  799.785612][T18007] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3099'.
[  799.918498][T18011] netlink: 'syz.0.3106': attribute type 1 has an invalid length.
[  800.042955][   T29] audit: type=1326 audit(1720721235.629:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18018 comm="syz.0.3109" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f73c6b75bd9 code=0x0
[  800.204920][T10720] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  800.423763][T18033] random: crng reseeded on system resumption
[  800.800078][T18038] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  800.812181][T18038] xt_TCPMSS: Only works on TCP SYN packets
[  800.823284][T18038] random: crng reseeded on system resumption
[  800.981385][  T932] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[  801.062677][T18044] netlink: 'syz.0.3119': attribute type 1 has an invalid length.
[  801.145800][   T25] usb 3-1: USB disconnect, device number 88
[  801.161449][   T25] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected
[  801.203938][  T932] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  801.241117][  T932] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  801.250930][  T932] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  801.289929][  T932] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  801.323514][  T932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.352986][T18050] FAULT_INJECTION: forcing a failure.
[  801.352986][T18050] name failslab, interval 1, probability 0, space 0, times 0
[  801.374788][T18050] CPU: 1 PID: 18050 Comm: syz.2.3121 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  801.385023][T18050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  801.395145][T18050] Call Trace:
[  801.398463][T18050]  <TASK>
[  801.401431][T18050]  dump_stack_lvl+0x241/0x360
[  801.406165][T18050]  ? __pfx_dump_stack_lvl+0x10/0x10
[  801.411516][T18050]  ? __pfx__printk+0x10/0x10
[  801.415559][  T932] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -12
[  801.416141][T18050]  ? __pfx___might_resched+0x10/0x10
[  801.430482][T18050]  should_fail_ex+0x3b0/0x4e0
[  801.435220][T18050]  ? ieee80211_assign_beacon+0xa8a/0x1d00
[  801.440984][T18050]  should_failslab+0x9/0x20
[  801.445539][T18050]  __kmalloc_noprof+0xd8/0x400
[  801.450367][T18050]  ieee80211_assign_beacon+0xa8a/0x1d00
[  801.455959][T18050]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  801.462042][T18050]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  801.468453][T18050]  ieee80211_start_ap+0x1ad7/0x2c70
[  801.473746][T18050]  ? __pfx_ieee80211_start_ap+0x10/0x10
[  801.479337][T18050]  ? nl80211_calculate_ap_params+0xd3d/0x1160
[  801.485558][T18050]  ? _cfg80211_chandef_usable+0xc3b/0x14e0
[  801.491460][T18050]  ? __pfx_nl80211_calculate_ap_params+0x10/0x10
[  801.497855][T18050]  rdev_start_ap+0x10b/0x290
[  801.502508][T18050]  nl80211_start_ap+0x1ccd/0x22e0
[  801.507604][T18050]  genl_rcv_msg+0xb14/0xec0
[  801.510817][T16535] udevd[16535]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  801.512129][T18050]  ? mark_lock+0x9a/0x350
[  801.512173][T18050]  ? __pfx_genl_rcv_msg+0x10/0x10
[  801.512236][T18050]  ? __pfx_lock_acquire+0x10/0x10
[  801.542602][T18050]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  801.548111][T18050]  ? __pfx_nl80211_start_ap+0x10/0x10
[  801.553535][T18050]  ? __pfx_nl80211_post_doit+0x10/0x10
[  801.559047][T18050]  ? __pfx___might_resched+0x10/0x10
[  801.564390][T18050]  netlink_rcv_skb+0x1e3/0x430
[  801.569210][T18050]  ? __pfx_genl_rcv_msg+0x10/0x10
[  801.574277][T18050]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  801.579623][T18050]  ? __netlink_deliver_tap+0x77e/0x7c0
[  801.585154][T18050]  genl_rcv+0x28/0x40
[  801.589167][T18050]  netlink_unicast+0x7ea/0x980
[  801.593952][T18050]  ? __pfx_netlink_unicast+0x10/0x10
[  801.599258][T18050]  ? __virt_addr_valid+0x183/0x530
[  801.604389][T18050]  ? __check_object_size+0x49c/0x900
[  801.609694][T18050]  ? bpf_lsm_netlink_send+0x9/0x10
[  801.614838][T18050]  netlink_sendmsg+0x8db/0xcb0
[  801.619620][T18050]  ? __pfx_netlink_sendmsg+0x10/0x10
[  801.624920][T18050]  ? __import_iovec+0x536/0x820
[  801.629775][T18050]  ? aa_sock_msg_perm+0x91/0x160
[  801.634741][T18050]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  801.640029][T18050]  ? security_socket_sendmsg+0x87/0xb0
[  801.645491][T18050]  ? __pfx_netlink_sendmsg+0x10/0x10
[  801.650781][T18050]  __sock_sendmsg+0x221/0x270
[  801.655480][T18050]  ____sys_sendmsg+0x525/0x7d0
[  801.660305][T18050]  ? __pfx_____sys_sendmsg+0x10/0x10
[  801.665627][T18050]  __sys_sendmsg+0x2b0/0x3a0
[  801.670236][T18050]  ? __pfx___sys_sendmsg+0x10/0x10
[  801.675368][T18050]  ? vfs_write+0x7c4/0xc90
[  801.679843][T18050]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  801.686177][T18050]  ? do_syscall_64+0x100/0x230
[  801.690965][T18050]  ? do_syscall_64+0xb6/0x230
[  801.695686][T18050]  do_syscall_64+0xf3/0x230
[  801.700202][T18050]  ? clear_bhb_loop+0x35/0x90
[  801.704897][T18050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.710827][T18050] RIP: 0033:0x7f81b4775bd9
[  801.715244][T18050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  801.734857][T18050] RSP: 002b:00007f81b554a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  801.743276][T18050] RAX: ffffffffffffffda RBX: 00007f81b4903f60 RCX: 00007f81b4775bd9
[  801.751250][T18050] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  801.759226][T18050] RBP: 00007f81b554a0a0 R08: 0000000000000000 R09: 0000000000000000
[  801.767203][T18050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  801.775180][T18050] R13: 000000000000000b R14: 00007f81b4903f60 R15: 00007f81b4a2fa78
[  801.783177][T18050]  </TASK>
[  801.786342][    C1] vkms_vblank_simulate: vblank timer overrun
[  801.825445][ T5146] usb 4-1: USB disconnect, device number 82
[  801.870319][ T5146] ch341 4-1:0.0: device disconnected
[  802.059444][   T25] usb 2-1: USB disconnect, device number 96
[  802.239827][T18070] random: crng reseeded on system resumption
[  802.564074][T18082] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3130'.
[  802.951317][   T25] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  803.009607][T18093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  803.024139][T18093] xt_TCPMSS: Only works on TCP SYN packets
[  803.038830][T18093] random: crng reseeded on system resumption
[  803.131220][   T25] usb 3-1: Using ep0 maxpacket: 8
[  803.141265][ T5152] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[  803.156555][   T25] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  803.167965][   T25] usb 3-1: config 0 has no interface number 0
[  803.174901][   T25] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  803.186697][   T25] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  803.196403][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  803.208268][   T25] usb 3-1: config 0 descriptor??
[  803.224466][   T25] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  803.353931][ T5152] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  803.368376][ T5152] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  803.377268][ T5152] usb 2-1: Product: syz
[  803.387172][ T5152] usb 2-1: Manufacturer: syz
[  803.395060][ T5152] usb 2-1: SerialNumber: syz
[  803.411649][ T5152] usb 2-1: config 0 descriptor??
[  803.436625][ T5152] ch341 2-1:0.0: ch341-uart converter detected
[  803.588709][T18103] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3140'.
[  803.617291][T18103] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  803.629509][T18103] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[  803.641871][T18103] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3140'.
[  803.652437][ T5152] usb 2-1: failed to receive control message: -32
[  803.658977][ T5152] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  803.681098][  T932] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  803.893930][  T932] usb 1-1: config 1 has an invalid descriptor of length 219, skipping remainder of the config
[  803.915600][  T932] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[  803.929266][  T932] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  803.952178][  T932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  803.960759][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  803.973540][  T932] usb 1-1: Product: syz
[  803.977849][  T932] usb 1-1: Manufacturer: syz
[  803.982968][  T932] usb 1-1: SerialNumber: syz
[  804.030834][T18116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3135'.
[  804.146423][T18118] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3146'.
[  805.319333][T18131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3149'.
[  805.431314][   T25] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  805.484227][ T5152] usb 3-1: USB disconnect, device number 89
[  805.517447][ T5152] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected
[  805.631172][   T25] usb 4-1: Using ep0 maxpacket: 16
[  805.654610][   T25] usb 4-1: config 0 has no interfaces?
[  805.694765][   T25] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  805.705464][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.715551][   T25] usb 4-1: Product: syz
[  805.720548][   T25] usb 4-1: Manufacturer: syz
[  805.732457][   T25] usb 4-1: SerialNumber: syz
[  805.746695][   T25] usb 4-1: config 0 descriptor??
