last executing test programs:

20.699103034s ago: executing program 4 (id=3257):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000007280)={0x0, 0x0, &(0x7f0000007240)={&(0x7f0000001100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_DELFLOWTABLE={0x20, 0x18, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x48}, 0x1, 0x0, 0x0, 0x40c1}, 0x40)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xc}}]}, &(0x7f0000000080)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

19.669109594s ago: executing program 4 (id=3262):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0x10)
r2 = socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x10, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000040)=0x8)
creat(&(0x7f0000000140)='./file0\x00', 0x108)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r3, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)

19.471083302s ago: executing program 4 (id=3264):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x2, 0x7, 0x10, 0x7, 0x2, 0x0, 0x70bd28, 0x25dfdbfc}, 0x10}}, 0x4400c0b0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in6=@loopback, 0x4e23, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xfffffffffffffffc, 0x8}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x4d2, 0x32}, 0x2, @in6=@private0, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0)
r2 = syz_io_uring_complete(0x0)
r3 = geteuid()
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r4=>0xffffffffffffffff}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {r3, r4}}, './file0\x00'})

18.618283292s ago: executing program 4 (id=3265):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080), 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000640)="900000001c001f4d154a817393", 0xd, 0x4040080, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x12, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x1, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)
close(r0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f0000000900)}, 0x20)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r2, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="99", 0x1}], 0x1}}], 0x1, 0x40000)

17.638587806s ago: executing program 4 (id=3271):
syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@random="cd2bbd622a52", @broadcast, @val={@val={0x88a8, 0x6}, {0x8100, 0x4, 0x1, 0x5}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x20, 0x0, 0x1, 0x0, @rand_addr=0x64010103, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, @empty, @local}, "a07d9e6dadc75ed1"}}}}}, 0x0) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ff199610b90661408801010203010902120001000000000904"], 0x0)

16.199210457s ago: executing program 4 (id=3277):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x5, 0x4)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x1c, 0x0}}], 0x1, 0xc040)

4.387849828s ago: executing program 1 (id=3315):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
preadv(r2, &(0x7f0000000600)=[{&(0x7f00000001c0)=""/183, 0xb7}], 0x1, 0x11, 0x20002) (fail_nth: 3)

3.835330876s ago: executing program 2 (id=3317):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
timer_delete(r0)
r1 = getpid()
setpriority(0x0, r1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x32, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
sendto$inet6(r2, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000400), r4, 0x0, 0x3, 0x1}}, 0x20)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

3.642481491s ago: executing program 1 (id=3319):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc000000001", @ANYRES32=r2, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="50000000100001042dbd7000ffdbdf2500000000", @ANYRES32=r3, @ANYBLOB="000000000000000030001280080001007369740024000280060010000200000008000100a8704b6a2f2573a6", @ANYRES32=r3, @ANYBLOB, @ANYRES32=r2], 0x50}}, 0x0)

3.555114288s ago: executing program 2 (id=3320):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r0}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000640)="900000001c001f4d154a817393", 0xd, 0x4040080, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x12, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x1, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20)
close(r1)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r2, &(0x7f0000000900)}, 0x20)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r3, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="99", 0x1}], 0x1}}], 0x1, 0x40000)

3.370183486s ago: executing program 1 (id=3321):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x11c, &(0x7f0000000040)=0x6, 0x0, 0x4)
syz_io_uring_submit(r1, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x28, &(0x7f0000000080)=0x6, 0x0, 0x4)
pread64(r3, &(0x7f0000002140)=""/17, 0x11, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000900)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x7ffe, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008050}, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001640)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd2c, 0x25dfdbf7, {0x0, 0x0, 0x0, r9, {0xb, 0x19}, {0x0, 0xfff1}, {0xe, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={<r11=>0x0}, &(0x7f0000000140)=0xc)
prlimit64(r11, 0xf, 0x0, &(0x7f0000000180))
r12 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r12, &(0x7f0000000080)={0xa, 0x4e23, 0x2, @empty, 0x1000}, 0x1c)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4, 0x0, 0x8, 0x2}, 0x10}, 0x1, 0x7}, 0x0)
listen(r8, 0x7)

2.747163362s ago: executing program 3 (id=3324):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$inet6(r0, &(0x7f0000000180)="90e4d2436b0c3f93e17259a8d3719a48c687b98e7263251e2f1af7cf624ce16382a09ff0d0fd0ac2", 0x28, 0x20000804, 0x0, 0x0)

2.637194713s ago: executing program 3 (id=3325):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xc000}})
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000000)={0x29, 0x4, 0x0, {0x1, 0xefff, 0x1, 0x0, [0x0]}}, 0x29)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @rand_addr=0x1}, 0x2, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r3, 0x8004745a, &(0x7f0000005280))

2.626664684s ago: executing program 0 (id=3326):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/tcp\x00')
ioctl$KVM_RUN(r1, 0xae80, 0x0)
lseek(r1, 0x1000000, 0x0)

2.544957948s ago: executing program 2 (id=3327):
r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x7ff, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x4005, 0x2, {0x1, @win={{}, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x9}}})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYRESOCT=0x0, @ANYRESDEC=r0, @ANYBLOB=',group_id=', @ANYRESDEC=r1])
keyctl$instantiate(0xc, 0x0, &(0x7f0000000500)=ANY=[@ANYRES8], 0x2a, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$igmp(0x2, 0x3, 0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0xffffffffffffff6e, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r6, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r4], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x401)
r7 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r7, 0x0, 0x0, 0x44050, &(0x7f0000000040)={0x11, 0x4, r6, 0x1, 0x7}, 0x14)
keyctl$read(0xb, r3, &(0x7f0000000840)=""/99, 0x63)
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0xfffffffffffffffe, 0x83, {0x0, 0x2c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000440))
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2317b595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc25269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c14728be002f012e87e269470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fd1d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a337af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c47aafcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dc66f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0xffffffffffffffda, 0x6, {0x0, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffd, 0x100000000000000, 0x0, 0x4000000, 0x0, 0x3966, 0x7, 0x2000, 0x0, r9, r10, 0x10, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
quotactl$Q_GETQUOTA(0xffffffff80000700, &(0x7f0000000040)=@sr0, r9, &(0x7f0000000080))
r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r11, 0x0}, 0x20)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f00000004c0)={'ip6tnl0\x00', 0x8000})

2.351056306s ago: executing program 0 (id=3328):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)

2.326113437s ago: executing program 3 (id=3329):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
timer_delete(r0)
r1 = getpid()
setpriority(0x0, r1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x32, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x303}, "8e5c47b6113719cb", "0ada5daa1887d07c859f2746f4ef05a3", "4bb6423e", "c2c8fa220423de5d"}, 0x28)
sendto$inet6(r2, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000400), r4, 0x0, 0x3, 0x1}}, 0x20)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

2.180520257s ago: executing program 0 (id=3330):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc000000001", @ANYRES32=r2, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="50000000100001042dbd7000ffdbdf2500000000", @ANYRES32=r3, @ANYBLOB="000000000000000030001280080001007369740024000280060010000200000008000100a8704b6a2f2573a6", @ANYRES32=r3, @ANYBLOB, @ANYRES32=r2], 0x50}}, 0x0)

2.083005129s ago: executing program 1 (id=3331):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00')
read(r0, &(0x7f0000001b00)=""/194, 0xc2)
r1 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x12, r1, 0x80000000)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x1, 0x3, 0x400000, 0x963, 0x2, "b28e227c0d22ddfc157c826ef4caac781f94fe"})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r4, 0x4008af14, &(0x7f00000002c0)={0x1})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x400008a, 0x0)

2.082711482s ago: executing program 2 (id=3332):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r1=>0x0})
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000380)={0xc})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r3=>0x0, 0x1})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r3, 0x0, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000001c0)={0x28, 0x3, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f00000003c0)={0x2a6, 0x0, "2dd82129cb82327389c3b42ee17f84200e7484f2b06fa73f76c4a3bb89519ec7f4e86c283a065a0036d64b8068332387a7480dc9962a6d38d39bb67b895f9c3cd96f038080c2c62f9ec93860609c35ff0f48eacd242f9e6ec1d9d2bb1af2f280a03771ae387b444b02406eb2890dcd7c211bea667ba841721bc40864e4eee3399fe804fd89ec4fedfa7496b29e4fce1122d61f1bed350d2e7404962a8284739051bd22963a0f3ee06aedb7c6cb64a61f96647b5b310fd35dd3fd3708c980d14ba87f0becf8c6ee2052eb8fd243ed8bfc3ba48944721e6a5f6d921177e14a6d06492664929f04bf583fe592ed5946f1991bf2a27a2ffa9a2d856e298b54347906"})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x5})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.962722791s ago: executing program 3 (id=3333):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='freezer.parent_freezing\x00', 0x275a, 0x0)
fchmod(r1, 0x20049549e2a2d659)
write$binfmt_script(r1, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x2, 0x0, @local, 0x2}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={r3, 0xa0e}, 0x8)

1.777007013s ago: executing program 0 (id=3334):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$inet6(r0, &(0x7f0000000180)="90e4d2436b0c3f93e17259a8d3719a48c687b98e7263251e2f1af7cf624ce16382a09ff0d0fd0ac2", 0x28, 0x20000804, 0x0, 0x0)

