last executing test programs:

10.156560844s ago: executing program 4 (id=5496):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000080)={0x74, 0x0, 0x31}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x0}, @IPSET_ATTR_SIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x5c}}, 0x0)

9.968788305s ago: executing program 4 (id=5497):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0xe28d95e58ae557f4}})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x800, 0x1c1703)
r1 = getpid()
syz_clone3(&(0x7f0000001400)={0x40830000, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0), {0x2a}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/109, &(0x7f00000013c0)=[r1, r1, r1, 0x0], 0x4}, 0x58)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000007c0)={{0x10000, 0x2, 0xb, 0x2, 0x0, 0x81, 0x9b, 0x7, 0x4, 0x87, 0x8, 0x7}, {0x18f002, 0x4000, 0xa, 0x3, 0x8, 0xb, 0x92, 0x9, 0x8, 0x9, 0xa, 0x2}, {0x6000, 0x5000, 0xd, 0xec, 0xb3, 0xfb, 0x2, 0x4, 0xe3, 0x56, 0x39, 0xfe}, {0xd000, 0x4, 0xb, 0xd5, 0xf8, 0x3, 0x7f, 0x8, 0x5, 0x6, 0x4, 0xb4}, {0x4000, 0x100000, 0x0, 0x67, 0x1, 0x8, 0x6, 0x3, 0x5f, 0xbe, 0x3, 0x1}, {0x6000, 0x6000, 0xc, 0x2, 0xf, 0xfd, 0x0, 0x2, 0x10, 0xa7, 0x4, 0x7}, {0xb6ff58cdf5116350, 0x1, 0x8, 0x2, 0xf1, 0x0, 0x4, 0xf3, 0x5, 0x3, 0x8, 0x40}, {0x1000, 0x4000, 0x9, 0x10, 0xe, 0x4, 0xf9, 0x3, 0x1, 0x5, 0x8, 0xe}, {0x1000, 0x3}, {0x0, 0x1}, 0x0, 0x0, 0x2, 0x20100, 0x6, 0x4000, 0x7004, [0x8000000000000000, 0x9, 0x6cd2, 0x3]})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r6, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x14b042, 0x0)
pwritev2(r7, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000002580)=""/107})
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2001, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000004a150112790001020301090224000101000000"], 0x0)
ioctl$SNAPSHOT_FREE(r8, 0x3305)
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
userfaultfd(0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000010000000853a6e1d127e5d5292f3b9e67925d96d34b70244f25560e8a01161d39c2fd200ad0f9fe1a4903b6bdad0aca2777873287cad6c24404fe323db091f3913431ce0858a5ecc0bc481c4d31ac1cb548f19d5596e87dc3f3cec115a8c7d16540fbbfd3e5c2b33fe0a15100bb12af"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {}, {0x0, 0xfd}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0xff}]}})

9.860107686s ago: executing program 3 (id=5499):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
socket$inet6(0xa, 0x0, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2d8)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x6a, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a00)="316f82faff29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000180)="0036d551863e1902129da79fb0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a9", 0x88}, {&(0x7f0000000c40)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336fb139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b4e01a3ef30321af56b9601fb04e5e5cb16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef374e28f6fc3066150dcb7cd9e7c3b9808eb03c18e8601a71ad3906bb12f7067bf7b51c2a364848bda30518eb340e11b9b5b9651052ab7ae9b1add0ac4936debc76ac7e2d22a49891fcc360f605f0f175d523875b2b15b3a5065fd980300000000000000094dd76ffb223c5437fc4c7ee52d17d54dba33eb93eaff5d25007b334072796ea5ec0705662bdeb09a541dcf912bd35f324ca2fc2a95e740317650fdbfa3fe", 0x190}, {&(0x7f0000000800)="560e784a5947b90900000000000000d4f4afc887d8a4c55ae9e6d3bae49259a935b480ee610800f5c5b3", 0x2a}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

7.601206776s ago: executing program 3 (id=5504):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0xfffffffffffffdc6, &(0x7f0000000780)={&(0x7f0000002d80)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10}, @TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8}]}}]}, 0xac}}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000170a0104000000000000000000000000d2e0762fcad0314ba78e91e585bf4d33461144b788475ed8"], 0x14}}, 0x0)

7.191605243s ago: executing program 1 (id=5508):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r2, 0x7fffffff)
futex_waitv(&(0x7f0000001640)=[{0x400, &(0x7f00000000c0)=0x40, 0x2}, {0x32d4, &(0x7f0000000100)=0x6, 0x2}, {0x280000000000, &(0x7f0000000200)=0x8, 0x82}, {0x1e, &(0x7f0000000280)=0x4, 0x82}, {0x3, &(0x7f00000002c0)=0x4395, 0x2}, {0x3, &(0x7f0000000340)=0x2, 0x2}, {0x4, &(0x7f0000000380)=0x6, 0x2}, {0x2, &(0x7f00000003c0)=0x8, 0x2}, {0x9, &(0x7f0000000440)=0xfffffffffffffffb, 0x82}, {0x9, &(0x7f0000000480)=0xfff, 0x2}, {0x8, &(0x7f00000004c0)=0x2, 0x82}, {0x9, &(0x7f0000000500), 0x82}, {0x8, &(0x7f0000000540)=0x101, 0x2}, {0x3ee8, &(0x7f0000000580)=0x8001, 0x2}, {0x0, &(0x7f0000000b80)=0x8, 0x82}, {0x80, &(0x7f0000000bc0)=0x6, 0x2}, {0x4, &(0x7f0000000c00)=0x8001}, {0x3, &(0x7f0000000c40)=0x6, 0x82}, {0x6, &(0x7f0000000c80)=0xdee3, 0x2}, {0x9, &(0x7f0000000cc0)=0x24b, 0x82}, {0x4, &(0x7f0000000d00)=0x88}, {0x1, &(0x7f0000000d40)=0x6, 0x82}, {0x5, &(0x7f0000000d80), 0x2}, {0x0, &(0x7f0000000dc0)=0x8000000000000001, 0x2}, {0x1, &(0x7f0000000e00)=0x8, 0x82}, {0x7f2, &(0x7f0000000e40)=0x2, 0x82}, {0x2, &(0x7f0000000e80)=0x2, 0x82}, {0xfff, &(0x7f0000000ec0)=0x83a, 0x82}, {0x8, &(0x7f0000000f00)=0x200, 0x82}, {0x5bbbc81d, &(0x7f0000000f40)=0x7, 0x2}, {0x75, &(0x7f0000000f80), 0x2}, {0x0, &(0x7f0000000fc0), 0x82}, {0x6, &(0x7f0000001000)=0x3, 0x2}, {0x7, &(0x7f0000001040)=0x80000001, 0x2}, {0x9, &(0x7f0000001100)=0x8000, 0x82}, {0x151a6ef2, &(0x7f0000001140)=0x8, 0x82}, {0x2, &(0x7f0000001180)=0x60, 0x82}, {0x10000, &(0x7f00000011c0)=0x323f, 0x82}, {0x9a77, &(0x7f0000001200)=0x1, 0x82}, {0x961, &(0x7f0000001240)=0x831, 0x82}, {0x6, &(0x7f0000001280)=0x9, 0x2}, {0x8, &(0x7f00000012c0)=0x3ff, 0x2}, {0x48, &(0x7f0000001300)=0x101, 0x2}, {0x7, &(0x7f0000001340)=0x6, 0x2}, {0x40, &(0x7f0000001380)=0x8}, {0x100000001, &(0x7f00000013c0)=0x17c0000000000000, 0x2}, {0x89d, &(0x7f0000001400)=0x8, 0x82}, {0x7, &(0x7f0000001440)=0x7fff, 0x82}, {0x2, &(0x7f0000001480)=0x713}, {0x1, &(0x7f00000014c0)=0x4, 0x2}, {0x400, &(0x7f0000001500)=0xfffffffffffffff8, 0x2}, {0x3, &(0x7f0000001540)=0x3, 0x82}, {0x3, &(0x7f0000001580)=0x951, 0x2}, {0x4c9, &(0x7f00000015c0)=0x1000, 0x82}, {0x3, &(0x7f0000001600)=0x1, 0x82}], 0x37, 0x0, &(0x7f0000001b80)={0x0, 0x3938700}, 0x1)
write$sysctl(r1, &(0x7f0000000300)='1\x00', 0xffffff4a)
write$sysctl(r1, &(0x7f0000000000)='2\x00', 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = syz_open_dev$media(&(0x7f0000000400), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r3, 0xc0487c04, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000003080)=[{}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(0xffffffffffffffff, &(0x7f00000010c0)=[{&(0x7f0000000140)="5832b113e20ef2a80611015dcbbee21557854650d326be5e8c0d83738ce384b49d9991faffff8e53f45df0cec25e27881102cf5c68593321686ac36cc5fcb40e1125043c5431b3a0238681ad4a26ca97480df472394905de8138b03661c3fc1d30261919fb44cc1b36cd9eacefdc0ded22040405444f6954425df6c27e0dc9b64de842204b8e9320b8a37e1a860b6edad92345a123148643a89a87c23693dedbfa0a8a7d629f621c78482700ae60c5b2508e5f", 0xb3}], 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)

6.595386577s ago: executing program 3 (id=5509):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={0xffffffffffffffff, 0x18000000000002a0, 0x22, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f008004de7f9c764360000002f00007f00000765e7959b", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x5640, 0x400080)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f0000000480)={0xc})
ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(r0, 0x3ba0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvfrom(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$HIDIOCGRDESC(r1, 0x90044802, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x55, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001e000d04000019000000000000000000317f50cf83e47ded1de94a684205d3620ae42f450af7363ae43228c9332e847698e290256837bcd943d6c848"], 0x14}}, 0x0)
socket(0x5, 0x1, 0x2)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x54, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x54}}, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0xfea7)
clock_gettime(0x2, &(0x7f0000000400)={<r8=>0x0, <r9=>0x0})
utimensat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{}, {r8, r9/1000+60000}}, 0x100)

6.340525196s ago: executing program 2 (id=5511):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0xe28d95e58ae557f4}})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x800, 0x1c1703)
r1 = getpid()
syz_clone3(&(0x7f0000001400)={0x40830000, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0), {0x2a}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/109, &(0x7f00000013c0)=[r1, r1, r1, 0x0], 0x4}, 0x58)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000007c0)={{0x10000, 0x2, 0xb, 0x2, 0x0, 0x81, 0x9b, 0x7, 0x4, 0x87, 0x8, 0x7}, {0x18f002, 0x4000, 0xa, 0x3, 0x8, 0xb, 0x92, 0x9, 0x8, 0x9, 0xa, 0x2}, {0x6000, 0x5000, 0xd, 0xec, 0xb3, 0xfb, 0x2, 0x4, 0xe3, 0x56, 0x39, 0xfe}, {0xd000, 0x4, 0xb, 0xd5, 0xf8, 0x3, 0x7f, 0x8, 0x5, 0x6, 0x4, 0xb4}, {0x4000, 0x100000, 0x0, 0x67, 0x1, 0x8, 0x6, 0x3, 0x5f, 0xbe, 0x3, 0x1}, {0x6000, 0x6000, 0xc, 0x2, 0xf, 0xfd, 0x0, 0x2, 0x10, 0xa7, 0x4, 0x7}, {0xb6ff58cdf5116350, 0x1, 0x8, 0x2, 0xf1, 0x0, 0x4, 0xf3, 0x5, 0x3, 0x8, 0x40}, {0x1000, 0x4000, 0x9, 0x0, 0xe, 0x4, 0xf9, 0x3, 0x1, 0x5, 0x8, 0xe}, {0x1000, 0x3}, {0x0, 0x1}, 0x0, 0x0, 0x2, 0x20100, 0x6, 0x4000, 0x7004, [0x8000000000000000, 0x9, 0x6cd2, 0x3]})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, 0xffffffffffffffff, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x14b042, 0x0)
pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000002580)=""/107})
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2001, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000004a150112790001020301090224000101000000090400000003010000092100000001220000090581030000000000"], 0x0)
ioctl$SNAPSHOT_FREE(r7, 0x3305)
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
userfaultfd(0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000010000000853a6e1d127e5d5292f3b9e67925d96d34b70244f25560e8a01161d39c2fd200ad0f9fe1a4903b6bdad0aca2777873287cad6c24404fe323db091f3913431ce0858a5ecc0bc481c4d31ac1cb548f19d5596e87dc3f3cec115a8c7d16540fbbfd3e5c2b33fe0a15100bb12af"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {}, {0x0, 0xfd}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0xff}]}})

5.665054261s ago: executing program 4 (id=5512):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@private2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
ioctl$PPPIOCSMRU(0xffffffffffffffff, 0x40047452, 0x0)
sendmsg$key(r2, 0x0, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001600)=ANY=[@ANYBLOB], 0x10}}, 0x800)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0xc3, 0xa1, 0xd7, 0x8, 0xccd, 0x99, 0x950d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xbc, 0x71, 0xf9}}]}}]}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000002000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xfffffffffffffffe)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000140)=[{0xffffffffffffffff}, {0x0}], 0x2})
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x1ff, &(0x7f00000002c0)=[{&(0x7f00000001c0)}], 0x1})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0)
io_uring_enter(0xffffffffffffffff, 0x50, 0x0, 0x0, 0x0, 0xfffffffffffffff4)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r3, 0xc0709411, &(0x7f00000002c0)={{<r7=>0x0, 0x0, 0x6, 0x4, 0x0, 0xa148, 0x808a, 0xfffffff4, 0xffffff15, 0x7, 0x0, 0x0, 0x6, 0x4}, 0x10, [0x0, 0x0]})
ioctl$BTRFS_IOC_TREE_SEARCH(r5, 0xd0009411, &(0x7f0000000600)={{r7, 0x8000000000, 0x0, 0x0, 0xb, 0x5, 0x4, 0x0, 0x0, 0x0, 0x9, 0x1, 0xffffffffffffffff, 0x10001, 0x1}})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = getpid()
sched_setscheduler(r8, 0x0, &(0x7f0000000100)=0x5)
sched_setscheduler(r8, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)

5.564691643s ago: executing program 0 (id=5513):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r2 = socket(0x10, 0x6, 0x0)
getsockopt$WPAN_WANTACK(r2, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000700)={0x0, 0x0, 0x1}, 0x1)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00'})
r5 = openat$smackfs_relabel_self(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$smackfs_labels_list(0xffffffffffffffff, 0x0, 0x10)
preadv(r5, &(0x7f0000000640)=[{0x0}], 0x1, 0x9, 0x0)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f00000003c0))
socket$key(0xf, 0x3, 0x2)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c0000000206010200000000000000000000000010000300686173683a69702c6d6163000900020073797a32000000000500040000000000050005000a00000005000100060000001400078008000640000099b60800080000000000"], 0x5c}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$key(0xf, 0x3, 0x2)
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r12 = dup(r11)
ioctl$KVM_SET_MSRS(r12, 0xc048aeca, &(0x7f0000000040)=ANY=[@ANYRES16=r7])
ioctl$TUNSETOFFLOAD(r12, 0x4010744d, 0x20000000)

5.54857172s ago: executing program 3 (id=5514):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0xe28d95e58ae557f4}})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x800, 0x1c1703)
r1 = getpid()
syz_clone3(&(0x7f0000001400)={0x40830000, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0), {0x2a}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/109, &(0x7f00000013c0)=[r1, r1, r1, 0x0], 0x4}, 0x58)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000007c0)={{0x10000, 0x2, 0xb, 0x2, 0x0, 0x81, 0x9b, 0x7, 0x4, 0x87, 0x8, 0x7}, {0x18f002, 0x4000, 0xa, 0x3, 0x8, 0xb, 0x92, 0x9, 0x8, 0x9, 0xa, 0x2}, {0x6000, 0x5000, 0xd, 0xec, 0xb3, 0xfb, 0x2, 0x4, 0xe3, 0x56, 0x39, 0xfe}, {0xd000, 0x4, 0xb, 0xd5, 0xf8, 0x3, 0x7f, 0x8, 0x5, 0x6, 0x4, 0xb4}, {0x4000, 0x100000, 0x0, 0x67, 0x1, 0x8, 0x6, 0x3, 0x5f, 0xbe, 0x3, 0x1}, {0x6000, 0x6000, 0xc, 0x2, 0xf, 0xfd, 0x0, 0x2, 0x10, 0xa7, 0x4, 0x7}, {0xb6ff58cdf5116350, 0x1, 0x8, 0x2, 0xf1, 0x0, 0x4, 0xf3, 0x5, 0x3, 0x8, 0x40}, {0x1000, 0x4000, 0x0, 0x10, 0xe, 0x4, 0xf9, 0x3, 0x1, 0x5, 0x8, 0xe}, {0x1000, 0x3}, {0x0, 0x1}, 0x0, 0x0, 0x2, 0x20100, 0x6, 0x4000, 0x7004, [0x8000000000000000, 0x9, 0x6cd2, 0x3]})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, 0xffffffffffffffff, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x14b042, 0x0)
pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000002580)=""/107})
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2001, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000004a150112790001020301090224000101000000090400000003010000092100000001220000090581030000000000"], 0x0)
ioctl$SNAPSHOT_FREE(r7, 0x3305)
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
userfaultfd(0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000010000000853a6e1d127e5d5292f3b9e67925d96d34b70244f25560e8a01161d39c2fd200ad0f9fe1a4903b6bdad0aca2777873287cad6c24404fe323db091f3913431ce0858a5ecc0bc481c4d31ac1cb548f19d5596e87dc3f3cec115a8c7d16540fbbfd3e5c2b33fe0a15100bb12af"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {}, {0x0, 0xfd}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0xff}]}})

5.543003074s ago: executing program 1 (id=5515):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
socket$inet6(0xa, 0x0, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2d8)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x6a, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a00)="316f82faff29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000180)="0036d551863e1902129da79fb0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a9", 0x88}, {&(0x7f0000000c40)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336fb139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b4e01a3ef30321af56b9601fb04e5e5cb16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef374e28f6fc3066150dcb7cd9e7c3b9808eb03c18e8601a71ad3906bb12f7067bf7b51c2a364848bda30518eb340e11b9b5b9651052ab7ae9b1add0ac4936debc76ac7e2d22a49891fcc360f605f0f175d523875b2b15b3a5065fd980300000000000000094dd76ffb223c5437fc4c7ee52d17d54dba33eb93eaff5d25007b334072796ea5ec0705662bdeb09a541dcf912bd35f324ca2fc2a95e740317650fdbfa3fe", 0x190}, {&(0x7f0000000800)="560e784a5947b90900000000000000d4f4afc887d8a4c55ae9e6d3bae49259a935b480ee610800f5c5b3", 0x2a}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

