last executing test programs:

9.029651317s ago: executing program 4 (id=758):
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r2, 0x10d, 0x8b, 0x0, &(0x7f00000000c0))

8.760074486s ago: executing program 4 (id=760):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
socket$inet6_sctp(0xa, 0x801, 0x84)
r2 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10101}, &(0x7f0000000100), &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000140), &(0x7f0000000040)=<r4=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
syz_emit_ethernet(0x3b6, &(0x7f00000020c0)={@multicast, @random="57f90a2d42b0", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x380, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce5400659808000ffffc0fe4023493b87aafaffffffffffffff2373247202fa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x1f, 0x1, "000600"/12}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c02724796c42e427860c851ce26d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x18, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f019"}, {0x21, 0x7, "fcf98a102ec1876d4e6fa3b20519bbffffffffee00b8d3485ebdb581c9fe68a356f542b043059ff05932e740e077e1d16212fb00000000"}, {0x0, 0x14, "5e14f0e74d2d52cfb3f27fafb60845f90b6dfc87c6905bbc94d33e4575c853105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb1fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c258a6f"}, {0x0, 0x5, "d517fb2cf1a4ffdc1b7e018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000ac0fce405d0500904431000000010902120001000080040904"], 0x0)
io_uring_enter(r2, 0x48e9, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r6 = gettid()
fcntl$lock(r2, 0x24, &(0x7f0000000080)={0x1, 0x4, 0xffffffffffffffac, 0x0, r6})
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x31, &(0x7f0000000200)=0x2e3b0f67, 0x4)
listen(r5, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x4)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b4560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09000000ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=@ipv6_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}}, 0x1c}}, 0x0)

6.502482868s ago: executing program 4 (id=768):
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202"], 0xd)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042c11"], 0x14)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000780), 0x208e24b)
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f0000000340)=""/121, 0x79})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000440), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(twofish)\x00'}, 0x58)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCGSOFTCAR(r4, 0x5416, &(0x7f0000001100))
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x45, 0x2}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}})
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
r6 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000000))
write$char_usb(r5, &(0x7f0000000040)="e2", 0x258)
io_setup(0xd567, &(0x7f0000000100))
read$eventfd(0xffffffffffffffff, &(0x7f0000000040), 0x8)
ioctl$KDMKTONE(r4, 0x4b30, 0x4000000000007)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.327824214s ago: executing program 2 (id=771):
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000002600), 0x0, 0x0)
ppoll(&(0x7f0000002640)=[{r4, 0x286}, {r3}], 0x2, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="a2"], 0x0)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r6, 0x0)
r7 = fcntl$dupfd(r5, 0x0, r5)
ioctl$UFFDIO_CONTINUE(r7, 0xc028aa05, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
getsockopt$inet_int(r2, 0x10d, 0xb8, 0x0, &(0x7f00000000c0))

6.019230332s ago: executing program 4 (id=775):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, 0x0)
mkdir(0x0, 0xfe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0xbaa}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000970000"])
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r8 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r8, 0x89e0, &(0x7f0000000180)={r6, r7})
sendmmsg$inet(r8, &(0x7f0000001500)=[{{0x0, 0xffffffcf, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, 0x0)
r9 = socket$kcm(0x2, 0x0, 0x106)
sendmsg$inet(r9, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4e21, @remote}, 0x10, 0x0}, 0x3000c041)

5.267248554s ago: executing program 2 (id=783):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000085ffffff00000000000002003f000100000000009d"], &(0x7f0000000000)='GPL\x00'}, 0x90)

5.147253561s ago: executing program 2 (id=785):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
read$FUSE(r1, &(0x7f0000001a40)={0x2020, 0x0, 0x0, <r3=>0x0}, 0x2020)
quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000302, r3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r4}, [@IFLA_MTU={0x8, 0x4, 0x100}]}, 0x28}}, 0x0)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000180)={r4, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x20, 0x0, 0x400, 0x264, 0x0, 0x1, 0x6838, '\x00', 0x0, r5, 0x8004, 0x3, 0x5}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001980)={0x0, 0xd, &(0x7f00000004c0)=@raw=[@jmp={0x5, 0x0, 0x7, 0x1, 0x3, 0xfffffffffffffff4, 0xfffffffffffffff0}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1070509}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], &(0x7f0000001400)='syzkaller\x00'}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f0000000340)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}}, @printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_usb_connect$hid(0x0, 0x49, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000040000040341d0a00000000000001090224000100000000090400000103000000092100000001220500090581030000000000"], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x1, "18797792"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
r8 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_int(r8, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r8, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x0, @dev}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, 0x0, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000540)=@bridge_getlink={0xb4, 0x12, 0x100, 0x70bd25, 0x25dfdbff, {0x7, 0x0, 0x0, r4, 0x48080, 0x85}, [@IFLA_VF_PORTS={0x2c, 0x18, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8}]}, {0x4}, {0x4}, {0x14, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x1}, @IFLA_PORT_VF={0x8, 0x1, 0x7f}]}]}, @IFLA_PHYS_PORT_ID={0x1d, 0x22, "831a48bcdc0f24c679f6780d0ef333252269311b8f04ab3e13"}, @IFLA_CARRIER={0x5, 0x21, 0xd}, @IFLA_IFNAME={0x14, 0x3, 'lo\x00'}, @IFLA_EVENT={0x8, 0x2c, 0x4}, @IFLA_EXT_MASK={0x8, 0x1d, 0xffffffff}, @IFLA_ALT_IFNAME={0x14, 0x35, 'rose0\x00'}, @IFLA_NET_NS_FD={0x8, 0x1c, r1}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})

4.852244992s ago: executing program 4 (id=787):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
read$FUSE(r1, &(0x7f0000003a80)={0x2020, 0x0, 0x0, <r3=>0x0}, 0x2020)
quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000302, r3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r4}, [@IFLA_MTU={0x8, 0x4, 0x100}]}, 0x28}}, 0x0)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000180)={r4, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x20, 0x0, 0x400, 0x264, 0x0, 0x1, 0x6838, '\x00', 0x0, r5, 0x8004, 0x3, 0x5}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001980)={0x0, 0xd, &(0x7f00000004c0)=@raw=[@jmp={0x5, 0x0, 0x7, 0x1, 0x3, 0xfffffffffffffff4, 0xfffffffffffffff0}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1070509}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], &(0x7f0000001400)='syzkaller\x00'}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_usb_connect$hid(0x0, 0x49, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000040000040341d0a00000000000001090224000100000000090400000103000000092100000001220500090581030000000000"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x1, "18797792"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
r7 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_int(r7, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r7, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x0, @dev}, 0x10)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f00000007c0)={0x0, 0x1, 0x0, &(0x7f0000000280)=[{}], 0x1, 0x0, &(0x7f0000000440)=[{}], 0x3, 0x0, &(0x7f0000000600)=[{}, {}, {}], 0x7, 0x0, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}]})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="9400000073000059632e2959e96797010e0f126ffa0125bd08000000000000000500723654cc5583054c1582866cbb98c1cb3745cd7bb2a8783b934bd032ae162f982e175dd582268057bf3c010c6f30fce2c70000", @ANYRES32=r4, @ANYBLOB="8080040007410000240018800c0001800800010000000000040001800c00018005000200000000000400018008001d0009000000050021000d000000140003006c6f000000000000000000000000000008002c000600000008001d00ffffffff14003500726f736530000000000000000000000008001c00", @ANYRES32=r1, @ANYBLOB], 0x94}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})

4.570307824s ago: executing program 1 (id=788):
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="043d0eaaaaaaaaaa10bc205c7f30b257b9b56077dac5989b6963cb480ea7646257012a612c62a8a28b2c0e523427815b13ac93285f3cb016c18f150d2f0a89713e22745d7c30db48e9a979b684fdb54c5a5a1ff99485badc283586ed68c90b12e61f56b8fca5bea17ef38a60aa7b0efbf449c5f171c189c3f7c05aac28a8d0e4f3df3f7550692630902fb0bcb3"], 0x11)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x590}}], 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x1ff, 0x142)
write$midi(r2, &(0x7f0000000000)="9172", 0x2)
write$midi(r2, &(0x7f00000001c0)="9d", 0x3001)
write$vhost_msg(r2, &(0x7f0000000600)={0x1, {0x0, 0x0, 0x0}}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x8001000000000000, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0x0, 0x5, 0x148, 0x0, 0x0, 0x1e0, 0x2a8, 0x2a8, 0x1e0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@state={{0x28}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00'}}]}, @common=@unspec=@MARK={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
recvmmsg(r3, &(0x7f0000000dc0)=[{{&(0x7f0000000040)=@x25={0x9, @remote}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000580)=""/130, 0x82}, {&(0x7f00000000c0)}, {&(0x7f0000000100)=""/50, 0x32}, {&(0x7f0000000680)=""/193, 0xc1}, {&(0x7f0000000780)=""/148, 0x94}, {&(0x7f0000000180)=""/110, 0x6e}, {&(0x7f0000000840)=""/131, 0x83}], 0x7}, 0x8}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000440)=""/28, 0x1c}, {&(0x7f0000000480)=""/46, 0x2e}, {&(0x7f0000000900)=""/21, 0x15}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000000940)=""/180, 0xb4}, {&(0x7f0000000a00)=""/53, 0x35}], 0x6, &(0x7f0000000ac0)=""/118, 0x76}, 0x60000}, {{&(0x7f0000000b40)=@pppoe={0x18, 0x0, {0x0, @multicast}}, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000bc0)=""/119, 0x77}, {&(0x7f0000000c40)=""/32, 0x20}], 0x2, &(0x7f0000000cc0)=""/216, 0xd8}, 0x8}], 0x3, 0x100, &(0x7f0000000e80)={0x77359400})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c)
r4 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_INFO(r5, 0x80206433, &(0x7f0000000080)=""/12)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0185647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f903, 0x0, '\x00', @p_u16=0x0}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24)
syz_emit_vhci(0x0, 0x9)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400c031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4002, 0x4005, &(0x7f0000000000)=0xa636, 0x5, 0x0)
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000})
io_uring_setup(0x3c8e, &(0x7f0000000100))

4.359397324s ago: executing program 1 (id=790):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x8000000}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_KEY_LEN={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8}]}], {0x14, 0x10}}, 0x64}}, 0x0)

4.126962302s ago: executing program 1 (id=791):
unshare(0x40400)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, <r1=>0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f0000000000)={r1})
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000540), 0xc0000, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f0000000580)={0x48, 0x5, 0x0, 0x0, <r5=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r4, 0x3ba0, &(0x7f0000000680)={0x48, 0x7, r5, 0x0, 0x1, 0x0, 0x0, 0x10000})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1e, 0x13, r3, 0x0)
r6 = socket(0x11, 0x800000003, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x5b, 0x2, {{0x2, [], 0x0, [0x4, 0x2], [0x0, 0x4]}, [@TCA_MQPRIO_MODE={0x6, 0x4}]}}}]}, 0x90}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={r3}, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)
memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x0)
syz_usb_connect(0x0, 0x172, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000e6bef1403c419681e01f0000000109026001010000000009049a0000020600000724060000ba4f05240004000d240f"], 0x0)

4.098882182s ago: executing program 0 (id=792):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x28, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x14}]}]}]}, 0x28}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x28, 0x21, 0x107, 0x0, 0x0, {0x1, 0x2}, [@nested={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @typed={0x4, 0xc, 0x0, 0x0, @binary}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000600)=[{&(0x7f0000000180)="8c", 0x1}], 0x1, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r3, 0x114, 0x7, &(0x7f0000000640)={@pppoe={0x18, 0x0, {0xffde, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}, 'bridge_slave_0\x00'}}, {&(0x7f0000000200)=""/54, 0x36}, &(0x7f00000004c0), 0x20}, 0xa0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x34, 0x12, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x4000300}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x5c}}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x74, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x48, 0x3, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_QUOTA_FLAGS={0x8}, @NFTA_QUOTA_CONSUMED={0xc}, @NFTA_QUOTA_BYTES={0xc}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xf8}}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x40)
r8 = getpid()
fcntl$lock(r7, 0x3, &(0x7f0000000100)={0x1, 0x1, 0x6f, 0x8d8, r8})
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)
listen(r4, 0x0)

3.515347079s ago: executing program 3 (id=795):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_macvtap\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000006d000100"/20, @ANYRES32=r2, @ANYBLOB="00ff0000000000201800348014003500"], 0x38}}, 0x0)

3.409663745s ago: executing program 3 (id=796):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000300), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002700)={0x44, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0xbb}]}, 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.163645618s ago: executing program 3 (id=797):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, 0x0)
mkdir(0x0, 0xfe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0xbaa}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000970000"])
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r8 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r8, 0x89e0, &(0x7f0000000180)={r6, r7})
sendmmsg$inet(r8, &(0x7f0000001500)=[{{0x0, 0xffffffcf, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, 0x0)
r9 = socket$kcm(0x2, 0x0, 0x106)
sendmsg$inet(r9, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4e21, @remote}, 0x10, 0x0}, 0x3000c041)

3.098502038s ago: executing program 0 (id=798):
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000600))
timer_settime(0x0, 0x0, &(0x7f0000000640)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
syz_emit_vhci(0x0, 0x22)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040f0003c8000000000000000000000000000002"], 0x14)
write$binfmt_script(r0, &(0x7f0000000b80)={'#! ', './file0', [{0x20, '\xba[\xc1\x8f\n\'\xf90\xf7k\x96K,\xe4\xfa*\xfb)\x17\xc1\x0fs\xd3sV9xE\xef\xe6+\xc1\x85\xd3W\xd0M\x81\xf0\a7\xd2\x14\xf6\xf7.\x1d)L\x9eE >\xd3\xf9C\xf6\xcb*;^h\xd5A\x12`\xa1*\xfb\xfb\xff\x14\xe0'}, {0x20, ' \x01\x00\x02\x00'/16}, {0x20, '\x00\xf5Ir\xfc\xea\xd3\'|\x91\xa5\'Oso\xd7\xe9\xf1\xd6\xf2Kq\x8c<V\x9d|l(m\xea\xc9*\x1cI~PA\xb7\x96\xe4\xaf\xba\xb4@\xcdUw?h2aNJ\n\xe20~\xdd\xd5\v\xf5h\xb8h(\xf5\xe1uE\x8bO\xa0u<\xb6n{-w\"\xd9\xa7\xec\xbc\xe2c\x97\x17R!\xf6T\xaf\x82\x12\x01\xc9G\xc9\x14\xd9\x04t\x11\xf3\x94\xae\xaaQ\x97\xa7\xa1\x10\xa5\xf3\x12\x85w*\xe4f\x0fc\x03\xcf\xb3\xee<\xd5\xec\x8a\xf4\x17\xe4\x99\xe1\x8b\xe3z\xa4M\xd0\xb2\x1e\x15\xdd\xeb:\xbb\x05\xe68\xd2\x91\bxb!\x9a|\xe8L \x97\xc0Y\n\xfa\xaeq\x97\xc2\xaf\xd3\x97\x01\xeb\xe8\xb8\x05m\x13y%\xa7\xf4\xfc*\x06H\xff*x\x00\x183G\xd5\xe3?2\xa7Q\xf4\x8b\xf7m\xec\xa47b\x062\x94\xb6,\x8f*T\v\xd7\xf7*p; !\xf4\x98O\x13@\xe8;\x89\xfd\xdb\xd4*\xd4D\xfd\xe0\xfeX\vn\x1f\xc7,\x14QwM\fW*\xc3\x17U\xf8xc\x8a]\xd7\xb3\xda\x92\x87\x1f\xf3;\xdd\xf8\xd3+\xd8\x19_l$\x9b\xddx\xb2\x93\x8e\xdbdH\x9bPv\xc8 \x1d\xf5\x15Qj\xa2+\xbfst\xcdt\x92\xc3}'}, {}, {0x20, '\xf1^@\x80_\x9clG&8t\xd1oHRE\x90\xb2\x0f\x1az\xf0\xc0O\xb2\xbc%@U\x90Z\x92xc\x82:\xcf\x1b8^\xc3it;E@\xf2\x02\n_\xf7|h\x14\x95\xee\r\xbd@*\xd1\x92W\x82\x991\xa3\xbb\x89\xf0\xe7c2\xd4#\x9ea\xd6~\xbb\xd4e\xd0\x9a1\xf6\xbaK\xdd<\x9b\x85\xc4}\x83\x0f \xc1\xc8\xa6\xc6*\xb5\xd8\xdd\xfdI\xcbY\xa4\xe3\xbe5\xb2R\xdb\xd05\xae#\xc4\xecK\xc2`E6\x92\xcey\xcbp\xdb\xd6\xbc\xa0\x87E\xd7\xac\xb3k\xc7\x13\x8b\x04^\xe0\xc6\x1eM\xba\xc2\\t/\xb5\xaeD\xfb\x93\xa5*\xe4\xe4\xd7\x0fW\xd4U\xbf\xf6#A\xff\xdb<h\x83\xbd;\xef\xe9\xcd\x17\\2\\(\xcd\x0f\xb4\xd5d\xa4C\x155\x0e\x04\x02}!\'\xd6\xe9\xa4\xc6\xd5\x15\xf0\x9f\n\xf6g\x18W\xecy\xd8k\xd1{z\x01G'}], 0xa, "bc37f784dc8a4d3338b35c4aeb376f0eff035c88ba4505000000000000002ac83e7724f4d5729d58b7e818d60e131f2ba3b1cda70fc641a0d9941ea461bffd338f6c2c1712770e75f5238bbcfbdecec85f921b1b1f92afe18bd077536be3f79c61ee219496ef5b073e54b3846e278be4b2ef2c48b68100000000000000b34f51f0b883112a74746605b2679c64832a12b214ab9be7743490b9f2434f17a64015ebfc0e6b7dfed0217b4f5fdf70f0d164579cb7ec22f270cef0a466176ffb9cc6bbe063ab93293d68a477541593b7edbeaa43c31eba13724558cbc206ff26df53ddbb03a382901e6a09740ec363a68275e7164b2ea78c0e826fb9a2a256a8127ff3a17b4c6d4a864ee8c098382bc32495b1ac7030b9a58ce4b085a785d29266c59c150d415cc80e94606d55fbd2dca2b5a4241fae0fcee986774f075886de443cfce700f9d9d9400d000000e7f3f274a162ef5093d835916705cac69b4887988fb337c9e0d2d75db07df40fefc65d265094495f73b7363c9bc1778681b7e7f98e89002610d8994c42d7f525a7fa389e1737841b30f5"}, 0x418)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)={'#! ', '', [], 0xa, "ae0065b5dfc251711a40a637562f44181e7548"}, 0x17)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
lseek(r2, 0x4, 0x0)
getdents(r2, 0x0, 0x48)
ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000000200)={0x0, &(0x7f0000000340)=""/121, 0x79})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffc, 0xffffffffffffffe1, 0x0, 0x0, 0x7250175b, 0xfffffffffffff924], 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
listen(r3, 0x80080400)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
socket(0x1, 0x2, 0x0)
syz_io_uring_setup(0x3466, &(0x7f0000000180)={0x0, 0xc49f, 0x48, 0x100002, 0x291, 0x0, r2}, 0x0, 0x0)
syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000080)={'nicvf0\x00', &(0x7f00000003c0)=@ethtool_rx_ntuple={0x35, {0xd, @ah_ip4_spec={@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8, 0xff}, @ah_ip4_spec={@rand_addr=0x64010101, @empty, 0x3d, 0x39}, 0x1, 0xed15, 0x0, 0x6, 0xfffffffffffffffe}}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)