1.621728498s ago: executing program 2 (id=3335):
r0 = socket$l2tp(0x2, 0x2, 0x73)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES16=r0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000001d0000000000000000000000000092e7d7d4d5338e8e6022a459c8850fb69311906d31ba5e3bf56fb26438b5e916aaac716f5e4311832449a8d78ce81720b17bf0c88794ab017093e1c07fb548fc5435abddc6e653f86406c31c19d19259d8bea07cb3b2d2897daeec9f2403ad9633c3707723ccee609f697b4e47f6b7a8823b2e936c5a0effb36a03e28a8275e5477eda4614054c30d5c059d58f848773e8e578fa6b238c0ec45f"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000080000007b8af0ff00000000bfa10000ddef05ab8c533527f8ffffffbf0100000000000007040000ffffffffb70200000800000018230080", @ANYRES16=r0, @ANYRESDEC=r1], &(0x7f0000000300)='GPL\x00', 0x5, 0x1000, &(0x7f0000000b00)=""/4096, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd20, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0xb42c3, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000080)={<r3=>r2})
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000140)={0x0, 0x2}, &(0x7f0000000180)=0x8)
ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f00000000c0)={{r2}, 0x0, 0x0, 0x100000})
syz_genetlink_get_family_id$tipc(&(0x7f0000000580), r3)
syz_open_dev$radio(&(0x7f0000000040), 0x0, 0x2)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000900)={&(0x7f0000001b00)=ANY=[@ANYBLOB="5c001d00", @ANYRES16=0x0, @ANYBLOB="020029bd7000fbdbdf25020000000800040000000100050005007f00000014000180060001000a000000080006000400000008000400ff7f0000080004000600000005000500000000000500050000000000"], 0x58}, 0x1, 0x0, 0x0, 0x90}, 0x20000800)
sendto$l2tp(r3, &(0x7f00000005c0)="e5786a0d0000000000d7579d56f68b4f7be5cc41", 0x14, 0x0, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r4, &(0x7f0000003800)=[{{&(0x7f00000008c0)={0xa, 0x4e23, 0x9, @mcast1, 0x5}, 0x1c, &(0x7f0000001f80)=[{&(0x7f0000000980)="f9d21847ac8db9b7afca3251a38b4af0023a0755ff6f15c47fd0baf4376f8a814c6006291707677b189c52203c630022c41377001b353818b98fe5e0af0aa8fbe0d563089bee3d2b929e774ce969221d276ab16f2e6d91a64a173258ed", 0x5d}, {&(0x7f0000000a00)="32b6", 0x2}, {&(0x7f0000001b80)="478f4448f48898db436ec9e8ed69922b7f6a47749d75f225de6c357fd41f5f292341fc850a45becb52caf4074dee52a3aa011b880d0d6141209c8bf85bfbb676dae412dc0e88328a519abacc3e3f701c0d", 0x51}, {&(0x7f0000001c00)="7b38ce7fa7217a65929ddd066ebc9693b2e892d864dac23119bec785f28dd23f7c9564177dbd8e1f264fa0c661d577e0c4490e7dd910103250a9367613d711071208c62389d9b6100f406de9adae7a948bf8ed2964b7020306d8718ff4885f17560b865024007dc1b4ab39f99c967f5ca05f51c29edec16dc6dadc25c42011976fb564c0f5abdd89a1f97577b609da4a0c5101b416e8db5ab138c3dada23606db08c0d0e126b678e8659f66bb28ecfed2aea02c0711510d7169e72c02358184900", 0xc1}, {&(0x7f0000001d00)="66ce0e44fbe1d9e429365d608b038727e759a88a9435ad177598c6f583c225b3e906b2404cd3aa46960f7804439e6ee03b69e9a335bbd13fb9a0234c2d706dbb5aff734d5c6a7710077263162ab2ca318ab3cd7c3d323322fd701a442c498acde57b2cbe842c107173bf8022413afb576cb9e5db5b283e318ccebd236598e2f719b79c79b5d227b858dc30da86896bdef35b3fc69f0251208f83e7f09e56be2b75ef8046", 0xa4}, {&(0x7f0000001dc0)="d6a30c91c03904d1878063eccc9e722d3846d9a78c0f4126422adc6218baddd2a4e39e7b0524e1faa28a2adff3316323aa13daf5d0439f87ff6b74e2ae72f8e5509491d32a9f01309958036da196db596580760da0a81f22714bf26171dd40b67a289f70b59c20ab28a5889221bcfcfd0e1c41f0ec456bb291d0e3397eee9dd09c55a02a646cd0ac8fd5062e1cf1bb0218d73d5a90379b8b787a3e9ca0c6a80c19cefde918d5c54bb02a24e860b7ef96f67b4fe7018b1dd7a89dbf33a29b9d5b5763faf62489eb15dc97d9827aadd7cfbb738f488d30a37b1bf3f8b140d7129f18169eabcb", 0xe5}, {&(0x7f0000001ec0)="3391d484dbb925ef3585db9dab12550913ff6ec1d1637d08bfdd261799d8312f220638", 0x23}, {&(0x7f0000001f00)="70b1d764", 0x4}, {&(0x7f0000001f40)="559e1c4f450f82131c3e388f0d", 0xd}], 0x9, &(0x7f0000002040)=[@rthdr_2292={{0xb8, 0x29, 0x39, {0x73, 0x14, 0x0, 0x66, 0x0, [@mcast2, @mcast2, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @empty, @mcast1, @local, @rand_addr=' \x01\x00', @private2, @private2]}}}, @rthdr={{0x58, 0x29, 0x39, {0x67, 0x8, 0x0, 0x6, 0x0, [@ipv4={'\x00', '\xff\xff', @broadcast}, @remote, @private2, @remote]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}, @tclass={{0x14, 0x29, 0x43, 0x1}}, @rthdr={{0x38, 0x29, 0x39, {0x62, 0x4, 0x2, 0xd2, 0x0, [@private0, @private2]}}}, @hopopts={{0x20, 0x29, 0x36, {0x2b, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x6e}]}}}, @rthdr={{0x58, 0x29, 0x39, {0x3c, 0x8, 0x2, 0x8, 0x0, [@ipv4={'\x00', '\xff\xff', @multicast2}, @loopback, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}]}}}], 0x1f0}}, {{0x0, 0x0, &(0x7f0000003440)=[{&(0x7f0000002240)="66cbeb938b2b9e83b685dd9be6fba85158b93aebd83c18537e330422e0", 0x1d}, {&(0x7f0000002280)="f6a7e9f2c85edc8793c7cdeafe03979f0630f76a43e263fe149d32f7a6c615e12497e4988d4750f688082aebde3c5a70c55dcae21f04", 0x36}, {&(0x7f00000022c0)="b7efb3c485e9aaabc3accf2c1679c9f8dfbb06daf185bfdd55407f0dd7865c3edb37b321146cbb2be66ab4e22e08aed2b886a363947a071ccea38be2ef263c0b9cb2251b051d5f4919153f5bc265a26bcab37644973edc878e0dc7cf9dc5468b3d5d5ab0e39b030d3c92dfaddc221437c368de2c90cf4da72ab448d3a49daaa8efeffcf2f2f4b492cfe29ce30a33c10f3a125924e0409ff0011ec6f5deb7a515a33bc43865a8e50971198e5c49933e740512670b8a5071f5a3257cca27b716fef5217d628e07c11f56a352c09e87c97da21b65d9cfdc26b1458eeb7ee636852453fa70869b5fee0200261bf42ef84096ee20ada47d95d054b4df71c830c26be980ba6bc2f0db73876308958db627eca7ac3bca6cea751f30876057e282208cc967a08d6957fa459c046cda583f06a96276fdd1b891c6441fa1317809814a57f3e23b99bfa2cc0914da880f6101ad258f45ab66e70c5804db3ebfa34c46c7e91eab05a2aae3e5103516fc8e8f0065b1fdf8b546e1956b75dc01e6bb16d32e77ae0e888a2afb65c449a7fd6347cc865efbb44f1647ad586f4ecc06c307e3ebd495924d46745653f3b8e88d1c043dfe801fc1e0267bebdd53a5bf7ef480d7285339b19bc7ddf3b105189dcfaaf70483b4a48a0ad4bc9bf73833069e8cda5a083949b50bfea76aa39b538af500f0912af5876a9dc247d05030dd2cf09f02a3ccf723e008eefbfd9bfb9b40476b9d67b379f1c71ba0666b41342dc14fe1d1a60aa51faccf1b109c206cc61a7a29b5be09b35397529f9100f70075946eafbdbb3d1b47956da398cd73ebdb043abec05a77d2601ecd1ad519139167debca7141a1785dc7ff86febd0b704c8870eecbac610bfc8dab1e09430a3c36576950a65165ca48d35abd75b4e50965b47b5c9e91e82003034b1ec1ea5038193ed33e0526e0991fbaed96a1c650ca188640b61856c86569f490991deb332db81c6b05db9c98389be7d1c910a17eeea90379f2bd0a2eb5f16a28fc757ad415830cde5a24f95ae2ba49386fdc7b14f8a0716a381960d1c18745c0f30dee70a949d7251ebdea7364098c22fd627f0b65aa1f7bb4ce996e141fc364713784b6e919fc1bd1292547eb26e12457d2f6e2d618bd013107f597087483b11a8ebecc2d2b25405f80feb442d074e07d83af0eefa009baf63deb5fbd409674212202d9ec89fbb7602ef83c661521a898f0ab18d9af56f744a5e3c07be32174a655961efe78c29def16eda53d92669671a388e7540c7d150ee496cc0be1a8a076469229270388dc0bf4a337675e26cce718febaf175c1bfc94e2ff9399d7a614c077756ae7e0480858a74c55a501a5ecb375c4c368f27e543f5d1f7b818274c4fe26758dcaec76f3b5fffe1a9a6d9f2cbac3bd728bff2d302d6fd5f3a9e0f4aaceaa20209e560ed9aa6582e2b2aac2a3838632dbc27c2a8e5528dc28560179e9aac105445b1920eb3b2411ea1af298fd25072950872e6e6cb5161508223c79e7011926a76068295cee6a8793b93d5339b8138e88165da755f68a3ae1cb98a5104fa98b21cc27f03bb206abac1fb411563d0fbb293a09e626136aa3fdb7286dbbf0fb4ce5ba5c445046f168e2276b01335b017acdb602065294b0788ea7707808f81b2f8eead436810eaa87870854882e9f31dc0d6e75724c8019c206d794b086a48aa27d16f619c310aff9857018d01600912f79326fef35c21eb70c1e7fb38580e3188729de8889b956bac308b62e4b204c770ce912a23fdcd481ff4bce1f8c4b5fc63f0578320e829b7867ee57ba5fc634b7c1a903616f5e17ecd881fbb4538137b90e5d882c87471eab66e7d41d0af3c2afefd593b94cbcde107001bc826055d2498281541410bb4ac541adb5c276afb269b0ae770babf3fb879f08154c8318a01d222588ae92339ec17a7a8ec87c373f60e6c2c3e23d2449e7eca955fc25cf897d4dc8fbc7f9b868e8556bc96debea5e28ae708a7054d0a061f02a627caa1e47c44c7f0b07ff6180f4a696f5785143e9092a8f8683995fc3a55b9070969a4eccd0a5ac2aeb753b03df2358f21d409155173d73866b64224cb6b8b788623570618117065b4de0a39d72913287e7cebd0e59584efb2f76d3251778dd93bd92b442dfe74576d2618a104af7e2b79c901b360ede9c2175c7f1822f113e956b7bd73b9e9fa2f20cba17aa6d91da26e868c946fb2100dcdc6ce5669a2de85c981b31684f7adc4c866e4bbbf8aadea0e93c231244d481ae844280913e6f21a15f9120cfd30807bd50b61075de394acab9d00a4b7be09e4f1703bb10c6187bf377733d3d84bb00e3af1d61353302de4153212df9da047b37687c10ce710a91e5b16e05110589169ae75ebf57331b2e7e9c35bdaccfdbaa2760fe8a9c61bf3e3b05c7fbcf0ad65180c1369f0a6fc510a2c6d4a90af60aae9350ffdfde01964cc6ad0d3bde3ad299b7d6b1558b2ede23b9bbbd37eb2e38190daee2901c2b1902ab90dfe9ed9d442c847c3d205aac1fcc65c15cc3914f4d5db7c2537b4d16218b923e401bbeb425d4b5e58577ea079f2a0eac6c0d06b5d10e9227ced8cfb68b118dab684be1cd2400886596c39f2aa3e316a8b868a875388d7e8c6342cdba4378fe2c349ce9524a4db4bd07def8f82dc7dc0025c5d8917c0c682daecdfd4e5f35fe1e3a08c35ad968cbd75e226677aeec99fe6a35ed2c594fb92f6bfb72a634be61a1a8f4767b5b59904824c7d50f1ec0545b60216fc2b4002245da5a46f73c317a02b5d5dbcff56458ba949c4b16dc4e07b73d075bb5cd9933bde57f86f7191b0cc8965d2758be06768c0968c8346d60b9b2976c638cab5c090ca652b77c59409f63d905fb37ae43210d106385c2c10e7afdd3c9f3172dcab01ddc01c6b63d90630010299337fc77492dfe575b716f14a9d2cf9633fb27ab401a07d22ea3bf278d431ccd8f1dbb2d5c72cb6b4a61e913f95b6977a5391c1f2fff39bbda180736a1a85dfb4790baaf5fdf16748dc59dfb158e486babc7ee6cc27cae890e0a37c23257d7606477336e182245593b8f28851d66e78103e45bb54537bdc5bc935f0a84b52fd3846808a5d5277b27f41c85d5a89dc5bb394afd0aded3c8b5054431bf1fe57b2ff478c97250d8555038804106ea4b0c0151bb6e457b5c75a5636492cfc57af57a8b17b5b048511f1bb389d65b6e2df58f382cd3f66ef29cd7d9d2c5521128b7a872eca2454367cbfe85d3aad7ddd52186d5d7e2d5a31f97acc54500fd1442f9a2d3c968ad8be6bde6718bc6e05737a91b1f9ee58fc8480ddd58f2bd35c1b70eaed10595df81f27092010cc679e34b7b07fcc737c8db3e03e797646395a3d8455614e966a09c6d1f9368fae56df8fe6cee4b95ed7271b35b648baf502f3a56aa061fd09ca45147f39991ae34456e9e64dd153585c596e7fb1410c7a0b63186b2c94e28e5e31bdbfa5cf0607776b33d1dd849bdf58732396a48e138958302dc3aae0d8397b2c8e5b1c1ae320b0ebf45ab54c07184329fffa6539f97b640242553d05b2a24391dda7edc1c11502bce30afe2a7e5666ee0b44d91c1e84837fd16226b0b9385643e92ba72e7f8921aad724a276b27ecc58a1ec212f5c10425d992aafd56ca3b3a9038bbe3c3a19308b452495558a1639c6b706644de8aa6d3a8ed94d173dea45b1cd1b1d511c55277e75923713a7c619eeb2844270e5a4d66ddbc50773faa0a58d5eba188a95873de9377a2396d41b316be786ee54aa68a486d09270025470d36a0700ab6d5fac3fa020aeddd02477bdcbe581a223d51d5c2898b6cf3fbd163e13861524676f9da99129afd58026b4815e35497d575f896181e10396568036c556749adf70d7f34ab124a48e576fbef5a2e776fbfcce5f53e6596a60fcbf4e09d55e458e2e2c71dd4a70ca657b5b6e06971da9f3b707c1cd5e0fd04344bb08a3c965bdb41ae47bef0d5c2d15bb6099e63370648bfb619b7b20029a13f9f349a3d9de06ffa9337c8ef70e693fcb9c410b69706dd1e4755715982a9cdd46c0d52aced8b8c1acdb4e514019d7dcdfd47d5134eb9a98aa8d617649f9f01965eddc2a506b727c9fab8322a3bff43264e2180ae786d9866cdaa5687208c197502d6ef3efd7b5fdf711187e17f1724479e0bd7d67fad4d62a9922f84b110b8bee29726fdce2feb1b2e03cab90d049368ba32993e203c48eaaad98f7e7257f01241690ce48202e8ffcf5a658f168aff84fb5676de08c2ad38a75eaf6e01bc5168b513a040a12210016d002b63ddc974bc4550ba768450f968a9837e4e5a5ad5f57f9a9afb456c378f9be8f2cf13fed54df24137bd7501a4bd7a43cac0cd0f71dede4ebb6649e9c8f6f2c22777f7ab7d61b02466393c44340e924977ed14c4b6ef26ddfe2d9016e2fa3098813f89328c75b9d37c32613a1d4e0215ebe32b2309886183ac13a6082b91823bf1c4d6eac66cbe4ba24dc3c8c91c8bffdd0bbce6fc99f1895c11e733505c0861b20ada69e1711766725baf64bf3d6a18e42fcf14e898264367f4a830835e28fb0917ded582f23a443612261256f9757b6aa8765e7bd212c58b6f2ac2c4f2431eb722f514915d53f480ca5cf1e832a65aa3d3983e8a25cc088d164e137982326a58b179ee9953af31f05f99bc444d5343c3b5ef49bd708da832f2d8d7976f62841c90e857b2d860c7af7d4fdc41ac87320011df4c633e515e969e0623f9b23daeeedc0b15f4e8dacea8eaddb9a994dce8018d0e9dbb485691c2bb1e952616d5af1d1ff9bb1b6ba506477007305153764c6d623d8e67d7264410138e3d7ccb95c105c0a5fc7ebf92ffe6e41aeec8e2aa3aedf1ee782966a15889402e32c35c5453ee4ef250e2b55e0140f317c45298b179ba34b4a83e4e7f6a125fe63b7f8cf1502ce5cd4ce2e5e0fb56b6ad51bb2c353f60a9b6e06be1d0fde93dc94ddc51b2a7a5a6a7b984caf4937403dcc328929c99a5d7af0f8a933443337d46bbd15a432d3c23ebbd862930a4df0dc49b75221462ef09c231ad7cebd62ebf8e84d773511dfcd0b982b277a227e7522e21c14249f1038fe8d86af3416cac328038db1107edc2179bdfd15e94c83c9f61b35ba010ec1df0995c7daafb7a0f4a0deeba1695084bde56835901991008470c18fecf9953fd787acfb09a0640028cdc3fc0ed3b681c806013dc59195d02861432faf60e6081d2d017db5c0d4d6630cde2e5bba4d2b1e59d6bdada8b0792c684624055a5cc410312a93f09935c2fd109f9be823033b84366401df822fc9d749a038a82a2dd335808d6d543688c0ffdbfd9e23e67260437937d4c2a2d724aad06926a685090b3628da353765351a45b372c1f31f34ea380419181a2faa69ee3e206f83b72275d0b38d356ac6c9898873d48fa9e1e1e79cdde4524e7c122e854d2e47d4ceebcc5722e3554c53d2e961214f31304600114f9a47936bde8c1370823696a816caac15a5626049d6722df8bb3da358e0b699e96df32b02ddbecd9a806513c0d5a58bd3b2814f3e6aacc02e01ea3886154b6e4e6d02ca81162b5bd52681eeb48203b79fcccc4512eb8b0fc08a90ee437a5fd3c8ce8c4ffb62bb53844e97677c1a3a65fc08258b4306b4dc3b15bab781604c3eb3abe2e15e410dacd36025b4c35ce9d95f6d2ce18433d330f2bb117cf1f43a79ed854869567424f7029eb88bb8d785518f2afbde3ee83b6b278e0c9efbebc3fdea6b27059b1779444bb1f89c5d1aaad8357287fe0010c0d06851f6193ea8c9f0d2a58", 0x1000}, {&(0x7f00000032c0)="a8c34f46d9f9742fdd7fc72fad4a26f4e4ab5fb2a2af3630f494636c2cb3ff4958b13172d53d86af9d06d8c3082e0d6a011b3f7ec4f5", 0x36}, {&(0x7f0000003300)="a8cdac18dc503542462fa32729fd4af0fb7360c78caf9b040aab672cddc58e2b572877bdda8c960e911f3102e0e6d1535745cdbf3a20e97e0ee73e8a442ff236e35315db9e22e6f6f5505dbb05aff524c2edd6e9656ffb313aff4532a38d0ccaef84b643dc5a4e407494d0c95a7b116a023c650a6fc91b241267a976c349879eeb1ef609ae2731a13fb9245eac0ede7fc47a6ef030e3a2b4a97f3e0cd04360602a3ab55e8a976ef6157c37da201e94", 0xaf}, {&(0x7f00000033c0)="f14ff179ec0ea6654eb5de0bf50463f1ea98467702fda981a088a9e335c8bff715002d5d22c3b7c00e1fbb37db56e2b65bacfa7553672f5865440c1787c0a7f6f010", 0x42}], 0x6, &(0x7f00000038c0)=[@tclass={{0x14, 0x29, 0x43, 0x3f19}}, @tclass={{0x14, 0x29, 0x43, 0x9}}, @hoplimit={{0x14, 0x29, 0x34, 0x10}}, @rthdrdstopts={{0xa8, 0x29, 0x37, {0x1d, 0x12, '\x00', [@calipso={0x7, 0x8, {0x2, 0x0, 0x6, 0x81}}, @padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x3}, @jumbo={0xc2, 0x4, 0x200}, @enc_lim={0x4, 0x1, 0x5}, @pad1, @calipso={0x7, 0x58, {0x2, 0x14, 0x80, 0x4, [0x2, 0x9, 0x1, 0x2, 0x100000001, 0xc000000000, 0xfffffffffffffff7, 0x9, 0x34, 0xe]}}, @ra={0x5, 0x2, 0xa}, @hao={0xc9, 0x10, @mcast2}, @ra={0x5, 0x2, 0x2}]}}}, @hopopts_2292={{0x30, 0x29, 0x36, {0xff, 0x3, '\x00', [@padn={0x1, 0x1, [0x0]}, @hao={0xc9, 0x10, @local}, @pad1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x2}}, @flowinfo={{0x14, 0x29, 0xb, 0x7}}], 0x150}}, {{&(0x7f0000003600)={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x26}, 0x6}, 0x1c, &(0x7f0000003700)=[{&(0x7f0000003640)="47633243e4b3dbbc516233efe60f58eded69b48392e706bfeabd0e12ba03bbb9c6d8e3533723587638001f65d68ac7dbdd67a90114da939a59c4b8b18ab5360dd532b858c826dd67984c9c9694a07134e1ac96db49b0306ed5661890e9f80a1aa7382e33cbd3c69f4ea9606931a1e7deb82cf265c619288199af99358cdd1517251d8318a7bdd4e3360c1f39a531801c20a7665f50a49a3199769ccce0", 0x9d}], 0x1, &(0x7f0000003740)=[@rthdr={{0x38, 0x29, 0x39, {0x88, 0x4, 0x1, 0x7f, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x5}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x0, 0x3, '\x00', [@jumbo={0xc2, 0x4, 0x8001}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @loopback}}]}}}, @tclass={{0x14, 0x29, 0x43, 0xbf8}}], 0x98}}], 0x3, 0x44040005)
sendto$inet6(r4, &(0x7f00000004c0)="9ab044c01750b4025d4da8742a5294fa902c08580e84b17acf82d1136d9fd2fecfb0fde542c81b1a2e747ac5709998e3066684bcf40f7ba1934179c60427f52922a1615f438973ec7519730159aca68a453748ab49108a62fdc7c362827aedfc34d5c563fdde638e0e06d1401d95d31a36522db17a021689fd", 0x79, 0x3b00, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="04080409c80004398ea8d8ea04961a064760c0d127bd51e516bd36914d950549d6e863cae51b085e0ce4f33b323282f498f230c96ffd14ca3484e1b8cc36a2f1447fe63c98ad8ddf1737f9bdcd0c6012c8861bd0d5cde5921c5f7299a7f233f724335a9695c191f588506146198a0988bbae154d402dce0a37bbce8c0f373107b3c5d38bbf75a79bf1b0b914eeb2fbe570fd208b6a6404a82adb02ef50200083ddfb4aa58dc081b9609f12316fc46112a44a48695b981ed47522c3edb11379006edf365ddbccd42198c8089eb9a8f2c7dbf08a29ce720c237c04"], 0x7)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
epoll_wait(r2, &(0x7f0000000540)=[{}], 0x1, 0x1ff)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140)={<r7=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0x8}, r8}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000700)={0x3, 0x40, 0xfa00, {{0xa, 0xff, 0x7, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x19}}, 0x8}, {0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, '\x00', 0x21}, 0x5}, r8, 0x1}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, r7, 0x9dffffff}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000380)={0x15, 0x110, 0xfa00, {r7, 0x10001, 0x0, 0x0, 0x0, @in6={0xa, 0x4e20, 0x7f, @loopback, 0x1b13}, @ib={0x1b, 0x1, 0xa, {"ee90c66de8ab85d498e89cde8c698382"}, 0x100, 0x535, 0x8}}}, 0x118)
syz_emit_vhci(&(0x7f0000000880)=ANY=[@ANYBLOB="02c9c0120e00050015020a0002000800000000000300"], 0x17)

