last executing test programs:

7.898410651s ago: executing program 3 (id=364):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0xc1105511, &(0x7f0000000040)={0x5, 0x3, 0xffff, 0xfff, 'syz1\x00', 0x2})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setfsuid(0x0)
r4 = dup(r3)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000602000/0x3000)=nil, 0x3000}, 0x2})
ioctl$UFFDIO_COPY(r5, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000117000/0x4000)=nil, 0x400000, 0x3, 0x2})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

7.309806461s ago: executing program 3 (id=370):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000fff500000000000a18010000060a0b0400000000000000000200000034000480300001800a0001006d617463680000002000028008000240000000030b000100736f636b6574000005000300d60000000900010073797a30000000000900020073797a3200000000b70007"], 0x140}, 0x1, 0x0, 0x0, 0x40480e0}, 0x4008014)

7.088100781s ago: executing program 3 (id=373):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x34, 0x13, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$inet(0x2, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x70, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x9, 0xc}, {0x6, 0xffff}, {0xa}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}, @TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0xf0, 0x5, 0xffffffd8, 0x2, 0x7, 0x7}}, {0x4}}, {{0x1c, 0x1, {0x8, 0x80, 0xe7, 0x1, 0x1, 0x6}}, {0x4}}]}]}, 0x70}}, 0x48000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r5 = socket(0x15, 0x5, 0x0)
connect$unix(r5, &(0x7f0000000080)=@abs={0xa}, 0x6e)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000580)={'syz1\x00', {0x6fc9, 0x7, 0x5, 0x5}, 0x30, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x4, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x8, 0xe, 0x4, 0x2, 0xde, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x1], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0xc32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x7, 0x1000001, 0x10, 0xfffffff9, 0x0, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffff9, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x7, 0xfffffffc, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x5, 0x80, 0x9, 0x9, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x6, 0x8, 0x95a, 0x0, 0x3ff, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x5, 0x6, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x4, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x1e0, 0x4, 0xe47, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x8, 0x8a8, 0x2, 0x3d, 0x7, 0x2, 0x4, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0xffffffff, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0xf, 0x133, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)
readv(r6, &(0x7f0000000b80)=[{0x0}, {&(0x7f0000000a00)=""/113, 0x71}], 0x2)
write$input_event(r6, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r7 = dup(r1)
r8 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_SET_LEDBIT(r8, 0x40045569, 0xa)
ioctl$UI_SET_EVBIT(r8, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r8, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r8, 0x5501)
ioctl$UI_DEV_DESTROY(r8, 0x5502)
write$UHID_INPUT(r7, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b333b316d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d376d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
ioctl$TIOCSSOFTCAR(r7, 0x541a, &(0x7f0000000300)=0xd3b)

6.205574184s ago: executing program 3 (id=378):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000005c0)={0x4, {{0xa, 0x4e21, 0x6, @mcast2, 0x6}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000a80)=ANY=[@ANYBLOB="0b000000000000000a00000000030000ff02000000000000000000000000000100000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000001"], 0x110)

6.060690481s ago: executing program 3 (id=381):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ac1000/0x3000)=nil, 0x3000, 0x2000000, 0x100010, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x4, 0x200003)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x2400c080)

3.395989011s ago: executing program 4 (id=399):
socket$inet_mptcp(0x2, 0x1, 0x106)
pipe2(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4880)
r1 = socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$uac1(0x5, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000050109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r0, @ANYRES64=r1], 0x0)

3.284670091s ago: executing program 1 (id=401):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000340)="89611e1e8d67e8003de321c986c34211cb7e5be56181a1d4a867fb59e6b33be468e64cdbf50d05a8fd8c18de688ffc", 0x2f, 0x4004840, 0x0, 0x0)

3.186927562s ago: executing program 1 (id=402):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000003c0)="93378e66cf9b48cb59638401fcd1730172853a9fa89527996042ab60ae29f9c1", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000380)=""/46, 0x2e}, {0x0}], 0x2}}], 0x2, 0x220, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0xac, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300, 0x8002}, [@IFLA_LINKINFO={0x84, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x74, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_INGRESS_QOS={0x34, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0x57, 0x1, {0x5, 0x9}}, @IFLA_VLAN_QOS_MAPPING={0xfffffdca, 0x1, {0x8, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x8c}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x9, 0x4}}]}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5, 0xf85a}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffff, 0xa3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffff}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0xac}}, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r1, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000a80)={0x87c, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_FUNC={0x85c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x80}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x3}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0xa8, 0xd, 0x0, 0x1, [{0xa3, 0x0, "813292bdce1288bb658a4c260458d7826002f1c16412c0a2a70518722a61122f725825c57337a08a0c5773763d01e5653e8db95f6bc6c9770b4272a664734288dd32582fb31661ad831ea9c600fdfe63e03953c9c188906e022b6bd39591af83857c69c784707123338f54714cd718a958f372de0043db6e8332e99a94c634f6d5153e92aee52355d8dca7fe19910cc5117671052b8cebd133abf9d084a48e"}]}, @NL80211_NAN_FUNC_SRF={0x2cc, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x3}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_MAC_ADDRS={0x4c, 0x4, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_MAC_ADDRS={0x10, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x87}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_BF={0x103, 0x2, "a33352af5b67b60c21936727e9e4a59f861bbc4a12b4940f1eef626e130c4cae700e9deb9199d5b8d2b0559f1c324886d29d8ff0e7e042ded7876da91c7c962cbe3762cd35fd0593e1188c86a723fb2d8aa444f33d811ebb5988d4300c775160085f6002527c1738781a7c784a86256aa5e54a6f02068da0659ef2adb69f862948a54c26b34135fecdd9726e58fcd7c8e0c453db730d3f66cb55ee4abab2c3ab55d003e452024f74c66e6792827f6ba0c901eb732b183a1463ae1108442672b6f2f617c46260cf8afcc69bc97592a0f1926802c0aabf0bd659d9335202822130cd9e528be2cfdfc5cbb5bead67dbf8eb1a893f94734eddb86f76c2795b34aa"}, @NL80211_NAN_SRF_MAC_ADDRS={0x4c, 0x4, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_NAN_SRF_BF={0x103, 0x2, "53d7e0b8c503b8f5b1ed64c891d2ee4e330dd72f6a5cf64cd8880ceb6ccb826737b7c3c2163e37d2a78e1a291a3ef625fceb25a8f34ad16f9328c196f553fa2b180a5bdaba66edda8ada1b6ee9ad2856d4eebbd91c6e39af99e60c4deb63e22c68a0cfd7f7187329d726b355fdc09cf0431b640c672bcdc3c3a13feb06c682d78082eea888467a6ec82559d9eeacab52ff4dd8a6a7ba5b4407fc0fcb2d5746c1aae998e92a7ad0c997e4d925856c35ae38e73355ba0da775d57c5f169bec5b3f863fcd2eef71e5b1684485a67afa8afc61ec8bdd2b30b39367e3bd4d353965f7f26c5e683940eac210c0ab39a018260ae8b746f8b2c2a2b1821d3fb7c4f445"}]}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x4d4, 0xd, 0x0, 0x1, [{0x55, 0x0, "2226f404c4e6d53491c2c32fe5c6f5f5a8496650cf9e3359b6df8636a47e11648b5944420cd7d5a6f13778859bff158c4ac26dd875a6ac321d7f8cd0dc2f770e19437de008078f3a36fabd49ce733a89fa"}, {0x4a, 0x0, "fe0ea79f107839a081366b839c3dd243250a40273d8013940956955e162232bda1842433f1920f4ec9f14d4683de4448a093da0ac3d895becbced185badc4029c28b7867551f"}, {0xb1, 0x0, "e1593b2f5ed4610f888b96e11956f2df8a264b38ae6aad05c1a6c4120a7f3db540b3f20ef99aa55195bb79a924a95cbe14898bcdfcd971275af36faeaf1f3331e5a8c06051a00c561a6f707d675d7803b7c2fd0378f595e47ee2c1285443a3158541786fb3512443785224cf20d2591ec07980e794c59b0047817197c1bee1103289fbc31e7cebc92da1ff92d828fef74409023524d07354327bad70462d64e66d521d7067e7353919266f2ade"}, {0x68, 0x0, "7af7535a661aeebfc102c32427edc27a8b48c9790be6d7096d6f85790a4256f067c03a7addcd023d7bb8e63b9871bf78541857b98daacd263c637ee1f1b2e43cd7d96f60abeeb4c52ac67048a5e93f6f670497fdb1465184c359a2d968bbfacdbc1e5bc7"}, {0xa7, 0x0, "090af17da63487e6e829f186111229d192d6cd207ca1477a74e67a1c93f91e02f318edcfb5970336361ffb2749ce02adcbf2b61b43fd13000722fb89a53f45ea4146fe4251283d2e33b1b0ddc93a38ef689d2abf022b202dd3ae3991f17267c40a808817dfc43b730ae3f5b127dd73b1242a28a29e5d67c260ba10e84a3166e2e954e9e9a931e421293f0c88ba4ce53d5021c84aa39d314663be5185540be6c320532f"}, {0x2d, 0x0, "60cc88ec29de1da587f8b9cd7053124a297b2230ea6c0daeeb80ea04638699fc3f96e06c144688d97a"}, {0xe2, 0x0, "97edfac589d70c379d026bda8cfb352fc544df69a996a5acfe949e00f9438da299eaad03a5a55057c9bd63dbd845eb57389fff4366079b6e689338136186dbbc56b9a38aae16b903a439205cc71b6600808bc2147a542757d1b3c1bee6be546f73445ff8aa748f9eedf4ee4da164fd9c39425fdb830b1230d626049839ddcc787475dd9e5eb69f6ffe4bfae8dbe000b61e2f276d538a26adeb11e8b3dd462c6850086fe4541c0c1a4d2261445e5a88471ec81400c76703baa2e44947cceca06b2fe79a1fd4f1079c0d0d9193c5ddcfe415a1fab4e395fda630b5e3f3ac4e"}, {0xc1, 0x0, "26688833aa50b56646d9c9fffa4ed668a567eb5e8c6b9f86147ee2486c89ce200f09349e8ff4f820a73259f3acfc0854e1fbc3f132a6c8e11ff9ea609aaabc983acfc485646d0057c227e706082de2b3270f8b7c5ac43843dce51a9bdcbef9d97a20330ad9ea207974abd24553106f105d1758e3e03f08b7014e79ffa2d85afa22bf6909ed8298230a64d0fec3d778db5daaf1c613624697c8b55c5eca59579e2650b5f291d3e031f515e011535e5c9fce2470c8c8409121c808588148"}, {0x8e, 0x0, "e78345afde29d58292de2f9e86286b0b9eeb0ec81815185fa1579b4725ea0f8a6ca749a4e32b47891e15dd9a62994bfc9d2c3f8c76abbc53c809f012e84f3345d507656a3a366c0a8b13d232dd34b3d88f65a75c75df8fe8772767bdaf91788db21cc56e55f470fd27132d8eb30e2d98c38083cd441ae8f1d5f625f35fc7a6674fced7f6c71b11f63f3c"}]}]}, @NL80211_ATTR_NAN_FUNC={0xc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x87}]}]}, 0x87c}, 0x1, 0x0, 0x0, 0x8081}, 0x0)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000003c0)="93378e66cf9b48cb59638401fcd1730172853a9fa89527996042ab60ae29f9c1", 0x20) (async)
accept4(r0, 0x0, 0x0, 0x0) (async)
recvmmsg$unix(r1, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000380)=""/46, 0x2e}, {0x0}], 0x2}}], 0x2, 0x220, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'geneve1\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0xac, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300, 0x8002}, [@IFLA_LINKINFO={0x84, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x74, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_INGRESS_QOS={0x34, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0x57, 0x1, {0x5, 0x9}}, @IFLA_VLAN_QOS_MAPPING={0xfffffdca, 0x1, {0x8, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x8c}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x9, 0x4}}]}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5, 0xf85a}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffff, 0xa3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffff}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0xac}}, 0x0) (async)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r1, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000a80)={0x87c, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_FUNC={0x85c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x80}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x3}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0xa8, 0xd, 0x0, 0x1, [{0xa3, 0x0, "813292bdce1288bb658a4c260458d7826002f1c16412c0a2a70518722a61122f725825c57337a08a0c5773763d01e5653e8db95f6bc6c9770b4272a664734288dd32582fb31661ad831ea9c600fdfe63e03953c9c188906e022b6bd39591af83857c69c784707123338f54714cd718a958f372de0043db6e8332e99a94c634f6d5153e92aee52355d8dca7fe19910cc5117671052b8cebd133abf9d084a48e"}]}, @NL80211_NAN_FUNC_SRF={0x2cc, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x3}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_MAC_ADDRS={0x4c, 0x4, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_MAC_ADDRS={0x10, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x87}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_BF={0x103, 0x2, "a33352af5b67b60c21936727e9e4a59f861bbc4a12b4940f1eef626e130c4cae700e9deb9199d5b8d2b0559f1c324886d29d8ff0e7e042ded7876da91c7c962cbe3762cd35fd0593e1188c86a723fb2d8aa444f33d811ebb5988d4300c775160085f6002527c1738781a7c784a86256aa5e54a6f02068da0659ef2adb69f862948a54c26b34135fecdd9726e58fcd7c8e0c453db730d3f66cb55ee4abab2c3ab55d003e452024f74c66e6792827f6ba0c901eb732b183a1463ae1108442672b6f2f617c46260cf8afcc69bc97592a0f1926802c0aabf0bd659d9335202822130cd9e528be2cfdfc5cbb5bead67dbf8eb1a893f94734eddb86f76c2795b34aa"}, @NL80211_NAN_SRF_MAC_ADDRS={0x4c, 0x4, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_NAN_SRF_BF={0x103, 0x2, "53d7e0b8c503b8f5b1ed64c891d2ee4e330dd72f6a5cf64cd8880ceb6ccb826737b7c3c2163e37d2a78e1a291a3ef625fceb25a8f34ad16f9328c196f553fa2b180a5bdaba66edda8ada1b6ee9ad2856d4eebbd91c6e39af99e60c4deb63e22c68a0cfd7f7187329d726b355fdc09cf0431b640c672bcdc3c3a13feb06c682d78082eea888467a6ec82559d9eeacab52ff4dd8a6a7ba5b4407fc0fcb2d5746c1aae998e92a7ad0c997e4d925856c35ae38e73355ba0da775d57c5f169bec5b3f863fcd2eef71e5b1684485a67afa8afc61ec8bdd2b30b39367e3bd4d353965f7f26c5e683940eac210c0ab39a018260ae8b746f8b2c2a2b1821d3fb7c4f445"}]}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x4d4, 0xd, 0x0, 0x1, [{0x55, 0x0, "2226f404c4e6d53491c2c32fe5c6f5f5a8496650cf9e3359b6df8636a47e11648b5944420cd7d5a6f13778859bff158c4ac26dd875a6ac321d7f8cd0dc2f770e19437de008078f3a36fabd49ce733a89fa"}, {0x4a, 0x0, "fe0ea79f107839a081366b839c3dd243250a40273d8013940956955e162232bda1842433f1920f4ec9f14d4683de4448a093da0ac3d895becbced185badc4029c28b7867551f"}, {0xb1, 0x0, "e1593b2f5ed4610f888b96e11956f2df8a264b38ae6aad05c1a6c4120a7f3db540b3f20ef99aa55195bb79a924a95cbe14898bcdfcd971275af36faeaf1f3331e5a8c06051a00c561a6f707d675d7803b7c2fd0378f595e47ee2c1285443a3158541786fb3512443785224cf20d2591ec07980e794c59b0047817197c1bee1103289fbc31e7cebc92da1ff92d828fef74409023524d07354327bad70462d64e66d521d7067e7353919266f2ade"}, {0x68, 0x0, "7af7535a661aeebfc102c32427edc27a8b48c9790be6d7096d6f85790a4256f067c03a7addcd023d7bb8e63b9871bf78541857b98daacd263c637ee1f1b2e43cd7d96f60abeeb4c52ac67048a5e93f6f670497fdb1465184c359a2d968bbfacdbc1e5bc7"}, {0xa7, 0x0, "090af17da63487e6e829f186111229d192d6cd207ca1477a74e67a1c93f91e02f318edcfb5970336361ffb2749ce02adcbf2b61b43fd13000722fb89a53f45ea4146fe4251283d2e33b1b0ddc93a38ef689d2abf022b202dd3ae3991f17267c40a808817dfc43b730ae3f5b127dd73b1242a28a29e5d67c260ba10e84a3166e2e954e9e9a931e421293f0c88ba4ce53d5021c84aa39d314663be5185540be6c320532f"}, {0x2d, 0x0, "60cc88ec29de1da587f8b9cd7053124a297b2230ea6c0daeeb80ea04638699fc3f96e06c144688d97a"}, {0xe2, 0x0, "97edfac589d70c379d026bda8cfb352fc544df69a996a5acfe949e00f9438da299eaad03a5a55057c9bd63dbd845eb57389fff4366079b6e689338136186dbbc56b9a38aae16b903a439205cc71b6600808bc2147a542757d1b3c1bee6be546f73445ff8aa748f9eedf4ee4da164fd9c39425fdb830b1230d626049839ddcc787475dd9e5eb69f6ffe4bfae8dbe000b61e2f276d538a26adeb11e8b3dd462c6850086fe4541c0c1a4d2261445e5a88471ec81400c76703baa2e44947cceca06b2fe79a1fd4f1079c0d0d9193c5ddcfe415a1fab4e395fda630b5e3f3ac4e"}, {0xc1, 0x0, "26688833aa50b56646d9c9fffa4ed668a567eb5e8c6b9f86147ee2486c89ce200f09349e8ff4f820a73259f3acfc0854e1fbc3f132a6c8e11ff9ea609aaabc983acfc485646d0057c227e706082de2b3270f8b7c5ac43843dce51a9bdcbef9d97a20330ad9ea207974abd24553106f105d1758e3e03f08b7014e79ffa2d85afa22bf6909ed8298230a64d0fec3d778db5daaf1c613624697c8b55c5eca59579e2650b5f291d3e031f515e011535e5c9fce2470c8c8409121c808588148"}, {0x8e, 0x0, "e78345afde29d58292de2f9e86286b0b9eeb0ec81815185fa1579b4725ea0f8a6ca749a4e32b47891e15dd9a62994bfc9d2c3f8c76abbc53c809f012e84f3345d507656a3a366c0a8b13d232dd34b3d88f65a75c75df8fe8772767bdaf91788db21cc56e55f470fd27132d8eb30e2d98c38083cd441ae8f1d5f625f35fc7a6674fced7f6c71b11f63f3c"}]}]}, @NL80211_ATTR_NAN_FUNC={0xc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x87}]}]}, 0x87c}, 0x1, 0x0, 0x0, 0x8081}, 0x0) (async)

2.904223528s ago: executing program 1 (id=405):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r1)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x204, r2, 0x800, 0x70bd2a, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}, {0x6}, {0x8, 0x13, 0xffffff81}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffff000}, {0x6, 0x11, 0x7}, {0x8, 0x13, 0x9}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5605}, {0x6}, {0x8, 0x13, 0x4}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0x9}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffff9}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0x5}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x800}, {0x8, 0x13, 0x4}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x7}, {0x8, 0x13, 0x7ff}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}, {0x6}, {0x8, 0x13, 0x5}, {0x5, 0x14, 0x1}}]}, 0x204}, 0x1, 0x0, 0x0, 0x10}, 0x0)

