last executing test programs:

33.775484837s ago: executing program 4 (id=84):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0)
dup(r0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, 0x0, 0xffdd)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000100)={0x2, 0x2, 0x0, 0xc2c6d7ed92c4ca45, 0x4})
syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e21, 0x63, @loopback, 0x7}, 0x1c)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/fib_triestat\x00')
preadv(r7, &(0x7f0000000080)=[{&(0x7f0000000040)=""/46, 0x2e}], 0x1, 0x0, 0x4)
r8 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r8, 0x84, 0x21, &(0x7f00000001c0), &(0x7f0000000240)=0x4)
shutdown(0xffffffffffffffff, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
bind$can_raw(0xffffffffffffffff, &(0x7f0000001140), 0x10)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x54}}, 0x0)

30.044101736s ago: executing program 0 (id=95):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd70000400000005000000080009000200000008000c000300000008000b00000000000600010007"], 0x40}}, 0x20)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010020bd70100600010007000000080009000200000008000b"], 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)

29.74335283s ago: executing program 0 (id=96):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x68, &(0x7f0000000040)=0x2, 0x4)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x200000d)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$get_persistent(0x16, 0x0, r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)
listen(0xffffffffffffffff, 0x0)
unshare(0x28040680)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r4, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x1feffe}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000800)=""/172, 0xac}, {&(0x7f0000000900)=""/230, 0xe6}, {&(0x7f0000000a00)=""/4098, 0x1002}, {&(0x7f0000000540)=""/229, 0xe5}], 0x4}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0x8}], 0x7, 0x40010022, 0x0)
r5 = timerfd_create(0x0, 0x0)
timerfd_gettime(r5, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)

29.712078644s ago: executing program 4 (id=97):
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)
syz_open_dev$vbi(0x0, 0x3, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket(0x2c, 0x80805, 0xffffffff)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x16)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
syz_io_uring_setup(0x9c1, &(0x7f00000002c0)={0x0, 0x200002f, 0x1, 0x1000, 0x100020c}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r5, &(0x7f0000000080)='\x00\x00', 0xfdef, 0x8080, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
write$binfmt_elf64(r7, &(0x7f0000001b40)=ANY=[], 0xfffffe3e)
syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0xc000000, &(0x7f0000000000)=[{0x0}], 0x1, 0x1a})
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000040)=0xe)
ioctl$BLKRESETZONE(0xffffffffffffffff, 0x40101283, &(0x7f0000000140)={0x7, 0x3})

28.367496211s ago: executing program 4 (id=100):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)

27.624247279s ago: executing program 1 (id=102):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000880)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe8f862c1e7233c26f73ca24e5e441dd406e136df3a3996865e0693d955c691c675c3f6191b225d82ea4c6a7b2c1ed690c17768cd2b21ab0ac2ca7673eb9c00d635e146555db84b8a9061c3ca8bbefd2ae2b80f4a09561a098815c1357c4a7bca207121687b851ca19a37a65c6138bf925610ae61f58630a053ee702229bb9448444a5a93ce6cde416fe3f413e41c70a0f0f17fdc912419d09d34156ee0727d498fcd7f54e71f7f8e979ced588320f21114362bc1bebbc21fa8f7cb9bd30605b5509f191f6a11ce68a3c34a09412925eb20941969617e323e06c3761b91efcab55c0ceaebf7a1be845afbb3b2b1ab3bb245bfd0e838c41f952", 0x2b7}, {&(0x7f0000000780)="7d87549fd6e506db8227c192ade2364cd555d3bdb38314a12868143d93b2314d1144a69dfa2d04b9d1d495d7ff790a5307f432275e936e98c0dfd1c0aa0c6df2fe50674c60a214018dd7bcc96c0c10826fd234fbc3b48fd4b30d6ffc2f", 0x5d}], 0x2}}, {{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587caf", 0x35}], 0x1}}], 0x2, 0x480e0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

27.36852499s ago: executing program 0 (id=103):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x118d6, &(0x7f0000000040)={0x0, 0xd0d, 0x8, 0x3, 0x2eb}, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
close_range(0xffffffffffffffff, r2, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES8=r1], 0x50)
unshare(0x62040200)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r4, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r4, 0x0, <r5=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r5, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r5, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e})
ioctl$IOMMU_IOAS_UNMAP$ALL(r3, 0x3b86, &(0x7f0000000240)={0x18, r4})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e140005"], 0x80}, 0x1, 0x0, 0x0, 0x20044815}, 0x40000)

27.358838277s ago: executing program 1 (id=104):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x118d6, &(0x7f0000000040)={0x0, 0xd0d, 0x8, 0x3, 0x2eb}, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
close_range(0xffffffffffffffff, r2, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES8=r1], 0x50)
unshare(0x62040200)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r4, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r4, 0x0, <r5=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r5, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r5, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e})
ioctl$IOMMU_IOAS_UNMAP$ALL(r3, 0x3b86, &(0x7f0000000240)={0x18, r4}) (fail_nth: 1)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e140005"], 0x80}, 0x1, 0x0, 0x0, 0x20044815}, 0x40000)

26.233473231s ago: executing program 3 (id=105):
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x9, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r2, 0x29, 0x11, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x24}}, 0x4000000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x1000000)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0)
getsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, &(0x7f0000002240))
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8d, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$alg(0x26, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r2, {0x4}}, './file0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000240)={0x14, r7, 0x301, 0x0, 0x0, {0x17}}, 0x14}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0003230c1100"})
r8 = socket$inet(0x2, 0x3, 0x33)
getsockopt$inet_mreqsrc(r8, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
sendmsg$DEVLINK_CMD_RATE_SET(r5, &(0x7f0000000640)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x4c, r7, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000004)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x5f)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = accept4(r4, 0x0, 0x0, 0x80800)
sendmmsg$alg(r9, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66ee", 0xaf}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

25.009217971s ago: executing program 4 (id=109):
mmap$IORING_OFF_SQ_RING(&(0x7f000040d000/0x4000)=nil, 0x4000, 0xd, 0x11, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
keyctl$clear(0x3, 0xfffffffffffffffd)
keyctl$set_reqkey_keyring(0xe, 0x2)
request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000240)='(\\.\x03/\']\\\x81\xac5\x17+.-![&\\^\'$)\x00', 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r4=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000280)={0x3, r4, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000100))
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000340)={0x0, 0x0, r4, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x7, 0x0, [], [0x10, 0x0, 0x0, 0x3]})
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000040)={r4, r6, 0x9, 0x7, 0x1})
ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
ioctl$DRM_IOCTL_DMA(r2, 0xc0406429, &(0x7f00000004c0)={0x0, 0x0, 0x0, &(0x7f0000000240)=[0x0, 0x3], 0x0, 0x0, 0x0, &(0x7f00000003c0), &(0x7f0000000400)})
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8923, &(0x7f0000000000)={'bridge_slave_0\x00', 0x1})

24.459625255s ago: executing program 1 (id=111):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2], 0x6f4}}, 0x0) (fail_nth: 1)

24.039345153s ago: executing program 1 (id=112):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000680)={0x1c, &(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x0, 0x0})
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="20131d00000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

23.591986656s ago: executing program 0 (id=113):
getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, 0x0, &(0x7f00000002c0))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='oom_score_adj_update\x00', r0, 0x0, 0xb779}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)="1400000016000b63d25a80648c2594f91124fc60", 0x14}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10139, 0x40000063, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000100))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000bdf7130870270c936a8d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r8, 0x0, &(0x7f00000002c0)={0x2c, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000100000099"], 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
fcntl$setstatus(r9, 0x4, 0x40000)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="9c010000400009002bbd7000fddbdf250200000004001f0083010180c0c433464ebaecc755f77aca12bb3ed76a7d285410c81f1547fe9ff78de8d749f4647b521060d4c8da085d9aa7bd553e8271289a9c9269860d0231b419164ce9b5f7e5c6013f752b1f8f30dbe4cb35263329a1ff40d6e3a2441eb2cbe7d39f03003334ae99ec30e722613298614e32667810983dadbfde6953490a85041815b5b85c62fd918aad52f529e6eae5a949fbd1dc9642cae3b7877e43f9e1aeae483629", @ANYRES32], 0x19c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
writev(r5, &(0x7f0000001740)=[{&(0x7f0000000040)="db", 0x1}], 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0xfffffc01, 0x166}, 0x9c)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000100))
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socket$nl_netfilter(0x10, 0x3, 0xc)

22.50372911s ago: executing program 2 (id=114):
socket(0x10, 0x3, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/rt_acct\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="f000000010000700000000000000000020010000000000000000000000000002e0000002000000000000000000000000ffff0000000000000200000002", @ANYRES32=0x0, @ANYRES32=0x0], 0xf0}, 0x1, 0x0, 0x0, 0x20004000}, 0x8080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000003f00070100000000fcdbdf25047c0000040000001400018006000600900a0000080016"], 0x2c}, 0x1, 0x0, 0x0, 0x44880}, 0x40)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRESDEC], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYRES16=r0], 0x70}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r2 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="e8000000190001002dbd7000fbdbdf2502202000ff02ff020018000008000100ac1414aac100098026"], 0xe8}, 0x1, 0x0, 0x0, 0x44050}, 0x1000)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x4000, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000001c0)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x4}, {0xffff, 0xffff}, {0x1, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x800001, 0x7, 0x100, 0x2008}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$inet(r0, &(0x7f00000007c0)={&(0x7f0000000400)={0x2, 0x4e24, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000480)="d559a2104366c243470563b730b2224fb34258f0ad57a34f3190298311106a45389e9e0e6997454dbffc1f5b8eb84f54f70006c1d4bc79dc7768ffbb34d5d20f4923bad3aef77e9fdd8a6ff9da6c358d776de4a250b2507614d98f183be77eed96df3b3258f177be1083f0dc8aca0fab1cc4188cb7ff4ef3e69754c112b6b2872fa82d74f11fb042dc395276b6e282f79d40", 0x92}, {&(0x7f0000000540)="4c550b11d88fff2d1aee1a91ca1bdc7e1685ceaf959284ca5bb24569f2ef2b1e3fadb757973ff00f50eb3f1b4ee9379d4dbd1c1941f3c705199452774ae8131423c278fe0b9f7639b639", 0x4a}, {&(0x7f0000000880)="5dcaaf61c7004c993e187397bede65d697113a6314a7c77f763ca3b3ecf4674d6151fc060f0d6b0ae56d7abf9f4d1d79a5f05c6de29a9a3115023907513ace28226202496004edb835f1e192062d00a93efe2873f29e85d28d950a775788f83d94f721af3623f6cc7b1782d6b5717662190faf1bc0579af28cbd8cdefc752f6ad032b9ff0a31b2f949146d73e8af50bc7f91511de1ae49c8bb0ce9cac5e3140b36f67bd8263972b1f0d443cdd518708e310722fc69571ff4c4270d97a26d01fd9014a4c370ceef821459eae8b4e193f46b8167df44b98d353f79ba708e408e55a0ef26f3c92b6e0df4c5cab62e4243158ce636d7b182cd2a6688c3d69c6bd682eda991e33353c7f03a2ad5cea7dcf6bfedb6f0c074aa623dabc89131b4235728c106ce4057b9e76f9e6b9d02082d7e6959b363eaa77740e206f6bf5e9a27d1770dc3814b7b79c215a10b09ccc41364a73a517e2e7a9d0f3dc1a5e55e0fee127c46e5c6db8e0423de9962a0767f7e5d8d6dd5efc47b07ba31d4aa5000698aca18725c76725e085cfdaabd6fae2eb0b7875b7d895d4e3cc1dc7c5a25d7b9214eeecbe828966aa1ab69244ac5391fbde31bcd0bb3f4b59ea1726d25aa16dc1e3c2b61e0fea19c46e28fee9e9343251adbe5a0e0c7f43a85a77f9a4f4168d64bc1ce27c373de9d553c7d12ca43c91bab04a7e158ef74e6afc3c3cf077b7c3d5eeb718a7d06e61a8ebb20a01d6b45cd3aacd22c38f5e6ef452c56f06845c4e938a6129b6ccd768f2440f4c2752443771e154653df457bf8ae51275faebb8841237b67a0f7002106c0b934a90b0f54b11172b98a21e744c37a84628bdac243d6f709c172e9b2462ec6364d56353ca33d75c4a98d8049da825684991b3d158d6ae7ccbfdf69dbfed1e712a09f4f6aef4d86046f08cec9580df83a7100e4c4c1e9fdd8daea5dc7ea623cf4f7cd5eed2b04baca8cedf45b1b34f07338ff2ec11dc117fb7812eebbea18ab6b1d89effc5f875280553a11fbbff836396e4c7a7d90b85485ab175ae0d125ed7ff19307c32a182607405f78e1558de71ef88afb9508ad30b63b9d5d3015ad5961b49713d45095aeec1c78ad796f3e3a838048aeb40eb3cf373ce7d1fb66b5dec740b0da51f9a67c2d1294034b112f1c597f6d7ce6b2830573b63679d30fa666bc45ec2a65eacb8539074ed7ceb2a3d4ea1fbd6ce1abc088945f621c051b988a6abf8c61a9691fcdb7f77763aa27f09004e216e766f0c6949d85b05bc1a1936ac52205b83f1dbae85026724253837612c918965fae04171efe11338a1944d1cf0ddc7d09b089d44da5122b688c4188717ab69cb2bcfd1917361072b3cfea2058cf0d9aa0a5419c1fa5684d01b236f2d3dd3fc8d9ef65ea516af3b1b08359c75433e42bbc29ac406fdbe029a1b72f0ee7c9fb4cb8df7c4b6615d329870e4bf6385043424f34b4c5904b84465151e6b44fcbcfd9412ab06ed1d94efc764e16b620c9711fdcf2d9288eb4d71daec636eb5c5d6190f1422745674a54d507e2e8666b996c4ab046025d88ac550e25edbabf69298c4d67a7a348b6f6c38554bee8415ff58b3d28b2aee66c5ac1975803f460c4e15a28d22592a2c6df526344d9394b3185c6583a2bde0fdcdbf065f6d7b94fe59125d1c14181413550f11d73635a442f477223a6b3601689d889321bcfddbf563299b73f4d8781dd0e17fbdeafba08bfbfd0ecd856f972ddc1c491bc8d5240a4f1ea4aaf2d0f2868de84d12900841d04737d8f32c93deceec173c27b08905202c634c8f07d12a91849c63ef18c196b03df975a39e4e33716f302c784a3433c6a714f71046cf6ccc0095d72013b69911f6d55bed5a1b103ef26145ff835464cef8f15ec9d6caa2dad3acc31fd80ec236a4df069541c5b4d4da8a9ccb75c6fcf84642467dfb9f33214c34ab23f3b9b13201ec19f21b83c5135d36e70ffc4fc22c4df3d3af136667d1da8429293beb8d2270591357acbcc0ed0d87356af560855a5b1f2433eedafe38393116a38057e1f0c2b7e4f37ac0d067a3d9ec8eb26072f2f4f04df045273e8aae93ba5373667682916befb60a96c5438d5867aa5059f4b0ca1d6b752c91d8e10637120525d21bd05c7f7a28acde7f8788e51c725ac7696e61c0adc3e37e05cea00f4fedbc0da6060de443e797951604e2a752fca33148be5ba7b4a1636fdfb6d2766b5966fc39b0b770bef174509157229565f25382d3d6f5f362eae3a8b036ee3d8c4e252fd9b80d3bbd21649ac1a098e646ee92d8ed3ed669aa948d168c16220d131db0253a820c7a6749c937f847e980a9b0425efebdfeff703c9d2270e2b83cfe5be157a1cec36ff192ccb5ff432f5c6f058c9a9142f89958378a111335924ae7b3897bc74ef11fba289414b3890d9a23758f2c4e8499878e5f6daf4c3fd3ec2f386d4676624ba8c2c92b338df436c8193a82c962c49843f9021f24b32348b39cb54de50d1d0d2fa11e330d9fa6901c867f70bad064f2a98b9e40b0f1d4969acc42b7ff0a6dd5940b08f9e4d6934733210cdb97f3092fa95838b00fa2f6f662653de853bd34bb5a654a010a9dabd31b82243e9af678df6c1bb1d266d71f4f6fa805faa5531b0edee68f7eb2679c5e2a553cd73a4ff62b49cab4f29f2c464d0cc56fa029892b384c0d38d2c087eb564e756d41e3fbd197039aae19360408ddb0b0bd76eb70e5935aecca47bd616353fe2c81a056169ac02229c86d7f90d2fff27c37144ed146220f2e99fd3ee5edc03f165d7a76741d81378da5c7d7360fcdb8be172f306e5060a389a9d332b29966cafc2b782f72c4661f57e63f831568885fe145161febe31dbb9b95ced011c0ba7e1e8225c34f582c31539fe92145d8d7b6b016d752ab931cd79cf65f112895be83297eb32ae1ff6e13945020387f8536f196a463521a94651f5f62cf7553305f6e1cb587ed04874216df91ebd9eba3e2e510a7f64a6b52e84984b89051fe60045be1f2dd5403c4ebbc92d9fd8471179bae08114a7d304dda6f21525a18940efd9ff96890e8d7e4c2fced7098b2775a61b1a7ec698b94b34246050efeaa9d269e43b314304ab276d8f635c072f7f44f90d04c41a17a0e13d67d438e532f2029b946d11f00018da7afcca3bba0795517eae34cc682b4f87097e88156edb02f1f806768f0762dfe6d4fd0d026dc44157ad66516ed7319fe362457b2249c3ed634c4e7557defa762e47c75e325a6d215a40b9231980ded023067e669f7a49cba5362fb2c3f4315d7352aab270aa5ab510c81edbb86c5299d2da830ecbf83ae3ca64d402c297dd616a2d85e216e8782a89be3ec235aaa94fa11a6f32512af8b708bb069649152d6bf5dfc73d7d5798236850ac0ae99f1e7c1e968e6c59cced427b85accaae3a93d866fe73297d151fd0f8a6152dde1cc5e1d834f2846ee8b366e4a75e3d5e6775ff4641f6e07d775d5c9dc963659adb99365c145cf85b472da944269e61d137be160296d9122361d7f756d268ea68138992cc5f3bd05867c2864ab6650509eba7e869f8432969a8ce1b90cd04114efebf70381b83c9b27d43db76968f2e6b73389b4be684e202fa42d01c637412e69ccc0fd84f3ab1fe0549ccfd5d321ffac1e720a8377f58c21deda9c780c11124b7fa16647e8a4450a4d6844c7c77e0933a647fe034d00172c32a916b4f63e95323959b9345e73e3e04ea9435319f26e491de9ed26530a831e33e554483270803bf40e79dc25997a36e6a227e508244f61b4d3e7200cfd46e5c53e595eb9e1711e35b3c1eb7f46956756a52d5ef87e1865cec0d56faa1eba32c866da413f969bdc30e2a2ecbda41698296435ce3878392701cd68418de8998338f3f23fe072075790bc3f4a989ee37c5eb18e730d2ff7377a007defb2d12dae38f382c65d1e3cba1a4f31c8e5893195351a1847508355552a9e6dec87fdfd1e1fc87d5849a534983141ad9b2babdc734ec456cb0d08503e6b5a689d51a756c059a9b4aac92fe8726116f2927bf94c79d20dfa2cdf751188696e1eb618b8cb115e62d31b2cde5b8c5da47e126b0f34b35b08dddbac5bbc74e99c4e35aa41999ac2544d5ef54b9a6c26202a550cbd0227bafe48b7435ebfc341db4394775ca41fd237aea9d2c3ab149b52019f50f9acda93f1d4a69ee61aeee45c66aa4990a52cf9ff41114b1bd8c2fac8e27c52cf2169be48f28aaaa427fea2e030af509579901a6ff9309ee7122b0ec3a6c1384375585750bc4d0c8b55a085171c167d306045795e4bffc5db01b3858793bd17f9cfa8d4974df8ba32f4b40a1eb34126ed60b76afef6ae8daa311ef8906fb3ac0da27fe8a41ae74e56c8b079a16b1b2c5de1f9f2c4218d59b39988c798106c4a672dd2f8ce551afb19be92f0e7a676d51293d96b8b0ada7df454fd8f7cffd6e2b3d0af5f05dc3c0e13959f160252e6608b2ed8e06cdf051ccab57945e72141e0ca21fe37923a2070e4f7a8ee30b3a24a98ded102576644d855aa2f74b8132c48bc66e17816ff6627ebf7515c89555e9f7815ef73aab6dad524185448ad90c52e3d80f3c63d525b03a954e6bcd7ff3586d5ed654f1291250b3ad01c0d1cbc6638dacc503232450154ee48c6fee5f3a3be8f394a96b0af663e8da99b6447028b5d1297c6faa6bd347dee30d0845af73ddbd22c981faed87d8f560f2596bcfb60e54d858a2b90cd3f26b6d132dc50e1ed9c4580db73eae3fb5945be597ca8fc03aa1fda30ab81373ead40fb03994587d34d780556c67b94b22937c3d8e222b08c0006a7c8f373d26b6dd3498f9bfd5977c4efc1f077cc6e25e142abc6d0b39d8e823cfe7dad4727dc1d6cf920d3ae7482e9478a8ba7ec3cf340696758bfd0d33fab9702b0defc8435c9e9ee139d836e2be513ddb5544b222c34836844f5da9bb05dd42b70e85186532691a901f096d34b16c7c85348139c47969e158b16e72d0bf2990d985397c9d483bafe21e740b133c2ecea9e97e0ec27c50ff2e4190085549d6b59cd4c7b574e4c497c8df7daf15c2c023f81b63bb8084046a12b9976d75a0d0d3bead102398321b754b215d76c5bf65eed9ffa14c16c1638d1d00673121a2111ade83c2027e086bee6336088cf79341a55439ef7710d09bf04809b2d029fdd1d10d9ee04744ee52dfbddf79573d76960ce02c7ea1250059ee2421ffba10585776fbaa482b3ac7ca9f325784bdec9dc7436f131dec4719fa6e5c0b8f41aceea071a7359fcf7380d0f0c68306657a8423f606e4be9d6f22a2ee77d909d6a50efc5c32ccb2087204fda127e5758b0fc3b8cbd1bddb756932dec1aeee921d8c40548b60fe582340d3c8e46f3bbca897794c16a0fffb9dca23a3dda62ea0a7d09e029de62a597471403bc515f6d7e5f24ccb34acd77f3463c7264adb52b88901f89acf5f5cf1896cba1a53d6e0388bc6e2fea628afd623744be01c351ded24d9526c2bf1fd24f16264a6f0fd0c5fa26d0a95a5c4498eb96666e205a5a8a73142c8bcbd15ffa5c2beeeb4a8f88eb826ade71f9a53088c681f3a4f443928af3065924fefae99385194906e6c1be92f1d93d5b1652d395887e1ce23af37fde644f78d9a6a4e272790d71c28aba8f1640c75836ef5de0eeeeaf206fd0e7ee9ae0e257beea0853e21e4534c573ae836afa152f30a1c63af929466862fba0e331f4d743393a0a5a53059373f0271cee9d6da4b20b8fc45dec12757476a3d6f6c49efa351ea782490c73ffa69c284177f65826621dbddf22bdd7b38b977c0", 0x1000}, {&(0x7f00000005c0)="92ebcf8f834231f0e566cce2b769e5c0ec3a6d752004e195b502d69b72044453084aef73d82c612c746baffac33baa290060082115146f0ce66eb264d4328e15b4ec43bf32798bff029e2afdabe42258bcf303ecb5d878bb2547c359c76190fc2dc67dbbde48632c249a3aaf9b66969e74f0cb8028ee50e64e13f71e8c6c831b51c0a5f08fe8ef3cd7904cbd86e63f8addd73833efa43d9f3761720c70b45b", 0x9f}, {&(0x7f0000000680)="46557c94be5633d944", 0x9}], 0x5, &(0x7f0000000740)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @multicast1, @multicast2}}}, @ip_tos_int={{0x14}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff1}}, @ip_retopts={{0x18, 0x0, 0x7, {[@ra={0x94, 0x4}, @ra={0x94, 0x4, 0x1}]}}}], 0x80}, 0x4000)
futex(0x0, 0xb, 0x0, 0x0, 0xfffffffffffffffd, 0x1)
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r6, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
openat$cgroup_int(r0, &(0x7f0000000180)='memory.low\x00', 0x2, 0x0)
r9 = dup(r8)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r8, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