[  805.882078][   T25] usb 2-1: USB disconnect, device number 97
[  805.918630][   T25] ch341 2-1:0.0: device disconnected
[  806.173662][T18128] xt_addrtype: ipv6 does not support BROADCAST matching
[  806.220404][  T929] usb 4-1: USB disconnect, device number 83
[  806.414647][  T932] usb 1-1: USB disconnect, device number 83
[  806.593982][T18143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  806.627158][T18143] xt_TCPMSS: Only works on TCP SYN packets
[  806.668903][T18143] random: crng reseeded on system resumption
[  806.841247][   T25] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  807.061573][   T25] usb 4-1: Using ep0 maxpacket: 32
[  807.084283][   T25] usb 4-1: unable to get BOS descriptor or descriptor too short
[  807.114183][   T25] usb 4-1: config 1 has an invalid descriptor of length 51, skipping remainder of the config
[  807.146964][   T25] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  807.179316][   T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  807.190237][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  807.207250][   T25] usb 4-1: SerialNumber: syz
[  807.220719][   T25] cdc_ether 4-1:1.0: skipping garbage
[  807.230584][   T25] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  807.425267][T18165] xt_cgroup: invalid path, errno=-2
[  807.450169][T10552] usb 4-1: USB disconnect, device number 84
[  807.531291][  T932] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[  807.741160][  T932] usb 2-1: Using ep0 maxpacket: 16
[  807.752554][  T932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  807.770009][  T932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  807.786451][  T932] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  807.797858][  T932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.809521][  T932] usb 2-1: config 0 descriptor??
[  807.932415][ T5146] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  808.084483][T18178] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3163'.
[  808.101167][T10552] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  808.131206][ T5146] usb 1-1: Using ep0 maxpacket: 8
[  808.139164][ T5146] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  808.151567][ T5146] usb 1-1: config 0 has no interface number 0
[  808.173026][ T5146] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  808.197734][ T5146] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  808.222756][ T5146] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.240195][T18158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  808.263291][T18158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  808.273389][ T5146] usb 1-1: config 0 descriptor??
[  808.294757][  T932] hid (null): bogus close delimiter
[  808.301230][ T5146] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  808.318926][  T932] hid (null): invalid report_count 58028
[  808.331503][  T932] hid (null): unknown global tag 0xd
[  808.337343][T10552] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  808.358416][  T932] hid-generic 0003:0158:0100.004E: unknown main item tag 0x0
[  808.368622][T10552] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  808.382825][  T932] hid-generic 0003:0158:0100.004E: unknown main item tag 0x0
[  808.390760][T10552] usb 3-1: Product: syz
[  808.404824][T10552] usb 3-1: Manufacturer: syz
[  808.415798][  T932] hid-generic 0003:0158:0100.004E: bogus close delimiter
[  808.423787][T10552] usb 3-1: SerialNumber: syz
[  808.437777][  T932] hid-generic 0003:0158:0100.004E: item 0 0 2 10 parsing failed
[  808.447698][T10552] usb 3-1: config 0 descriptor??
[  808.464917][  T932] hid-generic 0003:0158:0100.004E: probe with driver hid-generic failed with error -22
[  808.475719][T10552] ch341 3-1:0.0: ch341-uart converter detected
[  808.526702][T18158] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3157'.
[  808.672366][T10552] usb 3-1: failed to receive control message: -32
[  808.680165][T10552] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  809.037346][T18186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3161'.
[  809.055121][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  809.062432][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  809.228276][T10552] usb 2-1: USB disconnect, device number 98
[  809.319568][T18193] FAULT_INJECTION: forcing a failure.
[  809.319568][T18193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  809.333563][T18193] CPU: 0 PID: 18193 Comm: syz.1.3167 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  809.343782][T18193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  809.353854][T18193] Call Trace:
[  809.357141][T18193]  <TASK>
[  809.360089][T18193]  dump_stack_lvl+0x241/0x360
[  809.364807][T18193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  809.370024][T18193]  ? __pfx__printk+0x10/0x10
[  809.374660][T18193]  ? snprintf+0xda/0x120
[  809.378917][T18193]  should_fail_ex+0x3b0/0x4e0
[  809.383619][T18193]  _copy_to_user+0x2f/0xb0
[  809.388603][T18193]  simple_read_from_buffer+0xca/0x150
[  809.393996][T18193]  proc_fail_nth_read+0x1e9/0x250
[  809.399034][T18193]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  809.404598][T18193]  ? rw_verify_area+0x520/0x6b0
[  809.409548][T18193]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  809.415111][T18193]  vfs_read+0x204/0xbc0
[  809.419287][T18193]  ? __pfx_lock_release+0x10/0x10
[  809.424354][T18193]  ? __pfx_vfs_read+0x10/0x10
[  809.429048][T18193]  ? __fget_files+0x29/0x470
[  809.433652][T18193]  ? __fget_files+0x3f6/0x470
[  809.438353][T18193]  ksys_read+0x1a0/0x2c0
[  809.442614][T18193]  ? __pfx_ksys_read+0x10/0x10
[  809.447395][T18193]  ? do_syscall_64+0x100/0x230
[  809.452184][T18193]  ? do_syscall_64+0xb6/0x230
[  809.456879][T18193]  do_syscall_64+0xf3/0x230
[  809.461403][T18193]  ? clear_bhb_loop+0x35/0x90
[  809.466092][T18193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.472003][T18193] RIP: 0033:0x7ff8065746bc
[  809.476427][T18193] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  809.496481][T18193] RSP: 002b:00007ff807418040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  809.504909][T18193] RAX: ffffffffffffffda RBX: 00007ff806703f60 RCX: 00007ff8065746bc
[  809.512889][T18193] RDX: 000000000000000f RSI: 00007ff8074180b0 RDI: 0000000000000004
[  809.520866][T18193] RBP: 00007ff8074180a0 R08: 0000000000000000 R09: 0000000000000000
[  809.528863][T18193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  809.536843][T18193] R13: 000000000000000b R14: 00007ff806703f60 R15: 00007ff80682fa78
[  809.544840][T18193]  </TASK>
[  809.628532][T18197] FAULT_INJECTION: forcing a failure.
[  809.628532][T18197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  809.642546][T18197] CPU: 1 PID: 18197 Comm: syz.1.3169 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  809.652880][T18197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  809.662970][T18197] Call Trace:
[  809.666284][T18197]  <TASK>
[  809.669237][T18197]  dump_stack_lvl+0x241/0x360
[  809.674021][T18197]  ? __pfx_dump_stack_lvl+0x10/0x10
[  809.679236][T18197]  ? __pfx__printk+0x10/0x10
[  809.683858][T18197]  ? __pfx_lock_release+0x10/0x10
[  809.688935][T18197]  should_fail_ex+0x3b0/0x4e0
[  809.693667][T18197]  _copy_to_user+0x2f/0xb0
[  809.698091][T18197]  sock_do_ioctl+0x382/0x460
[  809.702728][T18197]  ? __pfx_sock_do_ioctl+0x10/0x10
[  809.707885][T18197]  sock_ioctl+0x629/0x8e0
[  809.712226][T18197]  ? __pfx_sock_ioctl+0x10/0x10
[  809.717086][T18197]  ? __fget_files+0x29/0x470
[  809.721691][T18197]  ? __fget_files+0x3f6/0x470
[  809.726373][T18197]  ? __fget_files+0x29/0x470
[  809.730981][T18197]  ? bpf_lsm_file_ioctl+0x9/0x10
[  809.735955][T18197]  ? security_file_ioctl+0x87/0xb0
[  809.741071][T18197]  ? __pfx_sock_ioctl+0x10/0x10
[  809.745932][T18197]  __se_sys_ioctl+0xfc/0x170
[  809.750526][T18197]  do_syscall_64+0xf3/0x230
[  809.755066][T18197]  ? clear_bhb_loop+0x35/0x90
[  809.759757][T18197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.765685][T18197] RIP: 0033:0x7ff806575bd9
[  809.770102][T18197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  809.789747][T18197] RSP: 002b:00007ff807418048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  809.798195][T18197] RAX: ffffffffffffffda RBX: 00007ff806703f60 RCX: 00007ff806575bd9
[  809.806204][T18197] RDX: 0000000020000900 RSI: 0000000000008946 RDI: 0000000000000004
[  809.814697][T18197] RBP: 00007ff8074180a0 R08: 0000000000000000 R09: 0000000000000000
[  809.822687][T18197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  809.830754][T18197] R13: 000000000000000b R14: 00007ff806703f60 R15: 00007ff80682fa78
[  809.838758][T18197]  </TASK>
[  810.111260][T10552] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  810.313456][T10552] usb 4-1: Using ep0 maxpacket: 16
[  810.329630][T10552] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  810.354680][T10552] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  810.386748][T10552] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  810.400660][T10552] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.466790][T10552] usb 4-1: config 0 descriptor??
[  810.488794][T18207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  810.503831][T10552] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  810.523683][T18207] xt_TCPMSS: Only works on TCP SYN packets
[  810.533758][   T25] usb 1-1: USB disconnect, device number 84
[  810.568582][T18207] random: crng reseeded on system resumption
[  810.587155][   T25] iowarrior 1-1:0.1: I/O-Warror #0 now disconnected
[  810.813912][T10552] usb 3-1: USB disconnect, device number 90
[  810.844861][T10552] ch341 3-1:0.0: device disconnected
[  810.846092][T18211] FAULT_INJECTION: forcing a failure.