5.314987301s ago: executing program 1 (id=5516):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000001940)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b6", @ANYRES16, @ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYBLOB="000000000000000000005a00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900010000000a000000"], 0x28}, 0x1, 0x0, 0x0, 0x40440d1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4010000160001000000000000000000fe8000000000000000000000000000bbfc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa0000000033"], 0x1a4}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="020a000002000000100000000000000052c816d028430fc2fed35e208f2aa67d23b5"], 0x10}}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8982, &(0x7f0000000180)={0x8, 'veth1_vlan\x00', {'veth1_to_bond\x00'}, 0xff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3c}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000240)=@filter={'filter\x00', 0xc, 0x4, 0x260, 0xffffffff, 0x0, 0x130, 0x130, 0x98, 0xffffffff, 0x1c8, 0x98, 0x1c8, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0)
recvfrom(r1, 0x0, 0x0, 0x2000, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5.000842514s ago: executing program 2 (id=5517):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000001940)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3", @ANYRES16, @ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="02000000290000000000000000000000020010000000000000000000000000004300000000c0000002000000ac141400ebb2822bfe522177b706550000000000000000030000000000000002000000ac14140000000000000000003645eec2c733cb201df8841fa160bf760a2e7df72690b5369013ece7180a9503a143ccb018ec36e474b85d80be33e81ae94766f397d7f71b39f92e4c03ab9e4608ad185a0d73029d664fb16ae3f59015a609d24e3af204e0134d3f8e8113217a9aaed7babab2d3e0d0aaf4461ff16dfcf8b8444990c4fd30a6e012f8fe9b6f2436da0ea3"], 0x50}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYBLOB="000000000000000000005a00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900010000000a000000"], 0x28}, 0x1, 0x0, 0x0, 0x40440d1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4010000160001000000000000000000fe8000000000000000000000000000bbfc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa0000000033"], 0x1a4}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="020a000002000000100000000000000052c816d028430fc2fed35e208f2aa67d23b5"], 0x10}}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8982, &(0x7f0000000180)={0x8, 'veth1_vlan\x00', {'veth1_to_bond\x00'}, 0xff})
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.976102193s ago: executing program 1 (id=5518):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x83, &(0x7f0000000040)={'filter\x00', 0x0, 0x0, 0x90, [], 0x0, 0x0, 0x1000000000000}, &(0x7f00000000c0)=0x108)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="120100005bc1fa20cf106880fd2e0000000109021200010000000009040000000714ef007540a2f73086bb8b2a64268c23709e32acef66de68565556af82075e988898e9133cf05e1a4808bd9985c6b92eda388b2730f463772baa58ab750e519c553343929aaa5923e07b5b2a1efe"], 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x10, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000003380)=ANY=[], &(0x7f00002bf000)='syzkaller\x00', 0x0, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
socket$kcm(0x29, 0x5, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f00000003c0)={'ip6_vti0\x00', 0x0, 0x29, 0x9, 0x3c, 0x0, 0x11, @empty, @remote, 0x80, 0x7800}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_open_dev$sndpcmp(&(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r8, 0x4161, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f00000006c0)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000700)=ANY=[@ANYRES8=r3, @ANYRES32=0x0, @ANYBLOB="4770b177faebe1a2ea27c79613656c091b9d408d96398dbe2b81696b773e6cdd0928fa57b711d52c3950b6bb2da207aaf53342beba0c6e9ac37087bd4dc52971897a8f3aa9a38d7ce5a75fcd51c7c6fce258209765b5cd09491eb3fb92e5b4b83f0c3708d1d3f373ba1b2ea14ce066e9e73281de25ce07da01772fdf98840161a10f9a9565c4dad101b47dc7bcb3c778354bb9a9a14714bf7218366be2d3e8b93ad1733f651b8b57cfacf97feceeda35c84d630ca19759e5b59550f063ffae8610ba387d7fda7ad7683ba847a86ce2836b2d8c8b57e4f69a4ece119f111aafb37c08c344", @ANYRESDEC=r5, @ANYRES64=r2, @ANYRES32=r8, @ANYRES64=<r12=>r10], 0x44}}, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=r12, @ANYRES32=0x0, @ANYBLOB="0000000000ddb0880000000100000000000000000000000000000000000000000000000000000000000000000000000000fdbc0000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000003a04556c40118e5db59dfd736"], 0xb8}}, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xa}, 0x1e)
listen(r0, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)

3.832426245s ago: executing program 2 (id=5519):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.swap.current\x00', 0x275a, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$EVIOCSABS20(r1, 0x40044591, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[], 0x0, 0x26}, 0x20)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x404c4701, 0x0)
writev(r1, &(0x7f0000004600)=[{&(0x7f0000000000)="186ecfc3ab6a1ca144e55cf08903b1534194e326fc56491a", 0x18}], 0x1)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000180)=@gcm_256={{0x303}, "10eae400367465ec", "5b72e7f351595d23440175126a56eab2840b81a1adc6d8cfc4e551163ff66dec", '#\x00', "000000fc00"}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xf, 0x20000000000001e6, &(0x7f0000000e80)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x7, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0x6}, 0x1dd, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x48)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x351a}, 0x1})
io_uring_enter(r0, 0x4587, 0xa61f, 0x19, 0x0, 0x0)
syz_emit_vhci(0x0, 0x22)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043b0affffffffffff10000000"], 0xd)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB], 0xd)

3.692432395s ago: executing program 0 (id=5520):
syz_emit_ethernet(0x11a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaa00aaaaaaaaaa0086dd60cb653e00e43a00fe800000000000000000000000000000fe80000000000000000000000000000086009078000000000000000000000000000d7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697aef1702b895af582b2e3b5cd435f497d415f29c5d941df10c1ca5819a0a33ba4b3400d98000c130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f2060e4e027f24bb723a5571d0da2ebeb3fe47f34e606cb3987e3681841f511126b773758e143f6be25d6965fcca35155fec3f970e2067f5db8a5de787eaf96b5957e6b988c02ae9f"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x10010, 0xffffffffffffffff, 0x8000000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x110, &(0x7f0000000040)=0x7fffffff, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095", @ANYRES16=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r5)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000400)={'wpan1\x00', <r8=>0x0})
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)={0x2c, r6, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5112}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}]}, 0x2c}}, 0x171afede306c0c3d)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.491481103s ago: executing program 0 (id=5521):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
syz_open_dev$usbfs(&(0x7f0000000000), 0xffffffff00000001, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0x1, 0x0, "dd3e9db9a77d17cb06000000000000009cec82438ff87936dfd60400ecff1800"})

3.484887926s ago: executing program 2 (id=5522):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0xe28d95e58ae557f4}})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x800, 0x1c1703)
r1 = getpid()
syz_clone3(&(0x7f0000001400)={0x40830000, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0), {0x2a}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/109, &(0x7f00000013c0)=[r1, r1, r1, 0x0], 0x4}, 0x58)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000007c0)={{0x10000, 0x2, 0xb, 0x2, 0x0, 0x81, 0x9b, 0x7, 0x4, 0x87, 0x8, 0x7}, {0x18f002, 0x4000, 0xa, 0x3, 0x8, 0xb, 0x92, 0x9, 0x8, 0x9, 0xa, 0x2}, {0x6000, 0x5000, 0xd, 0xec, 0xb3, 0xfb, 0x2, 0x4, 0xe3, 0x56, 0x39, 0xfe}, {0xd000, 0x4, 0xb, 0xd5, 0xf8, 0x3, 0x7f, 0x8, 0x5, 0x6, 0x4, 0xb4}, {0x4000, 0x100000, 0x0, 0x67, 0x1, 0x8, 0x6, 0x3, 0x5f, 0xbe, 0x3, 0x1}, {0x6000, 0x6000, 0xc, 0x2, 0xf, 0xfd, 0x0, 0x2, 0x10, 0xa7, 0x4, 0x7}, {0xb6ff58cdf5116350, 0x1, 0x8, 0x2, 0xf1, 0x0, 0x4, 0xf3, 0x5, 0x3, 0x8, 0x40}, {0x1000, 0x4000, 0x9, 0x10, 0xe, 0x4, 0xf9, 0x3, 0x1, 0x5, 0x8, 0xe}, {0x1000, 0x3}, {0x0, 0x1}, 0x0, 0x0, 0x2, 0x20100, 0x6, 0x4000, 0x7004, [0x8000000000000000, 0x9, 0x6cd2, 0x3]})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r6, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x14b042, 0x0)
pwritev2(r7, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000002580)=""/107})
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2001, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000004a150112790001020301090224000101000000"], 0x0)
ioctl$SNAPSHOT_FREE(r8, 0x3305)
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
userfaultfd(0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000010000000853a6e1d127e5d5292f3b9e67925d96d34b70244f25560e8a01161d39c2fd200ad0f9fe1a4903b6bdad0aca2777873287cad6c24404fe323db091f3913431ce0858a5ecc0bc481c4d31ac1cb548f19d5596e87dc3f3cec115a8c7d16540fbbfd3e5c2b33fe0a15100bb12af"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {}, {0x0, 0xfd}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0xff}]}})

3.387959164s ago: executing program 4 (id=5523):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x20, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x894a, &(0x7f0000000000)='bridge0\x00')
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
read$FUSE(r5, &(0x7f0000003680)={0x2020}, 0x2020)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3)
sendmsg$inet(r1, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)
ioperm(0x0, 0x3ff, 0x0)
mkdir(&(0x7f0000001200)='./file0\x00', 0x123)
chmod(0x0, 0x0)
ioctl$CAPI_REGISTER(r0, 0xc0585604, &(0x7f0000000140)={0x0, 0x1})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)

3.296624047s ago: executing program 0 (id=5524):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0}, 0x90)
socket$inet6(0xa, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
syz_emit_ethernet(0x6a, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = dup2(r1, r2)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a00)="316f82faff29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000180)="0036d551863e1902129da79fb0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a9", 0x88}, {&(0x7f0000000c40)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336fb139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b4e01a3ef30321af56b9601fb04e5e5cb16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef374e28f6fc3066150dcb7cd9e7c3b9808eb03c18e8601a71ad3906bb12f7067bf7b51c2a364848bda30518eb340e11b9b5b9651052ab7ae9b1add0ac4936debc76ac7e2d22a49891fcc360f605f0f175d523875b2b15b3a5065fd980300000000000000094dd76ffb223c5437fc4c7ee52d17d54dba33eb93eaff5d25007b334072796ea5ec0705662bdeb09a541dcf912bd35f324ca2fc2a95e740317650fdbfa3fe", 0x190}, {&(0x7f00000008c0)="fff5c0293353db83a683db60266a3867d03f740f4f0a7bafe7be9b2bac0bf1b2019dbd474a418997ac57789fb8490642b47a96f0d03ec69d1f6e90e86b08003ef9c7331582f3", 0x46}, {&(0x7f0000000800)="560e784a5947b90900000000000000d4f4afc887d8a4c55ae9e6d3bae49259a935b480ee610800f5c5b3", 0x2a}], 0x5}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="6f59bb69296212101db2d25d7d1550eabd8017f1dcae8582eee7d0417821deba372ff17566312ebdfed0dee4fcaabfcd0f157495460a5f6fcd15448f9fc823232e24c1c6c1ad896c06197a169c2c514e77d4d3ffdca3cf990954d1baf51d00417a650d", 0x63}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r1, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

2.579175879s ago: executing program 3 (id=5525):
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x81, 0xc9}}}, 0x6)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00', <r1=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
chown(&(0x7f0000000000)='./file0\x00', 0xee01, 0xffffffffffffffff)
r2 = getpid()
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000053000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$nl_route(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_DEL_RULE(r7, &(0x7f0000001500)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000014c0)={&(0x7f0000001080)={0x424, 0x3f4, 0x200, 0x70bd27, 0x25dfdbfe, {0x2, 0x1, 0x33, [0x3, 0x1, 0x7, 0x80000000, 0x8, 0x5, 0x2c, 0x52f, 0x1, 0x1ffe000, 0x1, 0x8, 0x1ff, 0x5976aa5c, 0x7, 0x2, 0x80, 0x4, 0x6, 0x7, 0xffff8001, 0x1, 0x3, 0x8, 0x3, 0x1, 0x1, 0xb6, 0x400, 0x8, 0x10001, 0x91, 0x7, 0x7ff, 0x7, 0x6, 0x6, 0x6, 0x3, 0x8000, 0x1, 0x1, 0x7, 0x5, 0x1, 0x1, 0x0, 0xf, 0xf5, 0xff, 0x3, 0x0, 0x3, 0x5, 0xe956, 0x2, 0x4, 0x7, 0x3, 0x4, 0x1, 0x0, 0x620, 0x1ff], [0x4, 0xfffff7ab, 0x2, 0x1f, 0xfffffff8, 0xb9f, 0x4, 0x81, 0x80000000, 0x6, 0x200, 0x80000000, 0x1, 0x0, 0x9, 0x1005, 0x9, 0x7f, 0x8, 0x7, 0x9, 0x5, 0x7, 0x6, 0x4, 0x4ac9, 0x400, 0x2, 0x1, 0xf4f, 0x6, 0x0, 0x599, 0x1001, 0x101, 0xfffffffb, 0x1, 0x7fff, 0x8001, 0x5, 0x7, 0x1, 0x7f, 0x1000, 0x6f212dcf, 0x8001, 0x0, 0x2800000, 0x2, 0x8, 0x7fff, 0x80, 0x4, 0x2, 0x3, 0x40, 0x3, 0x0, 0xfffffff9, 0xfffff801, 0x4, 0x0, 0x8, 0x81], [0x1000, 0x7, 0x7ff, 0x4, 0x401, 0x5, 0x0, 0xf7, 0xfffffc01, 0xffffffff, 0x3, 0x1000, 0x81, 0x1ff, 0x200, 0x6, 0x6, 0x9, 0x2, 0x0, 0x4, 0x0, 0x6b, 0x6, 0xfffffffe, 0x81, 0xce2, 0x0, 0x1, 0x6, 0x7, 0x7, 0x0, 0xd58, 0x7, 0x9, 0x7, 0x8, 0x6, 0x100, 0x7fff, 0x9, 0x3, 0x4, 0x2, 0x1f, 0x8, 0xa3cc, 0x7ff, 0x6, 0x2, 0x7f, 0x2, 0x0, 0x4002, 0x6d, 0x9, 0x4d77, 0xdd4, 0x4, 0x1, 0x2e07, 0x4, 0x3], [0x8001, 0x200, 0x3ff, 0x8000, 0xff, 0x4e, 0x20, 0x20, 0xd2f, 0x3, 0xffffffff, 0x1, 0x40, 0x20ffff, 0x7, 0x8, 0xd68, 0x7, 0xc3, 0x80000000, 0x6, 0xfff, 0x7, 0x0, 0x591, 0xfff, 0x1, 0x400, 0xffff, 0x7, 0x7, 0x6, 0x5, 0x1, 0x1, 0x10001, 0xe9, 0x0, 0x7ff, 0x4, 0xfffffffd, 0x0, 0x100, 0x78fdf0c3, 0x2, 0x7, 0xf0a, 0x2, 0x0, 0x1, 0x7fff, 0x2, 0x2, 0xc9e, 0x9, 0x10001, 0xc0, 0x225f, 0x1f, 0x2, 0xfffffff9, 0x40, 0x2, 0x9b], 0x4, ['\\,.\x00']}, [""]}, 0x424}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
syz_emit_ethernet(0xfd, &(0x7f0000001540)=ANY=[@ANYBLOB="1cde556a3fe200000000000008004d1800ef006600001f009078e000000200000000441cab61ffffffff000100000000000000010000ac1414430000000b44045903cdc431b0dda85babd341a76c4253634d5e90ce095000688c01ccf913a90254a12fa811aabf6dc83e3617a76e98de25d3962b8e077fb319d2df26d8c605c68968cd7b45214feb8fe649d0277201742be11d2d834bc15dfea94fed2aac41a898075941c56dade46be834e7240dc7172ef7a5a36b2be54a6716beaa1452c99ef20e98e3d6143723463ebba571d8625c308ad38a8472428088bb1e8782c4aaaeaa"], &(0x7f0000001640)={0x1, 0x3, [0x3b1, 0xdd4, 0x827, 0x9bd]})
ioctl$TIOCGPKT(r6, 0x40045431, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000008000300", @ANYRES32=r1, @ANYBLOB="084002007f000001"], 0x2c}}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='GPL\x00'}, 0x90)
fsetxattr$security_ima(r8, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="05010f0000000400d0b379783243b68464499752689555c7782c3fefaaf0e7b535b3a7ff0d117e85bd66572de73cb62c125dfb00c3e8215caaeec995e815fa2062b3ff120cca1e1a429feb56744d07b8611119b50a0fd9a063960df4ce1749e59320762885db9fbd2b27dea96a795f7c20e9c1ab7e3103ce4b48495a3dff7d567009e6d5918b37480bfbfb354291f16714ac63cd3e67461cb28f956ebd10d139db1ffbc932b85aab27fbaa951a77e3243032f1f5ba11189edbbc35b7732b1e3b36feaa895d6c2cf72e694fa862d51d412fc5bd6955663196f4f9d56f1253945e"], 0xd9, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000003a40)='attr/sockcreate\x00')

2.229935735s ago: executing program 4 (id=5526):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
socket$inet6(0xa, 0x0, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2d8)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x6a, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a00)="316f82faff29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000180)="0036d551863e1902129da79fb0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a9", 0x88}, {&(0x7f0000000c40)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336fb139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b4e01a3ef30321af56b9601fb04e5e5cb16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef374e28f6fc3066150dcb7cd9e7c3b9808eb03c18e8601a71ad3906bb12f7067bf7b51c2a364848bda30518eb340e11b9b5b9651052ab7ae9b1add0ac4936debc76ac7e2d22a49891fcc360f605f0f175d523875b2b15b3a5065fd980300000000000000094dd76ffb223c5437fc4c7ee52d17d54dba33eb93eaff5d25007b334072796ea5ec0705662bdeb09a541dcf912bd35f324ca2fc2a95e740317650fdbfa3fe", 0x190}, {&(0x7f0000000800)="560e784a5947b90900000000000000d4f4afc887d8a4c55ae9e6d3bae49259a935b480ee610800f5c5b3", 0x2a}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

1.883347089s ago: executing program 4 (id=5527):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0xe28d95e58ae557f4}})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x800, 0x1c1703)
r1 = getpid()
syz_clone3(&(0x7f0000001400)={0x40830000, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0), {0x2a}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/109, &(0x7f00000013c0)=[r1, r1, r1, 0x0], 0x4}, 0x58)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000007c0)={{0x10000, 0x2, 0xb, 0x2, 0x0, 0x81, 0x9b, 0x7, 0x4, 0x87, 0x8, 0x7}, {0x18f002, 0x4000, 0xa, 0x3, 0x8, 0xb, 0x92, 0x9, 0x8, 0x9, 0xa, 0x2}, {0x6000, 0x5000, 0xd, 0xec, 0xb3, 0xfb, 0x2, 0x4, 0xe3, 0x56, 0x39, 0xfe}, {0xd000, 0x4, 0xb, 0xd5, 0xf8, 0x3, 0x7f, 0x8, 0x5, 0x6, 0x4, 0xb4}, {0x4000, 0x100000, 0x0, 0x67, 0x1, 0x8, 0x6, 0x3, 0x5f, 0xbe, 0x3, 0x1}, {0x6000, 0x6000, 0xc, 0x2, 0xf, 0xfd, 0x0, 0x2, 0x10, 0xa7, 0x4, 0x7}, {0xb6ff58cdf5116350, 0x1, 0x8, 0x2, 0xf1, 0x0, 0x4, 0xf3, 0x5, 0x3, 0x8, 0x40}, {0x1000, 0x4000, 0x9, 0x0, 0xe, 0x4, 0xf9, 0x3, 0x1, 0x5, 0x8, 0xe}, {0x1000, 0x3}, {0x0, 0x1}, 0x0, 0x0, 0x2, 0x20100, 0x6, 0x4000, 0x7004, [0x8000000000000000, 0x9, 0x6cd2, 0x3]})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, 0xffffffffffffffff, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x14b042, 0x0)
pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000002580)=""/107})
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2001, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000004a150112790001020301090224000101000000090400000003010000092100000001220000090581030000000000"], 0x0)
ioctl$SNAPSHOT_FREE(r7, 0x3305)
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
userfaultfd(0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000010000000853a6e1d127e5d5292f3b9e67925d96d34b70244f25560e8a01161d39c2fd200ad0f9fe1a4903b6bdad0aca2777873287cad6c24404fe323db091f3913431ce0858a5ecc0bc481c4d31ac1cb548f19d5596e87dc3f3cec115a8c7d16540fbbfd3e5c2b33fe0a15100bb12af"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {}, {0x0, 0xfd}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0xff}]}})

1.803028198s ago: executing program 0 (id=5528):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000001940)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b6", @ANYRES16, @ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYBLOB="000000000000000000005a00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900010000000a000000"], 0x28}, 0x1, 0x0, 0x0, 0x40440d1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4010000160001000000000000000000fe8000000000000000000000000000bbfc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa0000000033"], 0x1a4}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="020a000002000000100000000000000052c816d028430fc2fed35e208f2aa67d23b5"], 0x10}}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8982, &(0x7f0000000180)={0x8, 'veth1_vlan\x00', {'veth1_to_bond\x00'}, 0xff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3c}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000240)=@filter={'filter\x00', 0xc, 0x4, 0x260, 0xffffffff, 0x0, 0x130, 0x130, 0x98, 0xffffffff, 0x1c8, 0x98, 0x1c8, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0)
recvfrom(r1, 0x0, 0x0, 0x2000, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.059257239s ago: executing program 2 (id=5529):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="6f59bb69296212101db2d25d7d1550eabd8017f1dcae8582eee7d0417821deba372ff17566312ebdfed0dee4fcaabfcd0f157495460a5f6fcd15448f9fc823232e24c1c6c1ad896c06197a169c2c514e77d4d3ffdca3cf990954d1baf51d00417a65", 0x62}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