22.452576782s ago: executing program 4 (id=115):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
sched_getattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r5, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x301000, 0x8})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r5, 0x4020aed2, &(0x7f00000097c0)={0xffff1000, 0x11b000, 0x8})
clock_nanosleep(0x8, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
write$cgroup_subtree(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0xfe33)
syz_open_dev$loop(&(0x7f0000000180), 0x9d, 0x8902)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
syz_emit_ethernet(0x52, &(0x7f0000001380)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x1c, 0x3a, 0x0, @remote, @mcast2, {[], @mlv2_query={0x82, 0x0, 0x0, 0x4, 0x6, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x1, 0x0, 0x1, 0x2}}}}}}, 0x0)
write$evdev(r6, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)
ioctl$EVIOCSCLOCKID(r6, 0x400445a0, &(0x7f0000000100)=0x7)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f00000001c0)={0x0, 0x0, {<r7=>0xffffffffffffffff}, {}, 0x8})
r8 = syz_open_procfs(r7, &(0x7f0000000080)='net/netlink\x00')
read$FUSE(r8, &(0x7f0000000480)={0x2020}, 0x2020)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
preadv(r9, &(0x7f0000000000)=[{&(0x7f0000000240)=""/135, 0x87}], 0x1, 0x0, 0x0)

22.341082879s ago: executing program 2 (id=116):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1f0000001000010000000000000000000001000a20000000000a0103000000000000000001006fe1000040000000030a01020000000000030073797a3200000000140076e4d712046f80f1b7a20900000000000000000800014000ed81c6dcc17cd0e6797a3100003a7238000000050a010200000000001065653a7a89917c3702400000000000000001090001010000000000000800"/167], 0x18c}, 0x1, 0x0, 0x0, 0x11}, 0x800)

22.211721977s ago: executing program 2 (id=117):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
listen(0xffffffffffffffff, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x140, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x20044084)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x6)
r1 = socket(0x10, 0xa, 0xffffffff)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001e00010a00000000000000a42d"], 0x14}}, 0x0)
socket(0x1e, 0x2, 0x1)
rt_sigpending(&(0x7f0000000100), 0x8)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x19)
r3 = dup(r2)
read$usbmon(r3, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x640102, 0x2)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
ftruncate(0xffffffffffffffff, 0x200004)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000140)=0x2, 0x4)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000900), 0x0)
sendto$inet6(r4, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
recvmmsg(r4, 0x0, 0x0, 0x40000040, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x105000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
pipe2(&(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x80800)
setsockopt$MRT_DEL_MFC_PROXY(r7, 0x0, 0xd3, &(0x7f0000000080)={@private=0xa010100, @private=0xa010102, 0xffffffffffffffff, "63f7c84473076aa01e71f26029867e123f776d7cd91faaddc5bdb20374faadd4", 0x9, 0x0, 0x3ff, 0x11}, 0x3c)
ioctl$KVM_CREATE_GUEST_MEMFD(r6, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})

22.049483421s ago: executing program 3 (id=118):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f80)={<r0=>0xffffffffffffffff})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$kcm(0x2d, 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000e40)=[{{&(0x7f00000001c0)={0xa, 0x4e23, 0xffffffff, @mcast1, 0x81}, 0x1c, &(0x7f00000008c0)=[{&(0x7f0000000240)="b44dc3efa83b3b6726d0f546847ab38204bc09b60c1a561a8857e82c01dcf019dd", 0x21}, {&(0x7f0000000280)="f859ccff64ba841a700704e91b0d6b5967984d7a82a78e707303c39a3170615ea94ab0583b302972ed108473a7fe16e71910e22bd5aaf61bf19b0163c033922544efd2e5f0a8757d9779e8a71d1b3be036a340bb7e063e1c4b9d68e9dcc8409d2d8dd2fc5b01dd34f504ba349260f89a4075ee7ea0ae1af11f85f12a05a91cb795151f7273c126", 0x87}, {&(0x7f0000000480)="0a4f127fc8d338f6b2a757bf672606d886a9315a13d175774685a2089a5d84e1799c385533676068a0298f66216791be3aae89d245edc75d42f78ca448b298973d713d205a51143beaf9359db1d174ccabe6a7524dfcb848ba5fa7d1fae494d03ef07b0be27cc38ab323427e983a7c3d35fce4d2a5eb4768b76eb379e259bb43ac6529a7072614724ebf510b5f0a99113cb18c34bcd1a792d5afc2d09869c35368512c990a5632a126c093af873028d00abdbf9c9d62ef870c3730ccd5acaa14a10ced6678961ed6294f77580179d779bf735ba0a3abd564efddb7543ea311361bd5d459634b894319126339e525f4b963b37a7c1e", 0xf5}, {&(0x7f0000000580)="cf0f8357309bd7825363a632006967d501854a97d4c572a82e558b2980ac0f15aa10d22ba96f23900786babae4abe9cbc8e5cadd17f914c8f3cda0886748c885de47b253088be88a507855f6797ea7c9ce57fce8bc33f5dff303f8368852f2c55341e99379a2c77284bcd3f9ab223e05e0c9197590ff04937a21548ebdeb69025cb03d1a3139f5ef2c001c0495f1a9e9a8d18a5779d979577d7001fae88fd6344a8cbaf509f9e294a68d2457203a0d11484beb2a1e8521ad741d9eef88b3926d084c9188f50caadc530e79c953a97c45a2958f18f8d6899b2e7f68d0ed71efebd58e09fb727281db63db80c7f90b4322df728546c5b1a7d5d04c4636b70d95", 0xff}, {&(0x7f0000000680)="428cacd235792d0bb29164374fb82ba5ba79732237d8e614973858445839baf22dbf146c3e5b4f4b71c609b64f50d029161147f50d8c7ae44ffb571139bbc823e7a8110cfdcffc852d9822a8bdb6037ff6cd4427", 0x54}, {&(0x7f0000000700)="562272ae0e94c63c41192357d928002e0583c109c148a46dab0050b97f7a4e1cb517e7cb209a858b83d1b4d214e17e30b37688f61d530a2bec165f82c2f7309db5d362f25c4eebe03576d3091271b6c9ba915c4cfccac12d802a6cc77ec58d7b4de07254d883c770f01ce50eb255609df028816c4c3d45914bcb29c2714adfd838e11eb59a1234b4560e7172b41a3600582770f601e33daa279968060c83bd8df00f3d98a09e18d2a1421eb088040f27fce5508ce9", 0xb5}, {&(0x7f00000007c0)="3003cabdd4a34036eca74ff354bf5bf05b718f261e36d8e5d47a10ce761b8288324a2f39ece5feceabeb1471df1b3f2e887d54b4592b28614e3db246e15552cd2b5dcccd06c6608277024cd7f9a78dc687d726681baa643d5b8822db15e3964c86d8eee8ca815655b92f046d19d6f3b440d6aac0dd1082d5d670fb92b5ec626a5660e9ade7ddd44cd03bded0bea23152de3f1eea6a4d48a8f3ac4ce199261c43dd1d3206fff164bac1f11aae3fc21e021713a30e8ef0494a4e478b9592de64908a65ace51346cf81f27ee56cd54e99f6cf66fd63b86076e0f53c76105e83ba063fad884bec0b97a702520fffcc362eca651ca362e9a02a4bb147", 0xfa}], 0x7, &(0x7f0000000940)=[@hoplimit={{0x14}}, @dontfrag={{0x14, 0x29, 0x3e, 0xb}}, @hopopts_2292={{0x140, 0x29, 0x36, {0x33, 0x24, '\x00', [@generic={0x6, 0x4e, "afb6fbf9709a61f07f746a66afb965584da46882be61f110912ebda2bac849da4e72e520b502fab1b3ce42065c2efc74a784f5c0dc1bf1a710b8099f027ff36b3408678326b1d33380004a499ff4"}, @generic={0x80, 0x9e, "887946ed5a2725d1a2c68039bbbd69a71ccb511e9fcd698b6724d2c70dcc71b48651fe72f6aab6d9597a695e868e74a6b048ab8446fa44039eca655a5b7660625e5c01750b2fff206a3e82fbdcf6e42fca0368cd2389dd0dfe613613ac2f1769e7623f38c1c6917683f87a7403bfdf7a860c2ee8c05ae8fe2cb3582fd35f4964f07c12b79bbda3d551385e9f0bca8e63aef5d1e32127761b772b249b08fb"}, @calipso={0x7, 0x30, {0x3, 0xa, 0x40, 0x3, [0xb3d, 0x9, 0x80000001, 0x5, 0xffffffff]}}]}}}, @dstopts_2292={{0x20, 0x29, 0x4, {0x3c, 0x1, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1]}}}, @rthdrdstopts={{0xb8, 0x29, 0x37, {0x5c, 0x13, '\x00', [@calipso={0x7, 0x10, {0x3, 0x2, 0x7, 0x0, [0x1ff]}}, @padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0xfff7}, @generic={0x9, 0x82, "a22ea41027697f78d964f3e6635782b6d7d1d3a980d94026f37c8edaf218d6fc972f9a200577cbf6cbdaa4d619a9621e3ee0e31ecb79bc0a39515bc640582e1c3a2e876f139ff05e825f26ed40703e0cace9374bea408c8654d99942f014b2e9996fa0ad28ab330bb2e46f5dc8c8989282bf484ced1f9f9add47bfd64b32a6f13258"}]}}}], 0x248}}, {{&(0x7f0000000340)={0xa, 0x4e21, 0x4, @rand_addr=' \x01\x00', 0x1ce}, 0x1c, &(0x7f0000000e00)=[{&(0x7f0000000bc0)="7ac299e0721270c16abfb7b92ee65ffead3c2d88ee59c8b3c6e83bb32e09db5ab86ad11934cb98277f6ca7deca19c6aa8e64873dd32a178cbc0f8ebd67a093c772354d5c1e6a50c307801904b136a53293685474500085981ce5c9fc303627a0a2daa4b3dd8f3a9165960e7d6c56a47321a20f76d622e4d027085c6821b973c66900914b3ba2890042ef73fba71bd0ad", 0x90}, {&(0x7f0000000c80)="2661a5c76a735f9996f5c454c64f99edbdcef8af766e59c24a6709014fbb2ed2b8b39481d657f3075474bfdd94263024a511655e291a59d3feae7e590664c1be4df614be72d6b6376a943a4d18d4bdba4297d679f357b01e5cd9a74da27a044a71129711425b57325baf295ddae94283b949b5ad8c9c193e2f03c2fdb293e28fbc69501f6f23a0d263e846504661ec74ef4f80d04cab405d3e730e846167e65292741ccac4dad79c7b3d137eb626a11c22fa76ff69c51aaf9a88f50442bc44196e849586c7ef2b1c22ff1f597cb23743676d82d4efee633e843d951f2b", 0xdd}, {&(0x7f0000000d80)="0fd524196ac23301a48910a55c7212892ef6bcdda24fe5a3c7ce1dc68b7064355b72b3f7c3eacefaf9b975f06ca11d7da832cdfbc0c56b7178068eda76722b0fcb0011ae8f89f3567e8de9ab2ff4cb553b382c6de5ca", 0x56}], 0x3, &(0x7f0000001100)=[@hopopts_2292={{0x158, 0x29, 0x36, {0x6, 0x27, '\x00', [@hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}, @pad1, @generic={0xe, 0x17, "adcfe0cdb3792dfcf28933fea20fca4f1ef1768af5e27b"}, @pad1, @pad1, @generic={0x3, 0x68, "4997a299bcd54711342cc346cf098626df0a52e2ed5b6d53410b3af0740203de80699bfb7ac80f8eadd9948ee95e170b818c90e56440dd2793fea5a017adbb9ddb116475b9a0c0c4d5bbd2af1cd496ac19268d6870867f0455248c80f557f087a6e44a095e1e06b8"}, @generic={0x2, 0x9a, "d729176c8e18f0d79546728ada6d4b99d76912cbbe50bb33c1fa505d580e4999b1dea30b6862e438c1bdc154c5c277fe4404d2ac2f5ea783d4f592cda9b76618a68e67a2af2d2e7d5116deec5a3aa314269870c2d4325dcdd203422c5e1dfc95ee26a678174af100aff91ceca06f389cc92bf0f306a65861877dab29dbdf5753f8b144c5a4217ac8c7e9af572cae187e24126859808c449da9fc"}]}}}, @dstopts_2292={{0x60, 0x29, 0x4, {0x32, 0x8, '\x00', [@generic={0x8b, 0x3e, "29a4f824e0f9ddb8d13cf3c02e128e024fafe7d9b916ebfed549939ccd49ef716b07ddb6c72ade66373206bae17105113cb2590913cf36c18ed3948a0348"}, @enc_lim={0x4, 0x1, 0x5}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x80000000}}], 0x1d0}}], 0x2, 0x2c0880d0)
ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f0000000040))
socket$inet6(0xa, 0x80000, 0x8000)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000200))
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
close(r2)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000004000000080000000000000005"], 0x48)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000100)={0x2, 0x8})
set_mempolicy_home_node(&(0x7f0000982000/0xc000)=nil, 0xc000, 0x2, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x248002, 0x0)
ioctl$SNDCTL_DSP_GETBLKSIZE(r4, 0xc0045004, &(0x7f0000000040))
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x101281, 0x0)
ptrace(0x10, r5)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ptrace$setregs(0xd, r5, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r5, 0x2, &(0x7f0000000380)={0x0})
getsockopt$sock_buf(r0, 0x1, 0x1f, &(0x7f0000000fc0)=""/216, &(0x7f00000010c0)=0xd8)

