last executing test programs:

5.900627707s ago: executing program 3 (id=2902):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000001340)=ANY=[@ANYBLOB="0a0000001c000000fdffffff010001000104000004000000950e000007000000760000008387cef906729137913da1413d05c8374aea12a67538bb18eb3ba941"])
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000080)={0x3, 0x3, 0x2f22, 0x6, '\x00', 0x3})
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r5=>r4, {0x2}}, './file0\x00'})
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r3, 0xce)
move_mount(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', r5, &(0x7f00000001c0)='./file0\x00', 0x142)
r6 = add_key(&(0x7f00000023c0)='blacklist\x00', &(0x7f0000002400)={'syz', 0x0}, &(0x7f0000002440)="693b368ce2e71aae4ec413108ef987d93768f30fd832e167876e7f6b777be96502cbf4860259b576302901a628be8c5057313249061ed295685b2eef059f2769c1a762b5220123e7214183e67650577ebe8cd99b879ec91a040f5087fbede48711ccf5fbcb8fe34b030c451e8e9a29d898c3", 0x72, 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000002580), &(0x7f00000025c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$instantiate(0xc, r6, &(0x7f00000013c0)=ANY=[@ANYBLOB="757064617465206563727970746673207573657491ac4c70"], 0x18, r7)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc01cf509, &(0x7f0000002600)={<r8=>r4, 0x9, 0xfffffffffffffff0, 0x876bfc0})
setsockopt$inet6_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000002640)=0xffffffffffffffff, 0x4)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAXSEG(r9, 0x84, 0xd, &(0x7f0000002680)=@assoc_value={0x0, 0x1}, &(0x7f00000026c0)=0x8)
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000002700)=<r10=>0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000002780)={{0x9, 0x1, 0xfffffff8, 0x8, 'syz1\x00', 0x2}, 0x6, 0xd4415b0703583584, 0x5e6, r10, 0x1, 0xa, 'syz1\x00', &(0x7f0000002740)=['\x00'], 0x1})
mkdir(&(0x7f0000002900)='./file0\x00', 0x126)

4.058472386s ago: executing program 0 (id=2914):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a00000000000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800068008000200080000003e"], 0x44}}, 0x0)

3.327439461s ago: executing program 0 (id=2915):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000240)=""/197, 0xc5}, {&(0x7f0000002140)=""/4058, 0xfda}, {&(0x7f0000000340)=""/176, 0xb0}, {&(0x7f0000000400)=""/21, 0x15}, {&(0x7f0000000940)=""/183, 0xb7}, {&(0x7f0000000c00)=""/155, 0x9b}, {&(0x7f0000000880)=""/49, 0x31}, {&(0x7f00000008c0)=""/54, 0x36}, {&(0x7f0000000480)=""/243, 0xf3}, {&(0x7f0000000d40)=""/146, 0x92}], 0xa}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)='%pi6   \x00'}, 0x1c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000780)='personality\x00')
syz_emit_ethernet(0x7e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "570002", 0x48, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "c5e4"}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10}, 0x2, {0x0, 0x1}}}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x4, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, [@ldst={0x1, 0x2, 0x4, 0x5, 0x9, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0xb5, &(0x7f0000000580)=""/181, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x4, 0x5, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[0x1, r1, r2], &(0x7f0000000800), 0x10, 0x20043, @void, @value}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x1a103e43)
syz_emit_ethernet(0x5e, &(0x7f0000000600)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x28, 0x6, 0x0, @remote, @local, {[], {{0xfffd, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0xc2, 0x4, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "fb6b9acd8f4e1c92833a2f1e90339d18"}]}}}}}}}}, 0x0)
r4 = openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x4}, 0xe)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={<r6=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000500)={r6, @in={{0x2, 0x4e24, @empty}}, 0x5, 0x9}, 0x90)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc0f8565c, &(0x7f00000000c0)={0x0, 0x81, 0x0, {0xb, @pix_mp={0x9, 0x522903d0, 0x51424752, 0x6, 0xc, [{0x4, 0x8000}, {0x8, 0x7e}, {0x9, 0x5}, {0x5, 0x8}, {0x6, 0x9}, {0x80000000}, {0x40, 0x40}, {0xb861, 0x8}], 0xd0, 0xfd, 0x4, 0x1}}})
socket$pppoe(0x18, 0x1, 0x0)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000002a40)={'lo\x00', &(0x7f00000029c0)=@ethtool_coalesce={0x1d}})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x6000, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5}}}]}, 0x48}}, 0x0)