1.535137665s ago: executing program 0 (id=3336):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000640)="900000001c001f4d154a817393", 0xd, 0x4040080, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x12, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x1, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r3}, &(0x7f0000000840), &(0x7f0000000880)=r2}, 0x20)
close(r2)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r3, &(0x7f0000000900)}, 0x20)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r4, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="99", 0x1}], 0x1}}], 0x1, 0x40000)

1.398279476s ago: executing program 2 (id=3337):
ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r2, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)
mmap(&(0x7f000032d000/0x4000)=nil, 0x4000, 0x0, 0x8031, r3, 0x1c5bb000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
ioprio_get$uid(0x3, 0x0)
mlock2(&(0x7f00002a2000/0x3000)=nil, 0x3000, 0x0)
mremap(&(0x7f00004fd000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f000015a000/0x2000)=nil)
mlock(&(0x7f00001b5000/0x400000)=nil, 0x400000)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

1.310026933s ago: executing program 0 (id=3338):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet(0x2, 0x4000000805, 0x0)
sendmmsg(r0, &(0x7f0000000180)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @local, 0x2}, 0x80, &(0x7f0000000200)=[{&(0x7f00000000c0)="ae", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000008400"], 0x18}}], 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='1', 0x1)
syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100, 0x0, 0x16e}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$kcm(0x2, 0xa, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000200)={0x0, 0x0})
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f0000000000)={0x0, [0x6, 0x6, 0x3], [{0x0, 0x0, 0x0, 0x1}, {0x35, 0x39}, {0x0, 0x8}, {0x800000, 0x800001}, {}, {0x80001ff}, {0x0, 0x1000}, {0x4}, {0x0, 0x800}, {}, {0x1}, {0x0, 0xe68b}], 0xc})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001000000406d0427c2000000000001090224000eb4fe9000"], 0x0)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond_slave_1\x00'})
signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x9]}, 0x8)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[], 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_clone3(&(0x7f00000001c0)={0x100001200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.075407934s ago: executing program 1 (id=3339):
ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r2, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0) (fail_nth: 2)
mmap(&(0x7f000037a000/0x2000)=nil, 0x2000, 0x0, 0x8031, 0xffffffffffffffff, 0x1c5bb000)
mlock2(&(0x7f00002a2000/0x3000)=nil, 0x3000, 0x0)
mremap(&(0x7f00004fd000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f000015a000/0x2000)=nil)
mlock(&(0x7f00001b5000/0x400000)=nil, 0x400000)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)

858.838994ms ago: executing program 3 (id=3340):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x0, @loopback}], 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000380)=[@in6={0xa, 0x4e24, 0x8000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}], 0x1c) (fail_nth: 3)

488.228131ms ago: executing program 3 (id=3341):
r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x7ff, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x4005, 0x2, {0x1, @win={{}, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x9}}})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x3)

0s ago: executing program 1 (id=3342):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
timer_delete(r0)
r1 = getpid()
setpriority(0x0, r1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x32, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x303}, "8e5c47b6113719cb", "0ada5daa1887d07c859f2746f4ef05a3", "4bb6423e", "c2c8fa220423de5d"}, 0x28)
sendto$inet6(r2, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000400), r4, 0x0, 0x3, 0x1}}, 0x20)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