2.300162873s ago: executing program 1 (id=799):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x0, 0x0, 0x0, 0x0, 0x105}, 0x60)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0x4)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
syz_clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080), 0x531900, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000000c0)={<r3=>0x0, 0xe8, "24468c6354d2a7facf29ceff0b32cb73adddff3de229e24ee0afad96363d220366f10f91b70d6bd5e9b4bfd540282d569f97c36280f45e1f1368c17be0c0d9edcb72e8f155d00c0a3cf24a3f1aaefcd27227cb8d362dd1ffcf7db9edc3be28bffcb944fe7fc7b9a3b7d14ec76891febbc0ede14f2ff5b4a7326dfc165a535077f87c82fb8c8b5be39b80c799b2c10738c14978c85d0833d831442733bb6f1be5d03625b839fa2305a2cd2d6a104626a6a3b98ea330bb638224ef2fa4adb26829d7ef5ce0da1143bd1c7c86a1bbd7b769697f0471efa9ee981973d14abcea987f06ad7444f7bd791b"}, &(0x7f00000001c0)=0xf0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f00000002c0)={r3}, 0x8)
setpriority(0x1, 0x0, 0x0)

2.149679962s ago: executing program 3 (id=800):
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="043d0eaaaaaaaaaa10bc205c7f30b257b9b56077dac5989b6963cb480ea7646257012a612c62a8a28b2c0e523427815b13ac93285f3cb016c18f150d2f0a89713e22745d7c30db48e9a979b684fdb54c5a5a1ff99485badc283586ed68c90b12e61f56b8fca5bea17ef38a60aa7b0efbf449c5f171c189c3f7c05aac28a8d0e4f3df3f7550692630902fb0bcb34927"], 0x11)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x590}}], 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x1ff, 0x142)
write$midi(r2, &(0x7f0000000000)="9172", 0x2)
write$midi(r2, &(0x7f00000001c0)="9d", 0x3001)
write$vhost_msg(r2, &(0x7f0000000600)={0x1, {0x0, 0x0, 0x0}}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x8001000000000000, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0x0, 0x5, 0x148, 0x0, 0x0, 0x1e0, 0x2a8, 0x2a8, 0x1e0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@state={{0x28}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00'}}]}, @common=@unspec=@MARK={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
recvmmsg(r3, &(0x7f0000000dc0)=[{{&(0x7f0000000040)=@x25={0x9, @remote}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000580)=""/130, 0x82}, {&(0x7f00000000c0)}, {&(0x7f0000000100)=""/50, 0x32}, {&(0x7f0000000680)=""/193, 0xc1}, {&(0x7f0000000780)=""/148, 0x94}, {&(0x7f0000000180)=""/110, 0x6e}, {&(0x7f0000000840)=""/131, 0x83}], 0x7}, 0x8}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000440)=""/28, 0x1c}, {&(0x7f0000000480)=""/46, 0x2e}, {&(0x7f0000000900)=""/21, 0x15}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000000940)=""/180, 0xb4}, {&(0x7f0000000a00)=""/53, 0x35}], 0x6, &(0x7f0000000ac0)=""/118, 0x76}, 0x60000}, {{&(0x7f0000000b40)=@pppoe={0x18, 0x0, {0x0, @multicast}}, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000bc0)=""/119, 0x77}, {&(0x7f0000000c40)=""/32, 0x20}], 0x2, &(0x7f0000000cc0)=""/216, 0xd8}, 0x8}], 0x3, 0x100, &(0x7f0000000e80)={0x77359400})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c)
r4 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_INFO(r5, 0x80206433, &(0x7f0000000080)=""/12)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0185647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f903, 0x0, '\x00', @p_u16=0x0}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24)
syz_emit_vhci(0x0, 0x9)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400c031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4002, 0x4005, &(0x7f0000000000)=0xa636, 0x5, 0x0)
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000})
io_uring_setup(0x3c8e, &(0x7f0000000100))

2.015301914s ago: executing program 1 (id=801):
mkdirat(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$video(&(0x7f0000001640), 0x7, 0x800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa0300000003140000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c6bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
socket$kcm(0x11, 0xa, 0x300)
r3 = socket$kcm(0x10, 0x3, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000001000030027bd70000000000000000000", @ANYRES32=r5, @ANYBLOB="0000008e000000001c0012800b00010067747e65766500000c000212b056c9800868e6402e379d407b94d28c024eb4339756d9c0dd30e0f252829dcaa8ca178d3196c86fa1ac6296af84eb1023e91072099f511db3206d0bd986c0905c0842d11bb34a438b72e187cd633314fae518e83b77af05d14c48567b637e8f8f81a84a9304933dfd296a8665a98404c370944da78d032c56b3ab7fc65d1eac91aef9b8a86a0af325470a119978c28ec71fa7db16210cc491ba27a9814bfd9884c4b8ab005fe43bca68b5efb37926bf7934e10174925473f2b934b34bf4c39e61b9dcde126bc5ee2217"], 0x3c}, 0x1, 0x2}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6f94f90524fc6010000200d7070000053582c137153e37000c0980fc", 0x29}], 0x1}, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)=0x4000000)
sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000140)='illinois\x00', 0x3)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
listen(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
write$binfmt_script(r6, &(0x7f0000000080), 0x76e5467)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1c, 0x0, &(0x7f00000001c0))
socket$packet(0x11, 0x2, 0x300)

2.014166695s ago: executing program 0 (id=802):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000100)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r3 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r3, &(0x7f00000000c0)=""/4087, 0xff7)
openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
keyctl$read(0xb, r3, &(0x7f00000010c0)=""/4096, 0x1000)

1.871270945s ago: executing program 2 (id=803):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
dup(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
recvmmsg(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000c00)=""/4111, 0xd80}], 0x1, 0x0, 0x500}}], 0x1, 0x0, 0x0)

1.851741111s ago: executing program 3 (id=804):
socket$inet(0x2, 0x4000000000000001, 0x0)
userfaultfd(0x80801)
r0 = syz_io_uring_setup(0x2571, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
socketpair(0x1, 0x1, 0xb, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00'})
r5 = open(&(0x7f00000005c0)='./bus\x00', 0x145442, 0x0)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x0, 0x0, 0x82)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="1400000023000b03d25a806f8c6394e21f24fc60", 0x14}], 0x1}, 0x60000000)
fsmount(0xffffffffffffffff, 0x0, 0x80)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x80)
openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x80000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, &(0x7f00000000c0)={{0x6, 0x7}, {0x6, 0x1}, 0x9, 0x7, 0x1})
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, r3)
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x86, 0xe0, 0xa4, 0x40, 0x9710, 0x7843, 0x7b4, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x6d, 0x3a, 0x44}}]}}]}}, 0x0)

1.79196585s ago: executing program 0 (id=805):
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="043d0eaaaaaaaaaa10bc205c7f30b257b9b56077dac5989b6963cb480ea7646257012a612c62a8a28b2c0e523427815b13ac93285f3cb016c18f150d2f0a89713e22745d7c30db48e9a979b684fdb54c5a5a1ff99485badc283586ed68c90b12e61f56b8fca5bea17ef38a60aa7b0efbf449c5f171c189c3f7c05aac28a8d0e4f3df3f7550692630902fb0bcb349276cdb"], 0x11)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x590}}], 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x1ff, 0x142)
write$midi(r2, 0x0, 0x0)
write$midi(r2, &(0x7f00000001c0)="9d", 0x3001)
write$vhost_msg(r2, &(0x7f0000000600)={0x1, {0x0, 0x0, 0x0}}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x8001000000000000, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0x0, 0x5, 0x148, 0x0, 0x0, 0x1e0, 0x2a8, 0x2a8, 0x1e0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@state={{0x28}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00'}}]}, @common=@unspec=@MARK={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
recvmmsg(r3, &(0x7f0000000dc0)=[{{&(0x7f0000000040)=@x25={0x9, @remote}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000580)=""/130, 0x82}, {&(0x7f00000000c0)}, {&(0x7f0000000100)=""/50, 0x32}, {&(0x7f0000000680)=""/193, 0xc1}, {&(0x7f0000000780)=""/148, 0x94}, {&(0x7f0000000180)=""/110, 0x6e}, {&(0x7f0000000840)=""/131, 0x83}], 0x7}, 0x8}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000440)=""/28, 0x1c}, {&(0x7f0000000480)=""/46, 0x2e}, {&(0x7f0000000900)=""/21, 0x15}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000000940)=""/180, 0xb4}, {&(0x7f0000000a00)=""/53, 0x35}], 0x6, &(0x7f0000000ac0)=""/118, 0x76}, 0x60000}, {{&(0x7f0000000b40)=@pppoe={0x18, 0x0, {0x0, @multicast}}, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000bc0)=""/119, 0x77}, {&(0x7f0000000c40)=""/32, 0x20}], 0x2, &(0x7f0000000cc0)=""/216, 0xd8}, 0x8}], 0x3, 0x100, &(0x7f0000000e80)={0x77359400})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c)
r4 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_INFO(r5, 0x80206433, &(0x7f0000000080)=""/12)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0185647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f903, 0x0, '\x00', @p_u16=0x0}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24)
syz_emit_vhci(0x0, 0x9)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400c031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4002, 0x4005, &(0x7f0000000000)=0xa636, 0x5, 0x0)
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000})
io_uring_setup(0x3c8e, &(0x7f0000000100))

1.639342104s ago: executing program 4 (id=806):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x80}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_CIDR={0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r4, @ANYBLOB="0a001800030303030303000004000801"], 0x2c}}, 0x0)
unshare(0x20000400)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa}]}]}}}]}, 0x44}}, 0x0)
bind$unix(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, &(0x7f0000000000)={0x20, 0xf, 0xdf, {0xdf, 0x4, "de901ced8ae98b984b8973a0309104a21be8c3a9cbd3197f53aa7db4971c3cfc70bc811764ae7d6a0f023f3b853de1bd645d56ad54a38c3907c9921674a92cd4ac9c55443232e2fea1bbc83bbc1e34eb708c7e89ceaa34a9a0b8567f4f2a6fc2771be69a580681f0229aa857b9b4d17576a2e08a42d9e89e468b9b30feb40f509fefce3fa43406ec6810fcb0104a5b70fe4ad16f81f420e7501d334c568cb01b30fff0c0d1c408e32b89fb30217739405cbc32d3cc70834d49f603b7293cd55c1092c510437593c3b75dded3b605f7eec03049f3075a8a475f4ab4c8c1"}}, &(0x7f0000000140)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000002c0)={0x1c, &(0x7f00000001c0)=ANY=[@ANYBLOB="400e680000009417694015e40f8a0e54f3890a82203baae8d282bf00f20d64e829c6d052c4f10e0d784f515e3a0a081b1ff0e43c8db003b984df18877322804045bdd49266dc7e3387d027be78903fb95c3755be40f5986dccda149a4ebf03b201b8e405551c2bbeb9995472a950"], &(0x7f0000000240)={0x0, 0xa, 0x1}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x9}})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1.638908016s ago: executing program 2 (id=807):
eventfd2(0x0, 0x0) (async)
r0 = eventfd2(0x0, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = dup3(r1, r0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r3=>0x0})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14)
bind$can_j1939(r2, &(0x7f00000000c0)={0x1d, r3, 0x0, {0x2}}, 0x18) (async)
bind$can_j1939(r2, &(0x7f00000000c0)={0x1d, r3, 0x0, {0x2}}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x7fff, 0x2) (async)
r4 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000000)=0x1)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
socket$can_raw(0x1d, 0x3, 0x1)
socket$unix(0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r5, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102400, 0x19000}, {0x0}], 0x2, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x11, 0x80a, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000540)={<r8=>0xffffffffffffffff}, 0x2}}, 0x2)
write$RDMA_USER_CM_CMD_LISTEN(r7, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r8, 0x3800000}}, 0x10) (async)
write$RDMA_USER_CM_CMD_LISTEN(r7, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r8, 0x3800000}}, 0x10)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000200)=0x1, r8, 0x0, 0x1, 0x4}}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00'})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000c6e98cd6790003000000000000c43e2897000000000000000012c1e815722c2f3359413352c9791c516fc2bbcecc81f853a0af0331d8d111271ef89fa05134d467e9a5ab16a52922250389a5cb99c2d752c8804017999a132e4e5ae68fbc9fd721dea175b878c48582ed4df60c7c7187cc08ba385e5555255836c0abe943f1995cd32209ced5d61252ebd21e60d3172cf608ac39b99b113e577fb089ea59e719e551132e3a84b0a50440bc4a3cb602b6bbf9764387ca12da81360518", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028005001100000000000800070003000000"], 0x44}}, 0x0)
bind$can_raw(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x806, 0x0) (async)
socket$inet6(0xa, 0x806, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x4, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r9, 0xc008561c, &(0x7f0000000000)={0xf0f442})
epoll_create1(0x0)

1.557031141s ago: executing program 0 (id=808):
mkdirat(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$video(&(0x7f0000001640), 0x7, 0x800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa0300000003140000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c6bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
socket$kcm(0x11, 0xa, 0x300)
r3 = socket$kcm(0x10, 0x3, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000001000030027bd70000000000000000000", @ANYRES32=r5, @ANYBLOB="0000008e000000001c0012800b00010067747e65766500000c000212b056c9800868e6402e379d407b94d28c024eb4339756d9c0dd30e0f252829dcaa8ca178d3196c86fa1ac6296af84eb1023e91072099f511db3206d0bd986c0905c0842d11bb34a438b72e187cd633314fae518e83b77af05d14c48567b637e8f8f81a84a9304933dfd296a8665a98404c370944da78d032c56b3ab7fc65d1eac91aef9b8a86a0af325470a119978c28ec71fa7db16210cc491ba27a9814bfd9884c4b8ab005fe43bca68b5efb37926bf7934e10174925473f2b934b34bf4c39e61b9dcde126bc5ee2217"], 0x3c}, 0x1, 0x2}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6f94f90524fc6010000200d7070000053582c137153e37000c0980fc", 0x29}], 0x1}, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)=0x4000000)
sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000140)='illinois\x00', 0x3)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
listen(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
write$binfmt_script(r6, &(0x7f0000000080), 0x76e5467)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1c, 0x0, &(0x7f00000001c0))
socket$packet(0x11, 0x2, 0x300)

1.283809104s ago: executing program 2 (id=809):
clock_gettime(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x240, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x1, 0x2, 0x0, {0x9}}}]}}]}}, &(0x7f0000000580)={0x0, 0x0, 0x9a, &(0x7f0000000900)={0x5, 0xf, 0x9a, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x14, 0x2, 0x0, 0xfe21}, @generic={0x84, 0x10, 0xa, "2407654c05669e5a45c05dbedfd2661900ee1b38413d864ac493549200b05e16a84471dc065c7a920609c39e3fcd06e4ef547987158b500c778f971e3be76a86c409dc5b298bee8060cd9b7eea3d1a4631234088f79580a2ed025bcd6f2f3465553a61cb25421e56c7296aa468b269e896c5ce1dc118f8546cdf46590d2eea7fa1"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xe, 0x9d}]}})
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000001880)=[{&(0x7f00000018c0)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000140)=ANY=[@ANYBLOB="12010002000000ffb0b681800c1c31fb030109022d00010140107f0928004001030102060921ff072704407f03090502031004400200"/63], &(0x7f0000000880)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x201, 0x81, 0x40, 0x1, 0x8, 0x1f}, 0x4b, &(0x7f0000000300)={0x5, 0xf, 0x4b, 0x6, [@ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x3, 0x5, 0x7}, @wireless={0xb, 0x10, 0x1, 0xc, 0x60, 0x5, 0x1f, 0x9, 0xb}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "8fd6a2511cbd8b181604a93ec371c2f3"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xa, 0x0, 0x23, 0x1000}, @ssp_cap={0x10, 0x10, 0xa, 0x8, 0x1, 0x20, 0xf00f, 0x8000, [0xc0]}]}, 0x6, [{0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x300a}}, {0x12, &(0x7f00000009c0)=ANY=[@ANYBLOB="1203d447c5c66a85daa0adb21511d26a46cedc2acd3dd2f7d37f565904fe2cf48bbe4ff21dd74f5728344ff716535019fd4db8dd23188226f150338aff62"]}, {0x3e, &(0x7f0000000640)=@string={0x3e, 0x3, "b5d487b0eec7ad5a860adf178b1c358b2c5459584e229ab8f5ee26e610b8444fbc84c47f17005cc2fd5af71ec266fa58a28af72ff217869f3873e373"}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x860}}, {0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0x1007}}, {0xe2, &(0x7f0000000780)=@string={0xe2, 0x3, "6e022f05623830342facfa0e642368e0991972a47fc02f8a353ede043d5fe5b314c196c381a02d55a8804b92ba1e23a6b9864601fabc3cd8979554583cc63b31ea9650913fb6eb5c49541ae1f5b9f8af6a4dc40dc64b80e86ed1c7b08831e907c532079e20554ca02bffa061158f335665f006cef180f47cb841bc787d68c943a07d6001b41db55c43474d5c15684b42289f9b4a1a3bd278e131c6f8d47fcf338e8aa8806d34fabc9e1a7690f1f902e1a4e548be9c65ef36084c417428f83dc6cd51048f729f0f0149b6078880cff19816c1eafc62258387a4e814ba170be948"}}]})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/reserved_size', 0x42, 0x22)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000500)={0x2000043}, 0x10)
r7 = dup3(r3, r6, 0x80000)
write$tun(r7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='cq_modify\x00', r0}, 0x10)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x4000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x200c0034)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
write$binfmt_elf32(r3, 0x0, 0x84a)
write$UHID_CREATE2(r2, 0x0, 0x119)
write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000380)={0xe, {'syz1\x00', 'syz1\x00', 'syz1\x00', 0x0, 0x0, 0x40, 0x100, 0x7, 0x80, 0x101}}, 0x11c)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f000001ac00)='./file0/../file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x110808c, &(0x7f0000000b40)=ANY=[@ANYBLOB="f8643d", @ANYRESHEX=r6, @ANYRES8=r1, @ANYRESOCT, @ANYBLOB="2c6772e62c705f69643df23d2281eb574a3fdd8b7e958c08e11ef1f248babb63f20854bb8d70fba5c0b39a826eef866a750331b426c5566269029b467f67716a67eafd2276a2ffde5e7453722ad0135b0b11bd592e9e18a274d9dd8846c9c4ff419d0eeee5bcb4600d0abdb21b63b157de64f42c49f624d4c311c5e054208b6de1d7775f63d496f18c42f9f79a35f0778a5ca4c0e6d5d77975fc7adbe1e09f910135cb4ac2d15139e0db23969ab858a67f5f77257a07a2ef9d53efc2e8c9e5a97cfeaaad525814102a5db82148bda890decc52e1409d873065118277c65eb11379f8a177f896f8e5c918a14c994c3f2d60de70343dac5cb4acdf74804d4c39eee0c3a35babdca6ed210e4f94c4688346e2fbc5a5287c515a1317585aec6abd2a5744d4ed3f4dfa0e68159061ebb18fd88182070dbc27bf089230c67c057cebff7fa8056364fbfb1b902e3eb8062c6084ca86ea70177ce6f3", @ANYRESDEC=0x0, @ANYBLOB="f74aa70e017118214289774cecbefeb9a5dd4a98", @ANYRESDEC=0xee01, @ANYRESOCT], 0x0, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00')
syz_open_procfs$namespace(0x0, &(0x7f00000006c0)='ns/user\x00')
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{r8}, &(0x7f0000000200), &(0x7f0000000280)='%-010d \x00'}, 0x20)