[  810.846092][T18211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  810.891982][T18211] CPU: 1 PID: 18211 Comm: syz.0.3173 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  810.902225][T18211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  810.912294][T18211] Call Trace:
[  810.915582][T18211]  <TASK>
[  810.918517][T18211]  dump_stack_lvl+0x241/0x360
[  810.923225][T18211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  810.928441][T18211]  ? __pfx__printk+0x10/0x10
[  810.933052][T18211]  ? __pfx_lock_release+0x10/0x10
[  810.938098][T18211]  should_fail_ex+0x3b0/0x4e0
[  810.942788][T18211]  _copy_from_user+0x2f/0xe0
[  810.947383][T18211]  copy_msghdr_from_user+0xae/0x680
[  810.952624][T18211]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  810.958461][T18211]  __sys_sendmsg+0x23d/0x3a0
[  810.963059][T18211]  ? __pfx___sys_sendmsg+0x10/0x10
[  810.968278][T18211]  ? vfs_write+0x7c4/0xc90
[  810.972844][T18211]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  810.979172][T18211]  ? do_syscall_64+0x100/0x230
[  810.984486][T18211]  ? do_syscall_64+0xb6/0x230
[  810.989175][T18211]  do_syscall_64+0xf3/0x230
[  810.993686][T18211]  ? clear_bhb_loop+0x35/0x90
[  810.998362][T18211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.004271][T18211] RIP: 0033:0x7f73c6b75bd9
[  811.008685][T18211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.028291][T18211] RSP: 002b:00007f73c788f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  811.036727][T18211] RAX: ffffffffffffffda RBX: 00007f73c6d04038 RCX: 00007f73c6b75bd9
[  811.044698][T18211] RDX: 0000000000000000 RSI: 00000000200016c0 RDI: 0000000000000007
[  811.052678][T18211] RBP: 00007f73c788f0a0 R08: 0000000000000000 R09: 0000000000000000
[  811.060655][T18211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.068631][T18211] R13: 000000000000006e R14: 00007f73c6d04038 R15: 00007f73c6e2fa78
[  811.076622][T18211]  </TASK>
[  811.338913][T18219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3175'.
[  811.669358][T18214] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3174'.
[  811.687484][T18214] geneve2: entered promiscuous mode
[  811.871079][T10552] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  811.906911][T18225] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3177'.
[  812.090548][T10552] usb 1-1: New USB device found, idVendor=2040, idProduct=4902, bcdDevice=70.a9
[  812.110916][T10552] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.163387][T10552] usb 1-1: Product: syz
[  812.178409][T10552] usb 1-1: Manufacturer: syz
[  812.205393][T10552] usb 1-1: SerialNumber: syz
[  812.257901][T10552] usb 1-1: config 0 descriptor??
[  812.341482][T10552] hdpvr 1-1:0.0: Could not find bulk-in endpoint
[  812.350216][T10552] hdpvr 1-1:0.0: probe with driver hdpvr failed with error -12
[  812.784818][ T5152] usb 4-1: USB disconnect, device number 85
[  812.834546][T18245] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  812.856997][   T25] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[  812.991411][T18250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3186'.
[  813.011335][   T45] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[  813.021095][  T932] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  813.054578][   T25] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  813.064475][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  813.077926][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  813.089071][   T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  813.104275][   T25] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  813.114331][   T25] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  813.124075][   T25] usb 5-1: Product: syz
[  813.128334][   T25] usb 5-1: Manufacturer: syz
[  813.148535][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  813.153971][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  813.165820][   T25] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  813.166427][T10552] usb 1-1: USB disconnect, device number 85
[  813.188896][   T25] cdc_wdm 5-1:1.0: Unknown control protocol
[  813.201143][   T45] usb 2-1: Using ep0 maxpacket: 8
[  813.215497][   T45] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  813.239172][  T932] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  813.240435][   T45] usb 2-1: config 0 has no interface number 0
[  813.279162][  T932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  813.279623][   T45] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  813.297144][  T932] usb 3-1: Product: syz
[  813.310424][   T45] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  813.320179][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  813.322039][  T932] usb 3-1: Manufacturer: syz
[  813.336156][  T932] usb 3-1: SerialNumber: syz
[  813.363839][   T45] usb 2-1: config 0 descriptor??
[  813.396788][  T932] usb 3-1: config 0 descriptor??
[  813.403405][   T45] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  813.423642][  T932] ch341 3-1:0.0: ch341-uart converter detected
[  813.623789][  T932] usb 3-1: failed to receive control message: -32
[  813.647691][  T932] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  813.712406][ T2483] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.849845][    C1] wdm_int_callback: 220 callbacks suppressed
[  813.849872][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  813.851420][  T932] usb 5-1: USB disconnect, device number 126
[  813.855966][    C1] wdm_int_callback: 220 callbacks suppressed
[  813.855987][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  813.880599][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  814.033710][ T2483] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.050065][T18252] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3184'.
[  814.160590][ T2483] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.239747][T18255] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  814.269294][T18255] xt_TCPMSS: Only works on TCP SYN packets
[  814.285890][ T2483] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.302288][T18255] random: crng reseeded on system resumption
[  814.871187][ T5101] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  814.884269][ T5101] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  814.893834][ T5101] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  814.902306][ T5101] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  814.910133][ T5101] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  814.920561][ T5101] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  815.312330][ T2483] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  815.335354][ T2483] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  815.367450][ T2483] bond0 (unregistering): Released all slaves
[  815.442775][T18273] FAULT_INJECTION: forcing a failure.
[  815.442775][T18273] name failslab, interval 1, probability 0, space 0, times 0
[  815.498259][T18273] CPU: 1 PID: 18273 Comm: syz.4.3189 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  815.508487][T18273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  815.518580][T18273] Call Trace:
[  815.521892][T18273]  <TASK>
[  815.524851][T18273]  dump_stack_lvl+0x241/0x360
[  815.529586][T18273]  ? __pfx_dump_stack_lvl+0x10/0x10
[  815.534839][T18273]  ? __pfx__printk+0x10/0x10
[  815.539492][T18273]  ? __pfx___might_resched+0x10/0x10
[  815.544836][T18273]  should_fail_ex+0x3b0/0x4e0
[  815.549563][T18273]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  815.555324][T18273]  should_failslab+0x9/0x20
[  815.559878][T18273]  __kmalloc_noprof+0xd8/0x400
[  815.564696][T18273]  ? kfree+0x4e/0x360
[  815.568738][T18273]  tomoyo_realpath_from_path+0xcf/0x5e0
[  815.574344][T18273]  tomoyo_path_number_perm+0x23a/0x880
[  815.579864][T18273]  ? tomoyo_path_number_perm+0x208/0x880
[  815.585631][T18273]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  815.591704][T18273]  ? __fget_files+0x29/0x470
[  815.596339][T18273]  ? __fget_files+0x3f6/0x470
[  815.601058][T18273]  ? __fget_files+0x29/0x470
[  815.605711][T18273]  security_file_ioctl+0x75/0xb0
[  815.610694][T18273]  __se_sys_ioctl+0x47/0x170
[  815.615331][T18273]  do_syscall_64+0xf3/0x230
[  815.619883][T18273]  ? clear_bhb_loop+0x35/0x90
[  815.624611][T18273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.630559][T18273] RIP: 0033:0x7f65caf75bd9
[  815.635012][T18273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.654661][T18273] RSP: 002b:00007f65cbd97048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  815.663125][T18273] RAX: ffffffffffffffda RBX: 00007f65cb103f60 RCX: 00007f65caf75bd9
[  815.671138][T18273] RDX: 0000000020000000 RSI: 0000000000005393 RDI: 0000000000000005
[  815.679148][T18273] RBP: 00007f65cbd970a0 R08: 0000000000000000 R09: 0000000000000000
[  815.687154][T18273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.695181][T18273] R13: 000000000000000b R14: 00007f65cb103f60 R15: 00007f65cb22fa78
[  815.703214][T18273]  </TASK>
[  815.741092][T18273] ERROR: Out of memory at tomoyo_realpath_from_path.
[  815.761162][  T929] usb 3-1: USB disconnect, device number 91
[  815.783302][  T929] ch341 3-1:0.0: device disconnected
[  815.787505][   T45] usb 2-1: USB disconnect, device number 99
[  815.803365][   T45] iowarrior 2-1:0.1: I/O-Warror #1 now disconnected
[  815.947252][ T2483] tipc: Left network mode
[  815.966874][T18290] input: syz1 as /devices/virtual/input/input52
[  815.992049][T18287] ptrace attach of "./syz-executor exec"[16825] was attempted by "./syz-executor exec"[18287]
[  816.365558][T18263] chnl_net:caif_netlink_parms(): no params data found
[  816.723184][T18299] FAULT_INJECTION: forcing a failure.