_resched+0x10/0x10
[  465.204532][T14032]  should_fail_ex+0x414/0x560
[  465.204560][T14032]  should_failslab+0xa8/0x100
[  465.204662][T14032]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  465.204690][T14032]  ? __alloc_skb+0x112/0x2d0
[  465.204722][T14032]  __alloc_skb+0x112/0x2d0
[  465.204752][T14032]  netlink_sendmsg+0x5c6/0xb30
[  465.204788][T14032]  ? __pfx_netlink_sendmsg+0x10/0x10
[  465.204816][T14032]  ? aa_sock_msg_perm+0x94/0x160
[  465.204841][T14032]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  465.204922][T14032]  ? __pfx_netlink_sendmsg+0x10/0x10
[  465.204953][T14032]  __sock_sendmsg+0x219/0x270
[  465.204979][T14032]  ____sys_sendmsg+0x505/0x830
[  465.205016][T14032]  ? __pfx_____sys_sendmsg+0x10/0x10
[  465.205058][T14032]  ? import_iovec+0x74/0xa0
[  465.205092][T14032]  ___sys_sendmsg+0x21f/0x2a0
[  465.205124][T14032]  ? __pfx____sys_sendmsg+0x10/0x10
[  465.205194][T14032]  ? __fget_files+0x2a/0x420
[  465.205222][T14032]  ? __fget_files+0x3a0/0x420
[  465.205261][T14032]  __x64_sys_sendmsg+0x19b/0x260
[  465.205294][T14032]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  465.205342][T14032]  ? do_syscall_64+0xba/0x210
[  465.205374][T14032]  do_syscall_64+0xf6/0x210
[  465.205402][T14032]  ? clear_bhb_loop+0x45/0xa0
[  465.205429][T14032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.205451][T14032] RIP: 0033:0x7f0f1bf8e969
[  465.205471][T14032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  465.205490][T14032] RSP: 002b:00007f0f1ce32038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  465.205526][T14032] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8e969
[  465.205543][T14032] RDX: 0000000000000000 RSI: 0000200000006040 RDI: 0000000000000004
[  465.205558][T14032] RBP: 00007f0f1ce32090 R08: 0000000000000000 R09: 0000000000000000
[  465.205572][T14032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.205585][T14032] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  465.205618][T14032]  </TASK>
[  465.417905][ T5887] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  465.456756][  T977] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  465.532104][T13915] veth0_vlan: entered promiscuous mode
[  465.563028][T13915] veth1_vlan: entered promiscuous mode
[  465.577208][ T5887] usb 2-1: Using ep0 maxpacket: 16
[  465.588072][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.597412][ T5930] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  465.606654][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  465.632945][T13915] veth0_macvtap: entered promiscuous mode
[  465.639637][ T5887] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  465.653556][  T977] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  465.662257][T13915] veth1_macvtap: entered promiscuous mode
[  465.668274][  T977] usb 4-1: config 0 has no interface number 0
[  465.681130][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.692140][  T977] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  465.704340][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.708239][  T977] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  465.727783][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.736502][ T5887] usb 2-1: config 0 descriptor??
[  465.738003][ T5930] usb 3-1: device descriptor read/64, error -71
[  465.752188][  T977] usb 4-1: Product: syz
[  465.767100][  T977] usb 4-1: SerialNumber: syz
[  465.774538][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.785641][  T977] usb 4-1: config 0 descriptor??
[  465.795757][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.805393][  T977] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input10
[  465.811788][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.838188][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.854760][T13915] batman_adv: batadv0: Interface activated: batadv_slave_0
[  465.880606][ T5930] usb usb3-port1: attempt power cycle
[  465.925639][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.947414][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.963487][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.975457][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.988179][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.994879][ T5887] appleir 0003:05AC:8241.0004: item fetching failed at offset 3/5
[  466.014048][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.029905][T13915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  466.037957][ T5887] appleir 0003:05AC:8241.0004: parse failed
[  466.040687][T13915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.047431][ T5887] appleir 0003:05AC:8241.0004: probe with driver appleir failed with error -22
[  466.078339][T13915] batman_adv: batadv0: Interface activated: batadv_slave_1
[  466.108778][T13915] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.118466][T13915] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.128089][T13915] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  466.139071][T13915] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  466.256695][ T5930] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  466.276449][ T6034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.278599][ T5930] usb 3-1: device descriptor read/8, error -71
[  466.294122][ T6034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.358618][ T6040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.373341][ T6040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.543287][ T5930] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  466.596181][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  466.598733][ T5930] usb 3-1: device descriptor read/8, error -71
[  466.605080][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  466.609746][ T5889] usb 4-1: USB disconnect, device number 18
[  466.616484][    C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  466.693883][ T5889] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  466.747630][ T5930] usb usb3-port1: unable to enumerate USB device
[  466.775045][ T5887] usb 2-1: USB disconnect, device number 20
[  467.323879][T14065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3099'.
[  468.384428][T14075] FAULT_INJECTION: forcing a failure.
[  468.384428][T14075] name failslab, interval 1, probability 0, space 0, times 0
[  468.426911][T14075] CPU: 1 UID: 0 PID: 14075 Comm: syz.3.3105 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  468.426936][T14075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.426945][T14075] Call Trace:
[  468.426950][T14075]  <TASK>
[  468.426957][T14075]  dump_stack_lvl+0x189/0x250
[  468.426983][T14075]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.427004][T14075]  ? __pfx__printk+0x10/0x10
[  468.427023][T14075]  ? __pfx___might_resched+0x10/0x10
[  468.427039][T14075]  should_fail_ex+0x414/0x560
[  468.427057][T14075]  should_failslab+0xa8/0x100
[  468.427077][T14075]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  468.427097][T14075]  ? __alloc_skb+0x112/0x2d0
[  468.427117][T14075]  __alloc_skb+0x112/0x2d0
[  468.427136][T14075]  netlink_sendmsg+0x5c6/0xb30
[  468.427159][T14075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.427178][T14075]  ? aa_sock_msg_perm+0x94/0x160
[  468.427194][T14075]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  468.427210][T14075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.427227][T14075]  __sock_sendmsg+0x219/0x270
[  468.427243][T14075]  ____sys_sendmsg+0x505/0x830
[  468.427266][T14075]  ? __pfx_____sys_sendmsg+0x10/0x10
[  468.427292][T14075]  ? import_iovec+0x74/0xa0
[  468.427315][T14075]  ___sys_sendmsg+0x21f/0x2a0
[  468.427335][T14075]  ? __pfx____sys_sendmsg+0x10/0x10
[  468.427379][T14075]  ? __fget_files+0x2a/0x420
[  468.427396][T14075]  ? __fget_files+0x3a0/0x420
[  468.427422][T14075]  __x64_sys_sendmsg+0x19b/0x260
[  468.427443][T14075]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  468.427473][T14075]  ? do_syscall_64+0xba/0x210
[  468.427494][T14075]  do_syscall_64+0xf6/0x210
[  468.427513][T14075]  ? clear_bhb_loop+0x45/0xa0
[  468.427531][T14075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.427552][T14075] RIP: 0033:0x7f0ae1b8e969
[  468.427565][T14075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  468.427577][T14075] RSP: 002b:00007f0ae29fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  468.427593][T14075] RAX: ffffffffffffffda RBX: 00007f0ae1db5fa0 RCX: 00007f0ae1b8e969
[  468.427603][T14075] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  468.427612][T14075] RBP: 00007f0ae29fa090 R08: 0000000000000000 R09: 0000000000000000
[  468.427620][T14075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  468.427629][T14075] R13: 0000000000000000 R14: 00007f0ae1db5fa0 R15: 00007f0ae1edfa28
[  468.427650][T14075]  </TASK>
[  469.297729][ T5886] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  469.339123][T14084] FAULT_INJECTION: forcing a failure.
[  469.339123][T14084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.400408][T14084] CPU: 1 UID: 0 PID: 14084 Comm: syz.0.3110 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  469.400440][T14084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.400453][T14084] Call Trace:
[  469.400462][T14084]  <TASK>
[  469.400471][T14084]  dump_stack_lvl+0x189/0x250
[  469.400504][T14084]  ? __lock_acquire+0xaac/0xd20
[  469.400535][T14084]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.400564][T14084]  ? __pfx__printk+0x10/0x10
[  469.400583][T14084]  ? __might_fault+0xb0/0x130
[  469.400628][T14084]  should_fail_ex+0x414/0x560
[  469.400653][T14084]  _copy_from_iter+0x1db/0x15a0
[  469.400691][T14084]  ? __pfx__copy_from_iter+0x10/0x10
[  469.400719][T14084]  ? is_bpf_text_address+0x26/0x2b0
[  469.400757][T14084]  tun_get_user+0x4b2/0x3c20
[  469.400803][T14084]  ? aa_file_perm+0x11f/0xed0
[  469.400828][T14084]  ? __pfx_tun_get_user+0x10/0x10
[  469.400855][T14084]  ? aa_file_perm+0x11f/0xed0
[  469.400877][T14084]  ? aa_file_perm+0x3e7/0xed0
[  469.400913][T14084]  ? ref_tracker_alloc+0x318/0x460
[  469.400938][T14084]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  469.400966][T14084]  ? tun_get+0x1c/0x2f0
[  469.400999][T14084]  ? tun_get+0x1c/0x2f0
[  469.401025][T14084]  ? tun_get+0x1c/0x2f0
[  469.401057][T14084]  tun_chr_write_iter+0x113/0x200
[  469.401087][T14084]  vfs_write+0x548/0xa90
[  469.401115][T14084]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  469.401144][T14084]  ? __pfx_vfs_write+0x10/0x10
[  469.401177][T14084]  ? __fget_files+0x2a/0x420
[  469.401219][T14084]  ksys_write+0x145/0x250
[  469.401240][T14084]  ? rcu_is_watching+0x15/0xb0
[  469.401272][T14084]  ? __pfx_ksys_write+0x10/0x10
[  469.401298][T14084]  ? do_syscall_64+0xba/0x210
[  469.401328][T14084]  do_syscall_64+0xf6/0x210
[  469.401354][T14084]  ? clear_bhb_loop+0x45/0xa0
[  469.401379][T14084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.401400][T14084] RIP: 0033:0x7fb616d8e969
[  469.401417][T14084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.401439][T14084] RSP: 002b:00007fb617cdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  469.401461][T14084] RAX: ffffffffffffffda RBX: 00007fb616fb5fa0 RCX: 00007fb616d8e969
[  469.401476][T14084] RDX: 000000000000004a RSI: 0000200000000240 RDI: 0000000000000003
[  469.401489][T14084] RBP: 00007fb617cdf090 R08: 0000000000000000 R09: 0000000000000000
[  469.401502][T14084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.401513][T14084] R13: 0000000000000000 R14: 00007fb616fb5fa0 R15: 00007fb6170dfa28
[  469.401545][T14084]  </TASK>
[  469.468950][ T5886] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  469.941416][T14091] FAULT_INJECTION: forcing a failure.
[  469.941416][T14091] name failslab, interval 1, probability 0, space 0, times 0
[  469.979777][T14091] CPU: 0 UID: 0 PID: 14091 Comm: syz.3.3113 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  469.979810][T14091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.979821][T14091] Call Trace:
[  469.979830][T14091]  <TASK>
[  469.979839][T14091]  dump_stack_lvl+0x189/0x250
[  469.979875][T14091]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.979905][T14091]  ? __pfx__printk+0x10/0x10
[  469.979932][T14091]  ? __pfx___might_resched+0x10/0x10
[  469.979956][T14091]  should_fail_ex+0x414/0x560
[  469.979982][T14091]  should_failslab+0xa8/0x100
[  469.980010][T14091]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  469.980038][T14091]  ? __alloc_skb+0x112/0x2d0
[  469.980067][T14091]  __alloc_skb+0x112/0x2d0
[  469.980095][T14091]  netlink_sendmsg+0x5c6/0xb30
[  469.980128][T14091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  469.980155][T14091]  ? aa_sock_msg_perm+0x94/0x160
[  469.980179][T14091]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  469.980202][T14091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  469.980225][T14091]  __sock_sendmsg+0x219/0x270
[  469.980257][T14091]  ____sys_sendmsg+0x505/0x830
[  469.980290][T14091]  ? __pfx_____sys_sendmsg+0x10/0x10
[  469.980328][T14091]  ? import_iovec+0x74/0xa0
[  469.980359][T14091]  ___sys_sendmsg+0x21f/0x2a0
[  469.980388][T14091]  ? __pfx____sys_sendmsg+0x10/0x10
[  469.980452][T14091]  ? __fget_files+0x2a/0x420
[  469.980477][T14091]  ? __fget_files+0x3a0/0x420
[  469.980514][T14091]  __x64_sys_sendmsg+0x19b/0x260
[  469.980544][T14091]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  469.980588][T14091]  ? do_syscall_64+0xba/0x210
[  469.980618][T14091]  do_syscall_64+0xf6/0x210
[  469.980644][T14091]  ? clear_bhb_loop+0x45/0xa0
[  469.980669][T14091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.980688][T14091] RIP: 0033:0x7f0ae1b8e969
[  469.980707][T14091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.980730][T14091] RSP: 002b:00007f0ae29fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  469.980752][T14091] RAX: ffffffffffffffda RBX: 00007f0ae1db5fa0 RCX: 00007f0ae1b8e969
[  469.980767][T14091] RDX: 0000000000004040 RSI: 0000200000000140 RDI: 0000000000000006
[  469.980780][T14091] RBP: 00007f0ae29fa090 R08: 0000000000000000 R09: 0000000000000000
[  469.980792][T14091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.980804][T14091] R13: 0000000000000000 R14: 00007f0ae1db5fa0 R15: 00007f0ae1edfa28
[  469.980835][T14091]  </TASK>
[  470.246977][ T5886] usb 2-1: config 0 interface 0 has no altsetting 0
[  470.375329][ T5886] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  470.384795][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  470.393137][ T5886] usb 2-1: Product: syz
[  470.397520][ T5886] usb 2-1: Manufacturer: syz
[  470.402175][ T5886] usb 2-1: SerialNumber: syz
[  470.412449][ T5886] usb 2-1: config 0 descriptor??
[  470.423781][ T5886] usb 2-1: selecting invalid altsetting 0
[  470.939504][T14103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  470.958417][T14103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.151437][T14105] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3119'.
[  471.503270][T14113] FAULT_INJECTION: forcing a failure.
[  471.503270][T14113] name failslab, interval 1, probability 0, space 0, times 0
[  471.530481][T14113] CPU: 0 UID: 0 PID: 14113 Comm: syz.4.3117 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  471.530513][T14113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  471.530527][T14113] Call Trace:
[  471.530536][T14113]  <TASK>
[  471.530544][T14113]  dump_stack_lvl+0x189/0x250
[  471.530583][T14113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  471.530612][T14113]  ? __pfx__printk+0x10/0x10
[  471.530639][T14113]  ? __pfx___might_resched+0x10/0x10
[  471.530658][T14113]  ? fs_reclaim_acquire+0x7d/0x100
[  471.530693][T14113]  should_fail_ex+0x414/0x560
[  471.530720][T14113]  should_failslab+0xa8/0x100
[  471.530749][T14113]  __kmalloc_noprof+0xcb/0x4f0
[  471.530773][T14113]  ? tomoyo_encode2+0x27f/0x530
[  471.530803][T14113]  tomoyo_encode2+0x27f/0x530