21.65549016s ago: executing program 2 (id=119):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.kill\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
symlink(0x0, &(0x7f0000000000)='./file0\x00')
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r4, &(0x7f0000000540)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000240)=""/17, 0x11, 0x6, 0x4, 0x9, 0x4, 0xc08}}, 0x120)
read$FUSE(r4, &(0x7f0000006b40)={0x2020}, 0x2020)
write$UHID_DESTROY(r4, &(0x7f0000000180), 0x4)

21.622296162s ago: executing program 3 (id=120):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000880)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe8f862c1e7233c26f73ca24e5e441dd406e136df3a3996865e0693d955c691c675c3f6191b225d82ea4c6a7b2c1ed690c17768cd2b21ab0ac2ca7673eb9c00d635e146555db84b8a9061c3ca8bbefd2ae2b80f4a09561a098815c1357c4a7bca207121687b851ca19a37a65c6138bf925610ae61f58630a053ee702229bb9448444a5a93ce6cde416fe3f413e41c70a0f0f17fdc912419d09d34156ee0727d498fcd7", 0x261}, {&(0x7f0000000780)="7d87549fd6e506db8227c192ade2364cd555d3bdb38314a12868143d93b2314d1144a69dfa2d04b9d1d495d7ff790a5307f432275e936e98c0dfd1c0aa0c6df2fe50674c60a214018dd7bcc96c0c10826fd234fbc3b48fd4b30d6ffc2f97546094eca61c53bec989b8556428b45f9f3b8c1464b8e7d1c3a060b55b987e4a727450cdcf54d813ec058aba5e3fd8f1fed8031ea0e8191e27240541495f32f73db4a754bbd31ee119939f2fcdef69a03a39fe2d4682", 0xb4}], 0x2}}, {{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78", 0x5a}], 0x1}}], 0x2, 0x480e0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

21.403676539s ago: executing program 3 (id=121):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

21.184516934s ago: executing program 3 (id=122):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x8000, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendto$inet(r0, 0x0, 0x0, 0xb, 0x0, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0x4}, 0x68)

20.676805919s ago: executing program 4 (id=123):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
memfd_create(0x0, 0x2)
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000021c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
preadv(r4, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/191, 0xbf}], 0x1, 0x55, 0xfffffffc)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x101)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140), 0x70)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0x7, 0x1, 0x4, 0x2, 0x1, 0x1, 0xff, 0x5, 0x0, 0xe, 0x9, 0xc, 0x2, 0xd, 0x5}})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[0x6, 0x7, 0x5, 0x180, 0x0, 0x0, 0xf1, 0x9, 0x8, 0x5, 0x0, 0x9, 0x0, 0x0, 0x0, 0xbd9], 0x1, 0x3c4212})
sendmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="80000000000000000a01000000080000058585674feadeb8da2b9e18e5ba32d9c4ae426a28df1ff81479c53399349bfcade8269e9ac8c7d4bd9c0daf9d4c485aee9ad923c30b921206fbb1585d6f1f820ffff492e9a2ae79dd065dd121e0a7baf6f352252d1a1e3ae906e7cd77dd3bbc2207524eb8dfdcedeec65896494e000010100000000000000000000007000000643d3f16621882a9d579432349dfc60c606e9b1f6eff23da8d3b3e169070e1e49e4d230ce65b9c00646b91daf2ad11482936b0c3efa73f3f9a87d10d65ff722b53b1782337832cc89de8d28b3d73e5adc53c0624be34d8261d2d790b8c1ca1bd6984e41ade7991903d0af153d2912609ea9a89273bcf5faebffbcf6fa0c60ad569cbd0bc664823d2d297977ed2bb3260fb00b7fa19baeeef7a691c5a670e4bfc4e142df3c716a3166a934f5fdb6fc923c1a0b78e4b10204342b2984687343d9e93af99239c22e72d3cbbaa155a0caaae50ac9f908ee788ed0120b7cdfa0a290c34d36e9f27f725dd8a401a1908d66a6e70117e7f091b75eaebec960284c82bf5e7976aa8c3c89b7b139e065a625d0dd2d3463b66acf4ac49157d358f38b0f079ff58c4847a016f29eed452152abed5dc328e5b8f799ac95070ae300ea1e4ae9274acfe04e4d29eab21c438ac2160dd0c2706eea221458c6f13f543b50f45a3598f3740a1485531daa9a50f5bd001fa1a25996f87eecfbf366dd027760e9213f683350422b33df38a5f2c2bdeffde2e7609e20122e1bbe7dbede354dc02ae1e0af4b3bf08ec24132c8fec4c6bd141bb6a2517464c227e99fad3be98ee09bb48e077c75a5f2695610ff59d27c5111d7b40d436ccb5d165f03dc80df8fef2ad08c8e361d7d5ff946d0e54500a9686d536c824198da078eba56848b21f39121d4f30a20a45197cb7039c8986b45dd6426439a585e3b203b162759ed6aa986d6858be2b31b55be9bbf3a0dbff20e30915b64d4b21386c3e71f4c24e1bef705013c5bca9aa6b964c9ca21c9f288e0cfc90ab0728befb3b92b680213b466f69d33f3f414a661c50baa4ee61e856188d94d65104c72b57aea06c30bf15e8bba0cbb1e5996748a656e28acf24a1feaa192420da3c2c33f8f4c9f37c8e12303a90dd71098228810639a60e8484c4bf6e924fe85be447fbd87d3cc54b305908f7d98873fe24ef093224c5b30fd604c4116b802fc5327a01ef952e8544210bc50cc78b1bf3e50ca5f333fdf438c3d45f8bcab9241b04c89b5cf090ee84e77770ab72a4d2d285dd520d54b71c0110fc9712faa8db4111d05a98912a9cfb454e22cc3c9213e1f8e83ea87fd5eadf9e3048ec04a51716a96bcac1434272a8f5c093cd1bed3222eb21bac05f63644f7e036935f847ba8235cd272a75b2c2878e09352a12d42786929e9367be032e3194bf42a1d1c6e012128885cdc84567ed04df1de5513e8450515c8cafd1af10961f9367fee65fa18d1827c3d71ff0acda3fd2d10c4cfed2b34fe92b37ddc6689e9d534adc5bf0ba7d31891723277f327d987a08747ed7f341ea1b879c20d36e9ff4d56964c8da838d23be5e9120f385e97ca62c3b20fd942648687f23a2d3220fa34e36a30ba6ba92fcc70ec7d5efe5d025a6283b8d78d82e10b887a34915a31a13d4c4dc7db35f3cf89c239e2fd35017d4ce95861cb6f0bbb9d82bb9bf278bacf1e375e7dd590d53b52fb5f479e5c627a7ab2947deb2aedffa0b43a0c1d7af80fc45cb2954f023fa4605ae5a394b09cd973123a2471597ea25401341a62cb55f1014bd92005439612b1881466a7065a3d06a69db0e3a1f9f3d433de0b6843907c9040001ef67f4d29c7295f9ee43a4d2e43b82d84ef9245d37c3935924bc92c8796860de09dcaad9db0de466c9944789dae4c2b4af9a30fcc797a567decc6e9466ee9395095529f7091672363d8c042db4dd91093079c01cf56b86b574aac3aa8b7b51455f40d7d1537b6173ed964fb022d388c7817caf3cba7dcd486de3746a94e415bb8b75d3bc760c9005e00e60d3741ccb9d65f0b1842c01ce4764e2e3271c99e000064b7b2336bac7c1e8446cadb7b6f03d73f94cf25f5a22e8f26d1d89fb0737f30102cdb2a895673430af5c96f86df03dcd26c2a8d898120312564d19ca2f441e4b2356a8bb7fd9a46c4228fbad33e0fa241335314a6ac0011b544f03d418566e802650c80b08058122282c2ec85cd11bee2189dff45633f45c539323d64e707a1f097c5a2b5fed080be74420d1af9373b331623c776f75a369f8c6db481d86947b90ac43844d646ead45ba727384d4e4d38ea67a5496c544e64d2223c01cdb7769d107d843b84384a52085037c5d889e4431f327ba7eb33e3a5535ed036cb0e3b83cfae0c5d1a1f5c79f610ce49d5994927fb7bed8fea8b0d94eae55a8dd809477e87dd4438b93ef3beacc5fcd48d400fd9a72c38bb5dd6a940a540ffbee5afce42d8b49ba6e21f7d7d73e42302443c56cd931de6a3039b049d3ca6f6abc4a6ef02d62ba45fb3641d7626d22e85fb560d43cdf0f81e73998ccf8ef19df231abd533267ea60ff5e39e6e27cf6affd6035202e064bd44ea8c759d2a929739385250b121ccfe5a2b16d4066202a55f9f0b790b7f4a19a3ea19335c14655348f4293c8ec928e55f9b5df13cf9b9645b2f895ce9a30ea87c22e1bf2e64d83777485c34bc86142ece98fb4888a20075e43f42a718d2e3f9cd711684138e9ff6bdd3b917aee0acf359fe47dd381de0fd2c621607ee839c1786b397fc13534c7fa773362eabb77c1d54b34e63dde7b62323ae7b10d3704723fa740089aff9458db1f8e3340d56cc53fec29ca00e4bb76e383b5db78936a46c687b68edb4b42d32746dfcf3b4096a7eafb361abfa9a73e8c3659af5ea2b18fbc14439b24ba8989bbc860bbac505f15c949a821dc38a5a7d0cf618db6a025c74582e851a7046b78fee6f16138eee1aee13b83d977b568a19764d1534bcdbbf468f7a6c3c38d80eb5a99183bdbe760b02073e30dd65dbcf488148966a7fd1ddcf815fad13462d26faf9c2079bc1f633bf28d4451431f1415e0488f73e5d4a8559920deec071baef755cfbe1433ede85a9e89df1d4f8558bbaffe50eec2dd2b823eaa424e75995c272d585a9cf12b2bbe0fdddae7c57ca8a84bcf5b06f19035cb579a901b335f013c7f0eb150821510482b832ce6281f0210b564bdd26534fc2743f22b632035d1bfe394676d1873742f18687d7d2e3c58267080db724ef2ff6fa693ab0f686dfe501c0ccad198dc76f41a4f037e85f11a57d290c85e561e13ebcba7b43d2c3148a0952acb45ba42e9df35677abf29e5469c9c41ab5d3a69cc4cdf1becccad4125d35ee2d2c280ae8800f09f387d2631af694b0ffaec78baf7e297590caf05c5769c18a2d2dd990fe87ddc574fe1b3b059826d0fd241a8c26a378a9b549d23ec4988a9656e9a8602a48df84b8d1e52284603f146874ecc288e8398401c14de96da8d4bf19219db556b807bf489561d102fa2da26ee29372115b2803df8cccd12ff1f1cd092a7cf52d322b4e64f18a55467607f743822deb154ac1f3deb6e1e121f6eeef1f638c16f0431c6286ffee5fe45a48504f4e6565135ed9b51e73fb36304529da3e3c52dc5b3d4bada79e8ede3d0318a03bed8099d4fb69c5a579d7d1949f67760c30934c2e453d8f572b521e7a72b244b0644d92488b067ebf6560b6bb86ee37c10e69dd111b7471535ab765580b10ab8923164313d4415333a5c38afbb6b31abcaa73cd7d0c12b407be8e8aa6d466b7930897ebfd62e00c4a8f6e51e2857695e700a2f89714c730e75cb538c8ee0ec7bb9b96841f60c849e0f50acd313a09d098262362cd8aef67c4df3719b8a62a1d4583a16f831649676c5beb8f080df3ffb9faa489b5d083fc48e3cece227df68ab44777c77a86d4293d25633534bbd303d886c10c60bf335ff5a3af376cdce6d3fe0b816edf142dc0976e598422673fde0a1e611810f44ca7539acbb5c0b4f21f9aad55563900b6f4af5ad48ef204f3f3c5340ed19e57a39c94080bd802aff5a3433293e30e92746035992ebf3a78bc08cb90eb74e54a118e4692493639229efbeef5fd99c40b74af2259d1875a59cbed4892a0dda26589419b1bf4d52078dfbfa0921c650c39c68e07da71a304b027137bfeacb689e0c957b84d2dc2cbbc59914bbab74fcd550675fdb230d785fedc2bf3d3968f142e7abbd1c35825b3c5eaf98f6fa1d2d0e6f08022c53b8e837a20574b2f149ff760dbbe557786e1272edef113c486cb3d3e8a39462b129356ad145d646ca7a2005a0b8cfb1257f79573c03b78c55959e49a433521339d1ce0419bfff58bb0e826e6d36656094f5c8e50099eb0ad90727349081c24206bfba7c2720b4a17a27298645f1be629b02b0509fc3785f32f242c605b725375f93ddee19f1506df5984262b050b5023e9131972c90b5720f70ec3bf0f200241d8797b62fccd3831c248d70fa92c3db1381e8a62fa07cad92c75c91c3b3ecb62fd997487eedbf043de3aaa49b91da969f8fc15c704d777b990f541806f88bd18f3d959a9e42aafb597c85b31d669c0a51788e2969a554f0a16ba636581ae51955e53dc76e0a7a3f33d2eeee3ab083eb14fd252fa31c35fd30b0202d76d264dc3d97976adc4c5f1c6cd1deff46f6195fb53db716574cfe90af0c712d8a3fc7205ef8931af5458519c3816d4d4021814585d45b31a6ed183a6fb43fe604e3fc23198476a724fc39965274653073540ffe2ee8e79ae4d2642c1ef2d096c8d9c41596ef4d6d80dd4ce56ff8fd35fc0411602bd661ac5b58d10984e28a853ebac79b9a81b8a4940d329b84907f3105662caddf7993e6d82977a8d980b598df4587712403a238e66cf4bd9aacadd6cb8cf46d74af0496a3b321e8436ecdd2ea9eea6d8192364d1cfc079633e764f531ea62b064f3cfbe895c3109d4f5bc3dfd108c3a23c71d2ae73e2e7ffe7c92fecb71cca567a7eccac269149b0683958a571a2e2b05454928a0dadc20c9984f2dc2f25636b869525d03f0080a9069a72f67a5d13c6d2d9da4d9178938f8a04f58d8475cfca2b935f2c98d3c8037f08fdd55434ed4fe6d0cfe361aa009836e2b4da2e93b74922bf764963638810306474dd308b7c1276453b8e0ba192fa63ef7704e988ae99410468a70386aa17a0d41a2684f184a31f9da7a6c5bb18d170650f8bca41a5b916266b93e7f170ba2acc510b2c7a8326c9af5ba078ccbf1d00206fb8a9ea72373d45341fb5ecb26afdc73b38df0c45301529e1d88f321168185d17d23a0a129feb32a63ddd16f1606202255e8310f7f37fbaaff8b5ce04e2d6266b7cfc1eb9fbc0b6d4dcb64ebc1465a0e55b2b728fb7ffef06bb8816d517fb127301c32b0cdbac7a1b9761856752f1eb155264dc3e6744e04f1a0adec6187151cc49504b022b4fb57064a2e082ba49ed6a772be61b1e2df81a4fc44cd6f5225dfca8dd92f62d1249cb01b6b18d1baa49ca21f06c6780b2a95d3b0f652a553e1068d43ec676cffdf7aaa05df4ac83c176c81af15b8e8e2272a3bd0f6522d23e75a82c3e9949d1f8d2a80688495204257ed55dbb8c833e007098bb578156a7f08dc3964c2c6d71b5334d98d6cb8e9e3a098cfd44eb33e12c141d41f48443a1ead1270b89f51ef2962fefa7659fda5f80c0b1038ea3b3babb757be700f6cf4a7865127bb14deeef8cbe282290305b9cfe3fa45fc573310a25e4354b9bf21866df331d9e2a6259cab8395931fd96ab0c04c8412cf069f3260f115bdb67dae8a5c9413e24088fe27d9440c8e4dd2b7c15644531ad4213ed3e9d1263f4578ad06a7369da1183e64c859ceaa430d10dfd3f2e8af36e4bb0534a71b4c3d8bf78ce1690ad15f94753d7fe25d8899c4b801e30efa106d331428d59a9c8453c28e1743688c6f45c90b125ba21819f4c90c76891eb2c5b0c511300000000000000084"], 0x1148}, 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