2.797709851s ago: executing program 0 (id=2919):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3, 0x7, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4048050}, 0x40)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x64, r2, 0x4, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xb, 0x6d}}}}, [@NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x1000, 0x3, 0x5, 0x0, {0xfffffffffffff801, 0x40, 0x0, 0x10, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x800, 0xd, 0x9}}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, @random=0x16ee}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
r4 = openat$sndseq(0xffffff9c, &(0x7f0000000480), 0x40)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f00000004c0)={0x9, 0xfffffffa, 0x7, {0x1ff, 0x9}, 0x4e4, 0x1})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x7c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_SIZE={0x8, 0x17, 0x1, 0x0, 0x8}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x4}, @IPSET_ATTR_CIDR={0x5, 0x3, 0xe5}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x4}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000404}, 0x4040009)
openat$vmci(0xffffff9c, &(0x7f0000000680), 0x2, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x24, 0x0, 0x211, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4004008)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000cc0)={0xffffffffffffffff, 0x58, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$inet(r1, &(0x7f0000000d40)={&(0x7f0000000800)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000c00)=[{&(0x7f0000000840)="caa5f29092e48d100bf6d2e0861614a2ed57a386c8da5da72b7866063375591dd0907d3184f1dc2ee048c237e680ec245766acdb6545fb6c1885eca363d782a470c1456b4568218614a2b4df2fa02e8ae22669b69080c6d538cfa01fa33b6308e24233ca861d1872a46a40ee76c67d1078c8987beaaa48f7d27da3149f95f448816c082457d7bdab83076a5f0159e7d6a54a1f4533cb4cfd7edf6df14d83a56a54baf4bd1e1aab640b97d6f1c9446404452d7cbeed9c94889271019ffc6c7d3b20ec89dda24ffae71f5bc62003965f4379", 0xd1}, {&(0x7f0000000940)="b6e470029dabc21c947173ffe52be94dca47a39fc539b77cbc3849743d59387757f2ff72d4a1f9633117855905c191585025e0d7631a6ae1d40eb56b772306c8924148b23389d2656575df3dbe0159f4b27f52187a115bdebd94ebc0beaf041cb937a52e4c4951a494d7ef3443341024ee35d7c06823c59e5f1b09be83b041ef155436f57cf3051f720e1a1ee161d668fa258851a5c5150b5d586c5ddfccf2cb", 0xa0}, {&(0x7f0000000a00)}, {&(0x7f0000000a80)="8de06faca3df42733896751b3cee90962fe3278b70c54e0e367c8ad77b4fcce853834e33b57ea7a0195cab1250bcb633bf5d80a9dbf221f1007451e83b3bf357cb5f05c8fd08d93483f611e7dda1608e29768895771bcf9856a963fd6024506f21016dd16d978712a74ba36618a49b17c56d3c6fe9ec38c477c0b99319d9c93e012b13bb693295cff3da2f009a68040e9a51673d51fb0c27177c9307a80cc9b2a1e7bcbe7e93738b8e841b1e33dceed59de1d0a820ab8cdc8d6bc1dcbab02107717ca3b364080d57f94630ca53eaca4c60dd0f9b75605f5ed9636a7459065b65a8983368cd66257d9e", 0xe9}, {&(0x7f0000000b80)="dab9391d8dc0cf11b0c3da1b78a5abf9ffd1ecbf990019c6773921f7e6a9a72ec2e342df0de5b82d5827e7acd23aef5df2e238b0db62ae7388efa5bcff83ff2f42d00ac1a5729ef997c0167d91e3a00f1796e932f2adfa15326d632291", 0x5d}], 0x5, &(0x7f0000000d00)=[@ip_pktinfo={{0x18, 0x0, 0x8, {r5, @loopback, @empty}}}], 0x18}, 0x800)
r6 = open$dir(&(0x7f0000000d80)='./file0\x00', 0x100, 0x100)
r7 = dup3(r6, r1, 0x80000)
recvmsg$unix(r7, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000001dc0)=""/79, 0x4f}, {&(0x7f0000001e40)=""/29, 0x1d}, {&(0x7f0000001e80)=""/112, 0x70}], 0x4, &(0x7f0000001f40)=[@rights={{0x20, 0x1, 0x1, [<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff]}}], 0x20}, 0x1)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r10, 0x29, 0x45, &(0x7f0000001fc0)={'ah\x00'}, &(0x7f0000002000)=0x1e)
ioctl$KVM_S390_VCPU_FAULT(r12, 0x4004ae52, &(0x7f0000002040)=0x3ca2)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f0000002380)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000002340)={&(0x7f00000020c0)={0x270, r2, 0x800, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME={0x5e, 0x33, @ctrl_frame=@bar={{}, {0xff}, @device_b, @device_a, @multi={{0x1, 0x1, 0x1, 0x0, 0x6}, [{0x0, 0x6, {0x8, 0x2}, "4b45620dd2f8333d"}, {0x0, 0x1, {0x8, 0x9}, "53e0f2909c35caa2"}, {0x0, 0x1, {0x0, 0x8}, "ebd3a37fa13a4354"}, {0x0, 0xe, {0x4, 0xf}, "00f558b7882a8248"}, {0x0, 0x2, {0xc, 0x9}, "54ce4b9f2c9a68be"}, {0x0, 0x1, {0x2, 0x2}, "a907f79e78df8d1c"}]}}}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x886c}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x1b}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x6007}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xf9f2}, @NL80211_ATTR_FRAME={0x38, 0x33, @mgmt_frame=@disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0xc30}, @broadcast, @device_a, @random="7bd896e62843", {0xe, 0x6}}, 0x1a, @val={0x8c, 0x18, {0x633, "ba37a39bdb7e", @long="3825e6da529b15d1737bc79e63d62527"}}}}, @NL80211_ATTR_FRAME={0x194, 0x33, @mgmt_frame=@probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x3}, @device_a, @device_b, @random="eafbee0a0b5e", {0x2, 0x7f}, @value=@ver_80211n={0x0, 0xe, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}}, 0x70, @default, 0x440, @val={0x0, 0x19, @random="b40ce159f4990f61821fe76edbc82a488d8833acc18482abc5"}, @val={0x1, 0x2, [{0x30, 0x1}, {0x9}]}, @val={0x3, 0x1}, @void, @void, @val={0x2d, 0x1a, {0x2, 0x0, 0x0, 0x0, {0x0, 0x7, 0x0, 0x3, 0x0, 0x0, 0x1, 0x2}, 0x30e, 0x7, 0x3c}}, @val={0x72, 0x6}, @void, [{0xdd, 0x3a, "7bb8dc052a99a3eb2b2611bb2c30221b9ef6c485862ae0cf526efe3102fdc061da6f19bc759ce2167ce039ba837fd7cf479809534ffedd2c629c"}, {0xdd, 0xe4, "4a1c94fe0d2e068aad9523f4091cc6489ec3aee788c9a4812d7740295f435d1e94359160b385282d6873bae3c0ba15dd67384e3c7eb5243b9399c02376bb0c903ca0df85d995d353b6d6a36a632fa303cd3bf50974422b6a78b266a1e12b57e691c8df5beff93e534aa408e2d70fb528859e8611a101b2bd31dae50aefd185febc8fbf69d84efc30f9a43a2e24d1d8d73991736bca2e95004a5e1ab2e760c3f157f4ae0cdf0385dd60c3d1eac3ff8750988d661d9548929304ac72aa9afa0223e7fec89e4d3462209aaf5f47f484c5b96b7770147e8c21e8d13f6f09711cc5928e08a2dd"}]}}]}, 0x270}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f00000023c0)={r11, 0xd, {0x0, 0x0, 0x0, 0x3, 0x10001, 0x0, 0x9, 0x1, 0xb, "313576d69b675a057bd71a4e6111a42ad116d763c2f997f88913f9acbc9b47412b88309476b94821533a0a9ee8b402e8af7f50e11316f64f1a665f6c3d34f04c", "013f50b21669614e6a58ecd74d899382fda4beebb54eddef9bda9984b34dd11050fd9312db2984da72636952851e79831fcd3a8153dec8100786cfd0e4b9b886", "8e27a418bf3c86af684949c609bb5886a16c350ac0fe7d4f8fd4cb7ba8115c49", [0x5, 0xdf8]}})
sendmsg$nl_route(r9, &(0x7f00000025c0)={&(0x7f0000002500)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002580)={&(0x7f0000002540)=@ipv6_getrule={0x1c, 0x22, 0x8, 0x70bd2b, 0x25dfdbff, {0xa, 0x0, 0x14, 0x3, 0xf5, 0x0, 0x0, 0x4, 0x1d}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x40080)
getsockname$inet6(r10, &(0x7f0000002600)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000002640)=0x1c)
stat(&(0x7f0000004980)='./file0\x00', &(0x7f00000049c0)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
getresuid(&(0x7f0000004ac0), &(0x7f0000004b00), &(0x7f0000004b40)=<r14=>0x0)
r15 = getgid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r8, 0x29, 0x22, &(0x7f0000004e00)={{{@in=@local, @in6=@ipv4={""/10, ""/2, @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@broadcast}, 0x0, @in=@loopback}}, &(0x7f0000004f00)=0xe4)
stat(&(0x7f0000004f40)='./file0\x00', &(0x7f0000004f80)={0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0})
syz_fuse_handle_req(r9, &(0x7f0000002680)="1cb7520daca2217b09fcfb2a2dc648e616a0d4388adf7bcea0ded47b75ad7b9a36717fabf55bed6597dae5149adc3bb74eb6181dbe4df20b5a2a1759837350fd65e40416a152a4595118fb0c6d4965b3ee26aa8adba51b8529bcce97261c12982167cf281bbbf74466a1f88fd70fce2cfc97762f078372e6a4849cdfdfee6666d49a69875d0d0dc40849951faa3e2e0c028473428e21f0162688b39c7b51c0f83ef6713334da526f6d6cb0e13580a5ced25deb4f0615194ae5a16e2a241c47782d7194163a698bf0caa8fca4ee27494b8b17f2b23ad4239314fa1cf6dc52e03b98bd2405d37150d9195a1f22c2c3afa2942310bd02ffcb80e83a642cd73a45b341f94f0362ba48e45e02632b39b26a22a9512d29a814fc27f7e117498b3f6b73b72c7837fb83777357b4d8803811f4bdc6bfa11322afa30eb8d1e484fd4ede2367cd06f930d4434126c0898497b8649dd7c02a0556f104bac3b36766655a21b33d81a9a82e9991d1d307ac6a72c0a0c5e6f2771f25afcdd36deb7b6bf24062534b751a95fd4104c5c56c95a466afbe4a208c210944559c35692008d1a55aa67755c98d2e9b14c35d4c3048b219cbe194c3ba9e82907e3ed080fe7b22622d1a1caa520526cd69f4e47b4d104811fecffa10755f98b3e2ad42f8e1b15e2fa754edfe1a78c25836f0782d7bfd75b81c12ced73690064efe8b16b2ffde399bd049ca5ad7b8cf1d7e31f55ba63daac7e2b96d2fe7b38794789e0c9b162e225659d8021408fee42aa3bfb34b07eec3f8a0d638cbf1b60a7d7e372549490120697361603a86e192cc1024f9c049abcea7bf97b45fcd23fa45a619de940d63defa493080542aced7a7776d0eb7bedd942cae40375311ba3488aa6732b0a7832117ee5ad637659e6d7a131465ad530016472ef8b1096493d8e2ef4d5ff0dcc61917b7ad242e24a3c25ce9aeee4e652d751b0a0e949eff5368d3b699ec191ac86fce2b6302fc92e2ba3e87c2a572798d5331305a17b321810caa40509868182df0367865a4947afdbca6c1a7b58b8d005c9c5db35771715d06e4484d1600e11879c7781450c44869c4e0a06ef98262e014ba409e1b274526bfe437c91797c9d061c70f5ae7dec4fdeef1206968b598bb1c4aa0a5641906bb39b84d36d3ae67feca16d8dc6ff6eff68a7cce57507f696cc3e41916f6834b43e39297900d3324758309ec73d9aeaed085b48e8b78e1f8389c91646cd9d2825477eba49e64f0cf0869d39722f864cb48b5b8ff1ebfe68928bb320bab2195d879c01c1e21cd3691d7fd6426525f7f105dc3ad263173207a605ed17b5485e45929f9b361a372a1b5cb93cf3cbd4b1647a7820265886df3c6853a2f6ff14af574b208690b5a2f90eee480939484a58dcdb77f4eae061504fdbc949ff5c28531b583421242f611d5935fa5b642d40821ff9ff81aa7a5994749943144a80dd70b63cbf9431f71eff7fe844342d55d496e2c6cf428d81b4465a811e25f96096b5c3e5cb0d19e62614966f6eac49f8da37e91c91370a9c5644facdcb6e728a6b3a587f6458907e40a4f5ea307932de370cd3c1a6162c38debb371cf3d65c359a3c0623664fd529a268e101b8ff66a6680e2d1667e1aaa58e96bde920009aad0eee91bd6c534ef256709e8aa912e946be6a7776b45d04117e116e2607fbdfcdbb12ca20aa36ac605c68183595aa702fba8afb330d17120705b307f4af8411074115cd07b2f2c6a97381577e89c288a4528af93e12c1b7e71078390042bae8b458d0920a69a6f9c0ef6f1cb16d34b4d19f1aad478e02bc130457603097ab0c5d77208746773afb494bfb40fb8625da8aa0a6aed1d098105c4e3688551b6739cec106bf03916357970845c9398485ac43b9ee55afb03717853eeef4ac2924777f6fe15dc98ad5bbdc0c6466725a42ffb796bfc0f4cd7e6f700676d30725e4832490bb6f4fbff982bdb24b584d2964cc0aa3867be50278466ba50be4a2d652f9bce80879d0a1fcc517e065169a9a9d9e51ac7dee0a652938c3fa4d175ab8eab448aef31ea5bfddd614e4b068c666a6b30d68960fd27be31f53fe6beba1feabf13dccd2a042a1c751084612a39e81e8f6408d8dda486342f4a297ec23d321ba8d4abdb012954fd4b3c4ba8995a8e695201ebc49e67e454c0a0102e715229e84e9fd2fd4ad3ce2b42ce33d2fb4196d9b66e10edbab0f66ad837228886394ae7d24ff3a07e1cf58715db3554d24d05e54bf7417ade226f88c53c8f75821827383d1d4a6c54699c0d46688a29824eef79d51c8017fdb4d4b2550157070fda996a4c3cd384cfc7098ff657e6f865f273b433a57cb73723e924d8b47041ccc767322d562c0777c46f22c5e7c704b6b434f104bd3f4d1250b07ac891b6cdb22d1f90d28099bf4ed4252f5a78968f02747d3fbc8fb5582b4c4cbdc16a4c02bcd5c9cc2dc5d397ec96612411cc1ccdf6d94916542594be9f918245c6cdfaf03fbd3af1c86052f2f4b36aba2354b233666ccf61af14ba52536c6e253e621e618bfad94b652db21766a80a4f1ac66791b1caadd1eb4a4882b17ba5404cb32a64514539d7e92b806cbe36e023d46f7037ff6ed673721877a3335f49110586e3b8e5d679b47190854b9a85bcde24d433814199eb7385560ef441cc4ac7ce77ae002c8bc9a03ead8f888c65278467e9c10b17c73df713f7463d72edd18a94ba3b4e7db7a8e65020b6e8a8713a1f9e4938ccd4650fc2f768f5116172c7e19b19d5b64e79477c68fbbc5429aafe0c388958fd35d8d14e8c4beb95ce9aab0c265adf03bf75d3c572069a6b4d274ce4e99c8f02868f6c168cd7fe3b553dbde68bcb1cda18233f79b122a51b5ca9b14e9745d34b59e86613d7e32731d39a06fe4663f984a812fa7aa53a03ec3dae6a4b868dad25eef164457c3bb713148e673c4459ac264bd1b46ce5c7187286db981a50d114549d3963c93cf2035d11456a106efeee327532897f471df479cc875d944d512e7d13733fcbb55d5523b27fd97d7f3402a4d36b813a12575459c810f88c960149a941c264800f4e9b493983cfffbc8971474561af0f460697c55a6874e666c90f0d9b839df4de929a940a17f9ff5b2dbfbae4fc9e4ddf42d54a7afd800d4a254358053ef31d98e813ba09fe5c530e8f9067d7cf421e8b60d0ba5dd72aa2630c5345f53329066beebed28e374b259959dd5cc9eec2996db8df75ffc55f83cd53cfd38f4c154337f16fb76b0d2479e04d1386787979389370a27505f9c96076ddf2fbf92651b7095a932f38896c2bb6d38f6afbb8bd910b50d3a3a976b378096027a30095e709917986b70409205ee74ac15312d72b2c298ee5f8117b008d642031549e45933994027047e63aad9cf76cb3b977edbea5f86874bbccbdcef443e6c6b46e803c6d845ad905d56e504440c0659bef7b9a4eab8fbb5a7f19a6a46f2dc071b51cd52127bea9cb24a3797a6d4982f4e415370f8464de351ac6f61ed38eae0153d06f23a3ee371616c5c54e85f8256fe3cfde31ca27719f203182c33ccf9ba72f15c65516d29e43a72e62be5c9f5bd0fc9e197a2721d66643c856ea6ed225b2c2d9b0b90262ca40e8c6a6fa9ca30a1e4dd7c87d3ff345996269195c03394b485e4ac805847f057110b105efbb55e1b270ccebc3bda4c6e056856e55c846d516f967ce4a69098b28e0665c3e44253b3fc73f0f992c3795e261b558b7a4bb961b3c78eb031050bfb892187946f15ea5da6699bf397398eeadf550863329a592a1abdc333be0af7b894a34fa134ef00c128523ec22349ccd60e06d88a116541503d55344d640afedcc9fea2914a25d6036a33f9c1c3f1b3775538238c7cb9cc7956823e0ed6cd98890b5f3447553d633816cd50b817bf84800260f525b50cea26732484fee806570aa22f0303f4dae16e009df240c5bae97f8ab1c15c8886bacf7539a92f80dc2b6e17d3cc8b2172e8d0aae602690fbd7ac453e68d4f01fe0fb105c40f4616652ad4f97bfbd28ec93a02218a0695466553963493b5369fc0e9ad6e59ad256b27c765518a2aa07aea6a29e04bb003b02497f8aed3fea2a9214f9cb8cdc83468a9bef01ef852f3805b7410f94b5b17e73b2c6c5b25c78f024e4599e00b851c99406c72737617c3d06b80f8d59696d3e8bb4532500fdac037376930da76d2c7e9cbb54d26901cc70ecd8a827db01806e6526a7ff489f778e35d3b2ff7b3678301eaf631eb0001e2f347e563e8226c8d855e195544e83e8875c198aa102a9438fdc55fd1e6e7754921cb66a91e2cd97fb7e3cbff0c3c994a06c0d1fccfdde014ccb0579bc9c249682120a60910c8ba9175debf8d0a8745b9c41c62fe1db1d84c97f33edc30a03b759e8444fdfdf3b72bf88d7f2cd801a82f9f7873bcf37dff680260498e191abfab00857df9775ff15fa7889e2b91e6f8d18d9d4586477b575039ecd896851943a87cd9c3246a2555ac239d035526b09e232725000a05a5dbb36fd7924d777b74b34450596ca6aec7b0f6e5ae71eaca6b74483dbcf09f427b3d74816dc348b5d3cf129afb65b4cb70658b6319db587c1b8702b82f3e5a0c60490be25df3a17c2e669ecdaae18983b6fecc80d5d586e373348d4c61f011ab562a988d16bdf8848963677692b10c4efcb782caab5de8cf6186ae732ba3fe527a3d7aa6b085fdaecdd36fecc44c20b99fb4068027acc3ed5ec611fd99fc8b4ec7816f1e57cadc4ece9ae7374489bb6e69fffc1c73314d35c5f08288bab82282f29f325f98115beb159d0a80e6845ae5cec522ebdfc44fea674821bb54e333208f822bc2e6a60f6e721a44766df07c49d4571da4b12c8d025845967c9ad8e8797b6c014e71fcc112831cfc612731841c3b1218b37dc6e13ca214843e0dc7c653d432e8be4b0ffc156ad65ea257ad3c5f563b620c8a0ca737687ce05227a4237cffd90f4a6328d3bb7fabe276d91889a5145774385eb919690b20a4d4678aed0ea0504f38f3495baea743a01e453786a88f4ed5ddcf66bdd354b0aac0b76d37df16e6833807c1fdf596604428f599540659509fe526b51fe527b130ab0cbbff983c91af0cb202bcc5d0520e0751822ef7dc5cef7863acb31ac7346c7fd154a45fa767c55bfe6a18b27ef7cbe921c8e4fbf2aa72fe4ea45de5251c6dec7da6524afa9b757a87a99699429868d7c465abfdb20550eb4ff12d45183626a7647ba254967c4a4c80f1ccc887f6d9eb7a88cc9f9563f9706b59fe79422285601e2abf73744d72524196d190d7a299f2377527c7a37bbb76e9ece6e4e6f873a438af2883bf80283aa30f15eadfd556b38691c989191376129f89e961ee96c0f280eebe5568743f0685d6249e2c4f710e411e39a4cf9735edaaee13b712ff716d0ed48a01e603c033a1082c9192675b96366c38b8349259ad13604e098c992873674f95c44f6542edd8d8213e5bb67eeb8c964fb697091274d248f6300a6d9e6ff7732d851274ea06266c313c7e3ebb0f30dda3a1172a3260b9d7298a492d6ae79d102b5f396d5133844c532bc894f93228ae6fe1ff011bad275b96e55f6495f2d44fb4738f1113a8a62c3ffbe00f6d6b212fea1c448298cd8dce2792c90a7f84939d0bcf3ec7b39191b73504164ca36be479108e3897295226817148e9096dfee57a95a749df4e922cf95b690f3b6ee194a4f8fcdacd24d95730117e307641e18c6f0b44e52a61f80f609c6c7edb07f82404faf9778137bcdd6702d6a2a08d8ec607620dd7a85580fda6f37e9d7191d90a3b33d04d48104a40583f850e82c9734a59d9288143ecbcd5e71bbdb56f10018be0f4aa1bc39da196e2413c6f008ae66679a4f006d63215ce3de7ad73ba7be3a78e2bbcc3e852a96ce43f95fd290f627c78bcba879a524a22a7dcbffa9d566070e12674afc95287f894317add094005fe18369c83ae0dcdafe41167375d6be784f34780c06e997755593707205c8f4ecfd57f917409ee87279680968a84f3a15d8898fe79b1b60245efac6a107429211236b41b19be01b10bcd1ac3e141d13254916857ac9aca9e935a3e739f35d2d36d46f98f792519a5cb23f899751a51bc7a590ea0a8eeaacd51fde9de8f043b2612d3886f36f9e37943af07da794ca2b503edcf1589832f3f6de49bea770115da7832cee3506572b35966431f5a6536401513d2f24c07667c46bf490a54765190e04a466d2e4aca1377cb807d8bd00ecbf4a01e64873cc3dcf3d1e50a9cf5178ab8219001b0942bf3a18975d1fd48cf35cea530f15ce13765aa70b159591300bdb016a575d9f2b72b5029d28d315be4dc9c4dcedda59612e006a6142bc4d5cd635aa2885a05ba64bfe38695b545eb5bc02c637696bbb66a986e5110c9c3e56c80c188d7c26bcaf53a4e991b750f19b641cf7228b31c255b390c92b27a387744a5721904e778c04360bac3462e730c9103f357534e0201f29763e2b6b1a3f4aef55986184d786c804c8496f1f01b32702f9f2361c106605c09fac4f7e0d3e74b882fa99518f4c8254c28b94dab15e5f2ba8f612fa9a0854ed9f36ae47395ac56c2bf1058c82cae0f65ece31bc7d55c6e85a5db33cdee55f7a77a7a92332e096ed4d366adf61cdcbdb183f750727c3ece21b5fbf1ed49d0ee7c5be11e8454c6cc099fa7cdc245399e0d5cc62e66c879248caea4c0c13977945e1da156318dcc324b46313dd5a3d7bbd11dfe4387d640b964f1766f5c425853d1a4231c92de454dc838d92e0e311df09d404b111b571a45ed71e7fd879bbe52edde7013e87e4f1fa46a061eac5129e30b1d2df9f9c7a46ec9a8c999d546024798c9e1da768af25b60e972e8d757f0992a3df489313697960c7de284920f2e6ec63c30f1127434539256534e7b7f181157d71598e922b519a01997f141b3bf56b8a6673cecd0f8c95ff188e0a8ceca2b09fdebf4599de768c12bcdc101b6c76b5163c6b1aadc108281693e4a6ab7c1cf4b4682551b7fc0ce62c2a27c27893c1c2b962fd1c7838209365484df5242cc9437d29f0078e99b06d11d72aa09c9aba5e4cc95c082ed2a1a14c6f501ef0c039b0c299e1ed2119c8826fb64a5b50277b4afa302f8d07cfdcb719681881ff07e5bf55b19f519eb9d8b1c7d69ca7aef7873ab0df1946a2e57c7f604175dd77a52e9b307a10d4534531bbbe238e3b4426409f9a12149cedf9507c97c21139f8fbac22b2f6f971051d6b277d46019948db299077b5ebe4d26a318578555b4f05cf468bd6f47a5f03c2a8623048f065a90ca411dea998fd150775a9bb92e7f7a020720018bfc85afe9720ccca754c6f2bac1619efcb49d984e3cecb257440b396e4703ffe855c6dced5c3011a4caff40db03dbca104e633902cb58fe0c57bb60ffbe8834e4d3caf7bd764c98a7842e8fd781a687a2c7129615305db5f1763ac6a7c90192c7d86da5ef4bafcfe00ab2e04503ab1586bbc13ceb70616b8d995ab291c02938a6f385751f4b1f817d886ec1e0deeaa7d679ae49d0a7971ab43b3c0fa48d75c0613c686ce352e476aac4d8975f1eb0f7546dd29b0166ae61ed100e878c0e4527e7f4b9201f9909f94fdb8d65f7d38c764e3c027555afaefb40f27e4aa28e5fd9428c6a05677c908a4f82ed50bebfe2473d8320144f4bdee039233b578483d55e3be4835775cf31035552f3c58c49aff9f3566310a244d2e64f902c1ee343eb9f8375f5d43fe4396aa4dbd60a67dd1d4020d9783b1140ee9674f3367e58ec5ba2efb92785ee1c6b62860d997f1046673eac11c09be076c63e11882cfd4a029b94639710a08d8e018983b277f19e132a6569898349b661cd08fe3a756aa2145ef197ebc7410db9d3240e09c0d3eeadfbcf5878cb0907187164064cdab19e8516cd36d6e287d4d788b48d5e44f5bb5a72326631bf45870d67ab6bbcb3e49aea1ada95734fe427999d99c682d510ff30adf83ae0d5261deb1a908ac7fb7dd443d8e7804355ee02e0bc1c651b7d5db326296ddae6f6985d3f72a4a1ad6a67a39862e9e83ac864675b07b1191cd78dcb9e7d767f85b352ec8d88bd3478f283705e64cf599a66c4e764bcb7465934b9d18c5b56ee41c31c87584bcec059cc330ed09a7c87c6d9a4659763f3157b4dc748a9fa463c6f8a880d48b81490f577ab763057f32b31c1ba0ded437d82e88ad7beaba18859013f6eed6a3058dd9eebd638a21302cb20567095f68371c3ed8b407e8dee6f3ffb14ca0c56a7ef8bc96ab08276e2d0a32360887f43a118e834ccb243350cb984597d07c8329d7a2ac824fccebced3a1ad3e7ae9126cd57a61ead08e8360fa18666a02b6498f52b23113566e1287954fbb055e4712d6c8828e999ec5cbeebbf513e8d2695a9fb6057912b11eb38f69a9a3343e9eb41a62d798a34b976549fb757cac5d9db05bce4d127a4638c00b6657b38a5c2fbf676c888b1deea670cc4b30b6c0fcc6496500da9b4a3e74831559de358472a9927d29b41adba7ae2e117c7ffb7eb18f034779d1650d2d25b1df8362acfc6f0573e4c0d6794caf3e5162a4b598e4263fee0d3831dbf077e2b9a4b24fe4ed56f5326d4e534a3a943b345e233ec436b77b1848cf8650a6be42cda20ce18678102e667c93ded25388af6f9a58ef263bf510f4571c2a1052216b4ded96050a4f9fa85c9cc213c92c9b31fe92256c3ae2d9e005e3fbb821b895f1d3727978d5da7bde547bd0324f3f52414dce7d1cdb6c95cfce29172c503ab2861737c228643b6620e2e5e88ceac96d66c5d7b6ccc5988dae752ed01da3d6edfa3912f253a97beed7368af8377a63893a43a08f156406ec3ae0686f180842fb32e4fe454f6514a12bd10b2c5191712670d619f3084e9e0a45a0bcc8438ac055e1345db0ff2c81c4273f7f590a9edde9e60d89477bbee22b37ddffb80865a184b4259e583d5c05329d8ab9829dc4278e8fa86f13976b15b6cb79ee5954ef0d6a8244dc26a0ab5e7d10f15779263b2d1a48e27106d3da2ff8e4b9e8c5a3354c0aebb4efcc0b0b41dcd4e42c304ab2bece0c2565722718013d764c62299b01878f26522ebfd872a1ec38493d003a91d6bf7dd0ba66782a227b4048d2748cc9fa487aaf7ad9af53e4f3890ae0b79a791b5ee6d6e3d007c034b8ea4ab987950f399559359979640a3f81a01b4aa932077365705a332b58bdac313866893c294bd1d19cc1d8ef4a1ac24dff11a8ebfeb1a608c7219ff45838387efbca8810a5634390d9003fc3973d8c3dbe60029360e7d658bb2a30d22cac8a1e75830ecc6b84e516aaf273e0fa051b11ea9f4a8743265348f48170ce0efe59cb7c028a941ee7029b11a5014d481bdebf4849a3a2732f97bc9993c05b211e5dee81586b28df336852cb2765d4b3d04a346cc97abe3eefe58a5c4e59a465ef3280cae11c5d0b3a29a187b1d8b556146ff670e39ab573d596c2c484766d830e291c048018c450e04f188d20dd9cecf03a50e2bddbb046df51aab7140769ffea48f4e8e1270bc8ed9b87abd46de8da575fdd14860ccc51c1ab6a94eb5b06b446e42087831603cbea9c6539e2d3ac0033388a85b336bb8c699d121f6b3ef5cbb6b0921b2829d53b38642d1fffe4c858939f5960e0b314fa6ed0aa56b1b60c892fca3bb2ed30203737d4d091ce1c837ca89b6155ff7b4547cf0e1f594a81894400f255f1530f628f8621862cf3c6c034239f849d872edc26900e73712b980a9ce72624600512e72d348578f1f643c088a3e3842e00b276c7bc1d4e5f546fe09295fb82126b818223e0739aaffaa697006a22cf0b8464ba2232c9b849f7c46f216ccb3b705e3cefa581401807a0ab1619e28c3a0e5cfa3fff7dfb97fbfe26b0761ce91f0aca837ee692ea3d5fa6e1137541c71dd8151171bd87bba8ad11469401db95d52a77b0a8ced851d1bdc3ab337855321d6ac5835194a1aa1936f3494cd623ae79d35728c38587b118c19944ed48afaa3a9dfcdfc44f57974b0302cfeb888d4b89a31a684823340429e0f02b1a17c9b16a56fc976327aa9c452ac5f9754128dad3c8de3ca59018a1abe03239cca4064df167993f0e14368ee8a8cbe71ef86da19a4e2598d4406920e773b1ef2f472824e584639973ce038c40a221c9706d12c158083ccd1efbacd2c741d33569e6ada6e6215cf3c5a97728681b20c9b59559369fd2961882a224ceda5e4b450d8bff2c13841301b01e3c3ed9acc8fccd3476d00d937984d97368d0c6be61d3da81c15155e88588c16ecc1c468bb84b4703a7c291fef5731cace728435985c69da971d105b9c42c247e659b155633302e41a172379e8289d432e3ba373a1390363d10749036af086ea2d631692dc90344d891a3931bc407a8b1eade431f71eba943e76b6010b0e7b90acf9f99153bf6df61fbea38ed6dff634ec410d627fe71faa87ab35f87ff9ac80e2e2ac0161e27058354996919906f7a477963aee88c9340b197c6027b023a9243111477992abe785f1163d6d2b583d0aaa3d41e0fbfa5451908741658838115ed0acb2c12c25c796ad903983931bf834bcafe545be1e0fed835ddd32600723f12b0984006f655e1f4b1238c1996fa2ee4a3b42fd0f089857018fbfe0e45f04c9691b72f1b2d41666f7c4363c16a08aca2e166cc4132504bb22677cd1662af954f75a0723a1ef5e80a74ac4263f6b4d1a6be7ea3b601494910cddc809399c289512d7ab63660c4075226307e5ab92dee008c13910f0edd79869fae7ca92c36c52f6d928b546505ed84d8bd95d8c158b6925ca05c5cc06e6e35931954fd71be9404f9de46c9714a481d56f486b7afc21f4fc046ec5a5b0c70b42d8e3666f954bed2dec467b1b7781bcefd21691de34b5ec7483af467c445d542107cb9d36a18ab7b47e8fee30835e76ef3db3cf49428112e8fb5ac5e4c8e0080b8ca6b32793fd3b9dab3a61f4300d96b7ad02cf8bed5b2a933980bf1f5269d091897a8efb209c93271e457519961f6973170033adc63ebf86958f80350972813166265bfb42fb124ca4982ed0ae7e6a4e8c549632ee551ba1d50febd7f2b80e73688315565a7d20de4982b6bb3cf7ec0e1db6ffa177336f222f43917093a45c8a37c1804e37b9cba1dd39f4a5a56e0214831ad711c49e3ad58b1ec111b03ae5e56dd775a04e5d71b2e71f68f8defb010a7cab7d78745f177bf30185959a7885891e72b35c01d65f5812973b55e9fe40158c1aafa6ea206a8b121e3d89c60bb02395e321a049d552d66e150305ea3a6d12c496a26d3cd676f8c1d10fd5503dd622153623c8e5d3740584fcbca855112551921e4fca1f3874d1d889b32b384b271317d4b2f335118c3bdab3136af6e86af6def695d7282b46d068ff317f7de7afe0c48c887bcf151f5c4956bbb60c9010217ae9c967e377b7c221fa564cd08c01b82bcec4ad56ef801525d57f513611f320bc3a1c850938c76c213681bf4383f96bbe0e9b4ea6409c7a9520f66596faac20b073d830c901e7d21ea14d19aa608069815471020b298594dcaec0a06030e230a98416d0ed68b959ad128f8d8d7ff7eec28", 0x2000, &(0x7f0000005100)={&(0x7f0000004680)={0x50, 0x0, 0x8, {0x7, 0x28, 0xe4, 0x4000, 0x4, 0xe15d, 0x401, 0x2}}, &(0x7f0000004700)={0x18, 0xffffffffffffffda, 0xfffffffffffffffd, {0x6}}, &(0x7f0000004740)={0x18, 0x0, 0x4, {0x3}}, &(0x7f0000004780)={0x18, 0x0, 0x9, {0x84}}, &(0x7f00000047c0)={0x18, 0x0, 0x0, {0x2}}, &(0x7f0000004800)={0x28, 0xffffffffffffffda, 0x2, {{0x1, 0x0, 0x2}}}, &(0x7f0000004840)={0x60, 0x0, 0x0, {{0x0, 0x1, 0xd, 0x6, 0x7, 0x2, 0x3, 0xcfee}}}, &(0x7f00000048c0)={0x18, 0x0, 0x200, {0x7}}, &(0x7f0000004900)={0x11, 0x0, 0x3, {'\x00'}}, &(0x7f0000004940)={0x20, 0xffffffffffffffda, 0x7, {0x0, 0x2}}, &(0x7f0000004a40)={0x78, 0x0, 0xe, {0x0, 0x13fb0ab2, 0x0, {0x6, 0x1, 0x7, 0xfffffffffffffffa, 0x336b5d01, 0xfffffffffffffff8, 0xffff8001, 0x6, 0x52e, 0x2000, 0x0, r13, 0x0, 0x5}}}, &(0x7f0000004b80)={0x90, 0x0, 0x2, {0x5, 0x3, 0x100000000, 0x2, 0xd67, 0x59d8b25c, {0x4, 0x80, 0xffffffff, 0x7, 0x2, 0x6, 0x0, 0x9, 0x4, 0xa000, 0x0, r14, 0xee00, 0x9b5b, 0xf}}}, &(0x7f0000004c40)={0xd0, 0x0, 0x7, [{0x5, 0xffff, 0xa, 0x5, '/dev/vmci\x00'}, {0x0, 0xfff, 0xa, 0x0, '*(/@\\.@)%\''}, {0x1, 0x4, 0x6, 0x1ff, ',]&\xf2(+'}, {0x3, 0x3, 0xd, 0x83f6, '/dev/snd/seq\x00'}, {0x5, 0x3, 0xa, 0x5, '/dev/vmci\x00'}]}, &(0x7f0000004d40)={0xb0, 0xfffffffffffffffe, 0x7, [{{0x2, 0x2, 0x4, 0x0, 0x9, 0x4, {0x0, 0xfff, 0x6b700000000000, 0x8, 0x4, 0x17c4ceab, 0x0, 0x8, 0x5, 0x6000, 0xce9e, 0x0, r15, 0x81, 0x5}}, {0x1, 0x100, 0x8, 0x4, 'nl80211\x00'}}]}, &(0x7f0000005000)={0xa0, 0x0, 0x3, {{0x4, 0x0, 0x4000000, 0x8001, 0xfffa, 0x0, {0x5, 0x9, 0x9c, 0xfffffffffffffffe, 0x4, 0x2, 0x2, 0x0, 0x80000001, 0xa000, 0x80000001, r16, r17, 0x4, 0x82c}}, {0x0, 0x1}}}, &(0x7f00000050c0)={0x20, 0x0, 0x0, {0x1, 0x4, 0x80, 0x3}}})

2.519329076s ago: executing program 0 (id=2922):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x48890}, 0x10)

2.306749289s ago: executing program 0 (id=2923):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xa0400, 0x0)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
mprotect(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, 0x5)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0) (async)
r4 = syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000dc0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x80, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r4, &(0x7f0000001100)={0xc, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x67, @string={0x67, 0x3, "e82049f341079525078d70845a8fc2b4a07cafc0160120508778426b2f95d57639d28d4c000bb01b633b0792955f5504ebe04ade4d51ccdfe38233f38cbff5fbce854824b17a01be32d5389d37e9751f3a6546a3d83f705e08e5dd6bf0ff34e654715c26c3"}}}, 0x0)
syz_usb_control_io(r4, &(0x7f00000015c0)={0x2c, 0x0, &(0x7f0000001480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40b}}, 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io(r4, 0x0, &(0x7f0000003d00)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003a00)={0x20, 0x0, 0x4, {0x2, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
write$char_usb(r5, &(0x7f0000006800)="10", 0x1) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000", @ANYRES16=r6, @ANYBLOB="01002cbd70000400130c8c5000"], 0x14}}, 0x4c017)
r8 = add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, 0x0)
r9 = add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000580)="fde0173dc1723f86f2d00db199d4e593052817361c", 0x15, r8) (async)
r10 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000200)="4319e2aabc1e4a13e696a7f0d7557242d86bf77f9c16bad3035548f5cdb5bc12d17a90b4063934ce295fa65c2323953d5e52a3ff4c543f094d35b793ab9f722d816203247e4fb54ca97d0053f1606f9fe21d35d3", 0x54, r8) (async)
r11 = add_key$user(0x0, &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000480)="03", 0x1, r8)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r9, r10, r11}, &(0x7f0000000380)=""/41, 0x29, &(0x7f0000000340)={&(0x7f00000004c0)={'crc32c-generic\x00'}, &(0x7f00000000c0)="7b0b5f32fb47274491d48aec90e4238dc11fa47289d87e108d6db5333b8083053d268474a0b6d620", 0x28}) (async)
write$char_usb(r5, 0x0, 0x0) (async)
syz_usb_disconnect(r4) (async)
syz_open_dev$video4linux(&(0x7f0000000040), 0x7, 0x0)

1.93170323s ago: executing program 3 (id=2926):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$alg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4004800)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

1.723623297s ago: executing program 4 (id=2928):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x29, 0x1, {0x0, 0x5, 0xfc9e, 0x3ff, 0x9, 0x5, 0x0, 0x80000001, 0x9}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) (fail_nth: 3)

1.664154248s ago: executing program 3 (id=2930):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x38}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.582860145s ago: executing program 4 (id=2931):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000010000100000a2c1b0000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a01020000000000000000020078ab4201569716da7a30000000"], 0x80}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x55, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x70bd2b, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x7, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000002040)=[{&(0x7f0000000080)="aae0f8141e592d7f0a074d21db131eee10722752", 0x14}], 0x1, 0x9, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018086dd1700d1bd", 0x33fe0}], 0x1}, 0x0)

1.541544465s ago: executing program 1 (id=2932):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x5d04b4753047a371}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/26, 0x1a}}, {{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/47, 0x2f}, {&(0x7f0000000100)=""/224, 0xe0}, {&(0x7f0000000200)=""/4096, 0x1000}, {0x0}, {&(0x7f0000001280)=""/65, 0x41}], 0x5}}, {{&(0x7f0000001380)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000001840)=[{&(0x7f0000001400)=""/149, 0x95}, {&(0x7f00000014c0)=""/105, 0x69}, {&(0x7f0000001540)=""/188, 0xbc}, {&(0x7f0000001600)=""/57, 0x39}, {&(0x7f0000001640)=""/135, 0x87}, {&(0x7f0000001700)=""/94, 0x5e}, {&(0x7f0000001780)=""/171, 0xab}], 0x7, &(0x7f00000018c0)=""/176, 0xb0}}], 0x3, 0x0, 0x0)