[  471.530834][T14113]  tomoyo_check_unix_address+0x3c3/0x7b0
[  471.530867][T14113]  ? tomoyo_check_unix_address+0x15a/0x7b0
[  471.530891][T14113]  ? __pfx_tomoyo_check_unix_address+0x10/0x10
[  471.530941][T14113]  tomoyo_socket_bind_permission+0x1af/0x290
[  471.530978][T14113]  security_socket_bind+0xc8/0x2b0
[  471.531008][T14113]  __sys_bind+0x24a/0x3e0
[  471.531028][T14113]  ? schedule+0x165/0x360
[  471.531052][T14113]  ? __pfx___sys_bind+0x10/0x10
[  471.531098][T14113]  __x64_sys_bind+0x7a/0x90
[  471.531120][T14113]  do_syscall_64+0xf6/0x210
[  471.531151][T14113]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  471.531171][T14113]  ? clear_bhb_loop+0x45/0xa0
[  471.531195][T14113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.531215][T14113] RIP: 0033:0x7f0f1bf8e969
[  471.531233][T14113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  471.531252][T14113] RSP: 002b:00007f0f1ce32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  471.531274][T14113] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8e969
[  471.531291][T14113] RDX: 0000000000000002 RSI: 0000200000000200 RDI: 0000000000000003
[  471.531303][T14113] RBP: 00007f0f1ce32090 R08: 0000000000000000 R09: 0000000000000000
[  471.531316][T14113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  471.531327][T14113] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  471.531383][T14113]  </TASK>
[  472.151644][T14127] FAULT_INJECTION: forcing a failure.
[  472.151644][T14127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  472.306600][T14131] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3123'.
[  472.502672][T14133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3126'.
[  472.540033][T14127] CPU: 0 UID: 0 PID: 14127 Comm: syz.4.3125 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  472.540063][T14127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  472.540075][T14127] Call Trace:
[  472.540084][T14127]  <TASK>
[  472.540094][T14127]  dump_stack_lvl+0x189/0x250
[  472.540133][T14127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  472.540163][T14127]  ? __pfx__printk+0x10/0x10
[  472.540197][T14127]  should_fail_ex+0x414/0x560
[  472.540223][T14127]  _copy_from_user+0x2d/0xb0
[  472.540251][T14127]  sctp_setsockopt+0x19f/0x1200
[  472.540281][T14127]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  472.540306][T14127]  do_sock_setsockopt+0x257/0x3e0
[  472.540333][T14127]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  472.540356][T14127]  ? __fget_files+0x2a/0x420
[  472.540387][T14127]  ? __fget_files+0x3a0/0x420
[  472.540412][T14127]  ? __fget_files+0x2a/0x420
[  472.540446][T14127]  __x64_sys_setsockopt+0x18b/0x220
[  472.540478][T14127]  do_syscall_64+0xf6/0x210
[  472.540506][T14127]  ? clear_bhb_loop+0x45/0xa0
[  472.540532][T14127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.540552][T14127] RIP: 0033:0x7f0f1bf8e969
[  472.540569][T14127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.540587][T14127] RSP: 002b:00007f0f1ce11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  472.540608][T14127] RAX: ffffffffffffffda RBX: 00007f0f1c1b6080 RCX: 00007f0f1bf8e969
[  472.540623][T14127] RDX: 000000000000000d RSI: 0000000000000084 RDI: 0000000000000003
[  472.540636][T14127] RBP: 00007f0f1ce11090 R08: 0000000000000008 R09: 0000000000000000
[  472.540648][T14127] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  472.540661][T14127] R13: 0000000000000000 R14: 00007f0f1c1b6080 R15: 00007f0f1c2dfa28
[  472.540690][T14127]  </TASK>
[  473.219583][   T52] usb 2-1: USB disconnect, device number 21
[  474.595233][ T5930] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  474.999054][ T5930] usb 2-1: device descriptor read/64, error -71
[  475.256691][ T5930] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  475.310936][T14156] FAULT_INJECTION: forcing a failure.
[  475.310936][T14156] name failslab, interval 1, probability 0, space 0, times 0
[  475.341102][T14156] CPU: 1 UID: 0 PID: 14156 Comm: syz.3.3132 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  475.341132][T14156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.341151][T14156] Call Trace:
[  475.341159][T14156]  <TASK>
[  475.341167][T14156]  dump_stack_lvl+0x189/0x250
[  475.341203][T14156]  ? __pfx_dump_stack_lvl+0x10/0x10
[  475.341232][T14156]  ? __pfx__printk+0x10/0x10
[  475.341255][T14156]  ? __pfx___might_resched+0x10/0x10
[  475.341274][T14156]  ? fs_reclaim_acquire+0x7d/0x100
[  475.341309][T14156]  should_fail_ex+0x414/0x560
[  475.341333][T14156]  should_failslab+0xa8/0x100
[  475.341364][T14156]  __kmalloc_noprof+0xcb/0x4f0
[  475.341387][T14156]  ? tomoyo_encode+0x28b/0x550
[  475.341415][T14156]  tomoyo_encode+0x28b/0x550
[  475.341443][T14156]  tomoyo_realpath_from_path+0x58d/0x5d0
[  475.341482][T14156]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  475.341512][T14156]  tomoyo_path_number_perm+0x1e8/0x5a0
[  475.341547][T14156]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  475.341598][T14156]  ? __lock_acquire+0xaac/0xd20
[  475.341643][T14156]  ? __fget_files+0x2a/0x420
[  475.341674][T14156]  ? __fget_files+0x3a0/0x420
[  475.341697][T14156]  ? __fget_files+0x2a/0x420
[  475.341734][T14156]  security_file_ioctl+0xcb/0x2d0
[  475.341768][T14156]  __se_sys_ioctl+0x47/0x170
[  475.341791][T14156]  do_syscall_64+0xf6/0x210
[  475.341817][T14156]  ? clear_bhb_loop+0x45/0xa0
[  475.341842][T14156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.341861][T14156] RIP: 0033:0x7f0ae1b8e969
[  475.341879][T14156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.341896][T14156] RSP: 002b:00007f0ae29fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  475.341919][T14156] RAX: ffffffffffffffda RBX: 00007f0ae1db5fa0 RCX: 00007f0ae1b8e969
[  475.341934][T14156] RDX: 0000200000000000 RSI: 0000000040045612 RDI: 0000000000000003
[  475.341947][T14156] RBP: 00007f0ae29fa090 R08: 0000000000000000 R09: 0000000000000000
[  475.341959][T14156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  475.341971][T14156] R13: 0000000000000000 R14: 00007f0ae1db5fa0 R15: 00007f0ae1edfa28
[  475.342000][T14156]  </TASK>
[  475.570770][T14156] ERROR: Out of memory at tomoyo_realpath_from_path.
[  475.646348][ T5930] usb 2-1: device descriptor read/64, error -71
[  475.778922][ T5930] usb usb2-port1: attempt power cycle
[  476.096775][ T5834] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  476.136836][ T5930] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  476.229519][ T5930] usb 2-1: device descriptor read/8, error -71
[  476.372713][ T5834] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  476.471849][ T5834] usb 4-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  476.508282][ T5930] usb 2-1: new full-speed USB device number 25 using dummy_hcd
[  476.540324][ T5834] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  476.590693][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.633114][T14167] FAULT_INJECTION: forcing a failure.
[  476.633114][T14167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  476.701939][T14167] CPU: 1 UID: 0 PID: 14167 Comm: syz.4.3136 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  476.701971][T14167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  476.701984][T14167] Call Trace:
[  476.701992][T14167]  <TASK>
[  476.702000][T14167]  dump_stack_lvl+0x189/0x250
[  476.702036][T14167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.702065][T14167]  ? __pfx__printk+0x10/0x10
[  476.702098][T14167]  should_fail_ex+0x414/0x560
[  476.702125][T14167]  _copy_from_user+0x2d/0xb0
[  476.702152][T14167]  sctp_setsockopt+0x19f/0x1200
[  476.702183][T14167]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  476.702207][T14167]  do_sock_setsockopt+0x257/0x3e0
[  476.702235][T14167]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  476.702258][T14167]  ? __fget_files+0x2a/0x420
[  476.702288][T14167]  ? __fget_files+0x3a0/0x420
[  476.702307][T14167]  ? __fget_files+0x2a/0x420
[  476.702331][T14167]  __x64_sys_setsockopt+0x18b/0x220
[  476.702353][T14167]  do_syscall_64+0xf6/0x210
[  476.702373][T14167]  ? clear_bhb_loop+0x45/0xa0
[  476.702391][T14167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.702405][T14167] RIP: 0033:0x7f0f1bf8e969
[  476.702418][T14167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.702430][T14167] RSP: 002b:00007f0f1ce32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  476.702445][T14167] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8e969
[  476.702456][T14167] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000004
[  476.702465][T14167] RBP: 00007f0f1ce32090 R08: 000000000000001c R09: 0000000000000000
[  476.702474][T14167] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[  476.702482][T14167] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  476.702503][T14167]  </TASK>
[  476.933510][ T5889] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  476.945497][ T5930] usb 2-1: device not accepting address 25, error -71
[  476.965278][ T5930] usb usb2-port1: unable to enumerate USB device
[  477.103630][ T5834] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  477.153155][T14162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  477.195260][ T5889] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  477.264034][ T5889] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  477.295132][ T5889] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  477.333416][ T5834] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -2
[  477.342755][T14162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  477.355223][ T5889] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.373776][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  477.387073][ T5889] usb 3-1: config 0 descriptor??
[  477.550082][T14176] FAULT_INJECTION: forcing a failure.
[  477.550082][T14176] name failslab, interval 1, probability 0, space 0, times 0
[  477.574734][T14176] CPU: 0 UID: 0 PID: 14176 Comm: syz.0.3140 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  477.574765][T14176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  477.574781][T14176] Call Trace:
[  477.574789][T14176]  <TASK>
[  477.574797][T14176]  dump_stack_lvl+0x189/0x250
[  477.574830][T14176]  ? __pfx_dump_stack_lvl+0x10/0x10
[  477.574851][T14176]  ? __pfx__printk+0x10/0x10
[  477.574870][T14176]  ? __pfx___might_resched+0x10/0x10
[  477.574886][T14176]  should_fail_ex+0x414/0x560
[  477.574904][T14176]  should_failslab+0xa8/0x100
[  477.574925][T14176]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  477.574944][T14176]  ? __alloc_skb+0x112/0x2d0
[  477.574964][T14176]  __alloc_skb+0x112/0x2d0
[  477.574983][T14176]  netlink_sendmsg+0x5c6/0xb30
[  477.575006][T14176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  477.575025][T14176]  ? aa_sock_msg_perm+0x94/0x160
[  477.575041][T14176]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  477.575057][T14176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  477.575074][T14176]  __sock_sendmsg+0x219/0x270
[  477.575090][T14176]  ____sys_sendmsg+0x505/0x830
[  477.575113][T14176]  ? __pfx_____sys_sendmsg+0x10/0x10
[  477.575137][T14176]  ? import_iovec+0x74/0xa0
[  477.575159][T14176]  ___sys_sendmsg+0x21f/0x2a0
[  477.575180][T14176]  ? __pfx____sys_sendmsg+0x10/0x10
[  477.575224][T14176]  ? __fget_files+0x2a/0x420
[  477.575241][T14176]  ? __fget_files+0x3a0/0x420
[  477.575266][T14176]  __x64_sys_sendmsg+0x19b/0x260
[  477.575287][T14176]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  477.575317][T14176]  ? do_syscall_64+0xba/0x210
[  477.575338][T14176]  do_syscall_64+0xf6/0x210
[  477.575356][T14176]  ? clear_bhb_loop+0x45/0xa0
[  477.575374][T14176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.575387][T14176] RIP: 0033:0x7fb616d8e969
[  477.575400][T14176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.575413][T14176] RSP: 002b:00007fb617cdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  477.575429][T14176] RAX: ffffffffffffffda RBX: 00007fb616fb5fa0 RCX: 00007fb616d8e969
[  477.575439][T14176] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  477.575448][T14176] RBP: 00007fb617cdf090 R08: 0000000000000000 R09: 0000000000000000
[  477.575457][T14176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.575465][T14176] R13: 0000000000000000 R14: 00007fb616fb5fa0 R15: 00007fb6170dfa28
[  477.575486][T14176]  </TASK>
[  478.247421][T14165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.327231][T14165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  478.360040][   T52] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  478.495867][T14192] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3145'.
[  478.547572][   T52] usb 5-1: Using ep0 maxpacket: 32
[  478.599802][T14165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.770074][   T52] usb 5-1: too many configurations: 49, using maximum allowed: 8
[  478.790494][   T52] usb 5-1: unable to read config index 0 descriptor/start: -61
[  478.805988][   T52] usb 5-1: can't read configurations, error -61
[  479.002644][T14165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.186287][   T52] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  479.756704][   T52] usb 5-1: Using ep0 maxpacket: 32
[  479.764200][   T52] usb 5-1: too many configurations: 49, using maximum allowed: 8
[  479.782101][   T52] usb 5-1: unable to read config index 0 descriptor/start: -61
[  479.792528][   T52] usb 5-1: can't read configurations, error -61
[  479.918118][   T52] usb usb5-port1: attempt power cycle
[  480.015971][  T974] usb 4-1: USB disconnect, device number 19
[  480.330277][   T52] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  480.367520][   T52] usb 5-1: Using ep0 maxpacket: 32
[  480.373973][   T52] usb 5-1: too many configurations: 49, using maximum allowed: 8
[  480.386043][   T52] usb 5-1: unable to read config index 0 descriptor/start: -61
[  480.399251][   T52] usb 5-1: can't read configurations, error -61
[  480.560182][   T52] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  480.657878][   T52] usb 5-1: Using ep0 maxpacket: 32
[  480.691866][   T52] usb 5-1: too many configurations: 49, using maximum allowed: 8
[  480.752798][   T52] usb 5-1: unable to read config index 0 descriptor/start: -61
[  480.795068][   T52] usb 5-1: can't read configurations, error -61
[  480.858755][   T52] usb usb5-port1: unable to enumerate USB device
[  480.979460][ T5889] hid-led 0003:27B8:01ED.0005: probe with driver hid-led failed with error -71
[  481.033777][ T5889] usb 3-1: USB disconnect, device number 23
[  481.440880][T14221] netlink: 'syz.3.3151': attribute type 10 has an invalid length.
[  481.449112][T14221] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3151'.
[  481.721376][T14227] FAULT_INJECTION: forcing a failure.
[  481.721376][T14227] name failslab, interval 1, probability 0, space 0, times 0
[  481.800266][T14227] CPU: 0 UID: 0 PID: 14227 Comm: syz.4.3153 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  481.800297][T14227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  481.800310][T14227] Call Trace:
[  481.800319][T14227]  <TASK>
[  481.800328][T14227]  dump_stack_lvl+0x189/0x250
[  481.800367][T14227]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.800395][T14227]  ? __pfx__printk+0x10/0x10
[  481.800422][T14227]  ? __pfx___might_resched+0x10/0x10
[  481.800446][T14227]  should_fail_ex+0x414/0x560
[  481.800470][T14227]  should_failslab+0xa8/0x100
[  481.800504][T14227]  __kmalloc_noprof+0xcb/0x4f0
[  481.800529][T14227]  ? sock_kmalloc+0xd6/0x160
[  481.800562][T14227]  sock_kmalloc+0xd6/0x160
[  481.800593][T14227]  af_alg_alloc_areq+0x8d/0x260
[  481.800628][T14227]  skcipher_recvmsg+0x356/0x11c0
[  481.800655][T14227]  ? aa_sk_perm+0x81e/0x950
[  481.800687][T14227]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  481.800713][T14227]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  481.800734][T14227]  ? security_socket_recvmsg+0x7e/0x2e0