20.57486037s ago: executing program 1 (id=124):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newchain={0x24, 0x64, 0x200, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9, 0xd}, {0x7, 0x8}, {0x0, 0xffff}}}, 0x24}}, 0x80000) (async, rerun: 32)
r0 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x54, 0x10, 0x401, 0x70bd2a, 0x800, {0x0, 0x0, 0x0, 0x0, 0x38099, 0x4}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}, @IFLA_IFNAME={0x14, 0x3, 'nicvf0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x24008400}, 0x0) (async)
truncate(&(0x7f0000000080)='./file0\x00', 0xd19) (async)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

20.011817861s ago: executing program 2 (id=125):
r0 = socket(0x22, 0x2, 0x3)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r1, &(0x7f0000000840)={&(0x7f0000000080)={0x2, 0x4e26, @private=0x400}, 0x10, 0x0}, 0x4040000)

19.949176592s ago: executing program 1 (id=126):
r0 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0)
fsopen(&(0x7f0000000080)='hpfs\x00', 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f00000005c0)={0x84, &(0x7f0000000b80)={0x40, 0xe, 0x3, "72cc59"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", '\x00', "cf6cce2296b3f853e224c4e0"]})
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000480)={0x9, 0x0, 0x1, 0x80, 0xfffffffd, 0xfffffffd, "01e60000000000000034dbb39fe6083a", 0xff, 0x0, 0x0, 0x0, 0x1})
syz_emit_ethernet(0x72, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @icmpv6={0xe, 0x6, "f22ada", 0x3c, 0x3a, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x1, '\x00', {0x2, 0x6, "40a619", 0x40, 0x2f, 0x0, @mcast1, @empty, [], "2b2888be6783937f22d39b28"}}}}}}}, 0x0)
syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0) (async)
fsopen(&(0x7f0000000080)='hpfs\x00', 0x0) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, &(0x7f00000005c0)={0x84, &(0x7f0000000b80)={0x40, 0xe, 0x3, "72cc59"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", '\x00', "cf6cce2296b3f853e224c4e0"]}) (async)
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000480)={0x9, 0x0, 0x1, 0x80, 0xfffffffd, 0xfffffffd, "01e60000000000000034dbb39fe6083a", 0xff, 0x0, 0x0, 0x0, 0x1}) (async)
syz_emit_ethernet(0x72, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @icmpv6={0xe, 0x6, "f22ada", 0x3c, 0x3a, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x1, '\x00', {0x2, 0x6, "40a619", 0x40, 0x2f, 0x0, @mcast1, @empty, [], "2b2888be6783937f22d39b28"}}}}}}}, 0x0) (async)

19.745409013s ago: executing program 3 (id=127):
socket(0x1, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './mnt\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000002100010000002000000000000a"], 0x24}}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
fcntl$getown(r3, 0x9)
readv(0xffffffffffffffff, &(0x7f0000001d40)=[{&(0x7f0000001d00)=""/2, 0x2}], 0x1)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0x7000000)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x36, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000740)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000009a5ab6e10c00000000000000040000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000000000000000000000000a000000000000feffffffff7f40000200000000000008000000000000000001000000000000004400050000000000000000000000000000000000000000003c00000002000000ffffffff0002000000000000000000000600000004"], 0xfc}}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r8, 0x1)
add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x0)

18.870409577s ago: executing program 2 (id=128):
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x9, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r2, 0x29, 0x11, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x24}}, 0x4000000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x1000000)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0)
getsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, &(0x7f0000002240))
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8d, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$alg(0x26, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r2, {0x4}}, './file0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000240)={0x14, r7, 0x301, 0x0, 0x0, {0x17}}, 0x14}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0003230c1100"})
r8 = socket$inet(0x2, 0x3, 0x33)
getsockopt$inet_mreqsrc(r8, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
sendmsg$DEVLINK_CMD_RATE_SET(r5, &(0x7f0000000640)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x4c, r7, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000004)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x5f)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = accept4(r4, 0x0, 0x0, 0x80800)
sendmmsg$alg(r9, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66ee", 0xaf}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

18.138336655s ago: executing program 0 (id=129):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000880)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe8f862c1e7233c26f73ca24e5e441dd406e136df3a3996865e0693d955c691c675c3f6191b225d82ea4c6a7b2c1ed690c17768cd2b21ab0ac2ca7673eb9c00d635e146555db84b8a9061c3ca8bbefd2ae2b80f4a09561a098815c1357c4a7bca207121687b851ca19a37a65c6138bf925610ae61f58630a053ee702229bb9448444a5a93ce6cde416fe3f413e41c70a0f0f17fdc912419d09d34156ee0727d498fcd7f54e71f7f8e979ced588320f21114362bc1bebbc21fa8f7cb9bd30605b5509f191f6a11ce68a3c34a09412925eb20941969617e323e06c3761b91efcab55c0ceaebf7a1be845afbb3b2b1ab3bb245bfd0e838c41f952", 0x2b7}, {&(0x7f0000000780)="7d87549fd6e506db8227c192ade2364cd555d3bdb38314a12868143d93b2314d1144a69dfa2d04b9d1d495d7ff790a5307f432275e936e98c0dfd1c0aa0c6df2fe50674c60a214018dd7bcc96c0c10826fd234fbc3b48fd4b30d6ffc2f", 0x5d}], 0x2}}, {{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7", 0x22}], 0x1}}], 0x2, 0x480e0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

17.334172324s ago: executing program 0 (id=130):
r0 = syz_open_dev$vivid(&(0x7f0000000200), 0x3, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000001c0)={0x4, &(0x7f0000000140)=[{0x7, 0x0, 0xb4, 0x7da4}, {0x3, 0x5, 0x0, 0x5}, {0xb0f, 0x5, 0xf8, 0x7}, {0x0, 0x4, 0x9, 0x9}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000101010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400090200000000000000000000000000010c0002800500010000000000470002800500010001"], 0xe4}}, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x5, @vbi={0x0, 0xfff, 0x9, 0x3432564e, [0x2e, 0x4], [0x4, 0x5], 0x1}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000240)=0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x8, 0x3, 0x380, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x2b0, 0xffffffff, 0xffffffff, 0x2b0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2, [0xffffff00, 0xffffffff, 0xffffffff, 0xffffff00], [0x0, 0x0, 0xffffffff, 0xff000000], 'team_slave_0\x00', 'bridge_slave_1\x00', {0xff}, {0x101}, 0x11, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@set2={{0x28}, {{0x0, 0x2, 0x1}}}, @common=@inet=@recent0={{0xf8}, {0x4, 0x6, 0x4, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0)
r4 = socket(0x10, 0x80002, 0x0)
socket(0x200000000000011, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000005400e5002abd7000ffffffff07000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="00000000fe88ea0000000000000000000000010186dd00"], 0x38}}, 0xc4c4)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0)
ioctl$EVIOCGREP(r4, 0x80084503, &(0x7f0000000400)=""/117)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400200000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}}, 0x0)