641.641432ms ago: executing program 1 (id=810):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, 0x0)
mkdir(0x0, 0xfe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0xbaa}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000970000"])
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r8 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r8, 0x89e0, &(0x7f0000000180)={r6, r7})
sendmmsg$inet(r8, &(0x7f0000001500)=[{{0x0, 0xffffffcf, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, 0x0)
r9 = socket$kcm(0x2, 0x0, 0x106)
sendmsg$inet(r9, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4e21, @remote}, 0x10, 0x0}, 0x3000c041)

115.403621ms ago: executing program 3 (id=811):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x9a03, 0x0, 0x90, [], 0x10d, 0x0, 0x0}, 0x108)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000580), 0x3a9c81)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x1c}, 0x1c}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x3]}}], 0xffc8)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000001"])
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000340), &(0x7f0000000740)='./file0\x00', 0x8, 0x2)
r5 = socket$kcm(0x10, 0x3, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
bind$packet(r7, &(0x7f0000000180)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r7, &(0x7f00000015c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@RTM_NEWMDB={0x38, 0x55, 0x1, 0x0, 0x0, {0x7, r9}, [@MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x0, 0x0, 0x0, {@ip4=@empty=0xeaffffff, 0x800}}}]}, 0x38}}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
r10 = syz_usb_connect(0x2, 0x24, &(0x7f00000005c0)=ANY=[@ANYBLOB="100100008d7c4110257d044ab993ab020301090212000130320e2efa2393000000000904000000a06aef00808dca8e38eddc20af46dd3c416cda16fba98466527c71a5b40a004bb5255aaf326d412fb57c728d1471e56956714c98b0411d2c27350015418cb674de58a9778bf3aea37a78527ee60cc5260aae395aa336f45deb8300a569dc6b20898087d713f0cbb32f52a489d0e0a35964745bcf825bef2068a18ac251a7f6478aaece8bde9c35030a11be28cfc2551f097ac153d6475490dd7ebbc595a2f027dc58f90a996a9e5065ddd031bc7cbc8f956d55dd9c1873d9a63529610ad6831f724e9f87ff44d6380147e019abb0c225c8c3890032a9df43b41cd0c8c960617e8c5af680f69427795c2bd4094c4fc5ce30d62a04f5e867e521a97b76b7395c98a1b993c84ac57afdb39e4a2621974637812a68035d026c5db8d4e018dabc3b137522535c192fd4b48c2acf52"], 0x0)
syz_usb_control_io$uac1(r10, &(0x7f0000000440)={0x14, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0003546221cec435990203"]}, 0x0)
syz_usb_control_io$cdc_ncm(r10, &(0x7f00000001c0)={0x14, &(0x7f00000000c0)={0x20, 0xc, 0xaa, {0xaa, 0x10, "3c6964294acdf6ca20c842da19d0fef68844c05ef76f40d9e3abbbba91854ccc1ad330c887de920da8a36ebbe9a37418ea4fe71312613da3420c99024ebaf6480d02eca0f8bb63eda8ded6de2b81159b1b09d696c8b14b0d867f705b4a040566cd5cd04eb7b8e6ec4fa10e7d266bf0d179777ddcecf40459ab819c1792d0af551d19f9ae5704d452120eb5f1dba306b83786d93fd61905e6ae03269724c780beb9674d2463f1f5ce"}}, &(0x7f0000000180)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x44, &(0x7f0000000200)=ANY=[@ANYBLOB="20176e00000039904b2cf4d58a939c2c7cb96eb0b30ece379270f880661728db40f3acf22946a24f32efc060f02c5cb8571ef2d133498d2c9e72be1c40a6cc439c836f58000000000b605ac092c0d2f7fdb32970dba641235631e97d9be8d40aa9ac335bcc6bd9fc11dfc4b8eb087ccedbce34d0"], &(0x7f0000000280)={0x0, 0xa, 0x1, 0x1f}, &(0x7f00000002c0)={0x0, 0x8, 0x1}, &(0x7f0000000500)={0x20, 0x80, 0x1c, {0x7e, 0x4, 0x2, 0x9, 0x7ff, 0x8df3, 0x9, 0x3, 0xd9c4, 0xdb, 0x7, 0x3cca}}, &(0x7f0000000540)={0x20, 0x85, 0x4, 0x4}, &(0x7f0000000380)={0x20, 0x83, 0x2, 0x1}, &(0x7f00000003c0)={0x20, 0x87, 0x2, 0x400}, &(0x7f0000000400)={0x20, 0x89, 0x2}})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)

0s ago: executing program 0 (id=812):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000008000000000000b7080000000000007b8af8ff00000000b508000000000000638af0ffe1000000bfa100000000000007010000f8ffffffbf8400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000008000000850000006900000095"], &(0x7f0000000300)='GPL\x00'}, 0x90)

kernel console output (not intermixed with test programs):