[  481.800761][T14227]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  481.800783][T14227]  sock_recvmsg+0x229/0x270
[  481.800808][T14227]  ____sys_recvmsg+0x1c9/0x460
[  481.800845][T14227]  ? __pfx_____sys_recvmsg+0x10/0x10
[  481.800890][T14227]  ? import_iovec+0x74/0xa0
[  481.800920][T14227]  ___sys_recvmsg+0x1b5/0x510
[  481.800954][T14227]  ? __pfx____sys_recvmsg+0x10/0x10
[  481.801008][T14227]  ? __fget_files+0x3a0/0x420
[  481.801046][T14227]  __x64_sys_recvmsg+0x198/0x260
[  481.801077][T14227]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  481.801123][T14227]  ? do_syscall_64+0xba/0x210
[  481.801152][T14227]  do_syscall_64+0xf6/0x210
[  481.801178][T14227]  ? clear_bhb_loop+0x45/0xa0
[  481.801203][T14227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.801230][T14227] RIP: 0033:0x7f0f1bf8e969
[  481.801248][T14227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.801266][T14227] RSP: 002b:00007f0f1ce32038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  481.801292][T14227] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8e969
[  481.801307][T14227] RDX: 0000000000000043 RSI: 0000200000001740 RDI: 0000000000000004
[  481.801319][T14227] RBP: 00007f0f1ce32090 R08: 0000000000000000 R09: 0000000000000000
[  481.801331][T14227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.801343][T14227] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  481.801374][T14227]  </TASK>
[  482.387926][T14221] batman_adv: batadv0: Adding interface: virt_wifi0
[  482.467251][T14221] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.493319][T14221] batman_adv: batadv0: Interface activated: virt_wifi0
[  482.678174][T14242] FAULT_INJECTION: forcing a failure.
[  482.678174][T14242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.761589][T14242] CPU: 1 UID: 0 PID: 14242 Comm: syz.2.3159 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  482.761612][T14242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  482.761622][T14242] Call Trace:
[  482.761628][T14242]  <TASK>
[  482.761635][T14242]  dump_stack_lvl+0x189/0x250
[  482.761662][T14242]  ? __pfx_dump_stack_lvl+0x10/0x10
[  482.761683][T14242]  ? __pfx__printk+0x10/0x10
[  482.761707][T14242]  should_fail_ex+0x414/0x560
[  482.761725][T14242]  _copy_to_user+0x31/0xb0
[  482.761747][T14242]  simple_read_from_buffer+0xe1/0x170
[  482.761768][T14242]  proc_fail_nth_read+0x1df/0x250
[  482.761791][T14242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  482.761813][T14242]  ? rw_verify_area+0x258/0x650
[  482.761831][T14242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  482.761852][T14242]  vfs_read+0x1fd/0x980
[  482.761871][T14242]  ? __pfx___mutex_lock+0x10/0x10
[  482.761890][T14242]  ? __pfx_vfs_read+0x10/0x10
[  482.761906][T14242]  ? __fget_files+0x2a/0x420
[  482.761928][T14242]  ? __fget_files+0x3a0/0x420
[  482.761945][T14242]  ? __fget_files+0x2a/0x420
[  482.761969][T14242]  ksys_read+0x145/0x250
[  482.761987][T14242]  ? __pfx_ksys_read+0x10/0x10
[  482.762005][T14242]  ? do_syscall_64+0xba/0x210
[  482.762026][T14242]  do_syscall_64+0xf6/0x210
[  482.762044][T14242]  ? clear_bhb_loop+0x45/0xa0
[  482.762079][T14242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.762093][T14242] RIP: 0033:0x7f11b718d37c
[  482.762106][T14242] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  482.762119][T14242] RSP: 002b:00007f11b806f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  482.762134][T14242] RAX: ffffffffffffffda RBX: 00007f11b73b5fa0 RCX: 00007f11b718d37c
[  482.762145][T14242] RDX: 000000000000000f RSI: 00007f11b806f0a0 RDI: 0000000000000004
[  482.762154][T14242] RBP: 00007f11b806f090 R08: 0000000000000000 R09: 0000000000000000
[  482.762162][T14242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.762171][T14242] R13: 0000000000000000 R14: 00007f11b73b5fa0 R15: 00007f11b74dfa28
[  482.762192][T14242]  </TASK>
[  483.036676][   T24] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  483.056072][T14248] batadv_slave_1: entered promiscuous mode
[  483.065872][T14248] batadv_slave_1: left promiscuous mode
[  483.129169][T14243] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  483.136087][T14243] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  483.206696][   T24] usb 5-1: Using ep0 maxpacket: 16
[  483.213940][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  483.225700][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  483.245879][   T24] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  483.270730][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.283511][T14243] vhci_hcd vhci_hcd.0: Device attached
[  483.308535][   T24] usb 5-1: Product: syz
[  483.324720][   T24] usb 5-1: Manufacturer: syz
[  483.399979][   T24] usb 5-1: SerialNumber: syz
[  483.418254][   T24] usb 5-1: config 0 descriptor??
[  483.448238][   T24] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  483.556834][ T5889] usb 36-1: SetAddress Request (2) to port 0
[  483.563117][ T5889] usb 36-1: new SuperSpeed USB device number 2 using vhci_hcd
[  483.606605][   T24] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  483.895596][T14262] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3165'.
[  484.057157][T14244] vhci_hcd: connection reset by peer
[  484.064701][ T6038] vhci_hcd: stop threads
[  484.083628][ T6038] vhci_hcd: release socket
[  484.103554][ T6038] vhci_hcd: disconnect device
[  484.198227][   T24] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  484.214700][   T24] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  485.393734][   T24] em28xx 5-1:0.0: AC97 vendor ID = 0x00fc00fe
[  485.464554][T14277] FAULT_INJECTION: forcing a failure.
[  485.464554][T14277] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.479468][T14277] CPU: 0 UID: 0 PID: 14277 Comm: syz.1.3170 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  485.479499][T14277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  485.479512][T14277] Call Trace:
[  485.479520][T14277]  <TASK>
[  485.479529][T14277]  dump_stack_lvl+0x189/0x250
[  485.479560][T14277]  ? __lock_acquire+0xaac/0xd20
[  485.479588][T14277]  ? __pfx_dump_stack_lvl+0x10/0x10
[  485.479609][T14277]  ? __pfx__printk+0x10/0x10
[  485.479623][T14277]  ? __might_fault+0xb0/0x130
[  485.479660][T14277]  should_fail_ex+0x414/0x560
[  485.479686][T14277]  _copy_to_iter+0x1db/0x15a0
[  485.479709][T14277]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  485.479742][T14277]  ? __pfx_sk_busy_loop_end+0x10/0x10
[  485.479758][T14277]  ? __pfx__copy_to_iter+0x10/0x10
[  485.479779][T14277]  ? skb_recv_datagram+0x145/0x190
[  485.479813][T14277]  bcm_recvmsg+0x14e/0x4e0
[  485.479843][T14277]  ? __pfx_bcm_recvmsg+0x10/0x10
[  485.479879][T14277]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  485.479898][T14277]  ? security_socket_recvmsg+0x7e/0x2e0
[  485.479918][T14277]  ? __pfx_bcm_recvmsg+0x10/0x10
[  485.479936][T14277]  sock_recvmsg+0x229/0x270
[  485.479959][T14277]  ____sys_recvmsg+0x1c9/0x460
[  485.479996][T14277]  ? __pfx_____sys_recvmsg+0x10/0x10
[  485.480038][T14277]  ? import_iovec+0x74/0xa0
[  485.480063][T14277]  ___sys_recvmsg+0x1b5/0x510
[  485.480086][T14277]  ? __pfx____sys_recvmsg+0x10/0x10
[  485.480137][T14277]  ? __fget_files+0x3a0/0x420
[  485.480174][T14277]  do_recvmmsg+0x307/0x760
[  485.480208][T14277]  ? __pfx_do_recvmmsg+0x10/0x10
[  485.480236][T14277]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  485.480273][T14277]  __x64_sys_recvmmsg+0x190/0x240
[  485.480302][T14277]  ? rcu_is_watching+0x15/0xb0
[  485.480332][T14277]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  485.480362][T14277]  ? do_syscall_64+0xba/0x210
[  485.480387][T14277]  do_syscall_64+0xf6/0x210
[  485.480406][T14277]  ? clear_bhb_loop+0x45/0xa0
[  485.480432][T14277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.480452][T14277] RIP: 0033:0x7fb52fd8e969
[  485.480469][T14277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.480486][T14277] RSP: 002b:00007fb530bca038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  485.480508][T14277] RAX: ffffffffffffffda RBX: 00007fb52ffb5fa0 RCX: 00007fb52fd8e969
[  485.480519][T14277] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  485.480528][T14277] RBP: 00007fb530bca090 R08: 0000000000000000 R09: 0000000000000000
[  485.480537][T14277] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000001
[  485.480545][T14277] R13: 0000000000000000 R14: 00007fb52ffb5fa0 R15: 00007fb5300dfa28
[  485.480570][T14277]  </TASK>
[  486.061833][   T24] em28xx 5-1:0.0: Unknown AC97 audio processor detected!
[  486.112921][   T24] em28xx 5-1:0.0: couldn't setup AC97 register 2
[  486.126994][   T24] em28xx 5-1:0.0: couldn't setup AC97 register 4
[  486.149487][   T24] em28xx 5-1:0.0: couldn't setup AC97 register 6
[  486.202914][   T24] em28xx 5-1:0.0: couldn't setup AC97 register 54
[  486.233821][   T24] em28xx 5-1:0.0: couldn't setup AC97 register 56
[  486.272509][   T24] usb 5-1: USB disconnect, device number 22
[  486.352531][T14290] FAULT_INJECTION: forcing a failure.
[  486.352531][T14290] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  486.380806][T14292] netlink: 'syz.3.3172': attribute type 27 has an invalid length.
[  486.551197][T14290] CPU: 0 UID: 0 PID: 14290 Comm: syz.2.3174 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  486.551227][T14290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  486.551239][T14290] Call Trace:
[  486.551247][T14290]  <TASK>
[  486.551256][T14290]  dump_stack_lvl+0x189/0x250
[  486.551292][T14290]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.551321][T14290]  ? __pfx__printk+0x10/0x10
[  486.551343][T14290]  ? fs_reclaim_acquire+0x7d/0x100
[  486.551382][T14290]  should_fail_ex+0x414/0x560
[  486.551406][T14290]  prepare_alloc_pages+0x213/0x610
[  486.551444][T14290]  __alloc_frozen_pages_noprof+0x123/0x370
[  486.551478][T14290]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  486.551519][T14290]  ? policy_nodemask+0x27c/0x720
[  486.551542][T14290]  ? __lock_acquire+0xaac/0xd20
[  486.551575][T14290]  alloc_pages_mpol+0x232/0x4a0
[  486.551607][T14290]  alloc_pages_noprof+0xa9/0x190
[  486.551635][T14290]  __pud_alloc+0x3a/0x1d0
[  486.551664][T14290]  __handle_mm_fault+0x33dc/0x5380
[  486.551690][T14290]  ? mt_find+0x15c/0x5f0
[  486.551720][T14290]  ? mt_find+0x46f/0x5f0
[  486.551750][T14290]  ? __pfx___handle_mm_fault+0x10/0x10
[  486.551806][T14290]  ? find_vma+0xe7/0x160
[  486.551830][T14290]  ? __pfx_find_vma+0x10/0x10
[  486.551857][T14290]  handle_mm_fault+0x3f6/0x8c0
[  486.551893][T14290]  do_user_addr_fault+0x764/0x1390
[  486.551930][T14290]  exc_page_fault+0x68/0x110
[  486.551956][T14290]  asm_exc_page_fault+0x26/0x30
[  486.551974][T14290] RIP: 0010:rep_movs_alternative+0xf/0x90
[  486.552006][T14290] Code: c4 10 c3 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e
[  486.552023][T14290] RSP: 0018:ffffc90002f5fc78 EFLAGS: 00050202
[  486.552042][T14290] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004
[  486.552056][T14290] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffc90002f5fd30
[  486.552070][T14290] RBP: ffffc90002f5fd90 R08: 0000000000000003 R09: 0000000000000004
[  486.552082][T14290] R10: dffffc0000000000 R11: fffff520005ebfa6 R12: 1ffff920005ebf98
[  486.552097][T14290] R13: 0000000000000004 R14: ffffc90002f5fd30 R15: 0000200000000040
[  486.552131][T14290]  _copy_from_user+0x7a/0xb0
[  486.552160][T14290]  xsk_setsockopt+0x2e8/0x710
[  486.552184][T14290]  ? __pfx_xsk_setsockopt+0x10/0x10
[  486.552218][T14290]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  486.552240][T14290]  ? __pfx_xsk_setsockopt+0x10/0x10
[  486.552263][T14290]  do_sock_setsockopt+0x257/0x3e0
[  486.552293][T14290]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  486.552317][T14290]  ? __fget_files+0x2a/0x420
[  486.552347][T14290]  ? __fget_files+0x3a0/0x420
[  486.552371][T14290]  ? __fget_files+0x2a/0x420
[  486.552405][T14290]  __x64_sys_setsockopt+0x18b/0x220
[  486.552438][T14290]  do_syscall_64+0xf6/0x210
[  486.552464][T14290]  ? clear_bhb_loop+0x45/0xa0
[  486.552489][T14290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.552508][T14290] RIP: 0033:0x7f11b718e969
[  486.552525][T14290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.552542][T14290] RSP: 002b:00007f11b806f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  486.552561][T14290] RAX: ffffffffffffffda RBX: 00007f11b73b5fa0 RCX: 00007f11b718e969
[  486.552575][T14290] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000003
[  486.552587][T14290] RBP: 00007f11b806f090 R08: 0000000000000004 R09: 0000000000000000
[  486.552600][T14290] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  486.552612][T14290] R13: 0000000000000000 R14: 00007f11b73b5fa0 R15: 00007f11b74dfa28
[  486.552643][T14290]  </TASK>
[  487.212116][T14292] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.894606][T14292] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  487.918881][T14292] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  488.053114][T14292] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  488.258391][T14292] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  488.268706][T14292] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  488.278675][T14292] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  488.288262][T14292] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  488.433306][T14293] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.455317][T14293] 8021q: adding VLAN 0 to HW filter on device team0
[  488.466265][T14293] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  488.503630][T14291] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  488.566708][ T5887] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  488.582192][T14307] syzkaller0: entered promiscuous mode
[  488.589131][T14307] syzkaller0: entered allmulticast mode
[  488.624122][T14319] FAULT_INJECTION: forcing a failure.
[  488.624122][T14319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.669396][ T5889] usb 36-1: device descriptor read/8, error -110
[  488.706962][T14319] CPU: 0 UID: 0 PID: 14319 Comm: syz.4.3183 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  488.706994][T14319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  488.707007][T14319] Call Trace:
[  488.707015][T14319]  <TASK>
[  488.707024][T14319]  dump_stack_lvl+0x189/0x250
[  488.707056][T14319]  ? __lock_acquire+0xaac/0xd20
[  488.707087][T14319]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.707115][T14319]  ? __pfx__printk+0x10/0x10
[  488.707136][T14319]  ? __might_fault+0xb0/0x130
[  488.707173][T14319]  should_fail_ex+0x414/0x560
[  488.707199][T14319]  _copy_from_user+0x2d/0xb0
[  488.707229][T14319]  kstrtouint_from_user+0xc4/0x170
[  488.707255][T14319]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  488.707297][T14319]  proc_fail_nth_write+0x88/0x240
[  488.707326][T14319]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  488.707361][T14319]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  488.707391][T14319]  vfs_write+0x27b/0xa90
[  488.707428][T14319]  ? __pfx_vfs_write+0x10/0x10
[  488.707452][T14319]  ? __fget_files+0x2a/0x420
[  488.707483][T14319]  ? __fget_files+0x3a0/0x420
[  488.707508][T14319]  ? __fget_files+0x2a/0x420
[  488.707543][T14319]  ksys_write+0x145/0x250
[  488.707568][T14319]  ? __pfx_ksys_write+0x10/0x10
[  488.707595][T14319]  ? do_syscall_64+0xba/0x210
[  488.707625][T14319]  do_syscall_64+0xf6/0x210
[  488.707652][T14319]  ? clear_bhb_loop+0x45/0xa0
[  488.707677][T14319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.707697][T14319] RIP: 0033:0x7f0f1bf8d41f
[  488.707715][T14319] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  488.707732][T14319] RSP: 002b:00007f0f1ce11030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  488.707753][T14319] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0f1bf8d41f
