last executing test programs:

12m4.052046647s ago: executing program 32 (id=2435):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000040), 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x40094)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000400800000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="05003400820000001800490005ac0f0009ac0f0009ac0f0008ac0f0005ac0f"], 0x3c}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000140)=0x1)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000100), 0x0)

4m53.860462806s ago: executing program 1 (id=3850):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x150)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0, 0x3)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280))
quotactl$Q_SETINFO(0xffffffff80000600, &(0x7f0000000300)=@sr0, 0xee00, &(0x7f00000000c0)={0x3, 0x9, 0x0, 0x1})
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = open_tree(r0, &(0x7f0000000380)='\x00', 0x8c01)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r1, 0x0, 0x0, 0x4}, 0x20)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x10000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x101}}, './file0\x00'})
io_setup(0xffffffc0, &(0x7f0000000740)=<r3=>0x0)
r4 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
io_submit(r3, 0x1, &(0x7f0000000900)=[&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x6, 0x3, r4, &(0x7f00000007c0)="59eeab33afbedc4e78bd7d8c919ca5f947f4ac086f7955fb38abf6c19f43548413bd1c17b5fdcf0d083db97d245542785672a547db1ebc0b3c875b26bfe52dc36effd211b641a8f3bff59d81c7b7613b7add9e6bb6396066570d6791f4432aed1875ea03483c4f4e82f1d12413bfcab44163c65158e288f9b396aec8b6bde6a24313ff3ad54778d898b33b957d1302e881d0bf82bb775bba591f6d8bbb4aad5029f34abadbf186467659c3fce97cad55d690339476bb099f0fa93685bf3dee70b053fbc9731f16cd7f9e365eabedf40bd8faf96afbd4681220738b6107d7ef40ae6010ecc037dc0f344af7d47f3ced37", 0xf0, 0xd, 0x0, 0x2}])
lsetxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r5)
ptrace$peeksig(0x4209, r5, &(0x7f0000000140)={0x0, 0x0, 0x1}, &(0x7f0000000a80)=[{}])
sendmsg(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)="676518b6548febd6a4e7ab1daefa189a5a5cbef2a418b083762bb792c3dbb0e9bb3e9f85cf5388654783025bfd9f40d1cfd17ab44b1eeef490b43078bf6b5ebfd2d817729002ec106f0d1e17b9f990ae268d769c3312a8fbd937cb626843081969940212c695bed9855ddc563b59ba5a5984d2e4fa673e136bc0bba9e2b0d8d5116197df0603dda98f1519eddafdda543e6a9b343747fd5bc3e6b87ffb6cf4efe1c091b255e06ac576666f331409b657c822ad4d019c2e96ae8ae684542eb506ff8dd9522f885887af98efae8a9e98ead14f2caaf274fe9a7bc6f9e7043ce9910e1cb3ec4ddd8b548d6a", 0xea}, {&(0x7f0000000340)="8f", 0x1}, {&(0x7f00000004c0)="f26409941f85b5e92643754940d5c8f92f55a4ec1352f6e9ffc31ee0fadec510a16629847a529ec702945814f7dbd97d69ecb2c9e58beece127bb9d055e49bc613e46444e2285917d55795d074cf13638f761e41b06ba0576b932913c434222d76841a3fd5789bc84df9", 0x6a}, {0x0}, {&(0x7f0000000540)="9a1d7055caaa4ac1a1bd5bca155708cc3ce4ae930a421a017708d8877f49dda69d389c9e55379eb6b0999f63646c8c06fb909566398ab184fc2e506abe266d8f8f5425db0337d58610eb0f7a75722707a2e6805fee2eea1c79a4fd523b6645be81a01955dd03493c1364268de1a813f4ab994f6ec89d4c09a31e618a81d1807a918e36b8d4b5f35af074c388a992e5f6d08925fc34a540d3f0334204b0392c207ca017d8bc6c9ab269c92d", 0xab}], 0x5, &(0x7f0000000680)=[{0x48, 0x3, 0x7, "f2332d2d0c9964579099225157494795d3c404f2cb42d12c18ed34ef4d57b1e97ce09e8cbb46802fae57bfaf9c88462cd9a92bac"}, {0x20, 0x110, 0xa0, "146e7b2dc1ed594f1ea6c641c30bdc"}], 0x68}, 0x0)

4m53.281558008s ago: executing program 2 (id=3852):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x265}, 0x8)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x35, 0xff, 0xaa, 0x20, 0xccd, 0x10af, 0x384e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x59, 0x2, 0x1, 0x9b, 0x1e, 0x2a, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000640)={0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f00000005c0)={0x2c, &(0x7f0000000380)={0x20, 0x8, 0x3, "e33cd2"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r4, 0x0, &(0x7f0000000480)={0x34, &(0x7f00000001c0)={0x0, 0x13}, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, &(0x7f0000000480)=ANY=[@ANYBLOB="211d00000000000007e6"], 0xf0)
sendto$inet6(r3, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$video4linux(&(0x7f0000000180), 0x10000fc3, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x52, 0x0, 0x0)

4m52.772326498s ago: executing program 1 (id=3854):
socket$nl_route(0x10, 0x3, 0x0)
r0 = inotify_init1(0x80000)
inotify_add_watch(r0, &(0x7f0000000200)='./cgroup\x00', 0x4000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000280)={@broadcast, @dev, @void, {@canfd={0xd, {{0x1, 0x1, 0x0, 0x1}, 0x16, 0x0, 0x0, 0x0, "f8b50d307d74af37e4da9707f653e812f340ace5733a33dc5af03aa1939e28153eb8282b1da382161fd80f7757e423f45751fd1dd4586f5d99cbaaf8b332233f"}}}}, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
r3 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r5 = dup3(r3, r4, 0x80000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000e22dcbc80b47befa0000000900010073797a30000000002c000000030a01020000000000000000010000030900030073797a30000000000900010073797a3000000000540000001a0a010400000000000000000100000008000b40000000000900010073797a30000000002c0004"], 0xc8}}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x19}, [@IFLA_NET_NS_FD={0x8}, @IFLA_TARGET_NETNSID={0x8}]}, 0x30}}, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000080), 0xfecc)
symlinkat(&(0x7f0000000040)='./file0\x00', r5, &(0x7f0000000140)='./file0\x00')
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r10, 0x84, 0x12, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r9, 0x0)
ioctl$MON_IOCG_STATS(r5, 0xc0109207, &(0x7f00000001c0))

4m49.397551188s ago: executing program 1 (id=3864):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xa, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="b4080000400000006110540000000000a60000000000ffe49500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x94)
fsopen(0x0, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r3, &(0x7f0000000580)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0x5}, 0x1c, &(0x7f0000000b40)=[{0x0}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, 0x0, 0x0)
io_setup(0xffffff7f, &(0x7f0000000280))
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff0000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800500ffffff7f000008001e"], 0x4c}}, 0x0)
r5 = openat$sysfs(0xffffff9c, 0x0, 0x42, 0x0)
ioctl$PPPOEIOCSFWD(r5, 0x4008b100, &(0x7f0000000200)={0x18, 0x0, {0x3, @remote, 'veth1_to_bond\x00'}})
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000300), 0x26ad00, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r7, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r6, 0x3ba0, &(0x7f0000000380)={0x48, 0x2, r8, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$SG_BLKTRACETEARDOWN(r5, 0x1276, 0x0)
ioctl$IOMMU_GET_HW_INFO(r6, 0x3b8a, &(0x7f0000000180)={0x44, 0x0, r9, 0x1006, &(0x7f0000002540)=""/4102})
socket$inet6_sctp(0xa, 0x1, 0x84)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$VT_GETMODE(r10, 0x5601, &(0x7f0000002000))
socket$netlink(0x10, 0x3, 0x0)

4m47.461373742s ago: executing program 2 (id=3869):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x3, 0x6)
r4 = socket(0x10, 0x3, 0x0)
rt_sigpending(&(0x7f00000000c0), 0x8)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x70000, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000140)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r6=>0x0})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_buf(r7, 0x29, 0x34, &(0x7f00000001c0)=""/39, &(0x7f0000001000)=0x27)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newtclass={0x7c, 0x28, 0x2, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xffec, 0xd}, {0xfff3}, {0xc, 0xd}}, [@tclass_kind_options=@c_taprio={0xb}, @tclass_kind_options=@c_sfq={0x8}, @TCA_RATE={0x6, 0x5, {0x8, 0x3}}, @TCA_RATE={0x6, 0x5, {0x4e, 0x2}}, @TCA_RATE={0x6, 0x5, {0xae, 0x5}}, @TCA_RATE={0x6, 0x5, {0x71, 0x3}}, @tclass_kind_options=@c_multiq={0xb}, @tclass_kind_options=@c_skbprio={0xc}, @tclass_kind_options=@c_ingress={0xc}]}, 0x7c}}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b000000000000000000", @ANYRES32, @ANYBLOB="be0f000000000000000000005e00000000000000", @ANYRESHEX=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
socket$inet(0x2, 0xa, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000140)=0x2, 0x4)
ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(0xffffffffffffffff, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, 0x0, 0x0, 0x1004000, 0x0, &(0x7f00000001c0)})
io_uring_register$IORING_REGISTER_IOWQ_AFF(0xffffffffffffffff, 0x11, &(0x7f00000002c0)="c59d5a7a406055ec5caf978f5dcb72efdd0b025a3f3a0934dab04a879bd4f21986ee9120299c809f64972924601315f7cc433ff8e2745aaeb70429633f51e416b6d4599c042828b8b4aac309eeb21fa1eaac552ecf81c878d5d289ad611969f8a05093d7b0cf03", 0x67)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in={0x2, 0x4e20, @multicast2}], 0x20)
sendto$inet6(r8, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x45550200}, 0x5}, 0x1c)
recvmmsg(r8, 0x0, 0x0, 0x40000040, 0x0)
mount$fuse(0x0, &(0x7f0000000a40)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020}, 0x2020)

4m46.976065488s ago: executing program 4 (id=3871):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x2b, 0x0, 0x0, 0xe0, 0x40, 0xe000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x6e, 0x1, 0x2, 0x0, 0x0, @empty=0xac1414aa, @dev={0xac, 0x14, 0x14, 0x22}}}}}}}, 0x0)

4m46.701195814s ago: executing program 4 (id=3873):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000a40)={'ip6tnl0\x00', &(0x7f00000009c0)={'syztnl0\x00', 0x0, 0x4, 0x6, 0x2, 0x4, 0x31, @mcast2, @mcast1, 0x7, 0x10, 0xe03, 0x1}})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="6c01000017000100000000000000000000000000000000000000ffffac1e00010000000000000000e0000002000000000000000000000000fc020000000000000000000000000000fe8000000000000000000000000000aa00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000ac3414000000000000427c00000000081a8c4c00"/48, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000b86b6e000000000000000000feffffff00000000000000000000000044000800000000000000000000000000000000010000000000000000000000007f00000100"/196], 0x16c}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000002c0)={'\x00', 0x7, 0x6, 0xc7, 0x5, 0xfffffffffffeffff, <r5=>0x0})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={'\x00', 0x401, 0x8, 0x1, 0x6, 0x5, <r6=>r5})
r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$setsig(r7, 0xa, 0x2d)
fcntl$getflags(r7, 0xb)
fcntl$lock(r2, 0x24, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x2, r6})
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6000000000142c00fe800000000000000000000000000008000000000000000000000000000000002c000003", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000c1e94a0be7"], 0x0)

4m46.090385209s ago: executing program 1 (id=3876):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x80, 0xc, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x20, 0xb}}}}}]}}]}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000280)=@newlink={0x48, 0x10, 0x503, 0xfffffffc, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000003}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x10}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="180000003d0007ff0f00000000000000037c000004"], 0x18}, 0x1, 0x0, 0x0, 0x40090}, 0x0)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0)
sendmsg$can_raw(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@canfd={{0x2, 0x0, 0x0, 0x1}, 0x21, 0x0, 0x0, 0x0, "a31229f8822d0e09634c39a1ddfc647f0e832ae52f3b9d550de6dbeba5e6d80a4aa4c7dfe1abb1d8abb4499949415f9b7a9f8270a626e3955d77a68a23177572"}, 0x48}, 0x1, 0x0, 0x0, 0x24000801}, 0x40011)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000000)={0x2c, &(0x7f0000000a80)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000600)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
unshare(0x24020400)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder0\x00', 0x802, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r6, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x1000})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000001c0)={0x1ff, 0x1, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000014d564b0000000001"])
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x80, 0x3})
bind$can_raw(r0, 0x0, 0x0)

4m46.086468686s ago: executing program 2 (id=3877):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x21, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x86001, 0x0)
syz_emit_ethernet(0x23, &(0x7f00000023c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x15, 0x0, 0x2000, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0xe}}, "dd"}}}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b40)={0x1c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x60, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x6}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x60}}, 0x4000050)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0)

4m45.787922904s ago: executing program 0 (id=3878):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x2, 0x0, 0x1ff, 0x0, 0xfd2, 0x3, 0x3}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
close(0xffffffffffffffff)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000200)={0x4000, 0x0, 0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

4m45.426027582s ago: executing program 4 (id=3880):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x40000000, @private2={0xfc, 0x2, '\x00', 0xff}, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

4m45.277972587s ago: executing program 4 (id=3883):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000340), 0x2000011a)
syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="7108ac051d92ead3010203010902120001a20000000904a6010003e90003"], 0x0)
sendmmsg$sock(r1, &(0x7f0000001600)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="15", 0x1}], 0x1}}], 0x1, 0x40001)
getsockname$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000100)=0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

4m45.136091503s ago: executing program 5 (id=3884):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="1400000017000b63d25a80648c2594f952a3c92b", 0x14}], 0x1}, 0x0)
accept$alg(r0, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(sha512-avx2)\x00'}, 0x58)

4m45.035127244s ago: executing program 5 (id=3885):
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
close(r1)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x7c, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0xa002a008}) (fail_nth: 4)

4m44.658698107s ago: executing program 0 (id=3886):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x242002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="0f05c4c2312f616e4e0fc72866ba6100ed262e6666400fc7b785e06f97b8010000000f01c148b80b000000000000000f23c88f88108fa4fe0d0000000a35040050000f23f83e67430f01c20f00d2670fc732", 0x52}], 0x1, 0x32, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000100)={0x1, 0x0, 0x1, 0xc2c6d7ed92c4ca45, 0x4})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200))
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r5, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'vxcan0\x00'})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'geneve0\x00', <r7=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x1a, r7, 0x1, 0xf, 0x6, @multicast}, 0x14)
sendto$packet(r6, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008001500000000000600270000030000df483eba2a97dc268f958e1166da2b518889b536fcc87b8c570aae900b5f42bf2cd040bd87273f580fbf9d1ede18c844f4d3f7b013c64dcd23d9dc031f42c3db4a7f507afe3b858c2bb0581a0c6486899eacccae185f5d230c694dd16505"], 0x44}}, 0x0)

4m44.410837106s ago: executing program 5 (id=3887):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x38)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000080)={0x9a0000, 0x3, 0xb, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x990902, 0x7, '\x00', @value=0x200}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="8500000008000000d40000003a0000109500080000000000"], &(0x7f0000000240)='GPL\x00', 0x1, 0x473, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff60}, 0x48)
getdents64(r1, &(0x7f0000000440)=""/150, 0x96)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)={0x18, 0x3c, 0x107, 0xfffffffc, 0x25dfdbff, {0x2, 0x7c}, [@nested={0x4, 0x48}]}, 0x18}, 0x1, 0x0, 0x0, 0x88c4}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r4, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x8, 0x0, 0x0}}, 0x10)
fchdir(r5)
r6 = syz_open_dev$vbi(&(0x7f00000001c0), 0x0, 0x2)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
ioctl$KVM_GET_MSR_FEATURE_INDEX_LIST(r2, 0xc004ae0a, &(0x7f0000000500)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd27, 0x0, {{@in=@multicast2, @in6=@empty, 0x1fe, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x8, 0x0, 0x2, 0x40}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000006200)=ANY=[@ANYBLOB="b8000000150001000000000000030000e00000020000000000000000000000000000000000000000000000000000000001fe0000000000000a"], 0xb8}}, 0x0)
ioctl$VIDIOC_ENUMSTD(r6, 0xc0485619, &(0x7f00000003c0)={0xc5, 0x10, "4115f0fab6d9be1b6d310c8f1705815580520d68e1374182", {0xb8, 0xa18}, 0xd5})
ioctl$KVM_CREATE_VCPU(r3, 0xaece, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4m44.280351879s ago: executing program 0 (id=3888):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x0, 0x0, 0x1}, &(0x7f0000000a80)=[{}])