968.506172ms ago: executing program 1 (id=5530):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000001940)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3", @ANYRES16, @ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="02000000290000000000000000000000020010000000000000000000000000004300000000c0000002000000ac141400ebb2822bfe522177b706550000000000000000030000000000000002000000ac14140000000000000000003645eec2c733cb201df8841fa160bf760a2e7df72690b5369013ece7180a9503a143ccb018ec36e474b85d80be33e81ae94766f397d7f71b39f92e4c03ab9e4608ad185a0d73029d664fb16ae3f59015a609d24e3af204e0134d3f8e8113217a9aaed7babab2d3e0d0aaf4461ff16dfcf8b8444990c4fd30a6e012f8fe9b6f2436da0ea3"], 0x50}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYBLOB="000000000000000000005a00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900010000000a000000"], 0x28}, 0x1, 0x0, 0x0, 0x40440d1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4010000160001000000000000000000fe8000000000000000000000000000bbfc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa0000000033"], 0x1a4}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="020a000002000000100000000000000052c816d028430fc2fed35e208f2aa67d23b5"], 0x10}}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8982, &(0x7f0000000180)={0x8, 'veth1_vlan\x00', {'veth1_to_bond\x00'}, 0xff})
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

222.815184ms ago: executing program 1 (id=5531):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000001940)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3", @ANYRES16, @ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="02000000290000000000000000000000020010000000000000000000000000004300000000c0000002000000ac141400ebb2822bfe522177b706550000000000000000030000000000000002000000ac14140000000000000000003645eec2c733cb201df8841fa160bf760a2e7df72690b5369013ece7180a9503a143ccb018ec36e474b85d80be33e81ae94766f397d7f71b39f92e4c03ab9e4608ad185a0d73029d664fb16ae3f59015a609d24e3af204e0134d3f8e8113217a9aaed7babab2d3e0d0aaf4461ff16dfcf8b8444990c4fd30a6e012f8fe9b6f2436da0ea3"], 0x50}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYBLOB="000000000000000000005a00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900010000000a000000"], 0x28}, 0x1, 0x0, 0x0, 0x40440d1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4010000160001000000000000000000fe8000000000000000000000000000bbfc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa0000000033"], 0x1a4}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="020a000002000000100000000000000052c816d028430fc2fed35e208f2aa67d23b5"], 0x10}}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8982, &(0x7f0000000180)={0x8, 'veth1_vlan\x00', {'veth1_to_bond\x00'}, 0xff})
socket$inet_udp(0x2, 0x2, 0x0)
recvfrom(r1, 0x0, 0x0, 0x2000, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

215.165903ms ago: executing program 2 (id=5532):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.swap.current\x00', 0x275a, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$EVIOCSABS20(r1, 0x40044591, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[], 0x0, 0x26}, 0x20)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x404c4701, 0x0)
writev(r1, &(0x7f0000004600)=[{&(0x7f0000000000)="186ecfc3ab6a1ca144e55cf08903b1534194e326fc56491a", 0x18}], 0x1)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000180)=@gcm_256={{0x303}, "10eae400367465ec", "5b72e7f351595d23440175126a56eab2840b81a1adc6d8cfc4e551163ff66dec", '#\x00', "000000fc00"}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xf, 0x20000000000001e6, &(0x7f0000000e80)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x7, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0x6}, 0x1dd, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x48)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_POLL_ADD={0x6, 0x26, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r0, 0x4587, 0xa61f, 0x19, 0x0, 0x0)
syz_emit_vhci(0x0, 0x22)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043b0affffffffffff10000000"], 0xd)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB], 0xd)

122.394133ms ago: executing program 0 (id=5533):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r0, &(0x7f0000004840)=[{{0x0, 0x11, &(0x7f00000017c0)=[{&(0x7f00000008c0)="166da1949ba0ee9ee511f385427169498f9565a1c4099287", 0x18}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="10"], 0x30}}], 0x2, 0x0)

0s ago: executing program 3 (id=5534):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000400)=""/173, 0x1a, 0xad, 0xa}, 0x20) (fail_nth: 4)

kernel console output (not intermixed with test programs):