0s ago: executing program 32 (id=126):
r0 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0)
fsopen(&(0x7f0000000080)='hpfs\x00', 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f00000005c0)={0x84, &(0x7f0000000b80)={0x40, 0xe, 0x3, "72cc59"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", '\x00', "cf6cce2296b3f853e224c4e0"]})
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000480)={0x9, 0x0, 0x1, 0x80, 0xfffffffd, 0xfffffffd, "01e60000000000000034dbb39fe6083a", 0xff, 0x0, 0x0, 0x0, 0x1})
syz_emit_ethernet(0x72, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @icmpv6={0xe, 0x6, "f22ada", 0x3c, 0x3a, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x1, '\x00', {0x2, 0x6, "40a619", 0x40, 0x2f, 0x0, @mcast1, @empty, [], "2b2888be6783937f22d39b28"}}}}}}}, 0x0)
syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0) (async)
fsopen(&(0x7f0000000080)='hpfs\x00', 0x0) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, &(0x7f00000005c0)={0x84, &(0x7f0000000b80)={0x40, 0xe, 0x3, "72cc59"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", '\x00', "cf6cce2296b3f853e224c4e0"]}) (async)
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000480)={0x9, 0x0, 0x1, 0x80, 0xfffffffd, 0xfffffffd, "01e60000000000000034dbb39fe6083a", 0xff, 0x0, 0x0, 0x0, 0x1}) (async)
syz_emit_ethernet(0x72, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @icmpv6={0xe, 0x6, "f22ada", 0x3c, 0x3a, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x1, '\x00', {0x2, 0x6, "40a619", 0x40, 0x2f, 0x0, @mcast1, @empty, [], "2b2888be6783937f22d39b28"}}}}}}}, 0x0) (async)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.131' (ED25519) to the list of known hosts.
[   66.790444][ T5817] cgroup: Unknown subsys name 'net'
[   66.937438][ T5817] cgroup: Unknown subsys name 'cpuset'
[   66.945827][ T5817] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   68.329031][ T5817] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   70.797751][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   70.806394][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.815496][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   70.823342][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   70.830962][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   70.831909][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   70.838900][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   70.855841][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   70.863974][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   70.871408][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   70.878762][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   70.879441][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   70.895105][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   70.895273][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.906265][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   70.910516][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.917725][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   70.925009][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.937991][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   70.939260][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.952460][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   70.953983][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   70.962671][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   70.984377][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   70.986411][ T5828] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   71.428930][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[   71.435459][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[   71.614820][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   71.691879][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   71.787553][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   71.848735][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   71.939771][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   72.006590][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.013821][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.021212][ T5849] bridge_slave_0: entered allmulticast mode
[   72.029005][ T5849] bridge_slave_0: entered promiscuous mode
[   72.037433][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.044595][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.051768][ T5850] bridge_slave_0: entered allmulticast mode
[   72.058919][ T5850] bridge_slave_0: entered promiscuous mode
[   72.095603][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.102737][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.110606][ T5849] bridge_slave_1: entered allmulticast mode
[   72.117659][ T5849] bridge_slave_1: entered promiscuous mode
[   72.124771][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.131868][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.139509][ T5850] bridge_slave_1: entered allmulticast mode
[   72.146680][ T5850] bridge_slave_1: entered promiscuous mode
[   72.227385][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.234633][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.241779][ T5845] bridge_slave_0: entered allmulticast mode
[   72.248958][ T5845] bridge_slave_0: entered promiscuous mode
[   72.284262][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.291374][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.298916][ T5848] bridge_slave_0: entered allmulticast mode
[   72.306499][ T5848] bridge_slave_0: entered promiscuous mode
[   72.314211][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.321317][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.329106][ T5845] bridge_slave_1: entered allmulticast mode
[   72.336125][ T5845] bridge_slave_1: entered promiscuous mode
[   72.345941][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.357860][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.371959][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.379309][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.386487][ T5848] bridge_slave_1: entered allmulticast mode
[   72.393394][ T5848] bridge_slave_1: entered promiscuous mode
[   72.423836][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.436314][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.530850][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.544168][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.566457][ T5850] team0: Port device team_slave_0 added
[   72.574283][ T5849] team0: Port device team_slave_0 added
[   72.580361][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.587788][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.595428][ T5846] bridge_slave_0: entered allmulticast mode
[   72.602315][ T5846] bridge_slave_0: entered promiscuous mode
[   72.611812][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.623300][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.647759][ T5850] team0: Port device team_slave_1 added
[   72.669240][ T5849] team0: Port device team_slave_1 added
[   72.675450][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.682572][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.690105][ T5846] bridge_slave_1: entered allmulticast mode
[   72.697515][ T5846] bridge_slave_1: entered promiscuous mode
[   72.791021][ T5845] team0: Port device team_slave_0 added
[   72.797965][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.805372][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   72.831341][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.856135][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.869603][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.880174][ T5848] team0: Port device team_slave_0 added
[   72.887845][ T5845] team0: Port device team_slave_1 added
[   72.895094][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.902038][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   72.928045][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.939614][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.946903][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   72.972860][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.996906][ T5848] team0: Port device team_slave_1 added
[   73.024849][   T52] Bluetooth: hci0: command tx timeout
[   73.024853][ T5836] Bluetooth: hci3: command tx timeout
[   73.025108][ T5828] Bluetooth: hci4: command tx timeout
[   73.030550][ T5841] Bluetooth: hci2: command tx timeout
[   73.056483][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.063449][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.090180][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.103713][ T5841] Bluetooth: hci1: command tx timeout
[   73.118915][ T5846] team0: Port device team_slave_0 added
[   73.138222][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.145294][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.172092][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.202628][ T5846] team0: Port device team_slave_1 added
[   73.209894][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.217359][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.243679][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.256417][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.263384][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.289654][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.334014][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.340967][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.368101][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.448651][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.455667][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.482645][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.499518][ T5850] hsr_slave_0: entered promiscuous mode
[   73.506301][ T5850] hsr_slave_1: entered promiscuous mode
[   73.526528][ T5849] hsr_slave_0: entered promiscuous mode
[   73.532744][ T5849] hsr_slave_1: entered promiscuous mode
[   73.539579][ T5849] debugfs: 'hsr0' already exists in 'hsr'
[   73.545583][ T5849] Cannot create hsr debugfs directory
[   73.561930][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.569184][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.595290][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.625314][ T5845] hsr_slave_0: entered promiscuous mode
[   73.631990][ T5845] hsr_slave_1: entered promiscuous mode
[   73.638441][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   73.644334][ T5845] Cannot create hsr debugfs directory
[   73.655476][ T5848] hsr_slave_0: entered promiscuous mode
[   73.661704][ T5848] hsr_slave_1: entered promiscuous mode
[   73.668285][ T5848] debugfs: 'hsr0' already exists in 'hsr'
[   73.674095][ T5848] Cannot create hsr debugfs directory
[   73.869547][ T5846] hsr_slave_0: entered promiscuous mode
[   73.876005][ T5846] hsr_slave_1: entered promiscuous mode
[   73.881998][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[   73.888318][ T5846] Cannot create hsr debugfs directory
[   74.354821][ T5849] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   74.372413][ T5849] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   74.390244][ T5849] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   74.401243][ T5849] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   74.456799][ T5850] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   74.471105][ T5850] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   74.483309][ T5850] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   74.506868][ T5850] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.587222][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   74.601799][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   74.617236][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   74.627038][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   74.693280][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.735650][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   74.747567][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   74.758194][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   74.768345][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   74.802730][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   74.876532][ T2977] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.883825][ T2977] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.899586][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.906802][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.940302][ T5848] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   74.963694][ T5848] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   74.976328][ T5848] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   74.989233][ T5848] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   75.106172][ T5841] Bluetooth: hci4: command tx timeout
[   75.106192][ T5828] Bluetooth: hci2: command tx timeout
[   75.106219][   T52] Bluetooth: hci3: command tx timeout
[   75.111623][ T5828] Bluetooth: hci0: command tx timeout
[   75.142188][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.184441][ T5841] Bluetooth: hci1: command tx timeout
[   75.205380][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.235937][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   75.259668][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.270794][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.277987][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.293491][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.300701][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.314877][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   75.342342][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.349539][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.360393][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.367532][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.380603][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.403302][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   75.439380][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.446507][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.469874][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.490085][ T3581] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.497271][ T3581] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.558436][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   75.617405][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.624628][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.636158][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.643264][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.670555][ T5849] veth0_vlan: entered promiscuous mode
[   75.698809][ T5849] veth1_vlan: entered promiscuous mode
[   75.764677][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.776381][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.808687][ T5849] veth0_macvtap: entered promiscuous mode
[   75.832034][ T5849] veth1_macvtap: entered promiscuous mode
[   75.887460][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.920407][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.951286][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.961936][ T5850] veth0_vlan: entered promiscuous mode
[   75.972438][ T5845] veth0_vlan: entered promiscuous mode
[   75.985821][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.005516][ T1144] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.015282][ T1144] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.045022][ T1144] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.054551][ T1144] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.067131][ T5850] veth1_vlan: entered promiscuous mode
[   76.081521][ T5845] veth1_vlan: entered promiscuous mode
[   76.184619][ T3488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.203443][ T3488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.225396][ T5846] veth0_vlan: entered promiscuous mode
[   76.239781][ T5848] veth0_vlan: entered promiscuous mode
[   76.264076][ T5848] veth1_vlan: entered promiscuous mode
[   76.275011][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.277720][ T5846] veth1_vlan: entered promiscuous mode
[   76.282854][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.299897][ T5845] veth0_macvtap: entered promiscuous mode
[   76.315429][ T5850] veth0_macvtap: entered promiscuous mode
[   76.339015][ T5845] veth1_macvtap: entered promiscuous mode
[   76.355737][ T5850] veth1_macvtap: entered promiscuous mode
[   76.391083][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.409328][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.425874][ T5849] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   76.447697][ T1144] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.470709][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.481595][ T1144] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.490987][ T1144] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.502330][ T5848] veth0_macvtap: entered promiscuous mode
[   76.538325][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.555629][ T1144] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.570752][ T5846] veth0_macvtap: entered promiscuous mode
[   76.597118][ T5846] veth1_macvtap: entered promiscuous mode
[   76.614759][ T5848] veth1_macvtap: entered promiscuous mode
[   76.639176][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.652168][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.675561][ T3581] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.685461][ T3581] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.778838][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.808100][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.845885][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.853807][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.862382][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.871577][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.880171][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.889381][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.950978][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.974748][ T3488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.997316][ T3488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.020624][ T1144] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.039306][ T1144] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.053836][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.113288][    T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!!
[   77.130700][ T1144] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.141232][ T1144] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.160039][ T3581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.182717][ T3581] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.193652][ T1209] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   77.213164][ T5841] Bluetooth: hci0: command tx timeout
[   77.218644][ T5828] Bluetooth: hci4: command tx timeout
[   77.218713][ T5836] Bluetooth: hci2: command tx timeout
[   77.232098][   T52] Bluetooth: hci3: command tx timeout
[   77.239698][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.264756][   T52] Bluetooth: hci1: command tx timeout
[   77.270866][ T1144] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.272071][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.315363][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.315379][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.323772][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.362864][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.383770][ T1209] usb 4-1: Using ep0 maxpacket: 8
[   77.393235][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.401724][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.414187][ T1209] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[   77.426135][ T1144] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.435155][ T1144] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.443908][ T1209] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   77.505408][ T1209] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   77.518557][ T1144] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.528677][ T1209] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   77.551948][ T1209] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[   77.561345][ T1209] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.569842][ T1209] usb 4-1: Product: syz
[   77.579497][ T1209] usb 4-1: Manufacturer: syz
[   77.619335][ T1209] usb 4-1: SerialNumber: syz
[   77.661224][ T5924] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   77.681281][ T1209] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[   77.684635][ T3488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.705534][ T1209] usbtest 4-1:1.0: Linux user mode ISO test driver