4m44.186189961s ago: executing program 5 (id=3889):
r0 = syz_open_procfs(0x0, &(0x7f0000000440)='loginuid\x00')
pwritev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x1, 0x0)
mq_notify(r0, &(0x7f00000000c0)={0x0, 0x27, 0x0, @thr={&(0x7f00000034c0)="fd0aada21b09dc2e0a8852e9811703a42536063d716591f0d8c3df669ff0bb846db2c0d8dfb9242d9f24ee0c53da5552f84cdf1b04a0e72ab169cba463eb2e13ced3bd660aab04fad9a19976ac3c18f601150db4038ff95b569376ee71b7591a414c5a9824dcba347e837eb7c830269f54e8d5b360033fffaf995a739e825c22fdb2007512a2bf359fba797698dacfca86b98038a7248cd803e0e3ef48f5c864d534aebb8bd1da36d1058946d0864ad70dbbc05ec03caa533dbd4d7bcf5565da1f90feb9af17cbdcb85485f75f3eb6f6ef96072d20cf1a1281ef812c1c33eb593186fcf48e1dd800b1992c7fb3515ae65523815ff1d6e1dce91adb8b6e54877593cc8f3ab363e60aac2693cf12ffe7177b3204ab01002e93b1b3688498dcb01c17410d5a86f8af8b0c0ab7e7de2811a91a9d0f3a1b1bc9ce10b07a1a72d60ff9b2f5b7faf431a06ac4f6c6e05d4ea18bb11e47f9aabfdbaf944c5a9f017851cde233f261055ddc746576df4158a6c79d05fbb26e5a67bdecfd2ad60a7268f1d038729ff2d39b93535a879020ed7c164c0aaa6a1375445a95e2bf05e0e0c9ef1dde19f2bedf9a686512cb69d72cfc30b0251329085caab970aa1c6f5739520445d80b32ee5c84a6edaa56812fd8003e5d182934e3cebe141fcba6ea6e9575d5f85dfeacae5db8f8979a4c90b40d6f7e243db06fa6aa74da29a62cdbc78a884328b232e52ad06efb7b87a5f10166a0c7837958b9f9a8bc2bb25d6bd7f28462a9154ccbcd266123450e54ffa7d82d1e59bdafcb57f8f7a1197cbb00417a4cfcb55c409b8cd7dbed519b7398f6c01d906fce6921e4e515991050e785fe8095c83a9e965fc0630386ede537e635dcb7051d7704e97063c6964eb43845dd7f31142a354fc6d391287e955c10ec3629e4c8baea1c188da392bac544bd262bf40c1c90e51fc71074bf793e34377c36b11df8bff133ebcdf54dd9f5bef988badb8e861672fc80ac4de517de38f329d3378760f2582dadbf93f19c84558705c9104038edffadf6fb47868df3b4d9441c8349643f5bb2dd3754d2ea91fb787d3bd8aad6d45459eb6cfa7884aaac2f2f73ab4ed55f50e47290a5677bc23838d520c056cc7ae714781269107498e407e26336303a5898ab54f9eef57b35c7fed52cc40c18788a44abbfe516cfa1ca16e77ff5cba6e30a7fc1fa7daebdca3ab64e236514a506039bf95b9749fca4bc767b55117f7ddfb6d09b0a04b6311a9f99a06aceb8672234b81244f65c76215abeef2cbca743be45d35f00efacf24da50c8b06a9fff3c16ce0d31381d53225893a83068943ada8420367c1ba349a28d380911c38296ec6a224264cd353294e5a35d8c9138156231c6dafef06b5a203dc62c933469f79302bcacca0922e85f0dfdd1826b68c5684f7a9170a708be123d674de24fd4d39811e75a49c17ee3b4fa3c7e15468d5db87fa6782f4c9a532f454c89f87adfe521a385c1660ed2a0e696c8eb904f8c194299210485ce0272593638af251f8ac0533b697580257a6ee12cf138e8a3a348b3db53ab4526a59f0f947f7f1af0a7e0fce953c64eccaeca93852dfa7508a05dc287f5b54f2035474af01284d6dd97429922c829dc26c27fc3f6e9e407998ed1125d1ff0f0a3b9776f2dd5b006a78b95c9ffee05f36dcdcfe8ec03d024c23396fc22b8dc5b9291be6820d0e39049c517e4c3ea1c4cac441228060b9b66dd43e47e5ca8b94891369a2de879f1357fb28ac8b73e2404017844aff14c899f2170e5a644d435870324df3caad05090c33d21c3ba4beba8cc9e9ca155a52ab9041f50d2ab509429ae9f1e3f9482c81bce2eeeb4d837a14d0d9e0846ae87d9bd60e0df0ab48e61ba95289af64f07258c94430ae94d6890c90e26e1bda6ca8a7759b5ceb61e694cfacd54138ea8b4c4f67351108df96a1a7afcaef049c29776a9dfee0de60b307cd0a5346aee27027ff68a65680c33cf76dbd0378ec59b7e48b849e14cdc23e807b8cb8e75dc33e44cb0486b1659c6a7cbff5200b394009c4daf5351f9d671fc0dadde599a738440f616761c93f725e25e95c0225bfa3f988634b831a31341cdaacc981f55bc119002485263c607b9ddccf8ae5898bfd9d77cbd0fe3fe6f15ed2e32fed0ad2f00ba0cf42f20bd0c7452157da4565737d05310c9250e17a5e3f0b8075c064129d95ec6fe4bab0bbaf4edb5616ee133f3e2f20f6943e391208ba32691a867ce460ccb1b1e276883e1b761486aed8d77a8f4108990e559bb4a53eed947c1bc391f14e4bcda4c3d4de0ad68b30e79a1090dbb26da1b73c1098024719957054fce45864c8fe189b50fa16bcc967ba3561af1b71292bf7293b8013d485544ee5290b50e3a9358330a447835a9683d232a6fa2cd7ccce053911ef1bd61ece294e11058038fb74e57445ee32a483aca5ca8fd1f918ec5feb6d3df1bfcdb218edb077d5c1cb46f63dbfacad5db6ba9c18f17e35ca605a79bc733862317bade70b225b7c68589ee144895bdee5d2be09bf0ceb98922d0eecf27b61cefb550ada80f52be8818b3e35a9e4ce2db90004d645b7e2e472564c5a43220195863be265697f90f2c7dd4378f1bcebc486eafb73819fd07bf82965a3c9f0d1ed8b5fce84b9fbcba227944a15cce172d75864f9795d66e6d8ec44f9db0e99d0fe941319251ad87e0ad807332a83a6285d1c7d5be96f51d967ccd6009f0d258cfc42fdd773ba43e5c59f8ec9f37028d8d0569de01536bc000368f98a1fd0e01c062e18294358136a9085792634031641f186bc7ecd991853ad2ef8a39872c552a5a139718e00eb7972422018540642ed012eb73b701b659dd08ca656cb95518c6eebdd314754004e42740e2b5fff6ed8d4ccae3ba208175b9c852d3394176426c3fda6ac9cef59b424dda18e764dbcbbd32c213f67dda5b5cee109ef8ab8c315024a94adcd583b13a4fe727bd1807f827d33630b6d4bf20b8e8f8699f8a896d4c09932adb6a8ca1e6f49a758a1dc65ad5cd11764e56e3ac278836ed9b3dd96bf55804c6f6a2f132d18bc39f9fdc868bdb830184ee7766feb353a337d87e2159564a8725783864b92be7406a827d8490bdc7e0f44315d31f94ef151c3c62fe2a5be26ddb94810dd69a44643f31ade7114ae44399f52ef2295fcac12f7f6bb34c3c069616ba12bc4619a95e36c4c0f7e42c201d6b30b89554570eeb436dcdafb399910c882610479fbfa7b1941dd3198115df4abea7c64f1191cdcd580a118085c525967815351667e2aad3cc9017ae38bad7aa1df392d17547b779a28002d4a657072b80530c6bfd671dd0458ec3845b8e1b4f8e04a168fa76f74e62d20ee9dd30f89afe2638d384b2403ee9585eb24f7a3bbee3d87369ef506f0d4e68d4ac133db16d11b3b2a251da7eadaba33f6009754dcbb2fd5d3afa41fdf9a7d71ef8553823f1b14c2681540672e63992150d3e783f00741db3d821734e50951bdf3babce335e308be8fc317d23a354b9fd5c9b3a3523af6df62e95c737c4e761d9e849971cac19588c241fbfcc982139603e1c0bf026639de5c6fa9273a23ad5fbc385712199eb7c941455648e8e73f55adba1840c728f2c5b918e48c80f44075e147da03e3b029b8157d44c74bd4791914dd5a02f393d810533ddff06dce541e07bdd18ddb31dc505592b525081df0f3957ed6d45c50ea4c85c60d19e5ec30b8eca61e8dae623482522deb44f4a219c23752c4960d305b7e33e6ec7001a57d0bd3a7dfcbcfdd2da465dc53c4e8fac470460dd63525aa7fe9946538c1a55d568cb4768314873fc69c20c6ba32af1e4390e9202931a698e93f22f58601edc75c41b7259380b69dbeeaa55bf160db3daa2e23a1178dfa9ac876f8513c9b4013e82935941e33f0c2a426f3900118ad764c3f855b3dca8a19a80bf8ad763530460af5ac994668325aeabf2aee2d1d2ee34b86a8c815d5215dcf14fa3b93479aacad6e3852793f1d817103a322bc2bcf730f1fe6f5f61e3c820219daab7af0d942cb354dd79dc4635f3503d4b5d774d4d91b649d4980d2638f3d65a59a03a3d93efacbefcf18e79ddfb1efc680c0883326c96150fe03123898df98736c4ac819754331ca94a41dfd8f83ade5d1119aaccba6f7ef5f555a6daf165abcb958cb5f10faf2baab7e49ee2bdb45a86bd616c6fe498ed16c58370d678add2cc7352f19dd3e312dbc30b2e088fb77776e1989ef834d4765afc84f6ff325f4889b62e235c1cbf4ef567c2d5f16d6f29c15f82676fb47df29cde8faef1f9778d597b0e1b32ae83bc4d9dd7ce69edb11203815a598ca685bc8941c366f74362742422212277fa13e4064ab4ab8291b5ed8120ece7de54b8237ebf5cb791460d4ec009639794590aea38067c0dfd10bc45ad5a84473ecd9ce160d97a02a9d3d91727ddc12988239d79cf45c99711b587fabfbe2ec8b1894a785070fdf1090a56b07ab0c417d739baaa92a01e7c26250f516b833959c928f580f259698b0d59fd7eac5c27e6801e9aeb5c0ec318c49ff6bed71de60e950048f709180da9ad978600bb684bc02f7b63634effa069a41eadd0b170b2ad1329f7684f1523de23c074e5d64de1a2f6c8e20ef457a982c9d988ad1dc604bdcfa311102c58ca2d8deff6a58d5d79e83cc88fb56ade1703ab5bbb83f90ca5ffff6bad15cee0a8314cfdefe06a63a026df40c1f815c14d3d32e5edc8333a2fe50d1aec4e057f2a6e581a013b014ae4ee2660e8116551fe58e1e3a5364ee1943b0c585160ae04bf1da88dc0472d10ad98a7ee285685c76cafa145d687f9f9b0bf5e308e1a0b1ca7df6413053ba3f437c993886ccf9fe472d618193498ec4d6dbb48d92829f9f483d6ac57b2ba191a80dd868c7dc2face9faf7e6d9738cc23a9758836687f7359350c1c9afa505f115b89ee31bf45e89781eba4cc83ee0cc3fb7e2cc5906343801329f79da5d4955e024a015646a0b280f50cc66e9ed206ffe8be6d6647d7f459fe74742f8544429a7c05cd6ececbd800f7aceb323a8d62fec9e9dcd5b5968afe4efd8c493e87f74c0e33d3e28e88d8ca0eb0c1046556c1f302a86ba3c72ce4aab83c6f922e678e516d8bf1bc69d1a5d8551bcbc733d29a93b244a2945384eff500e04269610eb14cfcc6d98014af0e85c318fb699fd3c8776a2a4f2d9ab198593e53e303c9faaa2b2c28a962248464cfc83a712a00865c90dc062e5babdb8eecac041c155804924fe5021453c36030660280f768ad6004ad51cf9b137deeac64d139835774bf169d5d219915b027c53cf056b19485ba1e8dea0d0328aa1fc6e6989ae5fb7cfeaed0dbd2b7e7602313520c494f06ff1157deb7db72f6d748fa1c1c0256c3dd4b2e2ee678ccf84193e6c762b3146aee5c6228a901060665d7d3e5ba95346142f5e5aebee9653038f4962b57f31c2a19eff8a9f9116ddb4acdae0ca8327145ea4ba4b3a609714da2cfd64c8cdb749e2d7215f83f4c2d831f2d2f12dc863a7005d30bc27cc130147bff1d2240100000000000000d5a1b574cfc228695d38fa6c71016db4a0a3778ae397b0125b072e5867139c0cbfd34da00294385b02a039f2e2044825501d1317ef2671666c1fc166d4885bbd6708d69731d113d7d459df7c14ba6e6267ae16a65c46164ff83ab0eb7afda70a23609adc379f3b60914828f59df7eb8d74cbb52173fbb446d1c5469c6c039ae46577d857ff84a0439bca0a41a84594c0c8c24abe0116a17a738a8a101b1083be8ac3e57f0c9d21789cb8a6fee000"/4113, &(0x7f0000001480)="7a47eaf2567c4fd1bc37f5e1ebb3d7dcda28742b549a918bbfab527b8fea9dc5e6f65c16f51c85f4fb9e12cdbaef5a38c84b9455f90b20eaf4dfaf40a67a47c0d5e93097ea10017e14b8d62136fb925a715731291a19b3c71e6a998dc9bfdeeb497221ce115465fdfbffa0e48d4c2b8c4bca20484f57a85d4a6199b20eeb10f7ead8e5788148c321bfd4a1109ed423e1a5b3b21f60368384a5e925601e5ad67660258baf9e78854ff9593862186ca9b5d164e6d97f768dffce3e2ed54617f04c2e738088f04ae8b7851eadc75374885125ce46cf78649548999d50fe62d86aba48b1ca79d7e6a4d2cca8a5c75c9314b8736a03dc8b60c2f1699211ea0886f4041c01a2820115e61c5a58da84741c5ef7646e8c34ee1d4ad2336cbf93d846f5d3cf1ed628513e3c8d9cb57cab5bffcd50334f7f0a75acec6fe1095b3d4c31f18c6ee810294668fd3568df5c677014efd66196aa560327e4b361032063f0ba15d0c7e8836270c8fe7aeaa8fba9ed301c5b29a51b75152583c458e6ee363891dc75ee0149510af0f6a8e8eaf3af8fc298ebd8b45c0d8ce0ed7e6cfa3438257801db2a878bd37ee42b465dd6dcf8524c23391d6083bb6cc544995141182a343d088fe640efaa9a5e4c2fb5430ef1fdb07528479ae482f6a5ea8c2e1001457865cf8f7f7d365a6b852468963aa0e437bddb0af33a93cfc1fd36c2e6e497cb38c365288f47c4e359a01b3154d141279064cc0b54153c536e7b138e267eb97560abbc9a57f5b6b42a8c14355fa73775b54b42aa1aa1e41dc4be41d771012c55025b836d94ce198a4c1ef28030aacba5fb4d479306e1739a3a617980f4f2a242e77db1104efe4f5055e3f17ba0db4a0a56473664a1832078445c7cd656c5d16fd542f5035286bc10919a1a7e626ab4a92593c9a4c08357425d2adbeb88982a9a2ad6826ed4084b461d8e5e0137431b6a33b7d373325bb1a5ec32ac4ab0f663a6b730386dab3e2f950fd1c23f98f126a67760ca545906893e0243bc96914ef51cdc0ea85f012d1366cab9c6aa61cf21a01a9b467443329d9691ef0ac952bb9abe3e0d333b307eea3247474d301b1e46b038e278368d76214459e6a0ea6f82a6883e81b0fb7ed59d2d9d573298acd4460ceae8fce1699dc42f19bfd4aed2afa6994d1f068a5be41abb0369900e7f16c989e91713f6d897aba4eb0e105c134194d32cf0526495a86374b0217ed4d9cf76165e4674157edb323d6e9fb525e75f6f22514c1a068378ac72b681e9198bd2712c6fa2932952d19132bd7d09fc88bda801da171f378dd0ad9dab5a6043cae5ff9bae19ade4057f5f4f6e0242c00557a60c2549879a5cb6be226eebad96f2aca051d6d48c6212c6b444ba93951b2686275e3753d5b856a258932ff8eba48184fd84df75f980135e3aa046b83832a5950846191b7771fcce051c7bbc35689f2eb4ed0b6246509cb33a56f78be09e7234497bee41715e777c20bba2a515552d7e73a438b3aaf795635793d287e361a9ae1abe72b9787c5f9ff730b53d286ae87294de562829f9c4efb4dcb93a2b76f217e2024c4e40a23e9c7a0545063f642d54682537f9fba679d1fbd1efc3afa4529244d7c21ae0cb0a358f5dc983d515cd1fd5246e93f634a867967130f8585b1bb8287487f20f27f76b5cdd50b0fe39a65363a44e22aa2518006be7ff24db54366d27e7185f29fce354cfb432607ee39b4f62fd545cae291e7c2f037eebc1035cc41c7594ccd7dee8cfd746dfd512f885db2f4df101f8963cade5b5be0ae4743dac1e275b62e3ce895fa4572ea5ba6f75c0003cfeec8fa9cdae74f24f2706e65f02d46b1e43cff28fcc484928bacb788f98dac0dbb895ca6500bb22ff5f3ca6a4239a50b2e113ab24a9c9224d99314431ca4e345ab92ebcaefc36891fbf077b268331d3ec89645978af21fb23066b479539c71ae5c584cd1960e1d4ebe5f0afe6d4dca7a7e7f47a7b17ff9829225c5c79989f2ec0befc4969ce65a91d9e31a7c573b82243741d5219c22399dbc006d872e542118c9ae9e7bfa31047ec610c117a3b268f94a0873fce7c751c087df9b424ac84862d8c75a8d715923d54e88566420a72b3496f6331a2cbefe68468054dd6cdf18bd4d7c0de05a39fa0c4e8d19ab52edc0a6411388667e94a91101e4eae5a3d47cd410847e84de8ae135a7065bfc61ccd25858687eb608bd0e3ddfcbef993ff53ab3faaa5e2b9431003dcbed5f2ffb7f71214b171eb6dbd93ea1bea03bd2ba2a87ac6ac6127095e490fda85cbd6da39116750d12a2b8ab419b1455527a6a9da713c3533da000db205198704a5dd7cdfb4b65c5623fc4a391b8379013b1e2e5a78155b51df8addd2aad2200c83050a935711e8393b5be861ff1ae746091a1a59520f4a6c6ee242cd9fdcd40737f9ef54e78e60cc3d27843aa9564e2cc53a66e3615e8990470111ca4e65dfb8224b46698446a10d577fde67735cc129fe5285172ee04640a40b98383d1fdedcc32006fe42797e274fed950d575145c22178ed18d22a2c0f365187d2d14ab6eb73841c82245f2d6b042a3d1d9ce173d853010e291a228133afa5688f8e4fcf9fff1bbdaf74e87716898eb1908aefd8eeb65bcd2e05e9130d47ad99537351f5005f41694aca03dca97aea86aeb677b495f54197da750f54e07bf7d9ffa668d84c3c86a97e468f80052569cc56fc2dd4537c357556a08f6ef12189fc055c1be2b5a8df41c8aa2bf66efd0333a6f5f76b5151b5cf59c8b2ca17f5e9581eea1ed9eec1309e4c2d3e98aec6e79164c9c2e33f4ecd33b76fcd53e59a5788650e943b3edcac0f428a08467e0ac218106377873b149ce4e69845059d56c04e431090fbf3d1c3c63d3a72556392bdcebbd218e0e5b436054810ce14670f0e90a65544b252d49cb414a867cbb44f04cefceed9c7af9f9731a00851eba213db40cf5bf0caf93f960b81dc6391e4645271577513b7d4edd6e9af3b8c0f6c403a07b2254ed8aa886b89a9386afa4c94ae97e4e5837044aeb97eb1170b0c2392c8d235c110e81a54bc5e65fffa95dbcbdb83a9e284649746cf85fd2a863a25e8deaddd5ad9ebaa457bed6c69b440dfdd8f4790f07805e673d381e94270d7589507627cb6d07c37282beee1c11983f542809d71d0307401946b0b0f89637173afd49a967d50c6881ccbace76dcb2477e1e490a4e98796765c0a068858e55a2508e795c2e283840b401e2f3bf7807e40f93f224e5df8d7040dec1d184c85dec445d58b6d97a61f18dfa48aedd6709a518f944939fca370788c3a7f157332f712b660cf1d61ce91eafae600b6e7aa5f4322f243b32c1c1ac84cc4ae3a6222a435f0fd8bae7754f07bf5f3d42b28b9b35e59d6485f046b10fa2276845cd4657a309e1b81682e9b6fe4c8cb3ca2104576114dcfe56f1635e93c1b63e57887812e4581346b12f8b12464b2047ffae5a29dc4b3996f37cd33c7a10512aaf2557cc2888c76e3bae2e5786527dc1d4bed1f1a52431cb518f46b657178bf0663f015f9ffec1b7f44d9a87db0883eea519e096897dc7c2a97c452a343bd92224c77dbbd4600deeaedbfcc3d3e569ed3b1b34f5457293c8e8aba4ed4d6c01078f8edc298742a515e0c6d37e79834ab384a56e534a5acd63954307be56ee5125bfaba2a5535a917f957ce38e24d259c7d0a1eb9b001d4ce713294e90aa586decc98fbec48b60471355344270feb8c1202e9acb88637f3beb85dc65739a5b1fa3ce5f93c21c36dea7c9da3b7bde496d68a2dc39f1ac9356d187041f54a0e7bfa6b45f4fce78aed8d9f4060e12f28d327e4c1dc18669398f38be025b086113a9bb3ba86f40eddffbb4c9585a5dd500d8fbce35d50c95736235ac83e522a271fa68e3557f942ad1b16517729dd85b92dd724065e86f1c4da70c562c83e40c3800e3b14d7d82f50758a598470b0fce8bfaaff8b01b8ba9bd5486eda66c4b3b012d88715228ba7e95e8cb9455a3685fc01aef1391171b7daf5c8c32e3ce1387c0440bac2aec859e379476db7a5f703023992f9c8c6dfa2371939bbe3df65af3f572c24d5f078dfb9e96a9154b518f54ac4b51ac4197a2d41f526bf934c1b2c1cd7a92b4f6e8b7ccb0c7f2c5003e66f18493ce81355948eb157b7247941142f4a1e16ecfe5fbab2d02a048a7a3ed3e045f57cb052ef53400a7c3040cb5d7aa97bed826146e4804e569023a10235152b7b050ec6db743a5368b3471a5000969fffc692ec9049d7806772b88c8963ad36f2f25b489e7acd0a907c018568ad121aa01d134fac878ccb73f84682be13eda2f3c8ff0820b6759ce3eae50f7a11ec5202fb6a9d54088d302374353ddeea0614a4adb0c0a8fdbc0812e24e0a70a4f6740c9dd7b992c1baee9159cb165f365fa3de3209493ac1945bde70a38425a31503277ab01da405dd2bddd72544cf08f578f44ba28aefb55b3dae0887b1ef579354322cca33b361c810f48134a23029a245d45ccbe955542aa436a33eabc937c9510ff3b1236154e69b210ab710bc879e9b361e6448796624c215ab3f3709447cb18485f36c66358def6b0eff6ab841154880685a6fbadc7642f3c01796fdc15330e4be07bd7a36d651c0af3063a0b6d48b29cd7faebcb2ed5ea03c9b6257f81d1c42e649dc3beec702d42cc4ed1f63668426a76e9affdc8e7bba8f14c5529b9e367a47cc95886092b74dfaa5d11b776b6d8140a3ea064a811b657a6e77eaf900578bce8b357ad6d5e10e706840cf4b14bbd6d5db177d13cff5036932fb67d5c0b9284ee20532fa6b93e7e0295e1ffaeb83de8d3f63cdb6dd65400063cd2e2e94aebd4f822887f0644d76bf793e8ce41f56826f0e03afb7a183d2a24a8e85a9700ffc7953ceec8ee6246cfd82e0e2e3708534ee586162b9800a71118396c9a6f130f0ec3759933d1c3e872f266c79ff6a3c45d0a01f893ddfb83ed99a7b36c4c14198844ec98703185e554954a548547878a925d23708994dc24f1f6ae333cabb5e0667a15ff4b12f9db09090db6dd4285ee89f61f25728702949b9ad1244af8707875cbd991505eb55572fc9682e06e3b9877bdd6b954ff27e4896d125398e30f7f6e5eddadcf9a5cabae048790767fa86c038e1a5d697e9248d95fd34b3c8919679eac27e0a4512d715badecede51ba82dfe08634072d6409e8efa46aa631b4edd49e6c6a3e5be701d9753e41b73442395c6d0f2b2643f8772fc5c9eae382582cf45929a0c469a632dc9eb9a9c4e54d4e4105c38e8f81eac5951081a783f8e79800e40cfd6640e45ee29655529fbe1ee67c9376260fef7bca470ee115c30c539d680f045480524ed43a737bcaa5d80a959d646ea41eb2a74f0193f51edc11a6876b5b49338cee356ecd072f276ad266f27d6ab01ac518744549efc89920e985ace3dc0cc728e518dc374823655459f80770e2cb77768b47df166fc5c7298237c8788f3958a26ba1b22d78fa71dc0d1959c57594a98dc957460755429f7125843c6d09151c939e9abe5051831d98194cb83ee884c25a99c1cd672a80316a7d8835c9ac760f9599e5b2038dc0c0e1119e352e788873b4bf764d7c48ed293bb88bcd07e7a38901fb2507e898059835f73e2f01d071a6b3935ea99c0e99207f849e769d240bf589fb15d1a6be6ea1a26e7bc5254048dab344a5255f46638481346cdb35febbfd17743cf189c04d6df9e363d50d7712b30c21d520768501017415e8060ef1325a3305d7144d8473d8024d96db76c4bcaced0df9a77f5000"}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000003ef0001800e000100636f6e6e6c696d69740000000c000280080001400000e41f08000340", @ANYRES8], 0xd0}, 0x1, 0x0, 0x0, 0x60000800}, 0x4000024)

4m44.12402204s ago: executing program 0 (id=3890):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x242002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="0f05c4c2312f616e4e0fc72866ba6100ed262e6666400fc7b785e06f97b8010000000f01c148b80b000000000000000f23c88f88108fa4fe0d0000000a35040050000f23f83e67430f01c20f00d2670fc732", 0x52}], 0x1, 0x32, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000100)={0x1, 0x0, 0x1, 0xc2c6d7ed92c4ca45, 0x4})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200))
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r5, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'vxcan0\x00'})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'geneve0\x00', <r7=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x1a, r7, 0x1, 0xf, 0x6, @multicast}, 0x14)
sendto$packet(r6, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008001500000000000600270000030000df483eba2a97dc268f958e1166da2b518889b536fcc87b8c570aae900b5f42bf2cd040bd87273f580fbf9d1ede18c844f4d3f7b013c64dcd23d9dc031f42c3db4a7f507afe3b858c2bb0581a0c6486899eacccae185f5d230c694dd16505"], 0x44}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={0x0, @rand_addr, @remote}, &(0x7f00000002c0)=0xc)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)

4m43.963319766s ago: executing program 5 (id=3891):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x242002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="0f05c4c2312f616e4e0fc72866ba6100ed262e6666400fc7b785e06f97b8010000000f01c148b80b000000000000000f23c88f88108fa4fe0d0000000a35040050000f23f83e67430f01c20f00d2670fc732", 0x52}], 0x1, 0x32, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000100)={0x1, 0x0, 0x1, 0xc2c6d7ed92c4ca45, 0x4})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200))
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r5, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'vxcan0\x00'})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'geneve0\x00', <r7=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x1a, r7, 0x1, 0xf, 0x6, @multicast}, 0x14)
sendto$packet(r6, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008001500000000000600270000030000df483eba2a97dc268f958e1166da2b518889b536fcc87b8c570aae900b5f42bf2cd040bd87273f580fbf9d1ede18c844f4d3f7b013c64dcd23d9dc031f42c3db4a7f507afe3b858c2bb0581a0c6486899eacccae185f5d230c694dd16505"], 0x44}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={0x0, @rand_addr, @remote}, &(0x7f00000002c0)=0xc)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)

4m43.642058354s ago: executing program 0 (id=3892):
syz_mount_image$fuse(0x0, 0x0, 0x1000008, 0x0, 0x0, 0x0, 0x0)
unshare(0x24020400)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = dup(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000002c0)=@abs, 0xfffffffffffffff3)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f00000005c0)={'ip6tnl0\x00', 0x53})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r1, &(0x7f0000000180)='6\x00', 0x2)
pipe2(0x0, 0x80)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x9, 0x0, 0x0, 0xb49, 0x7, 0xe0a, 0x0, 0x1}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x1fe, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/packet\x00')
read$FUSE(r6, &(0x7f0000000540)={0x2020}, 0x2020)
pread64(r6, &(0x7f00000000c0)=""/100, 0x64, 0x2)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, &(0x7f0000000340)="b896008ee0660f3882804f006766c7442400f9ea66f16766c744240225a366e46766c744240600000000670f0114249a000070000f1caa483ab834008ec0f30fa7c00fae3b66b91a03000066b8c226e16166bad00cbe1d0f3083670200", 0x5d}], 0x1, 0x76, 0x0, 0x0)
execve(0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
syz_open_dev$loop(&(0x7f0000000000), 0x8000000000000001, 0x101400)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000040)={0x78, 0x6}, 0x4)

4m43.551965604s ago: executing program 1 (id=3893):
r0 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x328, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x388)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0xaea3, 0x0)
syz_emit_ethernet(0x1b9, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x183, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, [{0x0, 0xa, "a78ce54806598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e518a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x1f, 0x9, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f80889"}]}}}}}}, 0x0)
connect$inet6(r2, &(0x7f0000000a40)={0xa, 0x4e24, 0x7ffd, @empty, 0x3}, 0x1c)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

4m43.464928388s ago: executing program 5 (id=3894):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
fsopen(&(0x7f0000000300)='befs\x00', 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
socket$kcm(0x10, 0x2, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1, 0x4})
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
r6 = syz_io_uring_setup(0x8d0, &(0x7f00000000c0)={0x0, 0xc48a, 0x800, 0x3, 0x80000000, 0x0, r5}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x47ba, 0x3e80, 0x2, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x5)
connect$unix(r2, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)

4m43.214388763s ago: executing program 1 (id=3895):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b", @ANYRESHEX=0x0, @ANYRES8=0x0], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000bc0)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a300000000008000540"], 0x6c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000240)={0x14, &(0x7f0000000080)={0x20, 0x0, 0x20, {0x20, 0x2, "c6d36880264b5e2ea1450766b74bc426b07e9406b998410a224ad380f41a"}}, &(0x7f0000000200)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000500)={0x44, &(0x7f0000000280)={0x0, 0x16, 0xab, "8f16db6424bacfc1604686c4f4b61d8d7f5cc5ebd88202e0e2eeb0d298fbfa34c1961c8734105b373a3b2090edc82d4c968fc724d227cadc5c339b1ab46a651abf5a57d3e25be08fb1bb4cd166b16ac4ab66d45fdf71d23ee5c2ca8cac45e9828b0aafbaf35ed66451acea57580a45d433ca0d14d4f6011baa5d919ff72fb391ac49e57acaaab82bcb31523c6b7a969f3095da6b6ea58f819e144fdbf5338cbfcb97108f039cc1d0d84c48"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0xfd}, &(0x7f0000000380)={0x0, 0x8, 0x1}, &(0x7f00000003c0)={0x20, 0x80, 0x1c, {0x375f, 0x7, 0x6, 0x6, 0x5, 0x9, 0x4922, 0x9, 0xbbd, 0xc4, 0x1, 0x401}}, &(0x7f0000000400)={0x20, 0x85, 0x4, 0x6}, &(0x7f0000000440)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000480)={0x20, 0x87, 0x2, 0x8000}, &(0x7f00000004c0)={0x20, 0x89, 0x2, 0x1}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)

4m42.453034111s ago: executing program 0 (id=3896):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x2, 0x0, 0x1ff, 0x0, 0xfd2, 0x3, 0x3}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
close(0xffffffffffffffff)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000200)={0x4000, 0x0, 0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

4m42.451409011s ago: executing program 2 (id=3897):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027", @ANYBLOB="0300000000000000280012800a0001"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m42.308806151s ago: executing program 2 (id=3898):
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x40000000, @private2={0xfc, 0x2, '\x00', 0xff}, 0x5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r4, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

4m42.020108874s ago: executing program 4 (id=3899):
r0 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x328, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x388)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
syz_emit_ethernet(0x1b9, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x183, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, [{0x0, 0xa, "a78ce54806598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e518a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x1f, 0x9, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f80889"}]}}}}}}, 0x0)
connect$inet6(r1, &(0x7f0000000a40)={0xa, 0x4e24, 0x7ffd, @empty, 0x3}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

4m41.961282241s ago: executing program 2 (id=3900):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x0, 0x0, 0x1}, &(0x7f0000000a80)=[{}])

4m41.461420758s ago: executing program 4 (id=3901):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1, 0x0, 0xb2, 0xe9, 0x8, 0x7f}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x11}, {0xffe6, 0xb}, {0xb, 0x4}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x2}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4m20.442216136s ago: executing program 33 (id=3896):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x2, 0x0, 0x1ff, 0x0, 0xfd2, 0x3, 0x3}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
close(0xffffffffffffffff)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000200)={0x4000, 0x0, 0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

4m20.146852795s ago: executing program 34 (id=3895):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b", @ANYRESHEX=0x0, @ANYRES8=0x0], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000bc0)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a300000000008000540"], 0x6c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000240)={0x14, &(0x7f0000000080)={0x20, 0x0, 0x20, {0x20, 0x2, "c6d36880264b5e2ea1450766b74bc426b07e9406b998410a224ad380f41a"}}, &(0x7f0000000200)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000500)={0x44, &(0x7f0000000280)={0x0, 0x16, 0xab, "8f16db6424bacfc1604686c4f4b61d8d7f5cc5ebd88202e0e2eeb0d298fbfa34c1961c8734105b373a3b2090edc82d4c968fc724d227cadc5c339b1ab46a651abf5a57d3e25be08fb1bb4cd166b16ac4ab66d45fdf71d23ee5c2ca8cac45e9828b0aafbaf35ed66451acea57580a45d433ca0d14d4f6011baa5d919ff72fb391ac49e57acaaab82bcb31523c6b7a969f3095da6b6ea58f819e144fdbf5338cbfcb97108f039cc1d0d84c48"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0xfd}, &(0x7f0000000380)={0x0, 0x8, 0x1}, &(0x7f00000003c0)={0x20, 0x80, 0x1c, {0x375f, 0x7, 0x6, 0x6, 0x5, 0x9, 0x4922, 0x9, 0xbbd, 0xc4, 0x1, 0x401}}, &(0x7f0000000400)={0x20, 0x85, 0x4, 0x6}, &(0x7f0000000440)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000480)={0x20, 0x87, 0x2, 0x8000}, &(0x7f00000004c0)={0x20, 0x89, 0x2, 0x1}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)

3m59.433296163s ago: executing program 35 (id=3900):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x0, 0x0, 0x1}, &(0x7f0000000a80)=[{}])