[  816.723184][T18299] name failslab, interval 1, probability 0, space 0, times 0
[  816.778484][T18299] CPU: 1 PID: 18299 Comm: syz.3.3195 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  816.788815][T18299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  816.798903][T18299] Call Trace:
[  816.802232][T18299]  <TASK>
[  816.805195][T18299]  dump_stack_lvl+0x241/0x360
[  816.809925][T18299]  ? __pfx_dump_stack_lvl+0x10/0x10
[  816.815269][T18299]  ? __pfx__printk+0x10/0x10
[  816.819920][T18299]  should_fail_ex+0x3b0/0x4e0
[  816.824656][T18299]  ? tcf_block_get_ext+0x144/0x1650
[  816.829906][T18299]  should_failslab+0x9/0x20
[  816.834462][T18299]  kmalloc_trace_noprof+0x6c/0x2c0
[  816.839629][T18299]  tcf_block_get_ext+0x144/0x1650
[  816.844715][T18299]  ? __pfx_cake_change+0x10/0x10
[  816.849706][T18299]  ? __pfx___debug_object_init+0x10/0x10
[  816.855361][T18299]  tcf_block_get+0xf8/0x150
[  816.859895][T18299]  ? __pfx_tcf_block_get+0x10/0x10
[  816.865051][T18299]  ? __pfx_tcf_chain_head_change_dflt+0x10/0x10
[  816.871366][T18299]  ? __hrtimer_init+0x170/0x250
[  816.876249][T18299]  cake_init+0x1e5/0x920
[  816.880565][T18299]  ? qdisc_lookup+0x350/0x6b0
[  816.885263][T18299]  ? __pfx_cake_init+0x10/0x10
[  816.890070][T18299]  qdisc_create+0x9d4/0x11a0
[  816.894717][T18299]  ? __pfx_qdisc_create+0x10/0x10
[  816.899783][T18299]  tc_modify_qdisc+0xa26/0x1e40
[  816.904687][T18299]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  816.910036][T18299]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  816.915357][T18299]  rtnetlink_rcv_msg+0x89b/0x1180
[  816.920440][T18299]  ? rtnetlink_rcv_msg+0x208/0x1180
[  816.925684][T18299]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  816.931191][T18299]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  816.937219][T18299]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  816.943597][T18299]  ? __local_bh_enable_ip+0x168/0x200
[  816.949032][T18299]  ? lockdep_hardirqs_on+0x99/0x150
[  816.954278][T18299]  ? __local_bh_enable_ip+0x168/0x200
[  816.959688][T18299]  ? dev_hard_start_xmit+0x773/0x7e0
[  816.965020][T18299]  ? __dev_queue_xmit+0x2d2/0x3d30
[  816.970180][T18299]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  816.975955][T18299]  ? __dev_queue_xmit+0x2d2/0x3d30
[  816.981120][T18299]  ? __dev_queue_xmit+0x16c9/0x3d30
[  816.986820][T18299]  ? __dev_queue_xmit+0x2d2/0x3d30
[  816.992005][T18299]  ? ref_tracker_free+0x643/0x7e0
[  816.997087][T18299]  netlink_rcv_skb+0x1e3/0x430
[  817.001898][T18299]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  817.007412][T18299]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  817.012771][T18299]  ? netlink_deliver_tap+0x2e/0x1b0
[  817.018017][T18299]  netlink_unicast+0x7ea/0x980
[  817.022851][T18299]  ? __pfx_netlink_unicast+0x10/0x10
[  817.028183][T18299]  ? __virt_addr_valid+0x183/0x530
[  817.033347][T18299]  ? __check_object_size+0x49c/0x900
[  817.038682][T18299]  ? bpf_lsm_netlink_send+0x9/0x10
[  817.043843][T18299]  netlink_sendmsg+0x8db/0xcb0
[  817.048671][T18299]  ? __pfx_netlink_sendmsg+0x10/0x10
[  817.054091][T18299]  ? __import_iovec+0x536/0x820
[  817.058982][T18299]  ? aa_sock_msg_perm+0x91/0x160
[  817.064061][T18299]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  817.069384][T18299]  ? security_socket_sendmsg+0x87/0xb0
[  817.074894][T18299]  ? __pfx_netlink_sendmsg+0x10/0x10
[  817.080251][T18299]  __sock_sendmsg+0x221/0x270
[  817.085185][T18299]  ____sys_sendmsg+0x525/0x7d0
[  817.090007][T18299]  ? __pfx_____sys_sendmsg+0x10/0x10
[  817.095353][T18299]  __sys_sendmsg+0x2b0/0x3a0
[  817.099994][T18299]  ? __pfx___sys_sendmsg+0x10/0x10
[  817.105161][T18299]  ? vfs_write+0x7c4/0xc90
[  817.109672][T18299]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  817.116047][T18299]  ? do_syscall_64+0x100/0x230
[  817.120868][T18299]  ? do_syscall_64+0xb6/0x230
[  817.125641][T18299]  do_syscall_64+0xf3/0x230
[  817.130199][T18299]  ? clear_bhb_loop+0x35/0x90
[  817.134929][T18299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.140877][T18299] RIP: 0033:0x7f71ddf75bd9
[  817.145331][T18299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  817.164980][T18299] RSP: 002b:00007f71dee30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  817.173449][T18299] RAX: ffffffffffffffda RBX: 00007f71de103f60 RCX: 00007f71ddf75bd9
[  817.181478][T18299] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003
[  817.189489][T18299] RBP: 00007f71dee300a0 R08: 0000000000000000 R09: 0000000000000000
[  817.197510][T18299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.205523][T18299] R13: 000000000000000b R14: 00007f71de103f60 R15: 00007f71de22fa78
[  817.213559][T18299]  </TASK>
[  817.222080][T10720] Bluetooth: hci6: command tx timeout
[  817.234869][T18311] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3196'.
[  817.251072][T18311] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3196'.
[  817.456169][T18321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  817.497205][T18321] xt_TCPMSS: Only works on TCP SYN packets
[  817.578616][T18321] random: crng reseeded on system resumption
[  817.620481][ T2483] hsr_slave_0: left promiscuous mode
[  817.661372][ T2483] hsr_slave_1: left promiscuous mode
[  817.677793][ T2483] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  817.706877][ T2483] batman_adv: batadv0: Removing interface: batadv_slave_0
[  817.707979][T18331] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3201'.
[  817.755490][ T2483] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  817.806074][ T2483] batman_adv: batadv0: Removing interface: batadv_slave_1
[  817.888565][ T2483] veth1_macvtap: left promiscuous mode
[  817.903188][ T2483] veth0_macvtap: left promiscuous mode
[  817.917499][ T2483] veth1_vlan: left promiscuous mode
[  817.942857][ T2483] veth0_vlan: left promiscuous mode
[  818.349006][ T2483] pimreg (unregistering): left allmulticast mode
[  818.664338][ T5152] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[  818.841309][   T25] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  818.885476][ T5152] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  818.906124][ T5152] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  818.916578][ T5152] usb 5-1: Product: syz
[  818.929206][ T5152] usb 5-1: Manufacturer: syz
[  818.935732][ T5152] usb 5-1: SerialNumber: syz
[  818.957267][ T5152] usb 5-1: config 0 descriptor??
[  818.967847][ T5152] ch341 5-1:0.0: ch341-uart converter detected
[  819.033832][   T25] usb 3-1: Using ep0 maxpacket: 8
[  819.053659][   T25] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  819.074664][   T25] usb 3-1: config 0 has no interface number 0
[  819.080857][   T25] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  819.094743][   T25] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  819.104349][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.111554][ T2483] team0 (unregistering): Port device team_slave_1 removed
[  819.118603][   T25] usb 3-1: config 0 descriptor??
[  819.133451][   T25] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  819.168629][ T5152] usb 5-1: failed to receive control message: -32
[  819.175577][ T5152] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  819.245321][ T2483] team0 (unregistering): Port device team_slave_0 removed
[  819.293040][T10720] Bluetooth: hci6: command tx timeout
[  820.107218][T18351] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3206'.
[  820.119446][T18352] netlink: 'syz.3.3206': attribute type 21 has an invalid length.
[  820.136247][T18358] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3202'.
[  820.149552][T18263] bridge0: port 1(bridge_slave_0) entered blocking state
[  820.164794][T18263] bridge0: port 1(bridge_slave_0) entered disabled state
[  820.172667][T18263] bridge_slave_0: entered allmulticast mode
[  820.179998][T18263] bridge_slave_0: entered promiscuous mode
[  820.214298][T18263] bridge0: port 2(bridge_slave_1) entered blocking state
[  820.222320][T18263] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.229773][T18263] bridge_slave_1: entered allmulticast mode
[  820.243998][T18263] bridge_slave_1: entered promiscuous mode
[  820.340904][T18263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  820.365094][T18263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  820.512551][T18263] team0: Port device team_slave_0 added
[  820.534762][T18263] team0: Port device team_slave_1 added
[  820.640770][T18263] batman_adv: batadv0: Adding interface: batadv_slave_0
[  820.654679][T18263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  820.711506][T18263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  820.741152][T18263] batman_adv: batadv0: Adding interface: batadv_slave_1
[  820.750171][T18263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  820.798717][T18263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  820.942926][T18263] hsr_slave_0: entered promiscuous mode
[  820.962922][T18263] hsr_slave_1: entered promiscuous mode
[  821.011137][T18263] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  821.018767][T18263] Cannot create hsr debugfs directory
[  821.367788][   T25] usb 5-1: USB disconnect, device number 127
[  821.381401][T10720] Bluetooth: hci6: command tx timeout
[  821.443262][   T25] ch341 5-1:0.0: device disconnected
[  821.521721][ T5152] usb 3-1: USB disconnect, device number 92
[  821.592717][ T5152] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected
[  822.733752][T10720] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  823.061310][T18263] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  823.143391][T18263] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  823.180390][T18263] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  823.231583][T18263] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  823.281359][  T929] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  823.464780][T10720] Bluetooth: hci6: command tx timeout
[  823.513448][  T929] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  823.521837][ T5185] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  823.531227][  T929] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  823.556771][  T929] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  823.574705][  T929] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  823.583806][T18263] 8021q: adding VLAN 0 to HW filter on device bond0
[  823.607043][  T929] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  823.621176][  T929] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  823.655497][  T929] usb 3-1: Product: syz
[  823.659755][  T929] usb 3-1: Manufacturer: syz
[  823.685255][T18263] 8021q: adding VLAN 0 to HW filter on device team0
[  823.700378][  T929] cdc_wdm 3-1:1.0: skipping garbage
[  823.713199][  T929] cdc_wdm 3-1:1.0: skipping garbage
[  823.723477][  T932] bridge0: port 1(bridge_slave_0) entered blocking state
[  823.730683][  T932] bridge0: port 1(bridge_slave_0) entered forwarding state
[  823.740753][  T929] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  823.747534][  T929] cdc_wdm 3-1:1.0: Unknown control protocol
[  823.753699][ T5185] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  823.778922][ T5185] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  823.793816][ T5151] bridge0: port 2(bridge_slave_1) entered blocking state
[  823.801056][ T5151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  823.814997][ T5185] usb 2-1: Product: syz
[  823.833937][ T5185] usb 2-1: Manufacturer: syz
[  823.859611][ T5185] usb 2-1: SerialNumber: syz
[  823.889970][ T5185] usb 2-1: config 0 descriptor??