1.479220719s ago: executing program 2 (id=2933):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
setpriority(0x0, 0x0, 0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x29, 0x1, {0x0, 0x5, 0xfc9e, 0x3ff, 0x9, 0x5, 0x0, 0x80000001, 0x9}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

1.439856373s ago: executing program 3 (id=2934):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xa0400, 0x0) (async, rerun: 64)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd) (rerun: 64)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0) (async)
r4 = syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000dc0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x80, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r4, &(0x7f0000001100)={0xc, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x67, @string={0x67, 0x3, "e82049f341079525078d70845a8fc2b4a07cafc0160120508778426b2f95d57639d28d4c000bb01b633b0792955f5504ebe04ade4d51ccdfe38233f38cbff5fbce854824b17a01be32d5389d37e9751f3a6546a3d83f705e08e5dd6bf0ff34e654715c26c3"}}}, 0x0) (async)
syz_usb_control_io(r4, &(0x7f00000015c0)={0x2c, 0x0, &(0x7f0000001480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40b}}, 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io(r4, 0x0, &(0x7f0000003d00)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003a00)={0x20, 0x0, 0x4, {0x2, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
write$char_usb(r5, &(0x7f0000006800)="10", 0x1) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000", @ANYRES16=r6, @ANYBLOB="01002cbd70000400130c8c5000"], 0x14}}, 0x4c017) (async)
r8 = add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, 0x0)
r9 = add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000580)="fde0173dc1723f86f2d00db199d4e593052817361c", 0x15, r8)
r10 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000200)="4319e2aabc1e4a13e696a7f0d7557242d86bf77f9c16bad3035548f5cdb5bc12d17a90b4063934ce295fa65c2323953d5e52a3ff4c543f094d35b793ab9f722d816203247e4fb54ca97d0053f1606f9fe21d35d3", 0x54, r8) (async, rerun: 64)
r11 = add_key$user(0x0, &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000480)="03", 0x1, r8) (rerun: 64)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r9, r10, r11}, &(0x7f0000000380)=""/41, 0x29, &(0x7f0000000340)={&(0x7f00000004c0)={'crc32c-generic\x00'}, &(0x7f00000000c0)="7b0b5f32fb47274491d48aec90e4238dc11fa47289d87e108d6db5333b8083053d268474a0b6d620", 0x28}) (async)
write$char_usb(r5, 0x0, 0x0)
syz_usb_disconnect(r4)
syz_open_dev$video4linux(&(0x7f0000000040), 0x7, 0x0) (async)
r12 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4008053, r12, 0x80000000)

1.356730349s ago: executing program 2 (id=2935):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc43", 0xf)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$alg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x4004800)
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002680)=@newtaction={0x9f0, 0x30, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [{0x9dc, 0x1, [@m_ipt={0x110, 0x17, 0x0, 0x0, {{0x8}, {0x5c, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x2a, 0x6, {0x7, 'mangle\x00', 0x7, 0x289a}}, @TCA_IPT_TARG={0x2a, 0x6, {0x1, 'nat\x00', 0x17, 0x37}}]}, {0x8d, 0x6, "012793cd320f9b9a2d91de0c4a5089db6bbf71fc24bc7ff3ac9b0da7f00bb716c13eaaa77edf6390f4ae5523d26fa628520aeb6e570e6a5e52e3289191bc3dbba754e2c804eca599c21dd1b14797a71415c97c1db20d582ba57f5be690aaf1e558046608cfcd5b766cdd7ea41b8c680859a5d0868e25c0ab63fb808889e52b3f9c371b5b2ced5af3ee"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ipt={0x29c, 0x2, 0x0, 0x0, {{0x8}, {0x240, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_TARG={0xf1, 0x6, {0x9, 'security\x00', 0x7f, 0xd7, "d4d4b8898af69c8ff408097d99f310173b71558d204dbdf67055339a5f83418a75777341f28e72bef66f307a2cd2a1a58b280b09da191bccbe12a02a81ca049f5b4ac2f943a3e517234b5abce482dcfdf7f54b6930a0b80cfa011d4810bf049446834a034e8e1c71d4a351c81d50f784631c96907bab375a2929867eee26dccc8ed529334f1fb5a1b1c2e4ad62dab92b66bb81fedcbdf10ffa6c21e5d755a119144b5b655470fa2c42f012f36a81a04ff1c9e8f910b4eba3e708cbc7bd41877139f64d02904cb4"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_TARG={0xc1, 0x6, {0x8, 'filter\x00', 0x81, 0x5, "796fe7c3dace655b70eb0d03a520c84dbb180fac8c4b2a7a6e42b2d6647fbc895a4aa5da86b281e58a92735de4e82221d26e2751a61a175c21e51d175ba2573293737f1e9b0f37962e5e3b20ca798ca879a4ffdbe3f4eb1b1df79a98ba42a0f35ab62af6ad34dba7d201e7f97f0dd10c5eb3db6acd848c77298a81896e7c61fd0fe6da56837ae703e45bfd46631f73fd56d1a7ca8cfa03"}}, @TCA_IPT_INDEX={0x8, 0x3, 0x1}]}, {0x35, 0x6, "70a7a212ff238a47beb4d14e024ba216ebd62a80975e45961b0ed40c99d282ef4cf8cb99b117bb7b429819885f18ef47bf"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ipt={0x62c, 0xe, 0x0, 0x0, {{0x8}, {0x5cc, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TARG={0x57d, 0x6, {0x2c, 'mangle\x00', 0x6, 0xb06, "7dc7ea3ad21bae7af8dda67c4bcb77f41efe8537b5b4a82280b29d262276aec98c86d8466428d1123202e3d39110f70b48142fa8b0c6f40e0500a3d7aa24316d0a52ff00e4ae09cf1b540bb15ebc419a4967cebf44b5ef4523a42137d5fe31b7085a96abe91c9c15fd336a741968797d7ba45e1b9334a723ec09951da168d15216d1540544f60bd830a1a0be9c54b5255310dbfc21de0c978baad2bd38552bad32ab2d1ef05cbb5b478fe2d2cea66e5065b2a3d24537e5714cecaaebee98fb3ffc2e442a1043a581c19505dcbbe149d9e71064fc7dc8997211a90e7dafa555ecaea96a6900fedea801c3b1be411c66e9e6921095ddc4b0e884cdb80c296ff643bf7c56df1cac95e14194fc3fa27427b8008019eefaabd85e6d509ff8c0c47cf17b5d10d61a255b4b3580d5286ee12a7f178ed17a5c50fffb93ca60286aad1ecb17e2e6b197fcbec0a7b6185e52edbd4bf66a6aee48a424e899daafc72fe6b959482b7a69531cdb3c8ed9cd6aa3ad78c424ce1e6f8b3266a4e81bd9d7841ce5c5eee2cdb4d7aaeca63678ff387a063ac32c7de06a9fb5678d33677e9d5071989b1b93a3eae6c9486b9f378065aaab896aa4280c0ac77758ef14a930b0df92f02f25cecc6e51472a146cef1e2bf866df673891862c3243527ed5c4194ae555e92f3a75ef9032b0d387bb7497becfd6267f34420753c7765d4b6a012430dbeb68013097f22964f36d4660dc49d0e8cd5cecf1bb2e5d63d3f59e3ea4abdead98674c01df0647efb17ae0798f491a56fe3e4bb4125b26bb42194df0950e16248b43301884e114a1d6586bb68f0df5c82af2b31e12a39500151edfbe9086e6bb7ef23a12e0a43d09f61f1dc53f57fa93a7dbd758ce632f1dfc3e5bee2c00efe15276054afc1582985c4499a7cbef6be77b282ed91d8a7d7acbb8f1a7d94fa95cac7345152b7ec418a98583e23e18dd5a910be102ea52e7a0d60e6b10c16e5663db6391c43ad3f526638d56227f1e4a18580f6bd384ea5fa2f96a171d020dc093c9b8f6398c97ca223d1b831f7582b59e9a7b3c3f1671116e3e485f318d32d014fa83582b6261f8b082d1a5da4cd3f2d74a3cceb4d46a37604964b9320bc73769e30c581b35e53fa00854b634438166c0f7714f5d66dc840f89248c89870df9c0acebecf41f7c5b2499eb1a11a25450338b742ac32919bed852bfdd396e9b3665bf6eb22f75f1bf4296f76074bacf295ae337f3bb2bcf9ee8e1558c6e653817be1099563468a47d54794773dcc4546fd10bd28e941b7771d29758d76307f4591805474010c0cf217a398c60a8bf37a29719f769af801ac7693d921f5d910648c313eb540d7c53a5047b139d45dd2c1203dca08860e2aa5e288c077571fc56a266fe1dfe4ea038c10a8ea0a18f1c3a87c6ce8ce57319f737808acb4fea9e13d326363596cfe20158dab7aae896b2f3dc7c9d652880376c286f0872e64e0bfdb285c779619d8042bc7e8b5dd0a95136bf9d494b45eaa1621882f3872a7a4d8d66bba926acc44cf60f34e310df002046dcd0e62b1f2ffc7343d282e5551c35d3303c9b8da5c2b5537db2469820b9823f8404c1ac5f6e5ed25593373435051f997cc1c22f39d3c272bf5063c2cf1cb8808e16fd5b4d698f8e60c06ec63809ebdb79fa153ceb12753019482b020e6770fdbd840bb86652b356d03799194bf02ea5f3208a54094a54bd24be885a575eb58b99ef9fea432270ac71a142d702ca46cd0d647ae2ea85756542ba6c25af4061673d1e8f2cf71bd81db38dc380477adfc697333913a210f2de10e0060dad8d037b6d643118388022caa12ee923baa9050956b8df2f2962532d928bfd5f95666d56160a95334ce687e0e5b5e9a37bd3b711ca89563f85d2816c85569e77a69ffd022c0037e666c2355e"}}]}, {0x39, 0x6, "08a4ed5a8f66263df74cb1855d73a4e105c1c8609b85c81c1e776e45fff25ed2581c70a6029c924185bff8ea2a09cc3e762eb349ff"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x9f0}}, 0x20000000)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

1.249127058s ago: executing program 4 (id=2936):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x190, 0x10000, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd27f9b364b6be2347dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x190, 0x12, 0x2, 0x18, "c2f801d7939fc5a61f7bc636c3b4708ed1822999c50c148ae304129e2cb69a35921249997102d1f23585278452d144d4916de120da8a9bbb75533c137c4bd0ec", "570130ecb38039e59315c9a0b1d43d65ed50920f66d7a04b99f1001a54cba06f", [0x10000c2, 0x80007]})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}}, 0x0, 0x401, 0x0, 0x8, 0x88, 0x1, 0x7}, 0x9c)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0cc5605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x56555941}})
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
sendmmsg(r3, &(0x7f0000001cc0), 0x400000000000026, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>r3, {0x4b}}, './file0\x00'})
epoll_pwait2(r4, &(0x7f0000000040)=[{}, {}, {}], 0x3, &(0x7f0000000080)={0x0, 0x3938700}, &(0x7f00000000c0)={[0x3, 0x6]}, 0x8)

1.166459619s ago: executing program 0 (id=2937):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000001340)=ANY=[@ANYBLOB="0a0000001c000000fdffffff010001000104000004000000950e000007000000760000008387cef906729137913da1413d05c8374aea12a67538bb18eb3ba941"])
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000080)={0x3, 0x3, 0x2f22, 0x6, '\x00', 0x3})
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r5=>r4, {0x2}}, './file0\x00'})
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r3, 0xce)
move_mount(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', r5, &(0x7f00000001c0)='./file0\x00', 0x142)
r6 = add_key(&(0x7f00000023c0)='blacklist\x00', &(0x7f0000002400)={'syz', 0x0}, &(0x7f0000002440)="693b368ce2e71aae4ec413108ef987d93768f30fd832e167876e7f6b777be96502cbf4860259b576302901a628be8c5057313249061ed295685b2eef059f2769c1a762b5220123e7214183e67650577ebe8cd99b879ec91a040f5087fbede48711ccf5fbcb8fe34b030c451e8e9a29d898c3", 0x72, 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000002580), &(0x7f00000025c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$instantiate(0xc, r6, &(0x7f00000013c0)=ANY=[@ANYBLOB="757064617465206563727970746673207573657491ac4c70"], 0x18, r7)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc01cf509, &(0x7f0000002600)={<r8=>r4, 0x9, 0xfffffffffffffff0, 0x876bfc0})
setsockopt$inet6_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000002640)=0xffffffffffffffff, 0x4)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAXSEG(r9, 0x84, 0xd, &(0x7f0000002680)=@assoc_value={0x0, 0x1}, &(0x7f00000026c0)=0x8)
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000002700)=<r10=>0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000002780)={{0x9, 0x1, 0xfffffff8, 0x8, 'syz1\x00', 0x2}, 0x6, 0xd4415b0703583584, 0x5e6, r10, 0x1, 0xa, 'syz1\x00', &(0x7f0000002740)=['\x00'], 0x1})
mkdir(&(0x7f0000002900)='./file0\x00', 0x126)

1.165839905s ago: executing program 2 (id=2938):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a00000000000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800068008000200080000003e"], 0x44}}, 0x0)

1.092995732s ago: executing program 1 (id=2939):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
sendmsg$nl_route(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001000390400"/20, @ANYRES32=r2, @ANYBLOB], 0x3c}}, 0x0)

1.021359418s ago: executing program 4 (id=2940):
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x30}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0)

997.249549ms ago: executing program 1 (id=2941):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
sendto$inet(0xffffffffffffffff, &(0x7f0000000300)="ab", 0x34000, 0xfcff, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @loopback}]}, &(0x7f0000000240)=0x10)

869.326663ms ago: executing program 2 (id=2942):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0xe67b, 0x40000)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0x2, 0x2, 0x1}, 0x18, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = dup(0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x20000, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000140)={0x1, 0x6, 0xa, 0x0, 0x0, [{{r1}, 0x8}, {{r2}, 0x100000000}, {{}, 0x4c0}, {{r3}, 0x7fff}, {{r4}, 0x100}, {{r5}, 0xd}, {{r6}}, {{r7}, 0x24e}, {{}, 0x8000000000000000}, {{r8}, 0x40}]})
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f00000002c0)={<r9=>0x0, 0x4c, "44c86f284522521d5be47e7885cbb623581db64a053dced2e22b9952d9b2a49f032f283b5c17e757892ba0f4d1714629e094437dc7e76b9abc5cbf5957f170993cb15e8f0ed7302382355540"}, &(0x7f0000000340)=0x54)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f0000000380)={r9, 0x1ff}, 0x8)
r10 = openat$vcsu(0xffffff9c, &(0x7f00000003c0), 0xa0000, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x8008551d, &(0x7f0000000400)={0x9746, 0x6, [{0x8}, {0x6}, {0xb, 0x1}, {0xd}, {0xb}, {0x6, 0x1}]})
ioctl$RTC_IRQP_READ(r5, 0x8004700b, &(0x7f0000000440))
syz_pidfd_open(0xffffffffffffffff, 0x0)
ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000480)={0x9, 0x9})
r11 = memfd_secret(0x0)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x84, r12, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xfffa}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfffffe01}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0x84}, 0x1, 0x0, 0x0, 0x40004}, 0x0)
r13 = semget$private(0x0, 0x1, 0x100)
semctl$SEM_STAT_ANY(r13, 0x4, 0x14, &(0x7f0000000680)=""/38)
r14 = openat$kvm(0xffffff9c, &(0x7f00000006c0), 0x40000, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r14, 0xc0096616, &(0x7f0000000700)={0x3, [0x0, 0x0, 0x0]})
ioctl$KVM_GET_API_VERSION(r10, 0xae00, 0x0)
r15 = shmget$private(0x0, 0x1000, 0x40, &(0x7f0000ffe000/0x1000)=nil)
getresuid(&(0x7f0000000740), &(0x7f0000000780), &(0x7f00000007c0)=<r16=>0x0)
fstat(r10, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0})
ioctl$NS_GET_OWNER_UID(r11, 0xb704, &(0x7f0000000880)=<r18=>0x0)
shmctl$IPC_SET(r15, 0x1, &(0x7f0000000940)={{0x0, r16, r17, r18, 0xee01, 0x0, 0x7f}, 0x2, 0xff, 0x9, 0x8, 0x0, 0x0, 0x6})

829.159233ms ago: executing program 1 (id=2943):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x6000, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5}}}]}, 0x48}}, 0x0)

729.968663ms ago: executing program 1 (id=2944):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x38}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)

622.867416ms ago: executing program 2 (id=2945):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
pwritev(r2, &(0x7f00000003c0)=[{&(0x7f0000000280)="9904e31bc66b6406", 0x8}], 0x1, 0xfffffff8, 0x7fffffff)
fspick(r2, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_int(r4, 0x0, 0x13, &(0x7f0000000140)=0x1, 0x4)
setsockopt$inet_int(r4, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f0000000100)=0x63d6, 0x4)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f00000002c0)={0x2020}, 0x2020)
splice(r3, &(0x7f0000000080)=0x7, r4, &(0x7f00000000c0)=0x9, 0x3, 0xb)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000b172ca044f2532700d8c03e91e000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000060000000060a010400000000000000000100000008000b4000000000300004802c00018008000100636d7000200002800c00038005000100000000000800014000000000080002400000000009e4000073797a300000000005000740ef00000014000000110001"], 0xd4}}, 0x0)
r8 = socket$inet(0xa, 0x80000, 0x84)
r9 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r9, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r10=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000001c0)={r10, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r9, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r9, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r12=>0x0], &(0x7f0000000280), 0x1, r11})
ioctl$DRM_IOCTL_MODE_ATOMIC(r9, 0xc03864bc, &(0x7f0000000380)={0x601, 0x1, &(0x7f00000000c0)=[r11], &(0x7f0000000200), &(0x7f0000000300)=[r12], &(0x7f0000000340)})
connect$inet(r8, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010101}, 0x10)
listen(r8, 0x8)
accept4(r8, 0x0, 0x0, 0x0)

457.661439ms ago: executing program 1 (id=2946):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000800)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}}, 0x0)

261.534728ms ago: executing program 3 (id=2947):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x10f3f, 0x5, 0xfc9e, 0x3ff, 0x9, 0x5, 0x0, 0x80000001, 0x9}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

258.997348ms ago: executing program 4 (id=2948):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x38, 0x9, 0x6, 0x201, 0x300, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

14.643459ms ago: executing program 4 (id=2949):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$alg(r1, 0x0, 0x4004800)
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002680)=@newtaction={0x9f0, 0x30, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [{0x9dc, 0x1, [@m_ipt={0x110, 0x17, 0x0, 0x0, {{0x8}, {0x5c, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x2a, 0x6, {0x7, 'mangle\x00', 0x7, 0x289a}}, @TCA_IPT_TARG={0x2a, 0x6, {0x1, 'nat\x00', 0x17, 0x37}}]}, {0x8d, 0x6, "012793cd320f9b9a2d91de0c4a5089db6bbf71fc24bc7ff3ac9b0da7f00bb716c13eaaa77edf6390f4ae5523d26fa628520aeb6e570e6a5e52e3289191bc3dbba754e2c804eca599c21dd1b14797a71415c97c1db20d582ba57f5be690aaf1e558046608cfcd5b766cdd7ea41b8c680859a5d0868e25c0ab63fb808889e52b3f9c371b5b2ced5af3ee"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ipt={0x29c, 0x2, 0x0, 0x0, {{0x8}, {0x240, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_TARG={0xf1, 0x6, {0x9, 'security\x00', 0x7f, 0xd7, "d4d4b8898af69c8ff408097d99f310173b71558d204dbdf67055339a5f83418a75777341f28e72bef66f307a2cd2a1a58b280b09da191bccbe12a02a81ca049f5b4ac2f943a3e517234b5abce482dcfdf7f54b6930a0b80cfa011d4810bf049446834a034e8e1c71d4a351c81d50f784631c96907bab375a2929867eee26dccc8ed529334f1fb5a1b1c2e4ad62dab92b66bb81fedcbdf10ffa6c21e5d755a119144b5b655470fa2c42f012f36a81a04ff1c9e8f910b4eba3e708cbc7bd41877139f64d02904cb4"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_TARG={0xc1, 0x6, {0x8, 'filter\x00', 0x81, 0x5, "796fe7c3dace655b70eb0d03a520c84dbb180fac8c4b2a7a6e42b2d6647fbc895a4aa5da86b281e58a92735de4e82221d26e2751a61a175c21e51d175ba2573293737f1e9b0f37962e5e3b20ca798ca879a4ffdbe3f4eb1b1df79a98ba42a0f35ab62af6ad34dba7d201e7f97f0dd10c5eb3db6acd848c77298a81896e7c61fd0fe6da56837ae703e45bfd46631f73fd56d1a7ca8cfa03"}}, @TCA_IPT_INDEX={0x8, 0x3, 0x1}]}, {0x35, 0x6, "70a7a212ff238a47beb4d14e024ba216ebd62a80975e45961b0ed40c99d282ef4cf8cb99b117bb7b429819885f18ef47bf"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ipt={0x62c, 0xe, 0x0, 0x0, {{0x8}, {0x5cc, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TARG={0x57d, 0x6, {0x2c, 'mangle\x00', 0x6, 0xb06, "7dc7ea3ad21bae7af8dda67c4bcb77f41efe8537b5b4a82280b29d262276aec98c86d8466428d1123202e3d39110f70b48142fa8b0c6f40e0500a3d7aa24316d0a52ff00e4ae09cf1b540bb15ebc419a4967cebf44b5ef4523a42137d5fe31b7085a96abe91c9c15fd336a741968797d7ba45e1b9334a723ec09951da168d15216d1540544f60bd830a1a0be9c54b5255310dbfc21de0c978baad2bd38552bad32ab2d1ef05cbb5b478fe2d2cea66e5065b2a3d24537e5714cecaaebee98fb3ffc2e442a1043a581c19505dcbbe149d9e71064fc7dc8997211a90e7dafa555ecaea96a6900fedea801c3b1be411c66e9e6921095ddc4b0e884cdb80c296ff643bf7c56df1cac95e14194fc3fa27427b8008019eefaabd85e6d509ff8c0c47cf17b5d10d61a255b4b3580d5286ee12a7f178ed17a5c50fffb93ca60286aad1ecb17e2e6b197fcbec0a7b6185e52edbd4bf66a6aee48a424e899daafc72fe6b959482b7a69531cdb3c8ed9cd6aa3ad78c424ce1e6f8b3266a4e81bd9d7841ce5c5eee2cdb4d7aaeca63678ff387a063ac32c7de06a9fb5678d33677e9d5071989b1b93a3eae6c9486b9f378065aaab896aa4280c0ac77758ef14a930b0df92f02f25cecc6e51472a146cef1e2bf866df673891862c3243527ed5c4194ae555e92f3a75ef9032b0d387bb7497becfd6267f34420753c7765d4b6a012430dbeb68013097f22964f36d4660dc49d0e8cd5cecf1bb2e5d63d3f59e3ea4abdead98674c01df0647efb17ae0798f491a56fe3e4bb4125b26bb42194df0950e16248b43301884e114a1d6586bb68f0df5c82af2b31e12a39500151edfbe9086e6bb7ef23a12e0a43d09f61f1dc53f57fa93a7dbd758ce632f1dfc3e5bee2c00efe15276054afc1582985c4499a7cbef6be77b282ed91d8a7d7acbb8f1a7d94fa95cac7345152b7ec418a98583e23e18dd5a910be102ea52e7a0d60e6b10c16e5663db6391c43ad3f526638d56227f1e4a18580f6bd384ea5fa2f96a171d020dc093c9b8f6398c97ca223d1b831f7582b59e9a7b3c3f1671116e3e485f318d32d014fa83582b6261f8b082d1a5da4cd3f2d74a3cceb4d46a37604964b9320bc73769e30c581b35e53fa00854b634438166c0f7714f5d66dc840f89248c89870df9c0acebecf41f7c5b2499eb1a11a25450338b742ac32919bed852bfdd396e9b3665bf6eb22f75f1bf4296f76074bacf295ae337f3bb2bcf9ee8e1558c6e653817be1099563468a47d54794773dcc4546fd10bd28e941b7771d29758d76307f4591805474010c0cf217a398c60a8bf37a29719f769af801ac7693d921f5d910648c313eb540d7c53a5047b139d45dd2c1203dca08860e2aa5e288c077571fc56a266fe1dfe4ea038c10a8ea0a18f1c3a87c6ce8ce57319f737808acb4fea9e13d326363596cfe20158dab7aae896b2f3dc7c9d652880376c286f0872e64e0bfdb285c779619d8042bc7e8b5dd0a95136bf9d494b45eaa1621882f3872a7a4d8d66bba926acc44cf60f34e310df002046dcd0e62b1f2ffc7343d282e5551c35d3303c9b8da5c2b5537db2469820b9823f8404c1ac5f6e5ed25593373435051f997cc1c22f39d3c272bf5063c2cf1cb8808e16fd5b4d698f8e60c06ec63809ebdb79fa153ceb12753019482b020e6770fdbd840bb86652b356d03799194bf02ea5f3208a54094a54bd24be885a575eb58b99ef9fea432270ac71a142d702ca46cd0d647ae2ea85756542ba6c25af4061673d1e8f2cf71bd81db38dc380477adfc697333913a210f2de10e0060dad8d037b6d643118388022caa12ee923baa9050956b8df2f2962532d928bfd5f95666d56160a95334ce687e0e5b5e9a37bd3b711ca89563f85d2816c85569e77a69ffd022c0037e666c2355e"}}]}, {0x39, 0x6, "08a4ed5a8f66263df74cb1855d73a4e105c1c8609b85c81c1e776e45fff25ed2581c70a6029c924185bff8ea2a09cc3e762eb349ff"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x9f0}}, 0x20000000)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