3m59.174554409s ago: executing program 36 (id=3894):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
fsopen(&(0x7f0000000300)='befs\x00', 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
socket$kcm(0x10, 0x2, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1, 0x4})
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
r6 = syz_io_uring_setup(0x8d0, &(0x7f00000000c0)={0x0, 0xc48a, 0x800, 0x3, 0x80000000, 0x0, r5}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x47ba, 0x3e80, 0x2, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x5)
connect$unix(r2, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)

3m58.988483397s ago: executing program 37 (id=3901):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1, 0x0, 0xb2, 0xe9, 0x8, 0x7f}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x11}, {0xffe6, 0xb}, {0xb, 0x4}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x2}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

9.008508435s ago: executing program 7 (id=4668):
get_mempolicy(0x0, &(0x7f0000003340), 0x8e09, &(0x7f0000ffe000/0x2000)=nil, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r1, &(0x7f0000000340), 0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), r2)
r4 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r5 = add_key(&(0x7f0000000080)='keyring\x00', 0x0, 0x0, 0x0, r4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "d57e190d001e6e1d16c1711bbd8adbf65bd846957b378a02340c68117aa1b390", "b0b4e2d8157cddfb9792c8e37bafb99e319950347e93f4d34870ee24c0ea06d56270e45c8d3e7d708161ba81dd33c54b", "01acae6f69ea1443db8d53af54944d4894a87f20c65bfb8e0c8cfb67", {"38f5e54b3dc7c070b4d66f0f9565df74", "d2653a13d554fee0e7be27c873db314d"}}}}}}}, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)=@chain={'key_or_keyring:', r5})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x2c, r3, 0x1, 0x0, 0x2000000, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'syztnl1\x00', r6, 0x1, 0x10, 0x5, 0xe, {{0x9, 0x4, 0x1, 0x1, 0x24, 0x66, 0x0, 0xb5, 0x29, 0x0, @multicast2, @local, {[@timestamp={0x44, 0x10, 0x72, 0x0, 0x1, [0xaf, 0xdc9, 0xfb]}]}}}}})
r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000001600), 0x40040, 0x0)
ioctl$PTP_PIN_SETFUNC2(r7, 0x40603d10, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)={0x14, 0x6a, 0xfcdfa0f79c183163, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1, 0x0, 0x0, 0x48000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa390d4260751288a8440081"], 0x0)

8.509670512s ago: executing program 7 (id=4669):
socket(0x400000000010, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) (async)
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) (async)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
gettid() (async)
gettid()
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f0000000240)={0x6, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, <r6=>0x0], &(0x7f0000000040), 0x3, r5, 0xcccccccc})
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) (async)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
ptrace(0x10, 0x0) (async)
ptrace(0x10, 0x0)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000440)=[r5], &(0x7f0000000200), &(0x7f00000000c0)=[r6], &(0x7f0000000040), 0x0, 0x300})
syz_io_uring_setup(0xc55, 0x0, 0x0, &(0x7f0000000280))

7.406414177s ago: executing program 6 (id=4672):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000a40)={'ip6tnl0\x00', &(0x7f00000009c0)={'syztnl0\x00', 0x0, 0x4, 0x6, 0x2, 0x4, 0x31, @mcast2, @mcast1, 0x7, 0x10, 0xe03, 0x1}})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x16c}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000002c0)={'\x00', 0x7, 0x6, 0xc7, 0x5, 0xfffffffffffeffff, <r5=>0x0})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={'\x00', 0x401, 0x8, 0x1, 0x6, 0x5, <r6=>r5})
r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$setsig(r7, 0xa, 0x2d)
fcntl$getflags(r7, 0xb)
fcntl$lock(r2, 0x24, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x2, r6})
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000c1e94a0b"], 0x0)

6.605370264s ago: executing program 8 (id=4675):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = add_key(0x0, &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0x20, r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
add_key(&(0x7f0000000140)='.dead\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffa)
r3 = socket(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040))
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000001c0)={{@host, 0x6}, @host, 0x0, 0x2000000, 0x4, 0x2, 0x0, 0x3ff, 0x5})
r5 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000100)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000280)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e, 0xfffffffffffbfff9, 0x6, 0x2000})
add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f", 0x91, 0xffffffffffffffff)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x60641)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140))
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r6)

6.191850335s ago: executing program 7 (id=4676):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
openat$nullb(0xffffffffffffff9c, 0x0, 0x42000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r2 = socket(0xa, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000540)={0x0, 0x19, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000400)={r8, 0x0, 0x0, 0x0, 0x0, [<r9=>0x0], [0x0, 0x0, 0x400000, 0x5], [0x1000, 0x0, 0x0, 0x80], [0x0, 0xfffffffffffffffd, 0x800000000, 0x3]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000100)={r9, 0x0, <r10=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r10})
close_range(r2, 0xffffffffffffffff, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, r11)
sendmsg$DEVLINK_CMD_RATE_GET(r12, 0x0, 0x20004001)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010080000000f90f000000"], 0x14}, 0x1, 0x0, 0x0, 0x2805}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240), 0xc, &(0x7f0000000280)={&(0x7f00000005c0)={0x1f4, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x800}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8e5}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100}]}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6b7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x290}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x475}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9f82}]}, @TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffffffffffff}, @TIPC_NLA_NET_ADDR={0x8}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffff7}]}, @TIPC_NLA_SOCK={0x40, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x800}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x200}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xa}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x800}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}]}, 0x1f4}, 0x1, 0x0, 0x0, 0x10}, 0x240c000c)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r13, 0x8933, &(0x7f0000000200)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_STATION(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x200008c1}, 0x10018890)

5.066909715s ago: executing program 3 (id=4680):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x300, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @random="15714bc789a3"}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)

4.867319775s ago: executing program 6 (id=4682):
socket(0x80000000000000a, 0x2, 0x0) (async, rerun: 32)
socket$inet6(0xa, 0x1, 0x8010000000000084) (async, rerun: 32)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84) (async, rerun: 64)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x22d81, 0x0) (rerun: 64)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc004ae0a, &(0x7f0000000040)) (async, rerun: 32)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, 0x0, &(0x7f00000000c0)) (rerun: 32)
ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000100)) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000300)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @broadcast}, @redirect={0x5, 0x0, 0x0, @private=0xa010102, {0xa, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x1}, {[@rr={0x7, 0x13, 0x0, [@multicast2, @private, @broadcast, @dev={0xac, 0x14, 0x14, 0xc}]}]}}}}}}}, 0x0) (async, rerun: 64)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0) (async, rerun: 64)
r5 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000100)={'fscrypt:', @desc2}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$set_timeout(0xf, r5, 0x100000001)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000b80)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x46d, 0xc623, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x10, 0xf, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x1, 0x0, 0x2, {0x9, 0x21, 0xabe, 0xac, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xe9, 0x3}}}}}]}}]}}, 0x0) (async)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000640)=0x8000) (async)
r6 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r6, 0xc04c5349, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, 0x0, 0x0) (async, rerun: 64)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) (async)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x2710, &(0x7f0000000600)=""/102389, &(0x7f0000000000)=0x18ff5) (async)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

4.315942964s ago: executing program 7 (id=4683):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = add_key(0x0, &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0x20, r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
add_key(&(0x7f0000000140)='.dead\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffa)
r3 = socket(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040))
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000001c0)={{@host, 0x6}, @host, 0x0, 0x2000000, 0x4, 0x2, 0x0, 0x3ff, 0x5})
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000100)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e, 0xfffffffffffbfff9, 0x6, 0x2000})
add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f", 0x91, 0xffffffffffffffff)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x60641)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140))
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r6)

4.280418506s ago: executing program 9 (id=4684):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv4_deladdr={0x2c, 0x15, 0x1, 0xfffffffd, 0x0, {0x2, 0x1f, 0x0, 0x0, r1}, [@IFA_LABEL={0x14, 0x3, 'veth0\x00'}]}, 0x2c}, 0x1, 0x10000000000}, 0x0)

4.105149681s ago: executing program 3 (id=4685):
creat(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x3, 0x20000403, 0x0, 0x0, 0xd, 0x1}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r4 = dup2(r3, r0)
fcntl$lock(r0, 0x6, &(0x7f0000000240)={0x1, 0x1, 0x7, 0x3, r2})
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6000000800303afffe8000000000000000000000000000aaff0200000000000000000000008000018700907800000025fe8000000000000000000000000000aa0e02000000000000000000000000000101012024b07f3c580c45590b606154b9c1a4062d37ca9f9f9e281c13dc90babea0cff09ca43b818ce9aa283ccb0eb8a27d67c9"], 0x0)
symlinkat(&(0x7f00000000c0)='./file0\x00', r4, &(0x7f0000000100)='./file0\x00')
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x7)
syz_open_pts(r5, 0x1)

3.812006046s ago: executing program 9 (id=4686):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/diskstats\x00', 0x0, 0x0)
r3 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r4=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_open_procfs(0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x8004)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TCXONC(r6, 0x540a, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TIOCMSET(r7, 0x5418, &(0x7f0000000140)=0xfffffdfb)
ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000000)={0xffffffff, 0xc9a, 0xfffff001, 0x6, 0x18, "5cadf0fa59ebc3cef90ac43c5c135252e5d962"})
ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000040)={0x5, 0xf7af, 0x8000, 0x8, 0x0, "4cb8b210acdc716f64cf76062d59a56f2584c4"})
preadv(r2, &(0x7f0000000500)=[{&(0x7f0000000200)=""/147, 0x93}, {&(0x7f0000000180)=""/43, 0x2b}, {&(0x7f0000000300)=""/50, 0x32}, {&(0x7f0000000380)}, {&(0x7f00000003c0)=""/126, 0x7e}, {&(0x7f0000000440)=""/160, 0xa0}, {&(0x7f0000000700)=""/252, 0xfc}], 0x7, 0x7, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="68000000480001002dbd7000fcdbdf250a002000", @ANYRES32, @ANYBLOB="040000001400010020010000000000000000000000000001080002"], 0x68}}, 0x460400e4)
io_uring_enter(r3, 0x627, 0x4c1, 0x43, 0x0, 0x30)

3.811695469s ago: executing program 3 (id=4687):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
r2 = syz_open_procfs(0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000300)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
bind$packet(r3, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0xff, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
preadv(r2, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1, 0x35, 0x88)

3.765052229s ago: executing program 6 (id=4688):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x6c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x2000, {0x1000000, 0x0, 0x0, 0x40008, 0x0, 0x13, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "6c1ca43f8539f3d3a89637f0374c72a964a0193b3e8772c9b700000000005a9cd83fdfb006ac00", "24431a1e77a68e174f000000000000000010e200", [0x1f00000000000000]}})
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x40008, 0x2, 0x0, 0x0, 0x10, 0x4, "995e4c8b0ba6f8ed413b1ee5f3a7c862bbf64092868fd6943a428277be3c0fd8c867f86e662e0c2dd39186b32ee0690c16eb180e81ed3e5e2ebe64446497c2fc", "a6fafe5554ac900cc641df63c82e3d2347ef4230f37485c698954b3d8be9b663e59116e54ef137506743aa54d43eeef70999ee41524cf2aef5653e90d68d5ac5", "0286bcec3e402f381e7bfd123ec7d0d13d4c50ed000000000500", [0x0, 0x9]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x21, 0x0, 0x1, 0x800, 0x2, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x2}, 0x50)
writev(r3, &(0x7f0000000080)=[{0x0}], 0x1)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0xfffa, 0xfff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}]}, &(0x7f0000000540)=0x10)
syz_genetlink_get_family_id$nl80211(0x0, r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r4, 0x0, 0x4000004)

3.272344067s ago: executing program 3 (id=4689):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x4f)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getrlimit(0x1, &(0x7f0000000000))
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x6)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x14, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}}, 0x14}}, 0x20004050)
r5 = openat2$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x20100, 0x119, 0x21}, 0x18)
faccessat(r5, &(0x7f0000000340)='./file0\x00', 0x140)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="66baf80cb8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36263e660f381efc660f7c150c000000b805000000b9210000000f01c1c4e17929d8", 0x51}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000240)=ANY=[])
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x8, @empty, 0x3}, 0x1c)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0xd, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.095066368s ago: executing program 8 (id=4690):
r0 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {0xf000, 0xffff}, {}, {0x6}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000400)=@ethtool_cmd={0x4d, 0x2, 0xffbf, 0xffff, 0x7, 0x6, 0x40, 0x80, 0x5, 0xb4, 0x5, 0x81, 0x6, 0x2c, 0x40, 0x8, [0x8, 0xc]}})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f00001ba000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x1a, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f00001b0000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="f00fc7484d36f08266060266b9800000c00f326635000400000f308bc1de780066b9aa0200000f322e0f01cf66b9ab0900000f32f2f031b3e759dc2c", 0x3c}], 0x1, 0x9f6a364b3fac2a63, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
getdents64(r6, &(0x7f0000002f40)=""/4098, 0x1002)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x84})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

2.616162375s ago: executing program 6 (id=4691):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f00000012c0)=' ', 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000fecc23f0493e1dbc253cbf708be707000100002c1000000a00"], 0x20}}, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000340), r0)

2.279977301s ago: executing program 3 (id=4692):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffd, 0x208280)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300042e010203010902120001000000000904"], 0x0)
ioctl$EVIOCRMFF(r0, 0x550c, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)

2.251735349s ago: executing program 6 (id=4693):
syz_io_uring_setup(0x595, &(0x7f0000000000)={0x0, 0x78aa, 0x400, 0x2, 0x25f}, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
quotactl_fd$Q_SYNC(r0, 0xffffffff80000100, 0x0, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000040), 0x7, 0x0)
ioctl$VIDIOC_G_AUDIO(r1, 0x80345621, &(0x7f0000000000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x20880)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
exit(0x10)
r3 = socket(0x15, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
utime(0x0, 0x0)
connect$l2tp6(r3, &(0x7f0000000740)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x17}, 0x7}, 0x20)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x96}, 0x1c)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f00000000c0)="d10ce2cad61592dfd3ea7e43f2481bb4614e66f85d69ca6c3ebc72a3e06f1cca4caf0b470013b8d3a790666d81b4e536bb03ae75b4", 0x30)
ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f0000000400))
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000500)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0xc, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

2.120076751s ago: executing program 8 (id=4694):
r0 = syz_open_dev$vcsa(&(0x7f0000000080), 0x16000000000, 0x80042)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x80, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}]}, 0x80}, 0x1, 0x0, 0x0, 0x4}, 0x4040000)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x10001, 0x9, 0x0, 0xab5})
write$cgroup_int(r0, &(0x7f0000000400)=0xb, 0x12)

2.07576302s ago: executing program 7 (id=4695):
unshare(0x22020400)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r1, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x2000c044)

1.800048518s ago: executing program 8 (id=4696):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x40094)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000400800000000002e00000008000300", @ANYRES32=r1, @ANYBLOB="05003400820000001800490005ac0f0009ac0f0009ac0f0008ac0f0003ac0f"], 0x3c}}, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000100), 0x0)

1.798929203s ago: executing program 9 (id=4697):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000100), 0x0, 0x20040004)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'veth0_to_bridge\x00', &(0x7f0000000840)=@ethtool_rxnfc={0x29, 0xc, 0xff, {0x2, @ether_spec={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 0x5}, {0x0, @random, 0xfed3, 0x7ff, [0xffffffff, 0x8a]}, @hdata="57c2789751f267b8cce31cc3a9c5c23dd6013a173b13c4b2d34ea6dfec509d1dd34177b339ba036633c45cf2184f79b4c60eb33f", {0x0, @local, 0xe0c, 0x1, [0x8, 0x5]}, 0x2, 0x7}}})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000044c0)=[{{&(0x7f0000000240)=@abs={0x3, 0x0, 0x4e22}, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000140)="cd69f505bdc5a5c5d2676cd3efa6d5eaadde1727266e035358cd1b4731aff9beeedc", 0x22}, {&(0x7f00000002c0)="060dc19e71f91a3ccaa4bcb953c00182c85ab94f5690e602c35cfea2e3c21eea44e516b946f503e0cbf924194db98cb6760aa781831be35ef000e18f515f53174263c329c4148c232e41222759e54cd7be08763ee9314f2486", 0x59}, {&(0x7f0000000340)="d05f009df18866920b20a3050da42b8daee849edd7a694545a763da132575aba0cce6ca29b0720ea09a6e607c8f5480e187a8f18f925afccb042ed62d4e0668b1333cc475ce7d09e7a1f62058900f7c2f7303813c0c5bcc84b42656f7d", 0x5d}], 0x3, &(0x7f0000002a00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r1, @ANYBLOB="000000001c000600000000000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32=r5, @ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32=r3, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32], 0xd0, 0x200400d0}}, {{&(0x7f0000002b00)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000003dc0)=[{&(0x7f0000002b80)="907f5c81e433e7e0dc097ab78d699a0f7db400fb61fcffb493df15c787e3b457ddae744cf83daba9fb2d932432ff3816e0be2233f45d764c2ed6c720dca0b0692b9c0401c91db22f3ad1b46f4f5356358b84e4cebefd8833b1e816fb1ec2327b62c6ddb40a5c263829be25ab8df36b6d6f9be6f900f8d1cd18411d44ff1051f19eec13df83b49ebc5284010c5e66da605d9783b687d550ec", 0x98}, {&(0x7f0000002c40)="a16b20f244390becf2cf383807e20ab979802d413efd13402fbb729330fd48e8c62a50743b5fc8a0513bf6610cff9265d8a33f34435b278b5cf2bbb379a57d264c8b9ab57f20a73c739d8cba78c01913882c094336963a518792cf8d3d5006dcb229652a539eeb19ecbd065513fbea7753c13ad74a829a264288ac2830eff48309cf868f4adc2df6ed5e35dd6640a713e20ee4ca85f658cdd652823da26cf35dcb37f2c5f4df2c0087a2723dfacfeb9dfad564e9", 0xb4}, {&(0x7f0000002d00)="c554025ff26329144d7c329e6d09deaf0d1a6040ae6364b12a145002de8bfb7f4d77869ed37525e3a61b165e3b02928ce2696ae04eb7b36463d5067ebd273214c59662d752c417160e10b448d9d5919ae16bda7c2f564a383c", 0x59}, {&(0x7f0000002d80)="ad09c2999f6961e5948e3888dae73f28cb74b82325922a9fddf6351a218a14c8979333f71aa5f6385a09599b97c5a642fe5bcdf873960822346d6d45667fe4168569db2c74b14fa6cce06f1cb0fce5554e1081c215f8219db3886c897ab71cbd4370d90dc71f4de876951980767424416c3ac15268b3b5df294d71efa85fb5d8684d5400a6fbffd9982619c8362b9ddee8f9b5d9e48fc064459596d52feb50f73d56988d47d4855bb21ba3b60b3cca00fc7a5683dba987e940ce6ca3ccdae6cdadeabddfab6e165ff541437978b2f70459bb3970cc46b43248cfa2b807d81b4e751bc0b4c0d7c7e02c7c8d7a844075b6e7e9c436158fb414068c95cc855d630b7d655a7669a06863afe03f60345a0666db10cfa04daac6871ebe4d5d3368dbab963b109f1c268afc6cf537535f219a65b9358047d79e5994f5ac8d5aa7f62b80a25cf250affa6b590e677b22e6d29fd65abf75c71f43ea88aeafeb2995312a26934b24c1f1d16ab5cdb0d0554fa40890f8a3397a5e0216aef476277e591ab35984c7624cae5b6e6859cecb983c34fa6a5789f490734388b95159402d516234e0147e340761765e4da1959b728859517a4bdb41b27904dada6ead061a09cc77a14b7f147cc56355b01a30c3f0ad9c6075178918b3cd09a4f4c635e8565c8796c2894f1306471fc8f2d4b4c300843fcae1435448c13c624904dbfc682b745aa45f8d0e43898b17eea67830a1e249b8fbd0155b146790c9e016c714916975845de4f1d78f1d18d44999fc43a1f37949c716ad28c8f2088706d9b31f599b28669f588deb4945de3975ac580dc29b6b5c3e055634f7d4bb8a779baf59a0b8651a324ddf1d58143180297f16e637c511d559f69b4c6f49531c7048ac03cbf1e0646c9f242c9b541f543b70b74e12be43ff5cb2b452bfd5e2b77da2d6c6143117204a7fd432b56942c2ea549ac075f12936b783f196414aff831412d50e1f162aa41694eb24e908d1c7ec516f872e7d8e2e0ee3dc0cd27d2f7b437ffe8b1f6c506374c9c26b8abeafcde33d1ae0fe1f81f9657ebb3f29f89607830d876a8af2ecd5360737dbe28f95c2bdfb207eb273683e5aa1d9e3911e3212012e75e4d36dbc2f85a9bbd23bbfd6a729d5580a8d0a1c6c89b79f2a475c63cd0691699ffca8cb95983c326edd88c9d0683355419adddb9d1d874151225fd4934e7c38edd948f9ce68bb6ab0aa617424ed277befbad4136b800e5eafbda6bff708473e64436a2eec80ef31abeb8c6fde18dd3de4562b127bc926d4a47372f279e9301d45a9bab46f7fff0fa7a26fd04e108c0a52e9fa04b7f6a43e49fad5ad2c4a980386ea0b22545d4bcf1557321c6a39e2c3a5646fba32340f38249e470be875e1c897068798418793aa3f5981d89ee39c4dc9245ca04acdcb52b7fcfd02378734965b0d4f81b6da7afdf0478b6ff55425a322dd124b3d4f81e3788d5c94709c2ca92798bc40dfe0a521ee60578287c31b5e38d580091da49c33d38608c97b9cef0b4160ea91b22e1307b3318f7b2cbfdb462c9f81e89676db917a2f19ea12d54430be6d0e3880fdaa9585dbad76c33ac6acd9d02200f59f7d177e183b2b553bb53b0d592f59714f72e5eecdd67a0891048adf57bdb4f5032e18f99ef41376b7ccfd967f7f91b2d356121eea51ac6725413ddfe11417f275d633067c5ef947e9c0e5aa0a4e153705d6c2975e2c55d6ac617e3a4cfbe17b4af9973e5eaa4e8db2e5e68e9745d327d1583bd378be9c47582d30db554a86f4f43ce56a153c385541b96362fa3b7deacaa2fd08213ec0ec8b22f40c4c36863939cb103e3b470e84072a34c23908b662d23ba6cc815f2380c20cb4d8a427ea4ec2bdb2f46b90d2c507c1a77ea425e47de66708bd9135d5acb8b6cf0960e2e3f731ea5230acc796ff394646d01e8b561e9eaeb7730ac5dba80ef5c3e331d54d9222d68e26a30ec078f2afab80478c52859f5a50533eefe3542b94bfc917759be228ef9c2d4a30a3819afba4878823524c32359cf58167c47caa0d0e97745a1cae3915a8357dbfe4fbe45e2f1727dae380aee086de68f183e76f65af9f7f1eba964563867f3d1e235d1deac5c2a57ae8616b7ca482cacd89676af0c93cbaaac09d4ea6fdae466b3885787572d9950aba06f403e488d9e58a49e14b0c4c5dfff3748f09ebf8ddce6b0b848fa8df176e8be38508e0677157b14866cad09832f43aeb710a5f44148c4798628aa3ba5f3c6872e16dfd0b75432eb562558acbdb456fb148381f04bb946d5de04e12dc59e299bd712eda9abc1cbdeb25dc6924e36ac9a6a0822745cf9e3578d5b81d5b9f71b42e3843c4ee7e2596839451e8800150a9f622d22dd65b086a7f4436d51fb3a927c9f52fa3cebcc65c635de127440870bac928c3b0cc0f6c7a99c0dacb7ba5addb1a59ce9a84e2f4831ec19038ff3a28d082fdc65f9f1a9347bf9caa7309ced88f0a082b515356b827b562a8ca1d7f5a6feb9084754277de444033678649bb4c5c94f461c5e800f2d35ec6b65553eeadfd2fdc270a60e7d32d740ac7f5179b7236f84b51a04a2433a5176c03caf4daf8ead6dd1c473f12bfe4642d4c5968dd051c0c44acded803b0d4a0c59265f905e5315caec6d81247ae996f6fc6b78507582f3954464040427b80f87fd55a5e13e01cd388826d15e1caa0c515599fa22c9acc9be1464fa8a5f21ff7848990c2838abf77ebeb382f7f50eb9d443cd08da6e5cd905e2a90bf0b31b422361440360296a058b44860509652c596a9a4b246cf5e8f5977e037ba91eb15898f83bdfd51f23ffdf0e8f53e92a26c75ce6d117f8c8cae6fdd4e199d8efde872535b738a7e69bab7faa4589c84f93ac1b0062f5240d2a7a1212d7af7aa3b5aee4d42fefba4d8fa96aa9c9742a7e4edb7bcf6cd7d2dd12dab0f630672526aba9cd9ba66753555087c5cd1d1de684891c20132c66f6ec25a5652819f110d9b264f54f78914129ea36ab3415a24433b354c16376cfb03bfec2560934eb1f8d2f87bbb7b131484facdbf433f3e1d0fae86058827b472cd9fc4a1db69eade6d93120790e6f2d19767853ea6418b6335ed8b81822844f0ffebfca0e4e8f7ae73ae064ef2cf07abd2169616c87e2f4c53788e957048f19a189b5412878ee21c6c533dea7313c895b199042fdb9e260659c763ea41acdf5d6e06207841b5d77364282600c6b6ee12cf3683d0420b2475a5f87d2ca9297b2734a533afe79d721462e15c97a3d84b38c3fb9bd065d1f9896325d41bc819bda4a87ff25465452079372a03af48f4f608a5fd542a726e022005992a56464cc3354dc56010a7ae2427968ffdf46bcc4f46cadeaeeadac8c416f051dc5ab7db4045606f3297cc782a5a161699fc026b8b5aa801eec94d6af4358525460342b192ae86bbf31811e38a6250b4c5f309521b8f6ab775a1be23a8fd9e52f74054ea4ed0d7b373caea841a8e14098e5014e82149d53148ab67bdfb3f5d0d1e7514a9540f040150eb5c08be72c7d4710d6bcba7057a346edd94f5a4c3e70d18534412b6f42f7d34e6752a46ccf978bfe873d26e62e82e7d0c6379e556c34fc56b3c974394f79dc6e2fbd3cb30a75a1ab441ea5f7ebdd4fee7f847ed08672877063b551e1b96525412b09c8c8b7578ae639e86160e97e87ce33c5a83b31ca3a0d21d59748395546d31788c0c901eed0c7db2bad7419e087d5ab5ff4aa921d151aefb9b1f90187180cf1754bf6f524a3f2a9cb6d7e41e5b05dd3463bbd13f04ce55f3d0e9b92bd5adfe2c53dd46a03fc220bda826c8048f3750e9e3c2f2aae277c725cfc28952c40dc8225d34b699c5a14c37defe616e7a1d270b45a85ec94956a48880e42508c256a93eb66ff3115588d9f127bdd90ad1c1932b9b26ce204ed9f9341f3d75a43ed54a467ed41157f914a83a36e34d5cb5bcdb28008e7cb984fa4211b7c26e4ee4cf62f55b275804ca9db73a444215aa8eb38f602a1f1fa936f08bfd3284781912e78676da635a5ca513ea1a04eacfb49b822fb1d7a3e553d863f0107de48515b861bd9813cee7db43a467880b6b43b91824af3c9d01b1899c1ab5a62ee10be7d2b864f72814ad8a7e69f48646d3e28bb341e5a111dd2394266508435a5a806411af6a2255ddf2fc43b3164ae9d88fb77f001f6c2e74e3dfca96096c80dd738d649fdefe0e0a5981a8d6e29374158c6700afe890e7742507751f592778235ed1a111ea9f36a0bf746246581013da8c26f78ba41332ecf4195759ca8a84d64495feead276b5fe7782e542e24c50afa82d1adf946def7c72634e3a69928806bb00cf7fa65f428ea28648d50f2b3301989f9690361ff09a84652240b1618f544717fa7910971f9ce7f31a435b57a437feac88ef7b7c1a9e4a6775f857fdd1f91a4de982f85af8a39c5e12c1d6c37fe0ccb392c5c5377d6a9237a1aee1fecca063e180fb208208cda90ca3505ba006ac9fe0e6bab0ace5317bd60284a549a5616a35dfc6f2822e9d529c438a048f5a69f268e0f5ecc5a508fa969d15d170bf6c6de324b179ab79bf92d1eb4849c344c27c7c0bbf55de49b82c2ad357d17db2052dfee8d0c73c5056c66f47a0bc0fff5d42b9d67e464e5b07e0c343b83928f9cc0662d3f5b7f7f1798c34db771673b04ddad3cc4ed3b538a7a959f9ac67b20ed9016d3be302f1a2a51538059b724790ea75351ef68beb07a058ecdcec5d8f0f58095bf540cfec8ee4abdaeefc31d91e685e19d98da4acbeedbc35cd14787a941adc3c82d336fa502cf5447c1d328ee11f55cf09c4aaf8e9745d215955d28e86ed2eb182f5ba205ed66e5cd559e82641e24bf1950f5b4aa12776dffc2f4d8e247ec6b1c76d318b0f408d20e9ed9fa934751506b80f77c92513f02bff339a8273df7eaaca9e8dff938de33d3a049edcdb03268607d3ee17ad2b482eeba1ee77a550a94f346fb77df2f743aa93c7dd17519590e13fcd71d91a73ebedd550e4166a7fc1546841a09b2b4d0423775a03230188848663f362e66cd45957cae4e4975124db3f73ab4de2c09129522fdb40dcc79a41011c2374e966c7ad8a585ec3eb6befbb16470996c18cc615bb3334fd716a9c7f01e69a5301d883fd0333b886b6af63fd5c03ac0459aa356fa277b061c92a3c47f71c16412576c38f447fe5b0bb959c20244fb023ed878cfaa5f66880058f1e8cc541b915aabae33c919c86ba787a88fa456aa6a77ae7881a91235786f2c5222a4ea143e94b2a5aa7021941eb70a24ec2fe88b0696f6dc17203edd6f719623f93116f8fd50b6925c484eb1c036b7d3fe4a6812856f6e45637ec7e4741f5234531900ae41b9dae6ecd452e38108378bbca6fa8324f9f766d102e77dadf3e7f5ce8a249540745a325e3a23948cac28f6e6ba838dd9fdba5fea644a013a82959cea0e6ffc88a979aecbcfca90159f2e1f59829d1e460c4402d37f52b146ec248ada892948d57f1c96c8a58736c5df73e70fe53f79e92457b65b7d87b4a2c36038a36caabd7623d01548f684edf626fa22baa82db1e08e4cb8bfb95dff12d41a60ad23f1bdb9c2b8de078d69254f88f5e9979820510a5a48f65be2a8dce60d9e0d9a1d3d30f526567a3bee8a69cd21b0ca25fad22d73e3a781f9f24204ccfcc8ff81eccc233a853e4cae2cb58bf647d0791f016062aaf34e1d88299ddd442444dc83079b5dd72f71e5b36341bccd56673e9f7f8fd3b702bdd3c8fb633cee145f88dc2827f1ffb74b366990f62125c521efe07b240d6549ad2", 0x1000}, {&(0x7f0000003d80)="a7d825a6c5b5f5737c26f44c06ed2d91e68f8b4d79031ed456b6457d8edd", 0x1e}], 0x5, &(0x7f0000003e80)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r4, @ANYBLOB="0000000024008700000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x68, 0x41}}, {{&(0x7f0000003f00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004040)=[{&(0x7f0000003f80)="c52f1a9e379c1a6d47258755405112980bdf8cbeecd55f9de575ec9a89423c662e277c1d54eb2b2094fc2db7094d1435ca761fcf040ac50b17b1b0a7be1f6f0ae5ab645ebc0c1da3c1a2b45d1872b8fe62946e9a62f103c26b01c5ba35cb0c4b9ae22bdd31b61a7ac6", 0x69}, {&(0x7f0000004000)="45f214ec61", 0x5}], 0x2, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32=r4, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c2a0c000000000000de610000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r3], 0x88, 0x4004000}}, {{&(0x7f0000004180)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000042c0)=[{&(0x7f0000004200)="a6fbf4091a47c9b99bcb3bca2125b2471f17aa7259708cc27d6a2e0a0497affdf4b371cb44f50ee0ccc5cbdf32016aa54dbf97d4b581ac8ddde54562fc275764f10acf23544ee1227cb378ca99a45ebbcc3aaa90735002a715f2c37d2f9ffc41630d5f0b3e747f34aeecabc7f0b4ee925c55c24c5ac9d36f935a0f11b23eb2720cc5b142cc3437a92584ecdee9e73e1570518fe70918a2d6111d", 0x9a}], 0x1, &(0x7f0000004400)=ANY=[@ANYBLOB="1c0000d077be84fee9e6fb87b40d7b00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r4], 0xb0, 0x4000000}}], 0x4, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sendmsg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x10000, 0x8, 0x9, 0x3}, 0x0)
listen(0xffffffffffffffff, 0x3)
close(0x3)
socket(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_int(r7, &(0x7f00000000c0)='cpu.weight\x00', 0x2, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000080)=ANY=[@ANYBLOB="2b637075a0"], 0x5)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r9, &(0x7f0000000180)='cpu.weight\x00', 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
write$cgroup_subtree(r8, &(0x7f00000001c0)=ANY=[@ANYBLOB="2d4b047520"], 0x5)
unshare(0x2a020400)