[  823.895316][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  823.919434][ T5185] ch341 2-1:0.0: ch341-uart converter detected
[  824.002232][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.008902][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.015315][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.021943][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.028332][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.034975][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.041370][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.048039][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.054431][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.061096][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.067468][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.074108][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.080502][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.087142][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.093503][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.100155][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.106526][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.113164][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.119527][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  824.126167][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  824.131561][   T25] usb 5-1: Using ep0 maxpacket: 8
[  824.139450][ T5185] usb 2-1: failed to receive control message: -32
[  824.157391][   T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  824.170370][ T5185] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  824.197568][T18263] 8021q: adding VLAN 0 to HW filter on device batadv0
[  824.206927][   T25] usb 5-1: config 0 has no interface number 0
[  824.217053][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  824.217049][   T45] usb 3-1: USB disconnect, device number 93
[  824.256153][   T25] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  824.284538][   T25] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  824.305294][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  824.372433][   T25] usb 5-1: config 0 descriptor??
[  824.386907][   T25] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  824.418505][T18263] veth0_vlan: entered promiscuous mode
[  824.458619][T18263] veth1_vlan: entered promiscuous mode
[  824.517261][T18452] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3220'.
[  824.550851][T18263] veth0_macvtap: entered promiscuous mode
[  824.585864][T18263] veth1_macvtap: entered promiscuous mode
[  824.639995][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  824.662814][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.678446][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  824.691151][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.708042][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  824.719306][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.730313][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  824.743481][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.757374][T18263] batman_adv: batadv0: Interface activated: batadv_slave_0
[  824.784689][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.803399][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.820260][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.837363][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.850098][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.860731][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.871103][T18263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.884517][T18263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.912581][T18263] batman_adv: batadv0: Interface activated: batadv_slave_1
[  824.949873][T18263] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  824.963120][T18263] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  824.979457][T18263] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  825.040751][T18263] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  825.361161][   T45] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  825.548780][ T2441] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  825.583192][ T2441] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  825.661169][   T45] usb 4-1: Using ep0 maxpacket: 32
[  825.688017][   T45] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  825.708905][ T2483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  825.723692][ T2483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  825.724925][   T45] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  825.745423][   T45] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  825.759592][   T45] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  825.759633][   T45] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  825.759662][   T45] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  825.819732][   T45] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  825.839836][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.877439][   T45] usb 4-1: Product: syz
[  825.889107][   T45] usb 4-1: Manufacturer: syz
[  825.910492][   T45] usb 4-1: SerialNumber: syz
[  826.214506][ T5185] usb 2-1: USB disconnect, device number 100
[  826.249194][ T5185] ch341 2-1:0.0: device disconnected
[  826.405967][  T784] usb 5-1: USB disconnect, device number 2
[  826.452839][  T784] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected
[  827.907543][   T45] cdc_ncm 4-1:1.0: bind() failure
[  827.970916][   T45] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  828.001233][   T45] cdc_ncm 4-1:1.1: bind() failure
[  828.048391][   T45] usb 4-1: USB disconnect, device number 86
[  828.631353][   T45] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  828.855751][   T45] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  828.889825][   T45] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  828.934151][   T45] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  828.969635][   T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  828.996948][   T45] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  829.015542][   T45] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  829.045050][   T45] usb 1-1: Product: syz
[  829.087299][   T45] usb 1-1: Manufacturer: syz
[  829.107664][   T45] cdc_wdm 1-1:1.0: skipping garbage
[  829.119831][   T45] cdc_wdm 1-1:1.0: skipping garbage
[  829.157708][   T45] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  829.188014][   T45] cdc_wdm 1-1:1.0: Unknown control protocol
[  829.457707][    C1] wdm_int_callback: 393 callbacks suppressed
[  829.457733][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.470385][    C1] wdm_int_callback: 393 callbacks suppressed
[  829.470409][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.482910][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.489560][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.495979][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.502618][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.508974][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.515609][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.521992][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.528618][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.534919][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.541542][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.547881][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.554484][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.560795][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.567409][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.573791][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.580387][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.581116][ T5151] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[  829.586738][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  829.600731][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  829.749737][  T932] usb 1-1: USB disconnect, device number 86
[  829.749921][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  829.947789][ T5151] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  829.974998][ T5151] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  829.992153][ T5151] usb 2-1: Product: syz
[  830.001321][ T5151] usb 2-1: Manufacturer: syz
[  830.005991][ T5151] usb 2-1: SerialNumber: syz
[  830.033574][ T5151] usb 2-1: config 0 descriptor??
[  830.049358][ T5151] ch341 2-1:0.0: ch341-uart converter detected
[  830.063852][  T929] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  830.081661][T10720] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  830.258537][ T5151] usb 2-1: failed to receive control message: -32
[  830.284796][ T5151] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  830.295855][  T929] usb 4-1: Using ep0 maxpacket: 8
[  830.308073][  T929] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  830.331381][  T929] usb 4-1: config 0 has no interface number 0
[  830.347972][  T929] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  830.369505][  T929] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  830.400527][  T929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.442615][  T929] usb 4-1: config 0 descriptor??
[  830.483341][  T929] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  830.624664][T18573] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3237'.
[  830.731540][   T45] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  830.921318][   T45] usb 5-1: Using ep0 maxpacket: 32
[  830.942238][   T45] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  830.964330][   T45] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.000658][   T45] usb 5-1: config 0 descriptor??
[  831.025215][   T45] gspca_main: sq930x-2.14.0 probing 041e:403c
[  831.951120][   T45] gspca_sq930x: reg_w 0105 bf00 failed -71
[  832.041197][   T45] sq930x 5-1:0.0: probe with driver sq930x failed with error -71
[  832.070611][   T45] usb 5-1: USB disconnect, device number 3
[  832.190146][  T929] usb 2-1: USB disconnect, device number 101
[  832.217768][  T929] ch341 2-1:0.0: device disconnected
[  832.523161][  T929] usb 4-1: USB disconnect, device number 87
[  832.578475][  T929] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected
[  833.224970][ T2475] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.342097][T18625] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3251'.
[  833.520434][ T2475] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.820141][ T2475] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.017678][ T2475] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.051031][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  834.311745][T16604] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  834.501294][   T45] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[  834.533912][T16604] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  834.603477][ T2475] bridge_slave_1: left allmulticast mode
[  834.609313][T16604] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  834.646853][T16604] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  834.653700][ T2475] bridge_slave_1: left promiscuous mode
[  834.688215][ T2475] bridge0: port 2(bridge_slave_1) entered disabled state
[  834.729783][T16604] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.751968][   T45] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  834.783209][ T2475] bridge_slave_0: left allmulticast mode
[  834.785921][   T45] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  834.788887][ T2475] bridge_slave_0: left promiscuous mode
[  834.820961][T18627] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  834.876717][   T45] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  834.918107][ T5101] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  834.935443][ T5101] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  834.947106][ T5101] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  834.958380][ T5101] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  834.966630][ T5101] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  834.974823][ T5101] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  834.990229][ T2475] bridge0: port 1(bridge_slave_0) entered disabled state
[  834.999652][   T45] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  835.045577][   T45] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  835.056377][   T45] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  835.064695][   T45] usb 2-1: Product: syz
[  835.068900][   T45] usb 2-1: Manufacturer: syz
[  835.109136][   T45] cdc_wdm 2-1:1.0: skipping garbage
[  835.121242][   T45] cdc_wdm 2-1:1.0: skipping garbage
[  835.154265][   T45] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  835.195578][   T45] cdc_wdm 2-1:1.0: Unknown control protocol
[  835.519357][ T5151] usb 2-1: USB disconnect, device number 102
[  835.775110][T18651] netlink: 209832 bytes leftover after parsing attributes in process `syz.2.3258'.
[  836.441206][ T5151] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  836.645121][ T5151] usb 3-1: Using ep0 maxpacket: 8
[  836.665297][ T5151] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  836.665316][ T2475] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  836.700023][ T5151] usb 3-1: config 0 has no interface number 0
[  836.708643][ T5151] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  836.723538][ T5151] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  836.740492][ T5151] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  836.757858][ T2475] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  836.797671][ T5151] usb 3-1: config 0 descriptor??
[  836.804829][ T2475] bond0 (unregistering): Released all slaves
[  836.839594][ T5151] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  836.941309][ T5152] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[  837.014177][ T5151] usb 4-1: USB disconnect, device number 88
[  837.051180][ T5101] Bluetooth: hci5: command tx timeout
[  837.153061][ T5152] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  837.194220][ T5152] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  837.216934][ T5152] usb 1-1: Product: syz
[  837.230418][ T5152] usb 1-1: Manufacturer: syz
[  837.277457][ T5152] usb 1-1: SerialNumber: syz
[  837.315879][ T5152] usb 1-1: config 0 descriptor??