ave_1) entered blocking state
[  182.884470][   T56] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  182.901192][ T7316] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.923487][ T7316] bridge_slave_1: entered allmulticast mode
[  182.949166][   T56] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  182.963873][ T7316] bridge_slave_1: entered promiscuous mode
[  183.007602][   T56] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.028412][   T56] usb 2-1: Product: syz
[  183.040427][   T56] usb 2-1: Manufacturer: syz
[  183.057119][ T5139] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  183.067119][   T56] usb 2-1: SerialNumber: syz
[  183.107718][   T56] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input18
[  183.213801][ T7316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  183.257772][ T5139] usb 1-1: Using ep0 maxpacket: 8
[  183.275799][ T7316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.283530][ T5139] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.331798][ T5139] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  183.357309][ T5139] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.373623][ T5139] usb 1-1: config 0 descriptor??
[  183.398553][ T5139] gspca_main: vc032x-2.14.0 probing 046d:0892
[  183.420035][ T7401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.445886][ T7401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.523428][ T5140] usb 5-1: USB disconnect, device number 15
[  183.644009][ T7316] team0: Port device team_slave_0 added
[  183.676069][ T7316] team0: Port device team_slave_1 added
[  183.792969][ T7409] FAULT_INJECTION: forcing a failure.
[  183.792969][ T7409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.823395][ T7316] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.844329][ T7409] CPU: 0 PID: 7409 Comm: syz.4.426 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  183.854358][ T7409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  183.864431][ T7409] Call Trace:
[  183.867721][ T7409]  <TASK>
[  183.870664][ T7409]  dump_stack_lvl+0x241/0x360
[  183.875362][ T7409]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.880564][ T7409]  ? __pfx__printk+0x10/0x10
[  183.885177][ T7409]  ? snprintf+0xda/0x120
[  183.889438][ T7409]  should_fail_ex+0x3b0/0x4e0
[  183.894126][ T7409]  _copy_to_user+0x2f/0xb0
[  183.898553][ T7409]  simple_read_from_buffer+0xca/0x150
[  183.903952][ T7409]  proc_fail_nth_read+0x1e9/0x250
[  183.908991][ T7409]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.914542][ T7409]  ? rw_verify_area+0x520/0x6b0
[  183.919486][ T7409]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.925052][ T7409]  vfs_read+0x204/0xbc0
[  183.929245][ T7409]  ? __pfx_lock_release+0x10/0x10
[  183.934309][ T7409]  ? __pfx_vfs_read+0x10/0x10
[  183.939007][ T7409]  ? __fget_files+0x29/0x470
[  183.943605][ T7409]  ? __fget_files+0x3f6/0x470
[  183.948314][ T7409]  ksys_read+0x1a0/0x2c0
[  183.952579][ T7409]  ? __pfx_ksys_read+0x10/0x10
[  183.957345][ T7409]  ? do_syscall_64+0x100/0x230
[  183.962131][ T7409]  ? do_syscall_64+0xb6/0x230
[  183.966812][ T7409]  do_syscall_64+0xf3/0x230
[  183.971318][ T7409]  ? clear_bhb_loop+0x35/0x90
[  183.976022][ T7409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.981934][ T7409] RIP: 0033:0x7f09491746bc
[  183.986376][ T7409] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  184.006002][ T7409] RSP: 002b:00007f0949fb7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  184.014461][ T7409] RAX: ffffffffffffffda RBX: 00007f0949303f60 RCX: 00007f09491746bc
[  184.022457][ T7409] RDX: 000000000000000f RSI: 00007f0949fb70b0 RDI: 0000000000000005
[  184.030508][ T7409] RBP: 00007f0949fb70a0 R08: 0000000000000000 R09: 0000000000000000
[  184.038537][ T7409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.046519][ T7409] R13: 000000000000000b R14: 00007f0949303f60 R15: 00007f094942fa78
[  184.054509][ T7409]  </TASK>
[  184.061420][ T7316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.089179][ T7316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.154632][ T7316] batman_adv: batadv0: Adding interface: batadv_slave_1
[  184.183400][ T7316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.266175][ T7316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.436720][ T7316] hsr_slave_0: entered promiscuous mode
[  184.463982][ T4528] bcm5974 2-1:1.0: could not read from device
[  184.496589][ T4528] bcm5974 2-1:1.0: could not read from device
[  184.503515][ T7316] hsr_slave_1: entered promiscuous mode
[  184.518941][   T56] usb 2-1: USB disconnect, device number 9
[  184.533813][ T4528] bcm5974 2-1:1.0: could not read from device
[  184.563053][ T4528] bcm5974 2-1:1.0: could not read from device
[  184.919667][ T5139] gspca_vc032x: reg_w err -71
[  184.928952][ T5139] vc032x 1-1:0.0: probe with driver vc032x failed with error -71
[  184.947193][ T5101] Bluetooth: hci4: command tx timeout
[  184.968180][ T5139] usb 1-1: USB disconnect, device number 10
[  185.728291][ T7425] netlink: 'syz.3.428': attribute type 3 has an invalid length.
[  185.742141][ T7425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.428'.
[  185.832202][ T7443] netlink: 'syz.3.428': attribute type 4 has an invalid length.
[  186.041015][ T7425] netlink: 'syz.3.428': attribute type 4 has an invalid length.
[  186.128779][ T5143] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  186.197426][   T56] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  186.205239][ T7316] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  186.228031][ T7316] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  186.245302][ T7316] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  186.274756][ T7316] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  186.327886][ T5143] usb 1-1: Using ep0 maxpacket: 8
[  186.366143][ T5143] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.407527][   T56] usb 5-1: Using ep0 maxpacket: 8
[  186.424434][ T5143] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.440159][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.453783][ T5143] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  186.471802][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.492437][   T56] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  186.507752][ T5143] usb 1-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  186.567219][ T5143] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.575485][ T5143] usb 1-1: Product: syz
[  186.601437][ T5143] usb 1-1: Manufacturer: syz
[  186.607715][   T56] usb 5-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  186.618676][ T5143] usb 1-1: SerialNumber: syz
[  186.627147][   T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.635176][   T56] usb 5-1: Product: syz
[  186.662542][ T5143] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input19
[  186.671888][   T56] usb 5-1: Manufacturer: syz
[  186.676519][   T56] usb 5-1: SerialNumber: syz
[  186.714518][   T56] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input20
[  186.715399][ T7316] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.831187][ T7316] 8021q: adding VLAN 0 to HW filter on device team0
[  186.939353][  T783] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.946599][  T783] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.026901][  T783] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.034077][  T783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.048303][ T7462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.057256][ T7462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.108026][ T5141] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  187.347353][ T5141] usb 2-1: Using ep0 maxpacket: 32
[  187.399538][ T5141] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  187.450681][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.453570][ T7316] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.544081][ T5141] usb 2-1: config 0 descriptor??
[  187.593021][ T5141] gspca_main: sunplus-2.14.0 probing 041e:400b
[  187.769073][ T7316] veth0_vlan: entered promiscuous mode
[  187.851019][   T56] usb 1-1: USB disconnect, device number 11
[  187.867383][ T4528] bcm5974 1-1:1.0: could not read from device
[  187.892248][ T7316] veth1_vlan: entered promiscuous mode
[  187.918140][ T4528] bcm5974 1-1:1.0: could not read from device
[  187.956040][ T5695] bcm5974 1-1:1.0: could not read from device
[  187.993441][ T5141] gspca_sunplus: reg_w_riv err -71
[  188.045953][ T5141] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  188.099193][ T5141] usb 2-1: USB disconnect, device number 10
[  188.146786][ T7316] veth0_macvtap: entered promiscuous mode
[  188.204226][ T7316] veth1_macvtap: entered promiscuous mode
[  188.214434][ T7450] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.263329][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.268116][ T7450] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.281832][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.295179][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.295203][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.295243][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.295257][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.295272][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.295285][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.304377][ T7316] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.490581][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.490640][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.490653][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.490665][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.490674][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.490686][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.490696][ T7316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.490710][ T7316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.498770][ T7316] batman_adv: batadv0: Interface activated: batadv_slave_1
[  188.533945][ T7316] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.533988][ T7316] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.534004][ T7316] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.534019][ T7316] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.904204][ T5719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.904231][ T5719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.025654][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.025679][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.497357][ T5139] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  189.499317][   T56] usb 5-1: USB disconnect, device number 16
[  189.500388][ T5084] bcm5974 5-1:1.0: could not read from device
[  189.502560][ T4528] bcm5974 5-1:1.0: could not read from device
[  189.709451][ T5139] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  189.727098][ T5139] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.763129][ T5139] usb 2-1: config 0 descriptor??
[  190.004541][ T5139] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  190.046778][ T5139] asix 2-1:0.0: probe with driver asix failed with error -71
[  190.110869][ T5139] usb 2-1: USB disconnect, device number 11
[  191.052630][ T7524] netlink: 'syz.3.443': attribute type 3 has an invalid length.
[  191.068634][ T7524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.443'.
[  191.155446][ T7524] netlink: 'syz.3.443': attribute type 4 has an invalid length.
[  191.278738][ T5139] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  191.319515][ T7524] netlink: 'syz.3.443': attribute type 4 has an invalid length.
[  191.477246][ T5139] usb 3-1: Using ep0 maxpacket: 8
[  191.498443][ T5139] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.556243][ T5139] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.597858][ T5139] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  191.674107][ T5139] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  191.710126][ T5139] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.751807][ T5139] usb 3-1: Product: syz
[  191.767237][ T5139] usb 3-1: Manufacturer: syz
[  191.771875][ T5139] usb 3-1: SerialNumber: syz
[  191.881471][ T5139] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input21
[  192.168513][ T7566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.184740][ T7566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.725147][ T7575] xt_policy: too many policy elements
[  192.797211][ T4528] bcm5974 3-1:1.0: could not read from device
[  192.851685][ T4528] bcm5974 3-1:1.0: could not read from device
[  192.859893][ T5139] usb 3-1: USB disconnect, device number 4
[  192.992545][ T7580] FAULT_INJECTION: forcing a failure.
[  192.992545][ T7580] name failslab, interval 1, probability 0, space 0, times 0
[  193.038978][ T7580] CPU: 1 PID: 7580 Comm: syz.1.453 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  193.049018][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  193.059278][ T7580] Call Trace:
[  193.062578][ T7580]  <TASK>
[  193.065525][ T7580]  dump_stack_lvl+0x241/0x360
[  193.070237][ T7580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.075469][ T7580]  ? __pfx__printk+0x10/0x10
[  193.080088][ T7580]  ? __pfx___might_resched+0x10/0x10
[  193.085403][ T7580]  ? validate_chain+0x11e/0x5900
[  193.090384][ T7580]  should_fail_ex+0x3b0/0x4e0
[  193.095130][ T7580]  should_failslab+0x9/0x20
[  193.099851][ T7580]  kmalloc_node_trace_noprof+0x74/0x300
[  193.104555][ T5140] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  193.105404][ T7580]  ? __get_vm_area_node+0x113/0x270
[  193.118233][ T7580]  __get_vm_area_node+0x113/0x270
[  193.123308][ T7580]  __vmalloc_node_range_noprof+0x3bc/0x1460
[  193.129243][ T7580]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.134827][ T7580]  ? mark_lock+0x9a/0x350
[  193.139206][ T7580]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  193.145566][ T7580]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.151130][ T7580]  __vmalloc_noprof+0x79/0x90
[  193.155826][ T7580]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.161396][ T7580]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.166803][ T7580]  ? bpf_prog_alloc+0x28/0x1b0
[  193.171595][ T7580]  bpf_prog_alloc+0x3a/0x1b0
[  193.176214][ T7580]  bpf_prog_load+0x7f7/0x20f0
[  193.180925][ T7580]  ? __pfx_bpf_prog_load+0x10/0x10
[  193.186074][ T7580]  ? __pfx___might_resched+0x10/0x10
[  193.191401][ T7580]  ? __might_fault+0xc6/0x120
[  193.196107][ T7580]  ? bpf_lsm_bpf+0x9/0x10
[  193.200460][ T7580]  ? security_bpf+0x87/0xb0
[  193.204985][ T7580]  __sys_bpf+0x4ee/0x810
[  193.209260][ T7580]  ? __pfx___sys_bpf+0x10/0x10
[  193.214069][ T7580]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  193.220081][ T7580]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  193.226440][ T7580]  ? do_syscall_64+0x100/0x230
[  193.231241][ T7580]  __x64_sys_bpf+0x7c/0x90
[  193.235695][ T7580]  do_syscall_64+0xf3/0x230
[  193.240227][ T7580]  ? clear_bhb_loop+0x35/0x90
[  193.244924][ T7580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.250846][ T7580] RIP: 0033:0x7f10ba975bd9
[  193.255281][ T7580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.274910][ T7580] RSP: 002b:00007f10bb7af048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  193.283439][ T7580] RAX: ffffffffffffffda RBX: 00007f10bab03f60 RCX: 00007f10ba975bd9
[  193.291433][ T7580] RDX: 0000000000000090 RSI: 0000000020000400 RDI: 0000000000000005
[  193.299517][ T7580] RBP: 00007f10bb7af0a0 R08: 0000000000000000 R09: 0000000000000000
[  193.307519][ T7580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.315521][ T7580] R13: 000000000000000b R14: 00007f10bab03f60 R15: 00007f10bac2fa78
[  193.323541][ T7580]  </TASK>
[  193.327355][  T783] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  193.335170][ T5140] usb 1-1: Using ep0 maxpacket: 32
[  193.368039][ T5140] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  193.391485][ T5140] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.416860][ T5140] usb 1-1: config 0 descriptor??
[  193.473466][ T5140] gspca_main: sq930x-2.14.0 probing 041e:403c
[  193.517377][ T7580] syz.1.453: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  193.554416][ T7580] CPU: 1 PID: 7580 Comm: syz.1.453 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  193.564451][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  193.574536][ T7580] Call Trace:
[  193.577832][ T7580]  <TASK>
[  193.580778][ T7580]  dump_stack_lvl+0x241/0x360
[  193.585492][ T7580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.590706][ T7580]  ? __pfx__printk+0x10/0x10
[  193.595305][ T7580]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  193.601719][ T7580]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  193.608247][ T7580]  warn_alloc+0x278/0x410
[  193.612605][ T7580]  ? __pfx_warn_alloc+0x10/0x10
[  193.617481][  T783] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.617984][ T7580]  ? __get_vm_area_node+0x113/0x270
[  193.618014][ T7580]  ? __get_vm_area_node+0x261/0x270
[  193.639252][ T7580]  __vmalloc_node_range_noprof+0x3e0/0x1460
[  193.645177][ T7580]  ? mark_lock+0x9a/0x350
[  193.649556][ T7580]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  193.655958][ T7580]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.661518][ T7580]  __vmalloc_noprof+0x79/0x90
[  193.666197][ T7580]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.671747][ T7580]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  193.677134][ T7580]  ? bpf_prog_alloc+0x28/0x1b0
[  193.681943][ T7580]  bpf_prog_alloc+0x3a/0x1b0
[  193.686541][ T7580]  bpf_prog_load+0x7f7/0x20f0
[  193.691215][ T7580]  ? __pfx_bpf_prog_load+0x10/0x10
[  193.696312][ T7580]  ? __pfx___might_resched+0x10/0x10
[  193.701593][ T7580]  ? __might_fault+0xc6/0x120
[  193.706257][ T7580]  ? bpf_lsm_bpf+0x9/0x10
[  193.710574][ T7580]  ? security_bpf+0x87/0xb0
[  193.715064][ T7580]  __sys_bpf+0x4ee/0x810
[  193.719299][ T7580]  ? __pfx___sys_bpf+0x10/0x10
[  193.724060][ T7580]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  193.730124][ T7580]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  193.736440][ T7580]  ? do_syscall_64+0x100/0x230
[  193.741289][ T7580]  __x64_sys_bpf+0x7c/0x90
[  193.745700][ T7580]  do_syscall_64+0xf3/0x230
[  193.750211][ T7580]  ? clear_bhb_loop+0x35/0x90
[  193.754893][ T7580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.760791][ T7580] RIP: 0033:0x7f10ba975bd9
[  193.765199][ T7580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.784824][ T7580] RSP: 002b:00007f10bb7af048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  193.793258][ T7580] RAX: ffffffffffffffda RBX: 00007f10bab03f60 RCX: 00007f10ba975bd9
[  193.801221][ T7580] RDX: 0000000000000090 RSI: 0000000020000400 RDI: 0000000000000005
[  193.809293][ T7580] RBP: 00007f10bb7af0a0 R08: 0000000000000000 R09: 0000000000000000
[  193.817266][ T7580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.825237][ T7580] R13: 000000000000000b R14: 00007f10bab03f60 R15: 00007f10bac2fa78
[  193.833213][ T7580]  </TASK>
[  193.841183][ T5140] gspca_sq930x: reg_r 001f failed -32
[  193.846816][  T783] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.877119][ T5140] sq930x 1-1:0.0: probe with driver sq930x failed with error -32
[  193.900729][  T783] usb 5-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  193.934359][ T5140] usb 1-1: USB disconnect, device number 12
[  193.943824][ T7580] Mem-Info:
[  193.951980][  T783] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.969695][ T7580] active_anon:6497 inactive_anon:0 isolated_anon:0
[  193.969695][ T7580]  active_file:17867 inactive_file:38199 isolated_file:0
[  193.969695][ T7580]  unevictable:768 dirty:487 writeback:0
[  193.969695][ T7580]  slab_reclaimable:8881 slab_unreclaimable:97343
[  193.969695][ T7580]  mapped:14389 shmem:1269 pagetables:844
[  193.969695][ T7580]  sec_pagetables:0 bounce:0
[  193.969695][ T7580]  kernel_misc_reclaimable:0
[  193.969695][ T7580]  free:1386920 free_pcp:391 free_cma:0
[  194.031384][ T7580] Node 0 active_anon:25988kB inactive_anon:0kB active_file:71468kB inactive_file:152716kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:57556kB dirty:1944kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10000kB pagetables:3376kB sec_pagetables:0kB all_unreclaimable? no
[  194.057113][  T783] usb 5-1: config 0 descriptor??
[  194.114009][ T7580] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  194.157080][ T7580] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  194.177128][ T5139] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  194.221350][ T7580] lowmem_reserve[]: 0 2571 2571 0 0
[  194.226814][ T7580] Node 0 DMA32 free:1577624kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:25048kB inactive_anon:0kB active_file:71468kB inactive_file:152396kB unevictable:1536kB writepending:1940kB present:3129332kB managed:2659880kB mlocked:0kB bounce:0kB free_pcp:11284kB local_pcp:8380kB free_cma:0kB
[  194.315291][ T7580] lowmem_reserve[]: 0 0 0 0 0
[  194.351673][ T7580] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:320kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  194.367172][ T5139] usb 3-1: Using ep0 maxpacket: 8
[  194.403330][ T5139] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.405860][ T7580] lowmem_reserve[]: 0 0 0 0 0
[  194.426058][ T5139] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.447244][ T7580] Node 1 Normal free:3945592kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  194.488883][ T5139] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  194.510099][ T7580] lowmem_reserve[]: 0 0 0 0 0
[  194.523263][ T7580] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  194.555189][ T5139] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  194.566161][  T783] magicmouse 0003:05AC:0269.0004: hidraw0: USB HID v0.00 Device [HID 05ac:0269] on usb-dummy_hcd.4-1/input0
[  194.587222][ T5139] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.612241][ T7580] Node 0 DMA32: 605*4kB (UM) 591*8kB (ME) 140*16kB (UME) 489*32kB (UME) 269*64kB (UME) 46*128kB (UME) 45*256kB (UME) 28*512kB (UME) 10*1024kB (UME) 2*2048kB (ME) 365*4096kB (UM) = 1583372kB
[  194.633185][ T5139] usb 3-1: Product: syz
[  194.642515][ T5139] usb 3-1: Manufacturer: syz
[  194.655233][ T5139] usb 3-1: SerialNumber: syz
[  194.669470][ T7580] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  194.703097][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  194.710701][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  194.717911][ T5139] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input22
[  194.735668][ T7580] Node 1 Normal: 4*4kB (U) 11*8kB (UM) 7*16kB (UM) 7*32kB (UM) 3*64kB (U) 6*128kB (U) 5*256kB (UM) 3*512kB (UM) 3*1024kB (U) 5*2048kB (U) 959*4096kB (M) = 3945592kB
[  194.755209][ T7580] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  194.767494][ T7580] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  194.823849][ T7580] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  194.860870][ T7580] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  194.917385][ T7580] 57337 total pagecache pages
[  194.937049][ T7580] 0 pages in swap cache
[  194.941307][ T7580] Free swap  = 119308kB
[  194.991434][ T7580] Total swap = 124996kB
[  195.071494][ T7580] 2097051 pages RAM
[  195.096682][ T7580] 0 pages HighMem/MovableOnly
[  195.128735][ T7580] 400871 pages reserved
[  195.132944][ T7580] 0 pages cma reserved
[  195.404459][ T7629] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.460291][ T7629] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.687304][  T783] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  195.959943][  T783] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  196.030026][  T783] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  196.071053][  T783] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.138627][  T783] usb 2-1: config 0 descriptor??
[  196.281752][ T7645] tunl0: entered promiscuous mode
[  196.338336][ T7645] netlink: 'syz.0.464': attribute type 1 has an invalid length.
[  196.364351][ T7645] netlink: 9 bytes leftover after parsing attributes in process `syz.0.464'.
[  196.382149][ T5139] usb 2-1: USB disconnect, device number 12
[  196.677152][ T5141] usb 5-1: USB disconnect, device number 17
[  196.825132][ T4528] bcm5974 3-1:1.0: could not read from device
[  196.834248][  T783] usb 3-1: USB disconnect, device number 5
[  196.879329][ T4528] bcm5974 3-1:1.0: could not read from device