1.704605498s ago: executing program 7 (id=4698):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000004c0)=ANY=[], 0x34c}}, 0x8090)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000ac0)=ANY=[@ANYBLOB="12011001a0b4c41058044a70553a01020301090212000100000000090415d4fc4c04c000"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000180)=0x8, 0x4)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r2, r3, r2}, &(0x7f0000000340)=""/83, 0x53, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000000)={0x4070, 0x6, 0x1}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r4, 0x2, &(0x7f0000000080)={0x2, 0xff}, 0x0)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r5, 0xc0d05640, &(0x7f0000000500)={0xa, @pix_mp={0x4, 0x6, 0x35315258, 0x3, 0x1, [{0x3, 0x3}, {0x311, 0x8001}, {0xffffefff, 0x8000}, {0x100, 0x80}, {0x7, 0x77}, {0x5, 0x5}, {0x0, 0xc3}, {0x2, 0xa}], 0x52, 0x3, 0x6, 0x1, 0x3}})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20000000)
sendmmsg$inet6(r6, &(0x7f0000000780)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x0, @loopback, 0x9}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000380)="8f", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="140000000000000029000000080000003e010000000000001400000000000000290000003e0000003ec5000000000000200000000000000029000000360000001d00000000000000050205270401000024"], 0x78}}], 0x2, 0x3404c8d4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x86000, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16=r6], 0x1000f)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000a00ecff0800010073797a300000000074000000160a010100000000000000000a00000008000740000000014000038008000140000000002c000380140001006e657464657673696d300000000000001400010076657468305f766c616e00000000000008000240000000070900010073797a3000000000090002"], 0xbc}}, 0x0)

1.257016412s ago: executing program 9 (id=4699):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
bind$packet(r4, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
bind$packet(r3, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0xff, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
preadv(r2, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1, 0x35, 0x88)

1.106920875s ago: executing program 6 (id=4700):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x80)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
madvise(&(0x7f000072d000/0x4000)=nil, 0x4000, 0xd)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = io_uring_setup(0x57e7, &(0x7f0000000500)={0x0, 0x35d5, 0x0, 0xfffffffe, 0x293})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f0000282000/0x4000)=nil, 0x4000, 0x1000, 0x7, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f00000003c0)={0x7, 0x0, &(0x7f0000000200)=[{&(0x7f0000000680)=""/4086, 0xff6}], 0x0, 0x1}, 0x20)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0)
dup(r5)
fallocate(r0, 0x0, 0x0, 0x71ffd)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r7 = accept4(r6, 0x0, 0x0, 0x0)
recvmsg$can_raw(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000), 0x2, 0x0, 0xfffffffffffffec4}, 0x20)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b40)=ANY=[], 0x100}, 0x1, 0x0, 0x0, 0x24044001}, 0x4000880)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000", 0x42}], 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000001000000000c0000000c00000004000000090000000000000a0000000000610000"], &(0x7f0000000400)=""/47, 0x28, 0x2f, 0x1}, 0x28)
add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f0000000280)={0x0, "219e0b04147ac9cc03350efab193c2f1a142454307941eeaa97bbc101b9e382557ca76edd4573edd50b772dcebd58e15b599cdf19d9d4f9ceb4a877b65afc88c", 0x3d}, 0x48, 0xfffffffffffffffe)

986.21408ms ago: executing program 9 (id=4701):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
fsopen(&(0x7f0000000300)='befs\x00', 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$random(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1, 0x4})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = syz_io_uring_setup(0x8d0, &(0x7f00000000c0)={0x0, 0xc48a, 0x800, 0x3, 0x80000000}, &(0x7f0000000240)=<r5=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47ba, 0x3e80, 0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1c3880, 0x0)
connect$unix(r0, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)

799.998565ms ago: executing program 9 (id=4702):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
fsopen(&(0x7f00000003c0)='omfs\x00', 0x0)
fsopen(&(0x7f0000000580)='overlay\x00', 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x16\x00'}]}, 0x1c}}, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000000)=0x3)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x50, 0xff, 0x0, 0xffeffffd}]})
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000280)={0x4, 0x0, 0xb51b, 0x10}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x7c, 0xc2, 0x54, 0x8, 0x112a, 0x5, 0xbe68, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1f, 0x0, 0x2, 0x97, 0xde, 0xbe, 0x0, [], [{{0x9, 0x5, 0x3, 0x0, 0x20, 0x7, 0xff, 0x80}}, {{0x9, 0x5, 0x8, 0x1, 0x3ff, 0x6, 0x0, 0x8}}]}}]}}]}}, 0x0)

419.917037ms ago: executing program 8 (id=4703):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0xfffe, &(0x7f0000000040)={&(0x7f0000000880)=@allocspi={0x144, 0x16, 0x1, 0x0, 0x0, {{{@in=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x8c1, 0x0, 0xa0, 0x0, 0xc, 0x0, 0xffffffffffffffff}, {@in6=@local, 0x20000, 0x32}, @in=@local, {0x2, 0x0, 0x800000000, 0xfffffffffffffffe, 0x8, 0x0, 0x0, 0xf}, {0xfffffffffffffffe, 0x3, 0xa}, {0x0, 0x21}, 0x70bd28, 0x0, 0xa}, 0x0, 0xfffffffe}, [@algo_auth_trunc={0x4c, 0x14, {{'sha3-224-generic\x00'}, 0x0, 0xc0}}]}, 0x144}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

289.325048ms ago: executing program 8 (id=4704):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000a40)={'ip6tnl0\x00', &(0x7f00000009c0)={'syztnl0\x00', 0x0, 0x4, 0x6, 0x2, 0x4, 0x31, @mcast2, @mcast1, 0x7, 0x10, 0xe03, 0x1}})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x16c}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000002c0)={'\x00', 0x7, 0x6, 0xc7, 0x5, 0xfffffffffffeffff, <r5=>0x0})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={'\x00', 0x401, 0x8, 0x1, 0x6, 0x5, <r6=>r5})
r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$setsig(r7, 0xa, 0x2d)
fcntl$getflags(r7, 0xb)
fcntl$lock(r2, 0x24, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x2, r6})
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6000000000142c00fe800000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000c1e94a0b"], 0x0)

0s ago: executing program 3 (id=4705):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = add_key(0x0, &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0x20, r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
add_key(&(0x7f0000000140)='.dead\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffa)
r3 = socket(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040))
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000001c0)={{@host, 0x6}, @host, 0x0, 0x2000000, 0x4, 0x2, 0x0, 0x3ff, 0x5})
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000100)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e, 0xfffffffffffbfff9, 0x6, 0x2000})
add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f", 0x91, 0xffffffffffffffff)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x60641)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140))
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r6)

kernel console output (not intermixed with test programs):