[   77.774098][ T1209] usbtest 4-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[   77.792468][ T3488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.983164][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.992038][ T3488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.000048][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.011219][ T3488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.212327][ T5938] netlink: 'syz.0.1': attribute type 13 has an invalid length.
[   78.220240][ T5827] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   78.248461][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.270411][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.396206][ T5827] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[   78.407048][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.474682][ T5827] usb 3-1: config 0 descriptor??
[   78.526181][ T5938] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   78.710829][ T5946] binder: BINDER_SET_CONTEXT_MGR already set
[   78.720150][ T5946] binder: 5930:5946 ioctl 4018620d 200000000040 returned -16
[   78.743691][ T5827] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[   78.752766][ T5827] [drm:udl_init] *ERROR* Selecting channel failed
[   78.903100][ T5827] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[   78.931810][ T5827] [drm] Initialized udl on minor 2
[   78.953445][ T5827] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[   78.989929][ T5827] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[   79.062793][ T5917] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[   79.090983][ T5827] usb 3-1: USB disconnect, device number 2
[   79.120922][ T5917] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[   79.200938][ T5957] FAULT_INJECTION: forcing a failure.
[   79.200938][ T5957] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   79.217979][ T5956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8'.
[   79.231527][ T5957] CPU: 1 UID: 0 PID: 5957 Comm: syz.4.5 Not tainted syzkaller #0 PREEMPT(full) 
[   79.231553][ T5957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.231569][ T5957] Call Trace:
[   79.231576][ T5957]  <TASK>
[   79.231584][ T5957]  dump_stack_lvl+0x189/0x250
[   79.231611][ T5957]  ? __pfx____ratelimit+0x10/0x10
[   79.231653][ T5957]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.231674][ T5957]  ? __pfx__printk+0x10/0x10
[   79.231698][ T5957]  ? __might_fault+0xb0/0x130
[   79.231731][ T5957]  should_fail_ex+0x414/0x560
[   79.231759][ T5957]  _copy_from_user+0x2d/0xb0
[   79.231781][ T5957]  ___sys_sendmsg+0x158/0x2a0
[   79.231802][ T5957]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.231853][ T5957]  ? __fget_files+0x2a/0x420
[   79.231868][ T5957]  ? __fget_files+0x3a0/0x420
[   79.231892][ T5957]  __sys_sendmmsg+0x227/0x430
[   79.231916][ T5957]  ? __pfx___sys_sendmmsg+0x10/0x10
[   79.231942][ T5957]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   79.231979][ T5957]  ? ksys_write+0x22a/0x250
[   79.232004][ T5957]  ? __pfx_ksys_write+0x10/0x10
[   79.232031][ T5957]  __x64_sys_sendmmsg+0xa0/0xc0
[   79.232050][ T5957]  do_syscall_64+0xfa/0xfa0
[   79.232070][ T5957]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.232090][ T5957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.232106][ T5957]  ? clear_bhb_loop+0x60/0xb0
[   79.232127][ T5957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.232144][ T5957] RIP: 0033:0x7f09f438efc9
[   79.232164][ T5957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.232177][ T5957] RSP: 002b:00007f09f5307038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   79.232196][ T5957] RAX: ffffffffffffffda RBX: 00007f09f45e5fa0 RCX: 00007f09f438efc9
[   79.232208][ T5957] RDX: 0000000000000001 RSI: 0000200000000b40 RDI: 0000000000000003
[   79.232219][ T5957] RBP: 00007f09f5307090 R08: 0000000000000000 R09: 0000000000000000
[   79.232229][ T5957] R10: 000000000608d8d0 R11: 0000000000000246 R12: 0000000000000001
[   79.232239][ T5957] R13: 00007f09f45e6038 R14: 00007f09f45e5fa0 R15: 00007f09f470fa28
[   79.232267][ T5957]  </TASK>
[   79.497137][   T52] Bluetooth: hci0: command tx timeout
[   79.502612][   T52] Bluetooth: hci4: command tx timeout
[   79.508365][   T52] Bluetooth: hci3: command tx timeout
[   79.513805][   T52] Bluetooth: hci2: command tx timeout
[   79.519361][   T52] Bluetooth: hci1: command tx timeout
[   79.763686][ T5917] usb 4-1: USB disconnect, device number 2
[   79.938709][ T5962] FAULT_INJECTION: forcing a failure.
[   79.938709][ T5962] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.026472][ T5962] CPU: 0 UID: 0 PID: 5962 Comm: syz.2.10 Not tainted syzkaller #0 PREEMPT(full) 
[   80.026497][ T5962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.026507][ T5962] Call Trace:
[   80.026514][ T5962]  <TASK>
[   80.026521][ T5962]  dump_stack_lvl+0x189/0x250
[   80.026549][ T5962]  ? __pfx____ratelimit+0x10/0x10
[   80.026570][ T5962]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.026593][ T5962]  ? __pfx__printk+0x10/0x10
[   80.026612][ T5962]  ? __might_fault+0xb0/0x130
[   80.026644][ T5962]  should_fail_ex+0x414/0x560
[   80.026682][ T5962]  _copy_from_user+0x2d/0xb0
[   80.026704][ T5962]  ___sys_sendmsg+0x158/0x2a0
[   80.026726][ T5962]  ? __pfx____sys_sendmsg+0x10/0x10
[   80.026778][ T5962]  ? __fget_files+0x2a/0x420
[   80.026794][ T5962]  ? __fget_files+0x3a0/0x420
[   80.026820][ T5962]  __x64_sys_sendmsg+0x19b/0x260
[   80.026841][ T5962]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   80.026868][ T5962]  ? __pfx_ksys_write+0x10/0x10
[   80.026895][ T5962]  ? do_syscall_64+0xbe/0xfa0
[   80.026920][ T5962]  do_syscall_64+0xfa/0xfa0
[   80.026939][ T5962]  ? lockdep_hardirqs_on+0x9c/0x150
[   80.026960][ T5962]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.026977][ T5962]  ? clear_bhb_loop+0x60/0xb0
[   80.026998][ T5962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.027014][ T5962] RIP: 0033:0x7f9adff8efc9
[   80.027031][ T5962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.027045][ T5962] RSP: 002b:00007f9ae0ec1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.027064][ T5962] RAX: ffffffffffffffda RBX: 00007f9ae01e5fa0 RCX: 00007f9adff8efc9
[   80.027077][ T5962] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000003
[   80.027088][ T5962] RBP: 00007f9ae0ec1090 R08: 0000000000000000 R09: 0000000000000000
[   80.027098][ T5962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.027108][ T5962] R13: 00007f9ae01e6038 R14: 00007f9ae01e5fa0 R15: 00007f9ae030fa28
[   80.027137][ T5962]  </TASK>
[   80.792979][   T30] audit: type=1326 audit(1761112449.173:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5970 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9adff8efc9 code=0x7ffc0000
[   81.001656][   T30] audit: type=1326 audit(1761112449.173:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5970 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9adff8efc9 code=0x7ffc0000
[   81.046882][   T30] audit: type=1326 audit(1761112449.313:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5970 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9adff8d9dc code=0x7ffc0000
[   81.070475][   T30] audit: type=1326 audit(1761112449.313:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5970 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9adff8efc9 code=0x7ffc0000
[   81.154461][   T30] audit: type=1326 audit(1761112449.313:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5970 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9adff8efc9 code=0x7ffc0000
[   81.177656][   T30] audit: type=1326 audit(1761112449.513:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1d798efc9 code=0x7ffc0000
[   81.199916][   T30] audit: type=1326 audit(1761112449.513:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1d798d810 code=0x7ffc0000
[   81.548921][   T30] audit: type=1326 audit(1761112449.513:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1d798d810 code=0x7ffc0000
[   81.576834][   T30] audit: type=1326 audit(1761112449.513:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1d798efc9 code=0x7ffc0000
[   81.600296][   T30] audit: type=1326 audit(1761112449.513:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fd1d798efc9 code=0x7ffc0000
[   81.631352][ T5988] FAULT_INJECTION: forcing a failure.
[   81.631352][ T5988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.735714][ T5988] CPU: 0 UID: 0 PID: 5988 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full) 
[   81.735739][ T5988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.735749][ T5988] Call Trace:
[   81.735757][ T5988]  <TASK>
[   81.735764][ T5988]  dump_stack_lvl+0x189/0x250
[   81.735792][ T5988]  ? __pfx____ratelimit+0x10/0x10
[   81.735813][ T5988]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.735835][ T5988]  ? __pfx__printk+0x10/0x10
[   81.735853][ T5988]  ? __might_fault+0xb0/0x130
[   81.735887][ T5988]  should_fail_ex+0x414/0x560
[   81.735916][ T5988]  _copy_from_user+0x2d/0xb0
[   81.735938][ T5988]  ___sys_sendmsg+0x158/0x2a0
[   81.735959][ T5988]  ? __pfx____sys_sendmsg+0x10/0x10
[   81.736011][ T5988]  ? __fget_files+0x2a/0x420
[   81.736026][ T5988]  ? __fget_files+0x3a0/0x420
[   81.736052][ T5988]  __x64_sys_sendmsg+0x19b/0x260
[   81.736073][ T5988]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   81.736100][ T5988]  ? __pfx_ksys_write+0x10/0x10
[   81.736126][ T5988]  ? do_syscall_64+0xbe/0xfa0
[   81.736151][ T5988]  do_syscall_64+0xfa/0xfa0
[   81.736170][ T5988]  ? lockdep_hardirqs_on+0x9c/0x150
[   81.736190][ T5988]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.736207][ T5988]  ? clear_bhb_loop+0x60/0xb0
[   81.736228][ T5988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.736244][ T5988] RIP: 0033:0x7f9de098efc9
[   81.736260][ T5988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.736273][ T5988] RSP: 002b:00007f9de18ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.736292][ T5988] RAX: ffffffffffffffda RBX: 00007f9de0be5fa0 RCX: 00007f9de098efc9
[   81.736305][ T5988] RDX: 0000000004000000 RSI: 0000200000000200 RDI: 0000000000000003
[   81.736316][ T5988] RBP: 00007f9de18ed090 R08: 0000000000000000 R09: 0000000000000000
[   81.736327][ T5988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.736337][ T5988] R13: 00007f9de0be6038 R14: 00007f9de0be5fa0 R15: 00007f9de0d0fa28
[   81.736366][ T5988]  </TASK>
[   82.011273][ T5994] binder: 5992:5994 ioctl c0189379 200000000040 returned -22
[   82.054541][   T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   82.244161][   T10] usb 2-1: Using ep0 maxpacket: 32
[   82.251048][   T10] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[   82.262509][   T10] usb 2-1: config 0 has no interface number 0
[   82.291738][   T10] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   82.343587][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.362034][   T10] usb 2-1: Product: syz
[   82.405852][ T5998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   82.738772][   T10] usb 2-1: Manufacturer: syz
[   82.748632][   T10] usb 2-1: SerialNumber: syz
[   82.774468][   T10] usb 2-1: config 0 descriptor??
[   82.809221][   T10] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   83.026194][   T10] usb 2-1: qt2_attach - failed to power on unit: -71
[   83.033046][   T10] quatech2 2-1:0.51: probe with driver quatech2 failed with error -71
[   83.082173][   T10] usb 2-1: USB disconnect, device number 2
[   83.402150][ T6004] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   83.720681][ T6013] netlink: 28 bytes leftover after parsing attributes in process `syz.1.25'.
[   83.731251][ T6013] openvswitch: netlink: Flow key attr not present in new flow.
[   83.937150][ T6019] FAULT_INJECTION: forcing a failure.
[   83.937150][ T6019] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.959380][ T6019] CPU: 1 UID: 0 PID: 6019 Comm: syz.1.27 Not tainted syzkaller #0 PREEMPT(full) 
[   83.959403][ T6019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   83.959413][ T6019] Call Trace:
[   83.959421][ T6019]  <TASK>
[   83.959429][ T6019]  dump_stack_lvl+0x189/0x250
[   83.959456][ T6019]  ? __pfx____ratelimit+0x10/0x10
[   83.959476][ T6019]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.959499][ T6019]  ? __pfx__printk+0x10/0x10
[   83.959517][ T6019]  ? __might_fault+0xb0/0x130
[   83.959550][ T6019]  should_fail_ex+0x414/0x560
[   83.959586][ T6019]  _copy_from_user+0x2d/0xb0
[   83.959608][ T6019]  ___sys_sendmsg+0x158/0x2a0
[   83.959629][ T6019]  ? __pfx____sys_sendmsg+0x10/0x10
[   83.959682][ T6019]  ? __fget_files+0x2a/0x420
[   83.959698][ T6019]  ? __fget_files+0x3a0/0x420
[   83.959724][ T6019]  __x64_sys_sendmsg+0x19b/0x260
[   83.959745][ T6019]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   83.959773][ T6019]  ? __pfx_ksys_write+0x10/0x10
[   83.959800][ T6019]  ? do_syscall_64+0xbe/0xfa0
[   83.959824][ T6019]  do_syscall_64+0xfa/0xfa0
[   83.959844][ T6019]  ? lockdep_hardirqs_on+0x9c/0x150
[   83.959864][ T6019]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.959882][ T6019]  ? clear_bhb_loop+0x60/0xb0
[   83.959903][ T6019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.959920][ T6019] RIP: 0033:0x7f80cff8efc9
[   83.959935][ T6019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.959949][ T6019] RSP: 002b:00007f80d0e16038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.959968][ T6019] RAX: ffffffffffffffda RBX: 00007f80d01e5fa0 RCX: 00007f80cff8efc9
[   83.959981][ T6019] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[   83.959992][ T6019] RBP: 00007f80d0e16090 R08: 0000000000000000 R09: 0000000000000000
[   83.960002][ T6019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.960012][ T6019] R13: 00007f80d01e6038 R14: 00007f80d01e5fa0 R15: 00007f80d030fa28
[   83.960043][ T6019]  </TASK>
[   84.053642][   T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   84.501123][ T6025] FAULT_INJECTION: forcing a failure.
[   84.501123][ T6025] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.506654][ T6023] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[   84.584226][ T6025] CPU: 0 UID: 0 PID: 6025 Comm: syz.3.30 Not tainted syzkaller #0 PREEMPT(full) 
[   84.584251][ T6025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   84.584261][ T6025] Call Trace:
[   84.584268][ T6025]  <TASK>
[   84.584275][ T6025]  dump_stack_lvl+0x189/0x250
[   84.584303][ T6025]  ? __pfx____ratelimit+0x10/0x10
[   84.584324][ T6025]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.584346][ T6025]  ? __pfx__printk+0x10/0x10
[   84.584364][ T6025]  ? __might_fault+0xb0/0x130
[   84.584396][ T6025]  should_fail_ex+0x414/0x560
[   84.584424][ T6025]  _copy_from_user+0x2d/0xb0
[   84.584446][ T6025]  ___sys_sendmsg+0x158/0x2a0
[   84.584467][ T6025]  ? __pfx____sys_sendmsg+0x10/0x10
[   84.584519][ T6025]  ? __fget_files+0x2a/0x420
[   84.584540][ T6025]  ? __fget_files+0x3a0/0x420
[   84.584567][ T6025]  __x64_sys_sendmsg+0x19b/0x260
[   84.584587][ T6025]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   84.584614][ T6025]  ? __pfx_ksys_write+0x10/0x10
[   84.584641][ T6025]  ? do_syscall_64+0xbe/0xfa0
[   84.584665][ T6025]  do_syscall_64+0xfa/0xfa0
[   84.584684][ T6025]  ? lockdep_hardirqs_on+0x9c/0x150
[   84.584705][ T6025]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.584722][ T6025]  ? clear_bhb_loop+0x60/0xb0
[   84.584742][ T6025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.584758][ T6025] RIP: 0033:0x7fd1d798efc9
[   84.584774][ T6025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.584788][ T6025] RSP: 002b:00007fd1d88a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.584806][ T6025] RAX: ffffffffffffffda RBX: 00007fd1d7be5fa0 RCX: 00007fd1d798efc9
[   84.584818][ T6025] RDX: 0000000000000040 RSI: 0000200000000280 RDI: 0000000000000003
[   84.584828][ T6025] RBP: 00007fd1d88a1090 R08: 0000000000000000 R09: 0000000000000000
[   84.584839][ T6025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.584849][ T6025] R13: 00007fd1d7be6038 R14: 00007fd1d7be5fa0 R15: 00007fd1d7d0fa28
[   84.584879][ T6025]  </TASK>
[   84.855850][   T10] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[   84.866205][   T10] usb 1-1: config 3 has 1 interface, different from the descriptor's value: 2
[   84.875181][   T10] usb 1-1: config 3 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   84.970045][   T10] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   84.979155][   T10] usb 1-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3
[   84.987154][   T10] usb 1-1: Product: syz
[   84.991587][   T10] usb 1-1: Manufacturer: syz
[   84.996252][   T10] usb 1-1: SerialNumber: syz
[   85.204690][ T6033] 
: renamed from bridge_slave_0 (while UP)
[   85.484815][   T10] cdc_ncm 1-1:3.0: invalid descriptor buffer length
[   85.493405][   T10] cdc_ncm 1-1:3.0: CDC Union missing and no IAD found
[   85.546626][   T10] cdc_ncm 1-1:3.0: bind() failure
[   85.659799][   T10] usb 1-1: USB disconnect, device number 2
[   86.443629][ T1209] usb 1-1: new low-speed USB device number 3 using dummy_hcd
[   86.818210][ T3095] cfg80211: failed to load regulatory.db
[   86.841684][ T6059] netlink: zone id is out of range
[   86.864013][ T6059] netlink: set zone limit has 8 unknown bytes
[   87.689008][ T6076] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'.
[   87.896834][ T6077] netlink: 'syz.1.41': attribute type 10 has an invalid length.
[   88.217120][ T6077] team0: Port device dummy0 added
[   88.711982][ T5922] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   88.735229][   T30] kauditd_printk_skb: 15 callbacks suppressed
[   88.735246][   T30] audit: type=1326 audit(1761112457.093:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   88.763315][    C1] vkms_vblank_simulate: vblank timer overrun
[   88.825978][   T30] audit: type=1326 audit(1761112457.103:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f80cff8d810 code=0x7ffc0000
[   88.993661][ T5922] usb 1-1: Using ep0 maxpacket: 8
[   89.011196][ T5922] usb 1-1: config 0 has too many interfaces: 190, using maximum allowed: 32
[   89.020881][ T5922] usb 1-1: config 0 has an invalid interface number: 224 but max is 189
[   89.029796][ T5922] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 190
[   89.046749][   T30] audit: type=1326 audit(1761112457.103:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f80cff8d810 code=0x7ffc0000
[   89.099375][ T5922] usb 1-1: config 0 has no interface number 0
[   89.132327][ T5922] usb 1-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice= 3.0e
[   89.158192][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.166760][   T30] audit: type=1326 audit(1761112457.103:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   89.244457][ T5922] usb 1-1: config 0 descriptor??
[   89.307000][   T30] audit: type=1326 audit(1761112457.103:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   89.329003][    C1] vkms_vblank_simulate: vblank timer overrun
[   89.676496][   T30] audit: type=1326 audit(1761112457.103:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   89.699990][   T30] audit: type=1326 audit(1761112457.103:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   89.742174][   T30] audit: type=1400 audit(1761112457.103:34): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=6085 comm="syz.1.43"
[   89.778655][   T30] audit: type=1326 audit(1761112457.103:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   89.818185][   T30] audit: type=1326 audit(1761112457.113:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.1.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80cff8efc9 code=0x7ffc0000
[   90.171508][ T6100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.46'.
[   91.066145][ T5922] usb 1-1: USB disconnect, device number 4
[   91.669304][ T1209] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   91.904173][ T1209] usb 3-1: Using ep0 maxpacket: 32
[   91.911687][ T1209] usb 3-1: too many configurations: 17, using maximum allowed: 8
[   91.925734][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   91.957560][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.092411][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.152155][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.182326][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.220630][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.239585][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.251961][ T1209] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.262500][ T1209] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   92.273617][ T5927] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   92.380750][ T6134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.55'.
[   92.394327][ T6135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.54'.
[   92.413740][ T1209] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.438192][ T1209] usb 3-1: config 0 descriptor??
[   92.520995][ T1209] hub 3-1:0.0: Invalid hub with more than one config or interface
[   92.533607][ T1209] hub 3-1:0.0: probe with driver hub failed with error -22
[   92.748436][ T6120] loop8: detected capacity change from 0 to 7
[   92.824607][ T5927] usb 5-1: Using ep0 maxpacket: 16
[   92.904036][ T6120] Dev loop8: unable to read RDB block 7
[   92.951729][ T5927] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   93.006700][ T6120]  loop8: unable to read partition table