[  196.911602][ T5084] bcm5974 3-1:1.0: could not read from device
[  197.293644][ T7665] netlink: 20 bytes leftover after parsing attributes in process `syz.1.472'.
[  197.877101][   T56] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  198.127391][   T56] usb 2-1: Using ep0 maxpacket: 8
[  198.146064][   T56] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  198.197070][   T56] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  198.227823][   T56] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  198.266817][   T56] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  198.286344][   T56] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.303525][   T56] usb 2-1: Product: syz
[  198.315289][   T56] usb 2-1: Manufacturer: syz
[  198.349478][   T56] usb 2-1: SerialNumber: syz
[  198.403684][   T56] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input23
[  198.655943][ T7699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.685133][ T7699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.645968][ T4528] bcm5974 2-1:1.0: could not read from device
[  199.704947][ T4528] bcm5974 2-1:1.0: could not read from device
[  199.755775][   T56] usb 2-1: USB disconnect, device number 13
[  199.773736][ T4528] bcm5974 2-1:1.0: could not read from device
[  199.959667][ T7710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.483'.
[  200.652115][ T5141] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  200.857197][ T5141] usb 4-1: Using ep0 maxpacket: 8
[  200.864557][ T5141] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.955585][ T5141] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  200.996135][ T5141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.036148][ T5141] usb 4-1: config 0 descriptor??
[  201.064717][ T5141] gspca_main: vc032x-2.14.0 probing 046d:0892
[  202.309315][ T5141] gspca_vc032x: reg_w err -71
[  202.314119][ T5141] vc032x 4-1:0.0: probe with driver vc032x failed with error -71
[  202.358475][ T5141] usb 4-1: USB disconnect, device number 25
[  203.079090][ T7751] FAULT_INJECTION: forcing a failure.
[  203.079090][ T7751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.134217][ T7751] CPU: 1 PID: 7751 Comm: syz.0.495 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  203.144264][ T7751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  203.154326][ T7751] Call Trace:
[  203.157608][ T7751]  <TASK>
[  203.160630][ T7751]  dump_stack_lvl+0x241/0x360
[  203.165325][ T7751]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.170523][ T7751]  ? __pfx__printk+0x10/0x10
[  203.175127][ T7751]  ? snprintf+0xda/0x120
[  203.179397][ T7751]  should_fail_ex+0x3b0/0x4e0
[  203.185269][ T7751]  _copy_to_user+0x2f/0xb0
[  203.185299][ T7751]  simple_read_from_buffer+0xca/0x150
[  203.185322][ T7751]  proc_fail_nth_read+0x1e9/0x250
[  203.185341][ T7751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.185370][ T7751]  ? rw_verify_area+0x520/0x6b0
[  203.185391][ T7751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.185413][ T7751]  vfs_read+0x204/0xbc0
[  203.185433][ T7751]  ? __pfx_lock_release+0x10/0x10
[  203.185452][ T7751]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  203.185481][ T7751]  ? __pfx_vfs_read+0x10/0x10
[  203.185502][ T7751]  ? __fget_files+0x29/0x470
[  203.185526][ T7751]  ? __fget_files+0x3f6/0x470
[  203.185562][ T7751]  ksys_read+0x1a0/0x2c0
[  203.185589][ T7751]  ? __pfx_ksys_read+0x10/0x10
[  203.185612][ T7751]  ? do_syscall_64+0x100/0x230
[  203.185639][ T7751]  ? do_syscall_64+0xb6/0x230
[  203.185667][ T7751]  do_syscall_64+0xf3/0x230
[  203.185691][ T7751]  ? clear_bhb_loop+0x35/0x90
[  203.185713][ T7751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.185737][ T7751] RIP: 0033:0x7fb8eef746bc
[  203.185757][ T7751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  203.185772][ T7751] RSP: 002b:00007fb8efddd040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  203.185803][ T7751] RAX: ffffffffffffffda RBX: 00007fb8ef103f60 RCX: 00007fb8eef746bc
[  203.185818][ T7751] RDX: 000000000000000f RSI: 00007fb8efddd0b0 RDI: 0000000000000006
[  203.185831][ T7751] RBP: 00007fb8efddd0a0 R08: 0000000000000000 R09: 0000000000000000
[  203.185844][ T7751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.185856][ T7751] R13: 000000000000000b R14: 00007fb8ef103f60 R15: 00007fb8ef22fa78
[  203.185886][ T7751]  </TASK>
[  203.443053][ T7762] netlink: 20 bytes leftover after parsing attributes in process `syz.2.501'.
[  203.467125][   T56] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  203.677279][   T56] usb 2-1: Using ep0 maxpacket: 8
[  203.721625][   T56] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.875669][   T56] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.891804][   T56] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  203.987628][   T56] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  203.996717][   T56] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.021037][ T5141] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  204.038117][   T56] usb 2-1: Product: syz
[  204.066773][   T56] usb 2-1: Manufacturer: syz
[  204.086159][   T56] usb 2-1: SerialNumber: syz
[  204.111096][   T56] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input25
[  204.169489][ T7781] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  204.176049][ T7781] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  204.218173][ T7781] vhci_hcd vhci_hcd.0: Device attached
[  204.237253][ T5141] usb 3-1: Using ep0 maxpacket: 8
[  204.292350][ T5141] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.327108][ T5141] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.362523][ T5141] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  204.411883][ T5141] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  204.429978][ T5141] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.469664][ T5141] usb 3-1: Product: syz
[  204.492713][ T5141] usb 3-1: Manufacturer: syz
[  204.503337][ T5144] usb 17-1: new high-speed USB device number 3 using vhci_hcd
[  204.512435][ T5141] usb 3-1: SerialNumber: syz
[  204.555176][ T5141] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input26
[  204.570378][ T7796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  204.631645][ T7796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  204.840686][ T7800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.513'.
[  204.859383][ T7802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  204.895241][ T7802] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  204.914557][ T7786] vhci_hcd: connection reset by peer
[  204.951548][ T1846] vhci_hcd: stop threads
[  204.956619][ T1846] vhci_hcd: release socket
[  204.987119][ T1846] vhci_hcd: disconnect device
[  205.620561][ T4528] bcm5974 2-1:1.0: could not read from device
[  205.643969][ T4528] bcm5974 2-1:1.0: could not read from device
[  205.691156][ T4528] bcm5974 2-1:1.0: could not read from device
[  205.698495][   T56] usb 2-1: USB disconnect, device number 14
[  205.714807][ T5141] usb 3-1: USB disconnect, device number 6
[  205.737653][ T4528] bcm5974 2-1:1.0: could not read from device
[  206.244424][   T29] audit: type=1326 audit(1720546369.992:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7819 comm="syz.4.520" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0949175bd9 code=0x0
[  206.266846][ T7827] netlink: 4 bytes leftover after parsing attributes in process `syz.2.523'.
[  206.304557][ T7827] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  206.346110][ T7827] batman_adv: batadv0: Removing interface: batadv_slave_0
[  206.390605][ T7827] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  206.443413][ T7827] batman_adv: batadv0: Removing interface: batadv_slave_1
[  206.567083][   T56] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  206.784476][   T56] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.817174][   T56] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.829821][   T56] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  206.839973][   T56] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.856358][   T56] usb 1-1: config 0 descriptor??
[  206.957166][    T9] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  207.016851][   T50] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.277403][    T9] usb 2-1: Using ep0 maxpacket: 16
[  207.292323][    T9] usb 2-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  207.331724][    T9] usb 2-1: config 1 interface 0 has no altsetting 0
[  207.367827][   T50] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.372181][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  207.413127][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.422222][ T7841] netlink: 48 bytes leftover after parsing attributes in process `syz.4.528'.
[  207.436308][    T9] usb 2-1: Product: syz
[  207.458512][    T9] usb 2-1: Manufacturer: syz
[  207.464317][    T9] usb 2-1: SerialNumber: syz
[  207.557413][   T50] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.568452][   T56] hid-led 0003:1D34:000A.0005: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.0-1/input0
[  207.629816][   T56] hid-led 0003:1D34:000A.0005: Dream Cheeky Webmail Notifier initialized
[  207.917625][ T5087] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  207.928543][ T5087] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  207.939410][ T5087] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  207.972989][ T5087] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  207.982779][ T5087] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  207.991606][ T5087] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  208.072423][   T50] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.145711][    T9] usbhid 2-1:1.0: can't add hid device: -71
[  208.156039][    T9] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  208.199274][    T9] usb 2-1: USB disconnect, device number 15
[  208.261908][   T29] audit: type=1326 audit(1720546372.022:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.0.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8eef75bd9 code=0x7ffc0000
[  208.331520][   T29] audit: type=1326 audit(1720546372.022:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.0.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8eef75bd9 code=0x7ffc0000
[  208.471805][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  208.521864][   T50] bridge_slave_1: left allmulticast mode
[  208.541778][   T50] bridge_slave_1: left promiscuous mode
[  208.615708][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.709383][   T50] bridge_slave_0: left allmulticast mode
[  208.715086][   T50] bridge_slave_0: left promiscuous mode
[  208.755108][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.172425][ T7867] xt_TCPMSS: Only works on TCP SYN packets
[  209.275384][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  209.485467][ T5141] usb 1-1: USB disconnect, device number 13
[  209.532519][    T9] usb 2-1: Using ep0 maxpacket: 8
[  209.552934][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.580955][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.612201][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  209.658147][ T5144] vhci_hcd: vhci_device speed not set
[  209.690299][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  209.709135][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.731969][    T9] usb 2-1: Product: syz
[  209.747381][    T9] usb 2-1: Manufacturer: syz
[  209.762679][    T9] usb 2-1: SerialNumber: syz
[  209.793761][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input27
[  209.928335][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  209.945680][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  209.958119][   T50] bond0 (unregistering): Released all slaves
[  210.060966][ T5101] Bluetooth: hci3: command tx timeout
[  210.114455][ T7890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.124816][ T7890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.344988][ T4528] bcm5974 2-1:1.0: could not read from device
[  210.345435][ T5143] usb 2-1: USB disconnect, device number 16
[  210.376910][ T4528] bcm5974 2-1:1.0: could not read from device
[  210.400515][ T5084] bcm5974 2-1:1.0: could not read from device
[  210.404908][ T4528] bcm5974 2-1:1.0: could not read from device
[  210.405390][ T4528] bcm5974 2-1:1.0: could not read from device
[  210.405856][ T4528] bcm5974 2-1:1.0: could not read from device
[  210.480978][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.541'.
[  210.502114][ T7902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.540'.
[  210.666031][ T7851] chnl_net:caif_netlink_parms(): no params data found
[  210.775695][   T50] hsr_slave_0: left promiscuous mode
[  210.799760][   T50] hsr_slave_1: left promiscuous mode
[  210.837497][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.850731][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.914309][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.941359][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[  211.043342][   T50] veth1_macvtap: left promiscuous mode
[  211.064667][   T50] veth0_macvtap: left promiscuous mode
[  211.073131][   T50] veth1_vlan: left promiscuous mode
[  211.082918][   T50] veth0_vlan: left promiscuous mode
[  211.217145][ T5144] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  211.372929][ T7934] netlink: 48 bytes leftover after parsing attributes in process `syz.0.547'.
[  211.418005][ T5144] usb 5-1: Using ep0 maxpacket: 16
[  211.439124][ T5144] usb 5-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  211.468758][ T5144] usb 5-1: config 1 interface 0 has no altsetting 0
[  211.489159][ T5144] usb 5-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  211.508433][ T5144] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.538414][ T5144] usb 5-1: Product: syz
[  211.545595][ T5144] usb 5-1: Manufacturer: syz
[  211.551144][ T5144] usb 5-1: SerialNumber: syz
[  211.620411][   T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  211.821862][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.833555][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.845269][   T25] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  211.854521][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.878666][   T25] usb 2-1: config 0 descriptor??
[  212.145273][   T50] team0 (unregistering): Port device team_slave_1 removed
[  212.156205][ T5101] Bluetooth: hci3: command tx timeout
[  212.226484][   T50] team0 (unregistering): Port device team_slave_0 removed
[  212.549649][   T25] hid-led 0003:1D34:000A.0006: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.1-1/input0
[  212.631940][   T25] hid-led 0003:1D34:000A.0006: Dream Cheeky Webmail Notifier initialized
[  213.051616][   T29] audit: type=1326 audit(1720546376.812:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ba975bd9 code=0x7ffc0000
[  213.079207][   T29] audit: type=1326 audit(1720546376.812:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ba975bd9 code=0x7ffc0000
[  213.259220][ T5144] usbhid 5-1:1.0: can't add hid device: -71
[  213.267578][ T5144] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  213.336633][ T5144] usb 5-1: USB disconnect, device number 18
[  213.454753][ T7851] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.474738][ T7851] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.495603][ T7851] bridge_slave_0: entered allmulticast mode
[  213.505706][ T7851] bridge_slave_0: entered promiscuous mode
[  213.518252][ T7851] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.530440][ T7851] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.540025][ T7851] bridge_slave_1: entered allmulticast mode
[  213.558240][ T7851] bridge_slave_1: entered promiscuous mode
[  213.637140][   T25] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  213.651025][ T7851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.682439][ T7851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.813688][ T7851] team0: Port device team_slave_0 added
[  213.841218][ T7851] team0: Port device team_slave_1 added
[  213.847298][   T25] usb 3-1: Using ep0 maxpacket: 8
[  213.858501][   T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.880996][    T9] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  213.898057][   T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.912223][   T25] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  213.935377][   T25] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  213.945726][ T7851] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.953927][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.967341][ T7851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.008373][   T25] usb 3-1: Product: syz
[  214.032515][   T25] usb 3-1: Manufacturer: syz
[  214.040874][   T25] usb 3-1: SerialNumber: syz
[  214.051738][ T7851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.076860][   T25] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input28
[  214.092205][ T7851] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.114503][ T7851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.144894][ T7851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.199997][    T9] usb 1-1: config 1 interface 0 altsetting 8 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  214.228359][ T5101] Bluetooth: hci3: command tx timeout
[  214.236194][    T9] usb 1-1: config 1 interface 0 has no altsetting 0
[  214.261327][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.40
[  214.272289][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.280871][    T9] usb 1-1: Product: ᘰ
[  214.288427][    T9] usb 1-1: Manufacturer: 嫅Ø괃쮞ⴂ썫舠帥涱ན⺖紐梺聄詯쵚
[  214.298485][    T9] usb 1-1: SerialNumber: В
[  214.351717][ T7944] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  214.387159][ T5143] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  214.401863][ T7851] hsr_slave_0: entered promiscuous mode
[  214.413002][ T7957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.424013][ T7957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.466508][ T7851] hsr_slave_1: entered promiscuous mode
[  214.492500][ T7851] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  214.513557][ T5141] usb 2-1: USB disconnect, device number 17
[  214.521977][ T7851] Cannot create hsr debugfs directory
[  214.617318][ T5143] usb 5-1: Using ep0 maxpacket: 8
[  214.630024][ T5143] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.681677][ T5143] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.753686][ T5143] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  214.760481][ T5143] usb 5-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  214.840611][ T4528] bcm5974 3-1:1.0: could not read from device
[  214.859814][ T4528] bcm5974 3-1:1.0: could not read from device
[  214.865360][ T4528] bcm5974 3-1:1.0: could not read from device
[  214.866190][ T4528] bcm5974 3-1:1.0: could not read from device
[  214.888619][ T5143] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.888648][ T5143] usb 5-1: Product: syz
[  214.888663][ T5143] usb 5-1: Manufacturer: syz
[  214.888678][ T5143] usb 5-1: SerialNumber: syz
[  214.890341][   T25] usb 3-1: USB disconnect, device number 7
[  214.915758][ T5143] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input29
[  215.165399][ T7966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  215.165645][ T7966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  215.436089][ T4528] bcm5974 5-1:1.0: could not read from device
[  215.443895][    T9] usbhid 1-1:1.0: can't add hid device: -71
[  215.463222][    T9] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  215.486205][ T4528] bcm5974 5-1:1.0: could not read from device
[  215.499859][    T9] usb 1-1: USB disconnect, device number 14
[  215.512591][ T5143] usb 5-1: USB disconnect, device number 19
[  215.538147][ T4528] bcm5974 5-1:1.0: could not read from device
[  215.587562][ T4528] bcm5974 5-1:1.0: could not read from device
[  216.114558][ T7851] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  216.139698][ T7851] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  216.229770][ T7851] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  216.279955][ T7851] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  216.299770][ T5101] Bluetooth: hci3: command tx timeout
[  216.537188][ T5143] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  216.591600][   T29] audit: type=1326 audit(1720546380.352:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7989 comm="syz.4.556" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0949175bd9 code=0x0
[  216.665532][ T7851] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.714556][ T7851] 8021q: adding VLAN 0 to HW filter on device team0
[  216.722571][ T5143] usb 2-1: Using ep0 maxpacket: 32
[  216.736522][ T5143] usb 2-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6
[  216.756658][ T5143] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.778440][ T5101] Bluetooth: hci1: command tx timeout
[  216.780189][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.791037][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.805564][ T5143] usb 2-1: config 0 descriptor??
[  216.812967][ T5143] usb 2-1: dvb_usb_v2: found a 'Anysee' in warm state
[  216.821593][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.828774][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.841433][ T5143] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  216.848955][ T5143] dvb_usb_anysee 2-1:0.0: probe with driver dvb_usb_anysee failed with error -22
[  217.010592][ T7851] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.023234][ T5143] usb 2-1: USB disconnect, device number 18
[  217.111411][ T8015] netlink: 'syz.2.560': attribute type 4 has an invalid length.
[  217.193622][ T8016] netlink: 'syz.2.560': attribute type 4 has an invalid length.
[  217.250156][ T8015] FAULT_INJECTION: forcing a failure.
[  217.250156][ T8015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.285357][ T8015] CPU: 0 PID: 8015 Comm: syz.2.560 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  217.295458][ T8015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  217.305519][ T8015] Call Trace:
[  217.308819][ T8015]  <TASK>
[  217.311738][ T8015]  dump_stack_lvl+0x241/0x360
[  217.316442][ T8015]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.321651][ T8015]  ? __pfx__printk+0x10/0x10
[  217.326238][ T8015]  should_fail_ex+0x3b0/0x4e0
[  217.330923][ T8015]  _copy_from_user+0x2f/0xe0
[  217.335508][ T8015]  copy_from_sockptr+0x62/0xa0
[  217.340273][ T8015]  do_ip_setsockopt+0x24b3/0x3cd0
[  217.345295][ T8015]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  217.350666][ T8015]  ? aa_sk_perm+0x967/0xab0
[  217.355186][ T8015]  ? __pfx_aa_sk_perm+0x10/0x10
[  217.360070][ T8015]  ? __pfx_lock_acquire+0x10/0x10
[  217.365082][ T8015]  ? aa_sock_opt_perm+0x79/0x120
[  217.370009][ T8015]  ip_setsockopt+0x63/0x100
[  217.374497][ T8015]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  217.380394][ T8015]  do_sock_setsockopt+0x3af/0x720
[  217.385426][ T8015]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  217.390972][ T8015]  ? __fget_files+0x29/0x470
[  217.395561][ T8015]  ? __fget_files+0x3f6/0x470
[  217.400254][ T8015]  __sys_setsockopt+0x1ae/0x250
[  217.405101][ T8015]  __x64_sys_setsockopt+0xb5/0xd0
[  217.410132][ T8015]  do_syscall_64+0xf3/0x230
[  217.414735][ T8015]  ? clear_bhb_loop+0x35/0x90
[  217.419509][ T8015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.425427][ T8015] RIP: 0033:0x7f126ff75bd9
[  217.429837][ T8015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.437644][ T5139] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  217.449425][ T8015] RSP: 002b:00007f1270cdb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  217.449499][ T8015] RAX: ffffffffffffffda RBX: 00007f1270103f60 RCX: 00007f126ff75bd9
[  217.449513][ T8015] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000003
[  217.449524][ T8015] RBP: 00007f1270cdb0a0 R08: 000000000000000c R09: 0000000000000000
[  217.449535][ T8015] R10: 0000000020000440 R11: 0000000000000246 R12: 0000000000000001
[  217.449546][ T8015] R13: 000000000000000b R14: 00007f1270103f60 R15: 00007f127022fa78
[  217.449572][ T8015]  </TASK>
[  217.524260][ T7851] veth0_vlan: entered promiscuous mode
[  217.588302][ T7851] veth1_vlan: entered promiscuous mode
[  217.717829][ T5139] usb 1-1: Using ep0 maxpacket: 8
[  217.731804][ T5139] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.774048][ T5139] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  217.779605][ T7851] veth0_macvtap: entered promiscuous mode