2.669150227s ago: executing program 1 (id=408):
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r0, 0x0, 0x0)
syz_usb_connect(0x3, 0x74, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x33, 0xbc, 0xcb, 0x8, 0x1608, 0x21e, 0xa068, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x62, 0x2, 0x4, 0x0, 0x0, 0x3f, [{{0x9, 0x4, 0x93, 0x4, 0x0, 0x73, 0x73, 0x51, 0x5b}}, {{0x9, 0x4, 0x8b, 0x1, 0x1, 0x3f, 0x45, 0x95, 0x3, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, '\v'}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0xfff, 0x2e8d, 0x8, 0x7}, {0x6, 0x24, 0x1a, 0x2, 0x8}, [@network_terminal={0x7, 0x24, 0xa, 0x6, 0x2, 0x7, 0x2}]}, @cdc_ecm={{0x7, 0x24, 0x6, 0x0, 0x0, "c856"}, {0x5, 0x24, 0x0, 0x8000}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x0, 0xf, 0x6}}], [{{0x9, 0x5, 0x3, 0x8, 0x3ff, 0x6, 0x4, 0x4}}]}}]}}]}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x5, @empty, 0x400}, @in6={0xa, 0x4e24, 0xd, @empty, 0x5}], 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400000000000000611180000000000017000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.395164188s ago: executing program 3 (id=410):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'batadv0\x00', 0x10b})
read$FUSE(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
syz_open_dev$usbfs(&(0x7f00000009c0), 0x9, 0x1)
r3 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000180)=ANY=[@ANYRESHEX], 0x0)
syz_usb_control_io(r3, &(0x7f00000001c0)={0x2c, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r3, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000400)={0x20, 0x30, 0x2, "6292"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r3, 0x0, &(0x7f0000000f00)={0x84, &(0x7f0000000b00)=ANY=[@ANYBLOB="200603"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r5 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, &(0x7f0000000340)={0x2000, r6}, 0x0)
landlock_restrict_self(r5, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}, @TCA_FQ_TIMER_SLACK={0x8}]}}]}, 0x40}}, 0x20001)

2.282694042s ago: executing program 0 (id=411):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
read$ptp(r1, &(0x7f0000000000)=""/49, 0x31)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000000000009f000040"])
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x3c, r6, 0x431, 0x70bd28, 0x0, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_RX={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40095}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="100026bd70000000"], 0x1c}, 0x1, 0x0, 0x0, 0x24004800}, 0x4004)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB="ffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c31006001800128008000100736974000c0002800800140001000100"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

1.968873588s ago: executing program 0 (id=415):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, 0x0, 0x2, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r4, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="b2", 0x1}], 0x1, &(0x7f0000000000)=[@rights={{0x14, 0x1, 0x1, [r3]}}], 0x18, 0x8800}}], 0x1, 0x8041)
close_range(r2, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000340)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @broadcast}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}}}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x0)

1.78838026s ago: executing program 0 (id=416):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r1})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
read(r2, &(0x7f0000001480)=""/4096, 0x1000)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r1, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x51a})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000080)={0x18, r1})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmsg$NL80211_CMD_SET_BEACON(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[], 0x94}, 0x1, 0x0, 0x0, 0x20008014}, 0x400c0a5)
recvmmsg$unix(r4, &(0x7f00000024c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/113, 0x71}], 0x1}}], 0x1, 0x40, 0x0)

1.556168355s ago: executing program 4 (id=418):
write(0xffffffffffffffff, &(0x7f0000000140)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b0f33", 0x1e)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x446002)
write$binfmt_script(r1, &(0x7f0000000280)={'#! ', './file0', [{0x20, '\\'}, {}, {0x20, '/dev/kUm\x00'}, {0x20, '%::'}, {}, {0x20, '/dev/kvm\x00'}], 0xa, "0cd8170907000000000000000003000000000000e2bfa7c6e8b353c362a027c25e10a7"}, 0x4a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
read(r4, &(0x7f0000000180)=""/188, 0xbc)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0xa, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.480602183s ago: executing program 0 (id=419):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a09040000000000000000020000004c000480300001800e000100696d6d6564696174650000001c000280100002800c00028008000180000000000800014000000000180001800d00010073796e70726f787900000000040002800900010073797a30000000000900020073797a320000000014000000110001"], 0xa0}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a14000000020aff0100000000fff40000020000011400000011000100"], 0x3c}, 0x1, 0x0, 0x0, 0x4011}, 0x4000094)

1.457117737s ago: executing program 4 (id=420):
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r1)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x208, r2, 0x800, 0x70bd2a, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}, {0x6}, {0x8, 0x13, 0xffffff81}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffff000}, {0x6, 0x11, 0x7}, {0x8, 0x13, 0x9}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5605}, {0x6}, {0x8, 0x13, 0x4}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0x9}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x81}, {0x8, 0x13, 0x7}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffff9}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0x5}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x800}, {0x8, 0x13, 0x4}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x7}, {0x8, 0x13, 0x7ff}, {0x5, 0x14, 0x1}}]}, 0x208}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.260581448s ago: executing program 0 (id=422):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x5c, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}]}]}, 0x5c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002440)=ANY=[@ANYBLOB="34000000090605000a00000000000000000000000900020073797a3000000000050001000600ffde0c00078006000440"], 0x34}}, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0)

1.253946974s ago: executing program 4 (id=424):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000040)="fc", 0x1}], 0x1, 0x0, 0x0, 0x4800}], 0x1, 0x15)
recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)=""/83, 0x53}], 0x1}, 0xffffff0b}], 0x2, 0x2001, 0x0)

1.167532163s ago: executing program 0 (id=425):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
syz_usb_connect(0x0, 0x48, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000474829089513000375810000000109023600410000"], 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000200000000000048000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x4000)

1.049032187s ago: executing program 4 (id=427):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000002d003f0000000300000000000400008005001180"], 0x1c}], 0x1, 0x0, 0x0, 0x4000045}, 0x300)

972.751494ms ago: executing program 1 (id=428):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000240)={0x6, 0x5, 0x0, 'queue1\x00', 0xc})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x21020, &(0x7f00000001c0)={{}, 0x2c, {'rootmode', 0x3d, 0x2000}}, 0x1, 0x0, 0x0)

924.646896ms ago: executing program 2 (id=429):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000000100001000000000070fe00000000000a18010000060a0b0400000000000000000200000034000480300001800a0001006d617463680000002000028008000240000000030b000100736f636b6574000005000300d60000000900010073797a30000000000900020073797a3200000000b70007"], 0x140}, 0x1, 0x0, 0x0, 0x40480e0}, 0x4008014)

840.423377ms ago: executing program 2 (id=430):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r1, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x87, 0xd})
fcntl$lock(r1, 0x5, &(0x7f00000000c0)={0x0, 0x0, 0x3ff, 0x8})
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x3e)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00010000000000000000001c00001400"], 0x30}}, 0x0)

831.361929ms ago: executing program 4 (id=431):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(r5, 0x10, &(0x7f0000000180))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
write$cgroup_int(r6, &(0x7f0000000040)=0x1c9, 0x12)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000015000100000000000000080005000000080001001c"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x2000c080)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x4, 0x6, 0x1, 0xfff}, {0x80, 0x5, 0x3, 0x5}, {0x0, 0x2, 0x9, 0x4}, {0x6, 0x7b, 0xc}, {0x3, 0x3, 0x0, 0x10001}, {0x83, 0x4, 0x0, 0x1}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000500))
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000b00)={0x7, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042"})
r8 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$TIPC_NL_MEDIA_GET(r8, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

684.639811ms ago: executing program 2 (id=432):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$NL80211_CMD_SET_BEACON(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[], 0x94}, 0x1, 0x0, 0x0, 0x200080a4}, 0x400c0a5)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r3)
recvmmsg$unix(r1, &(0x7f00000024c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/166, 0xa6}], 0x1}}], 0x1, 0x40, 0x0)

568.777218ms ago: executing program 2 (id=433):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
socket$igmp6(0xa, 0x3, 0x2)
recvmmsg$unix(r1, &(0x7f00000024c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/166, 0xa6}], 0x1}}], 0x1, 0x40, 0x0)

415.173014ms ago: executing program 2 (id=434):
uname(0x0)
r0 = memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4138ae84, &(0x7f0000000c40)=@x86={0xff, 0xd, 0x6, 0x0, 0x100, 0x9, 0x9, 0x0, 0x40, 0x3, 0xc, 0xfd, 0x0, 0x1, 0xa, 0xca, 0x7, 0x13, 0x33, '\x00', 0x8, 0x4})
close_range(r0, 0xffffffffffffffff, 0x0)

587.598µs ago: executing program 2 (id=435):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x80}]}, 0x2c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r6, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x60)

0s ago: executing program 1 (id=436):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000400)={0x1, 0x0, 0x15, 0x15, 0x182, 0x0})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x32, 0xffffffffffffffff, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'}) (async)
r1 = syz_open_dev$admmidi(&(0x7f0000000080), 0x2, 0x80000)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r1, 0xc0245720, &(0x7f00000000c0))
accept4(r0, &(0x7f0000000280)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000000)=0x80, 0x80400) (async)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) (async)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000000000000000590ef64ea3149371000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0x108) (async, rerun: 32)
syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0) (async, rerun: 32)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) (async)
socket$inet6(0xa, 0x3, 0x84) (async)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 32)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 32)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) (async)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$alg(r8, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x200}], 0x18}, 0x0)
sendmsg$nl_route_sched_retired(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0) (async, rerun: 32)
recvmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000580)=""/230, 0xe6}, {&(0x7f00000004c0)=""/168, 0xa8}, {&(0x7f0000000900)=""/106, 0x6a}, {&(0x7f00000000c0)=""/26, 0x1a}, {&(0x7f0000000680)=""/159, 0x9f}, {&(0x7f0000000740)=""/16, 0x10}, {&(0x7f0000000780)=""/216, 0xd8}, {&(0x7f0000000980)=""/152, 0x98}], 0x8}, 0x2000000}], 0x2, 0x101, 0x0) (rerun: 32)
getsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, &(0x7f00000004c0)=[{}, {}], &(0x7f0000000540)=0x10) (async)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20040051}, 0x0) (async, rerun: 32)
sendmsg$NFT_BATCH(r6, 0x0, 0x0) (rerun: 32)

kernel console output (not intermixed with test programs):