6.488601ms ago: executing program 2 (id=2950):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$alg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x4004800)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

0s ago: executing program 3 (id=2951):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
sendmsg$nl_route(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001000390400"/20, @ANYRES32=r2, @ANYBLOB], 0x3c}}, 0x0)

kernel console output (not intermixed with test programs):

t descriptor with address 0xFF, changing to 0x8F
[  663.063114][ T5286] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  663.075937][ T5286] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  663.102335][ T5286] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  663.113474][T12434] Bluetooth: hci9: command tx timeout
[  663.115818][ T5286] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  663.130515][T15401] bridge0: port 1(syz_tun) entered blocking state
[  663.130658][T15401] bridge0: port 1(syz_tun) entered disabled state
[  663.130885][T15401] syz_tun: entered allmulticast mode
[  663.137706][ T5286] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  663.162412][ T5286] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  663.173823][ T5286] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  663.174766][T15401] syz_tun: entered promiscuous mode
[  663.196672][ T5286] usb 2-1: string descriptor 0 read error: -22
[  663.204511][ T5286] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  663.213957][ T5286] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.224278][T15401] bridge0: port 1(syz_tun) entered blocking state
[  663.230835][T15401] bridge0: port 1(syz_tun) entered forwarding state
[  663.264462][ T5286] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  663.305634][T15305] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  663.332299][T15305] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  663.441319][T15407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2199'.
[  663.827695][T15305] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  663.851877][T15305] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  664.037471][T15305] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  664.048161][T15305] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  664.448448][T15305] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  664.498609][T15305] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  664.546140][T15432] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  664.604760][T15305] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  664.666653][T15305] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  664.902490][T15305] 8021q: adding VLAN 0 to HW filter on device bond0
[  665.155628][T12434] Bluetooth: hci9: command tx timeout
[  665.175714][ T2516] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.229067][T15305] 8021q: adding VLAN 0 to HW filter on device team0
[  665.350078][ T2516] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.444540][ T2903] bridge0: port 1(bridge_slave_0) entered blocking state
[  665.451740][ T2903] bridge0: port 1(bridge_slave_0) entered forwarding state
[  665.512842][ T2903] bridge0: port 2(bridge_slave_1) entered blocking state
[  665.520035][ T2903] bridge0: port 2(bridge_slave_1) entered forwarding state
[  665.531322][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2218'.
[  665.608498][ T5241] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  665.623931][ T5241] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  665.652156][ T5241] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  665.665009][ T5241] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  665.676862][ T5241] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  665.694223][ T5241] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  665.708073][ T2516] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.779982][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2218'.
[  665.995271][ T2516] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.109595][T15459] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2224'.
[  666.124080][T15459] lo: entered allmulticast mode
[  666.265431][T15305] 8021q: adding VLAN 0 to HW filter on device batadv0
[  666.304160][T15305] veth0_vlan: entered promiscuous mode
[  666.317810][T15305] veth1_vlan: entered promiscuous mode
[  667.257135][ T5241] Bluetooth: hci9: command tx timeout
[  667.644200][ T5282] usb 2-1: USB disconnect, device number 9
[  667.802662][ T5241] Bluetooth: hci6: command tx timeout
[  668.072264][ T2516] bond0 (unregistering): Released all slaves
[  668.148124][T15305] veth0_macvtap: entered promiscuous mode
[  668.340833][T15305] veth1_macvtap: entered promiscuous mode
[  668.391729][T15451] chnl_net:caif_netlink_parms(): no params data found
[  668.948696][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  668.990047][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.002663][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.014820][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.097541][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.154006][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.201130][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.216775][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.232333][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.274146][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.333104][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.362825][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.390254][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.433365][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.452725][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.483628][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.502958][T15305] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.710233][T15487] warn_alloc: 3 callbacks suppressed
[  669.710257][T15487] syz.2.2236: vmalloc error: size 3985408, failed to allocated page array size 7784, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  669.804768][T15487] CPU: 1 UID: 0 PID: 15487 Comm: syz.2.2236 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  669.815604][T15487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  669.825703][T15487] Call Trace:
[  669.829004][T15487]  <TASK>
[  669.832037][T15487]  dump_stack_lvl+0x241/0x360
[  669.836756][T15487]  ? __pfx_dump_stack_lvl+0x10/0x10
[  669.841986][T15487]  ? __pfx__printk+0x10/0x10
[  669.846614][T15487]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  669.853050][T15487]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  669.859563][T15487]  warn_alloc+0x278/0x410
[  669.864017][T15487]  ? __pfx_warn_alloc+0x10/0x10
[  669.868893][T15487]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  669.875080][T15487]  ? __get_vm_area_node+0x23d/0x270
[  669.880317][T15487]  __vmalloc_node_range_noprof+0x691/0x13f0
[  669.886264][T15487]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  669.892269][T15487]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  669.898611][T15487]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  669.904798][T15487]  ? __get_vm_area_node+0x23d/0x270
[  669.910023][T15487]  __vmalloc_node_range_noprof+0x59c/0x13f0
[  669.915922][T15487]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  669.922107][T15487]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  669.927868][T15487]  ? rcu_is_watching+0x15/0xb0
[  669.932652][T15487]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  669.939001][T15487]  ? rcu_is_watching+0x15/0xb0
[  669.943797][T15487]  ? trace_kmalloc+0x1f/0xd0
[  669.948516][T15487]  ? __kmalloc_node_noprof+0x247/0x440
[  669.954019][T15487]  ? __kvmalloc_node_noprof+0x72/0x190
[  669.959529][T15487]  __kvmalloc_node_noprof+0x142/0x190
[  669.964947][T15487]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  669.971138][T15487]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  669.973559][ T2516] hsr_slave_0: left promiscuous mode
[  669.977153][T15487]  ? tpg_update_mv_step+0x361/0x4f0
[  669.987671][T15487]  vivid_update_format_cap+0x133c/0x2090
[  669.993353][T15487]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  669.999370][T15487]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  670.005231][T15487]  __video_do_ioctl+0xc23/0xdd0
[  670.010135][T15487]  ? __pfx___video_do_ioctl+0x10/0x10
[  670.015560][T15487]  ? __might_fault+0xc6/0x120
[  670.020308][T15487]  video_usercopy+0x89b/0x1180
[  670.025121][T15487]  ? __pfx___video_do_ioctl+0x10/0x10
[  670.030536][T15487]  ? __pfx_video_usercopy+0x10/0x10
[  670.035804][T15487]  ? __fget_files+0x29/0x470
[  670.040435][T15487]  v4l2_ioctl+0x189/0x1e0
[  670.044820][T15487]  v4l2_compat_ioctl32+0x1d7/0x260
[  670.049982][T15487]  __se_compat_sys_ioctl+0x510/0xc90
[  670.055319][T15487]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  670.061173][T15487]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  670.067196][T15487]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  670.073577][T15487]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  670.080213][T15487]  ? lockdep_hardirqs_on+0x99/0x150
[  670.085453][T15487]  __do_fast_syscall_32+0xb4/0x110
[  670.090600][T15487]  ? exc_page_fault+0x590/0x8c0
[  670.095486][T15487]  do_fast_syscall_32+0x34/0x80
[  670.100336][T15487]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  670.106676][T15487] RIP: 0023:0xf7f33579
[  670.110768][T15487] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  670.130409][T15487] RSP: 002b:00000000f56b656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  670.138887][T15487] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0845657
[  670.146890][T15487] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  670.154893][T15487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  670.162922][T15487] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  670.170909][T15487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  670.178907][T15487]  </TASK>
[  670.184853][ T2516] hsr_slave_1: left promiscuous mode
[  670.186404][ T5241] Bluetooth: hci6: command tx timeout
[  670.202133][T15487] Mem-Info:
[  670.207882][T15487] active_anon:6560 inactive_anon:0 isolated_anon:0
[  670.207882][T15487]  active_file:22652 inactive_file:38525 isolated_file:0
[  670.207882][T15487]  unevictable:768 dirty:83 writeback:0
[  670.207882][T15487]  slab_reclaimable:5760 slab_unreclaimable:114104
[  670.207882][T15487]  mapped:42050 shmem:1977 pagetables:844
[  670.207882][T15487]  sec_pagetables:0 bounce:0
[  670.207882][T15487]  kernel_misc_reclaimable:0
[  670.207882][T15487]  free:1208243 free_pcp:304 free_cma:0
[  670.258215][T15487] Node 0 active_anon:25984kB inactive_anon:0kB active_file:90448kB inactive_file:154028kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:170192kB dirty:332kB writeback:0kB shmem:6372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11784kB pagetables:3376kB sec_pagetables:0kB all_unreclaimable? no
[  670.270931][ T2516] veth1_macvtap: left promiscuous mode
[  670.291307][T15487] Node 1 active_anon:256kB inactive_anon:0kB active_file:160kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  670.332081][T15487] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  670.340527][ T2516] veth0_macvtap: left promiscuous mode
[  670.361509][T15487] lowmem_reserve[]: 0 2465 2466 0 0
[  670.371346][T15487] Node 0 DMA32 free:886468kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:25944kB inactive_anon:0kB active_file:90448kB inactive_file:153192kB unevictable:1536kB writepending:328kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:1116kB local_pcp:836kB free_cma:0kB
[  670.403598][T15487] lowmem_reserve[]: 0 0 0 0 0
[  670.409393][T15487] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:4kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  670.438685][T15487] lowmem_reserve[]: 0 0 0 0 0
[  670.443642][T15487] Node 1 Normal free:3931272kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:256kB inactive_anon:0kB active_file:160kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  670.472270][ T2516] veth1_vlan: left promiscuous mode
[  670.474364][T15487] lowmem_reserve[]: 0 0 0 0 0
[  670.482950][T15487] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  670.495687][ T2516] veth0_vlan: left promiscuous mode
[  670.515407][T15487] Node 0 DMA32: 9*4kB (E) 930*8kB (ME) 744*16kB (UME) 619*32kB (UME) 211*64kB (UME) 53*128kB (UME) 29*256kB (UME) 26*512kB (UME) 19*1024kB (ME) 4*2048kB (M) 190*4096kB (M) = 886100kB
[  670.554324][T15487] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  670.568465][T15487] Node 1 Normal: 184*4kB (UE) 53*8kB (UME) 34*16kB (UME) 189*32kB (UE) 87*64kB (UE) 27*128kB (UME) 19*256kB (UME) 10*512kB (UM) 3*1024kB (U) 3*2048kB (U) 951*4096kB (M) = 3931272kB
[  670.590098][T15487] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  670.604183][T15487] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  670.615028][T15487] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  670.626575][T15487] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  670.637670][T15487] 63154 total pagecache pages
[  670.643816][T15487] 0 pages in swap cache
[  670.649086][T15487] Free swap  = 124612kB
[  670.656309][T15487] Total swap = 124996kB
[  670.661661][T15487] 2097051 pages RAM
[  670.666229][T15487] 0 pages HighMem/MovableOnly
[  670.671348][T15487] 427076 pages reserved
[  670.675977][T15487] 0 pages cma reserved
[  672.275664][ T5241] Bluetooth: hci6: command tx timeout
[  673.208335][T15451] bridge0: port 1(bridge_slave_0) entered blocking state
[  673.221656][T15451] bridge0: port 1(bridge_slave_0) entered disabled state
[  673.260763][T15451] bridge_slave_0: entered allmulticast mode
[  673.283726][T15451] bridge_slave_0: entered promiscuous mode
[  673.326036][T15451] bridge0: port 2(bridge_slave_1) entered blocking state
[  673.333191][T15451] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.353644][T15451] bridge_slave_1: entered allmulticast mode
[  673.374075][T15451] bridge_slave_1: entered promiscuous mode
[  673.425442][T15537] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.449919][T15541] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2250'.
[  673.736140][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.781294][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.813668][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.863369][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.903373][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.915050][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.927596][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.954451][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.990198][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.000897][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.012008][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.023899][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.035535][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.047620][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.058910][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.070679][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.093391][T15305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.129132][T15305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.158136][T15305] batman_adv: batadv0: Interface activated: batadv_slave_1
[  674.238020][T15451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  674.278831][T15550] bridge_slave_0: left allmulticast mode
[  674.316131][T15550] bridge_slave_0: left promiscuous mode
[  674.353895][ T5241] Bluetooth: hci6: command tx timeout
[  674.363472][T15550] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.477093][T15550] bridge_slave_1: left allmulticast mode
[  674.483122][T15550] bridge_slave_1: left promiscuous mode
[  674.490207][T15550] bridge0: port 2(bridge_slave_1) entered disabled state
[  674.514666][T15550] bond0: (slave bond_slave_0): Releasing backup interface
[  674.525793][T15550] bond_slave_0: left promiscuous mode
[  674.549860][T15550] bond0: (slave bond_slave_1): Releasing backup interface
[  674.566342][T15550] bond_slave_1: left promiscuous mode
[  674.623013][T15550] team0: Port device team_slave_0 removed
[  674.658103][T15550] team0: Port device team_slave_1 removed
[  674.671761][T15550] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  674.689191][T15550] batman_adv: batadv0: Removing interface: batadv_slave_0
[  674.708859][T15550] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  674.740159][T15550] batman_adv: batadv0: Removing interface: batadv_slave_1
[  674.865916][T15451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.035692][T15305] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  675.113634][T15305] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  675.122866][T15305] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  675.215200][T15305] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.328742][T15451] team0: Port device team_slave_0 added
[  675.394001][T15451] team0: Port device team_slave_1 added
[  675.656791][T15575] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2259'.
[  675.699307][T15577] netlink: 'syz.3.2260': attribute type 9 has an invalid length.
[  675.772442][T15577] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.2260'.
[  675.811071][ T2516] IPVS: stop unused estimator thread 0...
[  675.858308][T15451] batman_adv: batadv0: Adding interface: batadv_slave_0
[  675.923355][T15451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.123578][T15451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  676.215909][T15451] batman_adv: batadv0: Adding interface: batadv_slave_1
[  676.222906][T15451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.269809][T15451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  676.412875][T15593] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2266'.
[  676.544449][T15451] hsr_slave_0: entered promiscuous mode
[  676.566048][T15451] hsr_slave_1: entered promiscuous mode
[  676.647310][T15451] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  676.661771][T15451] Cannot create hsr debugfs directory
[  677.015399][ T5947] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  677.033868][ T5947] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.890953][T12434] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  677.906020][T12434] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  677.916332][T12434] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  677.928535][T12434] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  677.940134][T12434] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  677.951032][T12434] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  678.122897][T15610] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.132972][T15610] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.154194][T15610] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.171070][T15610] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.369630][T15621] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2278'.
[  678.590215][ T5947] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.636407][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  678.646710][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  678.760665][ T5947] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.773573][ T5284] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  678.917508][ T5947] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.935031][ T5284] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  678.949286][ T5284] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  678.995546][ T5284] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  679.014568][ T5284] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  679.027180][ T5284] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  679.051962][ T5284] usb 3-1: config 0 interface 0 has no altsetting 0
[  679.066669][ T5284] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  679.079239][ T5284] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  679.090888][ T5284] usb 3-1: Product: syz
[  679.108775][ T5284] usb 3-1: Manufacturer: syz
[  679.122523][ T5284] usb 3-1: SerialNumber: syz
[  679.156930][ T5284] usb 3-1: config 0 descriptor??
[  679.163594][T15629] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  679.196449][ T5284] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  679.207374][ T5284] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  679.296324][ T5947] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  679.515050][T15645] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2287'.
[  679.590363][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  679.610308][T15649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2288'.
[  679.620259][T15649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2288'.
[  679.641321][ T5282] usb 3-1: USB disconnect, device number 24
[  679.659564][ T5282] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  679.808667][T15623] chnl_net:caif_netlink_parms(): no params data found
[  679.836652][ T5947] bridge_slave_1: left allmulticast mode
[  679.856198][ T5947] bridge_slave_1: left promiscuous mode
[  679.878699][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state
[  679.901188][ T5947] bridge_slave_0: left allmulticast mode
[  679.928510][ T5947] bridge_slave_0: left promiscuous mode
[  679.938689][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.034270][T12434] Bluetooth: hci7: command tx timeout
[  680.633427][T14854] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  680.856358][T14854] usb 2-1: config 0 has no interfaces?
[  680.879784][T14854] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  680.902617][T14854] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.913631][T14854] usb 2-1: Product: syz
[  680.921377][T14854] usb 2-1: Manufacturer: syz
[  680.928500][T14854] usb 2-1: SerialNumber: syz
[  680.945944][T14854] usb 2-1: config 0 descriptor??
[  681.140080][ T5947] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  681.161245][ T5947] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  681.175278][ T5947] bond0 (unregistering): (slave team0): Releasing backup interface
[  681.184912][ T5947] tipc: Resetting bearer <eth:team0>
[  681.197326][ T5947] tipc: Resetting bearer <eth:team0>
[  681.204484][ T5947] bond0 (unregistering): Released all slaves
[  681.543824][ T5947] tipc: Disabling bearer <eth:team0>
[  681.568257][ T5947] tipc: Left network mode
[  681.610553][T15623] bridge0: port 1(bridge_slave_0) entered blocking state
[  681.649561][T15623] bridge0: port 1(bridge_slave_0) entered disabled state
[  681.669046][T15623] bridge_slave_0: entered allmulticast mode
[  681.729998][T15623] bridge_slave_0: entered promiscuous mode
[  681.761121][T15451] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  681.821431][T15451] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  681.977848][T15623] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.032186][T15623] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.069786][T15623] bridge_slave_1: entered allmulticast mode
[  682.107529][T15623] bridge_slave_1: entered promiscuous mode
[  682.114231][T12434] Bluetooth: hci7: command tx timeout
[  682.274242][T15700] bridge_slave_0: left allmulticast mode
[  682.279912][T15700] bridge_slave_0: left promiscuous mode
[  682.307348][T15700] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.392063][T15700] bridge_slave_1: left allmulticast mode
[  682.410411][T15700] bridge_slave_1: left promiscuous mode
[  682.500872][T15700] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.559768][T15700] bond0: (slave bond_slave_0): Releasing backup interface
[  682.580377][T15700] bond0: (slave bond_slave_1): Releasing backup interface
[  682.665063][T15700] team0: Port device team_slave_0 removed
[  682.716978][T15700] team0: Port device team_slave_1 removed
[  682.724529][T15700] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  682.739108][T15700] batman_adv: batadv0: Removing interface: batadv_slave_0
[  682.769750][T15700] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  682.795816][T15700] batman_adv: batadv0: Removing interface: batadv_slave_1
[  682.840824][T15451] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  683.056109][T15701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2304'.
[  683.203490][T15704] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2305'.
[  683.354874][T15719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2307'.
[  683.364298][T15719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2307'.
[  683.519472][ T5284] usb 2-1: USB disconnect, device number 10
[  683.933885][T15451] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  684.018320][T15623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  684.102629][T15623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  684.201171][T12434] Bluetooth: hci7: command tx timeout
[  684.247050][ T5947] hsr_slave_0: left promiscuous mode
[  684.270297][ T5947] hsr_slave_1: left promiscuous mode
[  684.291833][ T5947] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  684.300753][ T5947] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.350380][ T5947] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  684.365406][ T5947] batman_adv: batadv0: Removing interface: batadv_slave_1
[  684.420905][ T5947] veth1_macvtap: left promiscuous mode
[  684.432705][ T5947] veth0_macvtap: left promiscuous mode