[  837.336209][ T5152] ch341 1-1:0.0: ch341-uart converter detected
[  837.546258][ T5152] usb 1-1: failed to receive control message: -32
[  837.596833][ T5152] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  837.760026][ T2475] hsr_slave_0: left promiscuous mode
[  837.793902][ T2475] hsr_slave_1: left promiscuous mode
[  837.796736][T18685] FAULT_INJECTION: forcing a failure.
[  837.796736][T18685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  837.827893][ T2475] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  837.832552][T18685] CPU: 0 PID: 18685 Comm: syz.1.3262 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  837.845557][T18685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  837.855651][T18685] Call Trace:
[  837.858960][T18685]  <TASK>
[  837.861954][T18685]  dump_stack_lvl+0x241/0x360
[  837.866726][T18685]  ? __pfx_dump_stack_lvl+0x10/0x10
[  837.872039][T18685]  ? __pfx__printk+0x10/0x10
[  837.876650][T18685]  ? snprintf+0xda/0x120
[  837.880918][T18685]  should_fail_ex+0x3b0/0x4e0
[  837.885615][T18685]  _copy_to_user+0x2f/0xb0
[  837.890039][T18685]  simple_read_from_buffer+0xca/0x150
[  837.895448][T18685]  proc_fail_nth_read+0x1e9/0x250
[  837.900494][T18685]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  837.906067][T18685]  ? rw_verify_area+0x520/0x6b0
[  837.910938][T18685]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  837.916518][T18685]  vfs_read+0x204/0xbc0
[  837.920697][T18685]  ? __pfx_vfs_read+0x10/0x10
[  837.925405][T18685]  ? __pfx_set_user_sigmask+0x10/0x10
[  837.930792][T18685]  ? __pfx_do_sys_openat2+0x10/0x10
[  837.936015][T18685]  ksys_read+0x1a0/0x2c0
[  837.940265][T18685]  ? __pfx_ksys_read+0x10/0x10
[  837.945038][T18685]  ? do_syscall_64+0x100/0x230
[  837.949831][T18685]  ? do_syscall_64+0xb6/0x230
[  837.954612][T18685]  do_syscall_64+0xf3/0x230
[  837.959127][T18685]  ? clear_bhb_loop+0x35/0x90
[  837.963807][T18685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.969711][T18685] RIP: 0033:0x7ff8065746bc
[  837.974128][T18685] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  837.993752][T18685] RSP: 002b:00007ff807418040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  838.002184][T18685] RAX: ffffffffffffffda RBX: 00007ff806703f60 RCX: 00007ff8065746bc
[  838.010152][T18685] RDX: 000000000000000f RSI: 00007ff8074180b0 RDI: 0000000000000008
[  838.018130][T18685] RBP: 00007ff8074180a0 R08: 0000000000000000 R09: 0000000000000000
[  838.026101][T18685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.034177][T18685] R13: 000000000000000b R14: 00007ff806703f60 R15: 00007ff80682fa78
[  838.042177][T18685]  </TASK>
[  838.075251][ T2475] batman_adv: batadv0: Removing interface: batadv_slave_0
[  838.212519][ T2475] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  838.220058][ T2475] batman_adv: batadv0: Removing interface: batadv_slave_1
[  838.297384][ T2475] veth1_macvtap: left promiscuous mode
[  838.310052][ T2475] veth0_macvtap: left promiscuous mode
[  838.342459][ T2475] veth1_vlan: left promiscuous mode
[  838.358104][ T2475] veth0_vlan: left promiscuous mode
[  838.961761][ T5146] usb 3-1: USB disconnect, device number 94
[  839.017238][ T5146] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected
[  839.131583][ T5101] Bluetooth: hci5: command tx timeout
[  839.668103][   T45] usb 1-1: USB disconnect, device number 87
[  839.714632][   T45] ch341 1-1:0.0: device disconnected
[  839.794276][ T2475] team0 (unregistering): Port device team_slave_1 removed
[  839.925246][ T2475] team0 (unregistering): Port device team_slave_0 removed
[  840.549834][T18688] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3257'.
[  840.569008][T18694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3264'.
[  840.641949][T18711] netlink: 'syz.1.3268': attribute type 7 has an invalid length.
[  840.646719][T18703] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[  840.669966][T18711] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3268'.
[  840.680772][T18703] netdevsim netdevsim2: Falling back to sysfs fallback for: ng
[  840.786307][T18712] bridge2: port 1(gretap1) entered blocking state
[  840.797754][T18716] FAULT_INJECTION: forcing a failure.
[  840.797754][T18716] name failslab, interval 1, probability 0, space 0, times 0
[  840.818623][T18712] bridge2: port 1(gretap1) entered disabled state
[  840.827599][T18716] CPU: 0 PID: 18716 Comm: syz.3.3270 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  840.837818][T18716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  840.847912][T18716] Call Trace:
[  840.851245][T18716]  <TASK>
[  840.854260][T18716]  dump_stack_lvl+0x241/0x360
[  840.859169][T18716]  ? __pfx_dump_stack_lvl+0x10/0x10
[  840.864422][T18716]  ? __pfx__printk+0x10/0x10
[  840.869064][T18716]  ? _copy_from_iter+0x26b/0x1960
[  840.874139][T18716]  should_fail_ex+0x3b0/0x4e0
[  840.878874][T18716]  ? build_skb+0x52/0x2a0
[  840.883247][T18716]  should_failslab+0x9/0x20
[  840.887797][T18716]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  840.893211][T18716]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  840.899224][T18716]  build_skb+0x52/0x2a0
[  840.903403][T18716]  ? __tun_build_skb+0x25/0x2f0
[  840.908276][T18716]  __tun_build_skb+0x33/0x2f0
[  840.912976][T18716]  tun_get_user+0x2084/0x4560
[  840.917672][T18716]  ? tun_get_user+0x84c/0x4560
[  840.922464][T18716]  ? __pfx_tun_get_user+0x10/0x10
[  840.927518][T18716]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  840.933002][T18716]  ? tun_get+0x1e/0x2f0
[  840.937189][T18716]  ? tun_get+0x1e/0x2f0
[  840.941360][T18716]  ? tun_get+0x27d/0x2f0
[  840.945619][T18716]  tun_chr_write_iter+0x113/0x1f0
[  840.950754][T18716]  vfs_write+0xa72/0xc90
[  840.955012][T18716]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  840.960578][T18716]  ? __pfx_vfs_write+0x10/0x10
[  840.965383][T18716]  ksys_write+0x1a0/0x2c0
[  840.969729][T18716]  ? __pfx_ksys_write+0x10/0x10
[  840.974592][T18716]  ? do_syscall_64+0x100/0x230
[  840.979377][T18716]  ? do_syscall_64+0xb6/0x230
[  840.984077][T18716]  do_syscall_64+0xf3/0x230
[  840.988599][T18716]  ? clear_bhb_loop+0x35/0x90
[  840.993288][T18716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.999199][T18716] RIP: 0033:0x7f71ddf7475f
[  841.003638][T18716] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  841.023253][T18716] RSP: 002b:00007f71dee30010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  841.031683][T18716] RAX: ffffffffffffffda RBX: 00007f71de103f60 RCX: 00007f71ddf7475f
[  841.039688][T18716] RDX: 000000000000002a RSI: 0000000020000280 RDI: 00000000000000c8
[  841.047753][T18716] RBP: 00007f71dee300a0 R08: 0000000000000000 R09: 0000000000000000
[  841.055732][T18716] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[  841.063722][T18716] R13: 000000000000000b R14: 00007f71de103f60 R15: 00007f71de22fa78
[  841.071716][T18716]  </TASK>
[  841.078603][T18712] gretap1: entered allmulticast mode
[  841.098566][T18712] gretap1: entered promiscuous mode
[  841.108395][T18639] chnl_net:caif_netlink_parms(): no params data found
[  841.217660][ T5101] Bluetooth: hci5: command tx timeout
[  841.251742][ T5152] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[  841.277018][ T5101] Bluetooth: hci6: unexpected event 0x06 length: 23 > 3
[  841.442827][ T5152] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  841.461239][ T5152] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  841.476398][ T5152] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  841.486323][ T5152] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  841.499809][ T5152] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  841.509261][ T5152] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  841.524235][ T5152] usb 3-1: Product: syz
[  841.536593][ T5152] usb 3-1: Manufacturer: syz
[  841.559467][ T5152] cdc_wdm 3-1:1.0: skipping garbage
[  841.565658][ T5152] cdc_wdm 3-1:1.0: skipping garbage
[  841.583053][ T5152] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  841.600298][ T5152] cdc_wdm 3-1:1.0: Unknown control protocol
[  841.697507][T18639] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.738442][T18639] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.749045][T18639] bridge_slave_0: entered allmulticast mode
[  841.777263][T18639] bridge_slave_0: entered promiscuous mode
[  841.803863][T18639] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.819953][    C1] wdm_int_callback: 693 callbacks suppressed
[  841.819979][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.832796][    C1] wdm_int_callback: 693 callbacks suppressed
[  841.832812][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.844929][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.851029][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.852542][T18639] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.857631][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.870906][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.876976][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.883568][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.889847][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.896441][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.902724][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.909315][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.915619][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.922250][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.928544][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.935136][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.941431][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.948054][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.954388][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.961022][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.967401][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  841.974011][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  841.982356][   T45] usb 3-1: USB disconnect, device number 95
[  841.988304][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  842.076739][T18639] bridge_slave_1: entered allmulticast mode
[  842.096776][T18639] bridge_slave_1: entered promiscuous mode
[  842.151290][  T929] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  842.193414][T18639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  842.227461][T18639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  842.387684][T18639] team0: Port device team_slave_0 added
[  842.393911][  T929] usb 4-1: Using ep0 maxpacket: 8
[  842.408829][  T929] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  842.423543][  T929] usb 4-1: config 0 has no interface number 0
[  842.500506][  T929] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  842.513025][T18639] team0: Port device team_slave_1 added
[  842.529935][  T929] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  842.576075][  T929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.668449][  T929] usb 4-1: config 0 descriptor??