c1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  112.991246][ T6260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  112.991256][ T6260] Call Trace:
[  112.991264][ T6260]  <TASK>
[  112.991271][ T6260]  dump_stack_lvl+0x241/0x360
[  112.991306][ T6260]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.991333][ T6260]  ? __pfx__printk+0x10/0x10
[  112.991369][ T6260]  should_fail_ex+0x424/0x570
[  112.991394][ T6260]  should_failslab+0xac/0x100
[  112.991423][ T6260]  kmem_cache_alloc_noprof+0x78/0x390
[  112.991449][ T6260]  ? dst_alloc+0x12b/0x190
[  112.991472][ T6260]  dst_alloc+0x12b/0x190
[  112.991496][ T6260]  ip_route_input_rcu+0x22b3/0x3930
[  112.991527][ T6260]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  112.991545][ T6260]  ? lockdep_hardirqs_on+0x9d/0x150
[  112.991597][ T6260]  ? ip_route_input_noref+0xaf/0x250
[  112.991614][ T6260]  ip_route_input_noref+0x169/0x250
[  112.991636][ T6260]  ? __pfx_ip_route_input_noref+0x10/0x10
[  112.991662][ T6260]  ? ipt_do_table+0x314/0x1870
[  112.991690][ T6260]  ip_rcv_finish_core+0x5b4/0x1b60
[  112.991727][ T6260]  ip_rcv_finish+0x14a/0x560
[  112.991746][ T6260]  ? NF_HOOK+0x38c/0x450
[  112.991764][ T6260]  NF_HOOK+0x3a0/0x450
[  112.991782][ T6260]  ? __pfx_ip_rcv_finish+0x10/0x10
[  112.991799][ T6260]  ? NF_HOOK+0x9e/0x450
[  112.991815][ T6260]  ? __pfx_NF_HOOK+0x10/0x10
[  112.991830][ T6260]  ? ip_rcv_core+0x80c/0xd20
[  112.991848][ T6260]  ? __pfx_ip_rcv_finish+0x10/0x10
[  112.991871][ T6260]  ? __pfx_ip_rcv+0x10/0x10
[  112.991888][ T6260]  __netif_receive_skb+0x2c9/0x670
[  112.991911][ T6260]  ? __pfx___netif_receive_skb+0x10/0x10
[  112.991938][ T6260]  ? netif_receive_skb+0x133/0x890
[  112.991955][ T6260]  ? netif_receive_skb+0x133/0x890
[  112.991972][ T6260]  netif_receive_skb+0x1ea/0x890
[  112.991989][ T6260]  ? tun_rx_batched+0x14b/0x8d0
[  112.992001][ T6260]  ? __pfx_netif_receive_skb+0x10/0x10
[  112.992025][ T6260]  ? tun_rx_batched+0x14b/0x8d0
[  112.992037][ T6260]  tun_rx_batched+0x1a4/0x8d0
[  112.992052][ T6260]  ? __lock_acquire+0xad5/0xd80
[  112.992068][ T6260]  ? __pfx_tun_rx_batched+0x10/0x10
[  112.992090][ T6260]  ? tun_get_user+0x2a99/0x47c0
[  112.992101][ T6260]  ? tun_get_user+0x2a99/0x47c0
[  112.992120][ T6260]  tun_get_user+0x2fec/0x47c0
[  112.992134][ T6260]  ? tun_get_user+0x852/0x47c0
[  112.992157][ T6260]  ? aa_file_perm+0x139/0xf60
[  112.992178][ T6260]  ? aa_file_perm+0x3f1/0xf60
[  112.992197][ T6260]  ? __pfx_tun_get_user+0x10/0x10
[  112.992222][ T6260]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.992248][ T6260]  ? tun_get+0x1e/0x2f0
[  112.992269][ T6260]  ? tun_get+0x1e/0x2f0
[  112.992288][ T6260]  ? tun_get+0x27d/0x2f0
[  112.992308][ T6260]  tun_chr_write_iter+0x10d/0x1f0
[  112.992331][ T6260]  vfs_write+0x70f/0xd10
[  112.992351][ T6260]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  112.992373][ T6260]  ? __pfx_vfs_write+0x10/0x10
[  112.992390][ T6260]  ? __fget_files+0x2a/0x420
[  112.992405][ T6260]  ? __fget_files+0x2a/0x420
[  112.992422][ T6260]  ksys_write+0x19d/0x2d0
[  112.992439][ T6260]  ? __pfx_ksys_write+0x10/0x10
[  112.992458][ T6260]  ? do_syscall_64+0xb6/0x230
[  112.992477][ T6260]  do_syscall_64+0xf3/0x230
[  112.992494][ T6260]  ? clear_bhb_loop+0x45/0xa0
[  112.992510][ T6260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.992522][ T6260] RIP: 0033:0x7f36c038bc1f
[  112.992534][ T6260] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  112.992544][ T6260] RSP: 002b:00007f36c11d9000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  112.992559][ T6260] RAX: ffffffffffffffda RBX: 00007f36c05a5fa0 RCX: 00007f36c038bc1f
[  112.992568][ T6260] RDX: 00000000000000be RSI: 0000200000000080 RDI: 00000000000000c8
[  112.992576][ T6260] RBP: 00007f36c11d9090 R08: 0000000000000000 R09: 0000000000000000
[  112.992584][ T6260] R10: 00000000000000be R11: 0000000000000293 R12: 0000000000000001
[  112.992592][ T6260] R13: 0000000000000000 R14: 00007f36c05a5fa0 R15: 00007f36c06cfa28
[  112.992612][ T6260]  </TASK>
[  113.606181][ T6266] ip6t_srh: unknown srh invflags 7863
[  113.720663][ T5889] logitech-djreceiver 0003:046D:C532.0002: unknown main item tag 0x0
[  113.732439][ T5889] logitech-djreceiver 0003:046D:C532.0002: unknown main item tag 0x0
[  113.740700][ T5889] logitech-djreceiver 0003:046D:C532.0002: unknown main item tag 0x0
[  113.748831][ T5889] logitech-djreceiver 0003:046D:C532.0002: unknown main item tag 0x0
[  113.910547][ T5840] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  113.955243][ T6233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.975580][ T6233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.006791][ T5900] usb 4-1: USB disconnect, device number 5
[  114.093172][ T5840] usb 2-1: unable to get BOS descriptor or descriptor too short
[  114.114997][ T5840] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  114.142600][ T5840] usb 2-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  114.157659][ T5840] usb 2-1: config 1 interface 0 altsetting 128 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  114.186781][ T5840] usb 2-1: config 1 interface 0 has no altsetting 0
[  114.201480][ T5840] usb 2-1: config 1 interface 0 has no altsetting 1
[  114.224145][ T5840] usb 2-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  114.234293][ T5840] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.247038][ T5840] usb 2-1: Product: syz
[  114.252519][ T5840] usb 2-1: Manufacturer: syz
[  114.258416][ T5840] usb 2-1: SerialNumber: syz
[  114.294056][ T6286] netlink: 16 bytes leftover after parsing attributes in process `syz.0.126'.
[  114.488928][ T5840] smsusb:smsusb_probe: board id=8, interface number 0
[  114.511681][ T5840] usb 2-1: selecting invalid altsetting 0
[  114.517459][ T5840] smsusb:smsusb_probe: usb_set_interface failed, rc -22
[  114.527530][ T5840] smsusb 2-1:1.0: probe with driver smsusb failed with error -22
[  114.536176][ T5900] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  114.554570][ T5840] usb 2-1: USB disconnect, device number 8
[  114.693616][ T5900] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  114.717467][ T5900] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  114.754915][ T5900] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  114.772088][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=151, SerialNumber=3
[  114.790506][ T5900] usb 3-1: Product: syz
[  114.798535][ T5900] usb 3-1: SerialNumber: syz
[  114.924349][ T6291] netlink: 12 bytes leftover after parsing attributes in process `syz.3.128'.
[  115.032357][ T5900] usb 3-1: 0:2 : does not exist
[  115.075087][ T5900] usb 3-1: USB disconnect, device number 5
[  115.124647][ T5849] udevd[5849]: setting mode of /dev/bus/usb/003/005 to 020664 failed: No such file or directory
[  115.185553][ T5915] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  115.203820][ T5849] udevd[5849]: setting owner of /dev/bus/usb/003/005 to uid=0, gid=0 failed: No such file or directory
[  115.303604][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  115.379229][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  115.392979][ T5915] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.430008][ T5915] usb 4-1: config 0 has no interfaces?
[  115.445404][ T5915] usb 4-1: New USB device found, idVendor=0471, idProduct=0313, bcdDevice=81.d5
[  115.459228][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.461564][ T5840] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  115.477529][ T5915] usb 4-1: Product: syz
[  115.492288][ T5915] usb 4-1: Manufacturer: syz
[  115.509774][ T5915] usb 4-1: SerialNumber: syz
[  115.534298][ T5915] usb 4-1: config 0 descriptor??
[  115.537040][ T6303] FAULT_INJECTION: forcing a failure.
[  115.537040][ T6303] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  115.597392][ T6303] CPU: 0 UID: 0 PID: 6303 Comm: syz.4.133 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  115.597421][ T6303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  115.597433][ T6303] Call Trace:
[  115.597441][ T6303]  <TASK>
[  115.597449][ T6303]  dump_stack_lvl+0x241/0x360
[  115.597487][ T6303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.597516][ T6303]  ? __pfx__printk+0x10/0x10
[  115.597556][ T6303]  should_fail_ex+0x424/0x570
[  115.597584][ T6303]  prepare_alloc_pages+0x220/0x610
[  115.597617][ T6303]  __alloc_frozen_pages_noprof+0x162/0x5b0
[  115.597644][ T6303]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  115.597696][ T6303]  alloc_pages_mpol+0x339/0x690
[  115.597728][ T6303]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  115.597756][ T6303]  ? __kmalloc_noprof+0x2ae/0x4d0
[  115.597781][ T6303]  ? sock_kmalloc+0xd7/0x160
[  115.597807][ T6303]  alloc_pages_noprof+0x121/0x190
[  115.597854][ T6303]  af_alg_sendmsg+0x142b/0x24d0
[  115.597879][ T6303]  ? __pfx___might_resched+0x10/0x10
[  115.597927][ T6303]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  115.597963][ T6303]  ? __pfx_aa_sk_perm+0x10/0x10
[  115.598011][ T6303]  ? aa_sock_msg_perm+0x91/0x160
[  115.598040][ T6303]  ? skcipher_sendmsg+0x28/0xf0
[  115.598070][ T6303]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  115.598095][ T6303]  __sock_sendmsg+0x221/0x270
[  115.598126][ T6303]  __sys_sendto+0x365/0x4c0
[  115.598155][ T6303]  ? __pfx___sys_sendto+0x10/0x10
[  115.598189][ T6303]  ? lock_vma_under_rcu+0x1f0/0x9a0
[  115.598248][ T6303]  __x64_sys_sendto+0xde/0x100
[  115.598272][ T6303]  do_syscall_64+0xf3/0x230
[  115.598299][ T6303]  ? clear_bhb_loop+0x45/0xa0
[  115.598323][ T6303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.598343][ T6303] RIP: 0033:0x7f4a4e98effc
[  115.598362][ T6303] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  115.598378][ T6303] RSP: 002b:00007f4a4f785ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  115.598400][ T6303] RAX: ffffffffffffffda RBX: 00007f4a4f785fc0 RCX: 00007f4a4e98effc
[  115.598415][ T6303] RDX: 0000000000000020 RSI: 00007f4a4f786010 RDI: 0000000000000004
[  115.598432][ T6303] RBP: 0000000000000000 R08: 00007f4a4f785f14 R09: 000000000000000c
[  115.598445][ T6303] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  115.598457][ T6303] R13: 00007f4a4f785f68 R14: 00007f4a4f786010 R15: 0000000000000000
[  115.598489][ T6303]  </TASK>
[  115.840646][ T5840] usb 2-1: device descriptor read/64, error -71
[  115.856100][ T5915] usb 4-1: USB disconnect, device number 6
[  116.082846][ T5840] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  116.117313][ T6314] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  116.126226][ T6314] CPU: 0 UID: 0 PID: 6314 Comm: syz.4.139 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  116.126255][ T6314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  116.126268][ T6314] Call Trace:
[  116.126276][ T6314]  <TASK>
[  116.126285][ T6314]  dump_stack_lvl+0x241/0x360
[  116.126324][ T6314]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.126354][ T6314]  ? __pfx__printk+0x10/0x10
[  116.126381][ T6314]  ? kernfs_path_from_node+0x2b/0x250
[  116.126408][ T6314]  ? kernfs_path_from_node+0x217/0x250
[  116.126433][ T6314]  sysfs_warn_dup+0x8e/0xa0
[  116.126470][ T6314]  sysfs_do_create_link_sd+0xbe/0x110
[  116.126494][ T6314]  device_add_class_symlinks+0x1c5/0x250
[  116.126525][ T6314]  device_add+0x553/0xbf0
[  116.126557][ T6314]  wiphy_register+0x193c/0x2660
[  116.126604][ T6314]  ? __pfx_wiphy_register+0x10/0x10
[  116.126632][ T6314]  ? minstrel_ht_alloc+0x85a/0x950
[  116.126673][ T6314]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  116.126712][ T6314]  ieee80211_register_hw+0x35e9/0x42d0
[  116.126749][ T6314]  ? ieee80211_register_hw+0x1611/0x42d0
[  116.126780][ T6314]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  116.126817][ T6314]  ? __hrtimer_setup+0x17f/0x200
[  116.126841][ T6314]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  116.126871][ T6314]  mac80211_hwsim_new_radio+0x2adc/0x4a60
[  116.126927][ T6314]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  116.126949][ T6314]  ? trace_kmalloc+0x1f/0xd0
[  116.126976][ T6314]  ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0
[  116.127007][ T6314]  ? kstrndup+0xbb/0x150
[  116.127045][ T6314]  hwsim_new_radio_nl+0xed0/0x2290
[  116.127083][ T6314]  ? __pfx___nla_validate_parse+0x10/0x10
[  116.127116][ T6314]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  116.127187][ T6314]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  116.127222][ T6314]  genl_rcv_msg+0xb38/0xf00
[  116.127255][ T6314]  ? __pfx_genl_rcv_msg+0x10/0x10
[  116.127276][ T6314]  ? __dev_queue_xmit+0x1780/0x3f60
[  116.127298][ T6314]  ? kasan_save_track+0x3f/0x80
[  116.127318][ T6314]  ? __kasan_slab_alloc+0x66/0x80
[  116.127346][ T6314]  ? do_syscall_64+0xf3/0x230
[  116.127385][ T6314]  ? __lock_acquire+0xad5/0xd80
[  116.127406][ T6314]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  116.127439][ T6314]  netlink_rcv_skb+0x208/0x480
[  116.127466][ T6314]  ? __pfx_genl_rcv_msg+0x10/0x10
[  116.127487][ T6314]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  116.127532][ T6314]  ? netlink_deliver_tap+0x2e/0x1b0
[  116.127564][ T6314]  genl_rcv+0x28/0x40
[  116.127581][ T6314]  netlink_unicast+0x7f8/0x9a0
[  116.127613][ T6314]  ? __pfx_netlink_unicast+0x10/0x10
[  116.127649][ T6314]  ? skb_put+0x114/0x1f0
[  116.127670][ T6314]  netlink_sendmsg+0x8c3/0xcd0
[  116.127707][ T6314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  116.127736][ T6314]  ? aa_sock_msg_perm+0x91/0x160
[  116.127766][ T6314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  116.127790][ T6314]  __sock_sendmsg+0x221/0x270
[  116.127816][ T6314]  ____sys_sendmsg+0x523/0x860
[  116.127843][ T6314]  ? __pfx_____sys_sendmsg+0x10/0x10
[  116.127859][ T6314]  ? __fget_files+0x2a/0x420
[  116.127879][ T6314]  ? __fget_files+0x2a/0x420
[  116.127905][ T6314]  __sys_sendmsg+0x271/0x360
[  116.127923][ T6314]  ? __pfx_futex_wake+0x10/0x10
[  116.127945][ T6314]  ? __pfx___sys_sendmsg+0x10/0x10
[  116.128013][ T6314]  ? do_syscall_64+0xb6/0x230
[  116.128039][ T6314]  do_syscall_64+0xf3/0x230
[  116.128060][ T6314]  ? clear_bhb_loop+0x45/0xa0
[  116.128082][ T6314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.128099][ T6314] RIP: 0033:0x7f4a4e98d169
[  116.128115][ T6314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.128134][ T6314] RSP: 002b:00007f4a4f787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  116.128154][ T6314] RAX: ffffffffffffffda RBX: 00007f4a4eba5fa0 RCX: 00007f4a4e98d169
[  116.128167][ T6314] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000007
[  116.128178][ T6314] RBP: 00007f4a4ea0e990 R08: 0000000000000000 R09: 0000000000000000
[  116.128189][ T6314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  116.128199][ T6314] R13: 0000000000000000 R14: 00007f4a4eba5fa0 R15: 00007f4a4eccfa28
[  116.128226][ T6314]  </TASK>
[  116.599256][ T5840] usb 2-1: device descriptor read/64, error -71
[  116.650886][ T6325] xt_socket: unknown flags 0xd0
[  116.709892][ T5840] usb usb2-port1: attempt power cycle
[  116.735951][   T30] kauditd_printk_skb: 123 callbacks suppressed
[  116.735970][   T30] audit: type=1326 audit(1744332769.211:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.786659][   T30] audit: type=1326 audit(1744332769.261:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.822378][   T30] audit: type=1326 audit(1744332769.291:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.855047][   T30] audit: type=1326 audit(1744332769.291:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.878030][   T30] audit: type=1326 audit(1744332769.291:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.903011][   T30] audit: type=1326 audit(1744332769.291:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.925186][   T30] audit: type=1326 audit(1744332769.291:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.947469][   T30] audit: type=1326 audit(1744332769.291:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  116.979324][   T30] audit: type=1326 audit(1744332769.291:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  117.020454][   T30] audit: type=1326 audit(1744332769.291:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.0.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  117.079266][ T5840] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  117.116797][ T5840] usb 2-1: device descriptor read/8, error -71
[  117.318218][ T6348] xt_nfacct: accounting object `syz1' does not exists
[  117.369632][ T5840] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  117.411750][ T5840] usb 2-1: device descriptor read/8, error -71
[  117.518464][ T6356] FAULT_INJECTION: forcing a failure.
[  117.518464][ T6356] name failslab, interval 1, probability 0, space 0, times 0
[  117.531411][ T5840] usb usb2-port1: unable to enumerate USB device
[  117.545216][ T6356] CPU: 1 UID: 0 PID: 6356 Comm: syz.3.152 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  117.545243][ T6356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  117.545255][ T6356] Call Trace:
[  117.545263][ T6356]  <TASK>
[  117.545271][ T6356]  dump_stack_lvl+0x241/0x360
[  117.545308][ T6356]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.545337][ T6356]  ? __pfx__printk+0x10/0x10
[  117.545369][ T6356]  ? __pfx___might_resched+0x10/0x10
[  117.545400][ T6356]  should_fail_ex+0x424/0x570
[  117.545426][ T6356]  should_failslab+0xac/0x100
[  117.545456][ T6356]  __kmalloc_noprof+0xdf/0x4d0
[  117.545483][ T6356]  ? sock_kmalloc+0xd7/0x160
[  117.545510][ T6356]  sock_kmalloc+0xd7/0x160
[  117.545535][ T6356]  skcipher_recvmsg+0x613/0x1250
[  117.545583][ T6356]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  117.545609][ T6356]  ? aa_sock_msg_perm+0x91/0x160
[  117.545640][ T6356]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  117.545657][ T6356]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  117.545685][ T6356]  sock_recvmsg+0x22f/0x280
[  117.545716][ T6356]  ____sys_recvmsg+0x1c8/0x480
[  117.545748][ T6356]  ? __pfx_____sys_recvmsg+0x10/0x10
[  117.545795][ T6356]  do_recvmmsg+0x428/0xab0
[  117.545836][ T6356]  ? __pfx_do_recvmmsg+0x10/0x10
[  117.545876][ T6356]  ? rcu_read_lock_any_held+0xbb/0x160
[  117.545903][ T6356]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  117.545933][ T6356]  ? vfs_write+0xb29/0xd10
[  117.545966][ T6356]  ? ksys_write+0x24e/0x2d0
[  117.545993][ T6356]  ? __mutex_unlock_slowpath+0x229/0x800
[  117.546028][ T6356]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  117.546052][ T6356]  ? __fget_files+0x2a/0x420
[  117.546087][ T6356]  __x64_sys_recvmmsg+0x1ab/0x260
[  117.546113][ T6356]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  117.546143][ T6356]  ? do_syscall_64+0xb6/0x230
[  117.546170][ T6356]  do_syscall_64+0xf3/0x230
[  117.546194][ T6356]  ? clear_bhb_loop+0x45/0xa0
[  117.546219][ T6356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.546237][ T6356] RIP: 0033:0x7fe354f8d169
[  117.546255][ T6356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.546270][ T6356] RSP: 002b:00007fe355e9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  117.546292][ T6356] RAX: ffffffffffffffda RBX: 00007fe3551a5fa0 RCX: 00007fe354f8d169
[  117.546306][ T6356] RDX: 0000000000000001 RSI: 00002000000024c0 RDI: 0000000000000004
[  117.546318][ T6356] RBP: 00007fe355e9e090 R08: 0000000000000000 R09: 0000000000000000
[  117.546330][ T6356] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  117.546342][ T6356] R13: 0000000000000000 R14: 00007fe3551a5fa0 R15: 00007fe3552cfa28
[  117.546373][ T6356]  </TASK>
[  117.574992][ T5840] IPVS: starting estimator thread 0...
[  117.681420][ T6362] vlan2: entered allmulticast mode
[  117.686479][ T5900] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  117.838154][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  117.958631][ T6360] IPVS: using max 26 ests per chain, 62400 per kthread
[  117.969358][   T54] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  117.989674][   T10] usb 5-1: Using ep0 maxpacket: 32
[  117.996667][   T10] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  118.005498][   T10] usb 5-1: config 0 has no interface number 0
[  118.012171][   T10] usb 5-1: config 0 interface 12 has no altsetting 0
[  118.019815][ T5900] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.032724][ T5900] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.043460][ T5900] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  118.055077][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.063936][   T10] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  118.073107][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.082987][   T10] usb 5-1: Product: syz