[  217.833592][ T5139] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  217.862430][ T7851] veth1_macvtap: entered promiscuous mode
[  217.897349][ T5139] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  217.945232][ T7851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.945790][ T5139] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  218.015883][ T7851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.021633][ T5139] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.041046][ T7851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.075980][ T5139] hub 1-1:1.0: bad descriptor, ignoring hub
[  218.098554][ T5139] hub 1-1:1.0: probe with driver hub failed with error -5
[  218.113239][ T5139] cdc_wdm 1-1:1.0: skipping garbage
[  218.117042][ T7851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.119099][ T5139] cdc_wdm 1-1:1.0: skipping garbage
[  218.166940][ T5139] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  218.180016][ T7851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.182341][ T5139] cdc_wdm 1-1:1.0: Unknown control protocol
[  218.205960][ T7851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.219282][ T7851] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.265237][ T7851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.297334][ T7851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.310484][ T7851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.321768][ T7851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.341781][ T7851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.357585][ T7851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.377471][    T9] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  218.381902][ T7851] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.399530][   T56] usb 1-1: USB disconnect, device number 15
[  218.459420][ T7851] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.502819][ T7851] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.531925][ T7851] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.556066][ T7851] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.587420][    T9] usb 5-1: Using ep0 maxpacket: 8
[  218.640795][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  218.727537][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.750760][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  218.757147][   T56] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  218.803454][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.812928][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.822316][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  218.831580][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.850782][    T9] usb 5-1: Product: syz
[  218.868470][    T9] usb 5-1: Manufacturer: syz
[  218.885257][    T9] usb 5-1: SerialNumber: syz
[  218.917341][    T9] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input30
[  219.030323][ T8052] netlink: 20 bytes leftover after parsing attributes in process `syz.2.568'.
[  219.043819][   T56] usb 1-1: Using ep0 maxpacket: 8
[  219.070002][   T56] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.100594][ T5719] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.107190][   T56] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  219.123349][   T56] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  219.135635][   T56] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  219.147113][   T56] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  219.156183][   T56] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.174764][   T56] hub 1-1:1.0: bad descriptor, ignoring hub
[  219.202180][ T5719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.210415][   T56] hub 1-1:1.0: probe with driver hub failed with error -5
[  219.219583][   T56] cdc_wdm 1-1:1.0: skipping garbage
[  219.224851][   T56] cdc_wdm 1-1:1.0: skipping garbage
[  219.233188][   T56] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  219.240158][   T56] cdc_wdm 1-1:1.0: Unknown control protocol
[  219.261933][ T8058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.285748][   T61] tipc: Subscription rejected, illegal request
[  219.305379][ T8058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.977381][ T4528] bcm5974 5-1:1.0: could not read from device
[  220.029208][    T9] usb 5-1: USB disconnect, device number 20
[  220.029328][ T4528] bcm5974 5-1:1.0: could not read from device
[  220.102304][ T4528] bcm5974 5-1:1.0: could not read from device
[  220.961817][ T1717] usb 1-1: USB disconnect, device number 16
[  221.119897][ T8105] netlink: 16 bytes leftover after parsing attributes in process `syz.0.575'.
[  222.197887][   T56] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  222.225526][ T1717] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  222.418529][   T25] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  222.436757][   T56] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.457222][ T1717] usb 4-1: Using ep0 maxpacket: 8
[  222.462542][   T56] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.479510][ T1717] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.503217][   T56] usb 3-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  222.513008][ T1717] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  222.557102][   T56] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.566695][ T1717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.601470][   T56] usb 3-1: config 0 descriptor??
[  222.609781][ T1717] usb 4-1: config 0 descriptor??
[  222.625449][ T1717] gspca_main: vc032x-2.14.0 probing 046d:0892
[  222.632304][   T25] usb 5-1: Using ep0 maxpacket: 16
[  222.641251][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  222.654171][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  222.668485][   T25] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  222.682392][ T5139] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  222.714596][   T25] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  222.745676][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.805324][   T25] usb 5-1: Product: syz
[  222.810509][   T25] usb 5-1: Manufacturer: syz
[  222.840320][   T25] usb 5-1: SerialNumber: syz
[  222.863909][ T8169] capability: warning: `syz.0.589' uses deprecated v2 capabilities in a way that may be insecure
[  222.885328][   T25] usb 5-1: selecting invalid altsetting 1
[  222.917201][ T5139] usb 2-1: Using ep0 maxpacket: 8
[  222.925631][ T5139] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.979633][ T5139] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.038902][ T5139] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  223.094709][ T8144] netlink: 'syz.4.583': attribute type 10 has an invalid length.
[  223.104735][ T5139] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  223.117281][ T8144] netlink: 2 bytes leftover after parsing attributes in process `syz.4.583'.
[  223.146543][ T8144] team0: entered promiscuous mode
[  223.155980][ T8144] team_slave_0: entered promiscuous mode
[  223.164617][ T5139] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.175110][ T8144] team_slave_1: entered promiscuous mode
[  223.186732][ T8144] bridge0: port 3(team0) entered blocking state
[  223.227831][ T8144] bridge0: port 3(team0) entered disabled state
[  223.234253][ T5139] usb 2-1: Product: syz
[  223.253279][ T8144] team0: entered allmulticast mode
[  223.265749][ T5139] usb 2-1: Manufacturer: syz
[  223.277851][ T8144] team_slave_0: entered allmulticast mode
[  223.295337][   T56] hid-led 0003:1D34:000A.0007: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.2-1/input0
[  223.296038][ T8144] team_slave_1: entered allmulticast mode
[  223.306826][ T5139] usb 2-1: SerialNumber: syz
[  223.344423][ T5139] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input31
[  223.399658][ T8144] bridge0: port 3(team0) entered blocking state
[  223.405558][   T56] hid-led 0003:1D34:000A.0007: Dream Cheeky Webmail Notifier initialized
[  223.406458][ T8144] bridge0: port 3(team0) entered forwarding state
[  223.486307][   T25] cdc_ncm 5-1:1.0: bind() failure
[  223.530794][   T25] usb 5-1: USB disconnect, device number 21
[  223.621220][ T8177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.687769][ T8177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.872087][ T1717] gspca_vc032x: reg_w err -71
[  223.888923][ T1717] vc032x 4-1:0.0: probe with driver vc032x failed with error -71
[  223.974136][ T5087] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  223.990484][ T5087] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  224.002850][ T5087] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  224.019772][ T5087] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  224.029248][ T1717] usb 4-1: USB disconnect, device number 26
[  224.040134][ T5087] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  224.050727][ T5087] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  224.179298][   T29] audit: type=1326 audit(1720546387.912:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8128 comm="syz.2.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126ff75bd9 code=0x7ffc0000
[  224.231347][   T29] audit: type=1326 audit(1720546387.912:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8128 comm="syz.2.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126ff75bd9 code=0x7ffc0000
[  224.266373][ T4528] bcm5974 2-1:1.0: could not read from device
[  224.340257][ T5139] usb 2-1: USB disconnect, device number 19
[  224.346799][ T4528] bcm5974 2-1:1.0: could not read from device
[  224.465279][ T1846] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.635854][ T8193] fuse: Bad value for 'fd'
[  224.669952][ T8193] fuse: Bad value for 'fd'
[  224.703797][ T1846] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.860811][ T1846] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.010966][ T5141] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  225.156861][ T1846] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.230063][ T5141] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  225.291595][ T5141] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  225.320539][ T5142] usb 3-1: USB disconnect, device number 8
[  225.385345][ T5141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.456913][ T5141] usb 4-1: config 0 descriptor??
[  225.849275][ T8185] chnl_net:caif_netlink_parms(): no params data found
[  226.036119][ T1846] bridge_slave_1: left allmulticast mode
[  226.060421][ T1846] bridge_slave_1: left promiscuous mode
[  226.073000][ T1846] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.137389][ T5087] Bluetooth: hci2: command tx timeout
[  226.213564][ T1846] bridge_slave_0: left allmulticast mode
[  226.220752][ T1846] bridge_slave_0: left promiscuous mode
[  226.226736][ T1846] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.623477][ T5141] ath6kl: Failed to submit usb control message: -110
[  226.643967][ T5141] ath6kl: unable to send the bmi data to the device: -110
[  226.661615][ T5141] ath6kl: Unable to send get target info: -110
[  226.685616][ T5141] ath6kl: Failed to init ath6kl core: -110
[  226.704005][ T5141] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -110
[  227.047610][ T1846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.061034][ T1846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.076345][ T1846] bond0 (unregistering): Released all slaves
[  227.157230][ T5144] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  227.226456][ T8249] binder: 8248:8249 ioctl 80189439 20000340 returned -22
[  227.362103][ T8185] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.380437][ T8185] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.389560][ T5144] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.391281][ T8185] bridge_slave_0: entered allmulticast mode
[  227.415751][ T8185] bridge_slave_0: entered promiscuous mode
[  227.417350][ T5144] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.434698][ T8185] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.442834][ T5144] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  227.453270][ T8185] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.460644][ T5144] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.465245][ T8185] bridge_slave_1: entered allmulticast mode
[  227.485854][ T5144] usb 5-1: config 0 descriptor??
[  227.488449][ T8185] bridge_slave_1: entered promiscuous mode
[  227.631258][ T8185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.644521][ T8185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.763558][ T5144] usbhid 5-1:0.0: can't add hid device: -71
[  227.783425][ T8185] team0: Port device team_slave_0 added
[  227.800202][ T5144] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  227.801113][ T5141] usb 4-1: USB disconnect, device number 27
[  227.820117][ T8185] team0: Port device team_slave_1 added
[  227.856449][ T5144] usb 5-1: USB disconnect, device number 22
[  227.928085][ T1846] hsr_slave_0: left promiscuous mode
[  227.972593][ T1846] hsr_slave_1: left promiscuous mode
[  228.001410][ T1846] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.019810][ T1846] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.057260][ T1846] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.076274][ T1846] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.143628][ T8282] xt_TCPMSS: Only works on TCP SYN packets
[  228.191687][ T1846] veth1_macvtap: left promiscuous mode
[  228.209287][ T1846] veth0_macvtap: left promiscuous mode
[  228.219457][ T5087] Bluetooth: hci2: command tx timeout
[  228.247312][ T1846] veth1_vlan: left promiscuous mode
[  228.268876][ T1846] veth0_vlan: left promiscuous mode
[  228.317098][ T5141] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  228.508599][ T5141] usb 4-1: Using ep0 maxpacket: 32
[  228.528167][ T5141] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  228.547950][ T5141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.614639][ T5141] usb 4-1: config 0 descriptor??
[  228.658939][ T5141] gspca_main: nw80x-2.14.0 probing 055f:d001
[  229.199403][ T5141] gspca_nw80x: reg_w err -110
[  229.215466][ T5141] nw80x 4-1:0.0: probe with driver nw80x failed with error -110
[  229.376782][ T8300] netlink: 48 bytes leftover after parsing attributes in process `syz.4.609'.
[  229.482965][ T1846] team0 (unregistering): Port device team_slave_1 removed
[  229.525589][ T1846] team0 (unregistering): Port device team_slave_0 removed
[  229.885369][ T8185] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.895056][ T8185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.924572][ T8185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.031229][ T8185] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.047529][ T5144] usb 4-1: USB disconnect, device number 28
[  230.070636][ T8185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.167139][ T8185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.297898][ T5087] Bluetooth: hci2: command tx timeout
[  230.409199][ T8185] hsr_slave_0: entered promiscuous mode
[  230.438147][ T8185] hsr_slave_1: entered promiscuous mode
[  230.475832][ T8185] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.522499][ T8185] Cannot create hsr debugfs directory
[  230.817866][ T5144] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  231.037085][ T5144] usb 5-1: Using ep0 maxpacket: 8
[  231.058756][ T5144] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.124770][   T29] audit: type=1326 audit(1720546394.872:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8330 comm="syz.2.618" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f126ff75bd9 code=0x0
[  231.135025][ T5144] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.197817][ T5144] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  231.214357][ T5144] usb 5-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  231.234507][ T5144] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.279991][ T5144] usb 5-1: Product: syz
[  231.302861][ T5144] usb 5-1: Manufacturer: syz
[  231.309527][ T5144] usb 5-1: SerialNumber: syz
[  231.320586][ T5144] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input33
[  231.757968][ T8352] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.766546][ T8352] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.845534][   T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.862438][ T8353] xt_TCPMSS: Only works on TCP SYN packets
[  232.302993][ T8319] netlink: 4 bytes leftover after parsing attributes in process `syz.4.616'.
[  232.380159][ T5087] Bluetooth: hci2: command tx timeout
[  232.422592][ T4528] bcm5974 5-1:1.0: could not read from device
[  232.430922][ T5141] usb 5-1: USB disconnect, device number 23
[  232.460673][ T5084] bcm5974 5-1:1.0: could not read from device
[  232.489971][ T5101] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  232.507726][ T5101] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  232.516236][ T5101] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  232.532576][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  232.534100][   T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.558133][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  232.582975][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  232.651125][ T5087] Bluetooth: hci1: Ignoring HCI_Sync_Conn_Complete event for existing connection
[  232.781172][   T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.931997][   T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.061387][ T8374] netlink: 20 bytes leftover after parsing attributes in process `syz.4.625'.
[  233.105061][ T8372] ptrace attach of "./syz-executor exec"[8377] was attempted by "./syz-executor exec"[8372]
[  233.264033][ T8185] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  233.381728][ T8185] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  233.430185][ T8185] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  233.555821][ T8390] netlink: 4 bytes leftover after parsing attributes in process `syz.4.627'.
[  233.630260][   T61] bridge_slave_1: left allmulticast mode
[  233.677102][   T61] bridge_slave_1: left promiscuous mode
[  233.691429][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.703144][   T61] bridge_slave_0: left allmulticast mode
[  233.714226][   T61] bridge_slave_0: left promiscuous mode
[  233.760224][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.267261][ T5140] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  234.487365][ T5140] usb 3-1: Using ep0 maxpacket: 8
[  234.499170][ T5140] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.525980][ T5140] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  234.537733][ T5140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.579286][ T5140] usb 3-1: config 0 descriptor??
[  234.606387][ T5140] gspca_main: vc032x-2.14.0 probing 046d:0892
[  234.617523][ T5087] Bluetooth: hci3: command tx timeout
[  234.697199][ T5087] Bluetooth: hci1: command tx timeout
[  234.737510][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  234.762194][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.781415][   T61] bond0 (unregistering): Released all slaves
[  234.813770][ T8185] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  234.858373][ T8415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'.
[  235.108001][ T8422] netlink: 20 bytes leftover after parsing attributes in process `syz.4.631'.
[  235.181179][ T8367] chnl_net:caif_netlink_parms(): no params data found
[  235.320618][ T3767] tipc: Subscription rejected, illegal request
[  235.542498][   T61] hsr_slave_0: left promiscuous mode
[  235.589039][   T61] hsr_slave_1: left promiscuous mode
[  235.621091][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.631230][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.642962][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.650902][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.702196][   T61] veth1_macvtap: left promiscuous mode
[  235.713182][   T61] veth0_macvtap: left promiscuous mode
[  235.720652][   T61] veth1_vlan: left promiscuous mode
[  235.726144][   T61] veth0_vlan: left promiscuous mode
[  235.844066][ T5140] gspca_vc032x: reg_w err -71
[  235.858070][ T5140] vc032x 3-1:0.0: probe with driver vc032x failed with error -71
[  235.893312][ T5140] usb 3-1: USB disconnect, device number 9
[  235.999900][ T8444] FAULT_INJECTION: forcing a failure.
[  235.999900][ T8444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.030344][ T8444] CPU: 1 PID: 8444 Comm: syz.4.634 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  236.040364][ T8444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  236.050418][ T8444] Call Trace:
[  236.053786][ T8444]  <TASK>
[  236.056705][ T8444]  dump_stack_lvl+0x241/0x360
[  236.061379][ T8444]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.066568][ T8444]  ? __pfx__printk+0x10/0x10
[  236.071169][ T8444]  ? snprintf+0xda/0x120
[  236.075502][ T8444]  should_fail_ex+0x3b0/0x4e0
[  236.080278][ T8444]  _copy_to_user+0x2f/0xb0
[  236.084685][ T8444]  simple_read_from_buffer+0xca/0x150
[  236.090066][ T8444]  proc_fail_nth_read+0x1e9/0x250
[  236.095107][ T8444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  236.100671][ T8444]  ? rw_verify_area+0x520/0x6b0
[  236.105542][ T8444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  236.111360][ T8444]  vfs_read+0x204/0xbc0
[  236.115510][ T8444]  ? __pfx_lock_release+0x10/0x10
[  236.120529][ T8444]  ? __pfx_vfs_read+0x10/0x10
[  236.125195][ T8444]  ? __fget_files+0x29/0x470
[  236.129776][ T8444]  ? __fget_files+0x3f6/0x470
[  236.134455][ T8444]  ksys_read+0x1a0/0x2c0
[  236.138695][ T8444]  ? __pfx_ksys_read+0x10/0x10
[  236.143451][ T8444]  ? do_syscall_64+0x100/0x230
[  236.148209][ T8444]  ? do_syscall_64+0xb6/0x230
[  236.152887][ T8444]  do_syscall_64+0xf3/0x230
[  236.157384][ T8444]  ? clear_bhb_loop+0x35/0x90
[  236.162049][ T8444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.167945][ T8444] RIP: 0033:0x7f09491746bc
[  236.172366][ T8444] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  236.191984][ T8444] RSP: 002b:00007f0949fb7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  236.200413][ T8444] RAX: ffffffffffffffda RBX: 00007f0949303f60 RCX: 00007f09491746bc
[  236.208393][ T8444] RDX: 000000000000000f RSI: 00007f0949fb70b0 RDI: 0000000000000003
[  236.216385][ T8444] RBP: 00007f0949fb70a0 R08: 0000000000000000 R09: 0000000000000000
[  236.224356][ T8444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.232320][ T8444] R13: 000000000000000b R14: 00007f0949303f60 R15: 00007f094942fa78
[  236.240302][ T8444]  </TASK>
[  236.384621][ T8447] xt_bpf: check failed: parse error
[  236.489887][ T8447] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  236.496450][ T8447] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  236.527167][ T8447] vhci_hcd vhci_hcd.0: Device attached
[  236.541605][ T8448] vhci_hcd: connection closed
[  236.550153][ T8447] netlink: 'syz.4.635': attribute type 9 has an invalid length.
[  236.561845][ T3767] vhci_hcd: stop threads
[  236.581096][ T3767] vhci_hcd: release socket
[  236.585615][ T3767] vhci_hcd: disconnect device
[  236.666391][ T8454] netlink: 48 bytes leftover after parsing attributes in process `syz.2.637'.
[  236.699742][ T5087] Bluetooth: hci3: command tx timeout
[  236.874349][   T61] team0 (unregistering): Port device team_slave_1 removed
[  236.947262][   T61] team0 (unregistering): Port device team_slave_0 removed
[  237.176506][ T5101] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  237.186648][ T5101] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  237.202762][ T5101] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  237.214137][ T5101] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  237.229498][ T5101] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  237.238372][ T5101] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  237.624457][ T8367] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.634331][ T8367] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.645369][ T8367] bridge_slave_0: entered allmulticast mode
[  237.680849][ T8367] bridge_slave_0: entered promiscuous mode
[  237.771068][ T8367] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.789126][ T8367] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.807351][ T8367] bridge_slave_1: entered allmulticast mode
[  237.816784][ T8367] bridge_slave_1: entered promiscuous mode