 bcdDevice=b5.b0
[ 1380.902764][T26032] netlink: 'syz.1.4990': attribute type 10 has an invalid length.
[ 1380.928501][ T5146] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1380.964839][ T5146] usb 1-1: config 0 descriptor??
[ 1380.969522][T26032] team0: left promiscuous mode
[ 1380.982156][T26032] team_slave_0: left promiscuous mode
[ 1381.003626][T26032] team_slave_1: left promiscuous mode
[ 1381.044304][T26032] batman_adv: batadv0: Adding interface: team0
[ 1381.075662][T26032] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1381.120317][T26032] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1381.149925][T26035] netlink: 'syz.1.4990': attribute type 10 has an invalid length.
[ 1381.178490][T26035] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4990'.
[ 1381.197314][T26035] team0: entered promiscuous mode
[ 1381.213136][T26035] team_slave_0: entered promiscuous mode
[ 1381.244233][T26035] team_slave_1: entered promiscuous mode
[ 1381.307749][T26035] 8021q: adding VLAN 0 to HW filter on device team0
[ 1381.341848][T26035] batman_adv: batadv0: Interface activated: team0
[ 1381.366147][T26035] batman_adv: batadv0: Interface deactivated: team0
[ 1381.399552][T26035] batman_adv: batadv0: Removing interface: team0
[ 1381.422755][ T5245] usb 1-1: USB disconnect, device number 93
[ 1381.623597][T26059] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4996'.
[ 1382.433401][   T29] audit: type=1800 audit(1721447303.732:477): pid=26076 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.4999" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1382.559962][T26083] netlink: 'syz.3.5003': attribute type 4 has an invalid length.
[ 1382.711901][T26083] netlink: 'syz.3.5003': attribute type 4 has an invalid length.
[ 1383.491991][T26101] netlink: 'syz.3.5007': attribute type 10 has an invalid length.
[ 1383.579967][T26086] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5002'.
[ 1383.787055][T26101] bridge0: port 3(team0) entered disabled state
[ 1384.156097][T26101] team0: left allmulticast mode
[ 1384.161025][T26101] team_slave_0: left allmulticast mode
[ 1384.174991][T26101] team_slave_1: left allmulticast mode
[ 1384.191564][T26101] team0: left promiscuous mode
[ 1384.217571][T26101] team_slave_0: left promiscuous mode
[ 1384.223109][T26101] team_slave_1: left promiscuous mode
[ 1384.266850][T26101] bridge0: port 3(team0) entered disabled state
[ 1384.309861][T26101] batman_adv: batadv0: Adding interface: team0
[ 1384.329002][T26101] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1384.414431][T26101] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1384.440101][T26102] netlink: 'syz.3.5007': attribute type 10 has an invalid length.
[ 1384.524750][T26102] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5007'.
[ 1384.554926][T26102] team0: entered promiscuous mode
[ 1384.581791][T26102] team_slave_0: entered promiscuous mode
[ 1384.608442][T26102] team_slave_1: entered promiscuous mode
[ 1384.644820][T26102] 8021q: adding VLAN 0 to HW filter on device team0
[ 1384.674612][T26102] batman_adv: batadv0: Interface activated: team0
[ 1384.690297][T26102] batman_adv: batadv0: Interface deactivated: team0
[ 1384.709489][T26102] batman_adv: batadv0: Removing interface: team0
[ 1384.737135][T26102] bridge0: port 3(team0) entered blocking state
[ 1384.743622][T26102] bridge0: port 3(team0) entered disabled state
[ 1384.760138][T26102] team0: entered allmulticast mode
[ 1384.949470][T26102] team_slave_0: entered allmulticast mode
[ 1385.083282][T26102] team_slave_1: entered allmulticast mode
[ 1385.108505][T26102] bridge0: port 3(team0) entered blocking state
[ 1385.114880][T26102] bridge0: port 3(team0) entered forwarding state
[ 1385.731970][T26122] netlink: 'syz.2.5011': attribute type 10 has an invalid length.
[ 1385.772645][T26122] team0: left promiscuous mode
[ 1385.796312][T26122] team_slave_0: left promiscuous mode
[ 1385.801826][T26122] team_slave_1: left promiscuous mode
[ 1385.843390][T26122] batman_adv: batadv0: Adding interface: team0
[ 1385.882029][T26122] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1386.116287][T26122] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1386.163844][T26123] netlink: 'syz.2.5011': attribute type 10 has an invalid length.
[ 1386.174835][T26123] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5011'.
[ 1386.189087][T26123] team0: entered promiscuous mode
[ 1386.199231][   T29] audit: type=1800 audit(1721447307.502:478): pid=26140 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.5014" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1386.225185][T26123] team_slave_0: entered promiscuous mode
[ 1386.231550][T26123] team_slave_1: entered promiscuous mode
[ 1386.245817][T26123] 8021q: adding VLAN 0 to HW filter on device team0
[ 1386.253682][T26123] batman_adv: batadv0: Interface activated: team0
[ 1386.277435][T26123] batman_adv: batadv0: Interface deactivated: team0
[ 1386.284223][T26123] batman_adv: batadv0: Removing interface: team0
[ 1386.297673][T26136] netlink: 'syz.1.5013': attribute type 4 has an invalid length.
[ 1386.344496][T26139] netlink: 'syz.1.5013': attribute type 4 has an invalid length.
[ 1386.535477][T26144] random: crng reseeded on system resumption
[ 1386.689768][ T5087] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1386.991428][T26144] Restarting kernel threads ... done.
[ 1387.166915][ T5087] usb 2-1: Using ep0 maxpacket: 8
[ 1387.178560][ T5087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1387.194338][ T5087] usb 2-1: string descriptor 0 read error: -22
[ 1387.201163][ T5087] usb 2-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=b5.b0
[ 1387.210396][ T5087] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1387.220764][ T5087] usb 2-1: config 0 descriptor??
[ 1387.905211][ T5245] usb 2-1: USB disconnect, device number 81
[ 1388.108358][T26162] netlink: 172 bytes leftover after parsing attributes in process `syz.4.5020'.
[ 1388.661993][T26164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5021'.
[ 1390.517946][   T29] audit: type=1800 audit(1721447311.802:479): pid=26198 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.5027" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1390.778581][T26199] random: crng reseeded on system resumption
[ 1391.246142][T26210] fuse: Bad value for 'fd'
[ 1391.905773][T26219] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5034'.
[ 1392.772354][T26199] Restarting kernel threads ... done.
[ 1393.184726][T26231] random: crng reseeded on system resumption
[ 1393.606918][T26231] Restarting kernel threads ... done.
[ 1394.991455][T26260] random: crng reseeded on system resumption
[ 1395.042607][   T29] audit: type=1800 audit(1721447316.342:480): pid=26266 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.5043" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1395.111671][T26261] netlink: 'syz.0.5045': attribute type 4 has an invalid length.
[ 1395.151953][T26261] netlink: 'syz.0.5045': attribute type 4 has an invalid length.
[ 1395.314902][T26269] fuse: Bad value for 'fd'
[ 1395.391470][T26260] Restarting kernel threads ... done.
[ 1395.728813][ T5091] Bluetooth: hci5: ACL packet for unknown connection handle 201
[ 1396.741394][T26291] netlink: 'syz.4.5054': attribute type 4 has an invalid length.
[ 1396.753972][T26288] random: crng reseeded on system resumption
[ 1396.789904][T26296] netlink: 'syz.4.5054': attribute type 4 has an invalid length.
[ 1397.016017][ T5146] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1397.235718][ T5146] usb 2-1: Using ep0 maxpacket: 16
[ 1397.247886][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1397.271910][ T5146] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1397.291731][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1397.313934][ T5146] usb 2-1: config 0 descriptor??
[ 1397.355703][ T5245] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[ 1397.566373][ T5245] usb 5-1: Using ep0 maxpacket: 8
[ 1397.585908][ T5245] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1397.613006][ T5245] usb 5-1: string descriptor 0 read error: -22
[ 1397.625702][ T5245] usb 5-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=b5.b0
[ 1397.643554][ T5245] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1397.668624][ T5245] usb 5-1: config 0 descriptor??
[ 1397.906618][ T5245] usb 5-1: USB disconnect, device number 91
[ 1397.975948][T26293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1397.996043][T26293] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1398.015031][ T5146] hid (null): report_id 2838798905 is invalid
[ 1398.033506][ T5146] hid (null): unknown global tag 0xc
[ 1398.045702][ T5146] hid (null): unknown global tag 0xa5
[ 1398.055926][ T5146] hid (null): unknown global tag 0xd
[ 1398.061825][ T5146] hid (null): unknown global tag 0xc
[ 1398.071260][ T5146] hid-generic 0003:0158:0100.0033: unknown main item tag 0x1
[ 1398.085608][ T5146] hid-generic 0003:0158:0100.0033: unexpected long global item
[ 1398.107741][ T5146] hid-generic 0003:0158:0100.0033: probe with driver hid-generic failed with error -22
[ 1398.311011][ T5135] usb 2-1: USB disconnect, device number 82
[ 1398.848227][T26319] random: crng reseeded on system resumption
[ 1398.933607][T26329] fuse: Bad value for 'fd'
[ 1399.218598][T26319] Restarting kernel threads ... done.
[ 1399.615605][  T931] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1399.828808][  T931] usb 2-1: Using ep0 maxpacket: 8
[ 1399.855837][  T931] usb 2-1: config 0 has an invalid interface number: 37 but max is 2
[ 1399.878677][  T931] usb 2-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[ 1399.912110][  T931] usb 2-1: config 0 has no interface number 1
[ 1399.931678][  T931] usb 2-1: too many endpoints for config 0 interface 0 altsetting 152: 165, using maximum allowed: 30
[ 1399.970369][  T931] usb 2-1: config 0 interface 0 altsetting 152 has 0 endpoint descriptors, different from the interface descriptor's value: 165
[ 1400.009225][  T931] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1400.010957][T26355] netlink: 'syz.0.5069': attribute type 4 has an invalid length.
[ 1400.057758][T26355] netlink: 'syz.0.5069': attribute type 4 has an invalid length.
[ 1400.069447][  T931] usb 2-1: New USB device found, idVendor=087d, idProduct=5704, bcdDevice=be.0e
[ 1400.089276][  T931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1400.112827][  T931] usb 2-1: Product: syz
[ 1400.135717][  T931] usb 2-1: Manufacturer: syz
[ 1400.140503][  T931] usb 2-1: SerialNumber: syz
[ 1400.166688][  T931] usb 2-1: config 0 descriptor??
[ 1400.530734][  T931] kaweth 2-1:0.37: Firmware present in device.
[ 1400.565873][ T5245] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 1400.721961][T26337] program syz.1.5063 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1400.876462][ T5245] usb 1-1: Using ep0 maxpacket: 8
[ 1400.987171][ T5245] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1401.228709][ T5245] usb 1-1: string descriptor 0 read error: -22
[ 1401.258837][ T5245] usb 1-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=b5.b0
[ 1401.292285][ T5245] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1401.300340][  T931] kaweth 2-1:0.37: Error reading configuration (-71), no net device created
[ 1401.320667][  T931] kaweth 2-1:0.37: probe with driver kaweth failed with error -5
[ 1401.351183][ T5245] usb 1-1: config 0 descriptor??
[ 1401.355646][  T931] kaweth 2-1:0.0: Firmware present in device.
[ 1401.371560][  T931] kaweth 2-1:0.0: Error reading configuration (-71), no net device created
[ 1401.394036][  T931] kaweth 2-1:0.0: probe with driver kaweth failed with error -5
[ 1401.553863][  T931] usb 2-1: USB disconnect, device number 83
[ 1401.624442][T12465] usb 1-1: USB disconnect, device number 94
[ 1401.691158][   T29] audit: type=1800 audit(1721447322.992:481): pid=26378 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.5075" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1402.683771][T26388] random: crng reseeded on system resumption
[ 1402.809956][T26398] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5081'.
[ 1403.215107][T26388] Restarting kernel threads ... done.
[ 1404.722137][T26420] netlink: 'syz.1.5089': attribute type 4 has an invalid length.
[ 1404.784787][T26420] netlink: 'syz.1.5089': attribute type 4 has an invalid length.
[ 1405.185676][ T5245] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 1405.435935][ T5245] usb 2-1: Using ep0 maxpacket: 8
[ 1405.442634][ T5245] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1405.474609][ T5245] usb 2-1: string descriptor 0 read error: -22
[ 1405.481156][ T5245] usb 2-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=b5.b0
[ 1405.495135][ T5245] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1405.532337][ T5245] usb 2-1: config 0 descriptor??
[ 1405.576775][   T29] audit: type=1800 audit(1721447326.882:482): pid=26438 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.5093" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1405.766708][ T5245] usb 2-1: USB disconnect, device number 84
[ 1405.801049][T26443] netlink: 'syz.4.5095': attribute type 4 has an invalid length.
[ 1405.841767][T26443] netlink: 'syz.4.5095': attribute type 4 has an invalid length.
[ 1406.982262][T26450] random: crng reseeded on system resumption
[ 1407.281773][T26468] netlink: 'syz.4.5100': attribute type 10 has an invalid length.
[ 1407.311868][T26468] bridge0: port 3(team0) entered disabled state
[ 1407.347067][T26468] team0: left allmulticast mode
[ 1407.352591][T26468] team_slave_0: left allmulticast mode
[ 1407.364979][T26468] team_slave_1: left allmulticast mode
[ 1407.371932][T26468] team0: left promiscuous mode
[ 1407.382806][T26468] team_slave_0: left promiscuous mode
[ 1407.390001][T26468] team_slave_1: left promiscuous mode
[ 1407.401161][T26468] bridge0: port 3(team0) entered disabled state
[ 1407.414904][T26468] batman_adv: batadv0: Adding interface: team0
[ 1407.423831][T26468] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1407.449605][T26468] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1407.467423][T26469] netlink: 'syz.4.5100': attribute type 10 has an invalid length.
[ 1407.475358][T26469] netlink: 2 bytes leftover after parsing attributes in process `syz.4.5100'.
[ 1407.487590][T26469] team0: entered promiscuous mode
[ 1407.503123][T26469] team_slave_0: entered promiscuous mode
[ 1407.510553][T26469] team_slave_1: entered promiscuous mode
[ 1407.532213][T26469] 8021q: adding VLAN 0 to HW filter on device team0
[ 1407.542780][T26450] Restarting kernel threads ... done.
[ 1407.577087][T26469] batman_adv: batadv0: Interface activated: team0
[ 1407.583633][T26469] batman_adv: batadv0: Interface deactivated: team0
[ 1407.590681][T26469] batman_adv: batadv0: Removing interface: team0
[ 1407.645895][T26469] bridge0: port 3(team0) entered blocking state
[ 1407.658809][T26469] bridge0: port 3(team0) entered disabled state
[ 1407.667324][T26469] team0: entered allmulticast mode
[ 1407.673245][T26469] team_slave_0: entered allmulticast mode
[ 1407.679826][T26469] team_slave_1: entered allmulticast mode
[ 1407.692456][T26469] bridge0: port 3(team0) entered blocking state
[ 1407.698853][T26469] bridge0: port 3(team0) entered forwarding state
[ 1408.444392][T26495] hugetlbfs: Invalid gid '0x00000000ffffffff'
[ 1408.475205][T26496] netlink: 'syz.3.5109': attribute type 4 has an invalid length.
[ 1408.533841][T26498] netlink: 'syz.3.5109': attribute type 4 has an invalid length.
[ 1409.026010][ T5146] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1409.254772][T26518] netlink: 172 bytes leftover after parsing attributes in process `syz.0.5112'.
[ 1409.265555][ T5146] usb 4-1: Using ep0 maxpacket: 8
[ 1409.305747][ T5146] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1409.334156][ T5146] usb 4-1: string descriptor 0 read error: -22
[ 1409.361417][ T5146] usb 4-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=b5.b0
[ 1409.427022][ T5146] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1409.451548][ T5146] usb 4-1: config 0 descriptor??
[ 1410.449136][ T5146] usb 4-1: USB disconnect, device number 103
[ 1410.578995][ T5091] Bluetooth: hci5: command 0x0406 tx timeout
[ 1410.990331][T26538] netlink: 'syz.2.5120': attribute type 10 has an invalid length.
[ 1410.998343][T26538] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5120'.
[ 1411.612860][T26529] random: crng reseeded on system resumption
[ 1411.662745][   T29] audit: type=1800 audit(1721447332.962:483): pid=26545 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.5119" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1412.041034][T26529] Restarting kernel threads ... done.
[ 1412.355846][ T5135] usb 3-1: new low-speed USB device number 96 using dummy_hcd
[ 1412.615674][ T5135] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1412.627970][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 1412.643622][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1412.657198][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1413.425762][   T29] audit: type=1800 audit(1721447334.642:484): pid=26571 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.5128" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1413.455635][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1413.528705][ T5135] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1413.536306][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 1413.548030][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1413.584665][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1413.615688][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1413.644464][ T5135] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1413.660360][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 1413.695627][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1413.822365][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1413.846027][ T5135] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1413.880808][ T5135] usb 3-1: string descriptor 0 read error: -22
[ 1413.955243][T26585] netlink: 'syz.3.5132': attribute type 10 has an invalid length.
[ 1413.963361][T26585] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5132'.
[ 1414.747277][ T5135] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1414.805687][ T5135] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1414.856747][ T5135] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1414.970136][T26594] netlink: 'syz.1.5133': attribute type 10 has an invalid length.
[ 1414.978406][T26594] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5133'.
[ 1415.831081][ T5245] usb 3-1: USB disconnect, device number 96
[ 1416.115715][  T931] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1416.323005][T26606] random: crng reseeded on system resumption
[ 1416.455698][  T931] usb 4-1: Using ep0 maxpacket: 16
[ 1416.463174][  T931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1416.538878][  T931] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1416.548154][  T931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1416.684343][  T931] usb 4-1: config 0 descriptor??
[ 1416.718755][T26613] fuse: Bad value for 'fd'
[ 1417.608481][T26593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1417.649570][T26593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1417.761334][  T931] hid (null): report_id 2838798905 is invalid
[ 1417.778180][  T931] hid (null): unknown global tag 0xc
[ 1417.859592][  T931] hid (null): unknown global tag 0xa5
[ 1417.879039][  T931] hid (null): unknown global tag 0xd
[ 1417.885798][  T931] hid (null): unknown global tag 0xc
[ 1417.897167][  T931] hid-generic 0003:0158:0100.0034: unknown main item tag 0x1
[ 1417.917653][  T931] hid-generic 0003:0158:0100.0034: unexpected long global item
[ 1417.926872][  T931] hid-generic 0003:0158:0100.0034: probe with driver hid-generic failed with error -22
[ 1417.949240][T26604] Restarting kernel threads ... done.
[ 1417.969130][  T931] usb 4-1: USB disconnect, device number 104
[ 1418.007792][   T29] audit: type=1800 audit(1721447339.302:485): pid=26627 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.5141" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1418.721356][T26636] netlink: 'syz.3.5145': attribute type 10 has an invalid length.
[ 1418.731530][T26636] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5145'.
[ 1420.029244][T26651] netlink: 'syz.2.5148': attribute type 4 has an invalid length.
[ 1420.078775][T26651] netlink: 'syz.2.5148': attribute type 4 has an invalid length.
[ 1421.827255][   T29] audit: type=1800 audit(1721447342.972:486): pid=26667 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.5151" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1422.572042][T26685] random: crng reseeded on system resumption
[ 1423.228402][T26697] netlink: 'syz.4.5160': attribute type 1 has an invalid length.
[ 1423.439968][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.458114][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.827776][T26706] fuse: Bad value for 'fd'
[ 1424.306619][T26685] Restarting kernel threads ... done.
[ 1424.318228][ T4485] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1424.330855][ T4485] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1424.339244][ T4485] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1424.348052][ T4485] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1424.358220][ T4485] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1424.365638][ T4485] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1424.886850][T26727] FAULT_INJECTION: forcing a failure.
[ 1424.886850][T26727] name failslab, interval 1, probability 0, space 0, times 0
[ 1424.906915][T26727] CPU: 1 PID: 26727 Comm: syz.2.5168 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1424.916793][T26727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1424.926862][T26727] Call Trace:
[ 1424.930181][T26727]  <TASK>
[ 1424.933114][T26727]  dump_stack_lvl+0x241/0x360
[ 1424.937796][T26727]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1424.942996][T26727]  ? __pfx__printk+0x10/0x10
[ 1424.947590][T26727]  ? netlink_insert+0x10b7/0x14b0
[ 1424.952610][T26727]  should_fail_ex+0x3b0/0x4e0
[ 1424.957315][T26727]  ? __alloc_skb+0x1c3/0x440
[ 1424.961926][T26727]  should_failslab+0x9/0x20
[ 1424.966435][T26727]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1424.972253][T26727]  __alloc_skb+0x1c3/0x440
[ 1424.976682][T26727]  ? __pfx___alloc_skb+0x10/0x10
[ 1424.981625][T26727]  ? netlink_autobind+0xd6/0x2f0
[ 1424.986558][T26727]  ? netlink_autobind+0x2b0/0x2f0
[ 1424.991578][T26727]  netlink_sendmsg+0x638/0xcb0
[ 1424.996348][T26727]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1425.001628][T26727]  ? __import_iovec+0x536/0x820
[ 1425.006477][T26727]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1425.011756][T26727]  ? security_socket_sendmsg+0x87/0xb0
[ 1425.017210][T26727]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1425.022576][T26727]  __sock_sendmsg+0x221/0x270
[ 1425.027254][T26727]  ____sys_sendmsg+0x525/0x7d0
[ 1425.032017][T26727]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1425.037304][T26727]  __sys_sendmsg+0x2b0/0x3a0
[ 1425.041886][T26727]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1425.046986][T26727]  ? vfs_write+0x7c4/0xc90
[ 1425.051426][T26727]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1425.057831][T26727]  ? do_syscall_64+0x100/0x230
[ 1425.062586][T26727]  ? do_syscall_64+0xb6/0x230
[ 1425.067253][T26727]  do_syscall_64+0xf3/0x230
[ 1425.071752][T26727]  ? clear_bhb_loop+0x35/0x90
[ 1425.076430][T26727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1425.082320][T26727] RIP: 0033:0x7f3662b75b59
[ 1425.086728][T26727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1425.106331][T26727] RSP: 002b:00007f3663924048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1425.114735][T26727] RAX: ffffffffffffffda RBX: 00007f3662d05f60 RCX: 00007f3662b75b59
[ 1425.122701][T26727] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[ 1425.130659][T26727] RBP: 00007f36639240a0 R08: 0000000000000000 R09: 0000000000000000
[ 1425.138620][T26727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1425.146580][T26727] R13: 000000000000000b R14: 00007f3662d05f60 R15: 00007ffd75336978
[ 1425.154576][T26727]  </TASK>
[ 1426.250777][T26698] chnl_net:caif_netlink_parms(): no params data found
[ 1426.489651][ T4485] Bluetooth: hci4: command tx timeout
[ 1427.288748][T26747] FAULT_INJECTION: forcing a failure.
[ 1427.288748][T26747] name failslab, interval 1, probability 0, space 0, times 0
[ 1427.475837][T26747] CPU: 0 PID: 26747 Comm: syz.1.5171 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1427.485695][T26747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1427.495748][T26747] Call Trace:
[ 1427.499021][T26747]  <TASK>
[ 1427.501942][T26747]  dump_stack_lvl+0x241/0x360
[ 1427.506712][T26747]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1427.511908][T26747]  ? __pfx__printk+0x10/0x10
[ 1427.516492][T26747]  ? __phys_addr+0xba/0x170
[ 1427.520993][T26747]  ? __kasan_kmalloc_large+0x8a/0xa0
[ 1427.526274][T26747]  should_fail_ex+0x3b0/0x4e0
[ 1427.530949][T26747]  ? __build_skb+0x4b/0x90
[ 1427.535359][T26747]  should_failslab+0x9/0x20