[  684.449080][ T5947] veth1_vlan: left promiscuous mode
[  684.464863][ T5947] veth0_vlan: left promiscuous mode
[  684.741746][T15763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2316'.
[  684.751500][T15763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2316'.
[  685.929742][ T5947] team0 (unregistering): Port device team_slave_1 removed
[  686.043536][ T5947] team0 (unregistering): Port device team_slave_0 removed
[  686.126036][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[  686.132341][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[  686.284027][T12434] Bluetooth: hci7: command tx timeout
[  687.101601][T15751] bridge0: port 1(syz_tun) entered disabled state
[  687.125661][T15751] bridge0: port 2(bridge_slave_1) entered disabled state
[  687.532397][T15751] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  687.578446][T15751] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  688.032755][T15751] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.049911][T15751] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.068698][T15751] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.078635][T15751] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.246049][T15623] team0: Port device team_slave_0 added
[  688.399373][T15623] team0: Port device team_slave_1 added
[  688.609004][T15795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2325'.
[  688.633376][T15795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2325'.
[  688.755537][T15623] batman_adv: batadv0: Adding interface: batadv_slave_0
[  688.762539][T15623] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  688.838571][T15623] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  688.875500][T15451] 8021q: adding VLAN 0 to HW filter on device bond0
[  688.894684][T15623] batman_adv: batadv0: Adding interface: batadv_slave_1
[  688.901691][T15623] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  688.984920][T15623] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  689.141846][T15813] syz_tun: left allmulticast mode
[  689.159692][T15813] syz_tun: left promiscuous mode
[  689.176795][T15813] bridge0: port 1(syz_tun) entered disabled state
[  689.194059][T15813] bridge_slave_1: left allmulticast mode
[  689.213340][T15813] bridge_slave_1: left promiscuous mode
[  689.234457][T15813] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.262312][T15813] bond0: (slave bond_slave_0): Releasing backup interface
[  689.301749][T15813] bond0: (slave bond_slave_1): Releasing backup interface
[  689.357409][T15813] team0: Port device team_slave_0 removed
[  689.380756][T15813] team0: Port device team_slave_1 removed
[  689.388504][T15813] batman_adv: batadv0: Removing interface: batadv_slave_0
[  689.399681][T15813] batman_adv: batadv0: Removing interface: batadv_slave_1
[  689.531724][T15623] hsr_slave_0: entered promiscuous mode
[  689.556973][T15623] hsr_slave_1: entered promiscuous mode
[  689.575898][T15623] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  689.597711][T15623] Cannot create hsr debugfs directory
[  689.743640][ T5283] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  689.769036][T15451] 8021q: adding VLAN 0 to HW filter on device team0
[  689.872259][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.875054][T15835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2338'.
[  689.879436][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  689.890200][T15835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2338'.
[  689.905013][ T5283] usb 1-1: Using ep0 maxpacket: 16
[  689.912563][ T5283] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  689.931052][ T5283] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  689.972118][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.979314][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  690.019133][ T5283] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  690.049058][ T5283] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.063699][ T5283] usb 1-1: Product: syz
[  690.067932][ T5283] usb 1-1: Manufacturer: syz
[  690.072666][ T5283] usb 1-1: SerialNumber: syz
[  690.081438][ T5283] usb 1-1: config 0 descriptor??
[  690.094618][ T5283] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  690.105912][ T5283] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  690.622603][T15451] 8021q: adding VLAN 0 to HW filter on device batadv0
[  690.710525][ T5283] em28xx 1-1:0.0: unknown em28xx chip ID (61)
[  690.913665][T15865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2348'.
[  690.922621][T15865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2348'.
[  690.976915][T15451] veth0_vlan: entered promiscuous mode
[  691.375476][T15451] veth1_vlan: entered promiscuous mode
[  691.689395][T15451] veth0_macvtap: entered promiscuous mode
[  691.706891][T15451] veth1_macvtap: entered promiscuous mode
[  691.793768][ T5283] em28xx 1-1:0.0: Config register raw data: 0xfffffffb
[  691.801917][ T5283] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[  691.819779][ T5283] em28xx 1-1:0.0: No AC97 audio processor
[  691.856057][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.866855][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.902072][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.930051][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.984087][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  692.066445][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.089496][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  692.131878][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.153398][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  692.172128][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.214962][T15451] batman_adv: batadv0: Interface activated: batadv_slave_0
[  692.269417][T15623] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  692.342757][T15623] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  692.419449][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.430040][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.480299][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.521634][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.573442][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.644162][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.696500][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.768034][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.825281][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.899913][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.943499][T15451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.991696][T15451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  693.059532][T15451] batman_adv: batadv0: Interface activated: batadv_slave_1
[  693.073542][T15623] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  693.120491][T15451] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  693.129391][T15451] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  693.138243][T15451] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  693.153728][T15451] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  693.176310][T15623] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  693.285944][ T6826] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  693.343562][ T6826] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  693.511656][ T6826] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  693.519727][ T6826] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  693.578157][ T1173] usb 1-1: USB disconnect, device number 32
[  693.586053][ T1173] em28xx 1-1:0.0: Disconnecting em28xx
[  693.724056][ T1173] em28xx 1-1:0.0: Freeing device
[  694.016740][T15623] 8021q: adding VLAN 0 to HW filter on device bond0
[  694.082562][T15623] 8021q: adding VLAN 0 to HW filter on device team0
[  694.100122][T15956] tipc: Started in network mode
[  694.109984][T15956] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  694.144062][T15956] tipc: Enabled bearer <eth:team0>, priority 0
[  694.227953][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.235184][ T5947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.264247][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.271430][ T5947] bridge0: port 2(bridge_slave_1) entered forwarding state
[  694.321812][T15623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  694.379637][T15623] veth0_vlan: entered promiscuous mode
[  694.393824][T15623] veth1_vlan: entered promiscuous mode
[  694.422737][T15623] veth0_macvtap: entered promiscuous mode
[  694.452205][T15623] veth1_macvtap: entered promiscuous mode
[  694.518008][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.583946][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.638368][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.653439][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.663478][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.690366][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.738629][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.749619][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.760222][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.771231][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.788799][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.800634][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.818678][T15623] batman_adv: batadv0: Interface activated: batadv_slave_0
[  694.858206][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.870101][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.880990][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.892417][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.904131][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.915551][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.926859][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.938237][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.949262][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.961002][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.971450][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.982586][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.992791][T15623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  695.003656][T15623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.014952][T15623] batman_adv: batadv0: Interface activated: batadv_slave_1
[  695.038273][T15623] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  695.047735][T15623] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  695.057215][T15623] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  695.076915][T15623] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  695.273413][    T9] tipc: Node number set to 11578026
[  695.376166][T15994] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2389'.
[  695.635477][ T6826] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  695.660851][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  695.671550][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  695.698271][ T6826] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  696.130240][T16019] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2399'.
[  696.191911][T16024] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2403'.
[  696.215095][T16022] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  696.869923][T16050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2411'.
[  696.879534][T16050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2411'.
[  696.890326][T16051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2414'.
[  697.005064][T16054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2417'.
[  697.842397][T16080] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2428'.
[  697.847570][T16054] team0 (unregistering): Port device team_slave_0 removed
[  697.869513][T16054] team0 (unregistering): Port device team_slave_1 removed
[  697.935821][T16070] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  698.334969][T16090] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  698.609269][T16107] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2440'.
[  698.624918][T16100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2438'.
[  699.573023][T16130] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  699.643145][T16136] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  700.754845][T16187] __nla_validate_parse: 2 callbacks suppressed
[  700.754868][T16187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2474'.
[  700.815042][T16187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2474'.
[  702.217151][T16234] tipc: Started in network mode
[  702.234465][T16234] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  702.269760][T16234] tipc: Enabled bearer <eth:team0>, priority 0
[  702.567816][T16253] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  702.708268][T16258] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2508'.
[  702.743393][ T5283] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  702.751328][T16258] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2508'.
[  702.983379][ T5283] usb 5-1: config 0 has no interfaces?
[  703.051709][ T5283] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  703.061078][ T5283] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.069421][ T5283] usb 5-1: Product: syz
[  703.073925][ T5283] usb 5-1: Manufacturer: syz
[  703.078589][ T5283] usb 5-1: SerialNumber: syz
[  703.087026][ T5283] usb 5-1: config 0 descriptor??
[  703.265008][ T1173] tipc: Node number set to 11578026
[  703.593141][T16281] bridge_slave_0: left allmulticast mode
[  703.619859][T16281] bridge_slave_0: left promiscuous mode
[  703.649303][T16281] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.747998][T16281] bridge_slave_1: left allmulticast mode
[  703.790220][T16281] bridge_slave_1: left promiscuous mode
[  703.819298][T16281] bridge0: port 2(bridge_slave_1) entered disabled state
[  703.890322][T16281] bond0: (slave bond_slave_0): Releasing backup interface
[  703.922764][T16281] bond0: (slave bond_slave_1): Releasing backup interface
[  703.948702][T16281] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  703.969839][T16281] batman_adv: batadv0: Removing interface: batadv_slave_0
[  704.015610][T16281] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  704.043677][T16281] batman_adv: batadv0: Removing interface: batadv_slave_1
[  704.155333][T16285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2519'.
[  704.354547][T16302] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2526'.
[  704.368710][T16302] lo: entered allmulticast mode
[  704.759566][T16312] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2532'.
[  705.161295][T16328] FAULT_INJECTION: forcing a failure.
[  705.161295][T16328] name failslab, interval 1, probability 0, space 0, times 0
[  705.176525][T16328] CPU: 1 UID: 0 PID: 16328 Comm: syz.3.2539 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  705.187327][T16328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  705.197388][T16328] Call Trace:
[  705.200667][T16328]  <TASK>
[  705.203599][T16328]  dump_stack_lvl+0x241/0x360
[  705.208282][T16328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  705.213478][T16328]  ? __pfx__printk+0x10/0x10
[  705.218071][T16328]  ? ref_tracker_alloc+0x332/0x490
[  705.223181][T16328]  should_fail_ex+0x3b0/0x4e0
[  705.227871][T16328]  ? skb_clone+0x20c/0x390
[  705.232289][T16328]  should_failslab+0xac/0x100
[  705.236965][T16328]  ? skb_clone+0x20c/0x390
[  705.241386][T16328]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  705.246760][T16328]  skb_clone+0x20c/0x390
[  705.251008][T16328]  __netlink_deliver_tap+0x3cc/0x7c0
[  705.256299][T16328]  ? netlink_deliver_tap+0x2e/0x1b0
[  705.261492][T16328]  netlink_deliver_tap+0x19d/0x1b0
[  705.266607][T16328]  netlink_unicast+0x7c4/0x990
[  705.271401][T16328]  ? __pfx_netlink_unicast+0x10/0x10
[  705.276697][T16328]  ? __virt_addr_valid+0x183/0x530
[  705.281808][T16328]  ? __check_object_size+0x48e/0x900
[  705.287094][T16328]  netlink_sendmsg+0x8e4/0xcb0
[  705.291865][T16328]  ? __pfx_netlink_sendmsg+0x10/0x10
[  705.297150][T16328]  ? __pfx_lock_release+0x10/0x10
[  705.302173][T16328]  ? aa_sock_msg_perm+0x91/0x160
[  705.307114][T16328]  ? __pfx_netlink_sendmsg+0x10/0x10
[  705.312395][T16328]  __sock_sendmsg+0x221/0x270
[  705.317089][T16328]  ____sys_sendmsg+0x52a/0x7e0
[  705.321863][T16328]  ? __pfx_____sys_sendmsg+0x10/0x10
[  705.327162][T16328]  __sys_sendmsg+0x292/0x380
[  705.331758][T16328]  ? __pfx___sys_sendmsg+0x10/0x10
[  705.336884][T16328]  ? __pfx_vfs_write+0x10/0x10
[  705.341680][T16328]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  705.348279][T16328]  ? lockdep_hardirqs_on+0x99/0x150
[  705.353481][T16328]  __do_fast_syscall_32+0xb4/0x110
[  705.358595][T16328]  ? exc_page_fault+0x590/0x8c0
[  705.363457][T16328]  do_fast_syscall_32+0x34/0x80
[  705.368312][T16328]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  705.374651][T16328] RIP: 0023:0xf7f50579
[  705.378724][T16328] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  705.398337][T16328] RSP: 002b:00000000f56d656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  705.406774][T16328] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  705.414761][T16328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  705.422736][T16328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  705.430710][T16328] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  705.438680][T16328] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  705.446664][T16328]  </TASK>
[  705.508135][ T5283] usb 5-1: USB disconnect, device number 16
[  706.583470][ T1173] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  706.764770][ T1173] usb 4-1: config 0 has no interfaces?
[  706.789387][ T1173] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  706.803633][T15783] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  706.849252][ T1173] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  706.957433][ T1173] usb 4-1: Product: syz
[  706.965837][T15783] usb 5-1: config 0 has an invalid interface number: 193 but max is 3
[  706.975391][T15783] usb 5-1: config 0 has an invalid interface number: 157 but max is 3
[  707.014834][T15783] usb 5-1: config 0 has an invalid interface number: 182 but max is 3
[  707.032528][ T1173] usb 4-1: Manufacturer: syz
[  707.051829][T15783] usb 5-1: config 0 has an invalid interface number: 189 but max is 3
[  707.067872][ T1173] usb 4-1: SerialNumber: syz
[  707.083120][T15783] usb 5-1: config 0 has 5 interfaces, different from the descriptor's value: 4
[  707.115636][T15783] usb 5-1: config 0 has no interface number 1
[  707.145293][T15783] usb 5-1: config 0 has no interface number 2
[  707.160585][T15783] usb 5-1: config 0 has no interface number 3
[  707.163126][ T1173] usb 4-1: config 0 descriptor??
[  707.224895][T15783] usb 5-1: config 0 has no interface number 4
[  707.344200][T15783] usb 5-1: too many endpoints for config 0 interface 182 altsetting 54: 81, using maximum allowed: 30
[  707.388977][T15783] usb 5-1: config 0 interface 182 altsetting 54 has 0 endpoint descriptors, different from the interface descriptor's value: 81
[  707.496878][T15783] usb 5-1: config 0 interface 0 has no altsetting 0
[  707.510995][T15783] usb 5-1: config 0 interface 193 has no altsetting 0
[  707.522770][T15783] usb 5-1: config 0 interface 157 has no altsetting 0
[  707.551294][T15783] usb 5-1: config 0 interface 182 has no altsetting 0
[  707.560673][T15783] usb 5-1: config 0 interface 189 has no altsetting 0
[  707.624918][T15783] usb 5-1: New USB device found, idVendor=1199, idProduct=9005, bcdDevice=18.d1
[  707.678791][T15783] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.704227][T15783] usb 5-1: config 0 descriptor??
[  708.072045][T16402] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2573'.
[  708.098621][T15783] usb 5-1: string descriptor 0 read error: -71
[  708.132736][T15783] usb 5-1: unknown number of interfaces: 5
[  708.171651][T15783] usb 5-1: USB disconnect, device number 17
[  708.432283][T16412] netlink: 'syz.2.2578': attribute type 9 has an invalid length.
[  708.484075][T16412] netlink: 134672 bytes leftover after parsing attributes in process `syz.2.2578'.
[  708.516538][T16412] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  708.999732][T16428] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2586'.
[  709.481087][T16445] netlink: 'syz.0.2593': attribute type 9 has an invalid length.
[  709.534161][T16445] netlink: 134672 bytes leftover after parsing attributes in process `syz.0.2593'.
[  709.564824][T16445] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  709.822936][T16453] FAULT_INJECTION: forcing a failure.
[  709.822936][T16453] name failslab, interval 1, probability 0, space 0, times 0
[  709.836346][T16453] CPU: 0 UID: 0 PID: 16453 Comm: syz.1.2598 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  709.847150][T16453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  709.857339][T16453] Call Trace:
[  709.860648][T16453]  <TASK>
[  709.863599][T16453]  dump_stack_lvl+0x241/0x360
[  709.868311][T16453]  ? __pfx_dump_stack_lvl+0x10/0x10
[  709.873546][T16453]  ? __pfx__printk+0x10/0x10
[  709.878174][T16453]  ? fs_reclaim_acquire+0x93/0x130
[  709.883313][T16453]  ? __pfx___might_resched+0x10/0x10
[  709.888638][T16453]  should_fail_ex+0x3b0/0x4e0
[  709.893365][T16453]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  709.899112][T16453]  should_failslab+0xac/0x100
[  709.903803][T16453]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  709.909527][T16453]  __kmalloc_noprof+0xd8/0x400
[  709.914296][T16453]  tomoyo_realpath_from_path+0xcf/0x5e0
[  709.919851][T16453]  tomoyo_path_number_perm+0x23a/0x880
[  709.925321][T16453]  ? tomoyo_path_number_perm+0x208/0x880
[  709.930962][T16453]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  709.936952][T16453]  ? __pfx_lock_acquire+0x10/0x10
[  709.942035][T16453]  ? __fget_files+0x29/0x470
[  709.946647][T16453]  ? __fget_files+0x3f3/0x470
[  709.951343][T16453]  security_file_ioctl_compat+0xc6/0x2a0
[  709.956988][T16453]  __se_compat_sys_ioctl+0xd6/0xc90
[  709.962200][T16453]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  709.968018][T16453]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  709.974019][T16453]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  709.980377][T16453]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  709.986986][T16453]  ? lockdep_hardirqs_on+0x99/0x150
[  709.992187][T16453]  __do_fast_syscall_32+0xb4/0x110
[  709.997298][T16453]  ? exc_page_fault+0x590/0x8c0
[  710.002156][T16453]  do_fast_syscall_32+0x34/0x80
[  710.007028][T16453]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  710.013378][T16453] RIP: 0023:0xf748d579
[  710.017474][T16453] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  710.037104][T16453] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  710.045533][T16453] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[  710.053507][T16453] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  710.061474][T16453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  710.069443][T16453] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  710.077418][T16453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  710.085409][T16453]  </TASK>
[  710.168272][T16453] ERROR: Out of memory at tomoyo_realpath_from_path.
[  710.185409][T15783] usb 4-1: USB disconnect, device number 31
[  710.567449][T16477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2607'.
[  710.576598][T16477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2607'.
[  710.582074][T16478] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2609'.
[  711.062802][T15783] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  711.253755][T15783] usb 2-1: config 0 has no interfaces?
[  711.264757][T15783] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  711.276288][T15783] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  711.289711][T15783] usb 2-1: Product: syz
[  711.295540][T15783] usb 2-1: Manufacturer: syz
[  711.300166][T15783] usb 2-1: SerialNumber: syz
[  711.313141][T15783] usb 2-1: config 0 descriptor??
[  711.335027][T16499] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2619'.
[  711.670576][T16506] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2621'.
[  711.705283][T16506] lo: entered allmulticast mode
[  711.735387][T16511] bridge0: port 1(syz_tun) entered blocking state
[  711.758020][T16511] bridge0: port 1(syz_tun) entered disabled state
[  711.785630][T16511] syz_tun: entered allmulticast mode
[  711.794908][T16511] syz_tun: entered promiscuous mode
[  711.978159][T16520] netlink: 'syz.2.2629': attribute type 9 has an invalid length.
[  711.985664][T16518] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2626'.
[  712.136685][T16529] FAULT_INJECTION: forcing a failure.
[  712.136685][T16529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  712.178043][T16529] CPU: 1 UID: 0 PID: 16529 Comm: syz.2.2630 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  712.188877][T16529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  712.198967][T16529] Call Trace:
[  712.202272][T16529]  <TASK>
[  712.205223][T16529]  dump_stack_lvl+0x241/0x360
[  712.209932][T16529]  ? __pfx_dump_stack_lvl+0x10/0x10
[  712.215145][T16529]  ? __pfx__printk+0x10/0x10
[  712.219745][T16529]  ? snprintf+0xda/0x120
[  712.224002][T16529]  should_fail_ex+0x3b0/0x4e0
[  712.228707][T16529]  _copy_to_user+0x2f/0xb0
[  712.233139][T16529]  simple_read_from_buffer+0xca/0x150
[  712.238534][T16529]  proc_fail_nth_read+0x1e9/0x250