[  118.087190][   T10] usb 5-1: Manufacturer: syz
[  118.092948][ T5900] usb 1-1: config 0 descriptor??
[  118.105785][   T10] usb 5-1: SerialNumber: syz
[  118.116445][   T10] usb 5-1: config 0 descriptor??
[  118.139943][   T54] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.152820][   T54] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.163189][   T54] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  118.189258][   T54] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.206591][   T54] usb 3-1: config 0 descriptor??
[  118.631016][ T5887] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  118.647728][   T54] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[  118.659982][   T54] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[  118.667165][   T54] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[  118.677195][   T54] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[  118.685490][   T54] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[  118.707118][   T54] hid-rmi 0003:06CB:81A7.0003: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.2-1/input0
[  118.737868][ T5900] usbhid 1-1:0.0: can't add hid device: -71
[  118.779867][ T5900] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  118.799592][ T5900] usb 1-1: USB disconnect, device number 4
[  118.802937][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.836704][ T5887] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  118.855853][ T5887] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  118.878533][ T5887] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.893784][ T5887] usb 4-1: config 0 descriptor??
[  118.902650][ T5887] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  118.929691][ T5887] dvb-usb: bulk message failed: -22 (3/0)
[  118.988680][ T5887] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  119.006278][ T5887] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  119.025244][ T5887] usb 4-1: media controller created
[  119.034962][ T5887] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  119.045763][ T5900] usb 3-1: USB disconnect, device number 6
[  119.054609][ T5887] dvb-usb: bulk message failed: -22 (6/0)
[  119.066263][ T5887] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  119.089660][ T5887] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6
[  119.108014][ T6372] mmap: syz.3.158 (6372) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  119.132626][ T5887] dvb-usb: schedule remote query interval to 150 msecs.
[  119.159421][ T5887] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  119.161030][ T6352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.150'.
[  119.320803][ T5887] dvb-usb: bulk message failed: -22 (1/0)
[  119.326754][ T5887] dvb-usb: error while querying for an remote control event.
[  119.395860][ T6394] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  119.413722][ T5900] usb 4-1: USB disconnect, device number 7
[  119.428812][ T6394] netlink: 84 bytes leftover after parsing attributes in process `syz.0.164'.
[  119.455031][ T6394] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  119.477757][ T6397] netlink: 8 bytes leftover after parsing attributes in process `syz.0.164'.
[  119.525498][ T5900] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  119.631625][ T6399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.165'.
[  119.665520][ T6399] team_slave_0: entered promiscuous mode
[  119.671445][ T6399] team_slave_1: entered promiscuous mode
[  119.683784][ T6399] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  119.790446][ T6404] process 'syz.1.167' launched '/dev/fd/4' with NULL argv: empty string added
[  119.870232][ T6402] kvm: apic: phys broadcast and lowest prio
[  119.914790][   T10] f81534 5-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  119.926731][   T10] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71
[  119.952652][   T10] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  119.966032][   T10] f81534 5-1:0.12: probe with driver f81534 failed with error -71
[  120.007869][   T10] usb 5-1: USB disconnect, device number 4
[  120.559784][   T10] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  120.829368][ T5889] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  120.889783][   T10] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 3
[  120.961122][   T10] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  120.972701][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.060396][   T10] usb 4-1: Product: syz
[  121.081448][ T5889] usb 2-1: Using ep0 maxpacket: 16
[  121.090102][   T10] usb 4-1: Manufacturer: syz
[  121.115623][   T10] usb 4-1: SerialNumber: syz
[  121.135713][ T5889] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.181159][   T10] usb 4-1: config 0 descriptor??
[  121.207559][ T5889] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  121.208825][ T6437] FAULT_INJECTION: forcing a failure.
[  121.208825][ T6437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.239785][ T6437] CPU: 1 UID: 0 PID: 6437 Comm: syz.4.178 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  121.239815][ T6437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  121.239828][ T6437] Call Trace:
[  121.239836][ T6437]  <TASK>
[  121.239844][ T6437]  dump_stack_lvl+0x241/0x360
[  121.239893][ T6437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.239923][ T6437]  ? __pfx__printk+0x10/0x10
[  121.239965][ T6437]  should_fail_ex+0x424/0x570
[  121.239991][ T6437]  _copy_from_user+0x2d/0xb0
[  121.240021][ T6437]  copy_msghdr_from_user+0xb3/0x580
[  121.240056][ T6437]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  121.240101][ T6437]  do_recvmmsg+0x3bf/0xab0
[  121.240136][ T6437]  ? __pfx_do_recvmmsg+0x10/0x10
[  121.240175][ T6437]  ? rcu_read_lock_any_held+0xbb/0x160
[  121.240203][ T6437]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  121.240234][ T6437]  ? vfs_write+0xb29/0xd10
[  121.240268][ T6437]  ? ksys_write+0x24e/0x2d0
[  121.240295][ T6437]  ? __mutex_unlock_slowpath+0x229/0x800
[  121.240331][ T6437]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  121.240355][ T6437]  ? __fget_files+0x2a/0x420
[  121.240390][ T6437]  __x64_sys_recvmmsg+0x1ab/0x260
[  121.240416][ T6437]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  121.240446][ T6437]  ? do_syscall_64+0xb6/0x230
[  121.240474][ T6437]  do_syscall_64+0xf3/0x230
[  121.240499][ T6437]  ? clear_bhb_loop+0x45/0xa0
[  121.240524][ T6437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.240544][ T6437] RIP: 0033:0x7f4a4e98d169
[  121.240572][ T6437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.240588][ T6437] RSP: 002b:00007f4a4f787038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  121.240617][ T6437] RAX: ffffffffffffffda RBX: 00007f4a4eba5fa0 RCX: 00007f4a4e98d169
[  121.240632][ T6437] RDX: 000000000000f000 RSI: 0000200000000d00 RDI: 0000000000000003
[  121.240644][ T6437] RBP: 00007f4a4f787090 R08: 0000000000000000 R09: 0000000000000000
[  121.240657][ T6437] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  121.240669][ T6437] R13: 0000000000000000 R14: 00007f4a4eba5fa0 R15: 00007f4a4eccfa28
[  121.240699][ T6437]  </TASK>
[  121.687656][ T5889] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  121.870515][ T5889] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  121.880547][ T5889] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  121.930751][ T5889] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  121.954475][ T5889] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  121.977822][ T5889] usb 2-1: Manufacturer: syz
[  122.003659][ T5889] usb 2-1: config 0 descriptor??
[  122.380014][ T5889] rc_core: IR keymap rc-hauppauge not found
[  122.397235][ T5889] Registered IR keymap rc-empty
[  122.468114][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  122.570599][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  122.646065][ T5889] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  122.996462][ T5889] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7
[  123.407177][   T10] usb 4-1: USB disconnect, device number 8
[  123.427690][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.469443][   T24] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  123.509495][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.562369][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.629423][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.639045][   T24] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  123.673537][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.690197][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.708288][   T24] usb 1-1: Product: syz
[  123.735326][   T24] usb 1-1: Manufacturer: syz
[  123.744572][   T24] usb 1-1: SerialNumber: syz
[  123.769353][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.782887][   T24] usb 1-1: config 0 descriptor??
[  123.853150][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  123.929479][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  124.010864][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  124.018024][ T6465] vlan2: entered promiscuous mode
[  124.018318][ T6465] vlan2: entered allmulticast mode
[  124.043752][ T6465] hsr_slave_1: entered allmulticast mode
[  124.045488][   T24] hso 1-1:0.0: Failed to find BULK IN ep
[  124.075335][   T24] usb-storage 1-1:0.0: USB Mass Storage device detected
[  124.090802][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  124.124728][ T6465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.186'.
[  124.140001][ T5889] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  124.183256][ T5889] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  124.223201][ T5889] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  124.545451][ T6475] netlink: 'syz.3.190': attribute type 30 has an invalid length.
[  124.747123][   T54] usb 2-1: USB disconnect, device number 13
[  124.848482][   T24] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  125.038954][   T24] usb 3-1: Using ep0 maxpacket: 16
[  125.052598][   T24] usb 3-1: config 0 has no interfaces?
[  125.089378][   T24] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  125.099644][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.107681][   T24] usb 3-1: Product: syz
[  125.299736][   T24] usb 3-1: Manufacturer: syz
[  125.304474][   T24] usb 3-1: SerialNumber: syz
[  125.322826][   T24] r8152-cfgselector 3-1: Unknown version 0x0000
[  125.331294][   T24] r8152-cfgselector 3-1: config 0 descriptor??
[  125.576254][   T24] r8152-cfgselector 3-1: USB disconnect, device number 7
[  125.722355][ T6508] FAULT_INJECTION: forcing a failure.
[  125.722355][ T6508] name failslab, interval 1, probability 0, space 0, times 0
[  125.749659][ T6510] netlink: 64 bytes leftover after parsing attributes in process `syz.2.199'.
[  125.768712][ T6508] CPU: 1 UID: 0 PID: 6508 Comm: syz.3.198 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  125.768740][ T6508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  125.768752][ T6508] Call Trace:
[  125.768760][ T6508]  <TASK>
[  125.768768][ T6508]  dump_stack_lvl+0x241/0x360
[  125.768806][ T6508]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.768836][ T6508]  ? __pfx__printk+0x10/0x10
[  125.768869][ T6508]  ? __pfx___might_resched+0x10/0x10
[  125.768900][ T6508]  should_fail_ex+0x424/0x570
[  125.768927][ T6508]  should_failslab+0xac/0x100
[  125.768957][ T6508]  __kmalloc_noprof+0xdf/0x4d0
[  125.768984][ T6508]  ? skcipher_next_slow+0xea/0x230
[  125.769016][ T6508]  skcipher_next_slow+0xea/0x230
[  125.769047][ T6508]  ecb_encrypt+0x2ba/0x390
[  125.769078][ T6508]  ? __pfx_ecb_encrypt+0x10/0x10
[  125.769109][ T6508]  ? simd_skcipher_encrypt+0x55/0x130
[  125.769142][ T6508]  ? irq_fpu_usable+0x8e/0xc0
[  125.769168][ T6508]  ? cryptd_skcipher_child+0xd/0x40
[  125.769199][ T6508]  skcipher_recvmsg+0xbee/0x1250
[  125.769246][ T6508]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  125.769273][ T6508]  ? aa_sock_msg_perm+0x91/0x160
[  125.769303][ T6508]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  125.769321][ T6508]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  125.769350][ T6508]  sock_recvmsg+0x22f/0x280
[  125.769382][ T6508]  ____sys_recvmsg+0x1c8/0x480
[  125.769414][ T6508]  ? __pfx_____sys_recvmsg+0x10/0x10
[  125.769461][ T6508]  do_recvmmsg+0x428/0xab0
[  125.769497][ T6508]  ? __pfx_do_recvmmsg+0x10/0x10
[  125.769537][ T6508]  ? rcu_read_lock_any_held+0xbb/0x160
[  125.769564][ T6508]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  125.769595][ T6508]  ? vfs_write+0xb29/0xd10
[  125.769629][ T6508]  ? ksys_write+0x24e/0x2d0
[  125.769655][ T6508]  ? __mutex_unlock_slowpath+0x229/0x800
[  125.769691][ T6508]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  125.769715][ T6508]  ? __fget_files+0x2a/0x420
[  125.769750][ T6508]  __x64_sys_recvmmsg+0x1ab/0x260
[  125.769776][ T6508]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  125.769806][ T6508]  ? do_syscall_64+0xb6/0x230
[  125.769835][ T6508]  do_syscall_64+0xf3/0x230
[  125.769859][ T6508]  ? clear_bhb_loop+0x45/0xa0
[  125.769884][ T6508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.769903][ T6508] RIP: 0033:0x7fe354f8d169
[  125.769920][ T6508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.769936][ T6508] RSP: 002b:00007fe355e9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  125.769958][ T6508] RAX: ffffffffffffffda RBX: 00007fe3551a5fa0 RCX: 00007fe354f8d169
[  125.769972][ T6508] RDX: 0000000000000001 RSI: 00002000000024c0 RDI: 0000000000000004
[  125.769985][ T6508] RBP: 00007fe355e9e090 R08: 0000000000000000 R09: 0000000000000000
[  125.769997][ T6508] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  125.770008][ T6508] R13: 0000000000000000 R14: 00007fe3551a5fa0 R15: 00007fe3552cfa28
[  125.770040][ T6508]  </TASK>
[  126.202389][ T6512] vlan2: entered allmulticast mode
[  126.207661][ T6512] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  126.339256][   T54] usb 1-1: USB disconnect, device number 5
[  126.480763][ T6517] netlink: 36 bytes leftover after parsing attributes in process `syz.2.202'.
[  126.809407][ T5889] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  126.929427][   T54] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  126.984962][ T5889] usb 3-1: config 0 has no interfaces?
[  127.004861][ T5889] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  127.019555][ T5915] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  127.021330][ T5889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.043078][ T5889] usb 3-1: Product: syz
[  127.059005][ T5889] usb 3-1: Manufacturer: syz
[  127.067051][ T5889] usb 3-1: SerialNumber: syz
[  127.087780][ T5889] usb 3-1: config 0 descriptor??
[  127.099441][   T54] usb 1-1: Using ep0 maxpacket: 8
[  127.111156][   T54] usb 1-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[  127.129880][   T54] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.131304][ T6536] syz.4.211 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  127.143273][   T54] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 65
[  127.162510][   T54] usb 1-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  127.173531][   T54] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.190921][ T5915] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  127.209771][ T5915] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  127.231339][   T54] usb 1-1: config 0 descriptor??
[  127.245114][ T5915] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  127.258161][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.294792][ T5915] usb 4-1: Product: syz
[  127.300965][ T5915] usb 4-1: Manufacturer: syz
[  127.306531][ T5915] usb 4-1: SerialNumber: syz
[  127.439305][ T5889] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  127.465802][   T54] usb 1-1: USB disconnect, device number 6
[  127.548907][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  127.558315][   T30] audit: type=1326 audit(1744332780.021:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6545 comm="syz.4.216" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4a4e98d169 code=0x0
[  127.630712][ T5889] usb 2-1: Using ep0 maxpacket: 8
[  127.638556][ T5889] usb 2-1: unable to get BOS descriptor or descriptor too short
[  127.648139][ T5889] usb 2-1: config 9 has an invalid interface number: 121 but max is 1
[  127.658646][ T5889] usb 2-1: config 9 has an invalid interface number: 93 but max is 1
[  127.667159][ T5889] usb 2-1: config 9 has no interface number 0
[  127.674485][ T5889] usb 2-1: config 9 has no interface number 1
[  127.680675][ T5889] usb 2-1: too many endpoints for config 9 interface 121 altsetting 7: 249, using maximum allowed: 30
[  127.696229][ T5889] usb 2-1: config 9 interface 121 altsetting 7 endpoint 0x5 has invalid wMaxPacketSize 0
[  127.706455][ T5889] usb 2-1: config 9 interface 121 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 249
[  127.720169][ T5889] usb 2-1: config 9 interface 121 has no altsetting 0
[  127.726985][ T5889] usb 2-1: config 9 interface 93 has no altsetting 0
[  127.737692][ T5889] usb 2-1: New USB device found, idVendor=0499, idProduct=1018, bcdDevice=35.13
[  127.747426][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[  127.757794][ T5889] usb 2-1: Manufacturer: syz
[  127.762928][ T5889] usb 2-1: SerialNumber: syz
[  127.936768][ T5915] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS
[  127.941532][ T6524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.944087][ T5915] cdc_ncm 4-1:1.0: bind() failure
[  127.953477][ T6524] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.984333][ T5915] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  127.986867][ T5889] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  128.009023][ T5915] cdc_ncm 4-1:1.1: bind() failure
[  128.015522][ T5889] snd-usb-audio 2-1:9.121: probe with driver snd-usb-audio failed with error -2
[  128.063542][ T5889] usb 2-1: Found UVC 0.00 device <unnamed> (0499:1018)
[  128.086727][ T5889] usb 2-1: No valid video chain found.
[  128.102631][ T5889] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  128.158682][ T5889] snd-usb-audio 2-1:9.93: probe with driver snd-usb-audio failed with error -2
[  128.177916][ T5889] usb 2-1: USB disconnect, device number 14
[  128.380339][ T6456] udevd[6456]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:9.93/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  128.552222][ T5915] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  128.670062][ T6559] FAULT_INJECTION: forcing a failure.
[  128.670062][ T6559] name failslab, interval 1, probability 0, space 0, times 0
[  128.685934][ T6559] CPU: 1 UID: 0 PID: 6559 Comm: syz.1.222 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  128.685965][ T6559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  128.685978][ T6559] Call Trace:
[  128.685986][ T6559]  <TASK>
[  128.685994][ T6559]  dump_stack_lvl+0x241/0x360
[  128.686033][ T6559]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.686064][ T6559]  ? __pfx__printk+0x10/0x10
[  128.686116][ T6559]  ? __pfx___might_resched+0x10/0x10
[  128.686143][ T6559]  should_fail_ex+0x424/0x570
[  128.686163][ T6559]  should_failslab+0xac/0x100
[  128.686185][ T6559]  __kmalloc_noprof+0xdf/0x4d0
[  128.686205][ T6559]  ? __local_bh_enable_ip+0x168/0x200
[  128.686219][ T6559]  ? sock_kmalloc+0xd7/0x160
[  128.686239][ T6559]  sock_kmalloc+0xd7/0x160
[  128.686263][ T6559]  af_alg_alloc_areq+0x90/0x260
[  128.686284][ T6559]  skcipher_recvmsg+0x384/0x1250
[  128.686318][ T6559]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  128.686336][ T6559]  ? __fget_files+0x2a/0x420
[  128.686348][ T6559]  ? aa_sock_msg_perm+0x91/0x160
[  128.686370][ T6559]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  128.686383][ T6559]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  128.686406][ T6559]  sock_recvmsg+0x22f/0x280
[  128.686429][ T6559]  __sys_recvfrom+0x204/0x380
[  128.686448][ T6559]  ? __pfx___sys_recvfrom+0x10/0x10
[  128.686472][ T6559]  ? lock_vma_under_rcu+0x1f0/0x9a0
[  128.686512][ T6559]  __x64_sys_recvfrom+0xde/0x100
[  128.686529][ T6559]  do_syscall_64+0xf3/0x230
[  128.686548][ T6559]  ? clear_bhb_loop+0x45/0xa0
[  128.686566][ T6559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.686580][ T6559] RIP: 0033:0x7f3e36b8ef34
[  128.686593][ T6559] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04
[  128.686605][ T6559] RSP: 002b:00007f3e37936ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  128.686621][ T6559] RAX: ffffffffffffffda RBX: 00007f3e37936fc0 RCX: 00007f3e36b8ef34
[  128.686631][ T6559] RDX: 0000000000001000 RSI: 00007f3e37937010 RDI: 0000000000000004