[ 1427.539858][T26747]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 1427.545230][T26747]  __build_skb+0x4b/0x90
[ 1427.549476][T26747]  netlink_alloc_large_skb+0x65/0x100
[ 1427.554842][T26747]  netlink_sendmsg+0x638/0xcb0
[ 1427.559608][T26747]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1427.564884][T26747]  ? __mutex_trylock_common+0x183/0x2e0
[ 1427.570432][T26747]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1427.575710][T26747]  ? security_socket_sendmsg+0x87/0xb0
[ 1427.581165][T26747]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1427.586443][T26747]  __sock_sendmsg+0x221/0x270
[ 1427.591237][T26747]  sock_sendmsg+0x134/0x200
[ 1427.595740][T26747]  ? __pfx_sock_sendmsg+0x10/0x10
[ 1427.600768][T26747]  ? iov_iter_bvec+0x4e/0x180
[ 1427.605441][T26747]  splice_to_socket+0xa13/0x10b0
[ 1427.610391][T26747]  ? __pfx_splice_to_socket+0x10/0x10
[ 1427.615776][T26747]  ? __lock_acquire+0x137a/0x2040
[ 1427.620816][T26747]  ? bpf_lsm_file_permission+0x9/0x10
[ 1427.626182][T26747]  ? security_file_permission+0x7f/0xa0
[ 1427.631724][T26747]  ? rw_verify_area+0x1d2/0x6b0
[ 1427.636581][T26747]  ? __pfx_splice_to_socket+0x10/0x10
[ 1427.641962][T26747]  do_splice+0xd77/0x1900
[ 1427.646298][T26747]  ? __pfx_lock_release+0x10/0x10
[ 1427.651335][T26747]  ? vfs_write+0x7c4/0xc90
[ 1427.655749][T26747]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1427.661376][T26747]  ? pipe_clear_nowait+0x196/0x220
[ 1427.666496][T26747]  ? __pfx_do_splice+0x10/0x10
[ 1427.671263][T26747]  __se_sys_splice+0x331/0x4a0
[ 1427.676029][T26747]  ? __pfx___se_sys_splice+0x10/0x10
[ 1427.681308][T26747]  ? do_syscall_64+0x100/0x230
[ 1427.686104][T26747]  ? __x64_sys_splice+0x21/0xf0
[ 1427.690951][T26747]  do_syscall_64+0xf3/0x230
[ 1427.695447][T26747]  ? clear_bhb_loop+0x35/0x90
[ 1427.700123][T26747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.706011][T26747] RIP: 0033:0x7f551c775b59
[ 1427.710421][T26747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1427.730020][T26747] RSP: 002b:00007f551d5ba048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[ 1427.738463][T26747] RAX: ffffffffffffffda RBX: 00007f551c906038 RCX: 00007f551c775b59
[ 1427.746431][T26747] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[ 1427.754408][T26747] RBP: 00007f551d5ba0a0 R08: 0000000000007fff R09: 0000000000000000
[ 1427.762371][T26747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1427.770333][T26747] R13: 000000000000006e R14: 00007f551c906038 R15: 00007ffc5d7cac58
[ 1427.778309][T26747]  </TASK>
[ 1427.909138][   T29] audit: type=1800 audit(1721447349.202:487): pid=26753 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.5173" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1427.986804][T26698] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1428.005912][T26698] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1428.013832][T26698] bridge_slave_0: entered allmulticast mode
[ 1428.037092][T26698] bridge_slave_0: entered promiscuous mode
[ 1428.093459][T26698] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1428.175859][T26698] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1428.266001][T26698] bridge_slave_1: entered allmulticast mode
[ 1428.557623][ T5091] Bluetooth: hci4: command tx timeout
[ 1428.946042][T26698] bridge_slave_1: entered promiscuous mode
[ 1429.269975][T26698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1429.316543][T26698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1429.497799][T26698] team0: Port device team_slave_0 added
[ 1429.540429][T26698] team0: Port device team_slave_1 added
[ 1429.795398][T26768] FAULT_INJECTION: forcing a failure.
[ 1429.795398][T26768] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1429.808889][T26768] CPU: 1 PID: 26768 Comm: syz.4.5177 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1429.818712][T26768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1429.828779][T26768] Call Trace:
[ 1429.832073][T26768]  <TASK>
[ 1429.835102][T26768]  dump_stack_lvl+0x241/0x360
[ 1429.839803][T26768]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1429.845014][T26768]  ? __pfx__printk+0x10/0x10
[ 1429.849623][T26768]  ? snprintf+0xda/0x120
[ 1429.854055][T26768]  should_fail_ex+0x3b0/0x4e0
[ 1429.858752][T26768]  _copy_to_user+0x2f/0xb0
[ 1429.863186][T26768]  simple_read_from_buffer+0xca/0x150
[ 1429.868584][T26768]  proc_fail_nth_read+0x1e9/0x250
[ 1429.873624][T26768]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1429.879279][T26768]  ? rw_verify_area+0x520/0x6b0
[ 1429.884316][T26768]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1429.889971][T26768]  vfs_read+0x204/0xbc0
[ 1429.894143][T26768]  ? __pfx_lock_release+0x10/0x10
[ 1429.899187][T26768]  ? __pfx_vfs_read+0x10/0x10
[ 1429.903883][T26768]  ? __fget_files+0x29/0x470
[ 1429.908494][T26768]  ? __fget_files+0x3f6/0x470
[ 1429.913216][T26768]  ksys_read+0x1a0/0x2c0
[ 1429.917487][T26768]  ? __pfx_ksys_read+0x10/0x10
[ 1429.922269][T26768]  ? do_syscall_64+0x100/0x230
[ 1429.927138][T26768]  ? do_syscall_64+0xb6/0x230
[ 1429.931918][T26768]  do_syscall_64+0xf3/0x230
[ 1429.936433][T26768]  ? clear_bhb_loop+0x35/0x90
[ 1429.941126][T26768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.947035][T26768] RIP: 0033:0x7f0fcaf7463c
[ 1429.951461][T26768] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 1429.971082][T26768] RSP: 002b:00007f0fcbcaa040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1429.979513][T26768] RAX: ffffffffffffffda RBX: 00007f0fcb106110 RCX: 00007f0fcaf7463c
[ 1429.987499][T26768] RDX: 000000000000000f RSI: 00007f0fcbcaa0b0 RDI: 0000000000000007
[ 1429.995495][T26768] RBP: 00007f0fcbcaa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1430.003475][T26768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1430.011459][T26768] R13: 000000000000006e R14: 00007f0fcb106110 R15: 00007ffd1138c858
[ 1430.019912][T26768]  </TASK>
[ 1430.185897][T26698] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1430.214445][T26698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1430.439353][T26698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1430.516555][T26775] FAULT_INJECTION: forcing a failure.
[ 1430.516555][T26775] name failslab, interval 1, probability 0, space 0, times 0
[ 1430.603398][T26775] CPU: 0 PID: 26775 Comm: syz.1.5180 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1430.613263][T26775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1430.623349][T26775] Call Trace:
[ 1430.626652][T26775]  <TASK>
[ 1430.629596][T26775]  dump_stack_lvl+0x241/0x360
[ 1430.634304][T26775]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1430.636234][ T4485] Bluetooth: hci4: command tx timeout
[ 1430.639519][T26775]  ? __pfx__printk+0x10/0x10
[ 1430.649488][T26775]  ? __pfx___might_resched+0x10/0x10
[ 1430.654803][T26775]  ? __lock_acquire+0x137a/0x2040
[ 1430.659859][T26775]  should_fail_ex+0x3b0/0x4e0
[ 1430.664564][T26775]  ? bpf_test_init+0xe1/0x180
[ 1430.666460][T26779] random: crng reseeded on system resumption
[ 1430.669246][T26775]  should_failslab+0x9/0x20
[ 1430.679729][T26775]  __kmalloc_noprof+0xd8/0x400
[ 1430.684517][T26775]  bpf_test_init+0xe1/0x180
[ 1430.689048][T26775]  bpf_prog_test_run_xdp+0x48e/0x11b0
[ 1430.694427][T26775]  ? __pfx_lock_acquire+0x10/0x10
[ 1430.699454][T26775]  ? __pfx_lock_release+0x10/0x10
[ 1430.699483][T26775]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1430.699503][T26775]  ? __fget_files+0x29/0x470
[ 1430.699536][T26775]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1430.699559][T26775]  bpf_prog_test_run+0x33a/0x3b0
[ 1430.699582][T26775]  __sys_bpf+0x48d/0x810
[ 1430.699603][T26775]  ? __pfx___sys_bpf+0x10/0x10
[ 1430.699633][T26775]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1430.699659][T26775]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1430.699683][T26775]  ? do_syscall_64+0x100/0x230
[ 1430.699710][T26775]  __x64_sys_bpf+0x7c/0x90
[ 1430.699731][T26775]  do_syscall_64+0xf3/0x230
[ 1430.699754][T26775]  ? clear_bhb_loop+0x35/0x90
[ 1430.699781][T26775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1430.699804][T26775] RIP: 0033:0x7f551c775b59
[ 1430.699823][T26775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1430.699839][T26775] RSP: 002b:00007f551d5db048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1430.699860][T26775] RAX: ffffffffffffffda RBX: 00007f551c905f60 RCX: 00007f551c775b59
[ 1430.811649][T26775] RDX: 000000000000000c RSI: 0000000020000500 RDI: 000000000000000a
[ 1430.819631][T26775] RBP: 00007f551d5db0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1430.827604][T26775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1430.835571][T26775] R13: 000000000000000b R14: 00007f551c905f60 R15: 00007ffc5d7cac58
[ 1430.843552][T26775]  </TASK>
[ 1430.961331][T26698] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1431.025113][T26698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1431.115435][T26698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1431.272591][T26698] hsr_slave_0: entered promiscuous mode
[ 1431.306487][T26698] hsr_slave_1: entered promiscuous mode
[ 1431.316697][T26698] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1431.325296][T26698] Cannot create hsr debugfs directory
[ 1431.435891][T26789] fuse: Bad value for 'fd'
[ 1431.666760][T26698] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.721383][T26777] Restarting kernel threads ... done.
[ 1431.867214][T26698] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.980884][T26698] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1432.006203][  T931] usb 5-1: new full-speed USB device number 92 using dummy_hcd
[ 1432.157046][T26698] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1432.167944][T13951] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1432.245965][  T931] usb 5-1: not running at top speed; connect to a high speed hub
[ 1432.257344][  T931] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 943, setting to 64
[ 1432.285204][  T931] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1432.308436][  T931] usb 5-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.40
[ 1432.321559][  T931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1432.344687][  T931] usb 5-1: Product: â ”
[ 1432.355799][T13951] usb 2-1: Using ep0 maxpacket: 8
[ 1432.360096][  T931] usb 5-1: Manufacturer: 鑒促뭋梂覤갱몹㦣念웜礋ꉓ慆㓫분��爀꩞�禮幣켵彔��ꜹ⣌➦㉑㞮嶜笱㲇괧힕ⰬÛ�ﻢ鶻嗽骘⮋ৠ৓ᩋ㉸楦ꮟꙵ밄㱪퀕䶞⨩�촤ݴ﫫ᷪ識里ඓ㊃톼꽳⾮ᭆ଺ਹ㧧샯럶ⶤ촛౲歎情ࡶ鶦⌠徘蓞꽄�쥻䕑穘脜ㅰꊨ妛墈쑕篵
[ 1432.422793][T13951] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[ 1432.452916][T13951] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1432.476087][  T931] usb 5-1: SerialNumber: �满褡憌寪�䡄ตꌔ�븂鄆઩홌툜씢鷛핫ꑎ숷ྩⶒ翧䭵녘봦�ڟ�ㇱ�䈋堙í猣꓿῿좨≚ხ�괶�ꀀ꫿哭娬刬乫襑챚�즨�좨⚜鸑蠣⵭瓠�ꞗ鎉⯦⫡�녙�朷ឺ풅暴䞤�孻䠹���䎲㣨钒뛈႖��䙜旹媶�ꗤዱ䫈蜠젺慴��㠖᛻
[ 1432.481753][T13951] usb 2-1: Product: syz
[ 1432.565756][T13951] usb 2-1: Manufacturer: syz
[ 1432.570487][T13951] usb 2-1: SerialNumber: syz
[ 1432.609435][T13951] usb 2-1: config 0 descriptor??
[ 1432.612811][T26698] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1432.667123][T26698] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1432.687961][T26790] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1432.699786][T26698] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1432.718725][ T4485] Bluetooth: hci4: command tx timeout
[ 1432.880448][T13951] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1432.887962][T26698] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1432.949446][T13951] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1433.655151][  T931] usbhid 5-1:1.0: can't add hid device: -71
[ 1433.661266][  T931] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[ 1433.666357][T13951] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1433.671820][  T931] usb 5-1: USB disconnect, device number 92
[ 1433.727930][T13951] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[ 1433.749826][T26800] netlink: 'syz.3.5186': attribute type 4 has an invalid length.
[ 1433.840034][T13951] usb 2-1: USB disconnect, device number 85
[ 1433.946539][T26801] netlink: 'syz.3.5186': attribute type 4 has an invalid length.
[ 1434.211453][T26698] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1434.254638][T26698] 8021q: adding VLAN 0 to HW filter on device team0
[ 1434.308789][  T931] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1434.316030][  T931] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1434.347391][  T931] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1434.354623][  T931] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1434.544972][T26810] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5189'.
[ 1434.643953][   T29] audit: type=1800 audit(1721447355.942:488): pid=26812 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.5188" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1435.211882][T26698] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1435.369595][T26698] veth0_vlan: entered promiscuous mode
[ 1435.419026][T26698] veth1_vlan: entered promiscuous mode
[ 1435.495273][T26698] veth0_macvtap: entered promiscuous mode
[ 1435.547364][T26698] veth1_macvtap: entered promiscuous mode
[ 1435.640357][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1435.752037][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1435.848676][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1435.856963][T26838] random: crng reseeded on system resumption
[ 1436.247052][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1436.345125][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1436.717596][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1436.800239][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1436.845563][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1436.866353][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1436.903975][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1436.934789][T26698] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1437.089256][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1437.136159][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1437.158257][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1437.201262][T26836] Restarting kernel threads ... 
[ 1437.201531][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1437.201745][T26836] done.
[ 1437.229581][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1437.255065][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1437.300117][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1437.316630][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1437.326817][T26698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1437.351069][T26698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1437.377601][T26698] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1437.465738][ T5087] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1437.473937][T26850] netlink: 'syz.1.5197': attribute type 4 has an invalid length.
[ 1437.572214][T26851] netlink: 'syz.1.5197': attribute type 4 has an invalid length.
[ 1437.654472][T26698] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1437.678292][T26698] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1437.695559][T26698] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1437.695730][ T5087] usb 5-1: Using ep0 maxpacket: 8
[ 1437.714400][ T5087] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[ 1437.723774][ T5087] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1437.734009][ T5087] usb 5-1: Product: syz
[ 1437.744235][ T5087] usb 5-1: Manufacturer: syz
[ 1437.745645][T26698] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1437.749170][ T5087] usb 5-1: SerialNumber: syz
[ 1437.786585][ T5087] usb 5-1: config 0 descriptor??
[ 1437.835823][T13951] usb 4-1: new full-speed USB device number 105 using dummy_hcd
[ 1438.035914][ T9809] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1438.043869][ T9809] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1438.087195][  T146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1438.113350][  T146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1438.234095][ T5087] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1438.241443][ T5087] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1438.266738][ T5087] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1438.273244][ T5087] dvb_usb_af9035 5-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[ 1439.055689][T13951] usb 4-1: not running at top speed; connect to a high speed hub
[ 1439.116894][ T5087] usb 5-1: USB disconnect, device number 93
[ 1439.124987][T13951] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 943, setting to 64
[ 1439.150705][T13951] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1439.168433][T13951] usb 4-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.40
[ 1439.187980][T13951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1439.235638][T13951] usb 4-1: Product: â ”
[ 1439.239844][T13951] usb 4-1: Manufacturer: 鑒促뭋梂覤갱몹㦣念웜礋ꉓ慆㓫분��爀꩞�禮幣켵彔��ꜹ⣌➦㉑㞮嶜笱㲇괧힕ⰬÛ�ﻢ鶻嗽骘⮋ৠ৓ᩋ㉸楦ꮟꙵ밄㱪퀕䶞⨩�촤ݴ﫫ᷪ識里ඓ㊃톼꽳⾮ᭆ଺ਹ㧧샯럶ⶤ촛౲歎情ࡶ鶦⌠徘蓞꽄�쥻䕑穘脜ㅰꊨ妛墈쑕篵
[ 1439.295689][T13951] usb 4-1: SerialNumber: �满褡憌寪�䡄ตꌔ�븂鄆઩홌툜씢鷛핫ꑎ숷ྩⶒ翧䭵녘봦�ڟ�ㇱ�䈋堙í猣꓿῿좨≚ხ�괶�ꀀ꫿哭娬刬乫襑챚�즨�좨⚜鸑蠣⵭瓠�ꞗ鎉⯦⫡�녙�朷ឺ풅暴䞤�孻䠹���䎲㣨钒뛈႖��䙜旹媶�ꗤዱ䫈蜠젺慴��㠖᛻
[ 1439.423717][T26856] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1439.575839][  T931] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[ 1439.846123][  T931] usb 1-1: Using ep0 maxpacket: 8
[ 1439.863932][T13951] usbhid 4-1:1.0: can't add hid device: -71
[ 1439.870947][  T931] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1439.894000][  T931] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1439.924799][  T931] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1439.953973][T13951] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[ 1439.959078][  T931] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1440.012697][T13951] usb 4-1: USB disconnect, device number 105
[ 1440.018613][  T931] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1440.060616][  T931] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1440.063323][T26881] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5204'.
[ 1440.140942][  T931] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1440.414172][  T931] usb 1-1: GET_CAPABILITIES returned 0
[ 1440.424262][  T931] usbtmc 1-1:16.0: can't read capabilities
[ 1440.619944][T26887] random: crng reseeded on system resumption
[ 1440.683878][  T931] usb 1-1: USB disconnect, device number 95
[ 1440.897656][T26896] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5208'.
[ 1440.976047][ T4485] Bluetooth: hci5: command 0x0406 tx timeout
[ 1442.597941][T26887] Restarting kernel threads ... done.
[ 1442.750477][T26907] netlink: 'syz.1.5210': attribute type 10 has an invalid length.
[ 1442.941574][T26907] team0: left promiscuous mode
[ 1443.000599][T26907] team_slave_0: left promiscuous mode
[ 1443.016611][T26907] team_slave_1: left promiscuous mode
[ 1443.114468][T26907] batman_adv: batadv0: Adding interface: team0
[ 1443.120849][T26907] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1443.146436][T26907] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1443.157614][T26909] netlink: 'syz.1.5210': attribute type 10 has an invalid length.
[ 1443.165663][T26909] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5210'.
[ 1443.174800][T26909] team0: entered promiscuous mode
[ 1443.180010][T26909] team_slave_0: entered promiscuous mode
[ 1443.186242][T26909] team_slave_1: entered promiscuous mode
[ 1443.194631][T26909] 8021q: adding VLAN 0 to HW filter on device team0
[ 1443.204217][T26909] batman_adv: batadv0: Interface activated: team0
[ 1443.211025][T26909] batman_adv: batadv0: Interface deactivated: team0
[ 1443.217878][T26909] batman_adv: batadv0: Removing interface: team0
[ 1443.236206][T26638] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1444.480366][T26638] usb 3-1: Using ep0 maxpacket: 8
[ 1444.594737][T26638] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[ 1444.621840][T26638] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1444.656092][T26638] usb 3-1: Product: syz
[ 1444.668243][T26638] usb 3-1: Manufacturer: syz
[ 1444.673340][T26638] usb 3-1: SerialNumber: syz
[ 1444.687301][T26638] usb 3-1: config 0 descriptor??
[ 1444.988748][T26638] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1445.004625][T26638] dvb_usb_af9015 3-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1445.054223][T26638] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1445.070151][T26638] dvb_usb_af9035 3-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[ 1445.117174][T26638] usb 3-1: USB disconnect, device number 97
[ 1445.226027][T26935] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[ 1445.355763][T26858] usb 2-1: new full-speed USB device number 86 using dummy_hcd
[ 1445.558031][T26858] usb 2-1: not running at top speed; connect to a high speed hub
[ 1445.594061][T26858] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 943, setting to 64
[ 1445.615576][T26858] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1445.637940][T26858] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.40
[ 1445.665108][T26858] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1445.674984][T26939] netlink: 172 bytes leftover after parsing attributes in process `syz.3.5219'.
[ 1445.707785][T26858] usb 2-1: Product: â ”
[ 1445.712008][T26858] usb 2-1: Manufacturer: 鑒促뭋梂覤갱몹㦣念웜礋ꉓ慆㓫분��爀꩞�禮幣켵彔��ꜹ⣌➦㉑㞮嶜笱㲇괧힕ⰬÛ�ﻢ鶻嗽骘⮋ৠ৓ᩋ㉸楦ꮟꙵ밄㱪퀕䶞⨩�촤ݴ﫫ᷪ識里ඓ㊃톼꽳⾮ᭆ଺ਹ㧧샯럶ⶤ촛౲歎情ࡶ鶦⌠徘蓞꽄�쥻䕑穘脜ㅰꊨ妛墈쑕篵
[ 1445.827385][T26858] usb 2-1: SerialNumber: �满褡憌寪�䡄ตꌔ�븂鄆઩홌툜씢鷛핫ꑎ숷ྩⶒ翧䭵녘봦�ڟ�ㇱ�䈋堙í猣꓿῿좨≚ხ�괶�ꀀ꫿哭娬刬乫襑챚�즨�좨⚜鸑蠣⵭瓠�ꞗ鎉⯦⫡�녙�朷ឺ풅暴䞤�孻䠹���䎲㣨钒뛈႖��䙜旹媶�ꗤዱ䫈蜠젺慴��㠖᛻
[ 1446.253997][T26943] overlayfs: failed to resolve './file0': -2
[ 1446.297013][T26933] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1446.843647][T26638] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[ 1447.066052][T26638] usb 4-1: Using ep0 maxpacket: 8
[ 1447.121442][T26638] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1447.165089][T26638] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1447.265834][T26638] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1447.362825][T26858] usbhid 2-1:1.0: can't add hid device: -71
[ 1447.369208][T26858] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[ 1447.382086][T26858] usb 2-1: USB disconnect, device number 86
[ 1447.400191][T26638] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1447.464993][T26638] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1447.552336][T26962] netlink: 'syz.2.5224': attribute type 10 has an invalid length.
[ 1447.555564][T26638] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1447.618473][T26638] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1447.665832][T26962] team0: left promiscuous mode
[ 1447.671121][T26962] team_slave_0: left promiscuous mode
[ 1447.677536][T26962] team_slave_1: left promiscuous mode
[ 1447.701781][T26962] batman_adv: batadv0: Adding interface: team0
[ 1447.710302][T26962] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1447.735950][T26962] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1447.746991][T26963] netlink: 'syz.2.5224': attribute type 10 has an invalid length.
[ 1447.754880][T26963] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5224'.
[ 1447.764581][T26963] team0: entered promiscuous mode
[ 1447.769815][T26963] team_slave_0: entered promiscuous mode
[ 1447.775807][T26963] team_slave_1: entered promiscuous mode
[ 1447.784037][T26963] 8021q: adding VLAN 0 to HW filter on device team0
[ 1447.791001][T26963] batman_adv: batadv0: Interface activated: team0
[ 1447.797671][T26963] batman_adv: batadv0: Interface deactivated: team0
[ 1447.804366][T26963] batman_adv: batadv0: Removing interface: team0
[ 1447.888323][T26638] usb 4-1: GET_CAPABILITIES returned 0
[ 1447.894038][T26638] usbtmc 4-1:16.0: can't read capabilities
[ 1448.368344][T26968] random: crng reseeded on system resumption
[ 1448.375727][ T5087] usb 4-1: USB disconnect, device number 106
[ 1448.961980][T26980] fuse: Bad value for 'fd'
[ 1450.356062][T26994] netlink: 'syz.3.5233': attribute type 10 has an invalid length.
[ 1450.621820][ T5091] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1450.631318][ T5091] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1450.645200][ T5091] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1450.714901][ T5091] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1450.724659][ T5091] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1450.732243][ T5091] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1450.765925][T26994] bridge0: port 3(team0) entered disabled state
[ 1450.777168][T26994] team0: left allmulticast mode
[ 1450.782277][T26994] team_slave_0: left allmulticast mode
[ 1450.790678][T26994] team_slave_1: left allmulticast mode
[ 1450.796622][T26994] team0: left promiscuous mode
[ 1450.801529][T26994] team_slave_0: left promiscuous mode
[ 1450.807474][T26994] team_slave_1: left promiscuous mode
[ 1450.813468][T26994] bridge0: port 3(team0) entered disabled state
[ 1451.165324][T26994] batman_adv: batadv0: Adding interface: team0
[ 1451.515174][T26994] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1451.725844][T26994] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1451.742488][T26995] netlink: 'syz.3.5233': attribute type 10 has an invalid length.
[ 1452.507958][T26995] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5233'.