[  237.864435][ T8464] netlink: 8 bytes leftover after parsing attributes in process `syz.4.641'.
[  238.044858][ T8367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  238.136502][ T8367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  238.154533][ T8473] netlink: 'syz.4.642': attribute type 4 has an invalid length.
[  238.172126][ T8475] netlink: 'syz.4.642': attribute type 4 has an invalid length.
[  238.285116][ T8367] team0: Port device team_slave_0 added
[  238.350001][ T8367] team0: Port device team_slave_1 added
[  238.463156][ T8185] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.620520][ T8367] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.636050][ T8493] netlink: 20 bytes leftover after parsing attributes in process `syz.4.643'.
[  238.645466][ T8367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.673925][ T8367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.687331][ T8367] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.694309][ T8367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.720825][ T8367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.778719][ T5101] Bluetooth: hci3: command tx timeout
[  238.872258][   T12] tipc: Subscription rejected, illegal request
[  238.926899][ T8367] hsr_slave_0: entered promiscuous mode
[  238.952752][ T8367] hsr_slave_1: entered promiscuous mode
[  238.966560][ T8367] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.974364][ T8367] Cannot create hsr debugfs directory
[  239.060369][ T8457] chnl_net:caif_netlink_parms(): no params data found
[  239.138621][ T8185] 8021q: adding VLAN 0 to HW filter on device team0
[  239.346786][   T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.349049][ T5101] Bluetooth: hci1: command tx timeout
[  239.508107][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.515244][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.729743][   T61] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.750066][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.757321][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.793166][ T8457] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.810630][ T8457] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.867241][ T8457] bridge_slave_0: entered allmulticast mode
[  239.886458][ T8457] bridge_slave_0: entered promiscuous mode
[  239.998087][   T61] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.042312][ T8457] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.066913][ T8457] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.114553][ T8457] bridge_slave_1: entered allmulticast mode
[  240.130849][ T8457] bridge_slave_1: entered promiscuous mode
[  240.255446][   T61] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.311584][ T8457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.408841][ T8457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.560121][ T8457] team0: Port device team_slave_0 added
[  240.577978][ T8457] team0: Port device team_slave_1 added
[  240.673951][ T8531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.650'.
[  240.860784][ T5101] Bluetooth: hci3: command tx timeout
[  240.988166][ T8457] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.030470][ T8457] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.088799][ T8457] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.290884][ T8185] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.313663][ T8457] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.337233][ T8457] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.377178][ T8457] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.422873][ T5101] Bluetooth: hci1: command tx timeout
[  241.614837][   T61] bridge_slave_1: left allmulticast mode
[  241.637940][   T61] bridge_slave_1: left promiscuous mode
[  241.646885][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.675248][   T61] bridge_slave_0: left allmulticast mode
[  241.685531][   T61] bridge_slave_0: left promiscuous mode
[  241.697250][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.016571][ T8562] netlink: 20 bytes leftover after parsing attributes in process `syz.4.654'.
[  242.195869][ T1107] tipc: Subscription rejected, illegal request
[  242.283318][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.316324][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.333734][   T61] bond0 (unregistering): Released all slaves
[  242.461860][ T8457] hsr_slave_0: entered promiscuous mode
[  242.504373][ T8457] hsr_slave_1: entered promiscuous mode
[  242.534368][ T8457] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.550058][ T8457] Cannot create hsr debugfs directory
[  242.947950][   T61] hsr_slave_0: left promiscuous mode
[  242.968170][   T61] hsr_slave_1: left promiscuous mode
[  242.993365][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.011888][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.029713][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.049819][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.080827][   T61] veth1_macvtap: left promiscuous mode
[  243.086409][   T61] veth0_macvtap: left promiscuous mode
[  243.101987][   T61] veth1_vlan: left promiscuous mode
[  243.107611][   T61] veth0_vlan: left promiscuous mode
[  243.497396][ T5087] Bluetooth: hci1: command tx timeout
[  243.502887][ T5101] Bluetooth: hci4: command tx timeout
[  243.941111][   T61] team0 (unregistering): Port device team_slave_1 removed
[  243.995869][   T61] team0 (unregistering): Port device team_slave_0 removed
[  244.262855][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  244.487601][    T9] usb 3-1: Using ep0 maxpacket: 8
[  244.506090][ T8589] netlink: 8 bytes leftover after parsing attributes in process `syz.4.663'.
[  244.518297][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  244.533855][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.548998][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  244.569571][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  244.592482][ T8367] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  244.612796][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.635519][    T9] usb 3-1: Product: syz
[  244.647679][    T9] usb 3-1: Manufacturer: syz
[  244.652317][    T9] usb 3-1: SerialNumber: syz
[  244.685119][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input34
[  244.744524][ T8367] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  244.828980][ T8367] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  244.851395][ T8185] veth0_vlan: entered promiscuous mode
[  244.866303][ T8595] netlink: 20 bytes leftover after parsing attributes in process `syz.4.665'.
[  244.912347][ T8367] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  244.948604][ T8185] veth1_vlan: entered promiscuous mode
[  245.008720][ T8597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.044213][ T8597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.062511][   T35] tipc: Subscription rejected, illegal request
[  245.375600][ T8597] netlink: 4 bytes leftover after parsing attributes in process `syz.2.661'.
[  245.382553][ T8185] veth0_macvtap: entered promiscuous mode
[  245.505059][ T8185] veth1_macvtap: entered promiscuous mode
[  245.536226][ T5144] usb 3-1: USB disconnect, device number 10
[  245.536230][ T4528] bcm5974 3-1:1.0: could not read from device
[  245.588523][ T5101] Bluetooth: hci1: command tx timeout
[  245.631754][ T5084] bcm5974 3-1:1.0: could not read from device
[  245.675914][ T8185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.711671][ T8185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.750484][ T8185] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.831928][ T8185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.844533][ T8185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.863919][ T8185] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.866399][ T8613] netlink: 48 bytes leftover after parsing attributes in process `syz.4.667'.
[  245.887630][ T8457] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  245.914161][ T8457] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  245.930967][ T8457] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  245.945048][ T8457] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  245.964064][ T8185] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.986239][ T8185] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.006110][ T8185] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.027278][ T8185] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.131094][ T8367] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.225042][ T8620] ALSA: mixer_oss: invalid OSS volume '�Z�yM�/�j���b�-���)��)��W�u'
[  246.236118][ T8620] ALSA: mixer_oss: invalid OSS volume '?Թ�'
[  246.248199][ T8620] ALSA: mixer_oss: invalid OSS volume 'ߧ�4c�T���󯆩"�m!l�T.�Π����'
[  246.258067][ T8620] ALSA: mixer_oss: invalid OSS volume 'lg�'
[  246.282328][ T8620] ALSA: mixer_oss: invalid OSS volume '�)n���k�Ki��,r��WY\�ZV����?J`G'
[  246.304074][ T8620] ALSA: mixer_oss: invalid OSS volume 'k�O0���$��g��{�
pl{��y;_A�RW��'
[  246.308857][ T8367] 8021q: adding VLAN 0 to HW filter on device team0
[  246.313709][ T8620] ALSA: mixer_oss: invalid OSS volume '�'
[  246.326125][ T8620] ALSA: mixer_oss: invalid OSS volume 'sv��Fu{Qby>��h%w���]'
[  246.337480][ T8620] ALSA: mixer_oss: invalid OSS volume '�E���
=�v?��@4��8�@�h����L'
[  246.345858][ T8620] ALSA: mixer_oss: invalid OSS volume '�+���?>3Iq��0:i��q�|��U�D�ř��'
[  246.367293][ T8620] ALSA: mixer_oss: invalid OSS volume 'vӷ*xr��N0�ܗ���c��A�����d�h�'
[  246.380307][ T5141] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.387543][ T5141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.387586][ T8620] ALSA: mixer_oss: invalid OSS volume '��JM����%H�J[~S'
[  246.402395][ T8620] ALSA: mixer_oss: invalid OSS volume '�����
�SQF��?���`�*�����]��5S'
[  246.411551][ T8620] ALSA: mixer_oss: invalid OSS volume 'x�\E�7�9��@�a��r4b�2��]�jG'
[  246.418928][    T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  246.421681][ T8620] ALSA: mixer_oss: invalid OSS volume 'm*C�7�)����'
[  246.434871][ T8620] ALSA: mixer_oss: invalid OSS volume '+�<�b=���6
�Mʱ�yxXY~PA�����'
[  246.443479][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.450473][ T8620] ALSA: mixer_oss: invalid OSS volume '���sQl�ԻGo;�5X�b�[k�Y�[ג�'
[  246.455594][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.461021][ T8620] ALSA: mixer_oss: invalid OSS volume ']��.�
�LN,���˶'
[  246.493417][ T8457] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.506704][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.507699][ T8620] ALSA: mixer_oss: invalid OSS volume '\
'
[  246.513877][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.521335][ T8620] ALSA: mixer_oss: invalid OSS volume ''
[  246.639516][ T8457] 8021q: adding VLAN 0 to HW filter on device team0
[  246.658445][    T9] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  246.690618][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  246.702085][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.732311][    T9] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  246.743181][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.761204][ T8367] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  246.764272][    T9] usb 5-1: No valid video chain found.
[  246.785516][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.801318][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.808529][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.839508][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.846753][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.944179][    T9] usb 5-1: USB disconnect, device number 24
[  247.044850][ T8367] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.217704][ T8457] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.294888][ T8367] veth0_vlan: entered promiscuous mode
[  247.380649][ T8367] veth1_vlan: entered promiscuous mode
[  247.480447][ T8457] veth0_vlan: entered promiscuous mode
[  247.502239][ T8457] veth1_vlan: entered promiscuous mode
[  247.571577][ T8367] veth0_macvtap: entered promiscuous mode
[  247.591226][ T8367] veth1_macvtap: entered promiscuous mode
[  247.614841][ T8457] veth0_macvtap: entered promiscuous mode
[  247.666020][ T8457] veth1_macvtap: entered promiscuous mode
[  247.677485][ T5144] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  247.709431][ T8367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.731439][ T8367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.744531][ T8367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.755847][ T8367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.768641][ T8367] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.792628][ T8649] netlink: 20 bytes leftover after parsing attributes in process `syz.4.674'.
[  247.805387][ T8367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.822236][ T8367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.833777][ T8367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.847244][ T8367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.871278][ T8367] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.878502][ T5144] usb 1-1: Using ep0 maxpacket: 8
[  247.881435][ T5144] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.924404][ T8457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.935059][ T5144] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.936077][ T8457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.951472][ T5144] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  247.957047][ T8457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.981047][ T8457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.008362][   T12] tipc: Subscription rejected, illegal request
[  248.022878][ T5144] usb 1-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  248.035106][ T5144] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.044586][ T5144] usb 1-1: Product: syz
[  248.051358][ T5142] IPVS: starting estimator thread 0...
[  248.051362][ T5144] usb 1-1: Manufacturer: syz
[  248.051381][ T5144] usb 1-1: SerialNumber: syz
[  248.074601][ T5144] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input35
[  248.086472][ T8457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.106653][ T8457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.135718][ T8457] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.180040][ T8367] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.192328][ T8656] IPVS: using max 33 ests per chain, 79200 per kthread
[  248.202676][ T8367] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.214452][ T8367] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.233741][ T8367] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.315312][ T8457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.338173][ T8658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.349484][ T8658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.357144][ T8457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.409374][ T8457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.452168][ T8457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.471376][ T8457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.501436][ T8457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.563811][ T8457] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.681549][ T8457] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.742623][ T8457] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.765278][ T8457] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.777518][ T8457] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.795057][ T4528] bcm5974 1-1:1.0: could not read from device
[  248.823109][ T4528] bcm5974 1-1:1.0: could not read from device
[  248.913670][ T4528] bcm5974 1-1:1.0: could not read from device
[  248.926253][ T5144] usb 1-1: USB disconnect, device number 17
[  249.025574][ T4528] bcm5974 1-1:1.0: could not read from device
[  249.139372][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.157089][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.242316][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.306375][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.385871][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.449913][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.464957][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.494723][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.529650][ T5142] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  249.630228][   T29] audit: type=1326 audit(1720546413.392:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8683 comm="syz.0.680" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7effc2d75bd9 code=0x0
[  249.777095][ T5142] usb 3-1: Using ep0 maxpacket: 16
[  249.804030][ T5142] usb 3-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  249.842547][ T5142] usb 3-1: config 1 interface 0 has no altsetting 0
[  249.951485][ T5142] usb 3-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  250.003638][ T8704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.639'.
[  250.022731][ T5142] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.080858][ T5142] usb 3-1: Product: syz
[  250.087243][ T5142] usb 3-1: Manufacturer: syz
[  250.105480][ T5142] usb 3-1: SerialNumber: syz
[  250.110109][ T8704] fuse: Unknown parameter 'f�'
[  250.438247][ T5142] usbhid 3-1:1.0: can't add hid device: -71
[  250.465999][ T5142] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  250.563576][ T5142] usb 3-1: USB disconnect, device number 11
[  251.067580][ T5141] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  251.109730][ T8738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.688'.
[  251.277751][ T5141] usb 1-1: Using ep0 maxpacket: 8
[  251.300952][ T5141] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.354380][ T5141] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.419359][ T5141] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  251.446811][ T5141] usb 1-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  251.457542][ T5141] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.465563][ T5141] usb 1-1: Product: syz
[  251.519111][ T5141] usb 1-1: Manufacturer: syz
[  251.523750][ T5141] usb 1-1: SerialNumber: syz
[  251.595825][ T5141] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input36
[  251.920240][ T8772] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  251.939122][ T8772] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.062570][   T29] audit: type=1326 audit(1720546415.822:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8762 comm="syz.2.695" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f126ff75bd9 code=0x0
[  252.378313][ T4528] bcm5974 1-1:1.0: could not read from device
[  252.447907][ T4528] bcm5974 1-1:1.0: could not read from device
[  252.458639][ T5141] usb 1-1: USB disconnect, device number 18
[  253.087167][  T783] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  253.292071][ T8810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.701'.
[  253.303080][ T8808] netlink: 8 bytes leftover after parsing attributes in process `syz.0.702'.
[  253.313920][  T783] usb 5-1: Using ep0 maxpacket: 16
[  253.352153][  T783] usb 5-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  253.364553][ T8805] fuse: Invalid group_id
[  253.424179][  T783] usb 5-1: config 1 interface 0 has no altsetting 0
[  253.457241][   T56] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  253.492807][  T783] usb 5-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  253.554379][  T783] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.555091][ T8814] netlink: 'syz.2.704': attribute type 9 has an invalid length.
[  253.628397][  T783] usb 5-1: Product: syz
[  253.632595][  T783] usb 5-1: Manufacturer: syz
[  253.658474][  T783] usb 5-1: SerialNumber: syz
[  253.677451][   T56] usb 4-1: Using ep0 maxpacket: 16
[  253.691443][   T56] usb 4-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  253.730031][   T56] usb 4-1: config 1 interface 0 has no altsetting 0
[  253.751733][   T56] usb 4-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  253.778429][   T56] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.810557][   T56] usb 4-1: Product: syz
[  253.814768][   T56] usb 4-1: Manufacturer: syz
[  253.857315][   T56] usb 4-1: SerialNumber: syz
[  253.939304][  T783] usbhid 5-1:1.0: can't add hid device: -71
[  253.955576][  T783] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  253.994665][  T783] usb 5-1: USB disconnect, device number 25
[  254.147489][   T56] usbhid 4-1:1.0: can't add hid device: -71
[  254.161596][   T56] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  254.198510][   T56] usb 4-1: USB disconnect, device number 29
[  254.958971][ T8855] netlink: 12 bytes leftover after parsing attributes in process `syz.2.712'.
[  255.107190][ T5143] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  255.206491][   T29] audit: type=1326 audit(1720546418.962:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.2.715" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f126ff75bd9 code=0x0
[  255.358223][ T5143] usb 4-1: Using ep0 maxpacket: 8
[  255.365841][ T8865] raw_sendmsg: syz.1.714 forgot to set AF_INET. Fix it!
[  255.385317][ T5143] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.406303][ T5143] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.416705][ T5143] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  255.437861][ T5143] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  255.447818][ T5143] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.462447][ T5143] usb 4-1: Product: syz
[  255.472950][ T5143] usb 4-1: Manufacturer: syz
[  255.478197][ T5143] usb 4-1: SerialNumber: syz
[  255.562344][ T5143] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input37
[  255.884778][ T8877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  255.903183][ T8877] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.155712][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  256.163869][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  256.353406][ T4528] bcm5974 4-1:1.0: could not read from device
[  256.447705][ T4528] bcm5974 4-1:1.0: could not read from device
[  256.472721][ T5143] usb 4-1: USB disconnect, device number 30
[  256.502616][ T4528] bcm5974 4-1:1.0: could not read from device
[  256.827466][ T5144] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  256.828753][ T8897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.724'.
[  257.047408][ T5144] usb 2-1: Using ep0 maxpacket: 32
[  257.086086][ T5144] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  257.113481][ T5144] usb 2-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[  257.137733][ T5144] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.152485][ T5144] usb 2-1: Product: syz
[  257.189238][ T5144] usb 2-1: Manufacturer: syz
[  257.198744][ T5144] usb 2-1: SerialNumber: syz
[  257.235154][ T5144] usb 2-1: config 0 descriptor??
[  257.583157][ T8932] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  257.614905][ T8932] picdev_read: 4 callbacks suppressed
[  257.614986][ T8932] kvm: pic: non byte read
[  257.627346][ T8932] kvm: pic: level sensitive irq not supported
[  257.631651][ T8932] kvm: pic: non byte read
[  257.650614][ T8932] kvm: pic: level sensitive irq not supported
[  257.650686][ T8932] kvm: pic: non byte read
[  257.657173][ T5101] Bluetooth: hci2: command tx timeout
[  257.674454][ T8932] kvm: pic: level sensitive irq not supported
[  257.674805][ T8932] kvm: pic: non byte read
[  257.930178][ T8936] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  258.000436][   T56] usb 2-1: USB disconnect, device number 20
[  258.467170][  T783] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  258.493141][ T8966] netlink: 'syz.1.741': attribute type 10 has an invalid length.
[  258.516254][ T8966] netlink: 44 bytes leftover after parsing attributes in process `syz.1.741'.
[  258.537540][ T8966] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  258.545586][ T8966] bridge0: port 3(netdevsim1) entered blocking state
[  258.563752][ T8966] bridge0: port 3(netdevsim1) entered disabled state
[  258.579843][ T8966] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[  258.597466][ T8966] bridge0: port 3(netdevsim1) entered blocking state
[  258.604308][ T8966] bridge0: port 3(netdevsim1) entered forwarding state
[  258.613855][ T8968] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.677199][  T783] usb 5-1: Using ep0 maxpacket: 8