[  128.686640][ T6559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  128.686649][ T6559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  128.686657][ T6559] R13: 00007f3e37936f68 R14: 00007f3e37937010 R15: 0000000000000000
[  128.686679][ T6559]  </TASK>
[  128.939444][ T5915] usb 1-1: Using ep0 maxpacket: 16
[  128.956761][ T5915] usb 1-1: config 1 has an invalid descriptor of length 30, skipping remainder of the config
[  128.967043][ T5915] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  128.983051][ T5915] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  128.992744][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  129.000829][ T5915] usb 1-1: SerialNumber: syz
[  129.009967][ T5915] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[  129.017838][ T5915] cdc_acm 1-1:1.0: This needs exactly 3 endpoints
[  129.024581][ T5915] cdc_acm 1-1:1.0: probe with driver cdc_acm failed with error -22
[  129.249449][   T54] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[  129.411214][   T54] usb 2-1: unable to get BOS descriptor or descriptor too short
[  129.421361][   T54] usb 2-1: config 7 has an invalid interface number: 67 but max is 0
[  129.431153][   T54] usb 2-1: config 7 has no interface number 0
[  129.448544][   T54] usb 2-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[  129.461360][   T54] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.485020][   T54] usb 2-1: Product: 㯑
[  129.496381][ T5915] usb 3-1: USB disconnect, device number 8
[  129.642710][ T6565] syzkaller1: entered promiscuous mode
[  129.648359][ T6565] syzkaller1: entered allmulticast mode
[  129.739943][   T54] usb 2-1: USB disconnect, device number 15
[  129.772423][ T6568] FAULT_INJECTION: forcing a failure.
[  129.772423][ T6568] name failslab, interval 1, probability 0, space 0, times 0
[  129.785326][ T6568] CPU: 1 UID: 0 PID: 6568 Comm: syz.2.226 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  129.785367][ T6568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  129.785377][ T6568] Call Trace:
[  129.785384][ T6568]  <TASK>
[  129.785391][ T6568]  dump_stack_lvl+0x241/0x360
[  129.785426][ T6568]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.785455][ T6568]  ? __pfx__printk+0x10/0x10
[  129.785487][ T6568]  ? __asan_memset+0x23/0x50
[  129.785509][ T6568]  ? ip_vs_fill_iph_skb_off+0x337/0x820
[  129.785542][ T6568]  should_fail_ex+0x424/0x570
[  129.785569][ T6568]  should_failslab+0xac/0x100
[  129.785598][ T6568]  kmem_cache_alloc_noprof+0x78/0x390
[  129.785626][ T6568]  ? skb_clone+0x20c/0x390
[  129.785654][ T6568]  skb_clone+0x20c/0x390
[  129.785680][ T6568]  raw_local_deliver+0xa43/0xf30
[  129.785723][ T6568]  ? raw_local_deliver+0x329/0xf30
[  129.785752][ T6568]  ? __pfx_raw_local_deliver+0x10/0x10
[  129.785790][ T6568]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  129.785818][ T6568]  ip_protocol_deliver_rcu+0x44/0x450
[  129.785848][ T6568]  ? ip_local_deliver_finish+0x230/0x600
[  129.785875][ T6568]  ip_local_deliver_finish+0x343/0x600
[  129.785918][ T6568]  NF_HOOK+0x3a0/0x450
[  129.785946][ T6568]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  129.785971][ T6568]  ? NF_HOOK+0x9e/0x450
[  129.785995][ T6568]  ? __pfx_NF_HOOK+0x10/0x10
[  129.786022][ T6568]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  129.786054][ T6568]  ? ip_rcv_finish+0x409/0x560
[  129.786084][ T6568]  NF_HOOK+0x3a0/0x450
[  129.786111][ T6568]  ? __pfx_ip_rcv_finish+0x10/0x10
[  129.786134][ T6568]  ? NF_HOOK+0x9e/0x450
[  129.786157][ T6568]  ? __pfx_NF_HOOK+0x10/0x10
[  129.786179][ T6568]  ? ip_rcv_core+0x80c/0xd20
[  129.786203][ T6568]  ? __pfx_ip_rcv_finish+0x10/0x10
[  129.786235][ T6568]  ? __pfx_ip_rcv+0x10/0x10
[  129.786256][ T6568]  __netif_receive_skb+0x2c9/0x670
[  129.786289][ T6568]  ? __pfx___netif_receive_skb+0x10/0x10
[  129.786330][ T6568]  ? netif_receive_skb+0x133/0x890
[  129.786354][ T6568]  ? netif_receive_skb+0x133/0x890
[  129.786376][ T6568]  netif_receive_skb+0x1ea/0x890
[  129.786401][ T6568]  ? tun_rx_batched+0x14b/0x8d0
[  129.786420][ T6568]  ? __pfx_netif_receive_skb+0x10/0x10
[  129.786476][ T6568]  ? tun_rx_batched+0x14b/0x8d0
[  129.786494][ T6568]  tun_rx_batched+0x1a4/0x8d0
[  129.786518][ T6568]  ? __lock_acquire+0xad5/0xd80
[  129.786541][ T6568]  ? __pfx_tun_rx_batched+0x10/0x10
[  129.786575][ T6568]  ? tun_get_user+0x2a99/0x47c0
[  129.786592][ T6568]  ? tun_get_user+0x2a99/0x47c0
[  129.786610][ T6568]  tun_get_user+0x2fec/0x47c0
[  129.786630][ T6568]  ? tun_get_user+0x852/0x47c0
[  129.786666][ T6568]  ? aa_file_perm+0x139/0xf60
[  129.786696][ T6568]  ? aa_file_perm+0x3f1/0xf60
[  129.786726][ T6568]  ? __pfx_tun_get_user+0x10/0x10
[  129.786762][ T6568]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  129.786805][ T6568]  ? tun_get+0x1e/0x2f0
[  129.786838][ T6568]  ? tun_get+0x1e/0x2f0
[  129.786866][ T6568]  ? tun_get+0x27d/0x2f0
[  129.786899][ T6568]  tun_chr_write_iter+0x10d/0x1f0
[  129.786942][ T6568]  vfs_write+0x70f/0xd10
[  129.786974][ T6568]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  129.787006][ T6568]  ? __pfx_vfs_write+0x10/0x10
[  129.787032][ T6568]  ? __fget_files+0x2a/0x420
[  129.787055][ T6568]  ? __fget_files+0x2a/0x420
[  129.787084][ T6568]  ksys_write+0x19d/0x2d0
[  129.787111][ T6568]  ? __pfx_ksys_write+0x10/0x10
[  129.787142][ T6568]  ? do_syscall_64+0xb6/0x230
[  129.787171][ T6568]  do_syscall_64+0xf3/0x230
[  129.787197][ T6568]  ? clear_bhb_loop+0x45/0xa0
[  129.787222][ T6568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.787242][ T6568] RIP: 0033:0x7f36c038bc1f
[  129.787261][ T6568] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  129.787278][ T6568] RSP: 002b:00007f36c11d9000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  129.787300][ T6568] RAX: ffffffffffffffda RBX: 00007f36c05a5fa0 RCX: 00007f36c038bc1f
[  129.787315][ T6568] RDX: 00000000000000be RSI: 0000200000000080 RDI: 00000000000000c8
[  129.787328][ T6568] RBP: 00007f36c11d9090 R08: 0000000000000000 R09: 0000000000000000
[  129.787341][ T6568] R10: 00000000000000be R11: 0000000000000293 R12: 0000000000000001
[  129.787353][ T6568] R13: 0000000000000000 R14: 00007f36c05a5fa0 R15: 00007f36c06cfa28
[  129.787385][ T6568]  </TASK>
[  129.836213][   T10] usb 1-1: USB disconnect, device number 7
[  129.962287][ T5915] usb 4-1: USB disconnect, device number 9
[  131.644505][   T30] audit: type=1326 audit(1744332784.111:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  131.733078][   T30] audit: type=1326 audit(1744332784.111:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  131.762803][   T30] audit: type=1326 audit(1744332784.111:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  131.785626][   T30] audit: type=1326 audit(1744332784.111:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  131.869357][   T30] audit: type=1326 audit(1744332784.111:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  131.869370][ T5887] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  131.994884][   T30] audit: type=1326 audit(1744332784.111:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  132.039323][   T30] audit: type=1326 audit(1744332784.111:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  132.040754][ T5887] usb 3-1: Using ep0 maxpacket: 8
[  132.064209][   T30] audit: type=1326 audit(1744332784.111:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  132.098311][   T30] audit: type=1326 audit(1744332784.111:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.0.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a0198d169 code=0x7ffc0000
[  132.148770][ T5887] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  132.163253][ T5887] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  132.171531][ T5887] usb 3-1: Product: syz
[  132.175812][ T5887] usb 3-1: Manufacturer: syz
[  132.184175][ T5887] usb 3-1: SerialNumber: syz
[  132.195260][ T5887] usb 3-1: config 0 descriptor??
[  132.211936][ T5887] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  132.409262][   T10] usb 2-1: new low-speed USB device number 16 using dummy_hcd
[  132.559486][   T10] usb 2-1: device descriptor read/64, error -71
[  132.610901][ T5887] gspca_zc3xx: reg_r err -71
[  132.615731][ T5887] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  132.644976][ T5887] usb 3-1: USB disconnect, device number 9
[  132.713749][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.720624][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  132.779429][ T5889] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  132.809297][   T10] usb 2-1: new low-speed USB device number 17 using dummy_hcd
[  132.936597][ T5889] usb 1-1: unable to get BOS descriptor or descriptor too short
[  132.948137][ T5889] usb 1-1: not running at top speed; connect to a high speed hub
[  132.959799][   T10] usb 2-1: device descriptor read/64, error -71
[  132.968329][ T5889] usb 1-1: config 9 has an invalid interface number: 87 but max is 0
[  132.978976][ T5889] usb 1-1: config 9 has no interface number 0
[  132.985285][ T5889] usb 1-1: config 9 interface 87 altsetting 127 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  132.996318][ T5889] usb 1-1: config 9 interface 87 has no altsetting 0
[  133.005461][ T5889] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=a8.d0
[  133.014767][ T5889] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.039883][ T5889] usb 1-1: Product: syz
[  133.044172][ T5889] usb 1-1: Manufacturer: syz
[  133.070805][   T10] usb usb2-port1: attempt power cycle
[  133.076359][ T5889] usb 1-1: SerialNumber: syz
[  133.385590][ T5887] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  133.400033][ T5889] usb 1-1: USB disconnect, device number 8
[  133.439458][   T54] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  133.448695][   T10] usb 2-1: new low-speed USB device number 18 using dummy_hcd
[  133.481366][   T10] usb 2-1: device descriptor read/8, error -71
[  133.571518][ T5887] usb 4-1: Using ep0 maxpacket: 16
[  133.582716][ T5887] usb 4-1: config 252 has an invalid interface number: 15 but max is 0
[  133.612061][   T54] usb 5-1: config 0 has no interfaces?
[  133.621266][   T54] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  133.630378][   T54] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.638475][   T54] usb 5-1: Product: syz
[  133.643055][   T54] usb 5-1: Manufacturer: syz
[  133.647662][   T54] usb 5-1: SerialNumber: syz
[  133.664249][ T5887] usb 4-1: config 252 has no interface number 0
[  133.664652][   T54] usb 5-1: config 0 descriptor??
[  133.723522][ T5887] usb 4-1: config 252 interface 15 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  133.739290][   T10] usb 2-1: new low-speed USB device number 19 using dummy_hcd
[  133.742164][ T5887] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29
[  133.759557][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.767658][ T5887] usb 4-1: Product: syz
[  133.769983][   T10] usb 2-1: device descriptor read/8, error -71
[  133.780518][ T5887] usb 4-1: Manufacturer: syz
[  133.785128][ T5887] usb 4-1: SerialNumber: syz
[  133.931553][ T5887] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  133.948551][ T6641] netlink: 64 bytes leftover after parsing attributes in process `syz.0.250'.
[  133.960143][ T6632] netlink: 16 bytes leftover after parsing attributes in process `syz.4.245'.
[  133.977485][   T10] usb usb2-port1: unable to enumerate USB device
[  134.081228][   T53] usb 4-1: Failed to submit usb control message: -71
[  134.081555][   T10] usb 4-1: USB disconnect, device number 10
[  134.088252][   T53] usb 4-1: unable to send the bmi data to the device: -71
[  134.103077][   T53] usb 4-1: unable to get target info from device
[  134.109616][   T53] usb 4-1: could not get target info (-71)
[  134.116314][   T53] usb 4-1: could not probe fw (-71)
[  134.157987][   T30] kauditd_printk_skb: 46 callbacks suppressed
[  134.158000][   T30] audit: type=1326 audit(1744332786.631:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  134.343368][   T30] audit: type=1326 audit(1744332786.631:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  134.399593][   T30] audit: type=1326 audit(1744332786.631:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  134.581437][   T30] audit: type=1326 audit(1744332786.661:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  134.608398][   T30] audit: type=1326 audit(1744332786.661:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  134.799244][   T54] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  134.826134][   T30] audit: type=1326 audit(1744332786.661:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  134.927265][   T30] audit: type=1326 audit(1744332786.661:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  135.035533][   T30] audit: type=1326 audit(1744332786.661:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  135.089604][ T5887] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  135.208310][   T54] usb 1-1: config 0 has no interfaces?
[  135.224899][   T54] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  135.236402][   T54] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.244770][   T30] audit: type=1326 audit(1744332786.671:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  135.277293][   T54] usb 1-1: Product: syz
[  135.289335][   T54] usb 1-1: Manufacturer: syz
[  135.292660][ T5887] usb 4-1: Using ep0 maxpacket: 16
[  135.293950][   T54] usb 1-1: SerialNumber: syz
[  135.307057][   T30] audit: type=1326 audit(1744332786.671:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.2.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  135.338468][   T54] usb 1-1: config 0 descriptor??
[  135.359055][ T5887] usb 4-1: too many endpoints for config 0 interface 0 altsetting 229: 247, using maximum allowed: 30
[  135.375684][ T5887] usb 4-1: config 0 interface 0 altsetting 229 has 0 endpoint descriptors, different from the interface descriptor's value: 247
[  135.400261][ T5887] usb 4-1: config 0 interface 0 has no altsetting 0
[  135.425943][ T5887] usb 4-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=59.31
[  135.438939][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.466496][ T5887] usb 4-1: Product: syz
[  135.478609][ T5887] usb 4-1: Manufacturer: syz
[  135.502251][ T5887] usb 4-1: SerialNumber: syz
[  135.541100][ T5887] usb 4-1: config 0 descriptor??
[  135.605129][ T5888] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  135.765049][ T5887] usb 4-1: USB disconnect, device number 11
[  135.878717][ T5888] usb 2-1: Using ep0 maxpacket: 16
[  135.886621][ T5888] usb 2-1: config 0 has an invalid interface number: 190 but max is 1
[  135.895271][ T5888] usb 2-1: config 0 has an invalid interface number: 2 but max is 1
[  135.917137][ T5888] usb 2-1: config 0 has 3 interfaces, different from the descriptor's value: 2
[  135.928564][ T5888] usb 2-1: config 0 has no interface number 1
[  135.935718][ T5888] usb 2-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  136.005956][ T5888] usb 2-1: config 0 interface 2 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  136.023705][ T5888] usb 2-1: config 0 interface 0 has no altsetting 0
[  136.044766][ T5888] usb 2-1: config 0 interface 2 has no altsetting 0
[  136.063643][ T5888] usb 2-1: New USB device found, idVendor=0499, idProduct=150a, bcdDevice=f6.7f
[  136.077751][ T5888] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.088976][ T5888] usb 2-1: Product: syz
[  136.095809][ T5888] usb 2-1: Manufacturer: syz
[  136.107639][ T5888] usb 2-1: SerialNumber: syz
[  136.112416][ T5915] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  136.126493][ T5888] usb 2-1: config 0 descriptor??
[  136.249340][ T5915] usb 3-1: device descriptor read/64, error -71
[  136.372195][ T6655] cgroup: fork rejected by pids controller in /syz1
[  136.447272][ T5889] usb 5-1: USB disconnect, device number 5
[  136.489967][ T5915] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  136.550412][ T6758] netlink: 20 bytes leftover after parsing attributes in process `syz.4.259'.
[  136.575510][ T5888] usb 2-1: selecting invalid altsetting 0
[  136.659649][ T5915] usb 3-1: device descriptor read/64, error -71
[  136.712916][   T54] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  136.741609][ T5888] usb 2-1: USB disconnect, device number 20
[  136.816920][ T5915] usb usb3-port1: attempt power cycle
[  136.920518][   T54] usb 4-1: not running at top speed; connect to a high speed hub
[  136.950236][   T54] usb 4-1: config 95 has an invalid interface number: 1 but max is 0
[  136.975575][   T54] usb 4-1: config 95 has no interface number 0
[  136.982729][   T54] usb 4-1: config 95 interface 1 has no altsetting 0
[  136.998984][   T54] usb 4-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f
[  137.020730][   T54] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.028939][   T54] usb 4-1: Product: syz
[  137.035508][   T54] usb 4-1: Manufacturer: syz
[  137.041736][   T54] usb 4-1: SerialNumber: syz
[  137.096587][ T6456] udevd[6456]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.190/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  137.145871][ T2977] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.200228][ T5915] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  137.234975][ T5915] usb 3-1: device descriptor read/8, error -71
[  137.285861][ T2977] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.475554][ T2977] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.502850][ T5915] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  137.562757][ T5915] usb 3-1: device descriptor read/8, error -71
[  137.682584][ T2977] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.703772][ T5915] usb usb3-port1: unable to enumerate USB device
[  137.719457][ T6776] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.728301][ T6776] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.391008][ T2977] bridge_slave_1: left allmulticast mode
[  138.399449][ T2977] bridge_slave_1: left promiscuous mode
[  138.431937][ T2977] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.596089][ T2977] bridge_slave_0: left allmulticast mode
[  138.619649][    T9] usb 1-1: USB disconnect, device number 9
[  138.642717][ T2977] bridge_slave_0: left promiscuous mode
[  138.694867][ T2977] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.782012][ T6777] openvswitch: netlink: Key 6 has unexpected len 17 expected 2
[  138.838640][ T6783] FAULT_INJECTION: forcing a failure.
[  138.838640][ T6783] name failslab, interval 1, probability 0, space 0, times 0
[  138.868048][ T6783] CPU: 0 UID: 0 PID: 6783 Comm: syz.0.264 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  138.868080][ T6783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  138.868093][ T6783] Call Trace:
[  138.868104][ T6783]  <TASK>
[  138.868112][ T6783]  dump_stack_lvl+0x241/0x360
[  138.868149][ T6783]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.868178][ T6783]  ? __pfx__printk+0x10/0x10
[  138.868211][ T6783]  ? __pfx___might_resched+0x10/0x10
[  138.868242][ T6783]  should_fail_ex+0x424/0x570
[  138.868269][ T6783]  should_failslab+0xac/0x100
[  138.868300][ T6783]  __kmalloc_noprof+0xdf/0x4d0
[  138.868328][ T6783]  ? sock_kmalloc+0xd7/0x160
[  138.868356][ T6783]  sock_kmalloc+0xd7/0x160
[  138.868379][ T6783]  skcipher_recvmsg+0x613/0x1250
[  138.868425][ T6783]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  138.868451][ T6783]  ? __fget_files+0x2a/0x420
[  138.868468][ T6783]  ? aa_sock_msg_perm+0x91/0x160
[  138.868498][ T6783]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  138.868516][ T6783]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  138.868551][ T6783]  sock_recvmsg+0x22f/0x280
[  138.868582][ T6783]  __sys_recvfrom+0x204/0x380
[  138.868607][ T6783]  ? __pfx___sys_recvfrom+0x10/0x10
[  138.868639][ T6783]  ? lock_vma_under_rcu+0x1f0/0x9a0
[  138.868691][ T6783]  __x64_sys_recvfrom+0xde/0x100
[  138.868714][ T6783]  do_syscall_64+0xf3/0x230
[  138.868740][ T6783]  ? clear_bhb_loop+0x45/0xa0
[  138.868764][ T6783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.868783][ T6783] RIP: 0033:0x7f6a0198ef34
[  138.868799][ T6783] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04
[  138.868815][ T6783] RSP: 002b:00007f6a027a1ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  138.868836][ T6783] RAX: ffffffffffffffda RBX: 00007f6a027a1fc0 RCX: 00007f6a0198ef34
[  138.868851][ T6783] RDX: 0000000000001000 RSI: 00007f6a027a2010 RDI: 0000000000000004
[  138.868863][ T6783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.868874][ T6783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  138.868886][ T6783] R13: 00007f6a027a1f68 R14: 00007f6a027a2010 R15: 0000000000000000