[   93.024890][ T6120] loop8: partition table beyond EOD, truncated
[   93.112871][ T5927] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   93.124169][ T6120] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[   93.172126][ T3095] usb 3-1: USB disconnect, device number 3
[   93.287100][ T5927] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   93.339192][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.354321][ T5927] usb 5-1: Product: syz
[   93.371448][ T5927] usb 5-1: Manufacturer: syz
[   93.376695][ T5927] usb 5-1: SerialNumber: syz
[   94.087172][ T6147] FAULT_INJECTION: forcing a failure.
[   94.087172][ T6147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.222917][ T6147] CPU: 0 UID: 0 PID: 6147 Comm: syz.2.58 Not tainted syzkaller #0 PREEMPT(full) 
[   94.222942][ T6147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   94.222950][ T6147] Call Trace:
[   94.222956][ T6147]  <TASK>
[   94.222964][ T6147]  dump_stack_lvl+0x189/0x250
[   94.222993][ T6147]  ? __pfx____ratelimit+0x10/0x10
[   94.223015][ T6147]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.223037][ T6147]  ? __pfx__printk+0x10/0x10
[   94.223049][ T6147]  ? __might_fault+0xb0/0x130
[   94.223068][ T6147]  should_fail_ex+0x414/0x560
[   94.223085][ T6147]  _copy_from_user+0x2d/0xb0
[   94.223098][ T6147]  ___sys_sendmsg+0x158/0x2a0
[   94.223119][ T6147]  ? __pfx____sys_sendmsg+0x10/0x10
[   94.223172][ T6147]  ? __fget_files+0x2a/0x420
[   94.223188][ T6147]  ? __fget_files+0x3a0/0x420
[   94.223203][ T6147]  __sys_sendmmsg+0x227/0x430
[   94.223216][ T6147]  ? __pfx___sys_sendmmsg+0x10/0x10
[   94.223231][ T6147]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   94.223268][ T6147]  __x64_sys_sendmmsg+0xa0/0xc0
[   94.223289][ T6147]  do_syscall_64+0xfa/0xfa0
[   94.223309][ T6147]  ? lockdep_hardirqs_on+0x9c/0x150
[   94.223329][ T6147]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.223343][ T6147]  ? clear_bhb_loop+0x60/0xb0
[   94.223355][ T6147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.223364][ T6147] RIP: 0033:0x7f9adff8efc9
[   94.223374][ T6147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.223383][ T6147] RSP: 002b:00007f9ae0ec1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   94.223394][ T6147] RAX: ffffffffffffffda RBX: 00007f9ae01e5fa0 RCX: 00007f9adff8efc9
[   94.223403][ T6147] RDX: 0000000000000001 RSI: 0000200000002440 RDI: 0000000000000003
[   94.223413][ T6147] RBP: 00007f9ae0ec1090 R08: 0000000000000000 R09: 0000000000000000
[   94.223423][ T6147] R10: 0000000004000805 R11: 0000000000000246 R12: 0000000000000001
[   94.223434][ T6147] R13: 00007f9ae01e6038 R14: 00007f9ae01e5fa0 R15: 00007f9ae030fa28
[   94.223464][ T6147]  </TASK>
[   94.267744][ T6148] netlink: zone id is out of range
[   94.473959][ T6148] netlink: set zone limit has 8 unknown bytes
[   95.073355][ T5927] usb 5-1: cannot find UAC_HEADER
[   95.462471][ T5927] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[   95.515455][ T5927] usb 5-1: USB disconnect, device number 2
[   95.545867][ T5925] udevd[5925]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   95.633228][ T6178] FAULT_INJECTION: forcing a failure.
[   95.633228][ T6178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.715425][ T6178] CPU: 0 UID: 0 PID: 6178 Comm: syz.2.68 Not tainted syzkaller #0 PREEMPT(full) 
[   95.715449][ T6178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.715459][ T6178] Call Trace:
[   95.715466][ T6178]  <TASK>
[   95.715473][ T6178]  dump_stack_lvl+0x189/0x250
[   95.715500][ T6178]  ? __pfx____ratelimit+0x10/0x10
[   95.715519][ T6178]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.715540][ T6178]  ? __pfx__printk+0x10/0x10
[   95.715575][ T6178]  should_fail_ex+0x414/0x560
[   95.715604][ T6178]  _copy_from_user+0x2d/0xb0
[   95.715623][ T6178]  copy_from_sockptr+0x5e/0xa0
[   95.715640][ T6178]  packet_setsockopt+0xa14/0x12c0
[   95.715665][ T6178]  ? __pfx_packet_setsockopt+0x10/0x10
[   95.715687][ T6178]  ? vfs_write+0x956/0xb30
[   95.715710][ T6178]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.715735][ T6178]  ? aa_sk_perm+0x81e/0x950
[   95.715760][ T6178]  ? __pfx_aa_sk_perm+0x10/0x10
[   95.715776][ T6178]  ? do_sys_openat2+0x154/0x1c0
[   95.715796][ T6178]  ? aa_sock_opt_perm+0xff/0x1b0
[   95.715822][ T6178]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[   95.715838][ T6178]  ? __pfx_packet_setsockopt+0x10/0x10
[   95.715861][ T6178]  do_sock_setsockopt+0x17c/0x1b0
[   95.715883][ T6178]  __x64_sys_setsockopt+0x13f/0x1b0
[   95.715902][ T6178]  do_syscall_64+0xfa/0xfa0
[   95.715921][ T6178]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.715941][ T6178]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.715958][ T6178]  ? clear_bhb_loop+0x60/0xb0
[   95.715977][ T6178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.715992][ T6178] RIP: 0033:0x7f9adff8efc9
[   95.716007][ T6178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.716020][ T6178] RSP: 002b:00007f9ae0ec1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   95.716039][ T6178] RAX: ffffffffffffffda RBX: 00007f9ae01e5fa0 RCX: 00007f9adff8efc9
[   95.716051][ T6178] RDX: 0000000000000008 RSI: 0000000000000107 RDI: 0000000000000003
[   95.716061][ T6178] RBP: 00007f9ae0ec1090 R08: 0000000000000004 R09: 0000000000000000
[   95.716071][ T6178] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[   95.716080][ T6178] R13: 00007f9ae01e6038 R14: 00007f9ae01e5fa0 R15: 00007f9ae030fa28
[   95.716106][ T6178]  </TASK>
[   95.943602][    C0] vkms_vblank_simulate: vblank timer overrun
[   96.311192][ T6187] FAULT_INJECTION: forcing a failure.
[   96.311192][ T6187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.346316][ T6187] CPU: 1 UID: 0 PID: 6187 Comm: syz.0.70 Not tainted syzkaller #0 PREEMPT(full) 
[   96.346340][ T6187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.346350][ T6187] Call Trace:
[   96.346357][ T6187]  <TASK>
[   96.346364][ T6187]  dump_stack_lvl+0x189/0x250
[   96.346392][ T6187]  ? __pfx____ratelimit+0x10/0x10
[   96.346413][ T6187]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.346436][ T6187]  ? __pfx__printk+0x10/0x10
[   96.346454][ T6187]  ? __might_fault+0xb0/0x130
[   96.346495][ T6187]  should_fail_ex+0x414/0x560
[   96.346524][ T6187]  _copy_from_user+0x2d/0xb0
[   96.346546][ T6187]  ___sys_sendmsg+0x158/0x2a0
[   96.346568][ T6187]  ? __pfx____sys_sendmsg+0x10/0x10
[   96.346620][ T6187]  ? __fget_files+0x2a/0x420
[   96.346636][ T6187]  ? __fget_files+0x3a0/0x420
[   96.346661][ T6187]  __x64_sys_sendmsg+0x19b/0x260
[   96.346681][ T6187]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   96.346708][ T6187]  ? __pfx_ksys_write+0x10/0x10
[   96.346735][ T6187]  ? do_syscall_64+0xbe/0xfa0
[   96.346760][ T6187]  do_syscall_64+0xfa/0xfa0
[   96.346780][ T6187]  ? lockdep_hardirqs_on+0x9c/0x150
[   96.346801][ T6187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.346819][ T6187]  ? clear_bhb_loop+0x60/0xb0
[   96.346840][ T6187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.346856][ T6187] RIP: 0033:0x7f9de098efc9
[   96.346872][ T6187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.346886][ T6187] RSP: 002b:00007f9de18ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.346905][ T6187] RAX: ffffffffffffffda RBX: 00007f9de0be5fa0 RCX: 00007f9de098efc9
[   96.346917][ T6187] RDX: 0000000024008884 RSI: 0000200000003b80 RDI: 0000000000000003
[   96.346926][ T6187] RBP: 00007f9de18ed090 R08: 0000000000000000 R09: 0000000000000000
[   96.346935][ T6187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.346945][ T6187] R13: 00007f9de0be6038 R14: 00007f9de0be5fa0 R15: 00007f9de0d0fa28
[   96.346975][ T6187]  </TASK>
[   96.707186][ T6196] netlink: zone id is out of range
[   96.733814][ T6196] netlink: set zone limit has 8 unknown bytes
[   96.890402][ T6200] FAULT_INJECTION: forcing a failure.
[   96.890402][ T6200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.959752][ T6200] CPU: 0 UID: 0 PID: 6200 Comm: syz.3.74 Not tainted syzkaller #0 PREEMPT(full) 
[   96.959775][ T6200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.959784][ T6200] Call Trace:
[   96.959791][ T6200]  <TASK>
[   96.959798][ T6200]  dump_stack_lvl+0x189/0x250
[   96.959825][ T6200]  ? __pfx____ratelimit+0x10/0x10
[   96.959845][ T6200]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.959867][ T6200]  ? __pfx__printk+0x10/0x10
[   96.959884][ T6200]  ? __might_fault+0xb0/0x130
[   96.959917][ T6200]  should_fail_ex+0x414/0x560
[   96.959946][ T6200]  _copy_from_user+0x2d/0xb0
[   96.959969][ T6200]  ___sys_sendmsg+0x158/0x2a0
[   96.959991][ T6200]  ? __pfx____sys_sendmsg+0x10/0x10
[   96.960042][ T6200]  ? __fget_files+0x2a/0x420
[   96.960058][ T6200]  ? __fget_files+0x3a0/0x420
[   96.960084][ T6200]  __x64_sys_sendmsg+0x19b/0x260
[   96.960102][ T6200]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   96.960128][ T6200]  ? __pfx_ksys_write+0x10/0x10
[   96.960155][ T6200]  ? do_syscall_64+0xbe/0xfa0
[   96.960178][ T6200]  do_syscall_64+0xfa/0xfa0
[   96.960195][ T6200]  ? lockdep_hardirqs_on+0x9c/0x150
[   96.960216][ T6200]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.960232][ T6200]  ? clear_bhb_loop+0x60/0xb0
[   96.960252][ T6200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.960268][ T6200] RIP: 0033:0x7fd1d798efc9
[   96.960284][ T6200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.960298][ T6200] RSP: 002b:00007fd1d88a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.960315][ T6200] RAX: ffffffffffffffda RBX: 00007fd1d7be5fa0 RCX: 00007fd1d798efc9
[   96.960327][ T6200] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   96.960336][ T6200] RBP: 00007fd1d88a1090 R08: 0000000000000000 R09: 0000000000000000
[   96.960345][ T6200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.960356][ T6200] R13: 00007fd1d7be6038 R14: 00007fd1d7be5fa0 R15: 00007fd1d7d0fa28
[   96.960385][ T6200]  </TASK>
[   97.162125][    C0] vkms_vblank_simulate: vblank timer overrun
[   97.553903][ T6214] netlink: 'syz.1.78': attribute type 2 has an invalid length.
[   97.623851][ T5955] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   97.794066][ T5955] usb 4-1: Using ep0 maxpacket: 8
[   97.822816][ T5955] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[   97.833082][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.847329][ T5955] usb 4-1: Product: syz
[   97.858504][ T5955] usb 4-1: Manufacturer: syz
[   97.877841][ T5955] usb 4-1: SerialNumber: syz
[   97.885614][ T5955] usb 4-1: config 0 descriptor??
[   97.902000][ T5955] gspca_main: se401-2.14.0 probing 047d:5003
[   98.023742][ T3095] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   98.197635][ T3095] usb 1-1: Using ep0 maxpacket: 32
[   98.220342][ T3095] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[   98.244100][ T3095] usb 1-1: config 0 has no interface number 0
[   98.270280][ T3095] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   98.280378][ T3095] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.289371][ T3095] usb 1-1: Product: syz
[   98.300307][ T5955] gspca_se401: ExtraFeatures: 255
[   98.306237][ T5955] gspca_se401: Too many frame sizes
[   98.315092][ T3095] usb 1-1: Manufacturer: syz
[   98.322943][ T3095] usb 1-1: SerialNumber: syz
[   98.347078][ T3095] usb 1-1: config 0 descriptor??
[   98.369170][ T3095] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   98.540608][ T6209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.550097][ T6209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.604013][ T6236] netlink: 40 bytes leftover after parsing attributes in process `syz.1.83'.
[   98.618588][ T3095] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[   98.661834][ T3095] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[   99.005137][ T6241] netlink: 'syz.4.84': attribute type 13 has an invalid length.
[   99.130629][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[   99.132001][ T5922] usb 1-1: USB disconnect, device number 5
[   99.202972][ T5922] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[   99.248066][ T6241] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   99.312635][ T6232] delete_channel: no stack
[   99.403751][ T5922] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[   99.465617][ T5922] quatech2 1-1:0.51: device disconnected
[   99.872729][ T6246] netlink: 'syz.2.85': attribute type 13 has an invalid length.
[  100.563018][ T6246] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.919869][ T5890] usb 4-1: USB disconnect, device number 3
[  102.083894][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  102.304054][   T24] usb 2-1: Using ep0 maxpacket: 8
[  102.315394][   T24] usb 2-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  102.344872][   T24] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  102.371548][   T24] usb 2-1: config 1 has no interface number 1
[  102.385337][   T24] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  102.404514][   T24] usb 2-1: too many endpoints for config 1 interface 2 altsetting 1: 255, using maximum allowed: 30
[  102.450473][   T24] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  102.481312][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  102.490835][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.499087][   T24] usb 2-1: Product: syz
[  102.506204][   T24] usb 2-1: Manufacturer: syz
[  102.518603][   T24] usb 2-1: SerialNumber: syz
[  102.556579][ T6279] netlink: 12 bytes leftover after parsing attributes in process `syz.0.95'.
[  102.586701][ T6279] netlink: 24 bytes leftover after parsing attributes in process `syz.0.95'.
[  102.760705][   T24] usb 2-1: 0:8 : does not exist
[  102.791468][   T24] usb 2-1: USB disconnect, device number 3
[  102.919293][ T5927] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  103.041868][ T5883] udevd[5883]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  103.233581][ T5927] usb 4-1: Using ep0 maxpacket: 8
[  103.464407][ T5927] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  103.555104][ T5927] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.584453][ T5927] usb 4-1: Product: syz
[  103.593591][ T5927] usb 4-1: Manufacturer: syz
[  103.601871][ T6293] netlink: 40 bytes leftover after parsing attributes in process `syz.1.98'.
[  103.940134][ T5927] usb 4-1: SerialNumber: syz
[  103.953910][ T5927] usb 4-1: config 0 descriptor??
[  103.971408][ T5927] gspca_main: sq930x-2.14.0 probing 2770:930c
[  104.082415][ T6295] FAULT_INJECTION: forcing a failure.
[  104.082415][ T6295] name failslab, interval 1, probability 0, space 0, times 0
[  104.134175][ T6295] CPU: 1 UID: 0 PID: 6295 Comm: syz.2.99 Not tainted syzkaller #0 PREEMPT(full) 
[  104.134194][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  104.134202][ T6295] Call Trace:
[  104.134208][ T6295]  <TASK>
[  104.134213][ T6295]  dump_stack_lvl+0x189/0x250
[  104.134231][ T6295]  ? __pfx____ratelimit+0x10/0x10
[  104.134243][ T6295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.134256][ T6295]  ? __pfx__printk+0x10/0x10
[  104.134269][ T6295]  ? __pfx___might_resched+0x10/0x10
[  104.134283][ T6295]  should_fail_ex+0x414/0x560
[  104.134301][ T6295]  should_failslab+0xa8/0x100
[  104.134312][ T6295]  __kmalloc_noprof+0xcb/0x7f0
[  104.134325][ T6295]  ? kfree+0x4d/0x6d0
[  104.134335][ T6295]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  104.134353][ T6295]  tomoyo_realpath_from_path+0xe3/0x5d0
[  104.134368][ T6295]  ? tomoyo_domain+0xd9/0x130
[  104.134385][ T6295]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  104.134396][ T6295]  tomoyo_path_number_perm+0x1e8/0x5a0
[  104.134410][ T6295]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  104.134442][ T6295]  ? __fget_files+0x2a/0x420
[  104.134453][ T6295]  ? __fget_files+0x3a0/0x420
[  104.134461][ T6295]  ? __fget_files+0x2a/0x420
[  104.134472][ T6295]  security_file_ioctl+0xcb/0x2d0
[  104.134485][ T6295]  __se_sys_ioctl+0x47/0x170
[  104.134499][ T6295]  do_syscall_64+0xfa/0xfa0
[  104.134511][ T6295]  ? lockdep_hardirqs_on+0x9c/0x150
[  104.134523][ T6295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.134533][ T6295]  ? clear_bhb_loop+0x60/0xb0
[  104.134550][ T6295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.134560][ T6295] RIP: 0033:0x7f9adff8efc9
[  104.134570][ T6295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.134578][ T6295] RSP: 002b:00007f9ae0ec1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.134593][ T6295] RAX: ffffffffffffffda RBX: 00007f9ae01e5fa0 RCX: 00007f9adff8efc9
[  104.134604][ T6295] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  104.134610][ T6295] RBP: 00007f9ae0ec1090 R08: 0000000000000000 R09: 0000000000000000
[  104.134615][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.134621][ T6295] R13: 00007f9ae01e6038 R14: 00007f9ae01e5fa0 R15: 00007f9ae030fa28
[  104.134638][ T6295]  </TASK>
[  104.136688][ T6295] ERROR: Out of memory at tomoyo_realpath_from_path.
[  104.315551][ T6290] delete_channel: no stack
[  104.599104][ T6276] openvswitch: netlink: Message has 383 unknown bytes.
[  104.884244][ T5927] gspca_sq930x: ucbus_write failed -110
[  105.113553][ T5927] gspca_sq930x: Sensor ov9630 not yet treated
[  105.123735][ T5927] sq930x 4-1:0.0: probe with driver sq930x failed with error -22
[  105.654597][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  105.706421][ T5922] usb 4-1: USB disconnect, device number 4
[  105.833919][   T24] usb 1-1: Using ep0 maxpacket: 16
[  105.859211][   T24] usb 1-1: config 0 has no interfaces?
[  105.896459][   T24] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  105.923638][   T24] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  105.962252][   T24] usb 1-1: Manufacturer: syz
[  105.990325][   T24] usb 1-1: config 0 descriptor??
[  106.652620][ T6325] netlink: 16 bytes leftover after parsing attributes in process `syz.0.103'.
[  106.720513][ T6328] FAULT_INJECTION: forcing a failure.
[  106.720513][ T6328] name failslab, interval 1, probability 0, space 0, times 0
[  106.756128][ T6328] CPU: 0 UID: 0 PID: 6328 Comm: syz.2.107 Not tainted syzkaller #0 PREEMPT(full) 
[  106.756153][ T6328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  106.756163][ T6328] Call Trace:
[  106.756170][ T6328]  <TASK>
[  106.756177][ T6328]  dump_stack_lvl+0x189/0x250
[  106.756203][ T6328]  ? __pfx____ratelimit+0x10/0x10
[  106.756222][ T6328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.756243][ T6328]  ? __pfx__printk+0x10/0x10
[  106.756264][ T6328]  ? __pfx___might_resched+0x10/0x10
[  106.756282][ T6328]  ? fs_reclaim_acquire+0x7d/0x100
[  106.756311][ T6328]  should_fail_ex+0x414/0x560
[  106.756340][ T6328]  should_failslab+0xa8/0x100
[  106.756360][ T6328]  kmem_cache_alloc_node_noprof+0x77/0x710
[  106.756384][ T6328]  ? __alloc_skb+0x112/0x2d0
[  106.756413][ T6328]  __alloc_skb+0x112/0x2d0
[  106.756441][ T6328]  tcp_stream_alloc_skb+0x3d/0x340
[  106.756469][ T6328]  tcp_sendmsg_locked+0x1c7f/0x5540
[  106.756543][ T6328]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  106.756563][ T6328]  ? __local_bh_enable_ip+0x12d/0x1c0
[  106.756586][ T6328]  ? __local_bh_enable_ip+0x12d/0x1c0
[  106.756617][ T6328]  tcp_sendmsg+0x2f/0x50
[  106.756640][ T6328]  __sock_sendmsg+0x19c/0x270
[  106.756665][ T6328]  __sys_sendto+0x3bd/0x520
[  106.756692][ T6328]  ? __pfx___sys_sendto+0x10/0x10
[  106.756713][ T6328]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  106.756749][ T6328]  ? __fget_files+0x3a0/0x420
[  106.756783][ T6328]  ? ksys_write+0x22a/0x250
[  106.756809][ T6328]  ? __pfx_ksys_write+0x10/0x10
[  106.756835][ T6328]  __x64_sys_sendto+0xde/0x100
[  106.756862][ T6328]  do_syscall_64+0xfa/0xfa0
[  106.756883][ T6328]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.756903][ T6328]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.756921][ T6328]  ? clear_bhb_loop+0x60/0xb0
[  106.756942][ T6328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.756958][ T6328] RIP: 0033:0x7f9adff8efc9
[  106.756975][ T6328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.756989][ T6328] RSP: 002b:00007f9ae0ec1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  106.757008][ T6328] RAX: ffffffffffffffda RBX: 00007f9ae01e5fa0 RCX: 00007f9adff8efc9
[  106.757020][ T6328] RDX: 0000000000000501 RSI: 0000200000000580 RDI: 0000000000000003
[  106.757031][ T6328] RBP: 00007f9ae0ec1090 R08: 0000000000000000 R09: 0000000000000000
[  106.757042][ T6328] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000001
[  106.757052][ T6328] R13: 00007f9ae01e6038 R14: 00007f9ae01e5fa0 R15: 00007f9ae030fa28
[  106.757087][ T6328]  </TASK>
[  107.579766][ T6331] netlink: 44 bytes leftover after parsing attributes in process `syz.2.108'.
[  107.603685][ T6331] netlink: 59 bytes leftover after parsing attributes in process `syz.2.108'.
[  107.662153][ T6332] Cannot find set identified by id 0 to match
[  107.690357][ T6332] Zero length message leads to an empty skb
[  107.705030][ T6331] netlink: 59 bytes leftover after parsing attributes in process `syz.2.108'.
[  108.059843][ T6338] FAULT_INJECTION: forcing a failure.
[  108.059843][ T6338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.091215][ T6338] CPU: 0 UID: 0 PID: 6338 Comm: syz.1.111 Not tainted syzkaller #0 PREEMPT(full) 