[  488.707774][T14319] RDX: 0000000000000001 RSI: 00007f0f1ce110a0 RDI: 0000000000000004
[  488.707786][T14319] RBP: 00007f0f1ce11090 R08: 0000000000000000 R09: 0000000000000000
[  488.707798][T14319] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  488.707810][T14319] R13: 0000000000000000 R14: 00007f0f1c1b6080 R15: 00007f0f1c2dfa28
[  488.707843][T14319]  </TASK>
[  488.716875][ T5887] usb 3-1: Using ep0 maxpacket: 8
[  489.040440][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  489.058304][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  489.085031][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  489.178277][ T5889] usb usb36-port1: attempt power cycle
[  489.213309][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  489.246779][ T5887] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  489.264415][ T5887] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  489.285594][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.317754][ T5887] usb 3-1: config 0 descriptor??
[  489.348128][T14332] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3187'.
[  489.441476][T14330] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3185'.
[  489.575730][ T5886] usb 3-1: USB disconnect, device number 24
[  490.138689][ T5889] usb usb36-port1: unable to enumerate USB device
[  490.270193][T14339] netlink: 232 bytes leftover after parsing attributes in process `syz.1.3188'.
[  491.709345][T14357] fuse: Unknown parameter ''
[  493.391555][T14339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3188'.
[  493.420181][T14350] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  493.623317][   T30] audit: type=1326 audit(1746977758.863:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  493.726320][   T30] audit: type=1326 audit(1746977758.893:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  493.750481][   T30] audit: type=1326 audit(1746977758.893:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  493.777242][T14365] tipc: Started in network mode
[  493.787815][T14365] tipc: Node identity 4, cluster identity 4711
[  493.794218][T14365] tipc: Node number set to 4
[  493.804628][   T30] audit: type=1326 audit(1746977758.893:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  493.850262][   T30] audit: type=1326 audit(1746977758.893:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  493.954432][   T30] audit: type=1326 audit(1746977758.893:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  494.134238][   T30] audit: type=1326 audit(1746977758.893:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  494.157791][   T30] audit: type=1326 audit(1746977758.893:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14363 comm="syz.2.3194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b718e969 code=0x7ffc0000
[  494.431727][T14384] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3200'.
[  494.441941][ T5887] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  494.606623][ T5887] usb 3-1: Using ep0 maxpacket: 32
[  494.614053][ T5887] usb 3-1: config 3 has an invalid interface number: 227 but max is 0
[  494.623160][ T5887] usb 3-1: config 3 has no interface number 0
[  494.633126][ T5887] usb 3-1: New USB device found, idVendor=07ca, idProduct=a868, bcdDevice=8a.99
[  494.667049][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.708795][T14385] loop2: detected capacity change from 0 to 7
[  494.716852][ T5887] usb 3-1: Product: syz
[  494.722114][ T5887] usb 3-1: Manufacturer: syz
[  494.728067][ T5887] usb 3-1: SerialNumber: syz
[  494.763434][ T5887] dvb-usb: found a 'AVerMedia AVerTVHD Volar (A868R)' in warm state.
[  494.776726][ T5887] cxusb: set interface failed
[  494.782119][ T5887] dvb-usb: bulk message failed: -22 (1/0)
[  495.040941][ T5887] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  495.098864][ T5887] dvbdev: DVB: registering new adapter (AVerMedia AVerTVHD Volar (A868R))
[  495.132345][ T5887] usb 3-1: media controller created
[  495.145951][T14385]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  495.336703][T14385] loop2: partition table partially beyond EOD, truncated
[  495.376884][T14385] loop2: p1 size 2989602745 extends beyond EOD, truncated
[  495.379868][ T5887] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  495.651132][ T5887] DVB: Unable to find symbol lgdt330x_attach()
[  495.685966][ T5887] dvb-usb: no frontend was attached by 'AVerMedia AVerTVHD Volar (A868R)'
[  495.717599][ T5887] dvb-usb: bulk message failed: -22 (1/0)
[  495.724715][ T5887] dvb-usb: AVerMedia AVerTVHD Volar (A868R) successfully initialized and connected.
[  495.797040][ T5887] usb 3-1: USB disconnect, device number 25
[  495.972475][ T5887] dvb-usb: AVerMedia AVerTVHD Volar (A868R) successfully deinitialized and disconnected.
[  496.086892][ T5889] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  496.103172][T14401] FAULT_INJECTION: forcing a failure.
[  496.103172][T14401] name failslab, interval 1, probability 0, space 0, times 0
[  496.117223][T14401] CPU: 1 UID: 0 PID: 14401 Comm: syz.4.3204 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  496.117252][T14401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  496.117265][T14401] Call Trace:
[  496.117273][T14401]  <TASK>
[  496.117282][T14401]  dump_stack_lvl+0x189/0x250
[  496.117319][T14401]  ? __pfx_dump_stack_lvl+0x10/0x10
[  496.117347][T14401]  ? __pfx__printk+0x10/0x10
[  496.117371][T14401]  ? __pfx___might_resched+0x10/0x10
[  496.117389][T14401]  ? fs_reclaim_acquire+0x7d/0x100
[  496.117418][T14401]  should_fail_ex+0x414/0x560
[  496.117443][T14401]  should_failslab+0xa8/0x100
[  496.117471][T14401]  __kmalloc_noprof+0xcb/0x4f0
[  496.117494][T14401]  ? tomoyo_encode+0x28b/0x550
[  496.117522][T14401]  tomoyo_encode+0x28b/0x550
[  496.117553][T14401]  tomoyo_realpath_from_path+0x58d/0x5d0
[  496.117580][T14401]  ? tomoyo_domain+0xda/0x130
[  496.117611][T14401]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  496.117643][T14401]  tomoyo_path_number_perm+0x1e8/0x5a0
[  496.117678][T14401]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  496.117729][T14401]  ? __lock_acquire+0xaac/0xd20
[  496.117776][T14401]  ? __fget_files+0x2a/0x420
[  496.117807][T14401]  ? __fget_files+0x3a0/0x420
[  496.117830][T14401]  ? __fget_files+0x2a/0x420
[  496.117875][T14401]  security_file_ioctl+0xcb/0x2d0
[  496.117908][T14401]  __se_sys_ioctl+0x47/0x170
[  496.117931][T14401]  do_syscall_64+0xf6/0x210
[  496.117958][T14401]  ? clear_bhb_loop+0x45/0xa0
[  496.117983][T14401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.118002][T14401] RIP: 0033:0x7f0f1bf8e969
[  496.118021][T14401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.118039][T14401] RSP: 002b:00007f0f1ce32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  496.118060][T14401] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8e969
[  496.118075][T14401] RDX: 0000200000000040 RSI: 00000000000089f3 RDI: 0000000000000003
[  496.118104][T14401] RBP: 00007f0f1ce32090 R08: 0000000000000000 R09: 0000000000000000
[  496.118118][T14401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  496.118138][T14401] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  496.118174][T14401]  </TASK>
[  496.118195][T14401] ERROR: Out of memory at tomoyo_realpath_from_path.
[  496.236768][ T5886] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  496.380167][ T5200]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  496.386670][ T5889] usb 4-1: Using ep0 maxpacket: 16
[  496.397330][ T5889] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  496.409151][ T5200] loop2: partition table partially beyond EOD, truncated
[  496.411062][ T5889] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  496.416481][ T5200] loop2: p1 size 2989602745 extends beyond EOD, truncated
[  496.434705][ T5889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.445369][ T5889] usb 4-1: Product: syz
[  496.450007][ T5889] usb 4-1: Manufacturer: syz
[  496.465846][T14404] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3209'.
[  496.475562][T14404] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3209'.
[  496.484837][T14404] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3209'.
[  496.494049][ T5889] usb 4-1: SerialNumber: syz
[  496.499282][T14404] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3209'.
[  496.512920][ T5889] usb 4-1: config 0 descriptor??
[  496.518128][ T5886] usb 1-1: Using ep0 maxpacket: 8
[  496.532173][ T5886] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  496.547024][ T5886] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  496.568189][ T5889] hub 4-1:0.0: bad descriptor, ignoring hub
[  496.585557][ T5889] hub 4-1:0.0: probe with driver hub failed with error -5
[  496.598833][ T5886] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  496.617573][ T5889] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input11
[  496.630253][ T5886] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  496.650374][ T5886] usb 1-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  496.666965][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.680021][ T5886] usb 1-1: config 0 descriptor??
[  496.851713][T14410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  496.877089][T14410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  496.892819][T14409] netlink: 23 bytes leftover after parsing attributes in process `syz.4.3210'.
[  496.922060][T14409] caif0: entered allmulticast mode
[  496.927781][ T5834] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  497.096850][ T5886] hid-u2fzero 0003:10C4:8ACF.0006: item fetching failed at offset 3/5
[  497.152319][T14415] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3210'.
[  497.196342][T14415] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  497.216943][ T5886] hid-u2fzero 0003:10C4:8ACF.0006: probe with driver hid-u2fzero failed with error -22
[  497.248540][ T5834] usb 3-1: config 0 has no interfaces?
[  497.264364][ T5834] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  497.417677][ T5834] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.438310][ T5834] usb 3-1: Product: syz
[  497.446772][ T5834] usb 3-1: Manufacturer: syz
[  497.457101][ T5834] usb 3-1: SerialNumber: syz
[  497.472548][ T5834] usb 3-1: config 0 descriptor??
[  497.602787][ T5200]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  497.608461][ T5200] loop2: partition table partially beyond EOD, truncated
[  497.619908][ T5200] loop2: p1 size 2989602745 extends beyond EOD, truncated
[  498.020704][ T5889] usb 4-1: USB disconnect, device number 20
[  498.051586][ T5846] udevd[5846]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  498.085685][ T5887] usb 1-1: USB disconnect, device number 21
[  498.115570][T14407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.223359][T14407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.270121][T14434] FAULT_INJECTION: forcing a failure.
[  499.270121][T14434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.317874][T14434] CPU: 0 UID: 0 PID: 14434 Comm: syz.4.3215 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  499.317904][T14434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  499.317916][T14434] Call Trace:
[  499.317924][T14434]  <TASK>
[  499.317939][T14434]  dump_stack_lvl+0x189/0x250
[  499.317976][T14434]  ? __pfx_dump_stack_lvl+0x10/0x10
[  499.318004][T14434]  ? __pfx__printk+0x10/0x10
[  499.318037][T14434]  should_fail_ex+0x414/0x560
[  499.318063][T14434]  _copy_to_user+0x31/0xb0
[  499.318092][T14434]  do_ipv6_getsockopt+0x106f/0x2300
[  499.318130][T14434]  ? __pfx_do_ipv6_getsockopt+0x10/0x10
[  499.318161][T14434]  ? aa_label_sk_perm+0x413/0x560
[  499.318186][T14434]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  499.318237][T14434]  ? __lock_acquire+0xaac/0xd20
[  499.318279][T14434]  ipv6_getsockopt+0xbd/0x290
[  499.318310][T14434]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  499.318341][T14434]  ? sctp_getsockopt+0x9b/0xb60
[  499.318375][T14434]  do_sock_getsockopt+0x35d/0x650
[  499.318404][T14434]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  499.318429][T14434]  ? do_syscall_64+0x40/0x210
[  499.318453][T14434]  ? __fget_files+0x2a/0x420
[  499.318478][T14434]  ? __fget_files+0x3a0/0x420
[  499.318502][T14434]  ? __fget_files+0x2a/0x420
[  499.318535][T14434]  __x64_sys_getsockopt+0x1a5/0x250
[  499.318560][T14434]  ? do_syscall_64+0x40/0x210
[  499.318586][T14434]  ? do_syscall_64+0x40/0x210
[  499.318615][T14434]  do_syscall_64+0xf6/0x210
[  499.318639][T14434]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  499.318659][T14434]  ? clear_bhb_loop+0x45/0xa0
[  499.318682][T14434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.318704][T14434] RIP: 0033:0x7f0f1bf8e969
[  499.318739][T14434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.318756][T14434] RSP: 002b:00007f0f1ce32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  499.318779][T14434] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8e969
[  499.318794][T14434] RDX: 000000000000001d RSI: 0000000000000029 RDI: 0000000000000003
[  499.318806][T14434] RBP: 00007f0f1ce32090 R08: 00002000000001c0 R09: 0000000000000000
[  499.318822][T14434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.318834][T14434] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  499.318862][T14434]  </TASK>
[  499.559156][    C0] vkms_vblank_simulate: vblank timer overrun
[  499.648755][T14438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3214'.
[  499.965526][ T5834] usb 3-1: USB disconnect, device number 26
[  500.286495][T14450] FAULT_INJECTION: forcing a failure.
[  500.286495][T14450] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.347271][T14450] CPU: 0 UID: 0 PID: 14450 Comm: syz.4.3220 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  500.347302][T14450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  500.347315][T14450] Call Trace:
[  500.347323][T14450]  <TASK>
[  500.347332][T14450]  dump_stack_lvl+0x189/0x250
[  500.347369][T14450]  ? __pfx_dump_stack_lvl+0x10/0x10
[  500.347398][T14450]  ? __pfx__printk+0x10/0x10
[  500.347432][T14450]  should_fail_ex+0x414/0x560
[  500.347457][T14450]  _copy_to_user+0x31/0xb0
[  500.347487][T14450]  simple_read_from_buffer+0xe1/0x170
[  500.347516][T14450]  proc_fail_nth_read+0x1df/0x250
[  500.347549][T14450]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.347580][T14450]  ? rw_verify_area+0x258/0x650
[  500.347601][T14450]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.347630][T14450]  vfs_read+0x1fd/0x980
[  500.347658][T14450]  ? __pfx___mutex_lock+0x10/0x10
[  500.347684][T14450]  ? __pfx_vfs_read+0x10/0x10
[  500.347707][T14450]  ? __fget_files+0x2a/0x420
[  500.347738][T14450]  ? __fget_files+0x3a0/0x420
[  500.347769][T14450]  ? __fget_files+0x2a/0x420
[  500.347803][T14450]  ksys_read+0x145/0x250
[  500.347828][T14450]  ? __pfx_ksys_read+0x10/0x10
[  500.347853][T14450]  ? do_syscall_64+0xba/0x210
[  500.347882][T14450]  do_syscall_64+0xf6/0x210
[  500.347908][T14450]  ? clear_bhb_loop+0x45/0xa0
[  500.347933][T14450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.347952][T14450] RIP: 0033:0x7f0f1bf8d37c
[  500.347970][T14450] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  500.347988][T14450] RSP: 002b:00007f0f1ce32030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  500.348009][T14450] RAX: ffffffffffffffda RBX: 00007f0f1c1b5fa0 RCX: 00007f0f1bf8d37c
[  500.348024][T14450] RDX: 000000000000000f RSI: 00007f0f1ce320a0 RDI: 0000000000000005
[  500.348036][T14450] RBP: 00007f0f1ce32090 R08: 0000000000000000 R09: 0000000000000000
[  500.348049][T14450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.348060][T14450] R13: 0000000000000000 R14: 00007f0f1c1b5fa0 R15: 00007f0f1c2dfa28
[  500.348092][T14450]  </TASK>