[ 1452.552715][T26995] team0: entered promiscuous mode
[ 1452.564574][T26995] team_slave_0: entered promiscuous mode
[ 1452.586022][T26995] team_slave_1: entered promiscuous mode
[ 1452.604808][T26995] 8021q: adding VLAN 0 to HW filter on device team0
[ 1452.615986][T26995] batman_adv: batadv0: Interface activated: team0
[ 1452.635237][T26995] batman_adv: batadv0: Interface deactivated: team0
[ 1452.654055][T26995] batman_adv: batadv0: Removing interface: team0
[ 1452.792854][T26995] bridge0: port 3(team0) entered blocking state
[ 1452.803523][T26995] bridge0: port 3(team0) entered disabled state
[ 1452.811789][T26995] team0: entered allmulticast mode
[ 1452.822269][T27020] netlink: 'syz.2.5238': attribute type 3 has an invalid length.
[ 1452.825547][T26995] team_slave_0: entered allmulticast mode
[ 1453.197311][ T4485] Bluetooth: hci3: command tx timeout
[ 1453.465901][T26995] team_slave_1: entered allmulticast mode
[ 1453.498810][T26995] bridge0: port 3(team0) entered blocking state
[ 1453.505165][T26995] bridge0: port 3(team0) entered forwarding state
[ 1453.653092][  T146] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1453.695792][T27020] netlink: 'syz.2.5238': attribute type 3 has an invalid length.
[ 1453.907760][    C0] eth0: bad gso: type: 1, size: 1408
[ 1453.994238][  T146] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1454.195458][T27037] netlink: 'syz.1.5242': attribute type 4 has an invalid length.
[ 1454.998168][  T146] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1455.202928][  T146] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1455.275915][ T4485] Bluetooth: hci3: command tx timeout
[ 1455.412866][T27052] random: crng reseeded on system resumption
[ 1457.357922][ T4485] Bluetooth: hci3: command tx timeout
[ 1459.436108][ T4485] Bluetooth: hci3: command tx timeout
[ 1460.387799][T27064] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1460.487861][T27069] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5249'.
[ 1460.565020][T26997] chnl_net:caif_netlink_parms(): no params data found
[ 1460.783426][  T146] team0: left allmulticast mode
[ 1460.788528][  T146] team_slave_0: left allmulticast mode
[ 1460.794193][  T146] team_slave_1: left allmulticast mode
[ 1460.801112][  T146] bridge0: port 3(team0) entered disabled state
[ 1460.815314][  T146] bridge_slave_1: left allmulticast mode
[ 1460.821537][  T146] bridge_slave_1: left promiscuous mode
[ 1460.827921][  T146] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1460.871279][  T146] bridge_slave_0: left allmulticast mode
[ 1460.886826][  T146] bridge_slave_0: left promiscuous mode
[ 1460.892743][  T146] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1461.225743][ T5087] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1461.437784][ T5087] usb 4-1: Using ep0 maxpacket: 16
[ 1461.460887][ T5087] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1461.487644][ T5087] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1461.522897][ T5087] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1461.549494][ T5087] usb 4-1: config 0 descriptor??
[ 1461.962692][T27064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1461.988881][T27064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1462.007658][ T5087] usbhid 4-1:0.0: can't add hid device: -71
[ 1462.014355][ T5087] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1462.092805][ T5087] usb 4-1: USB disconnect, device number 107
[ 1462.469122][  T146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1462.492187][  T146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1462.526676][  T146] bond0 (unregistering): Released all slaves
[ 1462.744644][    C0] eth0: bad gso: type: 1, size: 1408
[ 1462.804280][T26997] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1462.859493][T26997] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1462.909826][T26997] bridge_slave_0: entered allmulticast mode
[ 1462.922324][T27099] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5256'.
[ 1462.933160][T26997] bridge_slave_0: entered promiscuous mode
[ 1464.220687][T26997] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1464.231630][T26997] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1464.455857][T26997] bridge_slave_1: entered allmulticast mode
[ 1464.463642][T26997] bridge_slave_1: entered promiscuous mode
[ 1464.678410][T26997] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1464.857168][T26638] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1464.899403][T27121] random: crng reseeded on system resumption
[ 1465.706735][T26638] usb 3-1: Using ep0 maxpacket: 16
[ 1465.716372][T26638] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1465.742873][T26997] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1465.759495][T26638] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1465.789087][T26638] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1465.808996][T26638] usb 3-1: config 0 descriptor??
[ 1466.034916][T26997] team0: Port device team_slave_0 added
[ 1466.061949][T27137] netlink: 'syz.1.5263': attribute type 10 has an invalid length.
[ 1466.076819][T27137] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5263'.
[ 1466.097053][T26997] team0: Port device team_slave_1 added
[ 1466.124829][  T146] hsr_slave_0: left promiscuous mode
[ 1466.158656][  T146] hsr_slave_1: left promiscuous mode
[ 1466.189697][  T146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1466.218425][  T146] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1466.247892][  T146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1466.280242][  T146] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1466.411487][  T146] veth1_macvtap: left promiscuous mode
[ 1466.433814][  T146] veth0_macvtap: left promiscuous mode
[ 1466.454410][  T146] veth1_vlan: left promiscuous mode
[ 1466.476496][  T146] veth0_vlan: left promiscuous mode
[ 1466.554917][T27118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1466.591247][T27118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1466.671842][T26638] hid (null): report_id 2838798905 is invalid
[ 1466.687343][T26638] hid (null): unknown global tag 0xc
[ 1466.701133][T26638] hid (null): unknown global tag 0xa5
[ 1466.708880][T26638] hid (null): unknown global tag 0xd
[ 1466.726119][T26638] hid (null): unknown global tag 0xc
[ 1466.752133][T26638] hid-generic 0003:0158:0100.0035: unknown main item tag 0x1
[ 1466.782347][T26638] hid-generic 0003:0158:0100.0035: unexpected long global item
[ 1466.814040][T26638] hid-generic 0003:0158:0100.0035: probe with driver hid-generic failed with error -22
[ 1466.869450][T26638] usb 3-1: USB disconnect, device number 98
[ 1469.555652][  T146] team_slave_1 (unregistering): left promiscuous mode
[ 1469.587977][  T146] team0 (unregistering): Port device team_slave_1 removed
[ 1469.702945][  T146] team_slave_0 (unregistering): left promiscuous mode
[ 1469.722692][  T146] team0 (unregistering): Port device team_slave_0 removed
[ 1472.826352][T27181] netlink: 'syz.2.5274': attribute type 10 has an invalid length.
[ 1473.053191][T27181] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5274'.
[ 1473.186515][T27189] random: crng reseeded on system resumption
[ 1473.203416][T26997] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1473.210525][T26997] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1473.404124][T26997] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1473.697556][T26997] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1473.713045][T26997] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1473.795594][T26997] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1473.925702][T27190] netlink: 'syz.3.5275': attribute type 10 has an invalid length.
[ 1473.933550][T27190] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5275'.
[ 1474.140157][T27189] Restarting kernel threads ... done.
[ 1474.196160][T26997] hsr_slave_0: entered promiscuous mode
[ 1474.206461][T26997] hsr_slave_1: entered promiscuous mode
[ 1474.233019][T26997] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1474.254342][T26997] Cannot create hsr debugfs directory
[ 1475.468468][T27215] netlink: 'syz.0.5282': attribute type 10 has an invalid length.
[ 1476.752899][T27215] batman_adv: batadv0: Adding interface: team0
[ 1476.765349][T27215] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1476.832494][T27215] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1477.645211][T27216] netlink: 'syz.0.5282': attribute type 10 has an invalid length.
[ 1477.665610][T27216] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5282'.
[ 1477.793606][T27216] team0: entered promiscuous mode
[ 1477.915961][T27216] team_slave_0: entered promiscuous mode
[ 1477.945774][T27216] team_slave_1: entered promiscuous mode
[ 1477.959834][T27216] 8021q: adding VLAN 0 to HW filter on device team0
[ 1478.561683][T27216] batman_adv: batadv0: Interface activated: team0
[ 1478.579941][T27216] batman_adv: batadv0: Interface deactivated: team0
[ 1478.665020][T27216] batman_adv: batadv0: Removing interface: team0
[ 1478.776569][T27216] bridge0: port 3(team0) entered blocking state
[ 1478.790639][T27216] bridge0: port 3(team0) entered disabled state
[ 1478.800481][T27216] team0: entered allmulticast mode
[ 1478.811007][T27216] team_slave_0: entered allmulticast mode
[ 1478.825460][T27216] team_slave_1: entered allmulticast mode
[ 1478.969677][T27216] bridge0: port 3(team0) entered blocking state
[ 1478.976123][T27216] bridge0: port 3(team0) entered forwarding state
[ 1479.011775][T27235] netlink: 'syz.2.5286': attribute type 10 has an invalid length.
[ 1479.026089][T27235] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5286'.
[ 1480.446603][T27261] overlayfs: failed to resolve './file0': -2
[ 1480.501624][T27263] random: crng reseeded on system resumption
[ 1480.897558][T26997] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1480.938417][T26997] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1480.966082][T26997] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1481.001805][T26997] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1483.255653][T27285] random: crng reseeded on system resumption
[ 1483.258212][T27283] netlink: 'syz.2.5298': attribute type 10 has an invalid length.
[ 1483.287090][T27283] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5298'.
[ 1483.344356][T26997] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1483.402830][T26997] 8021q: adding VLAN 0 to HW filter on device team0
[ 1483.422801][T26858] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1483.430002][T26858] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1483.474084][T26858] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1483.481373][T26858] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1484.141392][T27285] Restarting kernel threads ... done.
[ 1484.169402][ T5091] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1484.180628][ T5091] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1484.190887][ T5091] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1484.199595][ T5091] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1484.208499][ T5091] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1484.233247][ T5091] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1484.392628][T26997] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1484.523581][   T63] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.541439][T27304] IPVS: sh: UDP 0.0.0.0:0 - no destination available
[ 1484.835399][   T63] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.878208][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.884547][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.058682][   T63] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1485.304902][   T63] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1485.539910][T27300] chnl_net:caif_netlink_parms(): no params data found
[ 1486.318705][ T4485] Bluetooth: hci1: command tx timeout
[ 1489.041670][T26997] veth0_vlan: entered promiscuous mode
[ 1489.093806][T26997] veth1_vlan: entered promiscuous mode
[ 1489.273874][T27335] random: crng reseeded on system resumption
[ 1489.598548][ T4485] Bluetooth: hci1: command tx timeout
[ 1489.951497][T27335] Restarting kernel threads ... done.
[ 1490.672210][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1490.703683][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1490.732139][   T63] bond0 (unregistering): Released all slaves
[ 1490.766992][   T63] bond1 (unregistering): Released all slaves
[ 1490.960328][   T63] tipc: Disabling bearer <eth:hsr0>
[ 1491.011306][   T63] tipc: Left network mode
[ 1491.026259][T27300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1491.050892][T27300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1491.072699][T27300] bridge_slave_0: entered allmulticast mode
[ 1491.100776][T27300] bridge_slave_0: entered promiscuous mode
[ 1491.140057][T27300] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1491.148466][   T63] IPVS: stopping master sync thread 20653 ...
[ 1491.159848][T27300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1491.193059][T27300] bridge_slave_1: entered allmulticast mode
[ 1491.218284][T27300] bridge_slave_1: entered promiscuous mode
[ 1491.497146][ T5091] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1491.528953][ T5091] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1491.539004][ T5091] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1491.548093][ T5091] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1491.555799][ T5091] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1491.563137][ T5091] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1491.675822][ T4485] Bluetooth: hci1: command tx timeout
[ 1492.353765][T26997] veth0_macvtap: entered promiscuous mode
[ 1492.478674][T27362] netlink: 'syz.3.5316': attribute type 4 has an invalid length.
[ 1492.502472][T27363] netlink: 'syz.3.5316': attribute type 4 has an invalid length.
[ 1492.539303][T27300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1492.587223][T27300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1492.645303][T26997] veth1_macvtap: entered promiscuous mode
[ 1492.738099][T27300] team0: Port device team_slave_0 added
[ 1493.704580][T27300] team0: Port device team_slave_1 added
[ 1493.766999][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1493.784418][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1493.806765][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1493.825681][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1493.835918][ T5091] Bluetooth: hci1: command tx timeout
[ 1493.844387][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1493.856370][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1493.874388][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1493.886962][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1493.898217][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1493.909092][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1493.921116][T26997] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1494.019945][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1494.035551][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1494.045465][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1494.065578][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1494.086098][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1494.129131][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1494.145816][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1494.159347][ T4485] Bluetooth: hci6: command tx timeout
[ 1494.172170][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1494.185293][T26997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1494.197679][T26997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1494.216480][T26997] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1494.225592][T27300] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1494.232554][T27300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1494.310723][T27300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1494.362772][   T63] hsr_slave_0: left promiscuous mode
[ 1494.363215][   T63] hsr_slave_1: left promiscuous mode
[ 1494.363726][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1494.363779][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1494.364340][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1494.364359][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1494.385278][   T63] veth1_macvtap: left promiscuous mode
[ 1494.385397][   T63] veth0_macvtap: left promiscuous mode
[ 1494.386962][   T63] veth1_vlan: left promiscuous mode
[ 1494.387049][   T63] veth0_vlan: left promiscuous mode
[ 1494.715405][T27388] random: crng reseeded on system resumption
[ 1495.725710][T13951] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 1495.938024][T13951] usb 4-1: config 0 has an invalid interface number: 195 but max is 0
[ 1495.951235][T13951] usb 4-1: config 0 has no interface number 0
[ 1495.977191][T13951] usb 4-1: New USB device found, idVendor=041e, idProduct=400a, bcdDevice=9e.b6
[ 1495.990366][T13951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1496.018188][T13951] usb 4-1: Product: syz
[ 1496.022572][T13951] usb 4-1: Manufacturer: syz
[ 1496.031155][T13951] usb 4-1: SerialNumber: syz
[ 1496.078025][T13951] usb 4-1: config 0 descriptor??
[ 1496.088368][T13951] gspca_main: spca500-2.14.0 probing 041e:400a
[ 1496.136812][   T63] team_slave_1 (unregistering): left promiscuous mode
[ 1496.187099][   T63] team0 (unregistering): Port device team_slave_1 removed
[ 1496.250835][ T4485] Bluetooth: hci6: command tx timeout
[ 1496.375792][  T931] usb 4-1: USB disconnect, device number 108
[ 1496.544980][   T63] team_slave_0 (unregistering): left promiscuous mode
[ 1496.564106][   T63] team0 (unregistering): Port device team_slave_0 removed
[ 1498.180115][T26997] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.190278][T26997] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.199997][T26997] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.208778][T26997] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.223336][T27300] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1498.231699][T27300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1498.300075][T27300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1498.320006][ T4485] Bluetooth: hci6: command tx timeout
[ 1498.905839][T27300] hsr_slave_0: entered promiscuous mode
[ 1498.970378][T27300] hsr_slave_1: entered promiscuous mode
[ 1498.986754][T27300] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1499.001290][T27300] Cannot create hsr debugfs directory
[ 1499.308604][T21290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1499.455675][T21290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1499.631503][T27435] random: crng reseeded on system resumption
[ 1499.667290][   T63] IPVS: stop unused estimator thread 0...
[ 1499.745592][T27360] chnl_net:caif_netlink_parms(): no params data found
[ 1499.777745][T21290] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1499.828055][T21290] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1500.372700][   T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1500.397850][ T4485] Bluetooth: hci6: command tx timeout
[ 1500.522396][T27435] Restarting kernel threads ... done.
[ 1500.839061][   T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1500.924757][T27360] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1500.957961][T27360] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1500.982200][T27360] bridge_slave_0: entered allmulticast mode
[ 1501.001286][T27360] bridge_slave_0: entered promiscuous mode
[ 1501.018401][T27360] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1501.050393][T27360] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1501.066766][T27360] bridge_slave_1: entered allmulticast mode
[ 1501.080096][T27360] bridge_slave_1: entered promiscuous mode
[ 1501.111909][   T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1501.312096][   T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1501.478154][T27360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1501.530345][T27360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1501.859977][T27360] team0: Port device team_slave_0 added
[ 1502.018480][T27360] team0: Port device team_slave_1 added
[ 1502.110420][T27300] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1502.410148][T27300] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1502.451701][T27300] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1502.509679][   T63] team0: left allmulticast mode
[ 1502.535454][   T63] team_slave_0: left allmulticast mode
[ 1502.575703][   T63] team_slave_1: left allmulticast mode
[ 1502.581633][   T63] bridge0: port 3(team0) entered disabled state
[ 1502.605132][   T63] bridge_slave_1: left allmulticast mode
[ 1502.621930][   T63] bridge_slave_1: left promiscuous mode
[ 1502.658591][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1502.690572][   T63] bridge_slave_0: left allmulticast mode
[ 1502.740975][   T63] bridge_slave_0: left promiscuous mode
[ 1502.760656][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1504.206174][T27520] random: crng reseeded on system resumption
[ 1504.586982][T27520] Restarting kernel threads ... done.
[ 1504.667335][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1504.689185][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1504.724205][   T63] bond0 (unregistering): Released all slaves
[ 1504.761652][T27360] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1504.768858][T27360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1504.845653][T27360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1504.874504][T27360] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1504.894498][T27360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1504.963344][T27360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1504.985280][T27300] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1505.019426][T27511] netlink: 'syz.1.5343': attribute type 10 has an invalid length.
[ 1505.027556][T27511] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5343'.
[ 1505.234646][T27528] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5347'.
[ 1505.981431][T27360] hsr_slave_0: entered promiscuous mode
[ 1505.988060][T27360] hsr_slave_1: entered promiscuous mode
[ 1505.994253][T27360] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1506.027997][T27360] Cannot create hsr debugfs directory
[ 1506.143148][   T63] hsr_slave_0: left promiscuous mode
[ 1506.152205][   T63] hsr_slave_1: left promiscuous mode
[ 1506.230219][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1506.245191][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1506.552768][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1506.599049][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1507.248364][   T63] veth1_macvtap: left promiscuous mode
[ 1507.285631][   T63] veth0_macvtap: left promiscuous mode
[ 1507.296184][T27553] random: crng reseeded on system resumption
[ 1507.301771][   T63] veth1_vlan: left promiscuous mode
[ 1507.313660][   T63] veth0_vlan: left promiscuous mode
[ 1507.999190][T24716] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1508.165662][T24716] usb 2-1: device descriptor read/64, error -71
[ 1508.366813][   T63] team_slave_1 (unregistering): left promiscuous mode
[ 1508.404088][   T63] team0 (unregistering): Port device team_slave_1 removed
[ 1508.436382][T24716] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1508.485972][   T63] team_slave_0 (unregistering): left promiscuous mode
[ 1508.507974][   T63] team0 (unregistering): Port device team_slave_0 removed
[ 1508.595623][T24716] usb 2-1: device descriptor read/64, error -71
[ 1508.722275][T24716] usb usb2-port1: attempt power cycle
[ 1509.145764][T24716] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1509.188333][T24716] usb 2-1: device descriptor read/8, error -71
[ 1509.455635][T24716] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1509.520929][T24716] usb 2-1: device descriptor read/8, error -71
[ 1509.674021][T24716] usb usb2-port1: unable to enumerate USB device
[ 1510.146207][T27566] netlink: 'syz.3.5355': attribute type 10 has an invalid length.
[ 1510.285951][T27566] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5355'.
[ 1510.742658][T27300] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1510.747715][T27570] random: crng reseeded on system resumption
[ 1510.943547][T27300] 8021q: adding VLAN 0 to HW filter on device team0
[ 1510.982416][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1510.989583][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1511.123754][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1511.130898][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1511.720420][T27300] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1511.766848][T27570] Restarting kernel threads ... done.
[ 1511.783192][T27360] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1511.827149][T27300] veth0_vlan: entered promiscuous mode
[ 1511.835591][T27360] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1511.889493][T27300] veth1_vlan: entered promiscuous mode