[  842.781720][  T929] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  842.788155][T18639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  842.818670][T18639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.844621][    C1] vkms_vblank_simulate: vblank timer overrun
[  842.929616][T18639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  842.978256][T18639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  843.000282][T18639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  843.026377][    C1] vkms_vblank_simulate: vblank timer overrun
[  843.044142][T18639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  843.071728][T18770] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3280'.
[  843.192256][   T45] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  843.270317][T18639] hsr_slave_0: entered promiscuous mode
[  843.278439][T18639] hsr_slave_1: entered promiscuous mode
[  843.286931][T18639] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  843.291724][ T5101] Bluetooth: hci5: command tx timeout
[  843.300395][T18639] Cannot create hsr debugfs directory
[  843.393673][   T45] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  843.417736][   T45] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=240
[  843.427141][   T45] usb 1-1: Product: syz
[  843.432675][   T45] usb 1-1: Manufacturer: syz
[  843.437465][   T45] usb 1-1: SerialNumber: syz
[  843.445902][   T45] usb 1-1: config 0 descriptor??
[  843.458974][   T45] ch341 1-1:0.0: ch341-uart converter detected
[  843.501135][  T929] usb 2-1: new high-speed USB device number 103 using dummy_hcd
[  843.660375][   T45] usb 1-1: failed to receive control message: -32
[  843.674674][   T45] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  843.685727][  T929] usb 2-1: device descriptor read/64, error -71
[  844.001205][  T929] usb 2-1: new high-speed USB device number 104 using dummy_hcd
[  844.127912][T18788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3279'.
[  844.181122][  T929] usb 2-1: device descriptor read/64, error -71
[  844.318207][T18639] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  844.332124][  T929] usb usb2-port1: attempt power cycle
[  844.339956][ T5152] usb 4-1: USB disconnect, device number 89
[  844.356478][ T5152] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected
[  844.364883][T18639] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  844.391219][T18639] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  844.410126][T18639] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  844.451238][T10552] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[  844.477742][T18799] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[  844.642160][T10552] usb 3-1: Using ep0 maxpacket: 8
[  844.655251][T10552] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  844.691787][T10552] usb 3-1: New USB device found, idVendor=05a4, idProduct=8003, bcdDevice= 0.40
[  844.716418][T18639] 8021q: adding VLAN 0 to HW filter on device bond0
[  844.716938][T10552] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.755081][T10552] usb 3-1: Product: syz
[  844.759407][T10552] usb 3-1: Manufacturer: syz
[  844.764938][T10552] usb 3-1: SerialNumber: syz
[  844.795828][T18639] 8021q: adding VLAN 0 to HW filter on device team0
[  844.798126][T10552] usbhid 3-1:1.0: couldn't find an input interrupt endpoint
[  844.810140][  T929] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[  844.842475][T10552] bridge0: port 1(bridge_slave_0) entered blocking state
[  844.849743][T10552] bridge0: port 1(bridge_slave_0) entered forwarding state
[  844.859883][  T929] usb 2-1: device descriptor read/8, error -71
[  844.886703][T10552] bridge0: port 2(bridge_slave_1) entered blocking state
[  844.894006][T10552] bridge0: port 2(bridge_slave_1) entered forwarding state
[  844.910935][   T29] audit: type=1326 audit(1720721280.489:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18810 comm="syz.3.3285" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f71ddf75bd9 code=0x0
[  845.000885][T10552] usb 3-1: USB disconnect, device number 96
[  845.082748][T18639] 8021q: adding VLAN 0 to HW filter on device batadv0
[  845.151305][  T929] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[  845.184709][T18639] veth0_vlan: entered promiscuous mode
[  845.214086][  T929] usb 2-1: device descriptor read/8, error -71
[  845.228419][T18639] veth1_vlan: entered promiscuous mode
[  845.292500][T18639] veth0_macvtap: entered promiscuous mode
[  845.316633][T18639] veth1_macvtap: entered promiscuous mode
[  845.347640][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  845.361859][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.365353][  T929] usb usb2-port1: unable to enumerate USB device
[  845.378247][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  845.389324][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.399405][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  845.410103][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.421410][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  845.433677][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.446366][T18639] batman_adv: batadv0: Interface activated: batadv_slave_0
[  845.478798][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  845.491428][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.503403][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  845.514234][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.524396][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  845.546506][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.571273][T18639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  845.593296][T18639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  845.619472][T18639] batman_adv: batadv0: Interface activated: batadv_slave_1
[  845.662465][T18639] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  845.677080][T18639] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  845.687098][T18639] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  845.701115][T18639] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  845.858846][T18830] ------------[ cut here ]------------
[  845.864863][T18830] WARNING: CPU: 1 PID: 18830 at net/mac80211/driver-ops.c:465 drv_link_info_changed+0x153/0x8b0
[  845.875526][T18830] Modules linked in:
[  845.879542][T18830] CPU: 1 PID: 18830 Comm: syz.2.3286 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  845.889844][T18830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  845.899983][T18830] RIP: 0010:drv_link_info_changed+0x153/0x8b0
[  845.906204][T18830] Code: 83 fd 01 75 1f e8 cd 3b a6 f6 eb 32 e8 c6 3b a6 f6 eb 2b 83 fd 03 74 21 83 fd 05 75 07 e8 b5 3b a6 f6 eb 1a e8 ae 3b a6 f6 90 <0f> 0b 90 e9 c3 01 00 00 e8 a0 3b a6 f6 eb 05 e8 99 3b a6 f6 4d 8d
[  845.926192][T18830] RSP: 0018:ffffc9000e11ece8 EFLAGS: 00010283
[  845.932742][T18830] RAX: ffffffff8aefec72 RBX: 0000000000000001 RCX: 0000000000040000
[  845.940804][T18830] RDX: ffffc9000a6de000 RSI: 0000000000000f5a RDI: 0000000000000f5b
[  845.950001][T18830] RBP: 0000000080000000 R08: 0000000000000005 R09: ffffffff8aefec40
[  845.958368][T18830] R10: 0000000000000004 R11: ffff88801dc30000 R12: 0000000000000000
[  845.966488][T18830] R13: 0000000000000200 R14: ffff88806d0c0ca0 R15: ffff88801f218e20
[  845.974647][T18830] FS:  00007f81b55296c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  845.984259][T18830] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  845.991163][T18830] CR2: 0000001b2e311ff8 CR3: 000000002d852000 CR4: 00000000003506f0
[  845.999217][T18830] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  846.000715][T10552] usb 1-1: USB disconnect, device number 88
[  846.007348][T18830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  846.007376][T18830] Call Trace:
[  846.007388][T18830]  <TASK>
[  846.007402][T18830]  ? __warn+0x163/0x4e0
[  846.028138][T18836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  846.032171][T18830]  ? drv_link_info_changed+0x153/0x8b0
[  846.032227][T18830]  ? report_bug+0x2b3/0x500
[  846.032262][T18830]  ? drv_link_info_changed+0x153/0x8b0
[  846.032309][T18830]  ? handle_bug+0x3e/0x70
[  846.032333][T18830]  ? exc_invalid_op+0x1a/0x50
[  846.068258][T18830]  ? asm_exc_invalid_op+0x1a/0x20
[  846.073380][T18830]  ? drv_link_info_changed+0x120/0x8b0
[  846.078857][T18830]  ? drv_link_info_changed+0x152/0x8b0
[  846.084372][T18830]  ? drv_link_info_changed+0x153/0x8b0
[  846.089866][T18830]  ? drv_link_info_changed+0x152/0x8b0
[  846.095503][T18830]  ? ieee80211_link_info_change_notify+0x1a5/0x330
[  846.102263][T18830]  ieee80211_offchannel_stop_vifs+0x25c/0x590