[  258.710934][  T783] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.726947][  T783] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.741633][  T783] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  258.770715][  T783] usb 5-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  258.770736][  T783] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.770748][  T783] usb 5-1: Product: syz
[  258.770757][  T783] usb 5-1: Manufacturer: syz
[  258.770765][  T783] usb 5-1: SerialNumber: syz
[  258.796517][  T783] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input38
[  259.033469][   T29] audit: type=1326 audit(1720546422.782:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.2.743" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f126ff75bd9 code=0x0
[  259.254385][ T8952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.315863][ T8952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.737366][ T5101] Bluetooth: hci2: command tx timeout
[  259.903319][   T29] audit: type=1326 audit(1720546423.662:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b8c175bd9 code=0x0
[  260.179612][ T9008] netlink: 'syz.2.748': attribute type 1 has an invalid length.
[  261.336249][ T4528] bcm5974 5-1:1.0: could not read from device
[  261.345039][  T783] usb 5-1: USB disconnect, device number 26
[  261.378385][ T4528] bcm5974 5-1:1.0: could not read from device
[  261.415152][ T5084] bcm5974 5-1:1.0: could not read from device
[  261.447757][ T4528] bcm5974 5-1:1.0: could not read from device
[  261.542369][   T29] audit: type=1326 audit(1720546425.302:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9032 comm="syz.0.757" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7effc2d75bd9 code=0x0
[  261.647159][ T5140] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  261.758278][ T9042] IPVS: length: 144 != 8
[  261.824404][ T9042] netlink: 'syz.3.759': attribute type 11 has an invalid length.
[  261.887198][ T5140] usb 3-1: Using ep0 maxpacket: 8
[  261.913995][ T5140] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  261.946938][ T5140] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  261.969549][ T9050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.761'.
[  261.987064][ T5140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.048304][ T5140] usb 3-1: config 0 descriptor??
[  262.087481][ T5140] gspca_main: spca501-2.14.0 probing 0000:0000
[  262.304690][ T9031] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[  262.317338][   T56] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  262.527291][ T5144] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  262.549737][   T56] usb 5-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[  262.569893][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.590084][   T56] usb 5-1: config 0 descriptor??
[  262.601507][   T56] pwc: Samsung MPC-C10 USB webcam detected.
[  262.617303][ T5140] gspca_spca501: reg write: error -110
[  262.622811][ T5140] spca501 3-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  262.647271][ T5140] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  262.737390][ T5143] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  262.767223][ T5144] usb 4-1: Using ep0 maxpacket: 32
[  262.782037][ T5144] usb 4-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=d6.3f
[  262.794320][ T5144] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.812317][ T5144] usb 4-1: Product: syz
[  262.826803][ T5144] usb 4-1: Manufacturer: syz
[  262.838722][ T5144] usb 4-1: SerialNumber: syz
[  262.858709][ T5144] usb 4-1: config 0 descriptor??
[  262.927277][ T5143] usb 2-1: Using ep0 maxpacket: 16
[  262.941161][ T5143] usb 2-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  262.966785][ T5143] usb 2-1: config 1 interface 0 has no altsetting 0
[  262.991341][ T5143] usb 2-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  263.017232][ T5143] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.047790][ T5143] usb 2-1: Product: syz
[  263.063043][ T5143] usb 2-1: Manufacturer: syz
[  263.079842][ T5143] usb 2-1: SerialNumber: syz
[  263.137000][   T56] pwc: send_video_command error -71
[  263.142756][ T9052] IPVS: set_ctl: invalid protocol: 94 255.255.255.255:20001
[  263.158069][   T56] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  263.185317][   T56] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[  263.208263][   T56] usb 5-1: USB disconnect, device number 27
[  263.310539][ T9056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.762'.
[  263.337742][    C1] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[  263.426333][ T5143] usbhid 2-1:1.0: can't add hid device: -71
[  263.429174][ T5140] usb 3-1: USB disconnect, device number 12
[  263.474765][ T5143] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  263.484298][   T56] usb 4-1: USB disconnect, device number 31
[  263.539635][ T5143] usb 2-1: USB disconnect, device number 21
[  263.705744][ T9071] netlink: 'syz.0.766': attribute type 4 has an invalid length.
[  263.737156][ T9071] netlink: 'syz.0.766': attribute type 4 has an invalid length.
[  264.174705][ T9087] netlink: 8 bytes leftover after parsing attributes in process `syz.1.770'.
[  264.492541][ T9098] netlink: 'syz.3.777': attribute type 4 has an invalid length.
[  264.551453][ T9098] netlink: 'syz.3.777': attribute type 4 has an invalid length.
[  265.897171][ T5140] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  266.097737][ T9148] netlink: 'syz.0.789': attribute type 4 has an invalid length.
[  266.108884][ T5140] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.153316][ T9148] netlink: 'syz.0.789': attribute type 4 has an invalid length.
[  266.183540][ T5140] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.221735][ T5143] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  266.238251][ T5140] usb 3-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  266.318339][ T5140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.381891][ T9155] netlink: 'syz.0.792': attribute type 1 has an invalid length.
[  266.382545][ T5140] usb 3-1: config 0 descriptor??
[  266.421151][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.791'.
[  266.482230][ T5143] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.537312][ T5143] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.551491][ T5143] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  266.560815][ T5143] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.601060][ T5143] usb 5-1: config 0 descriptor??
[  266.727331][ T1717] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  266.953767][ T1717] usb 2-1: config 0 has an invalid interface number: 154 but max is 0
[  266.978793][ T1717] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  267.011547][ T1717] usb 2-1: config 0 has no interface number 0
[  267.036204][ T1717] usb 2-1: New USB device found, idVendor=413c, idProduct=8196, bcdDevice=1f.e0
[  267.080389][ T1717] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.106416][ T1717] usb 2-1: config 0 descriptor??
[  267.119172][ T1717] qmi_wwan 2-1:0.154: skipping garbage
[  267.125121][ T1717] qmi_wwan 2-1:0.154: skipping garbage
[  267.134877][ T1717] qmi_wwan 2-1:0.154: bogus CDC Union: master=0, slave=0
[  267.152636][ T1717] qmi_wwan 2-1:0.154: probe with driver qmi_wwan failed with error -22
[  267.194016][ T5140] hid-led 0003:1D34:000A.0008: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.2-1/input0
[  267.263084][ T5143] hid-led 0003:1D34:000A.0009: hidraw1: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0
[  267.304463][ T5143] hid-led 0003:1D34:000A.0009: Dream Cheeky Webmail Notifier initialized
[  267.355160][ T5140] hid-led 0003:1D34:000A.0008: Dream Cheeky Webmail Notifier initialized
[  267.463052][ T5101] Bluetooth: hci2: unexpected event 0x0f length: 17 > 4
[  268.017184][ T5139] usb 2-1: USB disconnect, device number 22
[  268.442669][ T9184] netlink: 'syz.0.802': attribute type 4 has an invalid length.
[  268.482374][ T9184] netlink: 'syz.0.802': attribute type 4 has an invalid length.
[  268.498167][ T5140] usb 3-1: USB disconnect, device number 13
[  268.702994][ T5141] usb 5-1: USB disconnect, device number 28
[  269.087278][ T1717] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  269.257321][ T5141] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  269.340449][ T1717] usb 4-1: New USB device found, idVendor=9710, idProduct=7843, bcdDevice= 7.b4
[  269.349703][ T1717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.369617][ T1717] usb 4-1: config 0 descriptor??
[  269.385067][ T1717] mos7840 4-1:0.0: required endpoints missing
[  269.457181][ T5141] usb 5-1: device descriptor read/64, error -71
[  269.518004][ T5143] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  269.589841][  T783] usb 4-1: USB disconnect, device number 32
[  269.727193][ T5141] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  269.747226][ T5143] usb 3-1: Using ep0 maxpacket: 8
[  269.766572][ T5143] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.793800][ T5143] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  269.824291][ T5143] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  269.864578][ T5143] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  269.875210][ T5143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.887281][ T5143] usb 3-1: Product: syz
[  269.893734][ T5143] usb 3-1: Manufacturer: syz
[  269.899339][ T5143] usb 3-1: SerialNumber: syz
[  269.914302][ T5143] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input39
[  269.927797][ T5141] usb 5-1: device descriptor read/64, error -71
[  270.047578][ T5141] usb usb5-port1: attempt power cycle
[  270.215059][ T9215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  270.237728][ T9215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  270.482669][ T5141] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  270.537989][ T5141] usb 5-1: device descriptor read/8, error -71
[  270.548899][    C1] ------------[ cut here ]------------
[  270.554909][    C1] WARNING: CPU: 1 PID: 9209 at net/ipv4/route.c:1241 ip_rt_bug+0x2a/0x110
[  270.563657][    C1] Modules linked in:
[  270.567707][    C1] CPU: 1 PID: 9209 Comm: syz.1.810 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  270.577763][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  270.587908][    C1] RIP: 0010:ip_rt_bug+0x2a/0x110
[  270.592954][    C1] Code: f3 0f 1e fa 41 57 41 56 41 55 41 54 53 48 89 d3 e8 fb f9 b3 f7 66 90 e8 f4 f9 b3 f7 48 89 df be 02 00 00 00 e8 27 b4 6d ff 90 <0f> 0b 90 31 c0 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc f3 0f 1e
[  270.612651][    C1] RSP: 0018:ffffc90000a18680 EFLAGS: 00010286
[  270.618827][    C1] RAX: 2c1c12f4b38dc900 RBX: ffff88802322a140 RCX: ffffffff8172da6a
[  270.626860][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fe980
[  270.634902][    C1] RBP: 0000000000000001 R08: ffffffff92fa7617 R09: 1ffffffff25f4ec2
[  270.642963][    C1] R10: dffffc0000000000 R11: fffffbfff25f4ec3 R12: dffffc0000000000
[  270.651010][    C1] R13: dffffc0000000000 R14: ffff88806894b980 R15: ffff888016781380
[  270.659020][    C1] FS:  000055558ead4500(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  270.667993][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  270.674583][    C1] CR2: 0000001b2ce02ff8 CR3: 0000000029486000 CR4: 00000000003526f0
[  270.682599][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  270.690604][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  270.698611][    C1] Call Trace:
[  270.701891][    C1]  <IRQ>
[  270.704746][    C1]  ? __warn+0x163/0x4e0
[  270.708937][    C1]  ? ip_rt_bug+0x2a/0x110
[  270.713282][    C1]  ? report_bug+0x2b3/0x500
[  270.717833][    C1]  ? ip_rt_bug+0x2a/0x110
[  270.722179][    C1]  ? handle_bug+0x3e/0x70
[  270.726539][    C1]  ? exc_invalid_op+0x1a/0x50
[  270.731254][    C1]  ? asm_exc_invalid_op+0x1a/0x20
[  270.736303][    C1]  ? mark_lock+0x9a/0x350
[  270.740687][    C1]  ? ip_rt_bug+0x2a/0x110
[  270.745040][    C1]  ip_push_pending_frames+0xbf/0x150
[  270.750445][    C1]  __icmp_send+0xf89/0x14e0
[  270.754950][    C1]  ? __icmp_send+0x59c/0x14e0
[  270.759660][    C1]  ? __pfx___icmp_send+0x10/0x10
[  270.764621][    C1]  ? mark_lock+0x9a/0x350
[  270.769018][    C1]  ? look_up_lock_class+0x77/0x160
[  270.774143][    C1]  ? mark_lock+0x9a/0x350
[  270.778515][    C1]  ipv4_link_failure+0x62f/0xa10
[  270.783464][    C1]  ? __pfx_ipv4_link_failure+0x10/0x10
[  270.788961][    C1]  ? do_raw_write_lock+0x148/0x4f0
[  270.794105][    C1]  ? __pfx_ipv4_link_failure+0x10/0x10
[  270.799643][    C1]  arp_error_report+0x114/0x160
[  270.804504][    C1]  neigh_invalidate+0x244/0x470
[  270.809458][    C1]  neigh_timer_handler+0x8a5/0xfd0
[  270.814573][    C1]  call_timer_fn+0x18e/0x650
[  270.819198][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  270.824837][    C1]  ? call_timer_fn+0xc0/0x650
[  270.829535][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  270.835193][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  270.840333][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  270.845997][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  270.851675][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  270.857382][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  270.862609][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  270.867859][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  270.873505][    C1]  __run_timer_base+0x66a/0x8e0
[  270.878401][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  270.883803][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  270.890178][    C1]  run_timer_softirq+0xb7/0x170
[  270.895054][    C1]  handle_softirqs+0x2c4/0x970
[  270.900053][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  270.904822][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  270.910146][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  270.915354][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  270.919978][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  270.925211][    C1]  irq_exit_rcu+0x9/0x30
[  270.929488][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  270.935130][    C1]  </IRQ>
[  270.938195][    C1]  <TASK>
[  270.941122][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  270.947117][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[  270.952923][    C1] Code: c9 50 e8 99 c9 0b 00 48 83 c4 08 4c 89 f7 e8 cd 38 00 00 e9 de 04 00 00 4c 89 f7 e8 40 26 2a 0a e8 ab ed 36 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[  270.972549][    C1] RSP: 0018:ffffc90002e1f988 EFLAGS: 00000282
[  270.978642][    C1] RAX: 2c1c12f4b38dc900 RBX: ffff88802a855a00 RCX: ffffffff9479f603
[  270.986691][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fe980
[  270.994713][    C1] RBP: ffffc90002e1f9d0 R08: ffffffff8fad492f R09: 1ffffffff1f5a925
[  271.002714][    C1] R10: dffffc0000000000 R11: fffffbfff1f5a926 R12: 1ffff110172a7e9f
[  271.010706][    C1] R13: dffffc0000000000 R14: ffff8880b943e780 R15: ffff8880b953f4f8
[  271.018708][    C1]  ? finish_task_switch+0x1e5/0x870
[  271.023913][    C1]  __schedule+0x17f0/0x4a20
[  271.028448][    C1]  ? __pfx___schedule+0x10/0x10
[  271.033324][    C1]  ? __pfx_lock_release+0x10/0x10
[  271.038436][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  271.044438][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  271.050365][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  271.056731][    C1]  ? schedule+0x90/0x320
[  271.061007][    C1]  schedule+0x14b/0x320
[  271.065161][    C1]  do_nanosleep+0x197/0x600
[  271.069703][    C1]  ? do_nanosleep+0x80/0x600
[  271.074293][    C1]  ? __pfx_do_nanosleep+0x10/0x10
[  271.079353][    C1]  ? __sanitizer_cov_trace_pc+0x5d/0x70
[  271.084912][    C1]  ? __hrtimer_init+0x170/0x250
[  271.089787][    C1]  hrtimer_nanosleep+0x227/0x470
[  271.094746][    C1]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  271.100240][    C1]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  271.105450][    C1]  ? __pfx_get_timespec64+0x10/0x10
[  271.110690][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  271.115976][    C1]  __se_sys_clock_nanosleep+0x32b/0x3c0
[  271.121565][    C1]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  271.127658][    C1]  ? do_syscall_64+0x100/0x230
[  271.132425][    C1]  ? do_syscall_64+0xb6/0x230
[  271.137123][    C1]  do_syscall_64+0xf3/0x230
[  271.141633][    C1]  ? clear_bhb_loop+0x35/0x90
[  271.146327][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.152293][    C1] RIP: 0033:0x7fdd035a7bc5
[  271.156716][    C1] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 c6 57 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 1f 58 ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[  271.176380][    C1] RSP: 002b:00007fdd0382faf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  271.184849][    C1] RAX: ffffffffffffffda RBX: 00007fdd03703f60 RCX: 00007fdd035a7bc5
[  271.192867][    C1] RDX: 00007fdd0382fb30 RSI: 0000000000000000 RDI: 0000000000000000
[  271.200895][    C1] RBP: 00007fdd03705a60 R08: 0000000000000000 R09: 7fffffffffffffff
[  271.208908][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000004211a
[  271.216894][    C1] R13: 0000000000000032 R14: 00007fdd03705a60 R15: 00007fdd03704110
[  271.224916][    C1]  </TASK>
[  271.227966][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  271.235240][    C1] CPU: 1 PID: 9209 Comm: syz.1.810 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  271.245220][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  271.255297][    C1] Call Trace:
[  271.258580][    C1]  <IRQ>
[  271.261422][    C1]  dump_stack_lvl+0x241/0x360
[  271.266122][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.271327][    C1]  ? __pfx__printk+0x10/0x10
[  271.275940][    C1]  ? vscnprintf+0x5d/0x90
[  271.280280][    C1]  panic+0x349/0x860
[  271.284197][    C1]  ? __warn+0x172/0x4e0
[  271.288375][    C1]  ? __pfx_panic+0x10/0x10
[  271.292812][    C1]  __warn+0x346/0x4e0
[  271.296821][    C1]  ? ip_rt_bug+0x2a/0x110
[  271.301157][    C1]  report_bug+0x2b3/0x500
[  271.305672][    C1]  ? ip_rt_bug+0x2a/0x110
[  271.310001][    C1]  handle_bug+0x3e/0x70
[  271.314159][    C1]  exc_invalid_op+0x1a/0x50
[  271.318672][    C1]  asm_exc_invalid_op+0x1a/0x20
[  271.323520][    C1] RIP: 0010:ip_rt_bug+0x2a/0x110
[  271.328473][    C1] Code: f3 0f 1e fa 41 57 41 56 41 55 41 54 53 48 89 d3 e8 fb f9 b3 f7 66 90 e8 f4 f9 b3 f7 48 89 df be 02 00 00 00 e8 27 b4 6d ff 90 <0f> 0b 90 31 c0 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc f3 0f 1e
[  271.348102][    C1] RSP: 0018:ffffc90000a18680 EFLAGS: 00010286
[  271.354164][    C1] RAX: 2c1c12f4b38dc900 RBX: ffff88802322a140 RCX: ffffffff8172da6a
[  271.362136][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fe980
[  271.370122][    C1] RBP: 0000000000000001 R08: ffffffff92fa7617 R09: 1ffffffff25f4ec2
[  271.378088][    C1] R10: dffffc0000000000 R11: fffffbfff25f4ec3 R12: dffffc0000000000
[  271.386060][    C1] R13: dffffc0000000000 R14: ffff88806894b980 R15: ffff888016781380
[  271.394048][    C1]  ? mark_lock+0x9a/0x350
[  271.398403][    C1]  ip_push_pending_frames+0xbf/0x150
[  271.403707][    C1]  __icmp_send+0xf89/0x14e0
[  271.408240][    C1]  ? __icmp_send+0x59c/0x14e0
[  271.412923][    C1]  ? __pfx___icmp_send+0x10/0x10
[  271.417864][    C1]  ? mark_lock+0x9a/0x350
[  271.422191][    C1]  ? look_up_lock_class+0x77/0x160
[  271.427327][    C1]  ? mark_lock+0x9a/0x350
[  271.431695][    C1]  ipv4_link_failure+0x62f/0xa10
[  271.436645][    C1]  ? __pfx_ipv4_link_failure+0x10/0x10
[  271.442104][    C1]  ? do_raw_write_lock+0x148/0x4f0
[  271.447246][    C1]  ? __pfx_ipv4_link_failure+0x10/0x10
[  271.452723][    C1]  arp_error_report+0x114/0x160
[  271.457603][    C1]  neigh_invalidate+0x244/0x470
[  271.462471][    C1]  neigh_timer_handler+0x8a5/0xfd0
[  271.467617][    C1]  call_timer_fn+0x18e/0x650
[  271.472234][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  271.477876][    C1]  ? call_timer_fn+0xc0/0x650
[  271.482546][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  271.488185][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  271.493289][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  271.498965][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  271.504606][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  271.510242][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  271.515456][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  271.520679][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  271.526391][    C1]  __run_timer_base+0x66a/0x8e0
[  271.531272][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  271.536681][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  271.543029][    C1]  run_timer_softirq+0xb7/0x170
[  271.547891][    C1]  handle_softirqs+0x2c4/0x970
[  271.552664][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  271.557429][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  271.562724][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  271.567923][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  271.572512][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  271.577751][    C1]  irq_exit_rcu+0x9/0x30
[  271.582003][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  271.587654][    C1]  </IRQ>
[  271.590594][    C1]  <TASK>
[  271.593532][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  271.599512][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[  271.605321][    C1] Code: c9 50 e8 99 c9 0b 00 48 83 c4 08 4c 89 f7 e8 cd 38 00 00 e9 de 04 00 00 4c 89 f7 e8 40 26 2a 0a e8 ab ed 36 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[  271.624930][    C1] RSP: 0018:ffffc90002e1f988 EFLAGS: 00000282
[  271.631009][    C1] RAX: 2c1c12f4b38dc900 RBX: ffff88802a855a00 RCX: ffffffff9479f603
[  271.638985][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fe980
[  271.646959][    C1] RBP: ffffc90002e1f9d0 R08: ffffffff8fad492f R09: 1ffffffff1f5a925
[  271.654936][    C1] R10: dffffc0000000000 R11: fffffbfff1f5a926 R12: 1ffff110172a7e9f
[  271.662930][    C1] R13: dffffc0000000000 R14: ffff8880b943e780 R15: ffff8880b953f4f8
[  271.670961][    C1]  ? finish_task_switch+0x1e5/0x870
[  271.676185][    C1]  __schedule+0x17f0/0x4a20
[  271.680724][    C1]  ? __pfx___schedule+0x10/0x10
[  271.685565][    C1]  ? __pfx_lock_release+0x10/0x10
[  271.690586][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  271.696485][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  271.702381][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  271.708713][    C1]  ? schedule+0x90/0x320
[  271.712961][    C1]  schedule+0x14b/0x320
[  271.717116][    C1]  do_nanosleep+0x197/0x600
[  271.721625][    C1]  ? do_nanosleep+0x80/0x600
[  271.726210][    C1]  ? __pfx_do_nanosleep+0x10/0x10
[  271.731239][    C1]  ? __sanitizer_cov_trace_pc+0x5d/0x70
[  271.736882][    C1]  ? __hrtimer_init+0x170/0x250
[  271.741747][    C1]  hrtimer_nanosleep+0x227/0x470
[  271.746824][    C1]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  271.752288][    C1]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  271.757502][    C1]  ? __pfx_get_timespec64+0x10/0x10
[  271.762703][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  271.768014][    C1]  __se_sys_clock_nanosleep+0x32b/0x3c0
[  271.773576][    C1]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  271.779662][    C1]  ? do_syscall_64+0x100/0x230
[  271.784439][    C1]  ? do_syscall_64+0xb6/0x230
[  271.789123][    C1]  do_syscall_64+0xf3/0x230
[  271.793616][    C1]  ? clear_bhb_loop+0x35/0x90
[  271.798280][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.804184][    C1] RIP: 0033:0x7fdd035a7bc5
[  271.808588][    C1] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 c6 57 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 1f 58 ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[  271.828212][    C1] RSP: 002b:00007fdd0382faf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  271.836625][    C1] RAX: ffffffffffffffda RBX: 00007fdd03703f60 RCX: 00007fdd035a7bc5
[  271.844620][    C1] RDX: 00007fdd0382fb30 RSI: 0000000000000000 RDI: 0000000000000000
[  271.852598][    C1] RBP: 00007fdd03705a60 R08: 0000000000000000 R09: 7fffffffffffffff
[  271.860573][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000004211a
[  271.868541][    C1] R13: 0000000000000032 R14: 00007fdd03705a60 R15: 00007fdd03704110
[  271.876515][    C1]  </TASK>
[  271.879668][    C1] Kernel Offset: disabled
[  271.884104][    C1] Rebooting in 86400 seconds..