[  712.243570][T16529]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  712.249127][T16529]  ? rw_verify_area+0x55e/0x6f0
[  712.253982][T16529]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  712.259529][T16529]  vfs_read+0x201/0xbc0
[  712.263862][T16529]  ? __pfx_lock_release+0x10/0x10
[  712.269068][T16529]  ? __pfx_vfs_read+0x10/0x10
[  712.273756][T16529]  ? __fget_files+0x3f3/0x470
[  712.278438][T16529]  ? fdget_pos+0x24e/0x320
[  712.282867][T16529]  ksys_read+0x183/0x2b0
[  712.287109][T16529]  ? __pfx_ksys_read+0x10/0x10
[  712.291880][T16529]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  712.298477][T16529]  ? lockdep_hardirqs_on+0x99/0x150
[  712.303676][T16529]  __do_fast_syscall_32+0xb4/0x110
[  712.308785][T16529]  ? exc_page_fault+0x590/0x8c0
[  712.313641][T16529]  do_fast_syscall_32+0x34/0x80
[  712.318516][T16529]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  712.324848][T16529] RIP: 0023:0xf7f33579
[  712.328923][T16529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  712.348550][T16529] RSP: 002b:00000000f56955a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  712.356974][T16529] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5695620
[  712.364946][T16529] RDX: 000000000000000f RSI: 00000000f73bbff4 RDI: 0000000000000000
[  712.372914][T16529] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  712.380886][T16529] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  712.388856][T16529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  712.396835][T16529]  </TASK>
[  712.783616][ T5283] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  712.989589][ T5283] usb 5-1: config 0 has no interfaces?
[  713.024653][ T5283] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  713.043483][ T5283] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.054031][ T5283] usb 5-1: Product: syz
[  713.059826][ T5283] usb 5-1: Manufacturer: syz
[  713.064929][ T5283] usb 5-1: SerialNumber: syz
[  713.073184][ T5283] usb 5-1: config 0 descriptor??
[  713.532292][T16550] __nla_validate_parse: 4 callbacks suppressed
[  713.532315][T16550] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2639'.
[  713.595583][T16552] FAULT_INJECTION: forcing a failure.
[  713.595583][T16552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  713.613402][T16552] CPU: 0 UID: 0 PID: 16552 Comm: syz.3.2640 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  713.624227][T16552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  713.634319][T16552] Call Trace:
[  713.637635][T16552]  <TASK>
[  713.640557][T16552]  dump_stack_lvl+0x241/0x360
[  713.645232][T16552]  ? __pfx_dump_stack_lvl+0x10/0x10
[  713.650422][T16552]  ? __pfx__printk+0x10/0x10
[  713.655000][T16552]  ? __pfx_lock_release+0x10/0x10
[  713.660031][T16552]  should_fail_ex+0x3b0/0x4e0
[  713.664721][T16552]  _copy_from_user+0x2f/0xe0
[  713.669304][T16552]  get_compat_msghdr+0xae/0x730
[  713.674146][T16552]  ? __fget_files+0x29/0x470
[  713.678730][T16552]  ? __pfx_get_compat_msghdr+0x10/0x10
[  713.684178][T16552]  ? __fget_files+0x3f3/0x470
[  713.688871][T16552]  __sys_sendmsg+0x25d/0x380
[  713.693465][T16552]  ? __pfx___sys_sendmsg+0x10/0x10
[  713.698572][T16552]  ? __pfx_vfs_write+0x10/0x10
[  713.703345][T16552]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  713.709920][T16552]  ? lockdep_hardirqs_on+0x99/0x150
[  713.715107][T16552]  __do_fast_syscall_32+0xb4/0x110
[  713.720227][T16552]  ? exc_page_fault+0x590/0x8c0
[  713.725104][T16552]  do_fast_syscall_32+0x34/0x80
[  713.729953][T16552]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  713.736276][T16552] RIP: 0023:0xf7f50579
[  713.740334][T16552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  713.759933][T16552] RSP: 002b:00000000f56d656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  713.768347][T16552] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000400
[  713.776331][T16552] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  713.784293][T16552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  713.792259][T16552] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  713.800217][T16552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  713.808187][T16552]  </TASK>
[  713.937371][T16555] FAULT_INJECTION: forcing a failure.
[  713.937371][T16555] name failslab, interval 1, probability 0, space 0, times 0
[  714.008534][T16556] netlink: 'syz.0.2641': attribute type 9 has an invalid length.
[  714.021109][T16555] CPU: 1 UID: 0 PID: 16555 Comm: syz.2.2642 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  714.029617][T16556] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.2641'.
[  714.031898][T16555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  714.051281][T16555] Call Trace:
[  714.054582][T16555]  <TASK>
[  714.057530][T16555]  dump_stack_lvl+0x241/0x360
[  714.062210][T16555]  ? __pfx_dump_stack_lvl+0x10/0x10
[  714.067424][T16555]  ? __pfx__printk+0x10/0x10
[  714.072010][T16555]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  714.077500][T16555]  ? __pfx___might_resched+0x10/0x10
[  714.082780][T16555]  should_fail_ex+0x3b0/0x4e0
[  714.087455][T16555]  should_failslab+0xac/0x100
[  714.092126][T16555]  ? hash_net_create+0x2fa/0x1040
[  714.097137][T16555]  __kmalloc_cache_noprof+0x6c/0x2c0
[  714.102416][T16555]  hash_net_create+0x2fa/0x1040
[  714.107267][T16555]  ? __pfx_hash_net_create+0x10/0x10
[  714.112565][T16555]  ip_set_create+0xa5c/0x1900
[  714.117259][T16555]  ? ip_set_create+0x45e/0x1900
[  714.122099][T16555]  ? trace_raw_output_contention_end+0x9a/0xd0
[  714.128253][T16555]  ? __pfx_ip_set_create+0x10/0x10
[  714.133354][T16555]  ? trace_contention_end+0x3c/0x120
[  714.138692][T16555]  ? nfnetlink_rcv_msg+0x225/0x1180
[  714.143928][T16555]  nfnetlink_rcv_msg+0xbec/0x1180
[  714.148976][T16555]  ? nfnetlink_rcv_msg+0x225/0x1180
[  714.154232][T16555]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  714.159861][T16555]  netlink_rcv_skb+0x1e3/0x430
[  714.164645][T16555]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  714.170100][T16555]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  714.175392][T16555]  ? apparmor_capable+0x13b/0x1b0
[  714.180421][T16555]  ? bpf_lsm_capable+0x9/0x10
[  714.185097][T16555]  ? security_capable+0x7e/0x2d0
[  714.190034][T16555]  nfnetlink_rcv+0x297/0x2ab0
[  714.194708][T16555]  ? __pfx_validate_chain+0x10/0x10
[  714.199918][T16555]  ? mark_lock+0x9a/0x360
[  714.204249][T16555]  ? __pfx_validate_chain+0x10/0x10
[  714.209456][T16555]  ? __lock_acquire+0x1384/0x2050
[  714.214493][T16555]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  714.219604][T16555]  ? mark_lock+0x9a/0x360
[  714.223954][T16555]  ? __lock_acquire+0x1384/0x2050
[  714.229041][T16555]  ? __pfx_lock_release+0x10/0x10
[  714.234106][T16555]  ? netlink_deliver_tap+0x2e/0x1b0
[  714.239328][T16555]  ? __pfx_lock_release+0x10/0x10
[  714.244396][T16555]  ? netlink_deliver_tap+0x2e/0x1b0
[  714.249627][T16555]  netlink_unicast+0x7f6/0x990
[  714.254433][T16555]  ? __pfx_netlink_unicast+0x10/0x10
[  714.259755][T16555]  ? __virt_addr_valid+0x183/0x530
[  714.264894][T16555]  ? __check_object_size+0x48e/0x900
[  714.270211][T16555]  netlink_sendmsg+0x8e4/0xcb0
[  714.275017][T16555]  ? __pfx_netlink_sendmsg+0x10/0x10
[  714.280337][T16555]  ? __pfx_lock_release+0x10/0x10
[  714.285396][T16555]  ? aa_sock_msg_perm+0x91/0x160
[  714.290376][T16555]  ? __pfx_netlink_sendmsg+0x10/0x10
[  714.295694][T16555]  __sock_sendmsg+0x221/0x270
[  714.300408][T16555]  ____sys_sendmsg+0x52a/0x7e0
[  714.305219][T16555]  ? __pfx_____sys_sendmsg+0x10/0x10
[  714.310568][T16555]  __sys_sendmsg+0x292/0x380
[  714.315196][T16555]  ? __pfx___sys_sendmsg+0x10/0x10
[  714.320350][T16555]  ? __pfx_vfs_write+0x10/0x10
[  714.325176][T16555]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  714.331794][T16555]  ? lockdep_hardirqs_on+0x99/0x150
[  714.337019][T16555]  __do_fast_syscall_32+0xb4/0x110
[  714.342160][T16555]  ? exc_page_fault+0x590/0x8c0
[  714.347048][T16555]  do_fast_syscall_32+0x34/0x80
[  714.351932][T16555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  714.358290][T16555] RIP: 0023:0xf7f33579
[  714.362355][T16555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  714.382050][T16555] RSP: 002b:00000000f56b656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  714.390531][T16555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  714.398513][T16555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  714.406500][T16555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  714.414483][T16555] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  714.422462][T16555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  714.430450][T16555]  </TASK>
[  714.608416][T16563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2645'.
[  714.677259][T15777] usb 2-1: USB disconnect, device number 11
[  714.686627][T16563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2645'.
[  714.741159][T16568] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2646'.
[  715.191941][T16579] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2654'.
[  715.257617][T15777] usb 5-1: USB disconnect, device number 18
[  715.419835][T16587] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2655'.
[  716.357246][T16638] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2676'.
[  716.423594][ T5283] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  716.684591][ T5283] usb 3-1: config 0 has an invalid interface number: 193 but max is 3
[  716.692860][ T5283] usb 3-1: config 0 has an invalid interface number: 157 but max is 3
[  716.707579][ T5283] usb 3-1: config 0 has an invalid interface number: 182 but max is 3
[  716.716000][ T5283] usb 3-1: config 0 has an invalid interface number: 189 but max is 3
[  716.724456][ T5283] usb 3-1: config 0 has 5 interfaces, different from the descriptor's value: 4
[  716.734137][ T5283] usb 3-1: config 0 has no interface number 1
[  716.740240][ T5283] usb 3-1: config 0 has no interface number 2
[  716.747008][ T5283] usb 3-1: config 0 has no interface number 3
[  716.753123][ T5283] usb 3-1: config 0 has no interface number 4
[  716.759565][ T5283] usb 3-1: too many endpoints for config 0 interface 182 altsetting 54: 81, using maximum allowed: 30
[  716.770741][ T5283] usb 3-1: config 0 interface 182 altsetting 54 has 0 endpoint descriptors, different from the interface descriptor's value: 81
[  716.784599][ T5283] usb 3-1: config 0 interface 0 has no altsetting 0
[  716.791861][ T5283] usb 3-1: config 0 interface 193 has no altsetting 0
[  716.798760][ T5283] usb 3-1: config 0 interface 157 has no altsetting 0
[  716.805675][ T5283] usb 3-1: config 0 interface 182 has no altsetting 0
[  716.812470][ T5283] usb 3-1: config 0 interface 189 has no altsetting 0
[  716.819379][ T5283] usb 3-1: New USB device found, idVendor=1199, idProduct=9005, bcdDevice=18.d1
[  716.828512][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.906129][T16649] netlink: 'syz.4.2683': attribute type 9 has an invalid length.
[  716.914376][T16649] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.2683'.
[  716.914775][ T5283] usb 3-1: config 0 descriptor??
[  717.012426][T16657] FAULT_INJECTION: forcing a failure.
[  717.012426][T16657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  717.075874][T16657] CPU: 0 UID: 0 PID: 16657 Comm: syz.0.2682 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  717.086724][T16657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  717.096809][T16657] Call Trace:
[  717.100129][T16657]  <TASK>
[  717.103084][T16657]  dump_stack_lvl+0x241/0x360
[  717.107803][T16657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  717.113040][T16657]  ? __pfx__printk+0x10/0x10
[  717.117663][T16657]  ? __pfx_lock_release+0x10/0x10
[  717.122728][T16657]  should_fail_ex+0x3b0/0x4e0
[  717.127439][T16657]  _copy_from_user+0x2f/0xe0
[  717.132040][T16657]  get_compat_msghdr+0xae/0x730
[  717.136889][T16657]  ? __fget_files+0x29/0x470
[  717.141487][T16657]  ? __pfx_get_compat_msghdr+0x10/0x10
[  717.146957][T16657]  ? __fget_files+0x3f3/0x470
[  717.151640][T16657]  __sys_sendmsg+0x25d/0x380
[  717.156228][T16657]  ? __pfx___sys_sendmsg+0x10/0x10
[  717.161347][T16657]  ? __pfx_vfs_write+0x10/0x10
[  717.166134][T16657]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  717.172720][T16657]  ? lockdep_hardirqs_on+0x99/0x150
[  717.177920][T16657]  __do_fast_syscall_32+0xb4/0x110
[  717.183032][T16657]  ? exc_page_fault+0x590/0x8c0
[  717.187884][T16657]  do_fast_syscall_32+0x34/0x80
[  717.192731][T16657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  717.199053][T16657] RIP: 0023:0xf7fb2579
[  717.203119][T16657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  717.222724][T16657] RSP: 002b:00000000f573656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  717.231141][T16657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  717.239118][T16657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  717.247091][T16657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  717.255060][T16657] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  717.263025][T16657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  717.271002][T16657]  </TASK>
[  717.281242][ T5283] usb 3-1: string descriptor 0 read error: -71
[  717.293499][ T5283] usb 3-1: unknown number of interfaces: 5
[  717.309550][ T5283] usb 3-1: USB disconnect, device number 25
[  718.109847][T16685] netlink: 'syz.1.2700': attribute type 9 has an invalid length.
[  718.167808][T16685] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.2700'.
[  718.884479][T16716] FAULT_INJECTION: forcing a failure.
[  718.884479][T16716] name failslab, interval 1, probability 0, space 0, times 0
[  718.913601][T16716] CPU: 0 UID: 0 PID: 16716 Comm: syz.4.2714 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  718.924426][T16716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  718.934485][T16716] Call Trace:
[  718.937757][T16716]  <TASK>
[  718.940680][T16716]  dump_stack_lvl+0x241/0x360
[  718.945354][T16716]  ? __pfx_dump_stack_lvl+0x10/0x10
[  718.950541][T16716]  ? __pfx__printk+0x10/0x10
[  718.955133][T16716]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  718.961106][T16716]  ? __pfx___might_resched+0x10/0x10
[  718.966405][T16716]  should_fail_ex+0x3b0/0x4e0
[  718.971090][T16716]  should_failslab+0xac/0x100
[  718.975769][T16716]  ? __alloc_skb+0x1c3/0x440
[  718.980356][T16716]  kmem_cache_alloc_node_noprof+0x71/0x320
[  718.986182][T16716]  __alloc_skb+0x1c3/0x440
[  718.990608][T16716]  ? __pfx___alloc_skb+0x10/0x10
[  718.995547][T16716]  ? netlink_autobind+0xd6/0x2f0
[  719.000481][T16716]  ? netlink_autobind+0x2b0/0x2f0
[  719.005500][T16716]  netlink_sendmsg+0x638/0xcb0
[  719.010282][T16716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.015582][T16716]  ? __pfx_lock_release+0x10/0x10
[  719.020613][T16716]  ? aa_sock_msg_perm+0x91/0x160
[  719.025579][T16716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.030887][T16716]  __sock_sendmsg+0x221/0x270
[  719.035656][T16716]  ____sys_sendmsg+0x52a/0x7e0
[  719.040433][T16716]  ? __pfx_____sys_sendmsg+0x10/0x10
[  719.045722][T16716]  __sys_sendmsg+0x292/0x380
[  719.050313][T16716]  ? __pfx___sys_sendmsg+0x10/0x10
[  719.055424][T16716]  ? __pfx_vfs_write+0x10/0x10
[  719.060197][T16716]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  719.066774][T16716]  ? lockdep_hardirqs_on+0x99/0x150
[  719.071964][T16716]  __do_fast_syscall_32+0xb4/0x110
[  719.077102][T16716]  ? exc_page_fault+0x590/0x8c0
[  719.081951][T16716]  do_fast_syscall_32+0x34/0x80
[  719.086804][T16716]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  719.093137][T16716] RIP: 0023:0xf73dd579
[  719.097263][T16716] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  719.116877][T16716] RSP: 002b:00000000f56c656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  719.125297][T16716] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  719.133274][T16716] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  719.141308][T16716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  719.149274][T16716] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  719.157252][T16716] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  719.165232][T16716]  </TASK>
[  719.233438][ T1173] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  719.437473][ T1173] usb 2-1: config 0 has no interfaces?
[  719.636989][ T1173] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  719.646811][ T1173] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  719.654937][ T1173] usb 2-1: Product: syz
[  719.659102][ T1173] usb 2-1: Manufacturer: syz
[  719.663817][ T1173] usb 2-1: SerialNumber: syz
[  719.674377][ T1173] usb 2-1: config 0 descriptor??
[  719.734581][T16729] netlink: 'syz.4.2719': attribute type 9 has an invalid length.
[  719.803443][T16729] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.2719'.
[  720.151552][T16708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  720.319128][T16749] FAULT_INJECTION: forcing a failure.
[  720.319128][T16749] name failslab, interval 1, probability 0, space 0, times 0
[  720.350988][T16749] CPU: 0 UID: 0 PID: 16749 Comm: syz.3.2726 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  720.361777][T16749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  720.371847][T16749] Call Trace:
[  720.375125][T16749]  <TASK>
[  720.378051][T16749]  dump_stack_lvl+0x241/0x360
[  720.382726][T16749]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.387919][T16749]  ? __pfx__printk+0x10/0x10
[  720.392501][T16749]  ? fs_reclaim_acquire+0x93/0x130
[  720.397630][T16749]  ? __pfx___might_resched+0x10/0x10
[  720.402949][T16749]  ? dynamic_dname+0x141/0x1b0
[  720.407748][T16749]  should_fail_ex+0x3b0/0x4e0
[  720.412466][T16749]  ? tomoyo_encode+0x26f/0x540
[  720.417717][T16749]  should_failslab+0xac/0x100
[  720.422573][T16749]  ? tomoyo_encode+0x26f/0x540
[  720.427334][T16749]  __kmalloc_noprof+0xd8/0x400
[  720.432367][T16749]  tomoyo_encode+0x26f/0x540
[  720.436976][T16749]  ? __pfx_sockfs_dname+0x10/0x10
[  720.442011][T16749]  tomoyo_realpath_from_path+0x59e/0x5e0
[  720.447654][T16749]  tomoyo_path_number_perm+0x23a/0x880
[  720.453112][T16749]  ? tomoyo_path_number_perm+0x208/0x880
[  720.458732][T16749]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  720.464711][T16749]  ? __pfx_lock_acquire+0x10/0x10
[  720.469759][T16749]  ? __fget_files+0x29/0x470
[  720.474360][T16749]  ? __fget_files+0x3f3/0x470
[  720.479134][T16749]  security_file_ioctl_compat+0xc6/0x2a0
[  720.484768][T16749]  __se_compat_sys_ioctl+0xd6/0xc90
[  720.489966][T16749]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  720.495775][T16749]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  720.501793][T16749]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  720.508136][T16749]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  720.514744][T16749]  ? lockdep_hardirqs_on+0x99/0x150
[  720.519966][T16749]  __do_fast_syscall_32+0xb4/0x110
[  720.525106][T16749]  ? exc_page_fault+0x590/0x8c0
[  720.529965][T16749]  do_fast_syscall_32+0x34/0x80
[  720.534920][T16749]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  720.541248][T16749] RIP: 0023:0xf7f50579
[  720.545320][T16749] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  720.564924][T16749] RSP: 002b:00000000f56d656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  720.573332][T16749] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089a2
[  720.581339][T16749] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  720.589328][T16749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  720.597305][T16749] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  720.605274][T16749] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  720.613256][T16749]  </TASK>
[  720.619115][T16749] ERROR: Out of memory at tomoyo_realpath_from_path.
[  720.628060][T16749] bridge0: port 1(syz_tun) entered blocking state
[  720.635923][T16749] bridge0: port 1(syz_tun) entered disabled state
[  720.642697][T16749] syz_tun: entered allmulticast mode
[  720.693834][T16749] syz_tun: entered promiscuous mode
[  720.709222][T16749] bridge0: port 1(syz_tun) entered blocking state
[  720.715880][T16749] bridge0: port 1(syz_tun) entered forwarding state
[  720.807806][T16708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  720.950785][T16708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  720.974339][T16761] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2732'.
[  721.013779][T16708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.101070][T16764] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  721.159814][T16767] netlink: 'syz.3.2733': attribute type 9 has an invalid length.
[  721.184179][T16767] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.2733'.
[  721.614485][T15777] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  721.713647][ T1173] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  721.858045][T15777] usb 5-1: config 0 has no interfaces?
[  721.864620][ T1173] usb 3-1: too many configurations: 118, using maximum allowed: 8
[  721.875242][ T1173] usb 3-1: unable to read config index 0 descriptor/start: -61
[  721.883479][ T1173] usb 3-1: can't read configurations, error -61
[  721.898007][T15777] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  721.930497][T15777] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.977000][T15777] usb 5-1: Product: syz
[  721.987888][T15777] usb 5-1: Manufacturer: syz
[  721.995453][T15777] usb 5-1: SerialNumber: syz
[  722.025948][T15777] usb 5-1: config 0 descriptor??
[  722.043467][ T1173] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  722.183494][T16792] loop6: detected capacity change from 0 to 1
[  722.214039][ T1173] usb 3-1: too many configurations: 118, using maximum allowed: 8
[  722.230824][ T1173] usb 3-1: unable to read config index 0 descriptor/start: -61
[  722.242566][ T1173] usb 3-1: can't read configurations, error -61
[  722.249448][T16792] Dev loop6: unable to read RDB block 1
[  722.263059][ T1173] usb usb3-port1: attempt power cycle
[  722.270779][T16792]  loop6: unable to read partition table
[  722.294218][T16792] loop6: partition table beyond EOD, truncated
[  722.300432][T16792] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  722.300432][T16792] 
) failed (rc=-5)
[  722.441809][T15782] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  722.491629][T15777] usb 2-1: USB disconnect, device number 12
[  722.586262][T16794] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2746'.
[  722.616362][T16796] FAULT_INJECTION: forcing a failure.
[  722.616362][T16796] name failslab, interval 1, probability 0, space 0, times 0
[  722.629420][T15782] usb 1-1: Using ep0 maxpacket: 32
[  722.635574][T16796] CPU: 0 UID: 0 PID: 16796 Comm: syz.1.2747 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  722.646391][T16796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  722.646970][ T1173] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  722.656457][T16796] Call Trace:
[  722.656476][T16796]  <TASK>
[  722.656485][T16796]  dump_stack_lvl+0x241/0x360
[  722.656514][T16796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  722.680147][T16796]  ? __pfx__printk+0x10/0x10
[  722.684775][T16796]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  722.690784][T16796]  ? __pfx___might_resched+0x10/0x10
[  722.696099][T16796]  should_fail_ex+0x3b0/0x4e0
[  722.700801][T16796]  should_failslab+0xac/0x100
[  722.705480][T16796]  ? __alloc_skb+0x1c3/0x440
[  722.710076][T16796]  kmem_cache_alloc_node_noprof+0x71/0x320
[  722.715894][T16796]  __alloc_skb+0x1c3/0x440
[  722.720312][T16796]  ? __pfx___alloc_skb+0x10/0x10
[  722.725248][T16796]  ? netlink_autobind+0xd6/0x2f0
[  722.730180][T16796]  ? netlink_autobind+0x2b0/0x2f0
[  722.735206][T16796]  netlink_sendmsg+0x638/0xcb0
[  722.739980][T16796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  722.745269][T16796]  ? __pfx_lock_release+0x10/0x10
[  722.750299][T16796]  ? aa_sock_msg_perm+0x91/0x160
[  722.755675][T16796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  722.760962][T16796]  __sock_sendmsg+0x221/0x270
[  722.765646][T16796]  ____sys_sendmsg+0x52a/0x7e0
[  722.770416][T16796]  ? __pfx_____sys_sendmsg+0x10/0x10
[  722.775709][T16796]  __sys_sendmsg+0x292/0x380
[  722.780299][T16796]  ? __pfx___sys_sendmsg+0x10/0x10
[  722.785512][T16796]  ? __pfx_vfs_write+0x10/0x10
[  722.790392][T16796]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  722.796988][T16796]  ? lockdep_hardirqs_on+0x99/0x150
[  722.802183][T16796]  __do_fast_syscall_32+0xb4/0x110
[  722.807296][T16796]  ? exc_page_fault+0x590/0x8c0
[  722.812152][T16796]  do_fast_syscall_32+0x34/0x80
[  722.817000][T16796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  722.823340][T16796] RIP: 0023:0xf748d579
[  722.827412][T16796] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  722.847035][T16796] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  722.855470][T16796] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000400
[  722.863440][T16796] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  722.871405][T16796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  722.879387][T16796] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  722.887378][T16796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  722.895361][T16796]  </TASK>
[  722.947463][T16794] lo: entered allmulticast mode
[  722.971573][ T1173] usb 3-1: too many configurations: 118, using maximum allowed: 8