[  138.868917][ T6783]  </TASK>
[  139.725841][   T54] usb 4-1: USB disconnect, device number 12
[  140.139758][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  140.164273][ T5150] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  140.172544][ T5150] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  140.181216][ T5150] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  140.190760][ T5150] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  140.228955][ T6456] udevd[6456]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  140.755365][ T6825] netlink: 40 bytes leftover after parsing attributes in process `syz.3.273'.
[  140.915124][ T2977] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  140.930069][ T2977] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  140.943329][ T2977] bond0 (unregistering): Released all slaves
[  141.179312][   T54] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  141.238495][ T6837] netlink: 64 bytes leftover after parsing attributes in process `syz.0.278'.
[  141.353808][   T54] usb 5-1: Using ep0 maxpacket: 32
[  141.495076][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.619255][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.634693][   T54] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  141.647514][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.661108][   T54] usb 5-1: config 0 descriptor??
[  141.674368][   T54] hub 5-1:0.0: USB hub found
[  141.872781][   T54] hub 5-1:0.0: 1 port detected
[  142.107065][ T2977] hsr_slave_0: left promiscuous mode
[  142.131104][ T2977] hsr_slave_1: left promiscuous mode
[  142.137297][ T2977] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.145375][ T2977] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.158361][ T2977] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.165687][ T6868] fuse: Unknown parameter 'fscontext'
[  142.181803][ T2977] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.230825][   T56] Bluetooth: hci0: command tx timeout
[  142.256496][ T2977] team_slave_0: left promiscuous mode
[  142.262155][ T2977] team_slave_1: left promiscuous mode
[  142.327218][ T2977] veth1_macvtap: left promiscuous mode
[  142.373730][ T2977] veth0_macvtap: left promiscuous mode
[  142.384686][ T2977] veth1_vlan: left promiscuous mode
[  142.399615][ T2977] veth0_vlan: left promiscuous mode
[  142.518042][   T54] hub 5-1:0.0: activate --> -90
[  142.851362][ T6878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.287'.
[  142.946709][   T10] usb 5-1: USB disconnect, device number 6
[  143.955551][ T6886] tipc: Can't bind to reserved service type 1
[  144.055442][ T2977] team0 (unregistering): Port device team_slave_1 removed
[  144.097798][ T2977] team0 (unregistering): Port device team_slave_0 removed
[  144.158095][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  144.158115][   T30] audit: type=1326 audit(1744332796.631:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.211818][   T30] audit: type=1326 audit(1744332796.631:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.236987][   T30] audit: type=1326 audit(1744332796.631:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.260629][   T30] audit: type=1326 audit(1744332796.631:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.283488][   T30] audit: type=1326 audit(1744332796.631:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.307545][   T30] audit: type=1326 audit(1744332796.631:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.313710][   T56] Bluetooth: hci0: command tx timeout
[  144.347450][   T30] audit: type=1326 audit(1744332796.631:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.381065][   T30] audit: type=1326 audit(1744332796.661:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.404535][   T30] audit: type=1326 audit(1744332796.671:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.447259][   T30] audit: type=1326 audit(1744332796.671:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6890 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  144.809289][    T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  144.829944][ T6884] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  144.837540][ T6884] CPU: 1 UID: 0 PID: 6884 Comm: syz.4.288 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  144.837571][ T6884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  144.837585][ T6884] Call Trace:
[  144.837594][ T6884]  <TASK>
[  144.837603][ T6884]  dump_stack_lvl+0x241/0x360
[  144.837645][ T6884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.837686][ T6884]  ? __pfx__printk+0x10/0x10
[  144.837713][ T6884]  ? kernfs_path_from_node+0x2b/0x250
[  144.837738][ T6884]  ? kernfs_path_from_node+0x217/0x250
[  144.837761][ T6884]  sysfs_warn_dup+0x8e/0xa0
[  144.837779][ T6884]  sysfs_do_create_link_sd+0xbe/0x110
[  144.837802][ T6884]  device_add_class_symlinks+0x1c5/0x250
[  144.837830][ T6884]  device_add+0x553/0xbf0
[  144.837901][ T6884]  wiphy_register+0x193c/0x2660
[  144.837947][ T6884]  ? __pfx_wiphy_register+0x10/0x10
[  144.837975][ T6884]  ? minstrel_ht_alloc+0x85a/0x950
[  144.838016][ T6884]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  144.838054][ T6884]  ieee80211_register_hw+0x35e9/0x42d0
[  144.838091][ T6884]  ? ieee80211_register_hw+0x1611/0x42d0
[  144.838123][ T6884]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  144.838160][ T6884]  ? __hrtimer_setup+0x17f/0x200
[  144.838185][ T6884]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  144.838215][ T6884]  mac80211_hwsim_new_radio+0x2adc/0x4a60
[  144.838269][ T6884]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  144.838290][ T6884]  ? trace_kmalloc+0x1f/0xd0
[  144.838312][ T6884]  ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0
[  144.838338][ T6884]  ? kstrndup+0xbb/0x150
[  144.838370][ T6884]  hwsim_new_radio_nl+0xed0/0x2290
[  144.838401][ T6884]  ? __pfx___nla_validate_parse+0x10/0x10
[  144.838429][ T6884]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  144.838478][ T6884]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  144.838506][ T6884]  genl_rcv_msg+0xb38/0xf00
[  144.838535][ T6884]  ? __pfx_genl_rcv_msg+0x10/0x10
[  144.838552][ T6884]  ? __dev_queue_xmit+0x1780/0x3f60
[  144.838570][ T6884]  ? kasan_save_track+0x3f/0x80
[  144.838588][ T6884]  ? __kasan_slab_alloc+0x66/0x80
[  144.838615][ T6884]  ? do_syscall_64+0xf3/0x230
[  144.838663][ T6884]  ? __lock_acquire+0xad5/0xd80
[  144.838681][ T6884]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  144.838730][ T6884]  netlink_rcv_skb+0x208/0x480
[  144.838760][ T6884]  ? __pfx_genl_rcv_msg+0x10/0x10
[  144.838781][ T6884]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  144.838825][ T6884]  ? netlink_deliver_tap+0x2e/0x1b0
[  144.838865][ T6884]  genl_rcv+0x28/0x40
[  144.838882][ T6884]  netlink_unicast+0x7f8/0x9a0
[  144.838914][ T6884]  ? __pfx_netlink_unicast+0x10/0x10
[  144.838939][ T6884]  ? skb_put+0x114/0x1f0
[  144.838961][ T6884]  netlink_sendmsg+0x8c3/0xcd0
[  144.839009][ T6884]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.839037][ T6884]  ? aa_sock_msg_perm+0x91/0x160
[  144.839066][ T6884]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.839088][ T6884]  __sock_sendmsg+0x221/0x270
[  144.839114][ T6884]  ____sys_sendmsg+0x523/0x860
[  144.839145][ T6884]  ? __pfx_____sys_sendmsg+0x10/0x10
[  144.839164][ T6884]  ? __fget_files+0x2a/0x420
[  144.839186][ T6884]  ? __fget_files+0x2a/0x420
[  144.839213][ T6884]  __sys_sendmsg+0x271/0x360
[  144.839241][ T6884]  ? __pfx___sys_sendmsg+0x10/0x10
[  144.839339][ T6884]  ? do_syscall_64+0xb6/0x230
[  144.839368][ T6884]  do_syscall_64+0xf3/0x230
[  144.839404][ T6884]  ? clear_bhb_loop+0x45/0xa0
[  144.839428][ T6884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.839464][ T6884] RIP: 0033:0x7f4a4e98d169
[  144.839482][ T6884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.839499][ T6884] RSP: 002b:00007f4a4f787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.839522][ T6884] RAX: ffffffffffffffda RBX: 00007f4a4eba5fa0 RCX: 00007f4a4e98d169
[  144.839538][ T6884] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000003
[  144.839551][ T6884] RBP: 00007f4a4ea0e990 R08: 0000000000000000 R09: 0000000000000000
[  144.839564][ T6884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  144.839576][ T6884] R13: 0000000000000000 R14: 00007f4a4eba5fa0 R15: 00007f4a4eccfa28
[  144.839609][ T6884]  </TASK>
[  145.340003][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  145.382694][    T9] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  145.464609][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.542480][    T9] usb 3-1: config 0 descriptor??
[  145.574210][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[  145.587217][ T6816] chnl_net:caif_netlink_parms(): no params data found
[  145.644996][ T6915] FAULT_INJECTION: forcing a failure.
[  145.644996][ T6915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.669227][ T5915] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  145.697993][ T6915] CPU: 1 UID: 0 PID: 6915 Comm: syz.0.299 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  145.698023][ T6915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  145.698035][ T6915] Call Trace:
[  145.698044][ T6915]  <TASK>
[  145.698052][ T6915]  dump_stack_lvl+0x241/0x360
[  145.698095][ T6915]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.698124][ T6915]  ? __pfx__printk+0x10/0x10
[  145.698164][ T6915]  should_fail_ex+0x424/0x570
[  145.698189][ T6915]  _copy_from_user+0x2d/0xb0
[  145.698218][ T6915]  cmsghdr_from_user_compat_to_kern+0x5d8/0x980
[  145.698262][ T6915]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  145.698291][ T6915]  ? io_sendmsg_prep+0x27b/0xa00
[  145.698314][ T6915]  ? do_syscall_64+0xf3/0x230
[  145.698337][ T6915]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.698364][ T6915]  ____sys_sendmsg+0x1ad/0x860
[  145.698384][ T6915]  ? __asan_memset+0x23/0x50
[  145.698410][ T6915]  ? __pfx_____sys_sendmsg+0x10/0x10
[  145.698448][ T6915]  __sys_sendmsg_sock+0x29/0x40
[  145.698469][ T6915]  io_sendmsg+0x1e8/0x590
[  145.698500][ T6915]  __io_issue_sqe+0x1c9/0x3a0
[  145.698523][ T6915]  io_issue_sqe+0x1cb/0xe90
[  145.698542][ T6915]  ? io_msg_alloc_async+0x2ab/0x390
[  145.698567][ T6915]  ? __pfx_io_issue_sqe+0x10/0x10
[  145.698598][ T6915]  io_submit_sqes+0xa85/0x1ce0
[  145.698648][ T6915]  __se_sys_io_uring_enter+0x2cd/0x3560
[  145.698676][ T6915]  ? rcu_read_lock_any_held+0xbb/0x160
[  145.698702][ T6915]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  145.698731][ T6915]  ? vfs_write+0xb29/0xd10
[  145.698763][ T6915]  ? ksys_write+0x24e/0x2d0
[  145.698791][ T6915]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  145.698819][ T6915]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  145.698842][ T6915]  ? __fget_files+0x2a/0x420
[  145.698863][ T6915]  ? __fget_files+0x2a/0x420
[  145.698887][ T6915]  ? fput+0x9b/0xd0
[  145.698904][ T6915]  ? ksys_write+0x275/0x2d0
[  145.698936][ T6915]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  145.698960][ T6915]  do_syscall_64+0xf3/0x230
[  145.698984][ T6915]  ? clear_bhb_loop+0x45/0xa0
[  145.699017][ T6915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.699035][ T6915] RIP: 0033:0x7f6a0198d169
[  145.699051][ T6915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.699066][ T6915] RSP: 002b:00007f6a027a3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  145.699093][ T6915] RAX: ffffffffffffffda RBX: 00007f6a01ba5fa0 RCX: 00007f6a0198d169
[  145.699107][ T6915] RDX: 0000000000000000 RSI: 0000000000000092 RDI: 0000000000000003
[  145.699117][ T6915] RBP: 00007f6a027a3090 R08: 0000000000000000 R09: 0000000000000000
[  145.699129][ T6915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.699139][ T6915] R13: 0000000000000000 R14: 00007f6a01ba5fa0 R15: 00007f6a01ccfa28
[  145.699165][ T6915]  </TASK>
[  146.154371][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  146.167078][ T5915] usb 4-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[  146.176075][ T5915] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  146.185324][    T9] pwc: recv_control_msg error -32 req 02 val 2b00
[  146.187441][ T5915] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 65
[  146.194365][    T9] pwc: recv_control_msg error -32 req 02 val 2700
[  146.201686][ T5915] usb 4-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  146.201714][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.229288][ T5915] usb 4-1: config 0 descriptor??
[  146.292240][ T6816] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.311951][ T6816] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.323487][ T6816] bridge_slave_0: entered allmulticast mode
[  146.346008][ T6816] bridge_slave_0: entered promiscuous mode
[  146.364564][ T6816] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.379728][ T6816] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.387015][ T6816] bridge_slave_1: entered allmulticast mode
[  146.391044][   T56] Bluetooth: hci0: command tx timeout
[  146.416744][    T9] pwc: recv_control_msg error -32 req 04 val 1000
[  146.424769][    T9] pwc: recv_control_msg error -32 req 04 val 1300
[  146.441332][    T9] pwc: recv_control_msg error -32 req 04 val 1400
[  146.448649][    T9] pwc: recv_control_msg error -32 req 02 val 2000
[  146.463867][ T5887] usb 4-1: USB disconnect, device number 13
[  146.490427][ T6816] bridge_slave_1: entered promiscuous mode
[  146.643924][ T6816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.661584][    T9] pwc: recv_control_msg error -71 req 04 val 1500
[  146.665597][ T6816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.677914][    T9] pwc: recv_control_msg error -71 req 02 val 2500
[  146.699884][    T9] pwc: recv_control_msg error -71 req 02 val 2400
[  146.717411][    T9] pwc: recv_control_msg error -71 req 02 val 2600
[  146.724617][    T9] pwc: recv_control_msg error -71 req 02 val 2900
[  146.731727][    T9] pwc: recv_control_msg error -71 req 02 val 2800
[  146.740592][    T9] pwc: recv_control_msg error -71 req 04 val 1100
[  146.747520][    T9] pwc: recv_control_msg error -71 req 04 val 1200
[  146.758864][    T9] pwc: Registered as video103.
[  146.774448][ T6816] team0: Port device team_slave_0 added
[  146.787716][ T6816] team0: Port device team_slave_1 added
[  146.826801][    T9] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input8
[  146.839640][ T5915] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  146.860971][    T9] usb 3-1: USB disconnect, device number 14
[  146.927546][ T6816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.944526][ T6816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.014266][ T5915] usb 1-1: Using ep0 maxpacket: 8
[  147.020757][ T6816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.063650][ T5915] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  147.087214][ T6816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.089786][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.130634][ T6816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.138706][ T5915] usb 1-1: Product: syz
[  147.204349][ T5915] usb 1-1: Manufacturer: syz
[  147.219226][ T6816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.219413][ T5915] usb 1-1: SerialNumber: syz
[  147.251931][ T5915] usb 1-1: config 0 descriptor??
[  147.491515][ T5915] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  147.523940][ T6959] FAULT_INJECTION: forcing a failure.
[  147.523940][ T6959] name failslab, interval 1, probability 0, space 0, times 0
[  147.541205][ T6959] CPU: 1 UID: 0 PID: 6959 Comm: syz.2.308 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  147.541236][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  147.541247][ T6959] Call Trace:
[  147.541255][ T6959]  <TASK>
[  147.541262][ T6959]  dump_stack_lvl+0x241/0x360
[  147.541296][ T6959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.541323][ T6959]  ? __pfx__printk+0x10/0x10
[  147.541352][ T6959]  ? __pfx___might_resched+0x10/0x10
[  147.541377][ T6959]  should_fail_ex+0x424/0x570
[  147.541400][ T6959]  should_failslab+0xac/0x100
[  147.541427][ T6959]  __kmalloc_noprof+0xdf/0x4d0
[  147.541450][ T6959]  ? sock_kmalloc+0xd7/0x160
[  147.541476][ T6959]  sock_kmalloc+0xd7/0x160
[  147.541498][ T6959]  af_alg_alloc_areq+0x90/0x260
[  147.541522][ T6959]  skcipher_recvmsg+0x384/0x1250
[  147.541563][ T6959]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  147.541585][ T6959]  ? __fget_files+0x2a/0x420
[  147.541600][ T6959]  ? aa_sock_msg_perm+0x91/0x160
[  147.541627][ T6959]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  147.541643][ T6959]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  147.541675][ T6959]  sock_recvmsg+0x22f/0x280
[  147.541703][ T6959]  __sys_recvfrom+0x204/0x380
[  147.541726][ T6959]  ? __pfx___sys_recvfrom+0x10/0x10
[  147.541756][ T6959]  ? lock_vma_under_rcu+0x1f0/0x9a0
[  147.541804][ T6959]  __x64_sys_recvfrom+0xde/0x100
[  147.541825][ T6959]  do_syscall_64+0xf3/0x230
[  147.541847][ T6959]  ? clear_bhb_loop+0x45/0xa0
[  147.541869][ T6959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.541886][ T6959] RIP: 0033:0x7f36c038ef34
[  147.541902][ T6959] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04
[  147.541918][ T6959] RSP: 002b:00007f36c11d7ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  147.541937][ T6959] RAX: ffffffffffffffda RBX: 00007f36c11d7fc0 RCX: 00007f36c038ef34
[  147.541950][ T6959] RDX: 0000000000001000 RSI: 00007f36c11d8010 RDI: 0000000000000004
[  147.541962][ T6959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.541973][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  147.541983][ T6959] R13: 00007f36c11d7f68 R14: 00007f36c11d8010 R15: 0000000000000000
[  147.542011][ T6959]  </TASK>
[  147.861794][ T6816] hsr_slave_0: entered promiscuous mode
[  147.868512][ T6816] hsr_slave_1: entered promiscuous mode
[  148.469426][   T56] Bluetooth: hci0: command tx timeout
[  148.480968][ T6986] xt_nfacct: accounting object `syz1' does not exists
[  149.448871][ T6816] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  149.464214][ T6816] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  149.481154][ T6816] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  149.497707][ T6816] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  149.521633][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.2.318'.
[  149.551310][ T6997] ������: renamed from lo (while UP)
[  149.749976][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  149.749993][   T30] audit: type=1800 audit(1744332802.231:394): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.319" name="file1" dev="tmpfs" ino=338 res=0 errno=0
[  149.863283][ T7002] debugfs: Directory '!' with parent 'ieee80211' already present!
[  149.995421][ T5915] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  150.046263][ T6816] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.086775][ T5915] usb 1-1: USB disconnect, device number 10
[  150.232554][ T7011] netlink: 8 bytes leftover after parsing attributes in process `syz.0.322'.
[  150.246959][ T6816] 8021q: adding VLAN 0 to HW filter on device team0
[  150.307768][ T7011] netlink: 12 bytes leftover after parsing attributes in process `syz.0.322'.
[  150.326610][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.333835][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.387672][   T82] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.395328][   T82] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.441294][ T5888] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  150.634254][ T5888] usb 5-1: device descriptor read/64, error -71
[  150.675282][ T6816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.768580][ T7023] netlink: 64 bytes leftover after parsing attributes in process `syz.3.324'.
[  150.879265][ T5888] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  150.906949][ T6816] veth0_vlan: entered promiscuous mode
[  150.966712][ T6816] veth1_vlan: entered promiscuous mode
[  151.040447][ T5888] usb 5-1: device descriptor read/64, error -71
[  151.084747][ T7027] vlan2: entered allmulticast mode
[  151.111620][ T7027] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  151.190953][ T5888] usb usb5-port1: attempt power cycle
[  151.241741][ T6816] veth0_macvtap: entered promiscuous mode
[  151.294242][ T6816] veth1_macvtap: entered promiscuous mode
[  151.324639][ T7038] FAULT_INJECTION: forcing a failure.
[  151.324639][ T7038] name failslab, interval 1, probability 0, space 0, times 0