[ 1511.910018][T27360] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1511.934596][T27360] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1512.014473][T27300] veth0_macvtap: entered promiscuous mode
[ 1512.034945][T27300] veth1_macvtap: entered promiscuous mode
[ 1512.060694][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1512.076772][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.105891][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1512.142036][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.162057][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1512.189859][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.212814][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1512.250970][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.284287][T27300] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1512.367486][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.393559][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.417914][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.433759][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.479997][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.491821][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.503889][T27300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.517177][T27300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.547324][T27300] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1512.566489][    C0] eth0: bad gso: type: 1, size: 1408
[ 1512.616771][T27300] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.649114][T27300] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.667899][T27300] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.684761][T27300] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.720789][T27598] syzkaller1: entered promiscuous mode
[ 1512.770592][T27598] syzkaller1: entered allmulticast mode
[ 1513.052129][T27610] FAULT_INJECTION: forcing a failure.
[ 1513.052129][T27610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1513.084410][T27610] CPU: 1 PID: 27610 Comm: syz.4.5365 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1513.094343][T27610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1513.104417][T27610] Call Trace:
[ 1513.107732][T27610]  <TASK>
[ 1513.110688][T27610]  dump_stack_lvl+0x241/0x360
[ 1513.115376][T27610]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1513.120567][T27610]  ? __pfx__printk+0x10/0x10
[ 1513.125158][T27610]  ? snprintf+0xda/0x120
[ 1513.129393][T27610]  should_fail_ex+0x3b0/0x4e0
[ 1513.134058][T27610]  _copy_to_user+0x2f/0xb0
[ 1513.138489][T27610]  simple_read_from_buffer+0xca/0x150
[ 1513.143895][T27610]  proc_fail_nth_read+0x1e9/0x250
[ 1513.148920][T27610]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1513.154464][T27610]  ? rw_verify_area+0x520/0x6b0
[ 1513.159316][T27610]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1513.164854][T27610]  vfs_read+0x204/0xbc0
[ 1513.168999][T27610]  ? __pfx_lock_release+0x10/0x10
[ 1513.174012][T27610]  ? __pfx_vfs_read+0x10/0x10
[ 1513.178672][T27610]  ? rep_movs_alternative+0x30/0x70
[ 1513.183953][T27610]  ? __fget_files+0x29/0x470
[ 1513.188540][T27610]  ? __fget_files+0x3f6/0x470
[ 1513.193212][T27610]  ksys_read+0x1a0/0x2c0
[ 1513.197468][T27610]  ? __pfx_ksys_read+0x10/0x10
[ 1513.202215][T27610]  ? do_syscall_64+0x100/0x230
[ 1513.206965][T27610]  ? do_syscall_64+0xb6/0x230
[ 1513.211624][T27610]  do_syscall_64+0xf3/0x230
[ 1513.216113][T27610]  ? clear_bhb_loop+0x35/0x90
[ 1513.220797][T27610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1513.226687][T27610] RIP: 0033:0x7fcbc437463c
[ 1513.231093][T27610] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 1513.250692][T27610] RSP: 002b:00007fcbc5198040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1513.259093][T27610] RAX: ffffffffffffffda RBX: 00007fcbc4505f60 RCX: 00007fcbc437463c
[ 1513.267048][T27610] RDX: 000000000000000f RSI: 00007fcbc51980b0 RDI: 0000000000000004
[ 1513.275005][T27610] RBP: 00007fcbc51980a0 R08: 0000000000000000 R09: 0000000000000000
[ 1513.282959][T27610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1513.290936][T27610] R13: 000000000000000b R14: 00007fcbc4505f60 R15: 00007fff5f09d8a8
[ 1513.298905][T27610]  </TASK>
[ 1513.796499][T27614] netlink: 'syz.1.5366': attribute type 10 has an invalid length.
[ 1513.804409][T27614] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5366'.
[ 1514.283668][T27360] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1514.485072][T27360] 8021q: adding VLAN 0 to HW filter on device team0
[ 1514.543379][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1514.558712][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1514.619766][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1514.626979][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1514.640705][T27621] random: crng reseeded on system resumption
[ 1514.692665][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1514.699783][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1514.738691][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1514.776785][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1514.844931][T27360] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1514.874126][T27360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1515.218193][T27644] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5371'.
[ 1515.943138][T27360] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1515.966148][T27621] Restarting kernel threads ... done.
[ 1516.300983][T27660] netlink: 'syz.2.5376': attribute type 10 has an invalid length.
[ 1516.309328][T27660] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5376'.
[ 1516.321407][T27660] team0: entered promiscuous mode
[ 1516.326562][T27660] team_slave_0: entered promiscuous mode
[ 1516.332557][T27660] team_slave_1: entered promiscuous mode
[ 1516.339135][T27660] bridge0: port 3(team0) entered blocking state
[ 1516.345679][T27660] bridge0: port 3(team0) entered disabled state
[ 1516.352276][T27660] team0: entered allmulticast mode
[ 1516.357533][T27660] team_slave_0: entered allmulticast mode
[ 1516.363331][T27660] team_slave_1: entered allmulticast mode
[ 1516.372575][T27660] bridge0: port 3(team0) entered blocking state
[ 1516.379041][T27660] bridge0: port 3(team0) entered forwarding state
[ 1516.557991][T27360] veth0_vlan: entered promiscuous mode
[ 1517.016469][T27360] veth1_vlan: entered promiscuous mode
[ 1517.101718][T27360] veth0_macvtap: entered promiscuous mode
[ 1517.374950][T27360] veth1_macvtap: entered promiscuous mode
[ 1517.382276][T27670] netlink: 'syz.1.5377': attribute type 10 has an invalid length.
[ 1517.425958][T27670] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5377'.
[ 1517.948310][T27679] FAULT_INJECTION: forcing a failure.
[ 1517.948310][T27679] name failslab, interval 1, probability 0, space 0, times 0
[ 1517.962264][T27679] CPU: 0 PID: 27679 Comm: syz.2.5380 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1517.972182][T27679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1517.982231][T27679] Call Trace:
[ 1517.985503][T27679]  <TASK>
[ 1517.988610][T27679]  dump_stack_lvl+0x241/0x360
[ 1517.993280][T27679]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1517.998475][T27679]  ? __pfx__printk+0x10/0x10
[ 1518.003233][T27679]  ? __pfx___might_resched+0x10/0x10
[ 1518.008521][T27679]  ? __skb_try_recv_from_queue+0x5d8/0x780
[ 1518.014332][T27679]  should_fail_ex+0x3b0/0x4e0
[ 1518.019014][T27679]  should_failslab+0x9/0x20
[ 1518.023508][T27679]  __kmalloc_node_track_caller_noprof+0xda/0x440
[ 1518.029832][T27679]  ? scm_fp_dup+0x5d/0x3c0
[ 1518.034240][T27679]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1518.039864][T27679]  kmemdup_noprof+0x2a/0x60
[ 1518.044375][T27679]  scm_fp_dup+0x5d/0x3c0
[ 1518.048621][T27679]  __unix_dgram_recvmsg+0xb9b/0x12f0
[ 1518.053911][T27679]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[ 1518.059689][T27679]  ? __pfx___might_resched+0x10/0x10
[ 1518.064981][T27679]  ? iovec_from_user+0x61/0x240
[ 1518.069842][T27679]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1518.075132][T27679]  ? security_socket_recvmsg+0x90/0xb0
[ 1518.080587][T27679]  ? unix_dgram_recvmsg+0xb6/0xe0
[ 1518.085614][T27679]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[ 1518.091199][T27679]  sock_recvmsg+0x22f/0x280
[ 1518.095708][T27679]  ____sys_recvmsg+0x1db/0x470
[ 1518.100486][T27679]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1518.105829][T27679]  do_recvmmsg+0x474/0xae0
[ 1518.110240][T27679]  ? __pfx_lock_release+0x10/0x10
[ 1518.115266][T27679]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1518.120229][T27679]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1518.126119][T27679]  ? ksys_write+0x23e/0x2c0
[ 1518.130618][T27679]  ? __pfx_lock_release+0x10/0x10
[ 1518.135657][T27679]  ? vfs_write+0x7c4/0xc90
[ 1518.140094][T27679]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1518.145727][T27679]  ? __fget_files+0x3f6/0x470
[ 1518.150411][T27679]  __x64_sys_recvmmsg+0x199/0x250
[ 1518.155430][T27679]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1518.160979][T27679]  ? do_syscall_64+0x100/0x230
[ 1518.165742][T27679]  ? do_syscall_64+0xb6/0x230
[ 1518.170405][T27679]  do_syscall_64+0xf3/0x230
[ 1518.174894][T27679]  ? clear_bhb_loop+0x35/0x90
[ 1518.179569][T27679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1518.185452][T27679] RIP: 0033:0x7f59e7b75b59
[ 1518.189875][T27679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1518.209485][T27679] RSP: 002b:00007f59e8965048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1518.217904][T27679] RAX: ffffffffffffffda RBX: 00007f59e7d06038 RCX: 00007f59e7b75b59
[ 1518.225874][T27679] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000006
[ 1518.233834][T27679] RBP: 00007f59e89650a0 R08: 0000000000000000 R09: 0000000000000000
[ 1518.242061][T27679] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000001
[ 1518.250031][T27679] R13: 000000000000006e R14: 00007f59e7d06038 R15: 00007ffe806e1c38
[ 1518.258017][T27679]  </TASK>
[ 1518.416679][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1518.438647][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1518.465557][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1518.533588][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1518.577232][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1518.618750][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1518.685077][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1518.727687][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1518.743137][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1518.771470][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1519.743950][T27360] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1519.854934][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1519.897509][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1519.947467][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1519.962472][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1519.978326][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1519.996304][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1520.035027][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1520.046268][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1520.060700][T27360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1520.077561][T27360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1520.079312][T27704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1520.105203][T27360] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1520.122519][T27702] random: crng reseeded on system resumption
[ 1520.159423][T27360] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.190157][T27360] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.245561][T27360] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.264598][T27360] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1521.708017][T27702] Restarting kernel threads ... done.
[ 1521.856084][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1521.868351][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1522.042529][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1522.055596][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1522.105952][ T5146] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 1522.955643][ T5146] usb 2-1: Using ep0 maxpacket: 8
[ 1523.075915][ T5146] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice= 2.a2
[ 1523.084956][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1523.205647][T13951] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1523.366708][ T5146] usb 2-1: Firmware version (0.0) predates our first public release.
[ 1523.385579][ T5146] usb 2-1: Please update to version 0.2 or newer
[ 1523.388145][T13951] usb 3-1: Using ep0 maxpacket: 8
[ 1523.592290][T13951] usb 3-1: New USB device found, idVendor=07ca, idProduct=a868, bcdDevice=c4.d4
[ 1523.601721][T13951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1523.615039][T13951] usb 3-1: config 0 descriptor??
[ 1523.628938][T13951] dvb-usb: found a 'AVerMedia AVerTVHD Volar (A868R)' in warm state.
[ 1524.377925][ T5146] usb 2-1: USB disconnect, device number 91
[ 1524.392196][T13951] cxusb: set interface failed
[ 1524.411204][T13951] dvb-usb: bulk message failed: -22 (1/0)
[ 1524.472310][T13951] dvb-usb: AVerMedia AVerTVHD Volar (A868R) error while loading driver (-22)
[ 1524.491835][T13951] dvb_usb_cxusb 3-1:0.0: probe with driver dvb_usb_cxusb failed with error -22
[ 1524.538131][T13951] usb 3-1: USB disconnect, device number 99
[ 1524.788639][T27764] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1524.866417][T27766] FAULT_INJECTION: forcing a failure.
[ 1524.866417][T27766] name failslab, interval 1, probability 0, space 0, times 0
[ 1524.955593][T27766] CPU: 0 PID: 27766 Comm: syz.1.5401 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1524.965433][T27766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1524.975483][T27766] Call Trace:
[ 1524.978760][T27766]  <TASK>
[ 1524.981688][T27766]  dump_stack_lvl+0x241/0x360
[ 1524.986359][T27766]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1524.991550][T27766]  ? __pfx__printk+0x10/0x10
[ 1524.996145][T27766]  ? __pfx___might_resched+0x10/0x10
[ 1525.001452][T27766]  ? prepend_path+0x2f/0xbe0
[ 1525.006040][T27766]  should_fail_ex+0x3b0/0x4e0
[ 1525.010709][T27766]  ? tomoyo_encode+0x26f/0x540
[ 1525.015477][T27766]  should_failslab+0x9/0x20
[ 1525.019987][T27766]  __kmalloc_noprof+0xd8/0x400
[ 1525.024744][T27766]  tomoyo_encode+0x26f/0x540
[ 1525.029332][T27766]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1525.034961][T27766]  tomoyo_path_number_perm+0x23a/0x880
[ 1525.040414][T27766]  ? tomoyo_path_number_perm+0x208/0x880
[ 1525.046037][T27766]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1525.052042][T27766]  ? __fget_files+0x29/0x470
[ 1525.056621][T27766]  ? __fget_files+0x3f6/0x470
[ 1525.061283][T27766]  ? __fget_files+0x29/0x470
[ 1525.065859][T27766]  security_file_ioctl+0x75/0xb0
[ 1525.070785][T27766]  __se_sys_ioctl+0x47/0x170
[ 1525.075370][T27766]  do_syscall_64+0xf3/0x230
[ 1525.079883][T27766]  ? clear_bhb_loop+0x35/0x90
[ 1525.084548][T27766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1525.090428][T27766] RIP: 0033:0x7f551c775b59
[ 1525.094832][T27766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1525.114427][T27766] RSP: 002b:00007f551d5ba048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1525.122844][T27766] RAX: ffffffffffffffda RBX: 00007f551c906038 RCX: 00007f551c775b59
[ 1525.130823][T27766] RDX: 0000000000000000 RSI: 0000000000005100 RDI: 0000000000000003
[ 1525.138875][T27766] RBP: 00007f551d5ba0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1525.146858][T27766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1525.154817][T27766] R13: 000000000000006e R14: 00007f551c906038 R15: 00007ffc5d7cac58
[ 1525.162785][T27766]  </TASK>
[ 1525.205729][T27766] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1525.736301][ T5146] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1525.925620][ T5146] usb 5-1: Using ep0 maxpacket: 16
[ 1525.932838][ T5146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1525.962756][ T5146] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1525.982018][ T5146] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.012598][ T5146] usb 5-1: config 0 descriptor??
[ 1526.120689][T27773] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5402'.
[ 1526.246822][T27785] random: crng reseeded on system resumption
[ 1526.795701][ T5091] Bluetooth: hci3: command 0x0406 tx timeout
[ 1527.219480][T27800] fuse: Bad value for 'fd'
[ 1527.856485][T27775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1527.893465][T27775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1527.973256][ T5146] hid (null): report_id 2838798905 is invalid
[ 1528.008066][ T5146] hid (null): unknown global tag 0xc
[ 1528.013439][ T5146] hid (null): unknown global tag 0xa5
[ 1528.019119][ T5146] hid (null): unknown global tag 0xd
[ 1528.024528][ T5146] hid (null): unknown global tag 0xc
[ 1528.033192][ T5146] hid-generic 0003:0158:0100.0036: unknown main item tag 0x1
[ 1528.040800][ T5146] hid-generic 0003:0158:0100.0036: unexpected long global item
[ 1528.049614][ T5146] hid-generic 0003:0158:0100.0036: probe with driver hid-generic failed with error -22
[ 1528.064955][T27785] Restarting kernel threads ... done.
[ 1528.191067][T27810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5412'.
[ 1528.239499][T26858] usb 5-1: USB disconnect, device number 94
[ 1528.523619][   T29] audit: type=1326 audit(1721447449.822:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27809 comm="syz.0.5411" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e44775b59 code=0x0
[ 1528.805865][ T4485] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1528.815003][ T4485] Bluetooth: hci3: Injecting HCI hardware error event
[ 1528.825348][ T5091] Bluetooth: hci3: hardware error 0x00
[ 1529.067285][T27819] syz.1.5413 uses old SIOCAX25GETINFO
[ 1529.135216][T27817] random: crng reseeded on system resumption
[ 1529.544203][T27831] fuse: Bad value for 'fd'
[ 1530.609663][T27817] Restarting kernel threads ... done.
[ 1531.035932][ T5091] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1532.179300][T27860] FAULT_INJECTION: forcing a failure.
[ 1532.179300][T27860] name failslab, interval 1, probability 0, space 0, times 0
[ 1532.202781][T27860] CPU: 1 PID: 27860 Comm: syz.1.5426 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1532.212617][T27860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1532.222693][T27860] Call Trace:
[ 1532.225991][T27860]  <TASK>
[ 1532.228934][T27860]  dump_stack_lvl+0x241/0x360
[ 1532.233638][T27860]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1532.238854][T27860]  ? __pfx__printk+0x10/0x10
[ 1532.243466][T27860]  ? netlink_insert+0x10b7/0x14b0
[ 1532.248512][T27860]  should_fail_ex+0x3b0/0x4e0
[ 1532.253211][T27860]  ? __alloc_skb+0x1c3/0x440
[ 1532.257827][T27860]  should_failslab+0x9/0x20
[ 1532.262341][T27860]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1532.268166][T27860]  __alloc_skb+0x1c3/0x440
[ 1532.272608][T27860]  ? __pfx___alloc_skb+0x10/0x10
[ 1532.277567][T27860]  ? netlink_autobind+0xd6/0x2f0
[ 1532.282518][T27860]  ? netlink_autobind+0x2b0/0x2f0
[ 1532.287571][T27860]  netlink_sendmsg+0x638/0xcb0
[ 1532.292370][T27860]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1532.297691][T27860]  ? __import_iovec+0x536/0x820
[ 1532.302563][T27860]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1532.307876][T27860]  ? security_socket_sendmsg+0x87/0xb0
[ 1532.313356][T27860]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1532.318830][T27860]  __sock_sendmsg+0x221/0x270
[ 1532.323530][T27860]  ____sys_sendmsg+0x525/0x7d0
[ 1532.328316][T27860]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1532.333629][T27860]  __sys_sendmsg+0x2b0/0x3a0
[ 1532.338238][T27860]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1532.343364][T27860]  ? vfs_write+0x7c4/0xc90
[ 1532.347844][T27860]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1532.354192][T27860]  ? do_syscall_64+0x100/0x230
[ 1532.358980][T27860]  ? do_syscall_64+0xb6/0x230
[ 1532.363675][T27860]  do_syscall_64+0xf3/0x230
[ 1532.368194][T27860]  ? clear_bhb_loop+0x35/0x90
[ 1532.372893][T27860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.378808][T27860] RIP: 0033:0x7f551c775b59
[ 1532.383237][T27860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1532.402950][T27860] RSP: 002b:00007f551d5db048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1532.411388][T27860] RAX: ffffffffffffffda RBX: 00007f551c905f60 RCX: 00007f551c775b59
[ 1532.419378][T27860] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[ 1532.427366][T27860] RBP: 00007f551d5db0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1532.435352][T27860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1532.443339][T27860] R13: 000000000000000b R14: 00007f551c905f60 R15: 00007ffc5d7cac58
[ 1532.451342][T27860]  </TASK>
[ 1532.542189][T27862] random: crng reseeded on system resumption
[ 1532.860540][T27873] netlink: 'syz.1.5427': attribute type 10 has an invalid length.
[ 1532.903691][T27873] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5427'.
[ 1533.339373][T27862] Restarting kernel threads ... done.
[ 1534.205841][ T4485] Bluetooth: hci1: command 0x0406 tx timeout
[ 1534.315029][T27894] random: crng reseeded on system resumption
[ 1534.491653][T27898] fuse: Bad value for 'fd'
[ 1535.441023][T27906] msdos: Unknown parameter 'b±Fs	µÚì'
[ 1535.649611][T27891] Restarting kernel threads ... done.
[ 1540.383752][T27945] random: crng reseeded on system resumption
[ 1541.925170][T27953] fuse: Bad value for 'fd'
[ 1542.254864][T27959] netlink: 'syz.3.5451': attribute type 10 has an invalid length.
[ 1542.263288][T27959] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5451'.
[ 1542.873617][T27940] Restarting kernel threads ... done.
[ 1543.171266][T27968] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1543.274084][T27968] mkiss: ax0: crc mode is auto.
[ 1544.571579][T27999] netlink: 'syz.1.5466': attribute type 10 has an invalid length.
[ 1544.583444][T27999] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5466'.
[ 1546.321150][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.327647][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.456614][T28012] FAULT_INJECTION: forcing a failure.
[ 1546.456614][T28012] name failslab, interval 1, probability 0, space 0, times 0
[ 1546.506563][T28012] CPU: 0 PID: 28012 Comm: syz.3.5469 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1546.516424][T28012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1546.526499][T28012] Call Trace:
[ 1546.529801][T28012]  <TASK>
[ 1546.532754][T28012]  dump_stack_lvl+0x241/0x360
[ 1546.537461][T28012]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1546.542685][T28012]  ? __pfx__printk+0x10/0x10
[ 1546.547323][T28012]  ? netlink_insert+0x10b7/0x14b0
[ 1546.552365][T28012]  should_fail_ex+0x3b0/0x4e0
[ 1546.557045][T28012]  ? __alloc_skb+0x1c3/0x440
[ 1546.561635][T28012]  should_failslab+0x9/0x20
[ 1546.566131][T28012]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1546.571933][T28012]  __alloc_skb+0x1c3/0x440
[ 1546.576352][T28012]  ? __pfx___alloc_skb+0x10/0x10
[ 1546.581286][T28012]  ? netlink_autobind+0xd6/0x2f0
[ 1546.586217][T28012]  ? netlink_autobind+0x2b0/0x2f0
[ 1546.591241][T28012]  netlink_sendmsg+0x638/0xcb0
[ 1546.596037][T28012]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1546.601326][T28012]  ? __import_iovec+0x536/0x820
[ 1546.606182][T28012]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1546.611458][T28012]  ? security_socket_sendmsg+0x87/0xb0
[ 1546.616914][T28012]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1546.622194][T28012]  __sock_sendmsg+0x221/0x270
[ 1546.626961][T28012]  ____sys_sendmsg+0x525/0x7d0
[ 1546.631727][T28012]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1546.637016][T28012]  __sys_sendmsg+0x2b0/0x3a0
[ 1546.641597][T28012]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1546.646702][T28012]  ? vfs_write+0x7c4/0xc90
[ 1546.651146][T28012]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1546.657466][T28012]  ? do_syscall_64+0x100/0x230
[ 1546.662224][T28012]  ? do_syscall_64+0xb6/0x230
[ 1546.666894][T28012]  do_syscall_64+0xf3/0x230
[ 1546.671391][T28012]  ? clear_bhb_loop+0x35/0x90
[ 1546.676090][T28012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1546.682013][T28012] RIP: 0033:0x7f2c91975b59
[ 1546.686435][T28012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1546.706049][T28012] RSP: 002b:00007f2c92823048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1546.714464][T28012] RAX: ffffffffffffffda RBX: 00007f2c91b05f60 RCX: 00007f2c91975b59
[ 1546.722432][T28012] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[ 1546.730406][T28012] RBP: 00007f2c928230a0 R08: 0000000000000000 R09: 0000000000000000
[ 1546.738369][T28012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1546.746340][T28012] R13: 000000000000000b R14: 00007f2c91b05f60 R15: 00007fff0edde108
[ 1546.754329][T28012]  </TASK>