[  723.019473][T15782] usb 1-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[  723.029354][T15782] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.037783][T15782] usb 1-1: Product: syz
[  723.042428][T15782] usb 1-1: Manufacturer: syz
[  723.047291][T15782] usb 1-1: SerialNumber: syz
[  723.057206][T15782] usb 1-1: config 0 descriptor??
[  723.094251][ T1173] usb 3-1: unable to read config index 0 descriptor/start: -61
[  723.138286][ T1173] usb 3-1: can't read configurations, error -61
[  723.268976][T16791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.304723][T16791] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  723.318206][ T1173] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  723.328112][ T5302] usb 1-1: USB disconnect, device number 33
[  723.375679][ T1173] usb 3-1: too many configurations: 118, using maximum allowed: 8
[  723.387150][ T1173] usb 3-1: unable to read config index 0 descriptor/start: -61
[  723.395852][ T1173] usb 3-1: can't read configurations, error -61
[  723.402465][ T1173] usb usb3-port1: unable to enumerate USB device
[  723.769679][T16809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2752'.
[  723.810127][T16809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2752'.
[  724.978987][T16841] FAULT_INJECTION: forcing a failure.
[  724.978987][T16841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  725.007089][T16841] CPU: 0 UID: 0 PID: 16841 Comm: syz.1.2765 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  725.018183][T16841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  725.028297][T16841] Call Trace:
[  725.031577][T16841]  <TASK>
[  725.034542][T16841]  dump_stack_lvl+0x241/0x360
[  725.039242][T16841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  725.044639][T16841]  ? __pfx__printk+0x10/0x10
[  725.049244][T16841]  ? __pfx_lock_release+0x10/0x10
[  725.054294][T16841]  should_fail_ex+0x3b0/0x4e0
[  725.059006][T16841]  _copy_from_user+0x2f/0xe0
[  725.063624][T16841]  get_compat_msghdr+0xae/0x730
[  725.068491][T16841]  ? __fget_files+0x29/0x470
[  725.073081][T16841]  ? __pfx_get_compat_msghdr+0x10/0x10
[  725.078538][T16841]  ? __fget_files+0x3f3/0x470
[  725.083253][T16841]  __sys_sendmsg+0x25d/0x380
[  725.087880][T16841]  ? __pfx___sys_sendmsg+0x10/0x10
[  725.092956][T16843] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  725.093027][T16841]  ? __pfx_vfs_write+0x10/0x10
[  725.106240][T16841]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  725.112866][T16841]  ? lockdep_hardirqs_on+0x99/0x150
[  725.118106][T16841]  __do_fast_syscall_32+0xb4/0x110
[  725.123263][T16841]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  725.129700][T16841]  ? lockdep_hardirqs_on+0x99/0x150
[  725.134935][T16841]  do_fast_syscall_32+0x34/0x80
[  725.139828][T16841]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  725.146303][T16841] RIP: 0023:0xf748d579
[  725.150406][T16841] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  725.170140][T16841] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  725.178600][T16841] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001200
[  725.186616][T16841] RDX: 0000000004000080 RSI: 0000000000000000 RDI: 0000000000000000
[  725.194631][T16841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  725.202636][T16841] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  725.210695][T16841] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  725.218720][T16841]  </TASK>
[  725.296078][ T1173] usb 5-1: USB disconnect, device number 19
[  725.539503][T16857] FAULT_INJECTION: forcing a failure.
[  725.539503][T16857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  725.564793][ T1173] IPVS: starting estimator thread 0...
[  725.579035][T16861] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2774'.
[  725.599986][T16857] CPU: 0 UID: 0 PID: 16857 Comm: syz.3.2771 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  725.610881][T16857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  725.610907][T16857] Call Trace:
[  725.610916][T16857]  <TASK>
[  725.610926][T16857]  dump_stack_lvl+0x241/0x360
[  725.610958][T16857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  725.610979][T16857]  ? __pfx__printk+0x10/0x10
[  725.611005][T16857]  ? snprintf+0xda/0x120
[  725.611029][T16857]  should_fail_ex+0x3b0/0x4e0
[  725.611062][T16857]  _copy_to_user+0x2f/0xb0
[  725.655168][T16857]  simple_read_from_buffer+0xca/0x150
[  725.660595][T16857]  proc_fail_nth_read+0x1e9/0x250
[  725.665679][T16857]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  725.671280][T16857]  ? rw_verify_area+0x55e/0x6f0
[  725.676176][T16857]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  725.681761][T16857]  vfs_read+0x201/0xbc0
[  725.685983][T16857]  ? __pfx_lock_release+0x10/0x10
[  725.691059][T16857]  ? __pfx_vfs_read+0x10/0x10
[  725.695785][T16857]  ? __fget_files+0x3f3/0x470
[  725.700511][T16857]  ? fdget_pos+0x24e/0x320
[  725.704967][T16857]  ksys_read+0x183/0x2b0
[  725.709224][T16857]  ? __pfx_ksys_read+0x10/0x10
[  725.713991][T16857]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  725.720577][T16857]  ? lockdep_hardirqs_on+0x99/0x150
[  725.725775][T16857]  __do_fast_syscall_32+0xb4/0x110
[  725.730889][T16857]  ? exc_page_fault+0x590/0x8c0
[  725.735753][T16857]  do_fast_syscall_32+0x34/0x80
[  725.740601][T16857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  725.746942][T16857] RIP: 0023:0xf7f50579
[  725.751122][T16857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  725.770753][T16857] RSP: 002b:00000000f56d65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  725.779180][T16857] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56d6620
[  725.787152][T16857] RDX: 000000000000000f RSI: 00000000f73dbff4 RDI: 0000000000000000
[  725.795219][T16857] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  725.803190][T16857] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  725.811426][T16857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  725.819410][T16857]  </TASK>
[  725.893423][T16859] IPVS: using max 17 ests per chain, 40800 per kthread
[  726.084231][ T1173] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  726.193445][T16872] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  726.265816][ T1173] usb 3-1: Using ep0 maxpacket: 8
[  726.285137][ T1173] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  726.294031][ T1173] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  726.304078][T15777] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  726.314164][ T1173] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  726.319193][T16877] syz.0.2780: attempt to access beyond end of device
[  726.319193][T16877] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  726.333298][ T1173] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  726.356146][ T1173] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  726.377169][ T1173] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  726.398609][ T1173] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.604678][T15777] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  726.644180][T15777] usb 2-1: config 0 has no interfaces?
[  726.692080][ T1173] usb 3-1: usb_control_msg returned -32
[  726.698826][T16861] =======================================================
[  726.698826][T16861] WARNING: The mand mount option has been deprecated and
[  726.698826][T16861]          and is ignored by this kernel. Remove the mand
[  726.698826][T16861]          option from the mount to silence this warning.
[  726.698826][T16861] =======================================================
[  726.734074][ T1173] usbtmc 3-1:16.0: can't read capabilities
[  726.747768][T15779] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  726.982477][T15777] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  726.997589][T15779] usb 5-1: config 0 has no interfaces?
[  727.006597][T15777] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.030769][T15779] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  727.040108][T15777] usb 2-1: Product: syz
[  727.044867][T15777] usb 2-1: Manufacturer: syz
[  727.049532][T15777] usb 2-1: SerialNumber: syz
[  727.055246][T15779] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.065426][T15779] usb 5-1: Product: syz
[  727.070530][T15779] usb 5-1: Manufacturer: syz
[  727.078930][T15777] usb 2-1: config 0 descriptor??
[  727.086660][T15779] usb 5-1: SerialNumber: syz
[  727.169952][T15779] usb 5-1: config 0 descriptor??
[  727.254530][T16894] netlink: 'syz.3.2784': attribute type 9 has an invalid length.
[  727.295392][T16894] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.2784'.
[  727.353975][T16887] usbtmc 3-1:16.0: usb_control_msg returned -71
[  727.384570][T15783] usb 3-1: USB disconnect, device number 30
[  727.628397][T16900] input: syz0 as /devices/virtual/input/input66
[  728.196536][T15166] syz_tun (unregistering): left allmulticast mode
[  728.304314][T15166] syz_tun (unregistering): left promiscuous mode
[  728.316079][T15166] bridge0: port 1(syz_tun) entered disabled state
[  728.673876][T16915] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  729.343774][T16923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2799'.
[  729.397576][T15783] usb 2-1: USB disconnect, device number 13
[  729.566925][ T5241] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  729.578248][ T5241] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  729.587715][ T5241] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  729.596880][ T5241] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  729.606865][ T5241] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  729.614317][ T5241] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  729.815050][    T9] usb 5-1: USB disconnect, device number 20
[  730.221462][T16945] netlink: 'syz.3.2809': attribute type 9 has an invalid length.
[  730.323450][T16945] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.2809'.
[  730.992266][T16967] netlink: 768 bytes leftover after parsing attributes in process `syz.4.2814'.
[  731.044301][T16967] netlink: 9772 bytes leftover after parsing attributes in process `syz.4.2814'.
[  731.097468][T16968] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2814'.
[  731.348574][T16970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2815'.
[  731.591003][T16978] loop6: detected capacity change from 0 to 1
[  731.600071][T16978] Dev loop6: unable to read RDB block 1
[  731.605923][T16978]  loop6: unable to read partition table
[  731.611931][T16978] loop6: partition table beyond EOD, truncated
[  731.620986][T16978] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  731.620986][T16978] 
) failed (rc=-5)
[  731.718088][T12434] Bluetooth: hci8: command tx timeout
[  731.788222][T15783] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  731.939130][T16984] netlink: 'syz.3.2822': attribute type 9 has an invalid length.
[  731.948901][T16984] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.2822'.
[  732.022108][T15783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  732.042190][T15783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  732.108087][T15783] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  732.127951][T15783] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  732.180160][T15783] usb 1-1: config 0 descriptor??
[  732.486225][   T64] bond0 (unregistering): Released all slaves
[  732.524166][T16974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2818'.
[  732.533645][T16974] tipc: Resetting bearer <eth:team0>
[  732.623591][T15783] keytouch 0003:0926:3333.0026: fixing up Keytouch IEC report descriptor
[  732.662537][T16974] tipc: Disabling bearer <eth:team0>
[  732.677766][T15783] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0026/input/input67
[  732.850582][T15783] keytouch 0003:0926:3333.0026: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  732.876955][T16974] team0 (unregistering): Port device team_slave_0 removed
[  732.902892][T15783] usb 1-1: USB disconnect, device number 34
[  732.968598][T16974] team0 (unregistering): Port device team_slave_1 removed
[  733.051029][T16927] chnl_net:caif_netlink_parms(): no params data found
[  733.596740][T16927] bridge0: port 1(bridge_slave_0) entered blocking state
[  733.604977][T17023] netlink: 'syz.3.2832': attribute type 9 has an invalid length.
[  733.612758][T17023] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.2832'.
[  733.637377][T16927] bridge0: port 1(bridge_slave_0) entered disabled state
[  733.659466][T16927] bridge_slave_0: entered allmulticast mode
[  733.722975][T16927] bridge_slave_0: entered promiscuous mode
[  733.794675][T12434] Bluetooth: hci8: command tx timeout
[  733.815434][T16927] bridge0: port 2(bridge_slave_1) entered blocking state
[  733.822595][T16927] bridge0: port 2(bridge_slave_1) entered disabled state
[  733.930350][T16927] bridge_slave_1: entered allmulticast mode
[  733.992690][T16927] bridge_slave_1: entered promiscuous mode
[  734.116089][T17033] netlink: 'syz.0.2834': attribute type 29 has an invalid length.
[  734.172537][T17038] netlink: 'syz.0.2834': attribute type 29 has an invalid length.
[  734.465799][T17060] FAULT_INJECTION: forcing a failure.
[  734.465799][T17060] name failslab, interval 1, probability 0, space 0, times 0
[  734.479726][T17060] CPU: 1 UID: 0 PID: 17060 Comm: syz.3.2842 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  734.490543][T17060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  734.500624][T17060] Call Trace:
[  734.503931][T17060]  <TASK>
[  734.506896][T17060]  dump_stack_lvl+0x241/0x360
[  734.511603][T17060]  ? __pfx_dump_stack_lvl+0x10/0x10
[  734.516829][T17060]  ? __pfx__printk+0x10/0x10
[  734.521454][T17060]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  734.527476][T17060]  ? __pfx___might_resched+0x10/0x10
[  734.532803][T17060]  should_fail_ex+0x3b0/0x4e0
[  734.537524][T17060]  should_failslab+0xac/0x100
[  734.542239][T17060]  ? __alloc_skb+0x1c3/0x440
[  734.546864][T17060]  kmem_cache_alloc_node_noprof+0x71/0x320
[  734.552715][T17060]  __alloc_skb+0x1c3/0x440
[  734.557172][T17060]  ? __pfx___alloc_skb+0x10/0x10
[  734.562149][T17060]  ? netlink_autobind+0xd6/0x2f0
[  734.567116][T17060]  ? netlink_autobind+0x2b0/0x2f0
[  734.572180][T17060]  netlink_sendmsg+0x638/0xcb0
[  734.576997][T17060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  734.582318][T17060]  ? __pfx_lock_release+0x10/0x10
[  734.587379][T17060]  ? aa_sock_msg_perm+0x91/0x160
[  734.592333][T17060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  734.597626][T17060]  __sock_sendmsg+0x221/0x270
[  734.602313][T17060]  ____sys_sendmsg+0x52a/0x7e0
[  734.607447][T17060]  ? __pfx_____sys_sendmsg+0x10/0x10
[  734.612829][T17060]  __sys_sendmsg+0x292/0x380
[  734.617430][T17060]  ? __pfx___sys_sendmsg+0x10/0x10
[  734.622548][T17060]  ? __pfx_vfs_write+0x10/0x10
[  734.627334][T17060]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  734.633926][T17060]  ? lockdep_hardirqs_on+0x99/0x150
[  734.639125][T17060]  __do_fast_syscall_32+0xb4/0x110
[  734.644267][T17060]  ? exc_page_fault+0x590/0x8c0
[  734.649120][T17060]  do_fast_syscall_32+0x34/0x80
[  734.653971][T17060]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  734.660307][T17060] RIP: 0023:0xf7f50579
[  734.664373][T17060] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  734.683981][T17060] RSP: 002b:00000000f56d656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  734.692400][T17060] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001200
[  734.700379][T17060] RDX: 0000000004000080 RSI: 0000000000000000 RDI: 0000000000000000
[  734.708353][T17060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  734.716424][T17060] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  734.724391][T17060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  734.732380][T17060]  </TASK>
[  734.819640][   T64] hsr_slave_0: left promiscuous mode
[  734.867336][   T64] hsr_slave_1: left promiscuous mode
[  735.873356][T12434] Bluetooth: hci8: command tx timeout
[  736.936194][T15783] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  737.199397][T17123] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2865'.
[  737.214373][T17123] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2865'.
[  737.955039][ T5241] Bluetooth: hci8: command tx timeout
[  738.067357][T17125] netlink: 'syz.0.2868': attribute type 9 has an invalid length.
[  738.076278][T17125] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.2868'.
[  738.399389][T16927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  738.454255][T16927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  738.673736][T16927] team0: Port device team_slave_0 added
[  738.728713][T16927] team0: Port device team_slave_1 added
[  739.009995][T17152] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2876'.
[  739.033886][T17154] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2875'.
[  739.084792][T16927] batman_adv: batadv0: Adding interface: batadv_slave_0
[  739.091791][T16927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  739.117754][    C0] vkms_vblank_simulate: vblank timer overrun
[  739.125666][T16927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  739.138402][T16927] batman_adv: batadv0: Adding interface: batadv_slave_1
[  739.145440][T16927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  739.171419][    C0] vkms_vblank_simulate: vblank timer overrun
[  739.178965][T16927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  739.314009][    T9] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  739.351952][T17164] FAULT_INJECTION: forcing a failure.
[  739.351952][T17164] name failslab, interval 1, probability 0, space 0, times 0
[  739.384994][T17164] CPU: 0 UID: 0 PID: 17164 Comm: syz.0.2880 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  739.395944][T17164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  739.406247][T17164] Call Trace:
[  739.409558][T17164]  <TASK>
[  739.412516][T17164]  dump_stack_lvl+0x241/0x360
[  739.417244][T17164]  ? __pfx_dump_stack_lvl+0x10/0x10
[  739.422493][T17164]  ? __pfx__printk+0x10/0x10
[  739.427215][T17164]  ? __kmalloc_noprof+0xb0/0x400
[  739.432203][T17164]  ? __pfx___might_resched+0x10/0x10
[  739.437539][T17164]  should_fail_ex+0x3b0/0x4e0
[  739.442270][T17164]  ? new_nbp+0x29/0x430
[  739.446544][T17164]  should_failslab+0xac/0x100
[  739.451268][T17164]  ? new_nbp+0x29/0x430
[  739.455463][T17164]  __kmalloc_noprof+0xd8/0x400
[  739.460288][T17164]  new_nbp+0x29/0x430
[  739.464308][T17164]  ? mutex_is_locked+0x12/0x50
[  739.469111][T17164]  br_add_if+0x28d/0xef0
[  739.473403][T17164]  ? apparmor_capable+0x13b/0x1b0
[  739.478471][T17164]  ? security_capable+0x7e/0x2d0
[  739.483454][T17164]  br_ioctl_stub+0x32b/0xb00
[  739.488086][T17164]  ? __pfx_br_ioctl_stub+0x10/0x10
[  739.493221][T17164]  ? __rtnl_unlock+0xcc/0xf0
[  739.497831][T17164]  ? br_ioctl_call+0x57/0xb0
[  739.502457][T17164]  ? __pfx___mutex_lock+0x10/0x10
[  739.507516][T17164]  ? __pfx_netdev_run_todo+0x10/0x10
[  739.512838][T17164]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  739.519390][T17164]  ? __pfx_br_ioctl_stub+0x10/0x10
[  739.524554][T17164]  br_ioctl_call+0x7d/0xb0
[  739.529036][T17164]  dev_ifsioc+0xc20/0xe70
[  739.533403][T17164]  ? __pfx_dev_ifsioc+0x10/0x10
[  739.538283][T17164]  ? dev_load+0x21/0x1f0
[  739.542558][T17164]  dev_ioctl+0x719/0x1340
[  739.546927][T17164]  sock_do_ioctl+0x240/0x460
[  739.551612][T17164]  ? __pfx_sock_do_ioctl+0x10/0x10
[  739.556782][T17164]  compat_sock_ioctl+0xc84/0xf20
[  739.561775][T17164]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  739.567280][T17164]  ? __fget_files+0x29/0x470
[  739.571906][T17164]  ? __fget_files+0x3f3/0x470
[  739.576637][T17164]  __se_compat_sys_ioctl+0x510/0xc90
[  739.581987][T17164]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  739.587838][T17164]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  739.593847][T17164]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  739.600188][T17164]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  739.606797][T17164]  ? lockdep_hardirqs_on+0x99/0x150
[  739.611998][T17164]  __do_fast_syscall_32+0xb4/0x110
[  739.617120][T17164]  ? exc_page_fault+0x590/0x8c0
[  739.622012][T17164]  do_fast_syscall_32+0x34/0x80
[  739.626884][T17164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  739.633209][T17164] RIP: 0023:0xf7fb2579
[  739.637299][T17164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  739.656936][T17164] RSP: 002b:00000000f573656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  739.665362][T17164] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089a2
[  739.673351][T17164] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  739.681428][T17164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  739.689420][T17164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  739.697392][T17164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  739.705375][T17164]  </TASK>
[  739.708503][    C0] vkms_vblank_simulate: vblank timer overrun
[  739.722172][ T5241] Bluetooth: hci5: command 0x0406 tx timeout
[  739.750918][    T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  739.764929][T17169] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2881'.
[  739.776333][    T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 109, changing to 10
[  739.791149][    T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 42584, setting to 1024
[  739.794995][T16927] hsr_slave_0: entered promiscuous mode
[  739.812738][    T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  739.822203][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  739.836187][T17156] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  739.844887][T16927] hsr_slave_1: entered promiscuous mode
[  739.851706][T16927] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  739.864207][    T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  739.893352][T16927] Cannot create hsr debugfs directory
[  740.070808][T15777] usb 5-1: USB disconnect, device number 21
[  740.577658][T17188] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2888'.
[  740.589439][T17191] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2890'.
[  740.606174][T17192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2889'.
[  740.945884][T17205] netlink: 'syz.1.2892': attribute type 29 has an invalid length.
[  741.017221][T17209] netlink: 'syz.1.2892': attribute type 29 has an invalid length.
[  741.402661][T17221] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  741.421874][T17221] IPVS: set_ctl: invalid protocol: 8483 0.0.0.0:0
[  741.473634][T17225] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2900'.
[  741.645636][T16927] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  741.703530][T16927] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  741.764042][T16927] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  741.864162][T16927] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  742.013480][ T5302] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  742.060110][T16927] 8021q: adding VLAN 0 to HW filter on device bond0
[  742.104246][T15779] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  742.183171][T16927] 8021q: adding VLAN 0 to HW filter on device team0
[  742.251828][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.259029][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  742.279791][T15779] usb 5-1: Using ep0 maxpacket: 16
[  742.304822][ T5302] usb 4-1: config 0 has no interfaces?
[  742.311709][T17252] __nla_validate_parse: 1 callbacks suppressed
[  742.311730][T17252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2909'.
[  742.318262][T15779] usb 5-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  742.338286][T15779] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  742.350346][ T5302] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  742.370465][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.373552][ T5302] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  742.377654][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  742.385937][ T5302] usb 4-1: Product: syz
[  742.397243][ T5302] usb 4-1: Manufacturer: syz
[  742.402001][ T5302] usb 4-1: SerialNumber: syz
[  742.410076][ T5302] usb 4-1: config 0 descriptor??
[  742.415370][T15779] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  742.424664][T15779] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  742.432745][T15779] usb 5-1: Product: syz
[  742.437759][T15779] usb 5-1: Manufacturer: syz
[  742.442403][T15779] usb 5-1: SerialNumber: syz
[  742.667482][T17240] sctp: [Deprecated]: syz.4.2905 (pid 17240) Use of struct sctp_assoc_value in delayed_ack socket option.
[  742.667482][T17240] Use struct sctp_sack_info instead
[  742.812586][T17262] FAULT_INJECTION: forcing a failure.
[  742.812586][T17262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  742.886617][T17262] CPU: 1 UID: 0 PID: 17262 Comm: syz.1.2911 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  742.897458][T17262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  742.907544][T17262] Call Trace:
[  742.907951][T17265] loop6: detected capacity change from 0 to 1
[  742.910829][T17262]  <TASK>
[  742.910843][T17262]  dump_stack_lvl+0x241/0x360
[  742.910874][T17262]  ? __pfx_dump_stack_lvl+0x10/0x10
[  742.929754][T17262]  ? __pfx__printk+0x10/0x10
[  742.934385][T17262]  ? __pfx_lock_release+0x10/0x10
[  742.939464][T17262]  should_fail_ex+0x3b0/0x4e0
[  742.944189][T17262]  _copy_from_iter+0x1ed/0x1d60
[  742.949096][T17262]  ? __virt_addr_valid+0x183/0x530
[  742.952094][T17265] Dev loop6: unable to read RDB block 1