[  846.108440][T18830]  __ieee80211_start_scan+0x1a7d/0x1e00
[  846.114355][T18830]  ? __pfx___ieee80211_start_scan+0x10/0x10
[  846.120356][T18830]  cfg80211_conn_scan+0x9de/0xe80
[  846.125532][T18830]  cfg80211_connect+0x14a4/0x1cf0
[  846.130689][T18830]  ? __pfx_cfg80211_connect+0x10/0x10
[  846.136228][T18830]  ? nl80211_crypto_settings+0xb79/0xee0
[  846.142091][T18830]  nl80211_connect+0x188f/0x1fe0
[  846.148456][T18830]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  846.154620][T18830]  ? __pfx___mutex_trylock_common+0x10/0x10
[  846.160623][T18830]  ? __pfx_nl80211_connect+0x10/0x10
[  846.166094][T18830]  genl_rcv_msg+0xb14/0xec0
[  846.170697][T18830]  ? mark_lock+0x9a/0x350
[  846.175285][T18830]  ? __pfx_genl_rcv_msg+0x10/0x10
[  846.180509][T18830]  ? __pfx_lock_acquire+0x10/0x10
[  846.185722][T18830]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  846.191277][T18830]  ? __pfx_nl80211_connect+0x10/0x10
[  846.196643][T18830]  ? __pfx_nl80211_post_doit+0x10/0x10
[  846.202277][T18830]  ? __pfx___might_resched+0x10/0x10
[  846.207678][T18830]  netlink_rcv_skb+0x1e3/0x430
[  846.212617][T18830]  ? __pfx_genl_rcv_msg+0x10/0x10
[  846.217725][T18830]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  846.223241][T18830]  ? __netlink_deliver_tap+0x77e/0x7c0
[  846.228812][T18830]  genl_rcv+0x28/0x40
[  846.233115][T18830]  netlink_unicast+0x7ea/0x980
[  846.238609][T18830]  ? __pfx_netlink_unicast+0x10/0x10
[  846.244107][T18830]  ? __virt_addr_valid+0x183/0x530
[  846.250092][T18830]  ? __check_object_size+0x49c/0x900
[  846.256067][T18830]  ? bpf_lsm_netlink_send+0x9/0x10
[  846.261412][T18830]  netlink_sendmsg+0x8db/0xcb0
[  846.266262][T18830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  846.271754][T18830]  ? __import_iovec+0x536/0x820
[  846.276670][T18830]  ? aa_sock_msg_perm+0x91/0x160
[  846.281749][T18830]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  846.287139][T18830]  ? security_socket_sendmsg+0x87/0xb0
[  846.292739][T18830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  846.298100][T18830]  __sock_sendmsg+0x221/0x270
[  846.303038][T18830]  ____sys_sendmsg+0x525/0x7d0
[  846.307917][T18830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  846.313408][T18830]  __sys_sendmsg+0x2b0/0x3a0
[  846.318084][T18830]  ? __pfx___sys_sendmsg+0x10/0x10
[  846.323508][T18830]  ? __secure_computing+0x125/0x370
[  846.328801][T18830]  do_syscall_64+0xf3/0x230
[  846.333568][T18830]  ? clear_bhb_loop+0x35/0x90
[  846.338365][T18830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.344386][T18830] RIP: 0033:0x7f81b4775bd9
[  846.348856][T18830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.370053][T18830] RSP: 002b:00007f81b5529048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  846.378688][T18830] RAX: ffffffffffffffda RBX: 00007f81b4904038 RCX: 00007f81b4775bd9
[  846.386819][T18830] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[  846.394924][T18830] RBP: 00007f81b47e4e60 R08: 0000000000000000 R09: 0000000000000000
[  846.402994][T18830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  846.411189][T18830] R13: 000000000000006e R14: 00007f81b4904038 R15: 00007f81b4a2fa78
[  846.419241][T18830]  </TASK>
[  846.422383][T18830] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  846.429676][T18830] CPU: 1 PID: 18830 Comm: syz.2.3286 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  846.439825][T18830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  846.449880][T18830] Call Trace:
[  846.453175][T18830]  <TASK>
[  846.456118][T18830]  dump_stack_lvl+0x241/0x360
[  846.460836][T18830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  846.466049][T18830]  ? __pfx__printk+0x10/0x10
[  846.470655][T18830]  ? vscnprintf+0x5d/0x90
[  846.475080][T18830]  panic+0x349/0x860
[  846.478989][T18830]  ? __warn+0x172/0x4e0
[  846.483157][T18830]  ? __pfx_panic+0x10/0x10
[  846.487601][T18830]  __warn+0x346/0x4e0
[  846.491591][T18830]  ? drv_link_info_changed+0x153/0x8b0
[  846.497086][T18830]  report_bug+0x2b3/0x500
[  846.501435][T18830]  ? drv_link_info_changed+0x153/0x8b0
[  846.506921][T18830]  handle_bug+0x3e/0x70
[  846.511096][T18830]  exc_invalid_op+0x1a/0x50
[  846.515601][T18830]  asm_exc_invalid_op+0x1a/0x20
[  846.520461][T18830] RIP: 0010:drv_link_info_changed+0x153/0x8b0
[  846.526542][T18830] Code: 83 fd 01 75 1f e8 cd 3b a6 f6 eb 32 e8 c6 3b a6 f6 eb 2b 83 fd 03 74 21 83 fd 05 75 07 e8 b5 3b a6 f6 eb 1a e8 ae 3b a6 f6 90 <0f> 0b 90 e9 c3 01 00 00 e8 a0 3b a6 f6 eb 05 e8 99 3b a6 f6 4d 8d
[  846.546197][T18830] RSP: 0018:ffffc9000e11ece8 EFLAGS: 00010283
[  846.552293][T18830] RAX: ffffffff8aefec72 RBX: 0000000000000001 RCX: 0000000000040000
[  846.560286][T18830] RDX: ffffc9000a6de000 RSI: 0000000000000f5a RDI: 0000000000000f5b
[  846.568280][T18830] RBP: 0000000080000000 R08: 0000000000000005 R09: ffffffff8aefec40
[  846.576257][T18830] R10: 0000000000000004 R11: ffff88801dc30000 R12: 0000000000000000
[  846.584233][T18830] R13: 0000000000000200 R14: ffff88806d0c0ca0 R15: ffff88801f218e20
[  846.592234][T18830]  ? drv_link_info_changed+0x120/0x8b0
[  846.597707][T18830]  ? drv_link_info_changed+0x152/0x8b0
[  846.603189][T18830]  ? drv_link_info_changed+0x152/0x8b0
[  846.608658][T18830]  ? ieee80211_link_info_change_notify+0x1a5/0x330
[  846.615199][T18830]  ieee80211_offchannel_stop_vifs+0x25c/0x590
[  846.621284][T18830]  __ieee80211_start_scan+0x1a7d/0x1e00
[  846.626875][T18830]  ? __pfx___ieee80211_start_scan+0x10/0x10
[  846.632799][T18830]  cfg80211_conn_scan+0x9de/0xe80
[  846.637858][T18830]  cfg80211_connect+0x14a4/0x1cf0
[  846.642941][T18830]  ? __pfx_cfg80211_connect+0x10/0x10
[  846.648323][T18830]  ? nl80211_crypto_settings+0xb79/0xee0
[  846.654003][T18830]  nl80211_connect+0x188f/0x1fe0
[  846.658955][T18830]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  846.664965][T18830]  ? __pfx___mutex_trylock_common+0x10/0x10
[  846.670887][T18830]  ? __pfx_nl80211_connect+0x10/0x10
[  846.676262][T18830]  genl_rcv_msg+0xb14/0xec0
[  846.680788][T18830]  ? mark_lock+0x9a/0x350
[  846.685133][T18830]  ? __pfx_genl_rcv_msg+0x10/0x10
[  846.690179][T18830]  ? __pfx_lock_acquire+0x10/0x10
[  846.695201][T18830]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  846.700590][T18830]  ? __pfx_nl80211_connect+0x10/0x10
[  846.705961][T18830]  ? __pfx_nl80211_post_doit+0x10/0x10
[  846.711437][T18830]  ? __pfx___might_resched+0x10/0x10
[  846.716732][T18830]  netlink_rcv_skb+0x1e3/0x430
[  846.721510][T18830]  ? __pfx_genl_rcv_msg+0x10/0x10
[  846.726534][T18830]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  846.731837][T18830]  ? __netlink_deliver_tap+0x77e/0x7c0
[  846.737319][T18830]  genl_rcv+0x28/0x40
[  846.741365][T18830]  netlink_unicast+0x7ea/0x980
[  846.746150][T18830]  ? __pfx_netlink_unicast+0x10/0x10
[  846.751438][T18830]  ? __virt_addr_valid+0x183/0x530
[  846.756560][T18830]  ? __check_object_size+0x49c/0x900
[  846.761858][T18830]  ? bpf_lsm_netlink_send+0x9/0x10
[  846.767001][T18830]  netlink_sendmsg+0x8db/0xcb0
[  846.771784][T18830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  846.777079][T18830]  ? __import_iovec+0x536/0x820
[  846.782021][T18830]  ? aa_sock_msg_perm+0x91/0x160
[  846.786965][T18830]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  846.792260][T18830]  ? security_socket_sendmsg+0x87/0xb0
[  846.797719][T18830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  846.803017][T18830]  __sock_sendmsg+0x221/0x270
[  846.807900][T18830]  ____sys_sendmsg+0x525/0x7d0
[  846.812695][T18830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  846.817995][T18830]  __sys_sendmsg+0x2b0/0x3a0
[  846.822593][T18830]  ? __pfx___sys_sendmsg+0x10/0x10
[  846.827741][T18830]  ? __secure_computing+0x125/0x370
[  846.832965][T18830]  do_syscall_64+0xf3/0x230
[  846.837478][T18830]  ? clear_bhb_loop+0x35/0x90
[  846.842171][T18830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.848069][T18830] RIP: 0033:0x7f81b4775bd9
[  846.852482][T18830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.872096][T18830] RSP: 002b:00007f81b5529048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  846.880516][T18830] RAX: ffffffffffffffda RBX: 00007f81b4904038 RCX: 00007f81b4775bd9
[  846.888515][T18830] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[  846.896508][T18830] RBP: 00007f81b47e4e60 R08: 0000000000000000 R09: 0000000000000000
[  846.904482][T18830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  846.912452][T18830] R13: 000000000000006e R14: 00007f81b4904038 R15: 00007f81b4a2fa78
[  846.920440][T18830]  </TASK>
[  846.923896][T18830] Kernel Offset: disabled
[  846.928340][T18830] Rebooting in 86400 seconds..