0x163/0x1a0
[ 1293.745968][T21763]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[ 1293.745992][T21763]  ? rcu_is_watching+0x15/0xb0
[ 1293.746020][T21763]  ? do_syscall_64+0xbe/0x3b0
[ 1293.746046][T21763]  do_syscall_64+0xfa/0x3b0
[ 1293.746067][T21763]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1293.746087][T21763]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1293.746106][T21763]  ? clear_bhb_loop+0x60/0xb0
[ 1293.746129][T21763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1293.746155][T21763] RIP: 0033:0x7fd490f8e9a9
[ 1293.746174][T21763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1293.746190][T21763] RSP: 002b:00007fd491eda038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 1293.746211][T21763] RAX: ffffffffffffffda RBX: 00007fd4911b5fa0 RCX: 00007fd490f8e9a9
[ 1293.746225][T21763] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[ 1293.746236][T21763] RBP: 00007fd491eda090 R08: 0000000000000000 R09: 0000000000000000
[ 1293.746247][T21763] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1293.746259][T21763] R13: 0000000000000000 R14: 00007fd4911b5fa0 R15: 00007fd4912dfa28
[ 1293.746287][T21763]  </TASK>
[ 1294.023414][T21736] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1294.119270][ T5968] usb 9-1: bad CDC descriptors
[ 1294.290844][T21736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1294.435466][T21736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1294.640308][T10736] usb 9-1: USB disconnect, device number 13
[ 1295.808273][T21800] netlink: 104 bytes leftover after parsing attributes in process `syz.8.4264'.
[ 1296.003206][T21806] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4263'.
[ 1297.487608][T21835] syzkaller0: entered promiscuous mode
[ 1297.529927][T21835] syzkaller0: entered allmulticast mode
[ 1297.599914][ T5921] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 1297.792595][ T5921] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1297.839151][ T5921] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1297.915618][ T5921] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1298.011246][ T5921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1298.045946][T21846] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(4)
[ 1298.052651][T21846] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1298.091773][T21832] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1298.104015][T21846] vhci_hcd vhci_hcd.0: Device attached
[ 1298.136387][ T5921] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1298.360136][ T5907] usb 47-1: new high-speed USB device number 2 using vhci_hcd
[ 1298.686170][T21848] vhci_hcd: connection reset by peer
[ 1298.705808][ T1102] vhci_hcd: stop threads
[ 1298.735606][ T1102] vhci_hcd: release socket
[ 1298.742872][ T1102] vhci_hcd: disconnect device
[ 1299.283478][T21876] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4280'.
[ 1299.479893][T20249] usb 4-1: USB disconnect, device number 58
[ 1299.614395][T21887] program syz.6.4282 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1299.647976][T21887] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4282'.
[ 1299.690479][   T30] audit: type=1326 audit(1753380726.853:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21888 comm="syz.3.4283" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd490f8e9a9 code=0x0
[ 1299.747813][T21887] program syz.6.4282 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1301.007742][T21921] FAULT_INJECTION: forcing a failure.
[ 1301.007742][T21921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1301.053386][T21921] CPU: 0 UID: 0 PID: 21921 Comm: syz.6.4288 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1301.053423][T21921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1301.053444][T21921] Call Trace:
[ 1301.053454][T21921]  <TASK>
[ 1301.053466][T21921]  dump_stack_lvl+0x189/0x250
[ 1301.053501][T21921]  ? __pfx____ratelimit+0x10/0x10
[ 1301.053529][T21921]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1301.053555][T21921]  ? __pfx__printk+0x10/0x10
[ 1301.053599][T21921]  should_fail_ex+0x414/0x560
[ 1301.053630][T21921]  _copy_to_user+0x31/0xb0
[ 1301.053664][T21921]  simple_read_from_buffer+0xe1/0x170
[ 1301.053700][T21921]  proc_fail_nth_read+0x1df/0x250
[ 1301.053726][T21921]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1301.053751][T21921]  ? rw_verify_area+0x258/0x650
[ 1301.053779][T21921]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1301.053802][T21921]  vfs_read+0x200/0x980
[ 1301.053837][T21921]  ? __pfx___mutex_lock+0x10/0x10
[ 1301.053864][T21921]  ? __pfx_vfs_read+0x10/0x10
[ 1301.053894][T21921]  ? __fget_files+0x2a/0x420
[ 1301.053924][T21921]  ? __fget_files+0x3a0/0x420
[ 1301.053942][T21921]  ? __fget_files+0x2a/0x420
[ 1301.053972][T21921]  ksys_read+0x145/0x250
[ 1301.054003][T21921]  ? __pfx_ksys_read+0x10/0x10
[ 1301.054039][T21921]  ? do_syscall_64+0xbe/0x3b0
[ 1301.054068][T21921]  do_syscall_64+0xfa/0x3b0
[ 1301.054092][T21921]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1301.054115][T21921]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1301.054137][T21921]  ? clear_bhb_loop+0x60/0xb0
[ 1301.054165][T21921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1301.054186][T21921] RIP: 0033:0x7f569d18d3bc
[ 1301.054229][T21921] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1301.054248][T21921] RSP: 002b:00007f569e09f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1301.054272][T21921] RAX: ffffffffffffffda RBX: 00007f569d3b6080 RCX: 00007f569d18d3bc
[ 1301.054288][T21921] RDX: 000000000000000f RSI: 00007f569e09f0a0 RDI: 0000000000000004
[ 1301.054301][T21921] RBP: 00007f569e09f090 R08: 0000000000000000 R09: 0000000000000000
[ 1301.054315][T21921] R10: 0000000000000046 R11: 0000000000000246 R12: 0000000000000001
[ 1301.054337][T21921] R13: 0000000000000001 R14: 00007f569d3b6080 R15: 00007f569d4dfa28
[ 1301.054370][T21921]  </TASK>
[ 1301.770654][T21930] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1301.834620][T21930] syzkaller0: entered promiscuous mode
[ 1301.842043][T21930] syzkaller0: entered allmulticast mode
[ 1301.920912][T21938] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4293'.
[ 1301.964711][T21930] tipc: Resetting bearer <eth:syzkaller0>
[ 1302.007403][T21929] tipc: Resetting bearer <eth:syzkaller0>
[ 1302.115795][T21929] tipc: Disabling bearer <eth:syzkaller0>
[ 1302.379874][T10736] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1302.503553][T21956] cgroup: fork rejected by pids controller in /syz7
[ 1302.579728][T10736] usb 10-1: Using ep0 maxpacket: 32
[ 1302.595388][T10736] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1302.618551][T10736] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1302.679642][ T5968] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1302.691987][T10736] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[ 1302.748871][T10736] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 79, changing to 10
[ 1302.815835][T10736] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 34258, setting to 1024
[ 1302.869710][T10736] usb 10-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1302.880696][ T5968] usb 7-1: Using ep0 maxpacket: 32
[ 1302.894724][T10736] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1302.914855][ T5968] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1302.938416][T10736] usb 10-1: Product: syz
[ 1302.959436][ T5968] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1302.960201][T21917] Bluetooth: hci0: command 0x0406 tx timeout
[ 1302.976652][T10736] usb 10-1: Manufacturer: syz
[ 1302.978548][T21917] Bluetooth: hci6: command 0x0406 tx timeout
[ 1302.989180][T21917] Bluetooth: hci1: command 0x0406 tx timeout
[ 1302.997077][T21917] Bluetooth: hci4: command 0x0406 tx timeout
[ 1303.004564][T21917] Bluetooth: hci5: command 0x0406 tx timeout
[ 1303.040100][T10736] usb 10-1: SerialNumber: syz
[ 1303.052237][ T5968] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[ 1303.065453][T10736] usb 10-1: config 0 descriptor??
[ 1303.070875][ T5968] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 79, changing to 10
[ 1303.084078][T21946] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1303.128467][ T5968] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 34258, setting to 1024
[ 1303.156074][T10736] input: Generic X-Box pad as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/input/input67
[ 1303.387073][ T5968] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1303.412772][ T5968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1303.425293][ T5204] xpad 10-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1303.487924][T10736] usb 10-1: USB disconnect, device number 7
[ 1303.494226][    C1] xpad 10-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19
[ 1303.504617][ T5968] usb 7-1: Product: syz
[ 1303.515173][ T5968] usb 7-1: Manufacturer: syz
[ 1303.523703][ T5968] usb 7-1: SerialNumber: syz
[ 1303.578291][ T5968] usb 7-1: config 0 descriptor??
[ 1303.585955][T21955] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1303.589850][T20250] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1303.593978][ T5907] vhci_hcd: vhci_device speed not set
[ 1303.630195][ T5968] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input68
[ 1303.804447][ T5204] xpad 7-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1303.820613][T21955] FAULT_INJECTION: forcing a failure.
[ 1303.820613][T21955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1303.866416][T21955] CPU: 1 UID: 0 PID: 21955 Comm: syz.6.4297 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1303.866449][T21955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1303.866465][T21955] Call Trace:
[ 1303.866474][T21955]  <TASK>
[ 1303.866484][T21955]  dump_stack_lvl+0x189/0x250
[ 1303.866519][T21955]  ? __pfx____ratelimit+0x10/0x10
[ 1303.866546][T21955]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1303.866567][T21955]  ? __pfx__printk+0x10/0x10
[ 1303.866606][T21955]  should_fail_ex+0x414/0x560
[ 1303.866632][T21955]  strncpy_from_user+0x36/0x290
[ 1303.866659][T21955]  getname_flags+0xf3/0x540
[ 1303.866687][T21955]  do_sys_openat2+0xbc/0x1c0
[ 1303.866715][T21955]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1303.866738][T21955]  ? ksys_write+0x22a/0x250
[ 1303.866766][T21955]  ? __pfx_ksys_write+0x10/0x10
[ 1303.866790][T21955]  ? rcu_is_watching+0x15/0xb0
[ 1303.866818][T21955]  __x64_sys_openat+0x138/0x170
[ 1303.866849][T21955]  do_syscall_64+0xfa/0x3b0
[ 1303.866873][T21955]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1303.866896][T21955]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.866918][T21955]  ? clear_bhb_loop+0x60/0xb0
[ 1303.866945][T21955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.866966][T21955] RIP: 0033:0x7f569d18d310
[ 1303.866986][T21955] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1303.867003][T21955] RSP: 002b:00007f569e0bfb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1303.867039][T21955] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f569d18d310
[ 1303.867054][T21955] RDX: 0000000000000000 RSI: 00007f569e0bfc10 RDI: 00000000ffffff9c
[ 1303.867068][T21955] RBP: 00007f569e0bfc10 R08: 0000000000000000 R09: 0000000000000000
[ 1303.867082][T21955] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[ 1303.867096][T21955] R13: 0000000000000000 R14: 00007f569d3b5fa0 R15: 00007f569d4dfa28
[ 1303.867139][T21955]  </TASK>
[ 1303.870276][T20250] usb 9-1: Using ep0 maxpacket: 16
[ 1304.156152][T20250] usb 9-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1304.157377][ T5968] usb 7-1: USB disconnect, device number 8
[ 1304.173594][T20250] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1304.181794][T20250] usb 9-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1304.217185][T20250] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1304.324729][T20250] usb 9-1: config 0 descriptor??
[ 1304.816381][T20250] nzxt-smart2 0003:1E71:2009.0019: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.8-1/input0
[ 1305.242141][T20250] usb 9-1: USB disconnect, device number 14
[ 1305.641660][T14506] bridge_slave_1: left allmulticast mode
[ 1305.685902][T14506] bridge_slave_1: left promiscuous mode
[ 1305.701662][T14506] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1305.733115][T14506] bridge_slave_0: left allmulticast mode
[ 1305.740807][T14506] bridge_slave_0: left promiscuous mode
[ 1305.746791][T14506] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1306.027391][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1306.034024][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1306.358699][T22094] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4307'.
[ 1306.672517][T22103] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4309'.
[ 1306.794748][T19964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1306.807788][T19964] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1306.818789][T19964] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1306.828711][T19964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1306.839349][T19964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1307.375503][T14506] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1307.385729][T14506] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1307.401503][T14506] bond0 (unregistering): Released all slaves
[ 1307.417913][T22092] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4307'.
[ 1307.609248][T14506] tipc: Left network mode
[ 1307.613645][T22109] netlink: 'syz.8.4310': attribute type 10 has an invalid length.
[ 1307.757101][T22116] FAULT_INJECTION: forcing a failure.
[ 1307.757101][T22116] name failslab, interval 1, probability 0, space 0, times 0
[ 1307.780407][T22116] CPU: 1 UID: 0 PID: 22116 Comm: syz.6.4313 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1307.780438][T22116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1307.780451][T22116] Call Trace:
[ 1307.780461][T22116]  <TASK>
[ 1307.780470][T22116]  dump_stack_lvl+0x189/0x250
[ 1307.780501][T22116]  ? __pfx____ratelimit+0x10/0x10
[ 1307.780525][T22116]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1307.780549][T22116]  ? __pfx__printk+0x10/0x10
[ 1307.780584][T22116]  ? ref_tracker_alloc+0x318/0x460
[ 1307.780612][T22116]  should_fail_ex+0x414/0x560
[ 1307.780638][T22116]  should_failslab+0xa8/0x100
[ 1307.780671][T22116]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1307.780699][T22116]  ? skb_clone+0x212/0x3a0
[ 1307.780726][T22116]  skb_clone+0x212/0x3a0
[ 1307.780750][T22116]  __netlink_deliver_tap+0x404/0x850
[ 1307.780794][T22116]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1307.780824][T22116]  netlink_deliver_tap+0x19c/0x1b0
[ 1307.780853][T22116]  netlink_unicast+0x730/0x8e0
[ 1307.780892][T22116]  netlink_sendmsg+0x805/0xb30
[ 1307.780937][T22116]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1307.780989][T22116]  ? aa_sock_msg_perm+0x94/0x160
[ 1307.781015][T22116]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1307.781038][T22116]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1307.781070][T22116]  __sock_sendmsg+0x21c/0x270
[ 1307.781099][T22116]  ____sys_sendmsg+0x505/0x830
[ 1307.781126][T22116]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1307.781163][T22116]  ? import_iovec+0x74/0xa0
[ 1307.781198][T22116]  ___sys_sendmsg+0x21f/0x2a0
[ 1307.781220][T22116]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1307.781280][T22116]  ? __fget_files+0x2a/0x420
[ 1307.781299][T22116]  ? __fget_files+0x3a0/0x420
[ 1307.781330][T22116]  __x64_sys_sendmsg+0x19b/0x260
[ 1307.781354][T22116]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1307.781389][T22116]  ? __pfx_ksys_write+0x10/0x10
[ 1307.781415][T22116]  ? rcu_is_watching+0x15/0xb0
[ 1307.781447][T22116]  ? do_syscall_64+0xbe/0x3b0
[ 1307.781476][T22116]  do_syscall_64+0xfa/0x3b0
[ 1307.781497][T22116]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1307.781520][T22116]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1307.781541][T22116]  ? clear_bhb_loop+0x60/0xb0
[ 1307.781567][T22116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1307.781588][T22116] RIP: 0033:0x7f569d18e9a9
[ 1307.781608][T22116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1307.781626][T22116] RSP: 002b:00007f569e0c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1307.781650][T22116] RAX: ffffffffffffffda RBX: 00007f569d3b5fa0 RCX: 00007f569d18e9a9
[ 1307.781665][T22116] RDX: 0000000000040010 RSI: 0000200000000500 RDI: 0000000000000003
[ 1307.781679][T22116] RBP: 00007f569e0c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1307.781692][T22116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1307.781704][T22116] R13: 0000000000000000 R14: 00007f569d3b5fa0 R15: 00007f569d4dfa28
[ 1307.781736][T22116]  </TASK>
[ 1308.287892][T22120] Cannot find add_set index 0 as target
[ 1308.293760][ T5968] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1308.490248][ T5968] usb 10-1: Using ep0 maxpacket: 16
[ 1308.512137][ T5968] usb 10-1: config 1 has an invalid interface number: 105 but max is 0
[ 1308.570894][ T5968] usb 10-1: config 1 has no interface number 0
[ 1308.639542][ T5968] usb 10-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1308.670989][ T5968] usb 10-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1308.698615][ T5968] usb 10-1: config 1 interface 105 has no altsetting 0
[ 1308.759450][ T5968] usb 10-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1308.785658][ T5968] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1308.822615][ T5968] usb 10-1: Product: syz
[ 1308.827141][ T5968] usb 10-1: Manufacturer: syz
[ 1308.833397][ T5968] usb 10-1: SerialNumber: syz
[ 1308.838293][T14506] hsr_slave_0: left promiscuous mode
[ 1308.850494][T14506] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1308.864996][T14506] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1308.881370][T22114] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1308.888968][T22114] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1309.124923][T19964] Bluetooth: hci2: command tx timeout
[ 1309.199711][T20250] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1309.323520][T22114] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1309.353523][T22114] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1309.359757][T20250] usb 9-1: Using ep0 maxpacket: 8
[ 1309.404041][T20250] usb 9-1: config 0 has an invalid interface number: 31 but max is 0
[ 1309.426032][T20250] usb 9-1: config 0 has no interface number 0
[ 1309.446346][T20250] usb 9-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=be.68
[ 1309.479961][T20250] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1309.488058][T20250] usb 9-1: Product: syz
[ 1309.500059][T22140] FAULT_INJECTION: forcing a failure.
[ 1309.500059][T22140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1309.513397][T20250] usb 9-1: Manufacturer: syz
[ 1309.518066][T20250] usb 9-1: SerialNumber: syz
[ 1309.545429][T22140] CPU: 0 UID: 0 PID: 22140 Comm: syz.3.4319 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1309.545462][T22140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1309.545475][T22140] Call Trace:
[ 1309.545484][T22140]  <TASK>
[ 1309.545495][T22140]  dump_stack_lvl+0x189/0x250
[ 1309.545526][T22140]  ? __pfx____ratelimit+0x10/0x10
[ 1309.545551][T22140]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1309.545577][T22140]  ? __pfx__printk+0x10/0x10
[ 1309.545615][T22140]  should_fail_ex+0x414/0x560
[ 1309.545643][T22140]  _copy_to_user+0x31/0xb0
[ 1309.545676][T22140]  simple_read_from_buffer+0xe1/0x170
[ 1309.545723][T22140]  proc_fail_nth_read+0x1df/0x250
[ 1309.545748][T22140]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1309.545771][T22140]  ? rw_verify_area+0x258/0x650
[ 1309.545795][T22140]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1309.545811][T22140]  vfs_read+0x200/0x980
[ 1309.545840][T22140]  ? __pfx___mutex_lock+0x10/0x10
[ 1309.545866][T22140]  ? __pfx_vfs_read+0x10/0x10
[ 1309.545896][T22140]  ? __fget_files+0x2a/0x420
[ 1309.545920][T22140]  ? __fget_files+0x3a0/0x420
[ 1309.545937][T22140]  ? __fget_files+0x2a/0x420
[ 1309.545966][T22140]  ksys_read+0x145/0x250
[ 1309.545996][T22140]  ? __pfx_ksys_read+0x10/0x10
[ 1309.546023][T22140]  ? rcu_is_watching+0x15/0xb0
[ 1309.546057][T22140]  ? do_syscall_64+0xbe/0x3b0
[ 1309.546085][T22140]  do_syscall_64+0xfa/0x3b0
[ 1309.546108][T22140]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1309.546128][T22140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1309.546143][T22140]  ? clear_bhb_loop+0x60/0xb0
[ 1309.546163][T22140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1309.546184][T22140] RIP: 0033:0x7fd490f8d3bc
[ 1309.546206][T22140] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1309.546224][T22140] RSP: 002b:00007fd491eda030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1309.546247][T22140] RAX: ffffffffffffffda RBX: 00007fd4911b5fa0 RCX: 00007fd490f8d3bc
[ 1309.546264][T22140] RDX: 000000000000000f RSI: 00007fd491eda0a0 RDI: 0000000000000004
[ 1309.546275][T22140] RBP: 00007fd491eda090 R08: 0000000000000000 R09: 0000000000000014
[ 1309.546284][T22140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1309.546293][T22140] R13: 0000000000000000 R14: 00007fd4911b5fa0 R15: 00007fd4912dfa28
[ 1309.546317][T22140]  </TASK>
[ 1309.794638][T20250] usb 9-1: config 0 descriptor??
[ 1309.923242][T20250] redrat3 9-1:0.31: Couldn't find all endpoints
[ 1310.902131][ T5968] aqc111 10-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 1310.919949][ T5968] aqc111 10-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 1311.006535][T14506] team0 (unregistering): Port device team_slave_1 removed
[ 1311.097302][T14506] team0 (unregistering): Port device team_slave_0 removed
[ 1311.199811][T19964] Bluetooth: hci2: command tx timeout
[ 1311.795816][T20078] usb 9-1: USB disconnect, device number 15
[ 1311.989320][T22145] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1312.067892][ T5968] aqc111 10-1:1.105 eth25: register 'aqc111' at usb-dummy_hcd.9-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 20:fc:94:45:3a:41
[ 1312.100269][ T5968] usb 10-1: USB disconnect, device number 8
[ 1312.101981][T22107] chnl_net:caif_netlink_parms(): no params data found
[ 1312.130299][ T5968] aqc111 10-1:1.105 eth25: unregister 'aqc111' usb-dummy_hcd.9-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 1312.232338][ T5968] aqc111 10-1:1.105 eth25 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1312.259810][ T5968] aqc111 10-1:1.105 eth25 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1312.300391][ T5968] aqc111 10-1:1.105 eth25 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 1312.781160][ T5968] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1312.786303][T20249] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1312.931685][ T5968] usb 10-1: device descriptor read/64, error -71
[ 1313.037181][T22107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1313.044721][T20249] usb 7-1: Using ep0 maxpacket: 32
[ 1313.054698][T20249] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1313.064978][T20249] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1313.080206][T22107] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1313.087491][T20249] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1313.097260][T22107] bridge_slave_0: entered allmulticast mode
[ 1313.104460][T20249] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1313.119775][T22107] bridge_slave_0: entered promiscuous mode
[ 1313.125830][T20249] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1313.157155][T22107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1313.170007][T20249] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1313.184918][T22107] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1313.192910][T22107] bridge_slave_1: entered allmulticast mode
[ 1313.199096][T20249] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1313.200887][ T5968] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1313.213629][T22107] bridge_slave_1: entered promiscuous mode
[ 1313.222832][T20249] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1313.271137][T20249] usb 7-1: config 0 descriptor??
[ 1313.280008][T19964] Bluetooth: hci2: command tx timeout
[ 1313.384601][T22107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1313.389767][ T5968] usb 10-1: device descriptor read/64, error -71
[ 1313.438810][T22107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1313.534115][ T5968] usb usb10-port1: attempt power cycle
[ 1313.574173][T20249] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1313.612004][T20249] usb 7-1: USB disconnect, device number 9
[ 1313.681373][T20249] usblp0: removed
[ 1313.788049][T22107] team0: Port device team_slave_0 added
[ 1313.844253][T22107] team0: Port device team_slave_1 added
[ 1313.879811][T20078] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1313.909738][ T5968] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[ 1313.954693][ T5968] usb 10-1: device descriptor read/8, error -71
[ 1314.066394][T20078] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[ 1314.079519][T20078] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1314.107167][T20078] usb 4-1: config 0 has no interface number 0
[ 1314.113713][T20078] usb 4-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30
[ 1314.124915][T20078] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1314.136702][T20078] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 239
[ 1314.153356][T20078] usb 4-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46
[ 1314.164086][T20078] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1314.179874][T20078] usb 4-1: Product: syz
[ 1314.184278][T20078] usb 4-1: Manufacturer: syz
[ 1314.188992][T20078] usb 4-1: SerialNumber: syz
[ 1314.222955][T20078] usb 4-1: config 0 descriptor??
[ 1314.247642][T20078] HFC-S_USB 4-1:0.117: probe with driver HFC-S_USB failed with error -5
[ 1314.292286][T22107] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1314.309717][T22107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1314.337677][T22107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1314.355282][T22107] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1314.398220][T22107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1314.448300][T22107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1314.495788][T20249] usb 4-1: USB disconnect, device number 59
[ 1314.979680][T20078] usb 9-1: new full-speed USB device number 16 using dummy_hcd
[ 1315.045721][T22107] hsr_slave_0: entered promiscuous mode
[ 1315.080512][T22107] hsr_slave_1: entered promiscuous mode
[ 1315.157255][T20078] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1315.173452][T20078] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 111, setting to 64
[ 1315.188846][T20078] usb 9-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00
[ 1315.199061][T20078] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1315.222437][T20078] usb 9-1: config 0 descriptor??
[ 1315.258615][T22203] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1315.339699][ T5968] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1315.394864][T19964] Bluetooth: hci2: command tx timeout
[ 1315.482907][T22203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1315.496226][T22203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1315.616028][ T5968] usb 10-1: Using ep0 maxpacket: 32
[ 1315.659823][T20078] rc_core: IR keymap rc-xbox-dvd not found
[ 1315.666116][T20078] Registered IR keymap rc-empty
[ 1315.678974][T20078] rc rc0: Xbox DVD USB Remote Control(045e,0284) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0
[ 1315.711223][ T5968] usb 10-1: config 0 has an invalid interface number: 35 but max is 0
[ 1315.741205][T20078] input: Xbox DVD USB Remote Control(045e,0284) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input69
[ 1315.773158][ T5968] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1315.816420][ T5968] usb 10-1: config 0 has no interface number 0
[ 1315.841295][ T5968] usb 10-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1315.908012][ T5968] usb 10-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[ 1315.927374][ T5968] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1315.946665][ T5968] usb 10-1: Product: syz
[ 1315.967108][ T5968] usb 10-1: Manufacturer: syz
[ 1315.972765][ T5968] usb 10-1: SerialNumber: syz
[ 1316.120741][T22213] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1316.161001][ T5968] usb 10-1: config 0 descriptor??
[ 1316.338202][ T5968] radio-si470x 10-1:0.35: could not find interrupt in endpoint
[ 1316.389287][ T5968] radio-si470x 10-1:0.35: probe with driver radio-si470x failed with error -5
[ 1316.441287][ T5968] radio-raremono 10-1:0.35: Thanko's Raremono connected: (10C4:818A)
[ 1316.519751][T22214] tipc: Resetting bearer <eth:syzkaller0>
[ 1316.648460][T22212] tipc: Disabling bearer <eth:syzkaller0>
[ 1316.682361][ T5968] radio-raremono 10-1:0.35: V4L2 device registered as radio48
[ 1316.859716][T22208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1316.931402][T22208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1316.968319][T22208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1317.016258][T22208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1317.045642][T22208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1317.271662][T22208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1318.035679][ T5921] usb 10-1: USB disconnect, device number 13
[ 1318.042579][ T5921] radio-raremono 10-1:0.35: Thanko's Raremono disconnected
[ 1318.540712][T10736] usb 9-1: USB disconnect, device number 16
[ 1318.540806][    C1] xbox_remote 9-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[ 1318.879075][T22107] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1318.927999][T22107] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1318.992594][T22107] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1319.070914][T22107] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1319.725044][T22107] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1319.972666][T22107] 8021q: adding VLAN 0 to HW filter on device team0
[ 1320.108764][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1320.116111][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1320.159760][ T5921] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[ 1320.232312][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1320.239629][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1320.288303][T22266] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4343'.