[  151.376870][ T7038] CPU: 0 UID: 0 PID: 7038 Comm: syz.3.330 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  151.376901][ T7038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  151.376914][ T7038] Call Trace:
[  151.376923][ T7038]  <TASK>
[  151.376931][ T7038]  dump_stack_lvl+0x241/0x360
[  151.376971][ T7038]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.377002][ T7038]  ? __pfx__printk+0x10/0x10
[  151.377035][ T7038]  ? __pfx___might_resched+0x10/0x10
[  151.377066][ T7038]  should_fail_ex+0x424/0x570
[  151.377095][ T7038]  should_failslab+0xac/0x100
[  151.377127][ T7038]  __kmalloc_noprof+0xdf/0x4d0
[  151.377155][ T7038]  ? __local_bh_enable_ip+0x168/0x200
[  151.377174][ T7038]  ? sock_kmalloc+0xd7/0x160
[  151.377202][ T7038]  sock_kmalloc+0xd7/0x160
[  151.377229][ T7038]  af_alg_alloc_areq+0x90/0x260
[  151.377258][ T7038]  skcipher_recvmsg+0x384/0x1250
[  151.377307][ T7038]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  151.377336][ T7038]  ? aa_sock_msg_perm+0x91/0x160
[  151.377368][ T7038]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  151.377409][ T7038]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  151.377439][ T7038]  sock_recvmsg+0x22f/0x280
[  151.377472][ T7038]  ____sys_recvmsg+0x1c8/0x480
[  151.377504][ T7038]  ? __pfx_____sys_recvmsg+0x10/0x10
[  151.377553][ T7038]  __sys_recvmsg+0x2a5/0x3a0
[  151.377584][ T7038]  ? __pfx___sys_recvmsg+0x10/0x10
[  151.377623][ T7038]  ? __fget_files+0x2a/0x420
[  151.377669][ T7038]  ? do_syscall_64+0xb6/0x230
[  151.377711][ T7038]  do_syscall_64+0xf3/0x230
[  151.377747][ T7038]  ? clear_bhb_loop+0x45/0xa0
[  151.377770][ T7038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.377788][ T7038] RIP: 0033:0x7fe354f8d169
[  151.377805][ T7038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.377822][ T7038] RSP: 002b:00007fe355e9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  151.377843][ T7038] RAX: ffffffffffffffda RBX: 00007fe3551a5fa0 RCX: 00007fe354f8d169
[  151.377857][ T7038] RDX: 0000000000002000 RSI: 0000200000000300 RDI: 0000000000000004
[  151.377870][ T7038] RBP: 00007fe355e9e090 R08: 0000000000000000 R09: 0000000000000000
[  151.377882][ T7038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.377893][ T7038] R13: 0000000000000000 R14: 00007fe3551a5fa0 R15: 00007fe3552cfa28
[  151.377922][ T7038]  </TASK>
[  151.380419][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.633711][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.643616][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.658327][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.668303][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.685774][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.706393][ T5888] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  151.718043][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.333'.
[  151.767690][   T30] audit: type=1326 audit(1744332804.241:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  151.801683][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.812705][ T5888] usb 5-1: device descriptor read/8, error -71
[  151.842278][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.876632][ T6816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.887902][   T30] audit: type=1326 audit(1744332804.241:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  151.929446][   T30] audit: type=1326 audit(1744332804.341:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  151.955479][   T30] audit: type=1326 audit(1744332804.341:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36c038d169 code=0x7ffc0000
[  152.000906][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.027803][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.053959][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.082359][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.092938][ T5888] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  152.106085][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.117349][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.128813][ T5888] usb 5-1: device descriptor read/8, error -71
[  152.143317][ T6816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.164676][ T6816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.197754][ T6816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.236296][ T6816] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.251530][ T5888] usb usb5-port1: unable to enumerate USB device
[  152.262987][ T6816] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.273312][ T6816] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.285999][ T6816] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.469340][   T54] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  152.504628][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.521397][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.554475][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.564008][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.673706][ T7080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.341'.
[  152.683177][   T54] usb 1-1: Using ep0 maxpacket: 8
[  152.695817][   T54] usb 1-1: config 0 has an invalid interface number: 133 but max is 0
[  152.714316][   T54] usb 1-1: config 0 has no interface number 0
[  152.731923][ T7080] team_slave_0: entered promiscuous mode
[  152.737683][ T7080] team_slave_1: entered promiscuous mode
[  152.753440][   T54] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice=25.7d
[  152.772977][   T54] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.780665][ T7080] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  152.794403][   T54] usb 1-1: Product: syz
[  152.814594][   T54] usb 1-1: Manufacturer: syz
[  152.827791][   T54] usb 1-1: SerialNumber: syz
[  152.884503][   T54] usb 1-1: config 0 descriptor??
[  152.885156][ T7083] debugfs: Directory '!' with parent 'ieee80211' already present!
[  152.921917][   T54] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  153.016108][   T30] audit: type=1326 audit(1744332805.491:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc623d8d169 code=0x7ffc0000
[  153.020369][   T54] snd-usb-audio 1-1:0.133: probe with driver snd-usb-audio failed with error -2
[  153.038288][    C1] vkms_vblank_simulate: vblank timer overrun
[  153.098390][ T7089] netlink: 4 bytes leftover after parsing attributes in process `syz.3.343'.
[  153.139485][   T54] usb 1-1: USB disconnect, device number 11
[  153.143353][   T30] audit: type=1326 audit(1744332805.491:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7fc623d8d169 code=0x7ffc0000
[  153.253802][   T30] audit: type=1326 audit(1744332805.491:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc623d8d169 code=0x7ffc0000
[  153.325110][   T30] audit: type=1326 audit(1744332805.531:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fc623d8d169 code=0x7ffc0000
[  153.368762][ T6456] udevd[6456]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.133/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  153.442430][   T30] audit: type=1326 audit(1744332805.531:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc623d8d169 code=0x7ffc0000
[  153.488132][ T7089] hsr_slave_1 (unregistering): left promiscuous mode
[  153.739310][ T7109] netlink: 8 bytes leftover after parsing attributes in process `syz.4.346'.
[  153.772711][ T7109] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.787299][ T7117] FAULT_INJECTION: forcing a failure.
[  153.787299][ T7117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.849093][ T7117] CPU: 1 UID: 0 PID: 7117 Comm: syz.3.349 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  153.849129][ T7117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  153.849143][ T7117] Call Trace:
[  153.849151][ T7117]  <TASK>
[  153.849160][ T7117]  dump_stack_lvl+0x241/0x360
[  153.849198][ T7117]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.849230][ T7117]  ? __pfx__printk+0x10/0x10
[  153.849271][ T7117]  should_fail_ex+0x424/0x570
[  153.849311][ T7117]  _copy_to_user+0x31/0xb0
[  153.849344][ T7117]  simple_read_from_buffer+0xc4/0x170
[  153.849378][ T7117]  proc_fail_nth_read+0x1ef/0x260
[  153.849403][ T7117]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.849428][ T7117]  ? rw_verify_area+0x246/0x630
[  153.849449][ T7117]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.849479][ T7117]  vfs_read+0x21f/0xb90
[  153.849508][ T7117]  ? __pfx___mutex_lock+0x10/0x10
[  153.849534][ T7117]  ? __pfx_vfs_read+0x10/0x10
[  153.849561][ T7117]  ? __fget_files+0x2a/0x420
[  153.849582][ T7117]  ? __fget_files+0x39d/0x420
[  153.849598][ T7117]  ? __fget_files+0x2a/0x420
[  153.849627][ T7117]  ksys_read+0x19d/0x2d0
[  153.849652][ T7117]  ? __pfx_ksys_read+0x10/0x10
[  153.849682][ T7117]  ? do_syscall_64+0xb6/0x230
[  153.849721][ T7117]  do_syscall_64+0xf3/0x230
[  153.849745][ T7117]  ? clear_bhb_loop+0x45/0xa0
[  153.849768][ T7117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.849787][ T7117] RIP: 0033:0x7fe354f8bb7c
[  153.849804][ T7117] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  153.849820][ T7117] RSP: 002b:00007fe355e9e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  153.849840][ T7117] RAX: ffffffffffffffda RBX: 00007fe3551a5fa0 RCX: 00007fe354f8bb7c
[  153.849854][ T7117] RDX: 000000000000000f RSI: 00007fe355e9e0a0 RDI: 0000000000000005
[  153.849866][ T7117] RBP: 00007fe355e9e090 R08: 0000000000000000 R09: 0000000000000000
[  153.849878][ T7117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.849889][ T7117] R13: 0000000000000000 R14: 00007fe3551a5fa0 R15: 00007fe3552cfa28
[  153.849917][ T7117]  </TASK>
[  154.059359][    C1] vkms_vblank_simulate: vblank timer overrun
[  154.501345][ T7144] netlink: 8 bytes leftover after parsing attributes in process `syz.4.357'.
[  154.579282][ T5888] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  154.705841][ T7151] FAULT_INJECTION: forcing a failure.
[  154.705841][ T7151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.743204][ T7151] CPU: 0 UID: 0 PID: 7151 Comm: syz.3.359 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  154.743230][ T7151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  154.743242][ T7151] Call Trace:
[  154.743249][ T7151]  <TASK>
[  154.743257][ T7151]  dump_stack_lvl+0x241/0x360
[  154.743291][ T7151]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.743318][ T7151]  ? __pfx__printk+0x10/0x10
[  154.743353][ T7151]  should_fail_ex+0x424/0x570
[  154.743377][ T7151]  _copy_to_user+0x31/0xb0
[  154.743406][ T7151]  simple_read_from_buffer+0xc4/0x170
[  154.743446][ T7151]  proc_fail_nth_read+0x1ef/0x260
[  154.743467][ T7151]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  154.743490][ T7151]  ? rw_verify_area+0x246/0x630
[  154.743509][ T7151]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  154.743529][ T7151]  vfs_read+0x21f/0xb90
[  154.743554][ T7151]  ? __pfx___mutex_lock+0x10/0x10
[  154.743577][ T7151]  ? __pfx_vfs_read+0x10/0x10
[  154.743600][ T7151]  ? __fget_files+0x2a/0x420
[  154.743619][ T7151]  ? __fget_files+0x39d/0x420
[  154.743633][ T7151]  ? __fget_files+0x2a/0x420
[  154.743658][ T7151]  ksys_read+0x19d/0x2d0
[  154.743681][ T7151]  ? __pfx_ksys_read+0x10/0x10
[  154.743707][ T7151]  ? do_syscall_64+0xb6/0x230
[  154.743732][ T7151]  do_syscall_64+0xf3/0x230
[  154.743754][ T7151]  ? clear_bhb_loop+0x45/0xa0
[  154.743777][ T7151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.743794][ T7151] RIP: 0033:0x7fe354f8bb7c
[  154.743811][ T7151] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  154.743826][ T7151] RSP: 002b:00007fe355e9e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  154.743845][ T7151] RAX: ffffffffffffffda RBX: 00007fe3551a5fa0 RCX: 00007fe354f8bb7c
[  154.743858][ T7151] RDX: 000000000000000f RSI: 00007fe355e9e0a0 RDI: 0000000000000005
[  154.743870][ T7151] RBP: 00007fe355e9e090 R08: 0000000000000000 R09: 0000000000000000
[  154.743880][ T7151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.743890][ T7151] R13: 0000000000000000 R14: 00007fe3551a5fa0 R15: 00007fe3552cfa28
[  154.743918][ T7151]  </TASK>
[  154.960034][ T5887] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  154.991673][ T5888] usb 2-1: Using ep0 maxpacket: 8
[  155.049797][ T5888] usb 2-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[  155.079642][ T7152] kvm: pic: non byte write
[  155.094452][ T5888] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.129561][ T5887] usb 3-1: device descriptor read/64, error -71
[  155.144611][ T7160] netlink: 8 bytes leftover after parsing attributes in process `syz.3.362'.
[  155.154149][ T5888] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 65
[  155.179674][ T5888] usb 2-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  155.208496][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.210334][ T7160] syz.3.362 uses obsolete (PF_INET,SOCK_PACKET)
[  155.258208][ T5888] usb 2-1: config 0 descriptor??
[  155.395449][ T5887] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  155.476050][  T977] usb 2-1: USB disconnect, device number 21
[  155.483246][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.3.363'.
[  155.559940][ T5887] usb 3-1: device descriptor read/64, error -71
[  155.665610][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  155.665626][   T30] audit: type=1326 audit(1744332808.141:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  155.708980][ T5887] usb usb3-port1: attempt power cycle
[  155.730179][   T30] audit: type=1326 audit(1744332808.141:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  155.752390][    C1] vkms_vblank_simulate: vblank timer overrun
[  155.783933][ T7180] netlink: 4 bytes leftover after parsing attributes in process `syz.4.365'.
[  155.793976][   T30] audit: type=1326 audit(1744332808.161:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  155.839316][   T30] audit: type=1326 audit(1744332808.161:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  155.904488][   T30] audit: type=1326 audit(1744332808.161:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  156.019249][   T30] audit: type=1326 audit(1744332808.161:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  156.049926][ T5887] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  156.063318][   T30] audit: type=1326 audit(1744332808.161:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  156.096644][ T5887] usb 3-1: device descriptor read/8, error -71
[  156.215699][   T30] audit: type=1326 audit(1744332808.161:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  156.238364][ T7194] xt_socket: unknown flags 0xd0
[  156.299492][   T10] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  156.339332][ T5887] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  156.359960][   T30] audit: type=1326 audit(1744332808.161:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  156.392459][ T5887] usb 3-1: device descriptor read/8, error -71
[  156.421746][   T30] audit: type=1326 audit(1744332808.161:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe354f8d169 code=0x7ffc0000
[  156.463294][ T7199] loop9: detected capacity change from 0 to 7
[  156.479484][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  156.485020][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.489436][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  156.512288][ T5887] usb usb3-port1: unable to enumerate USB device
[  156.524372][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.526396][ T7202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.373'.
[  156.545211][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.564459][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 154
[  156.575095][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.594456][   T10] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  156.603903][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.606822][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.626725][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.656704][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.669232][   T10] usb 1-1: Product: syz
[  156.673437][   T10] usb 1-1: Manufacturer: syz
[  156.683761][ T7199] ldm_validate_partition_table(): Disk read failed.
[  156.691228][ T7207] netlink: 20 bytes leftover after parsing attributes in process `syz.4.374'.
[  156.700749][   T10] usb 1-1: SerialNumber: syz
[  156.701187][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.726784][   T10] usb 1-1: config 0 descriptor??
[  156.743592][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.750113][ T7188] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  156.762190][   T10] ums-isd200 1-1:0.0: USB Mass Storage device detected
[  156.773674][ T7199] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.807785][ T7199] Dev loop9: unable to read RDB block 0
[  156.819105][ T7209] input: syz0 as /devices/virtual/input/input10
[  156.853572][ T7199]  loop9: unable to read partition table
[  156.883209][ T7199] loop9: partition table beyond EOD, truncated
[  156.912500][ T7216] xt_nfacct: accounting object `syz1' does not exists
[  156.920039][ T7199] loop_reread_partitions: partition scan of loop9 (�被�����ބ;���*��U�������) failed (rc=-5)
[  157.026673][   T10] scsi host1: usb-storage 1-1:0.0
[  157.072093][   T10] usb 1-1: USB disconnect, device number 12
[  157.175538][ T7222] netlink: 4 bytes leftover after parsing attributes in process `syz.4.376'.
[  157.590033][   T10] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  157.783537][   T10] usb 5-1: config 0 has an invalid interface number: 200 but max is 0
[  157.795833][   T10] usb 5-1: config 0 has no interface number 0
[  157.839312][   T10] usb 5-1: config 0 interface 200 altsetting 2 has an endpoint descriptor with address 0xFB, changing to 0x8B
[  157.889257][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  157.892493][   T10] usb 5-1: config 0 interface 200 altsetting 2 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  157.899285][ T5888] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  157.938492][   T10] usb 5-1: config 0 interface 200 altsetting 2 endpoint 0x8B has invalid wMaxPacketSize 0
[  157.963968][   T10] usb 5-1: config 0 interface 200 has no altsetting 0
[  157.982866][   T10] usb 5-1: New USB device found, idVendor=0b57, idProduct=8520, bcdDevice=6d.39
[  157.999224][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.007509][   T10] usb 5-1: Product: syz
[  158.019221][   T10] usb 5-1: Manufacturer: syz
[  158.023890][   T10] usb 5-1: SerialNumber: syz
[  158.042782][   T10] usb 5-1: config 0 descriptor??
[  158.159287][ T5888] usb 3-1: Using ep0 maxpacket: 32
[  158.190455][   T24] usb 4-1: config 0 has no interfaces?
[  158.207783][ T5888] usb 3-1: config 0 has no interfaces?
[  158.240826][ T5888] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  158.254115][ T7230] netlink: 44 bytes leftover after parsing attributes in process `syz.4.379'.
[  158.273637][ T7230] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  158.294381][   T24] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  158.315181][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.325349][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.354052][   T24] usb 4-1: Product: syz
[  158.358362][ T5888] usb 3-1: config 0 descriptor??
[  158.369555][   T24] usb 4-1: Manufacturer: syz
[  158.394916][   T24] usb 4-1: SerialNumber: syz
[  158.413684][ T7230] raw_sendmsg: syz.4.379 forgot to set AF_INET. Fix it!
[  158.428078][   T24] usb 4-1: config 0 descriptor??
[  158.749789][ T5888] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  158.921185][ T5888] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  158.936812][ T5888] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  158.948268][ T5888] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.966440][ T5888] usb 2-1: Product: syz
[  158.971279][ T5888] usb 2-1: Manufacturer: syz
[  158.976065][ T5888] usb 2-1: SerialNumber: syz
[  159.157035][ T7267] vlan2: entered promiscuous mode
[  159.184152][ T7267] vlan2: entered allmulticast mode
[  159.235992][ T7267] hsr_slave_1: entered allmulticast mode
[  159.244791][   T10] usb 5-1: USB disconnect, device number 11
[  159.272795][ T5888] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  159.291146][ T7267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.391'.
[  159.351984][ T7270] netlink: 64 bytes leftover after parsing attributes in process `syz.4.392'.
[  159.407218][ T5888] usb 2-1: USB disconnect, device number 22
[  159.436939][ T5888] usblp0: removed
[  159.546832][ T7272] netlink: 48 bytes leftover after parsing attributes in process `syz.0.393'.
[  160.392271][ T7294] __nla_validate_parse: 1 callbacks suppressed