[  742.954219][T17262]  ? __pfx_lock_release+0x10/0x10
[  742.954257][T17262]  ? __alloc_skb+0x28f/0x440
[  742.954276][T17262]  ? __pfx__copy_from_iter+0x10/0x10
[  742.954301][T17262]  ? __virt_addr_valid+0x183/0x530
[  742.954320][T17262]  ? __virt_addr_valid+0x183/0x530
[  742.954339][T17262]  ? __virt_addr_valid+0x45f/0x530
[  742.954359][T17262]  ? __check_object_size+0x48e/0x900
[  742.954385][T17262]  netlink_sendmsg+0x73d/0xcb0
[  742.989325][T17265]  loop6: unable to read partition table
[  742.990147][T17262]  ? __pfx_netlink_sendmsg+0x10/0x10
[  743.007995][T17265] loop6: partition table beyond EOD, 
[  743.011066][T17262]  ? __pfx_lock_release+0x10/0x10
[  743.011103][T17262]  ? aa_sock_msg_perm+0x91/0x160
[  743.026491][T17262]  ? __pfx_netlink_sendmsg+0x10/0x10
[  743.031822][T17262]  __sock_sendmsg+0x221/0x270
[  743.036231][T17265] truncated
[  743.036528][T17262]  ____sys_sendmsg+0x52a/0x7e0
[  743.044445][T17262]  ? __pfx_____sys_sendmsg+0x10/0x10
[  743.049785][T17262]  __sys_sendmsg+0x292/0x380
[  743.050353][T17265] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  743.050353][T17265] 
) failed (rc=-5)
[  743.054393][T17262]  ? __pfx___sys_sendmsg+0x10/0x10
[  743.054429][T17262]  ? __pfx_vfs_write+0x10/0x10
[  743.054480][T17262]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  743.054508][T17262]  ? lockdep_hardirqs_on+0x99/0x150
[  743.054529][T17262]  __do_fast_syscall_32+0xb4/0x110
[  743.054551][T17262]  ? exc_page_fault+0x590/0x8c0
[  743.099651][T17262]  do_fast_syscall_32+0x34/0x80
[  743.104539][T17262]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  743.110897][T17262] RIP: 0023:0xf748d579
[  743.114971][T17262] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  743.134582][T17262] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  743.143008][T17262] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000400
[  743.150985][T17262] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  743.158973][T17262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  743.166951][T17262] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  743.174936][T17262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  743.182941][T17262]  </TASK>
[  743.186080][    C1] vkms_vblank_simulate: vblank timer overrun
[  743.228969][T16927] 8021q: adding VLAN 0 to HW filter on device batadv0
[  743.377983][T16927] veth0_vlan: entered promiscuous mode
[  743.472552][T16927] veth1_vlan: entered promiscuous mode
[  743.507058][T16927] veth0_macvtap: entered promiscuous mode
[  743.517006][T16927] veth1_macvtap: entered promiscuous mode
[  743.537282][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.547842][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.558013][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.569307][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.579903][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.590467][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.600482][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.611070][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.621058][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.631604][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.641777][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.652395][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.665095][T16927] batman_adv: batadv0: Interface activated: batadv_slave_0
[  743.688495][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.699202][T15779] usb 5-1: 0:2 : does not exist
[  743.708418][T15779] usb 5-1: 5:0: cannot get min/max values for control 4 (id 5)
[  743.721094][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.733087][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.745536][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.756622][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.763737][T15779] usb 5-1: 5:0: cannot get min/max values for control 5 (id 5)
[  743.768330][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.786411][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.797383][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.807276][T15779] usb 5-1: 5:0: cannot get min/max values for control 5 (id 5)
[  743.817531][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.821637][T15779] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  743.828885][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.845494][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.857101][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.869183][T16927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  743.881244][T16927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.919467][T16927] batman_adv: batadv0: Interface activated: batadv_slave_1
[  743.968717][T15779] usb 5-1: 5:0: cannot get min/max values for control 5 (id 5)
[  743.986718][T17277] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2914'.
[  744.001607][T15779] usb 5-1: USB disconnect, device number 22
[  744.017840][T17280] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2913'.
[  744.050639][T15603] udevd[15603]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  744.095167][T16927] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  744.184103][T16927] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  744.192881][T16927] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  744.217547][T16927] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  744.337611][T17286] netlink: 'syz.0.2915': attribute type 29 has an invalid length.
[  744.392479][T17292] netlink: 'syz.0.2915': attribute type 29 has an invalid length.
[  744.513597][ T5241] Bluetooth: hci4: command 0x0406 tx timeout
[  744.741946][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  744.784290][T17299] netlink: 'syz.1.2918': attribute type 9 has an invalid length.
[  744.795127][T17299] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.2918'.
[  744.827170][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  744.861988][T17307] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2920'.
[  744.907041][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  744.937096][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  745.045803][T17312] FAULT_INJECTION: forcing a failure.
[  745.045803][T17312] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.071867][T17312] CPU: 1 UID: 0 PID: 17312 Comm: syz.1.2921 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  745.082824][T17312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  745.092923][T17312] Call Trace:
[  745.096238][T17312]  <TASK>
[  745.099200][T17312]  dump_stack_lvl+0x241/0x360
[  745.103922][T17312]  ? __pfx_dump_stack_lvl+0x10/0x10
[  745.109168][T17312]  ? __pfx__printk+0x10/0x10
[  745.113803][T17312]  ? snprintf+0xda/0x120
[  745.118096][T17312]  should_fail_ex+0x3b0/0x4e0
[  745.122826][T17312]  _copy_to_user+0x2f/0xb0
[  745.127296][T17312]  simple_read_from_buffer+0xca/0x150
[  745.132718][T17312]  proc_fail_nth_read+0x1e9/0x250
[  745.137793][T17312]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  745.143386][T17312]  ? rw_verify_area+0x55e/0x6f0
[  745.148264][T17312]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  745.153914][T17312]  vfs_read+0x201/0xbc0
[  745.158078][T17312]  ? __pfx_lock_release+0x10/0x10
[  745.163206][T17312]  ? __pfx_vfs_read+0x10/0x10
[  745.167897][T17312]  ? __fget_files+0x3f3/0x470
[  745.172587][T17312]  ? fdget_pos+0x24e/0x320
[  745.177066][T17312]  ksys_read+0x183/0x2b0
[  745.181327][T17312]  ? __pfx_ksys_read+0x10/0x10
[  745.186107][T17312]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  745.192707][T17312]  ? lockdep_hardirqs_on+0x99/0x150
[  745.197908][T17312]  __do_fast_syscall_32+0xb4/0x110
[  745.203028][T17312]  ? exc_page_fault+0x590/0x8c0
[  745.207915][T17312]  do_fast_syscall_32+0x34/0x80
[  745.212778][T17312]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  745.219131][T17312] RIP: 0023:0xf748d579
[  745.223211][T17312] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  745.242831][T17312] RSP: 002b:00000000f57765a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  745.251256][T17312] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5776620
[  745.259233][T17312] RDX: 000000000000000f RSI: 00000000f747bff4 RDI: 0000000000000000
[  745.267206][T17312] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  745.275180][T17312] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  745.283155][T17312] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  745.291229][T17312]  </TASK>
[  745.294370][    C1] vkms_vblank_simulate: vblank timer overrun
[  745.376217][T15782] usb 4-1: USB disconnect, device number 33
[  745.452925][T17319] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2924'.
[  745.618292][T17327] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2925'.
[  745.937504][T17345] netlink: 'syz.4.2931': attribute type 9 has an invalid length.
[  746.023492][T17345] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.2931'.
[  746.385894][T17367] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2939'.
[  746.479504][T17371] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2938'.
[  746.754471][ T1173] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  746.951476][ T1173] usb 1-1: config 0 has no interfaces?
[  747.015013][ T1173] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  747.061622][ T1173] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.093186][ T1173] usb 1-1: Product: syz
[  747.098493][ T1173] usb 1-1: Manufacturer: syz
[  747.103443][ T1173] usb 1-1: SerialNumber: syz
[  747.114717][ T1173] usb 1-1: config 0 descriptor??
[  747.567004][   T30] INFO: task syz.4.2001:14571 blocked for more than 143 seconds.
[  747.569065][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[  747.577997][   T30]       Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  747.584735][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[  747.665126][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  747.692231][T17414] __nla_validate_parse: 3 callbacks suppressed
[  747.692254][T17414] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2951'.
[  747.749041][   T30] task:syz.4.2001      state:D stack:23776 pid:14571 tgid:14571 ppid:12755  flags:0x20000004
[  747.818563][   T30] Call Trace:
[  747.853714][   T30]  <TASK>
[  747.920592][   T30]  __schedule+0x18af/0x4bd0
[  747.951962][   T30]  ? __pfx___schedule+0x10/0x10
[  747.987558][   T30]  ? __pfx_lock_release+0x10/0x10
[  748.034964][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  748.059078][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  748.069972][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  748.082842][   T30]  ? schedule+0x90/0x320
[  748.092728][   T30]  schedule+0x14b/0x320
[  748.108446][   T30]  ? down_read+0x6a5/0xa40
[  748.133902][   T30]  schedule_preempt_disabled+0x13/0x30
[  748.145970][   T30]  down_read+0x705/0xa40
[  748.155536][   T30]  ? __pfx_down_read+0x10/0x10
[  748.163145][   T30]  ? release_fault_lock+0x163/0x230
[  748.180508][   T30]  ? release_fault_lock+0xa6/0x230
[  748.197700][   T30]  page_cache_ra_unbounded+0x135/0x8a0
[  748.226452][   T30]  do_sync_mmap_readahead+0x499/0x970
[  748.248932][   T30]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[  748.263435][   T30]  ? count_memcg_event_mm+0x90/0x420
[  748.291321][   T30]  ? __filemap_get_folio+0x949/0xbd0
[  748.312173][   T30]  filemap_fault+0x8c5/0x1950
[  748.333464][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  748.340112][   T30]  ? pte_alloc_one+0x3b2/0x5d0
[  748.345870][   T30]  ? __pfx_filemap_fault+0x10/0x10
[  748.353134][   T30]  ? pte_alloc_one+0x442/0x5d0
[  748.360760][   T30]  ? __pfx_pte_alloc_one+0x10/0x10
[  748.372382][   T30]  ? blk_cgroup_congested+0x1b/0x200
[  748.382888][   T30]  ? blk_cgroup_congested+0x1f0/0x200
[  748.393519][   T30]  __do_fault+0x135/0x460
[  748.401763][   T30]  handle_pte_fault+0xd99/0x6800
[  748.407419][   T30]  ? mark_lock+0x9a/0x360
[  748.411954][   T30]  ? __pfx_handle_pte_fault+0x10/0x10
[  748.418221][   T30]  ? __lock_acquire+0x1384/0x2050
[  748.423991][   T30]  ? reacquire_held_locks+0x3eb/0x690
[  748.429621][   T30]  ? lock_vma_under_rcu+0x34b/0x790
[  748.443883][   T30]  ? __thp_vma_allowable_orders+0x8ff/0x9c0
[  748.458231][   T30]  ? __pfx_reacquire_held_locks+0x10/0x10
[  748.466091][   T30]  handle_mm_fault+0x1106/0x1bb0
[  748.472103][   T30]  ? __pfx_handle_mm_fault+0x10/0x10
[  748.478791][   T30]  ? lock_vma_under_rcu+0x602/0x790
[  748.484664][   T30]  ? lock_vma_under_rcu+0x1dd/0x790
[  748.490001][   T30]  ? exc_page_fault+0x113/0x8c0
[  748.494975][   T30]  exc_page_fault+0x459/0x8c0
[  748.499712][   T30]  asm_exc_page_fault+0x26/0x30
[  748.525175][   T30] RIP: 0023:0xf70f2a48
[  748.529327][   T30] RSP: 002b:00000000f752faa0 EFLAGS: 00010286
[  748.551393][   T30] RAX: 0000000000000012 RBX: 0000000000000000 RCX: 0000000020000000
[  748.573299][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  748.586943][   T30] RBP: 00000000f752fdb8 R08: 0000000000000000 R09: 0000000000000000
[  748.595538][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  748.604010][   T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  748.612278][   T30]  </TASK>
[  748.654293][   T30] INFO: task syz.4.2001:14572 blocked for more than 144 seconds.
[  748.671981][   T30]       Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  748.726765][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  748.741510][   T30] task:syz.4.2001      state:D stack:24848 pid:14572 tgid:14571 ppid:12755  flags:0x20004004
[  748.752701][   T30] Call Trace:
[  748.757363][   T30]  <TASK>
[  748.761187][   T30]  __schedule+0x18af/0x4bd0
[  748.766986][   T30]  ? __pfx___schedule+0x10/0x10
[  748.771916][   T30]  ? __pfx_lock_release+0x10/0x10
[  748.778364][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  748.786020][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  748.793403][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  748.799445][   T30]  ? schedule+0x90/0x320
[  748.804808][   T30]  schedule+0x14b/0x320
[  748.809920][   T30]  ? down_read+0x6a5/0xa40
[  748.815372][   T30]  schedule_preempt_disabled+0x13/0x30
[  748.822160][   T30]  down_read+0x705/0xa40
[  748.827357][   T30]  ? __pfx_down_read+0x10/0x10
[  748.832939][   T30]  ? do_sync_mmap_readahead+0x699/0x970
[  748.839347][   T30]  page_cache_ra_unbounded+0x135/0x8a0
[  748.849553][   T30]  do_sync_mmap_readahead+0x499/0x970
[  748.856121][   T30]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[  748.862939][   T30]  ? count_memcg_event_mm+0x90/0x420
[  748.869265][   T30]  ? __filemap_get_folio+0x949/0xbd0
[  748.877328][   T30]  filemap_fault+0x8c5/0x1950
[  748.882980][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  748.893141][   T30]  ? pte_alloc_one+0x3b2/0x5d0
[  748.899051][   T30]  ? __pfx_filemap_fault+0x10/0x10
[  748.904323][   T30]  ? pte_alloc_one+0x442/0x5d0
[  748.909169][   T30]  ? __pfx_pte_alloc_one+0x10/0x10
[  748.914468][   T30]  ? blk_cgroup_congested+0x1b/0x200
[  748.919887][   T30]  ? blk_cgroup_congested+0x1f0/0x200
[  748.926435][   T30]  __do_fault+0x135/0x460
[  748.931712][   T30]  handle_pte_fault+0xd99/0x6800
[  748.937626][   T30]  ? mark_lock+0x9a/0x360
[  748.942880][   T30]  ? __pfx_handle_pte_fault+0x10/0x10
[  748.949301][   T30]  ? __lock_acquire+0x1384/0x2050
[  748.955414][   T30]  ? __thp_vma_allowable_orders+0x8ff/0x9c0
[  748.962231][   T30]  ? __pfx_lock_release+0x10/0x10
[  748.968216][   T30]  handle_mm_fault+0x1106/0x1bb0
[  748.973321][   T30]  ? mt_find+0x2a9/0x920
[  748.977637][   T30]  ? __pfx_handle_mm_fault+0x10/0x10
[  748.982994][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  748.991125][   T30]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  748.997420][   T30]  exc_page_fault+0x2b9/0x8c0
[  749.002883][   T30]  asm_exc_page_fault+0x26/0x30
[  749.008703][   T30] RIP: 0010:rep_movs_alternative+0x15/0x70
[  749.015506][   T30] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84
[  749.036101][   T30] RSP: 0018:ffffc90004defc70 EFLAGS: 00050202
[  749.043109][   T30] RAX: ffffffff84bcf100 RBX: 0000000020000004 RCX: 0000000000000004
[  749.052065][   T30] RDX: 0000000000000000 RSI: ffffc90004defd60 RDI: 0000000020000000
[  749.061034][   T30] RBP: ffffc90004defdd0 R08: 0000000000000003 R09: fffff520009bdfac
[  749.069495][   T30] R10: dffffc0000000000 R11: fffff520009bdfac R12: 0000000000000004
[  749.078167][   T30] R13: dffffc0000000000 R14: 0000000020000000 R15: ffffc90004defd60
[  749.087317][   T30]  ? _copy_to_user+0x20/0xb0
[  749.094393][   T30]  _copy_to_user+0x86/0xb0
[  749.099743][   T30]  do_timer_create+0xda8/0x13f0
[  749.105592][   T30]  ? __pfx_do_timer_create+0x10/0x10
[  749.111733][   T30]  ? __ia32_compat_sys_timer_create+0x74/0x190
[  749.118916][   T30]  __ia32_compat_sys_timer_create+0x13c/0x190
[  749.126001][   T30]  ? __pfx___ia32_compat_sys_timer_create+0x10/0x10
[  749.133576][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  749.139973][   T30]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  749.146718][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  749.152794][   T30]  __do_fast_syscall_32+0xb4/0x110
[  749.159382][   T30]  ? exc_page_fault+0x590/0x8c0
[  749.165178][   T30]  do_fast_syscall_32+0x34/0x80
[  749.170917][   T30]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  749.178270][   T30] RIP: 0023:0xf7f3f579
[  749.183332][   T30] RSP: 002b:00000000f56c656c EFLAGS: 00000206 ORIG_RAX: 0000000000000103
[  749.194125][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  749.202934][   T30] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  749.211165][   T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  749.219278][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  749.228266][   T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  749.237614][   T30]  </TASK>
[  749.251114][   T30] 
[  749.251114][   T30] Showing all locks held in the system:
[  749.283873][   T30] 1 lock held by khungtaskd/30:
[  749.288798][   T30]  #0: ffffffff8e937e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  749.302655][   T30] 3 locks held by kworker/u8:6/2516:
[  749.309004][   T30] 2 locks held by getty/4987:
[  749.315008][   T30]  #0: ffff88814bed30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  749.326140][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  749.337634][   T30] 2 locks held by syz.1.1996/14555:
[  749.343735][   T30] 1 lock held by syz.4.2001/14571:
[  749.350451][   T30]  #0: ffff888148d0fc40 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0x135/0x8a0
[  749.362772][   T30] 1 lock held by syz.4.2001/14572:
[  749.368941][   T30]  #0: ffff888148d0fc40 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0x135/0x8a0
[  749.381216][   T30] 1 lock held by syz.3.2015/14613:
[  749.386438][   T30]  #0: ffff888148d0fc40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_common_ioctl+0x150b/0x2480
[  749.404938][   T30] 1 lock held by syz.2.2091/15019:
[  749.410866][   T30]  #0: ffff888148d0fc40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490
[  749.422789][   T30] 1 lock held by syz.0.2113/15123:
[  749.429171][   T30]  #0: ffff888148d0fc40 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0x135/0x8a0
[  749.441474][   T30] 
[  749.445180][   T30] =============================================
[  749.445180][   T30] 
[  749.454598][   T30] NMI backtrace for cpu 0
[  749.458969][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  749.469587][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  749.479679][   T30] Call Trace:
[  749.482986][   T30]  <TASK>
[  749.485927][   T30]  dump_stack_lvl+0x241/0x360
[  749.490620][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  749.495835][   T30]  ? __pfx__printk+0x10/0x10
[  749.500460][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  749.505432][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  749.510902][   T30]  ? _printk+0xd5/0x120
[  749.515074][   T30]  ? __pfx__printk+0x10/0x10
[  749.519742][   T30]  ? __wake_up_klogd+0xcc/0x110
[  749.524607][   T30]  ? __pfx__printk+0x10/0x10
[  749.529200][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  749.534235][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  749.540256][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  749.546245][   T30]  watchdog+0xff4/0x1040
[  749.550499][   T30]  ? watchdog+0x1ea/0x1040
[  749.555015][   T30]  ? __pfx_watchdog+0x10/0x10
[  749.559695][   T30]  kthread+0x2f0/0x390
[  749.563767][   T30]  ? __pfx_watchdog+0x10/0x10
[  749.568452][   T30]  ? __pfx_kthread+0x10/0x10
[  749.573048][   T30]  ret_from_fork+0x4b/0x80
[  749.577471][   T30]  ? __pfx_kthread+0x10/0x10
[  749.582062][   T30]  ret_from_fork_asm+0x1a/0x30
[  749.586857][   T30]  </TASK>
[  749.592331][   T30] Sending NMI from CPU 0 to CPUs 1:
[  749.598705][    C1] NMI backtrace for cpu 1
[  749.598721][    C1] CPU: 1 UID: 0 PID: 53 Comm: kworker/u8:3 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  749.598751][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  749.598762][    C1] Workqueue: bat_events batadv_nc_worker
[  749.598793][    C1] RIP: 0010:batadv_nc_worker+0x1ee/0x610
[  749.598817][    C1] Code: e8 47 73 6e f6 48 8b 6d 00 48 85 ed 74 17 48 81 c5 38 fe ff ff 74 0e e8 c0 ad 04 f6 eb b8 e8 b9 ad 04 f6 eb 05 e8 b2 ad 04 f6 <e8> 7d 44 36 00 89 c3 31 ff 89 c6 e8 e2 b1 04 f6 85 db 74 15 e8 69
[  749.598833][    C1] RSP: 0018:ffffc90000be7b58 EFLAGS: 00000293
[  749.598848][    C1] RAX: ffffffff8b902a27 RBX: ffff88806bac0d00 RCX: ffff88801e69bc00
[  749.598862][    C1] RDX: 0000000000000000 RSI: ffffffff8c610280 RDI: ffffffff8c610240
[  749.598876][    C1] RBP: 0000000000000000 R08: ffffffff8b902941 R09: 1ffffffff2859300
[  749.598888][    C1] R10: dffffc0000000000 R11: fffffbfff2859301 R12: ffff88805f318cc0
[  749.598902][    C1] R13: 0000000000000248 R14: ffff88806bac0d00 R15: dffffc0000000000
[  749.598915][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  749.598930][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  749.598943][    C1] CR2: 00007f3265001cef CR3: 000000007785c000 CR4: 00000000003526f0
[  749.598959][    C1] Call Trace:
[  749.598966][    C1]  <NMI>
[  749.598979][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  749.599001][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  749.599027][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  749.599048][    C1]  ? nmi_handle+0x2a/0x5a0
[  749.599072][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  749.599094][    C1]  ? nmi_handle+0x14f/0x5a0
[  749.599118][    C1]  ? nmi_handle+0x2a/0x5a0
[  749.599136][    C1]  ? batadv_nc_worker+0x1ee/0x610
[  749.599158][    C1]  ? default_do_nmi+0x63/0x160
[  749.599184][    C1]  ? exc_nmi+0x123/0x1f0
[  749.599204][    C1]  ? end_repeat_nmi+0xf/0x53
[  749.599225][    C1]  ? batadv_nc_worker+0x101/0x610
[  749.599246][    C1]  ? batadv_nc_worker+0x1e7/0x610
[  749.599269][    C1]  ? batadv_nc_worker+0x1ee/0x610
[  749.599291][    C1]  ? batadv_nc_worker+0x1ee/0x610
[  749.599314][    C1]  ? batadv_nc_worker+0x1ee/0x610
[  749.599337][    C1]  </NMI>
[  749.599343][    C1]  <TASK>
[  749.599350][    C1]  ? batadv_nc_worker+0xcb/0x610
[  749.599372][    C1]  ? process_scheduled_works+0x976/0x1850
[  749.599396][    C1]  process_scheduled_works+0xa63/0x1850
[  749.599430][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  749.599457][    C1]  ? assign_work+0x364/0x3d0
[  749.599480][    C1]  worker_thread+0x870/0xd30
[  749.599509][    C1]  ? __kthread_parkme+0x169/0x1d0
[  749.599534][    C1]  ? __pfx_worker_thread+0x10/0x10
[  749.599557][    C1]  kthread+0x2f0/0x390
[  749.599573][    C1]  ? __pfx_worker_thread+0x10/0x10
[  749.599595][    C1]  ? __pfx_kthread+0x10/0x10
[  749.599611][    C1]  ret_from_fork+0x4b/0x80
[  749.599635][    C1]  ? __pfx_kthread+0x10/0x10
[  749.599652][    C1]  ret_from_fork_asm+0x1a/0x30
[  749.599681][    C1]  </TASK>
[  749.615842][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  749.615871][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  749.615895][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  749.615907][   T30] Call Trace:
[  749.615915][   T30]  <TASK>
[  749.615926][   T30]  dump_stack_lvl+0x241/0x360
[  749.615955][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  749.615975][   T30]  ? __pfx__printk+0x10/0x10
[  749.615991][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  749.616024][   T30]  ? vscnprintf+0x5d/0x90
[  749.616049][   T30]  panic+0x349/0x880
[  749.616068][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  749.616092][   T30]  ? __pfx_panic+0x10/0x10
[  749.616108][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  749.616129][   T30]  ? __irq_work_queue_local+0x137/0x410
[  749.616155][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  749.616175][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  749.616196][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  749.616220][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  749.616245][   T30]  watchdog+0x1033/0x1040
[  749.616270][   T30]  ? watchdog+0x1ea/0x1040
[  749.616297][   T30]  ? __pfx_watchdog+0x10/0x10
[  749.616320][   T30]  kthread+0x2f0/0x390
[  749.616338][   T30]  ? __pfx_watchdog+0x10/0x10
[  749.616360][   T30]  ? __pfx_kthread+0x10/0x10
[  749.616378][   T30]  ret_from_fork+0x4b/0x80
[  749.616402][   T30]  ? __pfx_kthread+0x10/0x10
[  749.616420][   T30]  ret_from_fork_asm+0x1a/0x30
[  749.616456][   T30]  </TASK>
[  750.041375][   T30] Kernel Offset: disabled
[  750.045704][   T30] Rebooting in 86400 seconds..