[ 1320.430589][ T5921] usb 10-1: config 0 has no interfaces?
[ 1320.461850][ T5921] usb 10-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1320.658982][ T5921] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1320.730721][ T5921] usb 10-1: Product: syz
[ 1320.735098][ T5921] usb 10-1: Manufacturer: syz
[ 1320.815558][ T5921] usb 10-1: SerialNumber: syz
[ 1320.927130][ T5921] usb 10-1: config 0 descriptor??
[ 1320.963138][T22107] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1321.146079][T22107] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1321.260553][T22262] netlink: 'syz.9.4342': attribute type 21 has an invalid length.
[ 1321.798194][T22107] veth0_vlan: entered promiscuous mode
[ 1321.946131][T22107] veth1_vlan: entered promiscuous mode
[ 1322.107210][T22107] veth0_macvtap: entered promiscuous mode
[ 1322.131126][T22107] veth1_macvtap: entered promiscuous mode
[ 1322.150157][T10736] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1322.263499][T22107] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1322.327664][T10736] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1322.343183][T10736] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1322.394220][T22107] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1322.413080][T10736] usb 4-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[ 1322.426564][T10736] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1322.474640][T22107] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.484368][T10736] usb 4-1: Product: syz
[ 1322.513642][T10736] usb 4-1: Manufacturer: syz
[ 1322.523043][T10736] usb 4-1: SerialNumber: syz
[ 1322.699691][T22107] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.749246][T10736] usb 4-1: config 0 descriptor??
[ 1322.765433][T22107] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.844675][T10736] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1322.866250][T10736] usb 4-1: Detected SIO
[ 1322.870590][T10736] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[ 1322.878098][T22107] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.893597][T10736] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7
[ 1322.920321][T10736] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1323.335810][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1323.372733][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1323.532803][T14506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1323.565749][T14506] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1323.954463][T22293] tipc: Started in network mode
[ 1323.969674][T22293] tipc: Node identity f686d7db7457, cluster identity 4711
[ 1323.977084][T22293] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1324.120119][T22293] syzkaller0: entered promiscuous mode
[ 1324.125636][T22293] syzkaller0: entered allmulticast mode
[ 1324.445441][T22299] tipc: Resetting bearer <eth:syzkaller0>
[ 1324.489935][T22292] tipc: Resetting bearer <eth:syzkaller0>
[ 1324.703649][ T5921] usb 10-1: USB disconnect, device number 14
[ 1324.710653][T22292] tipc: Disabling bearer <eth:syzkaller0>
[ 1325.576280][ T5921] usb 4-1: USB disconnect, device number 60
[ 1325.700032][ T5921] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1325.806130][ T5921] ftdi_sio 4-1:0.0: device disconnected
[ 1326.489232][T22327] netlink: 'syz.6.4357': attribute type 1 has an invalid length.
[ 1326.538302][T22328] netlink: 156 bytes leftover after parsing attributes in process `syz.9.4359'.
[ 1327.662542][T22364] netlink: 'syz.9.4366': attribute type 1 has an invalid length.
[ 1327.779830][T20078] usb 4-1: new full-speed USB device number 61 using dummy_hcd
[ 1327.885199][T22370] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4367'.
[ 1327.933710][T20078] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1327.954656][T20078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1328.001974][T20078] usb 4-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[ 1328.019587][T20078] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1328.048318][T20078] usb 4-1: Product: syz
[ 1328.078947][T20078] usb 4-1: Manufacturer: syz
[ 1328.110084][T20078] usb 4-1: SerialNumber: syz
[ 1328.133471][T20078] usb 4-1: config 0 descriptor??
[ 1328.842892][T22383] netlink: 'syz.9.4370': attribute type 1 has an invalid length.
[ 1329.455525][   T30] audit: type=1326 audit(1753380756.613:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e2c38e9a9 code=0x7ffc0000
[ 1329.494580][   T30] audit: type=1326 audit(1753380756.613:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f4e2c38e9a9 code=0x7ffc0000
[ 1329.557332][   T30] audit: type=1326 audit(1753380756.613:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e2c38e9a9 code=0x7ffc0000
[ 1329.649135][   T30] audit: type=1326 audit(1753380756.613:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e2c38e9a9 code=0x7ffc0000
[ 1329.737271][   T30] audit: type=1326 audit(1753380756.613:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e2c38e9a9 code=0x7ffc0000
[ 1329.806766][   T30] audit: type=1326 audit(1753380756.613:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e2c3908c7 code=0x7ffc0000
[ 1329.860947][   T30] audit: type=1326 audit(1753380756.613:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f4e2c39083c code=0x7ffc0000
[ 1329.931706][   T30] audit: type=1326 audit(1753380756.613:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f4e2c390774 code=0x7ffc0000
[ 1330.040869][   T30] audit: type=1326 audit(1753380756.613:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f4e2c390774 code=0x7ffc0000
[ 1330.114677][   T30] audit: type=1326 audit(1753380756.613:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22391 comm="syz.9.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4e2c38d60a code=0x7ffc0000
[ 1330.359070][T22410] libceph: resolve '4..' (ret=-3): failed
[ 1330.471476][T20078] usb 4-1: USB disconnect, device number 61
[ 1332.049645][T20194] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1332.279863][T20194] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1332.332930][T20194] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1332.387947][T20194] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1332.402698][T22439] netlink: 'syz.9.4382': attribute type 1 has an invalid length.
[ 1332.450698][T20194] usb 4-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[ 1332.476007][T20194] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1332.545904][T20194] usb 4-1: config 0 descriptor??
[ 1332.777252][T20194] hid-udraw 0003:20D6:CB17.001A: item fetching failed at offset 3/7
[ 1332.810086][T20194] hid-udraw 0003:20D6:CB17.001A: parse failed
[ 1332.826792][T20194] hid-udraw 0003:20D6:CB17.001A: probe with driver hid-udraw failed with error -22
[ 1333.112440][T20194] usb 4-1: USB disconnect, device number 62
[ 1334.128703][T22480] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1334.170558][T22480] syzkaller0: entered promiscuous mode
[ 1334.176195][T22480] syzkaller0: entered allmulticast mode
[ 1334.444322][T22482] tipc: Resetting bearer <eth:syzkaller0>
[ 1334.489752][T22479] tipc: Resetting bearer <eth:syzkaller0>
[ 1334.640708][T22479] tipc: Disabling bearer <eth:syzkaller0>
[ 1336.273994][T22536] fuse: Bad value for 'fd'
[ 1336.609614][T20249] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1337.069687][T20249] usb 9-1: config 0 has an invalid interface number: 117 but max is 0
[ 1337.077971][T20249] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1337.187224][T20249] usb 9-1: config 0 has no interface number 0
[ 1337.222874][T20249] usb 9-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30
[ 1337.284006][T20249] usb 9-1: config 0 interface 117 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1337.371649][T22549] net_ratelimit: 16 callbacks suppressed
[ 1337.371668][T22549] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[ 1337.428136][T22549] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:768)
[ 1337.457054][T20249] usb 9-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 239
[ 1337.529412][T20249] usb 9-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46
[ 1337.649579][T20249] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1337.712054][T20249] usb 9-1: Product: syz
[ 1337.716315][T20249] usb 9-1: Manufacturer: syz
[ 1337.779529][T20249] usb 9-1: SerialNumber: syz
[ 1337.816075][T20249] usb 9-1: config 0 descriptor??
[ 1337.862685][T20249] HFC-S_USB 9-1:0.117: probe with driver HFC-S_USB failed with error -5
[ 1338.157463][T20249] usb 9-1: USB disconnect, device number 17
[ 1338.981492][T22562] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4408'.
[ 1339.103310][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1339.103334][   T30] audit: type=1326 audit(1753380766.263:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1339.386586][   T30] audit: type=1326 audit(1753380766.263:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1339.477570][T22567] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4409'.
[ 1339.486758][T22567] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4409'.
[ 1339.519806][T22567] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4409'.
[ 1339.561310][T22568] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4409'.
[ 1339.579799][   T30] audit: type=1326 audit(1753380766.383:3606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1339.602421][T22568] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4409'.
[ 1339.818401][   T30] audit: type=1326 audit(1753380766.383:3607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1339.899671][   T30] audit: type=1326 audit(1753380766.383:3608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1340.027297][   T30] audit: type=1326 audit(1753380766.383:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1340.199701][   T30] audit: type=1326 audit(1753380766.383:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1340.229648][T20194] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1340.323753][   T30] audit: type=1326 audit(1753380766.383:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1340.413369][T20194] usb 9-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=de.ad
[ 1340.431305][T20194] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1340.485514][   T30] audit: type=1326 audit(1753380766.383:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7d86d8d45f code=0x7ffc0000
[ 1340.488597][T20194] usb 9-1: config 0 descriptor??
[ 1340.541880][   T30] audit: type=1326 audit(1753380766.383:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22559 comm="syz.7.4408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d86d8e9a9 code=0x7ffc0000
[ 1340.609686][T20249] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1340.748515][T22583] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4414'.
[ 1340.812549][T20249] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1340.840746][T20249] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1340.867418][T20194] snd-usb-hiface 9-1:0.0: probe with driver snd-usb-hiface failed with error -22
[ 1340.900989][T20249] usb 7-1: config 0 descriptor??
[ 1340.951487][T20249] cp210x 7-1:0.0: cp210x converter detected
[ 1341.042217][T22573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1341.072175][T22573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1341.250920][T22592] binder: BINDER_SET_CONTEXT_MGR already set
[ 1341.257095][T22592] binder: 22587:22592 ioctl 4018620d 200000000040 returned -16
[ 1341.268008][T22592] netlink: 'syz.9.4415': attribute type 16 has an invalid length.
[ 1341.276021][T22592] netlink: 64138 bytes leftover after parsing attributes in process `syz.9.4415'.
[ 1341.289294][T22592] trusted_key: encrypted_key: insufficient parameters specified
[ 1341.425066][T20194] usb 9-1: USB disconnect, device number 18
[ 1341.773248][T20249] cp210x 7-1:0.0: failed to get vendor val 0x3711 size 2: -71
[ 1341.796368][T20249] cp210x 7-1:0.0: GPIO initialisation failed: -71
[ 1341.859086][T20249] usb 7-1: cp210x converter now attached to ttyUSB0
[ 1341.979284][T22606] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1341.990438][T20249] usb 7-1: USB disconnect, device number 10
[ 1342.134548][T20249] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1342.201700][T20249] cp210x 7-1:0.0: device disconnected
[ 1342.986411][T22622] picdev_read: 77 callbacks suppressed
[ 1342.986437][T22622] kvm: pic: non byte read
[ 1343.002563][T22628] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4421'.
[ 1343.050865][T22622] kvm: pic: non byte read
[ 1343.074407][T22622] kvm: pic: non byte read
[ 1343.087448][T22622] kvm: pic: non byte read
[ 1343.124639][T22622] kvm: pic: non byte read
[ 1343.201654][T22622] kvm: pic: non byte read
[ 1343.235607][T22622] kvm: pic: non byte read
[ 1343.257079][T22622] kvm: pic: non byte read
[ 1343.291501][T22622] kvm: pic: non byte read
[ 1343.349744][T22622] kvm: pic: non byte read
[ 1343.758193][ T5907] usb 9-1: new full-speed USB device number 19 using dummy_hcd
[ 1343.777903][T22647] FAULT_INJECTION: forcing a failure.
[ 1343.777903][T22647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1343.791472][T22647] CPU: 1 UID: 0 PID: 22647 Comm: syz.7.4427 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1343.791504][T22647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1343.791518][T22647] Call Trace:
[ 1343.791528][T22647]  <TASK>
[ 1343.791538][T22647]  dump_stack_lvl+0x189/0x250
[ 1343.791572][T22647]  ? __pfx____ratelimit+0x10/0x10
[ 1343.791598][T22647]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1343.791624][T22647]  ? __pfx__printk+0x10/0x10
[ 1343.791672][T22647]  ? __might_fault+0xb0/0x130
[ 1343.791715][T22647]  should_fail_ex+0x414/0x560
[ 1343.791743][T22647]  _copy_from_user+0x2d/0xb0
[ 1343.791773][T22647]  ___sys_sendmsg+0x158/0x2a0
[ 1343.791796][T22647]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1343.791849][T22647]  ? __might_fault+0xb0/0x130
[ 1343.791875][T22647]  __sys_sendmmsg+0x227/0x430
[ 1343.791897][T22647]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1343.791911][T22647]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1343.791954][T22647]  ? ksys_write+0x22a/0x250
[ 1343.791980][T22647]  ? __pfx_ksys_write+0x10/0x10
[ 1343.792000][T22647]  ? rcu_is_watching+0x15/0xb0
[ 1343.792026][T22647]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1343.792044][T22647]  do_syscall_64+0xfa/0x3b0
[ 1343.792064][T22647]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1343.792083][T22647]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1343.792100][T22647]  ? clear_bhb_loop+0x60/0xb0
[ 1343.792123][T22647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1343.792141][T22647] RIP: 0033:0x7f7d86d8e9a9
[ 1343.792157][T22647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1343.792174][T22647] RSP: 002b:00007f7d87bcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1343.792193][T22647] RAX: ffffffffffffffda RBX: 00007f7d86fb6160 RCX: 00007f7d86d8e9a9
[ 1343.792206][T22647] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000007
[ 1343.792217][T22647] RBP: 00007f7d87bcd090 R08: 0000000000000000 R09: 0000000000000000
[ 1343.792228][T22647] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001
[ 1343.792239][T22647] R13: 0000000000000000 R14: 00007f7d86fb6160 R15: 00007f7d870dfa28
[ 1343.792263][T22647]  </TASK>
[ 1344.226833][ T5907] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1344.238276][ T5907] usb 9-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1344.250752][ T5907] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1344.295296][ T5907] usb 9-1: config 0 descriptor??
[ 1344.320607][T22638] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1344.823078][T22662] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1344.898587][T22666] syzkaller0: entered promiscuous mode
[ 1344.916719][T22666] syzkaller0: entered allmulticast mode
[ 1344.918211][T22665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1345.011116][T22662] tipc: Resetting bearer <eth:syzkaller0>
[ 1345.058954][T22660] tipc: Resetting bearer <eth:syzkaller0>
[ 1345.077908][T22665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1345.187539][T22660] tipc: Disabling bearer <eth:syzkaller0>
[ 1345.523356][T22675] netlink: 'syz.3.4435': attribute type 1 has an invalid length.
[ 1345.552637][T22675] netlink: 'syz.3.4435': attribute type 2 has an invalid length.
[ 1345.584389][T22675] netlink: 244 bytes leftover after parsing attributes in process `syz.3.4435'.
[ 1345.627676][T22675] FAULT_INJECTION: forcing a failure.
[ 1345.627676][T22675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1345.665317][T22675] CPU: 1 UID: 0 PID: 22675 Comm: syz.3.4435 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1345.665352][T22675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1345.665367][T22675] Call Trace:
[ 1345.665377][T22675]  <TASK>
[ 1345.665387][T22675]  dump_stack_lvl+0x189/0x250
[ 1345.665426][T22675]  ? __pfx____ratelimit+0x10/0x10
[ 1345.665452][T22675]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1345.665478][T22675]  ? __pfx__printk+0x10/0x10
[ 1345.665508][T22675]  ? __might_fault+0xb0/0x130
[ 1345.665550][T22675]  should_fail_ex+0x414/0x560
[ 1345.665580][T22675]  _copy_from_user+0x2d/0xb0
[ 1345.665612][T22675]  ___sys_sendmsg+0x158/0x2a0
[ 1345.665637][T22675]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1345.665704][T22675]  ? __might_fault+0xb0/0x130
[ 1345.665737][T22675]  __sys_sendmmsg+0x227/0x430
[ 1345.665765][T22675]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1345.665783][T22675]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1345.665837][T22675]  ? ksys_write+0x22a/0x250
[ 1345.665869][T22675]  ? __pfx_ksys_write+0x10/0x10
[ 1345.665895][T22675]  ? rcu_is_watching+0x15/0xb0
[ 1345.665934][T22675]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1345.665957][T22675]  do_syscall_64+0xfa/0x3b0
[ 1345.665981][T22675]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1345.666005][T22675]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.666027][T22675]  ? clear_bhb_loop+0x60/0xb0
[ 1345.666054][T22675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.666075][T22675] RIP: 0033:0x7fd490f8e9a9
[ 1345.666095][T22675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1345.666114][T22675] RSP: 002b:00007fd491eda038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1345.666137][T22675] RAX: ffffffffffffffda RBX: 00007fd4911b5fa0 RCX: 00007fd490f8e9a9
[ 1345.666153][T22675] RDX: 0400000000000235 RSI: 0000200000000000 RDI: 0000000000000003
[ 1345.666167][T22675] RBP: 00007fd491eda090 R08: 0000000000000000 R09: 0000000000000000
[ 1345.666181][T22675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1345.666194][T22675] R13: 0000000000000000 R14: 00007fd4911b5fa0 R15: 00007fd4912dfa28
[ 1345.666225][T22675]  </TASK>
[ 1346.086922][T22682] binder: 22681:22682 unknown command 0
[ 1346.219954][T22682] binder: 22681:22682 ioctl c0306201 2000000003c0 returned -22
[ 1346.228485][T22682] binder: 22681:22682 unknown command 0
[ 1346.234299][T22682] binder: 22681:22682 ioctl c0306201 200000000180 returned -22
[ 1346.486655][T22688] ipvlan2: entered promiscuous mode
[ 1346.533952][T22688] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1346.606517][T22695] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4438'.
[ 1346.633066][T22688] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1346.702554][ T5907] usbhid 9-1:0.0: can't add hid device: -71
[ 1346.742604][ T5907] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1346.795632][ T5907] usb 9-1: USB disconnect, device number 19
[ 1347.170696][T22695] team1 (uninitialized): Failed to send options change via netlink (err -105)
[ 1347.401033][T22695] team1: entered promiscuous mode
[ 1347.406636][T22695] team1: entered allmulticast mode
[ 1347.584851][T22706] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1347.597531][T22709] syzkaller0: entered promiscuous mode
[ 1347.604941][T22709] syzkaller0: entered allmulticast mode
[ 1347.624113][T22701] tipc: Resetting bearer <eth:syzkaller0>
[ 1347.669731][T20249] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[ 1347.754760][T22701] tipc: Disabling bearer <eth:syzkaller0>
[ 1347.888702][T20249] usb 10-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1347.939801][T20249] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1347.957730][T20249] usb 10-1: config 0 descriptor??
[ 1348.018790][T20249] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1348.329652][T15792] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1348.532197][T15792] usb 9-1: config 0 has an invalid interface number: 117 but max is 0
[ 1348.568112][T20249] cpia1 10-1:0.0: unexpected state after lo power cmd: 00
[ 1348.579521][T15792] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1348.605288][T15792] usb 9-1: config 0 has no interface number 0
[ 1348.629115][T15792] usb 9-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30
[ 1348.649774][ T5907] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1348.699583][T15792] usb 9-1: config 0 interface 117 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1348.745694][T15792] usb 9-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 239
[ 1348.884136][ T5907] usb 7-1: config 0 has an invalid interface number: 117 but max is 0
[ 1348.884420][T15792] usb 9-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46
[ 1348.905071][ T5907] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1348.995241][ T5907] usb 7-1: config 0 has no interface number 0
[ 1349.001819][T15792] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1349.051438][T20249] gspca_cpia1: usb_control_msg 01, error -71
[ 1349.057641][T20249] cpia1 10-1:0.0: only firmware version 1 is supported (got: 0)
[ 1349.059002][ T5907] usb 7-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30
[ 1349.076976][T15792] usb 9-1: Product: syz
[ 1349.077005][T15792] usb 9-1: Manufacturer: syz
[ 1349.077024][T15792] usb 9-1: SerialNumber: syz
[ 1349.100688][T15792] usb 9-1: config 0 descriptor??
[ 1349.108226][ T5907] usb 7-1: config 0 interface 117 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1349.126756][ T5907] usb 7-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 239
[ 1349.153571][T20249] usb 10-1: USB disconnect, device number 15
[ 1349.154066][ T5907] usb 7-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46
[ 1349.169189][T15792] HFC-S_USB 9-1:0.117: probe with driver HFC-S_USB failed with error -5
[ 1349.229886][ T5907] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1349.255897][ T5907] usb 7-1: Product: syz
[ 1349.296188][ T5907] usb 7-1: Manufacturer: syz
[ 1349.317118][ T5907] usb 7-1: SerialNumber: syz
[ 1349.378804][ T5907] usb 7-1: config 0 descriptor??
[ 1349.427299][ T5907] HFC-S_USB 7-1:0.117: probe with driver HFC-S_USB failed with error -5
[ 1349.508891][ T5907] usb 9-1: USB disconnect, device number 20
[ 1349.807793][ T5907] usb 7-1: USB disconnect, device number 11
[ 1351.761929][T15792] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1351.929757][T15792] usb 7-1: Using ep0 maxpacket: 8
[ 1351.942119][T15792] usb 7-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[ 1351.954399][T15792] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1351.978695][T22786] tipc: Started in network mode
[ 1351.984313][T15792] usb 7-1: Product: syz
[ 1351.988930][T22786] tipc: Node identity d2c04f16e62d, cluster identity 4711
[ 1352.019754][T15792] usb 7-1: Manufacturer: syz
[ 1352.036002][T15792] usb 7-1: SerialNumber: syz
[ 1352.048916][T22786] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1352.066946][T15792] usb 7-1: config 0 descriptor??
[ 1352.075089][T22788] syzkaller0: entered promiscuous mode
[ 1352.089821][T20249] usb 9-1: new full-speed USB device number 21 using dummy_hcd
[ 1352.109342][T15792] gspca_main: sonixj-2.14.0 probing 0c45:613e
[ 1352.124626][T22788] syzkaller0: entered allmulticast mode
[ 1352.275288][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[ 1352.287986][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1352.316541][T22785] tipc: Resetting bearer <eth:syzkaller0>
[ 1352.422061][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[ 1352.490569][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1352.542152][T22785] tipc: Disabling bearer <eth:syzkaller0>
[ 1352.570456][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[ 1352.592478][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1352.630220][T20249] usb 9-1: New USB device found, idVendor=0451, idProduct=5152, bcdDevice=c0.b9
[ 1352.660475][T20249] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1352.668670][T20249] usb 9-1: Product: syz
[ 1352.718195][T20249] usb 9-1: Manufacturer: syz
[ 1352.763010][T20249] usb 9-1: SerialNumber: syz
[ 1352.823869][T20249] usb 9-1: config 0 descriptor??
[ 1352.858306][T20249] ti_usb_3410_5052 9-1:0.0: TI USB 5052 2 port adapter converter detected
[ 1352.882898][T20249] ti_usb_3410_5052 9-1:0.0: missing endpoints
[ 1353.061747][T20249] usb 9-1: USB disconnect, device number 21
[ 1354.124084][T20249] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1354.346421][T20249] usb 9-1: Using ep0 maxpacket: 16
[ 1354.367568][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1354.424558][T20249] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1354.491819][T20249] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1354.537043][T20249] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 1354.560148][T15792] gspca_sonixj: reg_w err -71
[ 1354.577327][T15792] sonixj 7-1:0.0: probe with driver sonixj failed with error -71
[ 1354.705616][T20249] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.727315][T15792] usb 7-1: USB disconnect, device number 12
[ 1354.739716][T20249] usb 9-1: config 0 descriptor??
[ 1354.847309][T22835] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4463'.
[ 1354.939760][T22835] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4463'.
[ 1355.452658][T20249] usbhid 9-1:0.0: can't add hid device: -71
[ 1355.479209][T20249] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1355.580338][T22845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4464'.
[ 1355.593781][T20249] usb 9-1: USB disconnect, device number 22
[ 1355.679762][ T5907] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1355.850517][T20177] usb 4-1: new full-speed USB device number 63 using dummy_hcd
[ 1355.887935][T22852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1355.902045][ T5907] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1355.930423][ T5907] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1355.956514][ T5907] usb 7-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[ 1355.970577][ T5907] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1355.978677][ T5907] usb 7-1: Product: syz
[ 1355.995397][ T5907] usb 7-1: Manufacturer: syz
[ 1356.001941][ T5907] usb 7-1: SerialNumber: syz
[ 1356.019371][ T5907] usb 7-1: config 0 descriptor??
[ 1356.041476][T20177] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1356.060601][ T5907] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[ 1356.074186][T20177] usb 4-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1356.090605][ T5907] usb 7-1: Detected SIO
[ 1356.095417][ T5907] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[ 1356.124649][T20177] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1356.145707][ T5907] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7
[ 1356.162543][T20177] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1356.178578][ T5907] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1356.195871][T22859] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1356.199534][T20177] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1356.267860][ T5907] usb 7-1: USB disconnect, device number 13
[ 1356.277991][T20177] usb 4-1: Product: syz
[ 1356.292854][T20177] usb 4-1: Manufacturer: syz
[ 1356.304082][ T5907] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1356.317918][T20177] usb 4-1: SerialNumber: syz
[ 1356.331314][T20177] usb 4-1: config 0 descriptor??
[ 1356.340570][ T5907] ftdi_sio 7-1:0.0: device disconnected
[ 1356.353859][T20177] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1356.563728][T20177] usb 4-1: USB disconnect, device number 63
[ 1356.589631][T22868] sctp: [Deprecated]: syz.9.4470 (pid 22868) Use of int in max_burst socket option.
[ 1356.589631][T22868] Use struct sctp_assoc_value instead
[ 1356.849730][T20249] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[ 1357.024536][T20249] usb 10-1: config 0 has an invalid interface number: 178 but max is 0
[ 1357.033863][T20249] usb 10-1: config 0 has no interface number 0
[ 1357.058212][T20249] usb 10-1: config 0 interface 178 altsetting 0 bulk endpoint 0xE has invalid maxpacket 8
[ 1357.079213][T20249] usb 10-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=9d.36
[ 1357.136682][T20249] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1357.205889][T20249] usb 10-1: config 0 descriptor??
[ 1357.212260][T22868] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1357.436072][T20249] usb 10-1: string descriptor 0 read error: -71
[ 1357.470453][T20249] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 6 is not bulk.
[ 1357.549622][T20249] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 11 is not bulk.
[ 1357.616758][T20249] microtek usb (rev 0.4.3): couldn't find two input bulk endpoints. Bailing out.
[ 1357.692793][T20249] usb 10-1: USB disconnect, device number 16
[ 1357.750572][T20250] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1357.909618][T20250] usb 4-1: device descriptor read/64, error -71
[ 1358.014922][T22889] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4474'.
[ 1358.169659][T20250] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1358.310603][T20250] usb 4-1: device descriptor read/64, error -71
[ 1358.422411][T20250] usb usb4-port1: attempt power cycle
[ 1358.812677][T20250] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1358.890416][T20250] usb 4-1: device descriptor read/8, error -71
[ 1359.085385][T22916] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4479'.
[ 1359.239948][T20250] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1359.273489][T20250] usb 4-1: device descriptor read/8, error -71
[ 1359.358623][T22922] FAULT_INJECTION: forcing a failure.
[ 1359.358623][T22922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1359.376605][T22922] CPU: 0 UID: 0 PID: 22922 Comm: syz.7.4482 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1359.376639][T22922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1359.376653][T22922] Call Trace:
[ 1359.376663][T22922]  <TASK>
[ 1359.376674][T22922]  dump_stack_lvl+0x189/0x250
[ 1359.376707][T22922]  ? __pfx____ratelimit+0x10/0x10
[ 1359.376733][T22922]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1359.376757][T22922]  ? __pfx__printk+0x10/0x10
[ 1359.376786][T22922]  ? __might_fault+0xb0/0x130
[ 1359.376826][T22922]  should_fail_ex+0x414/0x560
[ 1359.376855][T22922]  _copy_from_user+0x2d/0xb0
[ 1359.376887][T22922]  ___sys_sendmsg+0x158/0x2a0
[ 1359.376912][T22922]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1359.376971][T22922]  ? __fget_files+0x2a/0x420
[ 1359.376991][T22922]  ? __fget_files+0x3a0/0x420
[ 1359.377018][T22922]  __sys_sendmmsg+0x227/0x430
[ 1359.377043][T22922]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1359.377060][T22922]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1359.377116][T22922]  ? ksys_write+0x22a/0x250
[ 1359.377159][T22922]  ? __pfx_ksys_write+0x10/0x10
[ 1359.377184][T22922]  ? rcu_is_watching+0x15/0xb0
[ 1359.377217][T22922]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1359.377241][T22922]  do_syscall_64+0xfa/0x3b0
[ 1359.377265][T22922]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1359.377288][T22922]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1359.377310][T22922]  ? clear_bhb_loop+0x60/0xb0
[ 1359.377337][T22922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1359.377358][T22922] RIP: 0033:0x7f7d86d8e9a9
[ 1359.377378][T22922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1359.377396][T22922] RSP: 002b:00007f7d87c0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1359.377424][T22922] RAX: ffffffffffffffda RBX: 00007f7d86fb5fa0 RCX: 00007f7d86d8e9a9
[ 1359.377440][T22922] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[ 1359.377455][T22922] RBP: 00007f7d87c0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1359.377469][T22922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1359.377482][T22922] R13: 0000000000000000 R14: 00007f7d86fb5fa0 R15: 00007f7d870dfa28
[ 1359.377514][T22922]  </TASK>
[ 1359.696828][T20250] usb usb4-port1: unable to enumerate USB device
[ 1359.856787][   T44] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1359.908367][T22927] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1360.004452][T22929] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1360.103282][   T44] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1360.113885][   T44] usb 9-1: config 0 has no interfaces?
[ 1360.124072][   T44] usb 9-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=40.85
[ 1360.155107][   T44] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1360.244489][   T44] usb 9-1: config 0 descriptor??
[ 1361.101440][T22955] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4488'.
[ 1361.332220][T20249] usb 9-1: USB disconnect, device number 23
[ 1361.951964][T22974] FAULT_INJECTION: forcing a failure.
[ 1361.951964][T22974] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1362.119747][T22974] CPU: 0 UID: 0 PID: 22974 Comm: syz.8.4494 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1362.119783][T22974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1362.119798][T22974] Call Trace:
[ 1362.119808][T22974]  <TASK>
[ 1362.119818][T22974]  dump_stack_lvl+0x189/0x250
[ 1362.119853][T22974]  ? __pfx____ratelimit+0x10/0x10
[ 1362.120027][T22974]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1362.120061][T22974]  ? __pfx__printk+0x10/0x10
[ 1362.120094][T22974]  ? fs_reclaim_acquire+0x7d/0x100
[ 1362.120127][T22974]  should_fail_ex+0x414/0x560
[ 1362.120157][T22974]  prepare_alloc_pages+0x213/0x610
[ 1362.120188][T22974]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1362.120218][T22974]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1362.120252][T22974]  ? policy_nodemask+0x27c/0x720
[ 1362.120290][T22974]  alloc_pages_mpol+0x232/0x4a0
[ 1362.120326][T22974]  vma_alloc_folio_noprof+0xe4/0x200
[ 1362.120366][T22974]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1362.120412][T22974]  folio_prealloc+0x30/0x180
[ 1362.120446][T22974]  do_wp_page+0x1231/0x5800
[ 1362.120497][T22974]  ? __pfx_do_wp_page+0x10/0x10
[ 1362.120522][T22974]  ? do_raw_spin_lock+0x121/0x290
[ 1362.120557][T22974]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1362.120599][T22974]  __handle_mm_fault+0x1144/0x5620
[ 1362.120650][T22974]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1362.120707][T22974]  ? find_vma+0xe7/0x160
[ 1362.120737][T22974]  ? __pfx_find_vma+0x10/0x10
[ 1362.120769][T22974]  handle_mm_fault+0x40a/0x8e0
[ 1362.120810][T22974]  do_user_addr_fault+0x764/0x1390
[ 1362.120851][T22974]  exc_page_fault+0x76/0xf0
[ 1362.120880][T22974]  asm_exc_page_fault+0x26/0x30
[ 1362.120902][T22974] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1362.120996][T22974] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1362.121017][T22974] RSP: 0018:ffffc9000407f658 EFLAGS: 00050202
[ 1362.121038][T22974] RAX: ffffffff84bdfa01 RBX: ffff88807c280000 RCX: 000000000000089c
[ 1362.121054][T22974] RDX: 0000000000000000 RSI: ffff88807c2805c0 RDI: 0000200000001000
[ 1362.121069][T22974] RBP: ffffc9000407f7b0 R08: ffff88807c280e5b R09: 1ffff1100f8501cb
[ 1362.121084][T22974] R10: dffffc0000000000 R11: ffffed100f8501cc R12: dffffc0000000000
[ 1362.121100][T22974] R13: 0000000000000000 R14: 00007ffffffff000 R15: 0000000000000e5c
[ 1362.121125][T22974]  ? _copy_to_iter+0x411/0x16f0
[ 1362.121167][T22974]  _copy_to_iter+0x484/0x16f0
[ 1362.121209][T22974]  ? __pfx__copy_to_iter+0x10/0x10
[ 1362.121234][T22974]  ? __skb_try_recv_from_queue+0x2b2/0x730
[ 1362.121266][T22974]  ? __skb_try_recv_datagram+0x3da/0x4e0
[ 1362.121296][T22974]  __skb_datagram_iter+0xf8/0x990
[ 1362.121321][T22974]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1362.121355][T22974]  skb_copy_datagram_iter+0xc5/0x230
[ 1362.121384][T22974]  netlink_recvmsg+0x2ab/0xa30
[ 1362.121426][T22974]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1362.121463][T22974]  ? aa_sock_msg_perm+0x94/0x160
[ 1362.121490][T22974]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1362.121513][T22974]  ? security_socket_recvmsg+0x7e/0x2e0
[ 1362.121543][T22974]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1362.121574][T22974]  sock_recvmsg+0x22c/0x270
[ 1362.121606][T22974]  ____sys_recvmsg+0x1c9/0x460
[ 1362.121647][T22974]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1362.121686][T22974]  ? import_iovec+0x74/0xa0
[ 1362.121717][T22974]  ___sys_recvmsg+0x1b5/0x510
[ 1362.121743][T22974]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1362.121788][T22974]  ? __fget_files+0x3a0/0x420
[ 1362.121818][T22974]  __x64_sys_recvmsg+0x198/0x260
[ 1362.121843][T22974]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[ 1362.121876][T22974]  ? __pfx_ksys_write+0x10/0x10
[ 1362.121902][T22974]  ? rcu_is_watching+0x15/0xb0
[ 1362.121932][T22974]  ? do_syscall_64+0xbe/0x3b0
[ 1362.121960][T22974]  do_syscall_64+0xfa/0x3b0
[ 1362.121982][T22974]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1362.122005][T22974]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.122027][T22974]  ? clear_bhb_loop+0x60/0xb0
[ 1362.122054][T22974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.122073][T22974] RIP: 0033:0x7f78c338e9a9
[ 1362.122093][T22974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1362.122111][T22974] RSP: 002b:00007f78c4110038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1362.122133][T22974] RAX: ffffffffffffffda RBX: 00007f78c35b5fa0 RCX: 00007f78c338e9a9
[ 1362.122148][T22974] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1362.122162][T22974] RBP: 00007f78c4110090 R08: 0000000000000000 R09: 0000000000000000
[ 1362.122175][T22974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1362.122187][T22974] R13: 0000000000000000 R14: 00007f78c35b5fa0 R15: 00007f78c36dfa28
[ 1362.122220][T22974]  </TASK>
[ 1363.191494][T22981] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1363.294644][T22985] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4497'.
[ 1363.399972][T22988] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4498'.
[ 1364.095314][T23014] x_tables: ip_tables: ah match: only valid for protocol 51
[ 1364.482277][T23016] netlink: 'syz.6.4505': attribute type 1 has an invalid length.
[ 1367.195067][T23050] FAULT_INJECTION: forcing a failure.
[ 1367.195067][T23050] name failslab, interval 1, probability 0, space 0, times 0
[ 1367.233971][T23050] CPU: 1 UID: 0 PID: 23050 Comm: syz.3.4508 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1367.234006][T23050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1367.234020][T23050] Call Trace:
[ 1367.234030][T23050]  <TASK>
[ 1367.234041][T23050]  dump_stack_lvl+0x189/0x250
[ 1367.234075][T23050]  ? __pfx____ratelimit+0x10/0x10
[ 1367.234100][T23050]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1367.234125][T23050]  ? __pfx__printk+0x10/0x10
[ 1367.234171][T23050]  should_fail_ex+0x414/0x560
[ 1367.234209][T23050]  should_failslab+0xa8/0x100
[ 1367.234241][T23050]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1367.234270][T23050]  ? skb_clone+0x212/0x3a0
[ 1367.234295][T23050]  skb_clone+0x212/0x3a0
[ 1367.234321][T23050]  __netlink_deliver_tap+0x404/0x850
[ 1367.234367][T23050]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1367.234397][T23050]  netlink_deliver_tap+0x19c/0x1b0
[ 1367.234430][T23050]  netlink_sendskb+0x68/0x140
[ 1367.234461][T23050]  netlink_rcv_skb+0x28c/0x470
[ 1367.234492][T23050]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1367.234520][T23050]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1367.234562][T23050]  ? bpf_lsm_capable+0x9/0x20
[ 1367.234592][T23050]  ? security_capable+0x7e/0x2e0
[ 1367.234624][T23050]  nfnetlink_rcv+0x26a/0x2520
[ 1367.234652][T23050]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1367.234680][T23050]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 1367.234712][T23050]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1367.234736][T23050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.234769][T23050]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1367.234794][T23050]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1367.234832][T23050]  ? ref_tracker_free+0x63a/0x7d0
[ 1367.234862][T23050]  ? __copy_skb_header+0xa7/0x550
[ 1367.234885][T23050]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1367.234926][T23050]  ? skb_clone+0x246/0x3a0
[ 1367.234951][T23050]  ? __netlink_deliver_tap+0x807/0x850
[ 1367.234981][T23050]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1367.235019][T23050]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1367.235048][T23050]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1367.235084][T23050]  netlink_unicast+0x75c/0x8e0
[ 1367.235124][T23050]  netlink_sendmsg+0x805/0xb30
[ 1367.235166][T23050]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1367.235208][T23050]  ? aa_sock_msg_perm+0x94/0x160
[ 1367.235235][T23050]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1367.235258][T23050]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1367.235290][T23050]  __sock_sendmsg+0x21c/0x270
[ 1367.235319][T23050]  ____sys_sendmsg+0x505/0x830
[ 1367.235346][T23050]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1367.235377][T23050]  ? import_iovec+0x74/0xa0
[ 1367.235412][T23050]  ___sys_sendmsg+0x21f/0x2a0
[ 1367.235435][T23050]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1367.235496][T23050]  ? __fget_files+0x2a/0x420
[ 1367.235515][T23050]  ? __fget_files+0x3a0/0x420
[ 1367.235546][T23050]  __x64_sys_sendmsg+0x19b/0x260
[ 1367.235569][T23050]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1367.235601][T23050]  ? __pfx_ksys_write+0x10/0x10
[ 1367.235627][T23050]  ? rcu_is_watching+0x15/0xb0
[ 1367.235658][T23050]  ? do_syscall_64+0xbe/0x3b0
[ 1367.235689][T23050]  do_syscall_64+0xfa/0x3b0
[ 1367.235712][T23050]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1367.235735][T23050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.235754][T23050]  ? clear_bhb_loop+0x60/0xb0
[ 1367.235780][T23050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.235802][T23050] RIP: 0033:0x7fd490f8e9a9
[ 1367.235820][T23050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1367.235839][T23050] RSP: 002b:00007fd491eda038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1367.235863][T23050] RAX: ffffffffffffffda RBX: 00007fd4911b5fa0 RCX: 00007fd490f8e9a9
[ 1367.235878][T23050] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[ 1367.235892][T23050] RBP: 00007fd491eda090 R08: 0000000000000000 R09: 0000000000000000
[ 1367.235906][T23050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1367.235918][T23050] R13: 0000000000000000 R14: 00007fd4911b5fa0 R15: 00007fd4912dfa28
[ 1367.235950][T23050]  </TASK>
[ 1367.663348][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1367.669818][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1368.141319][T23063] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1368.529672][T20250] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[ 1368.537720][T20249] usb 4-1: new full-speed USB device number 68 using dummy_hcd
[ 1368.821434][T20250] usb 10-1: config 0 has an invalid interface number: 84 but max is 0
[ 1368.830265][T20250] usb 10-1: config 0 has no interface number 0
[ 1368.838181][T20250] usb 10-1: config 0 interface 84 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2
[ 1368.851316][T20249] usb 4-1: config index 0 descriptor too short (expected 45568, got 9)
[ 1368.860503][T20249] usb 4-1: config 0 has too many interfaces: 34, using maximum allowed: 32
[ 1368.882622][T20249] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 34
[ 1368.892656][T20250] usb 10-1: config 0 interface 84 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1368.934056][T20249] usb 4-1: New USB device found, idVendor=04a5, idProduct=300a, bcdDevice=5f.57
[ 1368.957902][T20249] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1369.088403][T20249] usb 4-1: Product: syz
[ 1369.092999][T20250] usb 10-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=ca.f3
[ 1369.105151][T20249] usb 4-1: Manufacturer: syz
[ 1369.110495][T20250] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1369.120287][T20249] usb 4-1: SerialNumber: syz
[ 1369.126811][T20250] usb 10-1: Product: syz
[ 1369.133208][T20250] usb 10-1: Manufacturer: syz
[ 1369.138112][T20250] usb 10-1: SerialNumber: syz
[ 1369.144334][T20249] usb 4-1: config 0 descriptor??
[ 1369.282579][T20250] usb 10-1: config 0 descriptor??
[ 1369.299775][T23072] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[ 1369.317831][T20250] ljca 10-1:0.84: bulk endpoints not found
[ 1369.968768][T20177] usb 4-1: USB disconnect, device number 68
[ 1370.843338][T23082] futex_wake_op: syz.8.4515 tries to shift op by 32; fix this program
[ 1371.195926][ T5907] usb 10-1: USB disconnect, device number 17
[ 1371.229777][T15792] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1371.429048][T15792] usb 4-1: device descriptor read/64, error -71
[ 1371.465045][T23114] FAULT_INJECTION: forcing a failure.
[ 1371.465045][T23114] name failslab, interval 1, probability 0, space 0, times 0
[ 1371.532505][T23114] CPU: 0 UID: 0 PID: 23114 Comm: syz.6.4524 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1371.532540][T23114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1371.532555][T23114] Call Trace:
[ 1371.532565][T23114]  <TASK>
[ 1371.532574][T23114]  dump_stack_lvl+0x189/0x250
[ 1371.532609][T23114]  ? __pfx____ratelimit+0x10/0x10
[ 1371.532636][T23114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1371.532661][T23114]  ? __pfx__printk+0x10/0x10
[ 1371.532693][T23114]  ? __pfx___might_resched+0x10/0x10
[ 1371.532720][T23114]  ? fs_reclaim_acquire+0x7d/0x100
[ 1371.532748][T23114]  should_fail_ex+0x414/0x560
[ 1371.532777][T23114]  should_failslab+0xa8/0x100
[ 1371.532812][T23114]  __kmalloc_noprof+0xcb/0x4f0
[ 1371.532841][T23114]  ? tomoyo_encode+0x28b/0x550
[ 1371.532871][T23114]  tomoyo_encode+0x28b/0x550
[ 1371.532913][T23114]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1371.532952][T23114]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1371.532974][T23114]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1371.532999][T23114]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1371.533038][T23114]  ? __lock_acquire+0xab9/0xd20
[ 1371.533082][T23114]  ? __fget_files+0x2a/0x420
[ 1371.533105][T23114]  ? __fget_files+0x2a/0x420
[ 1371.533123][T23114]  ? __fget_files+0x3a0/0x420
[ 1371.533141][T23114]  ? __fget_files+0x2a/0x420
[ 1371.533164][T23114]  security_file_ioctl+0xcb/0x2d0
[ 1371.533200][T23114]  __se_sys_ioctl+0x47/0x170
[ 1371.533231][T23114]  do_syscall_64+0xfa/0x3b0
[ 1371.533255][T23114]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1371.533278][T23114]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1371.533300][T23114]  ? clear_bhb_loop+0x60/0xb0
[ 1371.533326][T23114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1371.533347][T23114] RIP: 0033:0x7f569d18e9a9
[ 1371.533367][T23114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1371.533386][T23114] RSP: 002b:00007f569e0c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1371.533410][T23114] RAX: ffffffffffffffda RBX: 00007f569d3b5fa0 RCX: 00007f569d18e9a9
[ 1371.533424][T23114] RDX: 0000200000000040 RSI: 00000000c008561c RDI: 0000000000000003
[ 1371.533438][T23114] RBP: 00007f569e0c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1371.533452][T23114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1371.533464][T23114] R13: 0000000000000000 R14: 00007f569d3b5fa0 R15: 00007f569d4dfa28
[ 1371.533496][T23114]  </TASK>
[ 1371.533517][T23114] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1371.866197][T23120] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1371.934775][T15792] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1371.952634][T23120] tipc: Resetting bearer <eth:syzkaller0>
[ 1372.045893][T23119] tipc: Disabling bearer <eth:syzkaller0>
[ 1372.069645][T15792] usb 4-1: device descriptor read/64, error -71
[ 1372.197955][T15792] usb usb4-port1: attempt power cycle
[ 1372.571017][T15792] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1372.620397][T15792] usb 4-1: device descriptor read/8, error -71
[ 1372.869650][T15792] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1372.952056][T15792] usb 4-1: device descriptor read/8, error -71
[ 1373.086334][T15792] usb usb4-port1: unable to enumerate USB device
[ 1373.369811][T10736] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1373.529812][T10736] usb 7-1: Using ep0 maxpacket: 8
[ 1373.552398][T10736] usb 7-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[ 1373.567785][T10736] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1373.577401][T10736] usb 7-1: Product: syz
[ 1373.585060][T10736] usb 7-1: Manufacturer: syz
[ 1373.590832][T10736] usb 7-1: SerialNumber: syz
[ 1373.603726][T10736] usb 7-1: config 0 descriptor??
[ 1373.612749][T10736] radio-usb-si4713 7-1:0.0: Si4713 development board discovered: (10C4:8244)
[ 1373.950967][T23179] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4535'.
[ 1374.788375][T10736] radio-usb-si4713 7-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[ 1374.875484][T10736] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1374.948709][T10736] usb 7-1: USB disconnect, device number 14
[ 1375.358329][T23205] netlink: 'syz.8.4540': attribute type 1 has an invalid length.
[ 1375.566914][T23213] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4544'.
[ 1377.342611][T23252] libceph: resolve '4..' (ret=-3): failed
[ 1377.729123][T23257] netlink: 'syz.8.4556': attribute type 1 has an invalid length.
[ 1377.961398][T23265] netlink: 168 bytes leftover after parsing attributes in process `syz.6.4557'.
[ 1379.295998][T23318] binder: BINDER_SET_CONTEXT_MGR already set
[ 1379.302673][T23318] binder: 23315:23318 ioctl 4018620d 200000000040 returned -16
[ 1379.569939][ T5907] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1379.680919][T23336] Invalid logical block size (17746)
[ 1379.739608][ T5907] usb 7-1: Using ep0 maxpacket: 8
[ 1379.747100][ T5907] usb 7-1: config 0 has an invalid interface number: 246 but max is 0
[ 1379.756196][ T5907] usb 7-1: config 0 has no interface number 0
[ 1379.782944][ T5907] usb 7-1: config 0 interface 246 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1379.805821][ T5907] usb 7-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[ 1379.818322][ T5907] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1379.827085][ T5907] usb 7-1: Product: syz
[ 1379.831789][ T5907] usb 7-1: Manufacturer: syz
[ 1379.836559][ T5907] usb 7-1: SerialNumber: syz
[ 1379.853407][ T5907] usb 7-1: config 0 descriptor??
[ 1380.212687][ T5907] msi2500 7-1:0.246: Registered as swradio24
[ 1380.212719][ T5907] msi2500 7-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[ 1381.257677][T20078] usb 7-1: USB disconnect, device number 15
[ 1381.997942][T23391] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4582'.
[ 1382.308647][T23397] netlink: 168 bytes leftover after parsing attributes in process `syz.6.4581'.
[ 1384.607794][T23437] FAULT_INJECTION: forcing a failure.
[ 1384.607794][T23437] name failslab, interval 1, probability 0, space 0, times 0
[ 1384.692045][T23437] CPU: 1 UID: 0 PID: 23437 Comm: syz.8.4591 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1384.692070][T23437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1384.692081][T23437] Call Trace:
[ 1384.692087][T23437]  <TASK>
[ 1384.692095][T23437]  dump_stack_lvl+0x189/0x250
[ 1384.692122][T23437]  ? __pfx____ratelimit+0x10/0x10
[ 1384.692142][T23437]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1384.692160][T23437]  ? __pfx__printk+0x10/0x10
[ 1384.692192][T23437]  should_fail_ex+0x414/0x560
[ 1384.692214][T23437]  should_failslab+0xa8/0x100
[ 1384.692240][T23437]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1384.692261][T23437]  ? sctp_add_bind_addr+0x8c/0x370
[ 1384.692285][T23437]  sctp_add_bind_addr+0x8c/0x370
[ 1384.692307][T23437]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1384.692329][T23437]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1384.692348][T23437]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1384.692382][T23437]  ? sctp_v4_is_any+0x35/0x60
[ 1384.692400][T23437]  ? sctp_copy_one_addr+0x93/0x360
[ 1384.692420][T23437]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1384.692440][T23437]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1384.692459][T23437]  sctp_connect_new_asoc+0x2e0/0x690
[ 1384.692484][T23437]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1384.692505][T23437]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1384.692528][T23437]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1384.692546][T23437]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1384.692571][T23437]  sctp_sendmsg+0x155c/0x2810
[ 1384.692602][T23437]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1384.692626][T23437]  ? aa_sk_perm+0x81e/0x950
[ 1384.692645][T23437]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1384.692662][T23437]  ? sock_rps_record_flow+0x19/0x410
[ 1384.692684][T23437]  ? inet_sendmsg+0x2f4/0x370
[ 1384.692704][T23437]  __sock_sendmsg+0x19c/0x270
[ 1384.692745][T23437]  ____sys_sendmsg+0x505/0x830
[ 1384.692765][T23437]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1384.692786][T23437]  ? import_iovec+0x74/0xa0
[ 1384.692812][T23437]  ___sys_sendmsg+0x21f/0x2a0
[ 1384.692828][T23437]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1384.692878][T23437]  ? __fget_files+0x2a/0x420
[ 1384.692892][T23437]  ? __fget_files+0x3a0/0x420
[ 1384.692914][T23437]  __x64_sys_sendmsg+0x19b/0x260
[ 1384.692931][T23437]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1384.692953][T23437]  ? __pfx_ksys_write+0x10/0x10
[ 1384.692973][T23437]  ? rcu_is_watching+0x15/0xb0
[ 1384.692996][T23437]  ? do_syscall_64+0xbe/0x3b0
[ 1384.693017][T23437]  do_syscall_64+0xfa/0x3b0
[ 1384.693033][T23437]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1384.693056][T23437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1384.693078][T23437]  ? clear_bhb_loop+0x60/0xb0
[ 1384.693106][T23437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1384.693128][T23437] RIP: 0033:0x7f78c338e9a9
[ 1384.693153][T23437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1384.693167][T23437] RSP: 002b:00007f78c4110038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1384.693184][T23437] RAX: ffffffffffffffda RBX: 00007f78c35b5fa0 RCX: 00007f78c338e9a9
[ 1384.693195][T23437] RDX: 0000000000000040 RSI: 00002000000007c0 RDI: 0000000000000003
[ 1384.693205][T23437] RBP: 00007f78c4110090 R08: 0000000000000000 R09: 0000000000000000
[ 1384.693215][T23437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1384.693225][T23437] R13: 0000000000000000 R14: 00007f78c35b5fa0 R15: 00007f78c36dfa28
[ 1384.693247][T23437]  </TASK>
[ 1385.119789][T23441] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4592'.
[ 1385.128970][T23441] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4592'.
[ 1385.138159][T23441] netlink: 'syz.6.4592': attribute type 20 has an invalid length.
[ 1386.966200][T23477] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[ 1387.573727][T23489] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4602'.
[ 1388.849895][T20194] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[ 1389.063742][T20194] usb 7-1: Using ep0 maxpacket: 16
[ 1390.351009][T20194] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1390.413388][T20194] usb 7-1: too many configurations: 161, using maximum allowed: 8
[ 1390.447145][T20194] usb 7-1: unable to read config index 0 descriptor/start: -71
[ 1390.482906][T20194] usb 7-1: can't read configurations, error -71
[ 1391.291691][T23535] netlink: 'syz.7.4609': attribute type 10 has an invalid length.
[ 1391.459652][T20078] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1391.536207][T23535] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1391.720260][T20078] usb 4-1: Using ep0 maxpacket: 32
[ 1391.743969][T20078] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1391.748797][T23534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1391.784043][T20078] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1391.794260][T20194] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1391.944089][T20078] usb 4-1: config 0 descriptor??
[ 1391.984153][T20194] usb 7-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[ 1391.997156][T20194] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1392.014241][T20194] usb 7-1: Product: syz
[ 1392.029769][T20194] usb 7-1: Manufacturer: syz
[ 1392.039294][T20194] usb 7-1: SerialNumber: syz
[ 1392.073057][T20194] usb 7-1: config 0 descriptor??
[ 1392.110012][T20194] gspca_main: sunplus-2.14.0 probing 04fc:504a
[ 1392.161895][T20078] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1392.186984][T20078] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1392.224232][T20078] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1392.294662][T20078] usb 4-1: media controller created
[ 1392.412422][T20078] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1392.925991][T23531] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4608'.
[ 1392.973030][T20078] az6027: usb out operation failed. (-71)
[ 1392.987841][T20078] stb0899_attach: Driver disabled by Kconfig
[ 1392.990469][T20194] gspca_sunplus: reg_w_riv err -110
[ 1393.007634][T20078] az6027: no front-end attached
[ 1393.007634][T20078] 
[ 1393.020306][T20194] sunplus 7-1:0.0: probe with driver sunplus failed with error -110
[ 1393.245483][T20078] az6027: usb out operation failed. (-71)
[ 1393.287166][T20078] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1393.299929][T20078] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input71
[ 1393.343534][T20078] dvb-usb: schedule remote query interval to 400 msecs.
[ 1393.399837][T20078] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1393.426139][T20078] usb 4-1: USB disconnect, device number 73
[ 1393.629003][T20078] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1394.171103][T23586] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4618'.
[ 1394.432936][T20095] usb 7-1: USB disconnect, device number 17
[ 1394.541057][T20177] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[ 1394.758190][T20177] usb 10-1: Using ep0 maxpacket: 8
[ 1394.806256][T20177] usb 10-1: config 0 has an invalid interface number: 31 but max is 0
[ 1394.978071][T20177] usb 10-1: config 0 has no interface number 0
[ 1395.061915][T20177] usb 10-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=be.68
[ 1395.071329][T20177] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1395.079604][T20177] usb 10-1: Product: syz
[ 1395.084066][T20177] usb 10-1: Manufacturer: syz
[ 1395.088788][T20177] usb 10-1: SerialNumber: syz
[ 1395.118013][T20177] usb 10-1: config 0 descriptor??
[ 1395.183691][T20177] redrat3 10-1:0.31: Couldn't find all endpoints
[ 1397.515473][T23610] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4623'.
[ 1397.932237][T23619] loop2: detected capacity change from 0 to 6
[ 1397.948744][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1397.987452][T23618] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4626'.
[ 1397.988873][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1398.088226][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1398.136262][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1398.258653][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1398.367535][T23619] ldm_validate_partition_table(): Disk read failed.
[ 1398.431819][T23629] FAULT_INJECTION: forcing a failure.
[ 1398.431819][T23629] name failslab, interval 1, probability 0, space 0, times 0
[ 1398.464889][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1398.495389][T15792] usb 10-1: USB disconnect, device number 18
[ 1398.521957][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1398.521968][T23629] CPU: 0 UID: 0 PID: 23629 Comm: syz.7.4628 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1398.522003][T23629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1398.522016][T23629] Call Trace:
[ 1398.522025][T23629]  <TASK>
[ 1398.522033][T23629]  dump_stack_lvl+0x189/0x250
[ 1398.522068][T23629]  ? __pfx____ratelimit+0x10/0x10
[ 1398.522100][T23629]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1398.522140][T23629]  ? __pfx__printk+0x10/0x10
[ 1398.522192][T23629]  should_fail_ex+0x414/0x560