[ 1546.967437][T26638] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 1547.046336][T13951] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1547.278198][ T5091] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1547.287704][ T5091] Bluetooth: hci1: Injecting HCI hardware error event
[ 1547.302974][ T5091] Bluetooth: hci1: hardware error 0x00
[ 1547.702457][T13951] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1547.711495][T13951] usb 5-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[ 1547.723210][T13951] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1547.726615][T26638] usb 2-1: config 0 has an invalid interface number: 195 but max is 0
[ 1547.736090][T13951] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[ 1547.773339][T13951] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[ 1547.778839][T26638] usb 2-1: config 0 has no interface number 0
[ 1547.813284][T13951] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1547.817772][T26638] usb 2-1: New USB device found, idVendor=041e, idProduct=400a, bcdDevice=9e.b6
[ 1547.826050][T13951] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1547.864287][T13951] usb 5-1: Product: syz
[ 1547.875471][T26638] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1547.885548][T13951] usb 5-1: Manufacturer: syz
[ 1547.905798][T13951] cdc_wdm 5-1:1.0: skipping garbage
[ 1547.913161][T13951] cdc_wdm 5-1:1.0: skipping garbage
[ 1547.918413][T26638] usb 2-1: Product: syz
[ 1547.918434][T26638] usb 2-1: Manufacturer: syz
[ 1547.918449][T26638] usb 2-1: SerialNumber: syz
[ 1547.920633][T26638] usb 2-1: config 0 descriptor??
[ 1547.986284][T13951] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1547.992945][T13951] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1548.013446][T26638] gspca_main: spca500-2.14.0 probing 041e:400a
[ 1548.974900][    T9] usb 2-1: USB disconnect, device number 92
[ 1548.986224][T28022] random: crng reseeded on system resumption
[ 1549.078717][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[ 1549.084028][  T931] usb 5-1: USB disconnect, device number 95
[ 1549.085601][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[ 1549.097329][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[ 1549.708306][T28022] Restarting kernel threads ... done.
[ 1549.755860][ T5091] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1551.041577][T28061] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1551.085398][T28061] futex_wake_op: syz.1.5481 tries to shift op by 32; fix this program
[ 1556.447746][ T5135] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 1556.525327][T13951] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1556.710042][T28093] random: crng reseeded on system resumption
[ 1556.726084][ T5135] usb 1-1: Using ep0 maxpacket: 16
[ 1556.739395][ T5135] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1556.780872][T13951] usb 3-1: config 0 has an invalid interface number: 195 but max is 0
[ 1556.795828][ T5135] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1556.805689][T13951] usb 3-1: config 0 has no interface number 0
[ 1556.845804][ T5135] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1556.855866][T13951] usb 3-1: New USB device found, idVendor=041e, idProduct=400a, bcdDevice=9e.b6
[ 1556.885606][T13951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1556.896566][ T5135] usb 1-1: config 0 descriptor??
[ 1556.904417][T13951] usb 3-1: Product: syz
[ 1556.929064][T13951] usb 3-1: Manufacturer: syz
[ 1556.933728][T13951] usb 3-1: SerialNumber: syz
[ 1557.191993][T13951] usb 3-1: config 0 descriptor??
[ 1557.206951][T28100] fuse: Bad value for 'fd'
[ 1557.219683][T13951] gspca_main: spca500-2.14.0 probing 041e:400a
[ 1557.429730][T13951] usb 3-1: USB disconnect, device number 100
[ 1558.183619][T28113] FAULT_INJECTION: forcing a failure.
[ 1558.183619][T28113] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.199085][T28113] CPU: 1 PID: 28113 Comm: syz.3.5492 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1558.208922][T28113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1558.218982][T28113] Call Trace:
[ 1558.222265][T28113]  <TASK>
[ 1558.225199][T28113]  dump_stack_lvl+0x241/0x360
[ 1558.229902][T28113]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1558.235114][T28113]  ? __pfx__printk+0x10/0x10
[ 1558.239731][T28113]  should_fail_ex+0x3b0/0x4e0
[ 1558.244419][T28113]  ? __alloc_skb+0x1c3/0x440
[ 1558.249023][T28113]  should_failslab+0x9/0x20
[ 1558.253535][T28113]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1558.259355][T28113]  __alloc_skb+0x1c3/0x440
[ 1558.263783][T28113]  ? finish_task_switch+0x1e5/0x870
[ 1558.268999][T28113]  ? __pfx___alloc_skb+0x10/0x10
[ 1558.273946][T28113]  ? __schedule+0x17b6/0x4a10
[ 1558.278649][T28113]  alloc_skb_with_frags+0xc3/0x770
[ 1558.283775][T28113]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[ 1558.289331][T28113]  ? __pfx_lock_release+0x10/0x10
[ 1558.294368][T28113]  sock_alloc_send_pskb+0x91a/0xa60
[ 1558.299599][T28113]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1558.305328][T28113]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1558.311324][T28113]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1558.317675][T28113]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[ 1558.323061][T28113]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[ 1558.329059][T28113]  ? l2cap_chan_send+0x234/0x2690
[ 1558.334095][T28113]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[ 1558.340086][T28113]  l2cap_chan_send+0xebd/0x2690
[ 1558.344970][T28113]  ? __pfx_l2cap_chan_send+0x10/0x10
[ 1558.350270][T28113]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1558.355493][T28113]  l2cap_sock_sendmsg+0x1b4/0x2c0
[ 1558.360529][T28113]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[ 1558.366081][T28113]  __sock_sendmsg+0x221/0x270
[ 1558.370770][T28113]  sock_write_iter+0x2dd/0x400
[ 1558.375550][T28113]  ? __pfx_sock_write_iter+0x10/0x10
[ 1558.380856][T28113]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1558.386851][T28113]  do_iter_readv_writev+0x60a/0x890
[ 1558.392064][T28113]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1558.397801][T28113]  ? bpf_lsm_file_permission+0x9/0x10
[ 1558.403186][T28113]  ? security_file_permission+0x7f/0xa0
[ 1558.408745][T28113]  ? rw_verify_area+0x1d2/0x6b0
[ 1558.413610][T28113]  vfs_writev+0x37c/0xbb0
[ 1558.417957][T28113]  ? __pfx_lock_acquire+0x10/0x10
[ 1558.422990][T28113]  ? __pfx_vfs_writev+0x10/0x10
[ 1558.427859][T28113]  ? __fget_files+0x29/0x470
[ 1558.432474][T28113]  do_writev+0x1b1/0x350
[ 1558.436727][T28113]  ? lockdep_hardirqs_on+0x99/0x150
[ 1558.441936][T28113]  ? __pfx_do_writev+0x10/0x10
[ 1558.446720][T28113]  do_syscall_64+0xf3/0x230
[ 1558.451232][T28113]  ? clear_bhb_loop+0x35/0x90
[ 1558.455927][T28113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1558.461843][T28113] RIP: 0033:0x7f2c91975b59
[ 1558.466278][T28113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1558.485893][T28113] RSP: 002b:00007f2c927e1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1558.494392][T28113] RAX: ffffffffffffffda RBX: 00007f2c91b06110 RCX: 00007f2c91975b59
[ 1558.502360][T28113] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000007
[ 1558.510345][T28113] RBP: 00007f2c927e10a0 R08: 0000000000000000 R09: 0000000000000000
[ 1558.518416][T28113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1558.526390][T28113] R13: 000000000000006e R14: 00007f2c91b06110 R15: 00007fff0edde108
[ 1558.534361][T28113]  </TASK>
[ 1559.039658][T28115] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1559.289039][T28081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1559.313658][T28081] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1559.460613][ T5135] hid (null): report_id 2838798905 is invalid
[ 1559.476912][ T5135] hid (null): unknown global tag 0xc
[ 1559.484243][ T5135] hid (null): unknown global tag 0xa5
[ 1559.494150][ T5135] hid (null): unknown global tag 0xd
[ 1559.508057][ T5135] hid (null): unknown global tag 0xc
[ 1559.522748][ T5135] hid-generic 0003:0158:0100.0037: unknown main item tag 0x1
[ 1559.567760][ T5135] hid-generic 0003:0158:0100.0037: unexpected long global item
[ 1559.622864][ T5135] hid-generic 0003:0158:0100.0037: probe with driver hid-generic failed with error -22
[ 1559.712322][T28093] Restarting kernel threads ... done.
[ 1559.740081][ T5135] usb 1-1: USB disconnect, device number 96
[ 1560.772106][T28131] random: crng reseeded on system resumption
[ 1560.893126][T28145] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5501'.
[ 1561.509508][T28149] netlink: 172 bytes leftover after parsing attributes in process `syz.2.5502'.
[ 1562.096709][T28151] netlink: 148 bytes leftover after parsing attributes in process `syz.0.5503'.
[ 1562.208497][T28157] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5504'.
[ 1562.296100][    C0] eth0: bad gso: type: 1, size: 1408
[ 1562.304422][T28161] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5505'.
[ 1562.379651][T28131] Restarting kernel threads ... done.
[ 1563.497714][T28181] random: crng reseeded on system resumption
[ 1563.957877][T28181] Restarting kernel threads ... done.
[ 1564.289626][T28189] random: crng reseeded on system resumption
[ 1564.375662][T26638] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1564.476504][T28203] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5516'.
[ 1564.565559][T26638] usb 5-1: Using ep0 maxpacket: 8
[ 1564.657170][T26638] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[ 1564.695610][T26638] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1565.025583][T26638] usb 5-1: Product: syz
[ 1565.066166][T26638] usb 5-1: Manufacturer: syz
[ 1565.088517][T26638] usb 5-1: SerialNumber: syz
[ 1565.097074][T26638] usb 5-1: config 0 descriptor??
[ 1565.107474][T28210] netlink: 172 bytes leftover after parsing attributes in process `syz.2.5517'.
[ 1565.664012][T26638] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1565.688726][T26638] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1565.725833][T26638] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1565.732293][T26638] dvb_usb_af9035 5-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[ 1565.743979][T26638] usb 5-1: USB disconnect, device number 96
[ 1565.927767][T28189] Restarting kernel threads ... done.
[ 1565.995678][    C0] eth0: bad gso: type: 1, size: 1408
[ 1566.175750][ T5087] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1566.196719][    C0] eth0: bad gso: type: 1, size: 1408
[ 1566.264259][T28222] random: crng reseeded on system resumption
[ 1566.375789][ T5087] usb 2-1: Using ep0 maxpacket: 32
[ 1566.532043][ T5087] usb 2-1: New USB device found, idVendor=10cf, idProduct=8068, bcdDevice=2e.fd
[ 1566.541530][ T5087] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1566.554702][ T5087] usb 2-1: config 0 descriptor??
[ 1566.861986][ T5087] vmk80xx 2-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[ 1567.781030][T28243] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5518'.
[ 1567.874339][T26858] usb 2-1: USB disconnect, device number 93
[ 1567.949425][T28251] random: crng reseeded on system resumption
[ 1568.057843][T28256] netlink: 172 bytes leftover after parsing attributes in process `syz.0.5528'.
[ 1568.752323][T28249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5525'.
[ 1568.817018][T28263] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5530'.
[ 1569.423470][T28251] Restarting kernel threads ... done.
[ 1569.610583][T28270] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5531'.
[ 1570.066039][   T30] INFO: task syz.0.5126:26559 blocked for more than 143 seconds.
[ 1570.124560][   T30]       Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1570.175812][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1570.194823][   T30] task:syz.0.5126      state:D stack:24672 pid:26559 tgid:26559 ppid:24805  flags:0x00004004
[ 1570.214668][   T30] Call Trace:
[ 1570.220385][   T30]  <TASK>
[ 1570.224810][   T30]  __schedule+0x17ae/0x4a10
[ 1570.233138][   T30]  ? __pfx___schedule+0x10/0x10
[ 1570.255295][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1570.270674][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1570.286540][   T30]  ? schedule+0x90/0x320
[ 1570.291008][   T30]  schedule+0x14b/0x320
[ 1570.296346][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1570.305235][   T30]  __mutex_lock+0x6a4/0xd70
[ 1570.310316][   T30]  ? __mutex_lock+0x527/0xd70
[ 1570.318534][   T30]  ? vhost_vsock_dev_release+0x1e8/0x410
[ 1570.329604][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1570.338471][   T30]  ? __local_bh_enable_ip+0x168/0x200
[ 1570.345723][   T30]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1570.357260][   T30]  ? vhost_vsock_dev_release+0x18b/0x410
[ 1570.365727][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1570.374968][   T30]  vhost_vsock_dev_release+0x1e8/0x410
[ 1570.385562][   T30]  ? evm_file_release+0x140/0x1d0
[ 1570.390636][   T30]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[ 1570.413737][   T30]  __fput+0x24a/0x8a0
[ 1570.417988][   T30]  task_work_run+0x24f/0x310
[ 1570.423362][   T30]  ? __pfx_task_work_run+0x10/0x10
[ 1570.429035][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1570.437897][   T30]  syscall_exit_to_user_mode+0x168/0x370
[ 1570.443913][   T30]  do_syscall_64+0x100/0x230
[ 1570.451681][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1570.458361][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1570.472764][   T30] RIP: 0033:0x7f7007375b59
[ 1570.478986][   T30] RSP: 002b:00007fff70a71cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1570.489458][   T30] RAX: 0000000000000000 RBX: 00007f7007507a60 RCX: 00007f7007375b59
[ 1570.497525][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1570.507080][   T30] RBP: 00007f7007507a60 R08: 0000000000000006 R09: 0000001e70a71fdf
[ 1570.518542][   T30] R10: 00000000003ffaf0 R11: 0000000000000246 R12: 0000000000158f59
[ 1570.533145][   T30] R13: 0000000000000032 R14: 00007f7007507a60 R15: 00007f7007506038
[ 1570.549880][   T30]  </TASK>
[ 1570.573306][   T30] 
[ 1570.573306][   T30] Showing all locks held in the system:
[ 1570.615576][   T30] 2 locks held by kworker/u8:1/12:
[ 1570.620834][   T30] 1 lock held by khungtaskd/30:
[ 1570.629211][   T30]  #0: ffffffff8e336e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1570.662089][   T30] 2 locks held by getty/4843:
[ 1570.671595][   T30]  #0: ffff88802ab270a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1570.692537][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 1570.716801][   T30] 2 locks held by syz.0.5126/26559:
[ 1570.723717][   T30]  #0: ffff88805a1e0070 (&dev->mutex#4){+.+.}-{3:3}, at: vhost_vsock_dev_release+0x199/0x410
[ 1570.737472][   T30]  #1: ffff88805a1e4c70 (&vq->mutex){+.+.}-{3:3}, at: vhost_vsock_dev_release+0x1e8/0x410
[ 1570.759354][   T30] 1 lock held by syz.0.5126/26560:
[ 1570.765926][   T30] 2 locks held by vhost-26560/26561:
[ 1570.773587][   T30] 
[ 1570.778974][   T30] =============================================
[ 1570.778974][   T30] 
[ 1570.796137][   T30] NMI backtrace for cpu 1
[ 1570.800491][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1570.810043][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1570.820091][   T30] Call Trace:
[ 1570.823363][   T30]  <TASK>
[ 1570.826286][   T30]  dump_stack_lvl+0x241/0x360
[ 1570.830964][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1570.836155][   T30]  ? __pfx__printk+0x10/0x10
[ 1570.840738][   T30]  ? vprintk_emit+0x631/0x770
[ 1570.845418][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[ 1570.850439][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1570.855378][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1570.860839][   T30]  ? _printk+0xd5/0x120
[ 1570.864993][   T30]  ? __pfx__printk+0x10/0x10
[ 1570.869571][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1570.874409][   T30]  ? __pfx__printk+0x10/0x10
[ 1570.878990][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1570.884005][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1570.889985][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1570.895991][   T30]  watchdog+0xfde/0x1020
[ 1570.900243][   T30]  ? watchdog+0x1ea/0x1020
[ 1570.904654][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1570.909325][   T30]  kthread+0x2f0/0x390
[ 1570.913386][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1570.918052][   T30]  ? __pfx_kthread+0x10/0x10
[ 1570.922636][   T30]  ret_from_fork+0x4b/0x80
[ 1570.927043][   T30]  ? __pfx_kthread+0x10/0x10
[ 1570.931645][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1570.936428][   T30]  </TASK>
[ 1570.940789][   T30] Sending NMI from CPU 1 to CPUs 0:
[ 1570.946839][    C0] NMI backtrace for cpu 0
[ 1570.946869][    C0] CPU: 0 PID: 28076 Comm: kworker/u8:13 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1570.946888][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1570.946900][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[ 1570.946922][    C0] RIP: 0010:unwind_next_frame+0x1385/0x2a00
[ 1570.946954][    C0] Code: 44 24 30 42 80 3c 28 00 48 8b 6c 24 20 4c 8b 74 24 48 74 08 48 89 ef e8 c9 13 b5 00 48 89 5d 00 48 8b 44 24 58 42 80 3c 28 00 <48> 8b 5c 24 50 74 08 48 89 df e8 ac 13 b5 00 48 8b 44 24 10 48 89
[ 1570.946968][    C0] RSP: 0018:ffffc9000a97e928 EFLAGS: 00000246
[ 1570.946982][    C0] RAX: 1ffff9200152fd47 RBX: ffffffff8af15377 RCX: ffff888075005a00
[ 1570.946996][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffc9000a97f6f8
[ 1570.947007][    C0] RBP: ffffc9000a97ea48 R08: ffffffff814127ed R09: ffffffff81412746
[ 1570.947020][    C0] R10: 0000000000000003 R11: ffff888075005a00 R12: ffffc9000a97f6f8
[ 1570.947032][    C0] R13: dffffc0000000000 R14: ffffc9000a97ea50 R15: 1ffff9200152fd40
[ 1570.947045][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[ 1570.947060][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1570.947071][    C0] CR2: 00007f59e7cd1178 CR3: 000000000e134000 CR4: 00000000003506f0
[ 1570.947086][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1570.947097][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1570.947108][    C0] Call Trace:
[ 1570.947115][    C0]  <NMI>
[ 1570.947123][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1570.947147][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1570.947170][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1570.947192][    C0]  ? nmi_handle+0x2a/0x5a0
[ 1570.947216][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1570.947236][    C0]  ? nmi_handle+0x14f/0x5a0
[ 1570.947251][    C0]  ? nmi_handle+0x2a/0x5a0
[ 1570.947267][    C0]  ? unwind_next_frame+0x1385/0x2a00
[ 1570.947289][    C0]  ? default_do_nmi+0x63/0x160
[ 1570.947313][    C0]  ? exc_nmi+0x123/0x1f0
[ 1570.947336][    C0]  ? end_repeat_nmi+0xf/0x53
[ 1570.947360][    C0]  ? ieee80211_bss_info_update+0x8a7/0xbc0
[ 1570.947379][    C0]  ? unwind_next_frame+0xff6/0x2a00
[ 1570.947401][    C0]  ? unwind_next_frame+0x109d/0x2a00
[ 1570.947424][    C0]  ? unwind_next_frame+0x1385/0x2a00
[ 1570.947447][    C0]  ? unwind_next_frame+0x1385/0x2a00
[ 1570.947471][    C0]  ? unwind_next_frame+0x1385/0x2a00
[ 1570.947494][    C0]  </NMI>
[ 1570.947500][    C0]  <TASK>
[ 1570.947511][    C0]  ? cfg80211_inform_bss_frame_data+0x3bc/0x720
[ 1570.947533][    C0]  ? cfg80211_inform_bss_frame_data+0x3bc/0x720
[ 1570.947555][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1570.947575][    C0]  arch_stack_walk+0x151/0x1b0
[ 1570.947595][    C0]  ? ieee80211_bss_info_update+0x8a7/0xbc0
[ 1570.947616][    C0]  stack_trace_save+0x118/0x1d0
[ 1570.947636][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1570.947656][    C0]  ? mark_lock+0x9a/0x350
[ 1570.947682][    C0]  kasan_save_track+0x3f/0x80
[ 1570.947701][    C0]  ? kasan_save_track+0x3f/0x80
[ 1570.947719][    C0]  ? kasan_save_free_info+0x40/0x50
[ 1570.947735][    C0]  ? poison_slab_object+0xe0/0x150
[ 1570.947754][    C0]  ? __kasan_slab_free+0x37/0x60
[ 1570.947773][    C0]  ? kfree+0x149/0x360
[ 1570.947787][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[ 1570.947804][    C0]  ? cfg80211_inform_single_bss_data+0xe93/0x2030
[ 1570.947825][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[ 1570.947846][    C0]  ? cfg80211_inform_bss_frame_data+0x3bc/0x720
[ 1570.947891][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[ 1570.947908][    C0]  kasan_save_free_info+0x40/0x50
[ 1570.947924][    C0]  poison_slab_object+0xe0/0x150
[ 1570.947951][    C0]  __kasan_slab_free+0x37/0x60
[ 1570.947971][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[ 1570.947988][    C0]  kfree+0x149/0x360
[ 1570.948004][    C0]  ieee80211_inform_bss+0xbb2/0x1080
[ 1570.948027][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[ 1570.948049][    C0]  ? cfg80211_inform_single_bss_data+0xaff/0x2030
[ 1570.948070][    C0]  ? cfg80211_inform_single_bss_data+0xaff/0x2030
[ 1570.948092][    C0]  ? cfg80211_inform_single_bss_data+0xd3d/0x2030
[ 1570.948114][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[ 1570.948133][    C0]  cfg80211_inform_single_bss_data+0xe93/0x2030
[ 1570.948155][    C0]  ? __read_once_word_nocheck+0x9/0x20
[ 1570.948181][    C0]  ? __read_once_word_nocheck+0x9/0x20
[ 1570.948204][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[ 1570.948239][    C0]  ? ret_from_fork_asm+0x1a/0x30
[ 1570.948261][    C0]  ? __kernel_text_address+0xd/0x40
[ 1570.948276][    C0]  ? ret_from_fork_asm+0x1a/0x30
[ 1570.948298][    C0]  ? cfg80211_inform_bss_data+0x3c5/0x5a70
[ 1570.948322][    C0]  cfg80211_inform_bss_data+0x3dd/0x5a70
[ 1570.948357][    C0]  ? __pfx_validate_chain+0x10/0x10
[ 1570.948395][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[ 1570.948421][    C0]  ? mark_lock+0x9a/0x350
[ 1570.948444][    C0]  ? __lock_acquire+0x137a/0x2040
[ 1570.948479][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1570.948499][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[ 1570.948520][    C0]  cfg80211_inform_bss_frame_data+0x3bc/0x720
[ 1570.948547][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[ 1570.948565][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[ 1570.948587][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[ 1570.948605][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1570.948634][    C0]  ieee80211_ibss_rx_queued_mgmt+0x1962/0x2d70
[ 1570.948662][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70
[ 1570.948680][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[ 1570.948703][    C0]  ? mark_lock+0x9a/0x350
[ 1570.948726][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1570.948748][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1570.948768][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1570.948794][    C0]  ieee80211_iface_work+0x8a5/0xf20
[ 1570.948818][    C0]  cfg80211_wiphy_work+0x2db/0x490
[ 1570.948837][    C0]  ? process_scheduled_works+0x945/0x1830
[ 1570.948856][    C0]  process_scheduled_works+0xa2c/0x1830
[ 1570.948890][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1570.948915][    C0]  ? assign_work+0x364/0x3d0
[ 1570.948940][    C0]  worker_thread+0x86d/0xd40
[ 1570.948964][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1570.948990][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1570.949012][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1570.949032][    C0]  kthread+0x2f0/0x390
[ 1570.949053][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1570.949072][    C0]  ? __pfx_kthread+0x10/0x10
[ 1570.949094][    C0]  ret_from_fork+0x4b/0x80
[ 1570.949115][    C0]  ? __pfx_kthread+0x10/0x10
[ 1570.949137][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1570.949167][    C0]  </TASK>
[ 1570.951153][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1571.590315][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[ 1571.599845][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1571.609916][   T30] Call Trace:
[ 1571.613181][   T30]  <TASK>
[ 1571.616101][   T30]  dump_stack_lvl+0x241/0x360
[ 1571.620768][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1571.625950][   T30]  ? __pfx__printk+0x10/0x10
[ 1571.630519][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1571.636483][   T30]  ? vscnprintf+0x5d/0x90
[ 1571.640798][   T30]  panic+0x349/0x860
[ 1571.644680][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1571.650823][   T30]  ? __pfx_panic+0x10/0x10
[ 1571.655222][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1571.660575][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1571.666105][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1571.671459][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1571.677598][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1571.683735][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1571.689961][   T30]  watchdog+0x101d/0x1020
[ 1571.694276][   T30]  ? watchdog+0x1ea/0x1020
[ 1571.698682][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1571.703341][   T30]  kthread+0x2f0/0x390
[ 1571.707397][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1571.712061][   T30]  ? __pfx_kthread+0x10/0x10
[ 1571.716640][   T30]  ret_from_fork+0x4b/0x80
[ 1571.721048][   T30]  ? __pfx_kthread+0x10/0x10
[ 1571.725621][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1571.730377][   T30]  </TASK>
[ 1571.733606][   T30] Kernel Offset: disabled
[ 1571.737920][   T30] Rebooting in 86400 seconds..