[  108.091241][ T6338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  108.091251][ T6338] Call Trace:
[  108.091258][ T6338]  <TASK>
[  108.091266][ T6338]  dump_stack_lvl+0x189/0x250
[  108.091294][ T6338]  ? __pfx____ratelimit+0x10/0x10
[  108.091316][ T6338]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.091338][ T6338]  ? __pfx__printk+0x10/0x10
[  108.091356][ T6338]  ? __might_fault+0xb0/0x130
[  108.091390][ T6338]  should_fail_ex+0x414/0x560
[  108.091421][ T6338]  _copy_from_user+0x2d/0xb0
[  108.091443][ T6338]  ___sys_sendmsg+0x158/0x2a0
[  108.091465][ T6338]  ? __pfx____sys_sendmsg+0x10/0x10
[  108.091517][ T6338]  ? __fget_files+0x2a/0x420
[  108.091533][ T6338]  ? __fget_files+0x3a0/0x420
[  108.091559][ T6338]  __x64_sys_sendmsg+0x19b/0x260
[  108.091580][ T6338]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  108.091607][ T6338]  ? __pfx_ksys_write+0x10/0x10
[  108.091634][ T6338]  ? do_syscall_64+0xbe/0xfa0
[  108.091658][ T6338]  do_syscall_64+0xfa/0xfa0
[  108.091678][ T6338]  ? lockdep_hardirqs_on+0x9c/0x150
[  108.091698][ T6338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.091715][ T6338]  ? clear_bhb_loop+0x60/0xb0
[  108.091736][ T6338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.091753][ T6338] RIP: 0033:0x7f80cff8efc9
[  108.091769][ T6338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.091783][ T6338] RSP: 002b:00007f80d0e16038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.091802][ T6338] RAX: ffffffffffffffda RBX: 00007f80d01e5fa0 RCX: 00007f80cff8efc9
[  108.091814][ T6338] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000000000000003
[  108.091825][ T6338] RBP: 00007f80d0e16090 R08: 0000000000000000 R09: 0000000000000000
[  108.091836][ T6338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.091846][ T6338] R13: 00007f80d01e6038 R14: 00007f80d01e5fa0 R15: 00007f80d030fa28
[  108.091875][ T6338]  </TASK>
[  108.751978][ T5890] usb 1-1: USB disconnect, device number 6
[  108.984836][   T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  109.528049][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  109.539819][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  109.597535][   T24] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  109.628619][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.715204][   T24] usb 2-1: Product: syz
[  109.739772][   T24] usb 2-1: Manufacturer: syz
[  109.753385][   T24] usb 2-1: SerialNumber: syz
[  109.784764][   T24] usb 2-1: config 0 descriptor??
[  109.795089][ T6343] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  109.802465][ T6343] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  109.991412][ T6353] netlink: 'syz.2.114': attribute type 1 has an invalid length.
[  110.032937][ T6343] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  110.057544][ T6343] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  110.118947][ T6360] netlink: 11 bytes leftover after parsing attributes in process `syz.2.116'.
[  110.418404][ T5922] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  110.497508][   T24] Error reading MAC address
[  110.613774][ T5922] usb 1-1: Using ep0 maxpacket: 8
[  110.624930][ T5922] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  110.678010][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.695167][ T5922] usb 1-1: Product: syz
[  110.708650][ T5922] usb 1-1: Manufacturer: syz
[  110.742248][ T5922] usb 1-1: SerialNumber: syz
[  110.763176][ T5922] usb 1-1: config 0 descriptor??
[  110.793238][ T5922] gspca_main: sq930x-2.14.0 probing 2770:930c
[  111.125097][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.132719][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.143981][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.194668][ T6354] openvswitch: netlink: Message has 383 unknown bytes.
[  111.195237][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.231302][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.253344][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.286669][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.320587][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.330798][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.340794][ T5927] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  111.681060][ T5922] gspca_sq930x: ucbus_write failed -110
[  111.766424][ T3095] usb 2-1: USB disconnect, device number 4
[  112.041800][ T6397] kvm: pic: non byte read
[  112.047651][ T6397] kvm: pic: level sensitive irq not supported
[  112.047749][ T6397] kvm: pic: non byte read
[  112.142294][ T6397] kvm: pic: level sensitive irq not supported
[  112.142356][ T6397] kvm: pic: non byte read
[  112.176779][ T5927] hid-generic 0006:0004:0009.0001: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0
[  112.207527][ T5922] gspca_sq930x: Sensor ov9630 not yet treated
[  112.246573][ T5922] sq930x 1-1:0.0: probe with driver sq930x failed with error -22
[  112.412641][ T6397] kvm: pic: level sensitive irq not supported
[  112.413341][ T6397] kvm: pic: non byte read
[  112.424700][ T6397] kvm: pic: level sensitive irq not supported
[  112.424761][ T6397] kvm: pic: non byte read
[  113.168736][ T5890] usb 1-1: USB disconnect, device number 7
[  113.322497][ T6400] fido_id[6400]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  113.463627][ T3095] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  113.687231][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.3.127'.
[  113.983834][ T3095] usb 2-1: Using ep0 maxpacket: 16
[  113.992269][ T3095] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  114.193272][ T3095] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  114.266023][ T3095] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  114.288152][ T3095] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.483618][ T3095] usb 2-1: Product: syz
[  114.487831][ T3095] usb 2-1: Manufacturer: syz
[  114.659732][ T3095] usb 2-1: SerialNumber: syz
[  114.885069][ T3095] usb 2-1: config 0 descriptor??
[  114.940894][ T3095] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  125.893683][ T3095] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  130.862418][    C1] sched: DL replenish lagged too much
[  133.067297][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.089915][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.522852][ T3095] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  244.527054][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  244.839575][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  246.893464][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  246.900472][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P6410/1:b..l P3095/1:b..l P5573/1:b..l
[  246.911089][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=12853, q=394067 ncpus=2)
[  246.919096][    C0] task:crond           state:R  running task     stack:24584 pid:5573  tgid:5573  ppid:1      task_flags:0x400000 flags:0x00080001
[  246.933633][    C0] Call Trace:
[  246.936941][    C0]  <TASK>
[  246.939885][    C0]  __schedule+0x1798/0x4cc0
[  246.944451][    C0]  ? __pfx___schedule+0x10/0x10
[  246.949320][    C0]  ? kasan_record_aux_stack+0xbd/0xd0
[  246.954710][    C0]  ? kmem_cache_free+0x4b5/0x690
[  246.959665][    C0]  ? do_filp_open+0x1fa/0x410
[  246.964357][    C0]  ? do_sys_openat2+0x121/0x1c0
[  246.969216][    C0]  ? __x64_sys_openat+0x138/0x170
[  246.974249][    C0]  ? do_syscall_64+0xfa/0xfa0
[  246.978947][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.985035][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  246.990343][    C0]  preempt_schedule_irq+0xb5/0x150
[  246.995469][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  247.001208][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  247.007030][    C0]  irqentry_exit+0x6f/0x90
[  247.011458][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  247.017450][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  247.022745][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 1b cd d0 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  247.042367][    C0] RSP: 0018:ffffc900036c7698 EFLAGS: 00000206
[  247.048461][    C0] RAX: cb9f903a62dc7d00 RBX: 0000000000000000 RCX: cb9f903a62dc7d00
[  247.056442][    C0] RDX: 0000000000000000 RSI: ffffffff8d8f277e RDI: ffffffff8bbf0460
[  247.064427][    C0] RBP: ffffffff81738d25 R08: 0000000000000000 R09: ffffffff81738d25
[  247.072407][    C0] R10: ffffc900036c7858 R11: ffffffff81ac2cb0 R12: 0000000000000002
[  247.080387][    C0] R13: ffffffff8df3d2e0 R14: 0000000000000000 R15: 0000000000000246
[  247.088379][    C0]  ? unwind_next_frame+0xa5/0x2390
[  247.093512][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  247.099681][    C0]  ? unwind_next_frame+0xa5/0x2390
[  247.104819][    C0]  ? unwind_next_frame+0xa5/0x2390
[  247.109944][    C0]  ? save_stack+0xf5/0x1f0
[  247.114372][    C0]  ? unwind_next_frame+0xa5/0x2390
[  247.119506][    C0]  unwind_next_frame+0xc2/0x2390
[  247.124455][    C0]  ? unwind_next_frame+0xa5/0x2390
[  247.129588][    C0]  ? unwind_next_frame+0xa5/0x2390
[  247.134709][    C0]  ? stack_trace_save+0x9c/0xe0
[  247.139577][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  247.145747][    C0]  arch_stack_walk+0x11c/0x150
[  247.150535][    C0]  ? save_stack+0xf5/0x1f0
[  247.154973][    C0]  stack_trace_save+0x9c/0xe0
[  247.159662][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  247.165053][    C0]  save_stack+0xf5/0x1f0
[  247.169314][    C0]  ? __pfx_save_stack+0x10/0x10
[  247.174194][    C0]  ? page_ext_put+0x97/0xc0
[  247.178715][    C0]  __reset_page_owner+0x71/0x1f0
[  247.183665][    C0]  __free_frozen_pages+0xbc4/0xd30
[  247.188800][    C0]  __put_partials+0x146/0x170
[  247.193491][    C0]  put_cpu_partial+0x1f2/0x2e0
[  247.198273][    C0]  __slab_free+0x2b9/0x390
[  247.202700][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  247.208599][    C0]  ? __phys_addr+0xd3/0x180
[  247.213119][    C0]  qlist_free_all+0x97/0x140
[  247.217728][    C0]  kasan_quarantine_reduce+0x148/0x160
[  247.223203][    C0]  __kasan_slab_alloc+0x22/0x80
[  247.228073][    C0]  kmem_cache_alloc_noprof+0x367/0x6e0
[  247.233547][    C0]  ? getname_flags+0xb8/0x540
[  247.238236][    C0]  getname_flags+0xb8/0x540
[  247.242760][    C0]  do_sys_openat2+0xbc/0x1c0
[  247.247365][    C0]  ? __pfx_do_sys_openat2+0x10/0x10
[  247.252581][    C0]  ? rcu_is_watching+0x15/0xb0
[  247.257367][    C0]  __x64_sys_openat+0x138/0x170
[  247.262235][    C0]  do_syscall_64+0xfa/0xfa0
[  247.266857][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  247.272083][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.278157][    C0]  ? clear_bhb_loop+0x60/0xb0
[  247.282848][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.288750][    C0] RIP: 0033:0x7f5cabf2bc3a
[  247.293185][    C0] RSP: 002b:00007fff81ade138 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
[  247.301605][    C0] RAX: ffffffffffffffda RBX: 000056307d3b72a0 RCX: 00007f5cabf2bc3a
[  247.309583][    C0] RDX: 0000000000080000 RSI: 00007f5cabfc845a RDI: 00000000ffffff9c
[  247.317572][    C0] RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001
[  247.325570][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f5cabfc67f4
[  247.333561][    C0] R13: 00007f5cabfc67f4 R14: 0000000000000001 R15: 000000000000003b
[  247.341570][    C0]  </TASK>
[  247.344605][    C0] task:kworker/0:2     state:R  running task     stack:21992 pid:3095  tgid:3095  ppid:2      task_flags:0x4208060 flags:0x00080000
[  247.358193][    C0] Workqueue: usb_hub_wq hub_event
[  247.363249][    C0] Call Trace:
[  247.366531][    C0]  <TASK>
[  247.369470][    C0]  __schedule+0x1798/0x4cc0
[  247.374011][    C0]  ? __pfx___schedule+0x10/0x10
[  247.378871][    C0]  ? usb_probe_interface+0x668/0xc30
[  247.384167][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  247.390339][    C0]  ? arch_stack_walk+0x110/0x150
[  247.395299][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  247.400609][    C0]  preempt_schedule_irq+0xb5/0x150
[  247.405738][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  247.411486][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  247.417309][    C0]  irqentry_exit+0x6f/0x90
[  247.421748][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  247.427747][    C0] RIP: 0010:lock_release+0x2b5/0x3e0
[  247.433042][    C0] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 ab ba d0 10 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
[  247.452831][    C0] RSP: 0018:ffffc9000c396608 EFLAGS: 00000206
[  247.458917][    C0] RAX: 27e0d6a550a6b200 RBX: 0000000000000206 RCX: 27e0d6a550a6b200
[  247.466899][    C0] RDX: 0000000000000007 RSI: ffffffff8d8f277e RDI: ffffffff8bbf0460
[  247.474885][    C0] RBP: ffff88802f5848c8 R08: ffff88801b83e7af R09: 1ffff11003707cf5
[  247.482865][    C0] R10: dffffc0000000000 R11: ffffed1003707cf6 R12: 0000000000000007
[  247.490854][    C0] R13: 0000000000000007 R14: ffffffff8df3d2e0 R15: ffff88802f583c80
[  247.498865][    C0]  ? __page_table_check_zero+0xba/0x530
[  247.504439][    C0]  ? __page_table_check_zero+0xba/0x530
[  247.510004][    C0]  __page_table_check_zero+0x406/0x530
[  247.515478][    C0]  ? __page_table_check_zero+0xba/0x530
[  247.521041][    C0]  __free_frozen_pages+0xbd7/0xd30
[  247.526185][    C0]  __put_partials+0x146/0x170
[  247.530880][    C0]  put_cpu_partial+0x1f2/0x2e0
[  247.535660][    C0]  __slab_free+0x2b9/0x390
[  247.540091][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  247.545997][    C0]  ? __phys_addr+0xd3/0x180
[  247.550523][    C0]  qlist_free_all+0x97/0x140
[  247.555143][    C0]  kasan_quarantine_reduce+0x148/0x160
[  247.560619][    C0]  __kasan_slab_alloc+0x22/0x80
[  247.565494][    C0]  __kmalloc_noprof+0x3c3/0x7f0
[  247.570367][    C0]  ? usb_alloc_urb+0x46/0x150
[  247.575064][    C0]  usb_alloc_urb+0x46/0x150
[  247.579588][    C0]  usb_control_msg+0x118/0x3e0
[  247.584374][    C0]  em28xx_read_reg_req_len+0x159/0x390
[  247.589856][    C0]  em28xx_audio_setup+0x181/0xa70
[  247.594896][    C0]  ? __pfx_em28xx_audio_setup+0x10/0x10
[  247.600453][    C0]  ? __raw_spin_lock_init+0x45/0x100
[  247.605754][    C0]  ? media_device_init+0x280/0x450
[  247.610882][    C0]  em28xx_init_dev+0x915/0x20b0
[  247.615763][    C0]  ? __pfx_em28xx_init_dev+0x10/0x10
[  247.621068][    C0]  ? __pfx__dev_info+0x10/0x10
[  247.625865][    C0]  em28xx_usb_probe+0x14e9/0x2a20
[  247.630937][    C0]  usb_probe_interface+0x668/0xc30
[  247.636070][    C0]  ? __pfx_usb_probe_interface+0x10/0x10
[  247.641710][    C0]  really_probe+0x26d/0x9e0
[  247.646236][    C0]  __driver_probe_device+0x18c/0x2f0
[  247.651535][    C0]  driver_probe_device+0x4f/0x430
[  247.656586][    C0]  __device_attach_driver+0x2ce/0x530
[  247.661975][    C0]  bus_for_each_drv+0x251/0x2e0
[  247.666845][    C0]  ? __pfx___device_attach_driver+0x10/0x10
[  247.672756][    C0]  ? __pfx_bus_for_each_drv+0x10/0x10
[  247.678154][    C0]  __device_attach+0x2b8/0x400
[  247.682933][    C0]  ? __pfx___device_attach+0x10/0x10
[  247.688232][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  247.693444][    C0]  bus_probe_device+0x185/0x260
[  247.698309][    C0]  device_add+0x7b6/0xb50
[  247.702654][    C0]  usb_set_configuration+0x1a87/0x20e0
[  247.708154][    C0]  usb_generic_driver_probe+0x8d/0x150
[  247.713630][    C0]  usb_probe_device+0x1c4/0x390
[  247.718493][    C0]  ? __pfx_usb_probe_device+0x10/0x10
[  247.723878][    C0]  really_probe+0x26d/0x9e0
[  247.728406][    C0]  __driver_probe_device+0x18c/0x2f0
[  247.733707][    C0]  driver_probe_device+0x4f/0x430
[  247.738749][    C0]  __device_attach_driver+0x2ce/0x530
[  247.744142][    C0]  bus_for_each_drv+0x251/0x2e0
[  247.749009][    C0]  ? __pfx___device_attach_driver+0x10/0x10
[  247.754915][    C0]  ? __pfx_bus_for_each_drv+0x10/0x10
[  247.760404][    C0]  __device_attach+0x2b8/0x400
[  247.765181][    C0]  ? __pfx___device_attach+0x10/0x10
[  247.770488][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  247.775714][    C0]  bus_probe_device+0x185/0x260
[  247.780579][    C0]  device_add+0x7b6/0xb50
[  247.784939][    C0]  usb_new_device+0xa39/0x16f0
[  247.789728][    C0]  ? __pfx_usb_new_device+0x10/0x10
[  247.794941][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  247.800153][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  247.805364][    C0]  hub_event+0x2958/0x4a20
[  247.809848][    C0]  ? __pfx_hub_event+0x10/0x10
[  247.814628][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  247.820382][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  247.825592][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  247.831321][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  247.837051][    C0]  process_scheduled_works+0xae1/0x17b0
[  247.842641][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  247.848660][    C0]  worker_thread+0x8a0/0xda0
[  247.853311][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  247.859665][    C0]  ? __kthread_parkme+0x7b/0x200
[  247.864633][    C0]  kthread+0x711/0x8a0
[  247.868722][    C0]  ? __pfx_worker_thread+0x10/0x10
[  247.873850][    C0]  ? __pfx_kthread+0x10/0x10
[  247.878464][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  247.883705][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  247.889000][    C0]  ? __pfx_kthread+0x10/0x10
[  247.893609][    C0]  ret_from_fork+0x4bc/0x870
[  247.898214][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  247.903346][    C0]  ? __switch_to_asm+0x39/0x70
[  247.908134][    C0]  ? __switch_to_asm+0x33/0x70
[  247.912906][    C0]  ? __pfx_kthread+0x10/0x10
[  247.917602][    C0]  ret_from_fork_asm+0x1a/0x30
[  247.922401][    C0]  </TASK>
[  247.925428][    C0] task:syz.2.128       state:R  running task     stack:24584 pid:6410  tgid:6410  ppid:5845   task_flags:0x400040 flags:0x00080003
[  247.938928][    C0] Call Trace:
[  247.942217][    C0]  <TASK>
[  247.945162][    C0]  __schedule+0x1798/0x4cc0
[  247.949722][    C0]  ? __pfx___schedule+0x10/0x10
[  247.954600][    C0]  ? __pfx___schedule+0x10/0x10
[  247.959462][    C0]  ? preempt_schedule+0xae/0xc0
[  247.964320][    C0]  ? cfg80211_mlme_unregister_socket+0x2ce/0x690
[  247.970662][    C0]  preempt_schedule_common+0x83/0xd0
[  247.976056][    C0]  preempt_schedule+0xae/0xc0
[  247.980752][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  247.986143][    C0]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  247.992226][    C0]  preempt_schedule_thunk+0x16/0x30
[  247.997452][    C0]  __local_bh_enable_ip+0x13e/0x1c0
[  248.002760][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  248.008505][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  248.013746][    C0]  ? cfg80211_mlme_unregister_socket+0x2ce/0x690
[  248.020092][    C0]  cfg80211_mlme_unregister_socket+0x2ce/0x690
[  248.026266][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  248.032002][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  248.037222][    C0]  nl80211_netlink_notify+0x356/0x840
[  248.043133][    C0]  ? nl80211_netlink_notify+0x74/0x840
[  248.048606][    C0]  notifier_call_chain+0x1b6/0x3e0
[  248.054261][    C0]  blocking_notifier_call_chain+0x6a/0x90
[  248.060012][    C0]  netlink_release+0x1280/0x1b40
[  248.065009][    C0]  ? netlink_release+0x108/0x1b40
[  248.070078][    C0]  ? __pfx_netlink_release+0x10/0x10
[  248.075395][    C0]  ? down_write+0x162/0x1f0
[  248.079922][    C0]  ? __pfx_down_write+0x10/0x10
[  248.084805][    C0]  sock_close+0xc3/0x240
[  248.089073][    C0]  ? __pfx_sock_close+0x10/0x10
[  248.093946][    C0]  __fput+0x44c/0xa70
[  248.097961][    C0]  task_work_run+0x1d4/0x260
[  248.102570][    C0]  ? __pfx_task_work_run+0x10/0x10
[  248.107711][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  248.113186][    C0]  exit_to_user_mode_loop+0xe9/0x130
[  248.118489][    C0]  do_syscall_64+0x2bd/0xfa0
[  248.123098][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.129177][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  248.135348][    C0]  ? clear_bhb_loop+0x60/0xb0
[  248.140049][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.145979][    C0] RIP: 0033:0x7f9adff8efc9
[  248.150408][    C0] RSP: 002b:00007f9ae030fb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  248.158841][    C0] RAX: 0000000000000000 RBX: 00007f9ae01e7da0 RCX: 00007f9adff8efc9
[  248.166833][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  248.174823][    C0] RBP: 00007f9ae01e7da0 R08: 0000000000001274 R09: 0000001de030fe7f
[  248.182834][    C0] R10: 00007f9ae01e7cb0 R11: 0000000000000246 R12: 000000000001cc40
[  248.190828][    C0] R13: 00007f9ae01e6270 R14: ffffffffffffffff R15: 00007f9ae030fca0
[  248.198841][    C0]  </TASK>
[  254.202389][ T5150] Bluetooth: hci3: command 0x0406 tx timeout
[  254.257018][ T5150] Bluetooth: hci1: command 0x0406 tx timeout
[  254.263110][ T5150] Bluetooth: hci0: command 0x0406 tx timeout
[  254.431605][ T5150] Bluetooth: hci2: command 0x0406 tx timeout
[  254.467812][ T5150] Bluetooth: hci4: command 0x0406 tx timeout
[  255.900536][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.920521][ T1300] ieee802154 phy1 wpan1: encryption failed: -22