[ 1398.522227][T23629]  should_failslab+0xa8/0x100
[ 1398.522268][T23629]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1398.522301][T23629]  ? sctp_add_bind_addr+0x8c/0x370
[ 1398.522339][T23629]  sctp_add_bind_addr+0x8c/0x370
[ 1398.522374][T23629]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1398.522410][T23629]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1398.522439][T23629]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1398.522472][T23629]  ? sctp_v6_is_any+0x64/0x80
[ 1398.522506][T23629]  ? sctp_copy_one_addr+0x93/0x360
[ 1398.522540][T23629]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1398.522570][T23629]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1398.522601][T23629]  sctp_connect_new_asoc+0x2e0/0x690
[ 1398.522643][T23629]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1398.522677][T23629]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1398.522714][T23629]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1398.522743][T23629]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1398.522783][T23629]  sctp_sendmsg+0x155c/0x2810
[ 1398.522834][T23629]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1398.522870][T23629]  ? aa_sk_perm+0x81e/0x950
[ 1398.522902][T23629]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1398.522929][T23629]  ? sock_rps_record_flow+0x19/0x410
[ 1398.522961][T23629]  ? inet_sendmsg+0x2f4/0x370
[ 1398.522995][T23629]  __sock_sendmsg+0x19c/0x270
[ 1398.523029][T23629]  ____sys_sendmsg+0x52d/0x830
[ 1398.523061][T23629]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1398.523096][T23629]  ? import_iovec+0x74/0xa0
[ 1398.523143][T23629]  ___sys_sendmsg+0x21f/0x2a0
[ 1398.523169][T23629]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1398.523236][T23629]  ? __fget_files+0x2a/0x420
[ 1398.523259][T23629]  ? __fget_files+0x3a0/0x420
[ 1398.523294][T23629]  __sys_sendmmsg+0x227/0x430
[ 1398.523324][T23629]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1398.523344][T23629]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1398.523406][T23629]  ? ksys_write+0x22a/0x250
[ 1398.523439][T23629]  ? __pfx_ksys_write+0x10/0x10
[ 1398.523467][T23629]  ? rcu_is_watching+0x15/0xb0
[ 1398.523506][T23629]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1398.523532][T23629]  do_syscall_64+0xfa/0x3b0
[ 1398.523560][T23629]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1398.523587][T23629]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.523613][T23629]  ? clear_bhb_loop+0x60/0xb0
[ 1398.523642][T23629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.523664][T23629] RIP: 0033:0x7f7d86d8e9a9
[ 1398.523688][T23629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1398.523709][T23629] RSP: 002b:00007f7d87c0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1398.523736][T23629] RAX: ffffffffffffffda RBX: 00007f7d86fb5fa0 RCX: 00007f7d86d8e9a9
[ 1398.523754][T23629] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000003
[ 1398.523769][T23629] RBP: 00007f7d87c0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1398.523784][T23629] R10: 000000000004c040 R11: 0000000000000246 R12: 0000000000000002
[ 1398.523799][T23629] R13: 0000000000000000 R14: 00007f7d86fb5fa0 R15: 00007f7d870dfa28
[ 1398.523836][T23629]  </TASK>
[ 1398.949947][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1399.022354][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1399.054804][T23619] Dev loop2: unable to read RDB block 0
[ 1399.146191][T23619] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1399.186702][T23619]  loop2: unable to read partition table
[ 1399.208057][T23619] loop2: partition table beyond EOD, truncated
[ 1399.228810][T23638] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4630'.
[ 1399.286295][T23619] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1399.400349][T23642] input: syz1 as /devices/virtual/input/input72
[ 1399.695283][T23651] netdevsim netdevsim8 netdevsim0: entered allmulticast mode
[ 1399.706175][T23652] FAULT_INJECTION: forcing a failure.
[ 1399.706175][T23652] name failslab, interval 1, probability 0, space 0, times 0
[ 1399.730916][T23651] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1399.759341][T23652] CPU: 0 UID: 0 PID: 23652 Comm: syz.3.4633 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1399.759375][T23652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1399.759389][T23652] Call Trace:
[ 1399.759403][T23652]  <TASK>
[ 1399.759412][T23652]  dump_stack_lvl+0x189/0x250
[ 1399.759444][T23652]  ? __pfx____ratelimit+0x10/0x10
[ 1399.759469][T23652]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1399.759493][T23652]  ? __pfx__printk+0x10/0x10
[ 1399.759526][T23652]  ? __pfx___might_resched+0x10/0x10
[ 1399.759551][T23652]  ? fs_reclaim_acquire+0x7d/0x100
[ 1399.759577][T23652]  should_fail_ex+0x414/0x560
[ 1399.759606][T23652]  should_failslab+0xa8/0x100
[ 1399.759640][T23652]  __kmalloc_noprof+0xcb/0x4f0
[ 1399.759666][T23652]  ? copy_splice_read+0x143/0x9b0
[ 1399.759701][T23652]  copy_splice_read+0x143/0x9b0
[ 1399.759745][T23652]  ? __pfx_copy_splice_read+0x10/0x10
[ 1399.759788][T23652]  ? register_lock_class+0x51/0x320
[ 1399.759815][T23652]  ? file_end_write+0xd8/0x250
[ 1399.759841][T23652]  ? direct_splice_actor+0x10c/0x160
[ 1399.759871][T23652]  ? __pfx_shmem_file_splice_read+0x10/0x10
[ 1399.759898][T23652]  splice_direct_to_actor+0x4d0/0xcc0
[ 1399.759956][T23652]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1399.760002][T23652]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1399.760033][T23652]  ? __pfx_aa_file_perm+0x10/0x10
[ 1399.760068][T23652]  do_splice_direct+0x181/0x270
[ 1399.760102][T23652]  ? __pfx_do_splice_direct+0x10/0x10
[ 1399.760131][T23652]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1399.760153][T23652]  ? bpf_lsm_file_permission+0x9/0x20
[ 1399.760179][T23652]  ? security_file_permission+0x75/0x290
[ 1399.760213][T23652]  ? rw_verify_area+0x258/0x650
[ 1399.760244][T23652]  do_sendfile+0x4da/0x7e0
[ 1399.760266][T23652]  ? __pfx_vfs_write+0x10/0x10
[ 1399.760301][T23652]  ? __pfx_do_sendfile+0x10/0x10
[ 1399.760321][T23652]  ? __fget_files+0x3a0/0x420
[ 1399.760353][T23652]  __se_sys_sendfile64+0x13e/0x190
[ 1399.760377][T23652]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 1399.760404][T23652]  ? do_syscall_64+0xbe/0x3b0
[ 1399.760434][T23652]  do_syscall_64+0xfa/0x3b0
[ 1399.760457][T23652]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1399.760479][T23652]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1399.760501][T23652]  ? clear_bhb_loop+0x60/0xb0
[ 1399.760527][T23652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1399.760547][T23652] RIP: 0033:0x7fd490f8e9a9
[ 1399.760566][T23652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1399.760585][T23652] RSP: 002b:00007fd491eda038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1399.760608][T23652] RAX: ffffffffffffffda RBX: 00007fd4911b5fa0 RCX: 00007fd490f8e9a9
[ 1399.760624][T23652] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[ 1399.760637][T23652] RBP: 00007fd491eda090 R08: 0000000000000000 R09: 0000000000000000
[ 1399.760649][T23652] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002
[ 1399.760663][T23652] R13: 0000000000000000 R14: 00007fd4911b5fa0 R15: 00007fd4912dfa28
[ 1399.760695][T23652]  </TASK>
[ 1400.062456][T20078] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1400.234215][T23660] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4636'.
[ 1400.329576][T20078] usb 7-1: Using ep0 maxpacket: 16
[ 1400.339330][T20078] usb 7-1: config 0 has an invalid interface number: 41 but max is 0
[ 1400.365160][T20078] usb 7-1: config 0 has no interface number 0
[ 1400.391667][T23663] FAULT_INJECTION: forcing a failure.
[ 1400.391667][T23663] name failslab, interval 1, probability 0, space 0, times 0
[ 1400.430965][T20078] usb 7-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1400.459556][T23663] CPU: 0 UID: 0 PID: 23663 Comm: syz.9.4635 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1400.459592][T23663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1400.459606][T23663] Call Trace:
[ 1400.459616][T23663]  <TASK>
[ 1400.459626][T23663]  dump_stack_lvl+0x189/0x250
[ 1400.459659][T23663]  ? __pfx____ratelimit+0x10/0x10
[ 1400.459696][T23663]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1400.459721][T23663]  ? __pfx__printk+0x10/0x10
[ 1400.459756][T23663]  ? __pfx___might_resched+0x10/0x10
[ 1400.459787][T23663]  should_fail_ex+0x414/0x560
[ 1400.459816][T23663]  should_failslab+0xa8/0x100
[ 1400.459851][T23663]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1400.459880][T23663]  ? refill_pi_state_cache+0x93/0x180
[ 1400.459910][T23663]  ? _parse_integer_limit+0x1ae/0x1f0
[ 1400.459938][T23663]  refill_pi_state_cache+0x93/0x180
[ 1400.459972][T23663]  futex_requeue+0x192/0x1870
[ 1400.460001][T23663]  ? __lock_acquire+0xab9/0xd20
[ 1400.460035][T23663]  ? get_pid_task+0x20/0x1f0
[ 1400.460066][T23663]  ? __pfx_futex_requeue+0x10/0x10
[ 1400.460108][T23663]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1400.460142][T23663]  ? vfs_write+0x8d8/0xa90
[ 1400.460180][T23663]  ? ksys_write+0x1cb/0x250
[ 1400.460210][T23663]  do_futex+0x362/0x420
[ 1400.460239][T23663]  ? __pfx_vfs_write+0x10/0x10
[ 1400.460269][T23663]  ? __pfx_do_futex+0x10/0x10
[ 1400.460304][T23663]  __se_sys_futex+0x36f/0x400
[ 1400.460336][T23663]  ? ksys_write+0x22a/0x250
[ 1400.460362][T23663]  ? __pfx___se_sys_futex+0x10/0x10
[ 1400.460391][T23663]  ? __pfx_ksys_write+0x10/0x10
[ 1400.460415][T23663]  ? rcu_is_watching+0x15/0xb0
[ 1400.460445][T23663]  ? __x64_sys_futex+0x21/0xf0
[ 1400.460476][T23663]  do_syscall_64+0xfa/0x3b0
[ 1400.460500][T23663]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1400.460522][T23663]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.460543][T23663]  ? clear_bhb_loop+0x60/0xb0
[ 1400.460569][T23663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.460590][T23663] RIP: 0033:0x7f4e2c38e9a9
[ 1400.460610][T23663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1400.460629][T23663] RSP: 002b:00007f4e2d13c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1400.460651][T23663] RAX: ffffffffffffffda RBX: 00007f4e2c5b6160 RCX: 00007f4e2c38e9a9
[ 1400.460674][T23663] RDX: 0000000000000001 RSI: 000000000000000c RDI: 000020000000cffc
[ 1400.460687][T23663] RBP: 00007f4e2d13c090 R08: 0000200000048000 R09: 0000000000000000
[ 1400.460701][T23663] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1400.460714][T23663] R13: 0000000000000000 R14: 00007f4e2c5b6160 R15: 00007f4e2c6dfa28
[ 1400.460746][T23663]  </TASK>
[ 1400.466393][T20078] usb 7-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1400.780424][T23669] Invalid logical block size (22187)
[ 1400.785640][T20078] usb 7-1: config 0 interface 41 has no altsetting 0
[ 1400.795697][T20078] usb 7-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[ 1400.805230][T20078] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1400.813425][T20078] usb 7-1: Product: syz
[ 1400.817849][T20078] usb 7-1: Manufacturer: syz
[ 1400.822611][T20078] usb 7-1: SerialNumber: syz
[ 1400.850202][T20078] usb 7-1: config 0 descriptor??
[ 1400.868988][T23648] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1400.888440][T23648] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1401.129202][T23648] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1401.190066][T23648] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1401.427450][T20078] Error reading MAC address
[ 1401.663990][T23696] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1401.709796][T23696] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1401.789576][T20095] usb 4-1: new full-speed USB device number 74 using dummy_hcd
[ 1401.920442][T20078] sr9700 7-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[ 1401.940003][T20078] usb 7-1: USB disconnect, device number 18
[ 1401.998491][T20095] usb 4-1: config 8 has an invalid interface number: 80 but max is 0
[ 1402.042957][T20095] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 1402.155824][T20095] usb 4-1: config 8 has no interface number 0
[ 1402.200932][T20095] usb 4-1: config 8 interface 80 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1402.313694][T20095] usb 4-1: config 8 interface 80 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1402.395022][T20095] usb 4-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14
[ 1402.469277][T20095] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f
[ 1402.519847][T20095] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1402.636165][T20095] usb 4-1: NFC: intf ffff888060580000 id ffffffff8eb51dc0
[ 1402.999075][   T44] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[ 1403.099174][   T44] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1403.232347][   T44] usb 4-1: USB disconnect, device number 74
[ 1403.820713][T23739] netlink: 'syz.7.4654': attribute type 10 has an invalid length.
[ 1403.847411][T23739] team0: Device ipvlan1 failed to register rx_handler
[ 1404.005371][T23748] syzkaller0: entered promiscuous mode
[ 1404.019811][T23748] syzkaller0: entered allmulticast mode
[ 1404.084448][T23746] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1404.165323][ T3010] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1404.323707][T23745] tipc: Resetting bearer <eth:syzkaller0>
[ 1404.667568][T23745] tipc: Disabling bearer <eth:syzkaller0>
[ 1404.817814][T23762] hsr0: entered promiscuous mode
[ 1404.824160][T23762] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4656'.
[ 1404.849853][T23762] hsr_slave_0: left promiscuous mode
[ 1404.906827][T23762] hsr_slave_1: left promiscuous mode
[ 1404.929720][T20194] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1405.138860][T20194] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1405.172914][T23762] hsr0 (unregistering): left promiscuous mode
[ 1405.228748][T23773] sock: sock_set_timeout: `syz.3.4660' (pid 23773) tries to set negative timeout
[ 1405.265214][T20194] usb 10-1: config 84 has an invalid interface number: 151 but max is 0
[ 1405.276943][T20194] usb 10-1: config 84 has no interface number 0
[ 1405.296153][T20194] usb 10-1: config 84 interface 151 has no altsetting 0
[ 1405.551304][T20194] usb 10-1: New USB device found, idVendor=0421, idProduct=0419, bcdDevice=32.ab
[ 1405.563985][T20194] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1405.587816][T20194] usb 10-1: Product: syz
[ 1405.608855][T20194] usb 10-1: Manufacturer: syz
[ 1405.625409][T20194] usb 10-1: SerialNumber: syz
[ 1405.892290][T20194] usb 10-1: bad CDC descriptors
[ 1405.978778][T20194] usb 10-1: USB disconnect, device number 19
[ 1406.895515][T20194] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 1407.036903][T20194] usb 10-1: device descriptor read/64, error -71
[ 1407.312271][T20194] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 1407.524209][T20194] usb 10-1: device descriptor read/64, error -71
[ 1407.667667][T20194] usb usb10-port1: attempt power cycle
[ 1408.052430][T20194] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[ 1408.134731][T20194] usb 10-1: device descriptor read/8, error -71
[ 1408.159698][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1408.240306][T23821] [U] k�}��
[ 1408.460342][T20194] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[ 1408.494480][T20194] usb 10-1: device descriptor read/8, error -71
[ 1408.767328][T20194] usb usb10-port1: unable to enumerate USB device
[ 1410.785617][T23873] FAULT_INJECTION: forcing a failure.
[ 1410.785617][T23873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1410.822014][T23873] CPU: 0 UID: 0 PID: 23873 Comm: syz.9.4681 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1410.822044][T23873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1410.822056][T23873] Call Trace:
[ 1410.822063][T23873]  <TASK>
[ 1410.822071][T23873]  dump_stack_lvl+0x189/0x250
[ 1410.822098][T23873]  ? __pfx____ratelimit+0x10/0x10
[ 1410.822117][T23873]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1410.822136][T23873]  ? __pfx__printk+0x10/0x10
[ 1410.822158][T23873]  ? __might_fault+0xb0/0x130
[ 1410.822188][T23873]  should_fail_ex+0x414/0x560
[ 1410.822209][T23873]  _copy_from_user+0x2d/0xb0
[ 1410.822233][T23873]  ___sys_recvmsg+0x12e/0x510
[ 1410.822254][T23873]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1410.822292][T23873]  ? __might_fault+0xb0/0x130
[ 1410.822315][T23873]  do_recvmmsg+0x307/0x770
[ 1410.822338][T23873]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1410.822363][T23873]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1410.822396][T23873]  __x64_sys_recvmmsg+0x190/0x240
[ 1410.822413][T23873]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1410.822428][T23873]  ? rcu_is_watching+0x15/0xb0
[ 1410.822451][T23873]  ? do_syscall_64+0xbe/0x3b0
[ 1410.822472][T23873]  do_syscall_64+0xfa/0x3b0
[ 1410.822489][T23873]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1410.822506][T23873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1410.822521][T23873]  ? clear_bhb_loop+0x60/0xb0
[ 1410.822541][T23873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1410.822556][T23873] RIP: 0033:0x7f4e2c38e9a9
[ 1410.822571][T23873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1410.822585][T23873] RSP: 002b:00007f4e2d17e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1410.822603][T23873] RAX: ffffffffffffffda RBX: 00007f4e2c5b5fa0 RCX: 00007f4e2c38e9a9
[ 1410.822615][T23873] RDX: 0000000000000a0d RSI: 00002000000066c0 RDI: 0000000000000005
[ 1410.822625][T23873] RBP: 00007f4e2d17e090 R08: 0000000000000000 R09: 0000000000000000
[ 1410.822635][T23873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1410.822644][T23873] R13: 0000000000000000 R14: 00007f4e2c5b5fa0 R15: 00007f4e2c6dfa28
[ 1410.822667][T23873]  </TASK>
[ 1412.264124][T23902] loop6: detected capacity change from 0 to 524287487
[ 1412.400840][T23902] buffer_io_error: 12 callbacks suppressed
[ 1412.400864][T23902] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1412.533168][T23904] loop6: detected capacity change from 524287487 to 0
[ 1412.546983][T23902] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1412.643085][T23902] ldm_validate_partition_table(): Disk read failed.
[ 1412.733756][T23902] Dev loop6: unable to read RDB block 0
[ 1412.747267][T23902]  loop6: unable to read partition table
[ 1412.765930][T23902] loop6: partition table beyond EOD, truncated
[ 1412.792953][T23902] loop_reread_partitions: partition scan of loop6 (�^L����A;���b��@���֔:B�w�<��g�nf.-ӑ��.�i���>^.�dDd��) failed (rc=-5)
[ 1412.903257][T23914] kvm: emulating exchange as write
[ 1413.750418][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1413.750439][   T30] audit: type=1326 audit(1753380840.923:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1413.819249][   T30] audit: type=1326 audit(1753380840.953:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1413.887225][   T30] audit: type=1326 audit(1753380840.953:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1413.928085][   T30] audit: type=1326 audit(1753380840.953:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1413.950534][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1413.958422][   T30] audit: type=1326 audit(1753380840.953:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1413.980946][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1413.993864][   T30] audit: type=1326 audit(1753380840.953:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1414.016561][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1414.023599][T20078] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1414.051653][   T30] audit: type=1326 audit(1753380840.953:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1414.080799][   T30] audit: type=1326 audit(1753380840.953:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1414.138827][   T30] audit: type=1326 audit(1753380840.953:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1414.189541][   T30] audit: type=1326 audit(1753380840.953:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23925 comm="syz.6.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569d18e9a9 code=0x7ffc0000
[ 1414.212941][T20078] usb 4-1: Using ep0 maxpacket: 8
[ 1414.235591][T20078] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1414.249485][T20078] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1414.265175][T20078] usb 4-1: Product: syz
[ 1414.282175][T20078] usb 4-1: Manufacturer: syz
[ 1414.289173][T20078] usb 4-1: SerialNumber: syz
[ 1414.317235][T20078] usb 4-1: config 0 descriptor??
[ 1414.531030][T20078] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1415.018354][T20078] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1415.132068][T20078] usb 4-1: USB disconnect, device number 75
[ 1415.390445][ T5907] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 1415.679901][ T5907] usb 10-1: Using ep0 maxpacket: 8
[ 1415.693052][ T5907] usb 10-1: config 0 has an invalid interface number: 31 but max is 0
[ 1415.705163][ T5907] usb 10-1: config 0 has no interface number 0
[ 1415.737564][ T5907] usb 10-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=be.68
[ 1415.747130][ T5907] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1415.767308][ T5907] usb 10-1: Product: syz
[ 1415.784881][ T5907] usb 10-1: Manufacturer: syz
[ 1415.803795][ T5907] usb 10-1: SerialNumber: syz
[ 1415.858889][ T5907] usb 10-1: config 0 descriptor??
[ 1415.901507][ T5907] redrat3 10-1:0.31: Couldn't find all endpoints
[ 1416.079904][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1416.130967][T23973] page: refcount:515 mapcount:0 mapping:ffff8881446fe080 index:0x0 pfn:0x3ba00
[ 1416.141523][T23973] head: order:9 mapcount:1 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 1416.150133][T23973] aops:hugetlbfs_aops ino:193f0 dentry name(?):"anon_hugepage"
[ 1416.157716][T23973] flags: 0xfff00000000041(locked|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1416.165901][T23973] page_type: f4(hugetlb)
[ 1416.170182][T23973] raw: 00fff00000000041 ffffc9000484fe10 ffffc9000484fe10 ffff8881446fe080
[ 1416.178822][T23973] raw: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[ 1416.187430][T23973] head: 00fff00000000041 ffffc9000484fe10 ffffc9000484fe10 ffff8881446fe080
[ 1416.196147][T23973] head: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[ 1416.204842][T23973] head: 00fff00000000009 ffffea0000ee8001 0000000000000000 0000000000000000
[ 1416.213531][T23973] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000200
[ 1416.222217][T23973] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[ 1416.229535][T23973] page_owner tracks the page as allocated
[ 1416.236842][T23973] page last allocated via order 9, migratetype Movable, gfp_mask 0x146cca(GFP_HIGHUSER_MOVABLE|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP), pid 23837, tgid 23825 (syz.6.4672), ts 1408967186961, free_ts 1375920634521
[ 1416.257924][T23973]  post_alloc_hook+0x240/0x2a0
[ 1416.262756][T23973]  get_page_from_freelist+0x21e4/0x22c0
[ 1416.268322][T23973]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1416.274165][T23973]  alloc_buddy_hugetlb_folio+0xdf/0x1c0
[ 1416.279827][T23973]  only_alloc_fresh_hugetlb_folio+0x8c/0x280
[ 1416.285913][T23973]  alloc_surplus_hugetlb_folio+0x103/0x430
[ 1416.291735][T23973]  alloc_hugetlb_folio+0xb1a/0x16a0
[ 1416.296987][T23973]  hugetlb_fault+0x1de0/0x29e0
[ 1416.301782][T23973]  handle_mm_fault+0x740/0x8e0
[ 1416.306606][T23973]  __get_user_pages+0x1af4/0x30b0
[ 1416.311669][T23973]  populate_vma_page_range+0x26b/0x340
[ 1416.317150][T23973]  __mm_populate+0x24c/0x380
[ 1416.321761][T23973]  vm_mmap_pgoff+0x3f0/0x4c0
[ 1416.326385][T23973]  ksys_mmap_pgoff+0x587/0x760
[ 1416.331181][T23973]  do_syscall_64+0xfa/0x3b0
[ 1416.335695][T23973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1416.341603][T23973] page last free pid 23194 tgid 23191 stack trace:
[ 1416.348115][T23973]  __free_frozen_pages+0xc71/0xe70
[ 1416.353270][T23973]  __folio_put+0x21b/0x2c0
[ 1416.357714][T23973]  update_and_free_hugetlb_folio+0x169/0x280
[ 1416.363813][T23973]  free_huge_folio+0xd72/0x1100
[ 1416.368708][T23973]  folios_put_refs+0x410/0x640
[ 1416.373508][T23973]  remove_inode_hugepages+0xee3/0x1100
[ 1416.379071][T23973]  hugetlbfs_evict_inode+0xbf/0x230
[ 1416.384286][T23973]  evict+0x501/0x9c0
[ 1416.388203][T23973]  __dentry_kill+0x209/0x660
[ 1416.392843][T23973]  dput+0x19f/0x2b0
[ 1416.396672][T23973]  __fput+0x68e/0xa70
[ 1416.400675][T23973]  task_work_run+0x1d1/0x260
[ 1416.405317][T23973]  do_exit+0x6b5/0x22e0
[ 1416.409507][T23973]  do_group_exit+0x21c/0x2d0
[ 1416.414117][T23973]  get_signal+0x1286/0x1340
[ 1416.418633][T23973]  arch_do_signal_or_restart+0x9a/0x750
[ 1416.424354][T23973] ------------[ cut here ]------------
[ 1416.429845][T23973] kernel BUG at mm/filemap.c:154!
[ 1416.434913][T23973] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1416.441162][T23973] CPU: 1 UID: 0 PID: 23973 Comm: syz.8.4704 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[ 1416.453406][T23973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1416.463520][T23973] RIP: 0010:filemap_unaccount_folio+0x715/0x790
[ 1416.469808][T23973] Code: c2 ca ff 48 89 df 48 c7 c6 80 2e 94 8b e8 93 f9 10 00 90 0f 0b e8 2b c2 ca ff 48 89 df 48 c7 c6 60 2d 94 8b e8 7c f9 10 00 90 <0f> 0b e8 14 c2 ca ff 48 89 df 48 c7 c6 80 2e 94 8b e8 65 f9 10 00
[ 1416.489527][T23973] RSP: 0018:ffffc900048a70e0 EFLAGS: 00010046
[ 1416.495711][T23973] RAX: 5b8f34f1b664f700 RBX: ffffea0000ee8000 RCX: 5b8f34f1b664f700
[ 1416.503903][T23973] RDX: 0000000000000005 RSI: ffffffff8db84602 RDI: ffff88802cfb9e00
[ 1416.511893][T23973] RBP: 0000000000000001 R08: ffff8880b8724293 R09: 1ffff110170e4852
[ 1416.519892][T23973] R10: dffffc0000000000 R11: ffffed10170e4853 R12: 0000000000000040
[ 1416.527884][T23973] R13: 1ffffd40001dd000 R14: 1ffffd40001dd001 R15: ffffea0000ee8008
[ 1416.535939][T23973] FS:  00007f78c0db26c0(0000) GS:ffff888125d23000(0000) knlGS:0000000000000000
[ 1416.544881][T23973] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1416.551478][T23973] CR2: 0000001b33708ff8 CR3: 0000000034c68000 CR4: 00000000003526f0
[ 1416.559475][T23973] Call Trace:
[ 1416.562808][T23973]  <TASK>
[ 1416.565760][T23973]  __filemap_remove_folio+0xc3/0x500
[ 1416.571064][T23973]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1416.576453][T23973]  ? __pfx___filemap_remove_folio+0x10/0x10
[ 1416.582360][T23973]  ? _raw_spin_lock_irq+0xae/0xf0
[ 1416.587391][T23973]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 1416.592945][T23973]  filemap_remove_folio+0xe6/0x1f0
[ 1416.598070][T23973]  remove_inode_hugepages+0x594/0x1100
[ 1416.603551][T23973]  ? preempt_schedule_common+0x83/0xd0
[ 1416.609027][T23973]  ? __pfx_remove_inode_hugepages+0x10/0x10
[ 1416.614944][T23973]  ? preempt_schedule_thunk+0x16/0x30
[ 1416.620366][T23973]  ? up_write+0x1f2/0x420
[ 1416.624710][T23973]  hugetlbfs_fallocate+0xbc7/0x1100
[ 1416.629945][T23973]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[ 1416.635595][T23973]  ? aa_file_perm+0x3e7/0xed0
[ 1416.640474][T23973]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1416.646031][T23973]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1416.651941][T23973]  vfs_fallocate+0x6a0/0x830
[ 1416.656560][T23973]  ? __pfx_vfs_fallocate+0x10/0x10
[ 1416.661714][T23973]  madvise_do_behavior+0x169d/0x2e70
[ 1416.667036][T23973]  ? futex_unqueue+0x22/0x240
[ 1416.671737][T23973]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1416.677396][T23973]  ? futex_unqueue+0x22/0x240
[ 1416.682093][T23973]  ? futex_unqueue+0x211/0x240
[ 1416.686964][T23973]  ? __futex_wait+0x1d1/0x3e0
[ 1416.691655][T23973]  ? __futex_wait+0x34f/0x3e0
[ 1416.696384][T23973]  ? __pfx___futex_wait+0x10/0x10
[ 1416.701417][T23973]  ? __switch_to+0xd74/0x1600
[ 1416.706130][T23973]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1416.711434][T23973]  ? finish_task_switch+0x18b/0x950
[ 1416.716647][T23973]  ? __lock_acquire+0xab9/0xd20
[ 1416.721534][T23973]  ? madvise_lock+0xda/0x200
[ 1416.726155][T23973]  do_madvise+0x174/0x220
[ 1416.730513][T23973]  ? __pfx_do_madvise+0x10/0x10
[ 1416.735383][T23973]  ? rcu_is_watching+0x15/0xb0
[ 1416.740156][T23973]  __x64_sys_madvise+0xa7/0xc0
[ 1416.744935][T23973]  do_syscall_64+0xfa/0x3b0
[ 1416.749456][T23973]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1416.754720][T23973]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1416.760834][T23973]  ? clear_bhb_loop+0x60/0xb0
[ 1416.765529][T23973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1416.771433][T23973] RIP: 0033:0x7f78c338e9a9
[ 1416.775851][T23973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1416.795476][T23973] RSP: 002b:00007f78c0db2038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1416.803907][T23973] RAX: ffffffffffffffda RBX: 00007f78c35b6240 RCX: 00007f78c338e9a9
[ 1416.812052][T23973] RDX: 0000000000000009 RSI: 0000000000600002 RDI: 0000200000000000
[ 1416.820055][T23973] RBP: 00007f78c3410d69 R08: 0000000000000000 R09: 0000000000000000
[ 1416.828080][T23973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1416.836085][T23973] R13: 0000000000000000 R14: 00007f78c35b6240 R15: 00007f78c36dfa28
[ 1416.844129][T23973]  </TASK>
[ 1416.847192][T23973] Modules linked in:
[ 1416.851136][T23973] ---[ end trace 0000000000000000 ]---
[ 1416.856608][T23973] RIP: 0010:filemap_unaccount_folio+0x715/0x790
[ 1416.862887][T23973] Code: c2 ca ff 48 89 df 48 c7 c6 80 2e 94 8b e8 93 f9 10 00 90 0f 0b e8 2b c2 ca ff 48 89 df 48 c7 c6 60 2d 94 8b e8 7c f9 10 00 90 <0f> 0b e8 14 c2 ca ff 48 89 df 48 c7 c6 80 2e 94 8b e8 65 f9 10 00
[ 1416.882606][T23973] RSP: 0018:ffffc900048a70e0 EFLAGS: 00010046
[ 1416.888726][T23973] RAX: 5b8f34f1b664f700 RBX: ffffea0000ee8000 RCX: 5b8f34f1b664f700
[ 1416.896750][T23973] RDX: 0000000000000005 RSI: ffffffff8db84602 RDI: ffff88802cfb9e00
[ 1416.904727][T23973] RBP: 0000000000000001 R08: ffff8880b8724293 R09: 1ffff110170e4852
[ 1416.912709][T23973] R10: dffffc0000000000 R11: ffffed10170e4853 R12: 0000000000000040
[ 1416.920686][T23973] R13: 1ffffd40001dd000 R14: 1ffffd40001dd001 R15: ffffea0000ee8008
[ 1416.928661][T23973] FS:  00007f78c0db26c0(0000) GS:ffff888125d23000(0000) knlGS:0000000000000000
[ 1416.937601][T23973] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1416.944711][T23973] CR2: 0000001b33708ff8 CR3: 0000000034c68000 CR4: 00000000003526f0
[ 1416.952730][T23973] Kernel panic - not syncing: Fatal exception
[ 1416.959213][T23973] Kernel Offset: disabled
[ 1416.963560][T23973] Rebooting in 86400 seconds..