[  160.392286][ T7294] netlink: 48 bytes leftover after parsing attributes in process `syz.1.402'.
[  160.429397][ T5888] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  160.604250][ T5888] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  160.630096][   T54] usb 3-1: USB disconnect, device number 19
[  160.645622][ T5888] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  160.660002][ T5888] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  160.727490][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  160.750569][ T5888] usb 5-1: SerialNumber: syz
[  160.906359][ T7313] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  160.909778][  T977] usb 4-1: USB disconnect, device number 14
[  160.914343][ T7313] CPU: 0 UID: 0 PID: 7313 Comm: syz.2.409 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  160.914373][ T7313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  160.914386][ T7313] Call Trace:
[  160.914395][ T7313]  <TASK>
[  160.914404][ T7313]  dump_stack_lvl+0x241/0x360
[  160.914445][ T7313]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.914476][ T7313]  ? __pfx__printk+0x10/0x10
[  160.914505][ T7313]  ? kernfs_path_from_node+0x2b/0x250
[  160.914532][ T7313]  ? kernfs_path_from_node+0x217/0x250
[  160.914557][ T7313]  sysfs_warn_dup+0x8e/0xa0
[  160.914578][ T7313]  sysfs_do_create_link_sd+0xbe/0x110
[  160.914602][ T7313]  device_add_class_symlinks+0x1c5/0x250
[  160.914632][ T7313]  device_add+0x553/0xbf0
[  160.914664][ T7313]  wiphy_register+0x193c/0x2660
[  160.914710][ T7313]  ? __pfx_wiphy_register+0x10/0x10
[  160.914745][ T7313]  ? minstrel_ht_alloc+0x85a/0x950
[  160.914795][ T7313]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  160.914833][ T7313]  ieee80211_register_hw+0x35e9/0x42d0
[  160.914868][ T7313]  ? ieee80211_register_hw+0x1611/0x42d0
[  160.914897][ T7313]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  160.914933][ T7313]  ? __hrtimer_setup+0x17f/0x200
[  160.914955][ T7313]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  160.914984][ T7313]  mac80211_hwsim_new_radio+0x2adc/0x4a60
[  160.915035][ T7313]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  160.915055][ T7313]  ? trace_kmalloc+0x1f/0xd0
[  160.915081][ T7313]  ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0
[  160.915110][ T7313]  ? kstrndup+0xbb/0x150
[  160.915144][ T7313]  hwsim_new_radio_nl+0xed0/0x2290
[  160.915179][ T7313]  ? __pfx___nla_validate_parse+0x10/0x10
[  160.915209][ T7313]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  160.915264][ T7313]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  160.915297][ T7313]  genl_rcv_msg+0xb38/0xf00
[  160.915328][ T7313]  ? __pfx_genl_rcv_msg+0x10/0x10
[  160.915347][ T7313]  ? __dev_queue_xmit+0x1780/0x3f60
[  160.915368][ T7313]  ? kasan_save_track+0x3f/0x80
[  160.915389][ T7313]  ? __kasan_slab_alloc+0x66/0x80
[  160.915418][ T7313]  ? do_syscall_64+0xf3/0x230
[  160.915464][ T7313]  ? __lock_acquire+0xad5/0xd80
[  160.915487][ T7313]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  160.915523][ T7313]  netlink_rcv_skb+0x208/0x480
[  160.915554][ T7313]  ? __pfx_genl_rcv_msg+0x10/0x10
[  160.915577][ T7313]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  160.915627][ T7313]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.915662][ T7313]  genl_rcv+0x28/0x40
[  160.915679][ T7313]  netlink_unicast+0x7f8/0x9a0
[  160.915714][ T7313]  ? __pfx_netlink_unicast+0x10/0x10
[  160.915747][ T7313]  ? skb_put+0x114/0x1f0
[  160.915771][ T7313]  netlink_sendmsg+0x8c3/0xcd0
[  160.915813][ T7313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.915846][ T7313]  ? aa_sock_msg_perm+0x91/0x160
[  160.915881][ T7313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.915908][ T7313]  __sock_sendmsg+0x221/0x270
[  160.915939][ T7313]  ____sys_sendmsg+0x523/0x860
[  160.915970][ T7313]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.915988][ T7313]  ? __fget_files+0x2a/0x420
[  160.916009][ T7313]  ? __fget_files+0x2a/0x420
[  160.916037][ T7313]  __sys_sendmsg+0x271/0x360
[  160.916064][ T7313]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.916141][ T7313]  ? do_syscall_64+0xb6/0x230
[  160.916167][ T7313]  do_syscall_64+0xf3/0x230
[  160.916192][ T7313]  ? clear_bhb_loop+0x45/0xa0
[  160.916216][ T7313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.916236][ T7313] RIP: 0033:0x7f36c038d169
[  160.916254][ T7313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.916270][ T7313] RSP: 002b:00007f36c11d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.916291][ T7313] RAX: ffffffffffffffda RBX: 00007f36c05a5fa0 RCX: 00007f36c038d169
[  160.916305][ T7313] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000003
[  160.916319][ T7313] RBP: 00007f36c040e990 R08: 0000000000000000 R09: 0000000000000000
[  160.916331][ T7313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  160.916343][ T7313] R13: 0000000000000000 R14: 00007f36c05a5fa0 R15: 00007f36c06cfa28
[  160.916373][ T7313]  </TASK>
[  161.279365][ T5889] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  161.355666][ T5888] usb 5-1: 0:2 : does not exist
[  161.456881][ T5888] usb 5-1: USB disconnect, device number 12
[  161.499817][ T5889] usb 2-1: Using ep0 maxpacket: 8
[  161.529420][ T5889] usb 2-1: config 4 has an invalid interface number: 147 but max is 1
[  161.537750][ T5889] usb 2-1: config 4 has an invalid interface number: 139 but max is 1
[  161.569117][ T5889] usb 2-1: config 4 has no interface number 0
[  161.591967][ T5889] usb 2-1: config 4 has no interface number 1
[  161.598271][ T5889] usb 2-1: config 4 interface 139 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  161.616171][ T5889] usb 2-1: config 4 interface 147 has no altsetting 0
[  161.623346][ T5889] usb 2-1: config 4 interface 139 has no altsetting 0
[  161.634268][ T5889] usb 2-1: New USB device found, idVendor=1608, idProduct=021e, bcdDevice=a0.68
[  161.653595][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.675204][ T5889] usb 2-1: Product: syz
[  161.679986][ T5889] usb 2-1: Manufacturer: syz
[  161.684856][ T5889] usb 2-1: SerialNumber: syz
[  161.701092][ T7330] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  161.724612][ T6456] udevd[6456]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  161.766611][  T977] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  161.861420][ T7333] vlan2: entered promiscuous mode
[  161.866790][ T7333] vlan2: entered allmulticast mode
[  161.872436][ T7333] hsr_slave_1: entered allmulticast mode
[  161.919415][  T977] usb 4-1: device descriptor read/64, error -71
[  161.920582][ T5889] io_ti 2-1:4.147: required endpoints missing
[  161.968624][ T5889] io_ti 2-1:4.139: required endpoints missing
[  161.976063][ T7333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.417'.
[  162.021780][ T5889] usb 2-1: USB disconnect, device number 23
[  162.170064][  T977] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  162.330495][  T977] usb 4-1: device descriptor read/64, error -71
[  162.405779][ T7352] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.421811][ T7352] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.451515][  T977] usb usb4-port1: attempt power cycle
[  162.589936][ T7360] xt_socket: unknown flags 0xd0
[  162.679498][ T5915] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  162.799424][  T977] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  162.830947][  T977] usb 4-1: device descriptor read/8, error -71
[  162.849258][ T5915] usb 1-1: Using ep0 maxpacket: 8
[  162.860543][ T5915] usb 1-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[  162.876700][ T5915] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  162.896361][ T5915] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 65
[  162.919318][ T5915] usb 1-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  162.933436][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.959934][ T5915] usb 1-1: config 0 descriptor??
[  163.079281][  T977] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  163.129209][  T977] usb 4-1: device descriptor read/8, error -71
[  163.236079][   T54] usb 1-1: USB disconnect, device number 13
[  163.243988][ T7374] block device autoloading is deprecated and will be removed.
[  163.270226][  T977] usb usb4-port1: unable to enumerate USB device
[  163.695813][ T7377] ------------[ cut here ]------------
[  163.701620][ T7377] WARNING: CPU: 0 PID: 7377 at kernel/kcov.c:872 kcov_remote_start+0x542/0x7d0
[  163.710611][ T7377] Modules linked in:
[  163.714696][ T7377] CPU: 0 UID: 0 PID: 7377 Comm: syz.2.435 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  163.726621][ T7377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  163.736707][ T7377] RIP: 0010:kcov_remote_start+0x542/0x7d0
[  163.742459][ T7377] Code: 4c 89 ff be 03 00 00 00 e8 8b 8b 41 03 e9 04 fb ff ff e8 81 3e 6d 0a 41 f7 c6 00 02 00 00 0f 84 f2 fa ff ff e9 7f fc ff ff 90 <0f> 0b 90 e8 96 5b 6d 0a 89 c0 48 c7 c7 68 23 69 93 48 03 3c c5 10
[  163.762185][ T7377] RSP: 0018:ffffc90003e2eaf0 EFLAGS: 00010002
[  163.768286][ T7377] RAX: 0000000080000200 RBX: ffff88802e31da00 RCX: 0000000000000002
[  163.776280][ T7377] RDX: 0000000000030000 RSI: ffffffff8e4fd5a1 RDI: ffffffff8ca1b6a0
[  163.784283][ T7377] RBP: 0000000000000000 R08: ffffc90003e2e860 R09: 0000000000000020
[  163.792285][ T7377] R10: 0000000000000000 R11: ffffffff819f7ef0 R12: ffffffff81c36f17
[  163.800288][ T7377] R13: dffffc0000000000 R14: 0000000000000246 R15: ffff8880b8628368
[  163.808289][ T7377] FS:  00007f36c11d96c0(0000) GS:ffff888124f96000(0000) knlGS:0000000000000000
[  163.817249][ T7377] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  163.823861][ T7377] CR2: 00007fc623f7e560 CR3: 000000006f1ac000 CR4: 00000000003526f0
[  163.831903][ T7377] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  163.839900][ T7377] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  163.847893][ T7377] Call Trace:
[  163.851189][ T7377]  <TASK>
[  163.854138][ T7377]  ? inode_set_ctime_to_ts+0x1ba/0x400
[  163.859631][ T7377]  ieee80211_rx_list+0x53e/0x3490
[  163.864691][ T7377]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  163.870252][ T7377]  ? up_write+0x1ab/0x590
[  163.874618][ T7377]  ? __lock_acquire+0xad5/0xd80
[  163.879525][ T7377]  ? ieee80211_rx_napi+0xd4/0x3c0
[  163.884580][ T7377]  ieee80211_rx_napi+0x187/0x3c0
[  163.889550][ T7377]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  163.895014][ T7377]  ? skb_dequeue+0x113/0x150
[  163.899647][ T7377]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  163.905662][ T7377]  ? ieee80211_stop_device+0x2a/0xf0
[  163.910993][ T7377]  ieee80211_stop_device+0x3f/0xf0
[  163.916148][ T7377]  ieee80211_do_stop+0x1dfa/0x23a0
[  163.921308][ T7377]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  163.926818][ T7377]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  163.932743][ T7377]  ? lockdep_hardirqs_on+0x9d/0x150
[  163.937975][ T7377]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  163.944353][ T7377]  ? wiphy_work_cancel+0x1f0/0x3e0
[  163.949511][ T7377]  ieee80211_stop+0x43b/0x490
[  163.954254][ T7377]  ? __pfx_ieee80211_stop+0x10/0x10
[  163.959469][ T7377]  __dev_close_many+0x3d7/0x760
[  163.964342][ T7377]  ? __pfx___dev_close_many+0x10/0x10
[  163.969724][ T7377]  ? __pfx___mutex_trylock_common+0x10/0x10
[  163.975631][ T7377]  dev_close_many+0x250/0x4c0
[  163.980321][ T7377]  ? __pfx_dev_close_many+0x10/0x10
[  163.985530][ T7377]  ? __mutex_unlock_slowpath+0x229/0x800
[  163.991172][ T7377]  netif_close+0x1c2/0x2d0
[  163.995597][ T7377]  ? __pfx_netif_close+0x10/0x10
[  164.000567][ T7377]  dev_close+0x137/0x280
[  164.004840][ T7377]  nl80211_del_interface+0xd5/0x140
[  164.010059][ T7377]  genl_rcv_msg+0xb38/0xf00
[  164.014585][ T7377]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.019620][ T7377]  ? __dev_queue_xmit+0x1780/0x3f60
[  164.024825][ T7377]  ? kasan_save_track+0x3f/0x80
[  164.029680][ T7377]  ? __kasan_slab_alloc+0x66/0x80
[  164.034719][ T7377]  ? do_syscall_64+0xf3/0x230
[  164.039415][ T7377]  ? __lock_acquire+0xad5/0xd80
[  164.044268][ T7377]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  164.049643][ T7377]  ? __pfx_nl80211_del_interface+0x10/0x10
[  164.055460][ T7377]  ? __pfx_nl80211_post_doit+0x10/0x10
[  164.060932][ T7377]  netlink_rcv_skb+0x208/0x480
[  164.065709][ T7377]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.070738][ T7377]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  164.076045][ T7377]  ? netlink_deliver_tap+0x2e/0x1b0
[  164.081254][ T7377]  genl_rcv+0x28/0x40
[  164.085240][ T7377]  netlink_unicast+0x7f8/0x9a0
[  164.090044][ T7377]  ? __pfx_netlink_unicast+0x10/0x10
[  164.095338][ T7377]  ? skb_put+0x114/0x1f0
[  164.099603][ T7377]  netlink_sendmsg+0x8c3/0xcd0
[  164.104419][ T7377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.109736][ T7377]  ? aa_sock_msg_perm+0x91/0x160
[  164.114686][ T7377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.119979][ T7377]  __sock_sendmsg+0x221/0x270
[  164.124684][ T7377]  ____sys_sendmsg+0x523/0x860
[  164.129459][ T7377]  ? __pfx_____sys_sendmsg+0x10/0x10
[  164.134742][ T7377]  ? __fget_files+0x2a/0x420
[  164.139336][ T7377]  ? __fget_files+0x2a/0x420
[  164.144017][ T7377]  __sys_sendmsg+0x271/0x360
[  164.148602][ T7377]  ? __pfx_futex_wake+0x10/0x10
[  164.153459][ T7377]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.158612][ T7377]  ? do_syscall_64+0xb6/0x230
[  164.163295][ T7377]  do_syscall_64+0xf3/0x230
[  164.167803][ T7377]  ? clear_bhb_loop+0x45/0xa0
[  164.172482][ T7377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.178376][ T7377] RIP: 0033:0x7f36c038d169
[  164.182795][ T7377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.202399][ T7377] RSP: 002b:00007f36c11d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.210820][ T7377] RAX: ffffffffffffffda RBX: 00007f36c05a5fa0 RCX: 00007f36c038d169
[  164.218799][ T7377] RDX: 0000000000000060 RSI: 0000200000000200 RDI: 0000000000000005
[  164.226780][ T7377] RBP: 00007f36c040e990 R08: 0000000000000000 R09: 0000000000000000
[  164.234767][ T7377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.242750][ T7377] R13: 0000000000000000 R14: 00007f36c05a5fa0 R15: 00007f36c06cfa28
[  164.250743][ T7377]  </TASK>
[  164.253778][ T7377] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  164.261064][ T7377] CPU: 0 UID: 0 PID: 7377 Comm: syz.2.435 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  164.272958][ T7377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.283019][ T7377] Call Trace:
[  164.286304][ T7377]  <TASK>
[  164.289240][ T7377]  dump_stack_lvl+0x241/0x360
[  164.293935][ T7377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.299153][ T7377]  ? __pfx__printk+0x10/0x10
[  164.303771][ T7377]  ? vscnprintf+0x5d/0x90
[  164.308110][ T7377]  panic+0x349/0x880
[  164.312018][ T7377]  ? __warn+0x174/0x4d0
[  164.316185][ T7377]  ? __pfx_panic+0x10/0x10
[  164.320634][ T7377]  __warn+0x344/0x4d0
[  164.324630][ T7377]  ? kcov_remote_start+0x542/0x7d0
[  164.329751][ T7377]  report_bug+0x2b3/0x500
[  164.334088][ T7377]  ? kcov_remote_start+0x542/0x7d0
[  164.339205][ T7377]  ? kcov_remote_start+0x542/0x7d0
[  164.344314][ T7377]  ? kcov_remote_start+0x544/0x7d0
[  164.349429][ T7377]  handle_bug+0x89/0x170
[  164.353683][ T7377]  exc_invalid_op+0x1a/0x50
[  164.358212][ T7377]  asm_exc_invalid_op+0x1a/0x20
[  164.363073][ T7377] RIP: 0010:kcov_remote_start+0x542/0x7d0
[  164.368792][ T7377] Code: 4c 89 ff be 03 00 00 00 e8 8b 8b 41 03 e9 04 fb ff ff e8 81 3e 6d 0a 41 f7 c6 00 02 00 00 0f 84 f2 fa ff ff e9 7f fc ff ff 90 <0f> 0b 90 e8 96 5b 6d 0a 89 c0 48 c7 c7 68 23 69 93 48 03 3c c5 10
[  164.388395][ T7377] RSP: 0018:ffffc90003e2eaf0 EFLAGS: 00010002
[  164.394467][ T7377] RAX: 0000000080000200 RBX: ffff88802e31da00 RCX: 0000000000000002
[  164.402441][ T7377] RDX: 0000000000030000 RSI: ffffffff8e4fd5a1 RDI: ffffffff8ca1b6a0
[  164.410416][ T7377] RBP: 0000000000000000 R08: ffffc90003e2e860 R09: 0000000000000020
[  164.418391][ T7377] R10: 0000000000000000 R11: ffffffff819f7ef0 R12: ffffffff81c36f17
[  164.426367][ T7377] R13: dffffc0000000000 R14: 0000000000000246 R15: ffff8880b8628368
[  164.434348][ T7377]  ? kcov_remote_start+0x97/0x7d0
[  164.439381][ T7377]  ? __pfx_hlock_conflict+0x10/0x10
[  164.444589][ T7377]  ? inode_set_ctime_to_ts+0x1ba/0x400
[  164.450094][ T7377]  ieee80211_rx_list+0x53e/0x3490
[  164.455141][ T7377]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  164.460602][ T7377]  ? up_write+0x1ab/0x590
[  164.464945][ T7377]  ? __lock_acquire+0xad5/0xd80
[  164.469813][ T7377]  ? ieee80211_rx_napi+0xd4/0x3c0
[  164.474841][ T7377]  ieee80211_rx_napi+0x187/0x3c0
[  164.479792][ T7377]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  164.485265][ T7377]  ? skb_dequeue+0x113/0x150
[  164.489879][ T7377]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  164.495879][ T7377]  ? ieee80211_stop_device+0x2a/0xf0
[  164.501188][ T7377]  ieee80211_stop_device+0x3f/0xf0
[  164.506331][ T7377]  ieee80211_do_stop+0x1dfa/0x23a0
[  164.511472][ T7377]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  164.516963][ T7377]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  164.522865][ T7377]  ? lockdep_hardirqs_on+0x9d/0x150
[  164.528079][ T7377]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  164.534415][ T7377]  ? wiphy_work_cancel+0x1f0/0x3e0
[  164.539547][ T7377]  ieee80211_stop+0x43b/0x490
[  164.544240][ T7377]  ? __pfx_ieee80211_stop+0x10/0x10
[  164.549455][ T7377]  __dev_close_many+0x3d7/0x760
[  164.554329][ T7377]  ? __pfx___dev_close_many+0x10/0x10
[  164.559720][ T7377]  ? __pfx___mutex_trylock_common+0x10/0x10
[  164.565636][ T7377]  dev_close_many+0x250/0x4c0
[  164.570356][ T7377]  ? __pfx_dev_close_many+0x10/0x10
[  164.575592][ T7377]  ? __mutex_unlock_slowpath+0x229/0x800
[  164.581236][ T7377]  netif_close+0x1c2/0x2d0
[  164.585671][ T7377]  ? __pfx_netif_close+0x10/0x10
[  164.590626][ T7377]  dev_close+0x137/0x280
[  164.594889][ T7377]  nl80211_del_interface+0xd5/0x140
[  164.600108][ T7377]  genl_rcv_msg+0xb38/0xf00
[  164.604627][ T7377]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.609655][ T7377]  ? __dev_queue_xmit+0x1780/0x3f60
[  164.614863][ T7377]  ? kasan_save_track+0x3f/0x80
[  164.619728][ T7377]  ? __kasan_slab_alloc+0x66/0x80
[  164.624772][ T7377]  ? do_syscall_64+0xf3/0x230
[  164.629477][ T7377]  ? __lock_acquire+0xad5/0xd80
[  164.634341][ T7377]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  164.639718][ T7377]  ? __pfx_nl80211_del_interface+0x10/0x10
[  164.645556][ T7377]  ? __pfx_nl80211_post_doit+0x10/0x10
[  164.651054][ T7377]  netlink_rcv_skb+0x208/0x480
[  164.655851][ T7377]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.660891][ T7377]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  164.666210][ T7377]  ? netlink_deliver_tap+0x2e/0x1b0
[  164.671436][ T7377]  genl_rcv+0x28/0x40
[  164.675431][ T7377]  netlink_unicast+0x7f8/0x9a0
[  164.680218][ T7377]  ? __pfx_netlink_unicast+0x10/0x10
[  164.685524][ T7377]  ? skb_put+0x114/0x1f0
[  164.689784][ T7377]  netlink_sendmsg+0x8c3/0xcd0
[  164.694578][ T7377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.699890][ T7377]  ? aa_sock_msg_perm+0x91/0x160
[  164.704856][ T7377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.710157][ T7377]  __sock_sendmsg+0x221/0x270
[  164.714854][ T7377]  ____sys_sendmsg+0x523/0x860
[  164.719644][ T7377]  ? __pfx_____sys_sendmsg+0x10/0x10
[  164.724937][ T7377]  ? __fget_files+0x2a/0x420
[  164.729540][ T7377]  ? __fget_files+0x2a/0x420
[  164.734143][ T7377]  __sys_sendmsg+0x271/0x360
[  164.738746][ T7377]  ? __pfx_futex_wake+0x10/0x10
[  164.743611][ T7377]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.748766][ T7377]  ? do_syscall_64+0xb6/0x230
[  164.753452][ T7377]  do_syscall_64+0xf3/0x230
[  164.758100][ T7377]  ? clear_bhb_loop+0x45/0xa0
[  164.762791][ T7377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.768690][ T7377] RIP: 0033:0x7f36c038d169
[  164.773107][ T7377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.792711][ T7377] RSP: 002b:00007f36c11d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.801145][ T7377] RAX: ffffffffffffffda RBX: 00007f36c05a5fa0 RCX: 00007f36c038d169
[  164.809132][ T7377] RDX: 0000000000000060 RSI: 0000200000000200 RDI: 0000000000000005
[  164.817126][ T7377] RBP: 00007f36c040e990 R08: 0000000000000000 R09: 0000000000000000
[  164.825118][ T7377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.833115][ T7377] R13: 0000000000000000 R14: 00007f36c05a5fa0 R15: 00007f36c06cfa28
[  164.841121][ T7377]  </TASK>
[  164.844317][ T7377] Kernel Offset: disabled
[  164.848671][ T7377] Rebooting in 86400 seconds..