[  501.390497][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.398703][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  501.970985][T14484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3233'.
[  502.042740][T14489] FAULT_INJECTION: forcing a failure.
[  502.042740][T14489] name failslab, interval 1, probability 0, space 0, times 0
[  502.157784][T14489] CPU: 0 UID: 0 PID: 14489 Comm: syz.3.3233 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  502.157815][T14489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  502.157827][T14489] Call Trace:
[  502.157835][T14489]  <TASK>
[  502.157844][T14489]  dump_stack_lvl+0x189/0x250
[  502.157881][T14489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  502.157911][T14489]  ? __pfx__printk+0x10/0x10
[  502.157937][T14489]  ? __pfx___might_resched+0x10/0x10
[  502.157961][T14489]  should_fail_ex+0x414/0x560
[  502.157987][T14489]  should_failslab+0xa8/0x100
[  502.158017][T14489]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  502.158043][T14489]  ? __alloc_skb+0x112/0x2d0
[  502.158072][T14489]  __alloc_skb+0x112/0x2d0
[  502.158100][T14489]  netlink_sendmsg+0x5c6/0xb30
[  502.158133][T14489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  502.158159][T14489]  ? aa_sock_msg_perm+0x94/0x160
[  502.158184][T14489]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  502.158208][T14489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  502.158231][T14489]  __sock_sendmsg+0x219/0x270
[  502.158255][T14489]  ____sys_sendmsg+0x505/0x830
[  502.158288][T14489]  ? __pfx_____sys_sendmsg+0x10/0x10
[  502.158324][T14489]  ? import_iovec+0x74/0xa0
[  502.158355][T14489]  ___sys_sendmsg+0x21f/0x2a0
[  502.158385][T14489]  ? __pfx____sys_sendmsg+0x10/0x10
[  502.158448][T14489]  ? __fget_files+0x2a/0x420
[  502.158482][T14489]  ? __fget_files+0x3a0/0x420
[  502.158518][T14489]  __x64_sys_sendmsg+0x19b/0x260
[  502.158548][T14489]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  502.158592][T14489]  ? do_syscall_64+0xba/0x210
[  502.158622][T14489]  do_syscall_64+0xf6/0x210
[  502.158647][T14489]  ? clear_bhb_loop+0x45/0xa0
[  502.158673][T14489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.158693][T14489] RIP: 0033:0x7f0ae1b8e969
[  502.158710][T14489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.158728][T14489] RSP: 002b:00007f0ae29d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  502.158749][T14489] RAX: ffffffffffffffda RBX: 00007f0ae1db6080 RCX: 00007f0ae1b8e969
[  502.158764][T14489] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  502.158777][T14489] RBP: 00007f0ae29d9090 R08: 0000000000000000 R09: 0000000000000000
[  502.158789][T14489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.158801][T14489] R13: 0000000000000001 R14: 00007f0ae1db6080 R15: 00007f0ae1edfa28
[  502.158832][T14489]  </TASK>
[  502.181882][T14484] bond1: entered allmulticast mode
[  502.428985][T14484] 8021q: adding VLAN 0 to HW filter on device bond1
[  502.556753][   T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  502.580089][T14494] FAULT_INJECTION: forcing a failure.
[  502.580089][T14494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  502.612947][T14494] CPU: 1 UID: 0 PID: 14494 Comm: syz.1.3235 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  502.612970][T14494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  502.612980][T14494] Call Trace:
[  502.612986][T14494]  <TASK>
[  502.612992][T14494]  dump_stack_lvl+0x189/0x250
[  502.613021][T14494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  502.613042][T14494]  ? __pfx__printk+0x10/0x10
[  502.613067][T14494]  should_fail_ex+0x414/0x560
[  502.613085][T14494]  _copy_to_user+0x31/0xb0
[  502.613107][T14494]  simple_read_from_buffer+0xe1/0x170
[  502.613128][T14494]  proc_fail_nth_read+0x1df/0x250
[  502.613151][T14494]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  502.613173][T14494]  ? rw_verify_area+0x258/0x650
[  502.613188][T14494]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  502.613208][T14494]  vfs_read+0x1fd/0x980
[  502.613228][T14494]  ? __pfx___mutex_lock+0x10/0x10
[  502.613246][T14494]  ? __pfx_vfs_read+0x10/0x10
[  502.613263][T14494]  ? __fget_files+0x2a/0x420
[  502.613284][T14494]  ? __fget_files+0x3a0/0x420
[  502.613301][T14494]  ? __fget_files+0x2a/0x420
[  502.613325][T14494]  ksys_read+0x145/0x250
[  502.613343][T14494]  ? __pfx_ksys_read+0x10/0x10
[  502.613361][T14494]  ? do_syscall_64+0xba/0x210
[  502.613381][T14494]  do_syscall_64+0xf6/0x210
[  502.613400][T14494]  ? clear_bhb_loop+0x45/0xa0
[  502.613417][T14494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.613431][T14494] RIP: 0033:0x7fb52fd8d37c
[  502.613444][T14494] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  502.613456][T14494] RSP: 002b:00007fb530bca030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  502.613472][T14494] RAX: ffffffffffffffda RBX: 00007fb52ffb5fa0 RCX: 00007fb52fd8d37c
[  502.613483][T14494] RDX: 000000000000000f RSI: 00007fb530bca0a0 RDI: 0000000000000004
[  502.613491][T14494] RBP: 00007fb530bca090 R08: 0000000000000000 R09: 0000000000000000
[  502.613500][T14494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.613508][T14494] R13: 0000000000000000 R14: 00007fb52ffb5fa0 R15: 00007fb5300dfa28
[  502.613530][T14494]  </TASK>
[  503.164869][   T24] usb 5-1: config 0 has no interfaces?
[  503.197880][T14506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3238'.
[  503.224476][   T24] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  503.238406][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.259967][T14506] bond1: entered allmulticast mode
[  503.267135][   T24] usb 5-1: Product: syz
[  503.268223][T14506] 8021q: adding VLAN 0 to HW filter on device bond1
[  503.271422][   T24] usb 5-1: Manufacturer: syz
[  503.287639][   T24] usb 5-1: SerialNumber: syz
[  503.295150][   T24] usb 5-1: config 0 descriptor??
[  503.391830][T14507] syzkaller1: entered promiscuous mode
[  503.406150][T14507] syzkaller1: entered allmulticast mode
[  503.447613][T14509] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  503.497257][T14509] batadv_slave_0: entered promiscuous mode
[  503.546270][T14509] batadv_slave_0: entered allmulticast mode
[  503.713842][T14509] batman_adv: batadv0: Removing interface: batadv_slave_0
[  503.871578][T14509] bond1: (slave batadv_slave_0): making interface the new active one
[  503.883865][T14509] bond1: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  503.896690][ T5834] usb 2-1: new low-speed USB device number 26 using dummy_hcd
[  504.283353][ T5834] usb 2-1: no configurations
[  504.288267][ T5834] usb 2-1: can't read configurations, error -22
[  504.407491][T14519] FAULT_INJECTION: forcing a failure.
[  504.407491][T14519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  504.445281][T14519] CPU: 1 UID: 0 PID: 14519 Comm: syz.2.3240 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  504.445304][T14519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  504.445314][T14519] Call Trace:
[  504.445320][T14519]  <TASK>
[  504.445327][T14519]  dump_stack_lvl+0x189/0x250
[  504.445355][T14519]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.445376][T14519]  ? __pfx__printk+0x10/0x10
[  504.445399][T14519]  should_fail_ex+0x414/0x560
[  504.445417][T14519]  _copy_to_user+0x31/0xb0
[  504.445452][T14519]  simple_read_from_buffer+0xe1/0x170
[  504.445474][T14519]  proc_fail_nth_read+0x1df/0x250
[  504.445496][T14519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  504.445518][T14519]  ? rw_verify_area+0x258/0x650
[  504.445533][T14519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  504.445554][T14519]  vfs_read+0x1fd/0x980
[  504.445574][T14519]  ? __pfx___mutex_lock+0x10/0x10
[  504.445592][T14519]  ? __pfx_vfs_read+0x10/0x10
[  504.445608][T14519]  ? __fget_files+0x2a/0x420
[  504.445630][T14519]  ? __fget_files+0x3a0/0x420
[  504.445647][T14519]  ? __fget_files+0x2a/0x420
[  504.445671][T14519]  ksys_read+0x145/0x250
[  504.445689][T14519]  ? __pfx_ksys_read+0x10/0x10
[  504.445707][T14519]  ? do_syscall_64+0xba/0x210
[  504.445728][T14519]  do_syscall_64+0xf6/0x210
[  504.445746][T14519]  ? clear_bhb_loop+0x45/0xa0
[  504.445764][T14519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.445778][T14519] RIP: 0033:0x7f11b718d37c
[  504.445792][T14519] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  504.445806][T14519] RSP: 002b:00007f11b806f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  504.445821][T14519] RAX: ffffffffffffffda RBX: 00007f11b73b5fa0 RCX: 00007f11b718d37c
[  504.445832][T14519] RDX: 000000000000000f RSI: 00007f11b806f0a0 RDI: 0000000000000005
[  504.445841][T14519] RBP: 00007f11b806f090 R08: 0000000000000000 R09: 0000000000000000
[  504.445850][T14519] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  504.445859][T14519] R13: 0000000000000000 R14: 00007f11b73b5fa0 R15: 00007f11b74dfa28
[  504.445881][T14519]  </TASK>
[  504.735047][ T5834] usb 2-1: new low-speed USB device number 27 using dummy_hcd
[  505.048429][ T5834] usb 2-1: no configurations
[  505.053103][ T5834] usb 2-1: can't read configurations, error -22
[  505.091347][ T5834] usb usb2-port1: attempt power cycle
[  505.412765][T14526] team0: entered promiscuous mode
[  505.469519][T14526] team_slave_0: entered promiscuous mode
[  505.493256][T14526] team_slave_1: entered promiscuous mode
[  505.506656][ T5834] usb 2-1: new low-speed USB device number 28 using dummy_hcd
[  505.542729][T14526] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  505.562336][T14526] team0: left promiscuous mode
[  505.570981][T14526] team_slave_0: left promiscuous mode
[  505.571072][ T5834] usb 2-1: no configurations
[  505.582828][T14526] team_slave_1: left promiscuous mode
[  505.644069][T14538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3244'.
[  505.692956][ T5834] usb 2-1: can't read configurations, error -22
[  506.398596][ T5887] usb 5-1: USB disconnect, device number 23
[  506.436213][ T5834] usb 2-1: new low-speed USB device number 29 using dummy_hcd
[  506.860521][T14548] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3245'.
[  507.495172][T14551] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  508.723638][ T5834] usb 2-1: device descriptor read/8, error -71
[  508.836941][ T5834] usb usb2-port1: unable to enumerate USB device
[  508.866653][ T5886] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  509.142570][ T5886] usb 3-1: config 0 has no interfaces?
[  509.151215][ T5886] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  509.160681][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.169620][ T5886] usb 3-1: Product: syz
[  509.173907][ T5886] usb 3-1: Manufacturer: syz
[  509.184031][ T5886] usb 3-1: SerialNumber: syz
[  509.191641][ T5886] usb 3-1: config 0 descriptor??
[  509.272862][T14563] FAULT_INJECTION: forcing a failure.
[  509.272862][T14563] name failslab, interval 1, probability 0, space 0, times 0
[  509.356674][T14563] CPU: 0 UID: 0 PID: 14563 Comm: syz.0.3249 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  509.356697][T14563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  509.356706][T14563] Call Trace:
[  509.356712][T14563]  <TASK>
[  509.356720][T14563]  dump_stack_lvl+0x189/0x250
[  509.356747][T14563]  ? __pfx_dump_stack_lvl+0x10/0x10
[  509.356768][T14563]  ? __pfx__printk+0x10/0x10
[  509.356789][T14563]  ? __pfx___might_resched+0x10/0x10
[  509.356802][T14563]  ? fs_reclaim_acquire+0x7d/0x100
[  509.356827][T14563]  should_fail_ex+0x414/0x560
[  509.356845][T14563]  should_failslab+0xa8/0x100
[  509.356866][T14563]  __kmalloc_cache_noprof+0x70/0x3d0
[  509.356884][T14563]  ? sctp_datamsg_from_user+0x88/0xef0
[  509.356901][T14563]  ? __lock_acquire+0xaac/0xd20
[  509.356923][T14563]  sctp_datamsg_from_user+0x88/0xef0
[  509.356941][T14563]  ? __sk_mem_raise_allocated+0xb14/0x1300
[  509.356964][T14563]  ? process_measurement+0x3d8/0x1a40
[  509.356987][T14563]  ? __sk_mem_schedule+0x7f/0xf0
[  509.357007][T14563]  ? __genradix_ptr+0x1e1/0x220
[  509.357046][T14563]  sctp_sendmsg_to_asoc+0x1003/0x1810
[  509.357076][T14563]  ? __lock_acquire+0xaac/0xd20
[  509.357106][T14563]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  509.357128][T14563]  ? __local_bh_enable_ip+0x12d/0x1c0
[  509.357150][T14563]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  509.357175][T14563]  ? sctp_sendmsg_check_sflags+0x18d/0x2e0
[  509.357200][T14563]  sctp_sendmsg+0x1941/0x2810
[  509.357231][T14563]  ? __pfx_sctp_sendmsg+0x10/0x10
[  509.357255][T14563]  ? aa_sk_perm+0x81e/0x950
[  509.357272][T14563]  ? __pfx_aa_sk_perm+0x10/0x10
[  509.357287][T14563]  ? sock_rps_record_flow+0x19/0x400
[  509.357311][T14563]  ? inet_sendmsg+0x2f4/0x370
[  509.357329][T14563]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  509.357348][T14563]  __sock_sendmsg+0x19c/0x270
[  509.357364][T14563]  ____sys_sendmsg+0x52d/0x830
[  509.357387][T14563]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.357412][T14563]  ? import_iovec+0x74/0xa0
[  509.357434][T14563]  ___sys_sendmsg+0x21f/0x2a0
[  509.357454][T14563]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.357499][T14563]  ? __fget_files+0x2a/0x420
[  509.357516][T14563]  ? __fget_files+0x3a0/0x420
[  509.357542][T14563]  __sys_sendmmsg+0x227/0x430
[  509.357564][T14563]  ? __pfx___sys_sendmmsg+0x10/0x10
[  509.357590][T14563]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  509.357622][T14563]  ? ksys_write+0x1f0/0x250
[  509.357637][T14563]  ? rcu_is_watching+0x15/0xb0
[  509.357665][T14563]  __x64_sys_sendmmsg+0xa0/0xc0
[  509.357686][T14563]  do_syscall_64+0xf6/0x210
[  509.357705][T14563]  ? clear_bhb_loop+0x45/0xa0
[  509.357723][T14563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.357737][T14563] RIP: 0033:0x7fb616d8e969
[  509.357750][T14563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.357762][T14563] RSP: 002b:00007fb617cdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  509.357778][T14563] RAX: ffffffffffffffda RBX: 00007fb616fb5fa0 RCX: 00007fb616d8e969
[  509.357788][T14563] RDX: 0000000000000001 RSI: 0000200000002000 RDI: 0000000000000003
[  509.357797][T14563] RBP: 00007fb617cdf090 R08: 0000000000000000 R09: 0000000000000000
[  509.357806][T14563] R10: 0000000000040000 R11: 0000000000000246 R12: 0000000000000001
[  509.357815][T14563] R13: 0000000000000000 R14: 00007fb616fb5fa0 R15: 00007fb6170dfa28
[  509.357836][T14563]  </TASK>
[  510.005538][T14565] FAULT_INJECTION: forcing a failure.
[  510.005538][T14565] name failslab, interval 1, probability 0, space 0, times 0
[  510.029270][T14567] netlink: 146840 bytes leftover after parsing attributes in process `syz.0.3251'.
[  510.102526][T14567] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3251'.
[  510.113338][T14565] CPU: 1 UID: 0 PID: 14565 Comm: syz.3.3250 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  510.113368][T14565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  510.113381][T14565] Call Trace:
[  510.113390][T14565]  <TASK>
[  510.113398][T14565]  dump_stack_lvl+0x189/0x250
[  510.113438][T14565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  510.113467][T14565]  ? __pfx__printk+0x10/0x10
[  510.113490][T14565]  ? __pfx___might_resched+0x10/0x10
[  510.113509][T14565]  ? fs_reclaim_acquire+0x7d/0x100
[  510.113544][T14565]  should_fail_ex+0x414/0x560
[  510.113569][T14565]  should_failslab+0xa8/0x100
[  510.113598][T14565]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  510.113624][T14565]  ? __alloc_skb+0x112/0x2d0
[  510.113652][T14565]  __alloc_skb+0x112/0x2d0
[  510.113680][T14565]  alloc_skb_with_frags+0xca/0x890
[  510.113705][T14565]  ? tomoyo_check_open_permission+0x16a/0x3b0
[  510.113726][T14565]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  510.113744][T14565]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  510.113778][T14565]  sock_alloc_send_pskb+0x857/0x990
[  510.113807][T14565]  ? register_lock_class+0x51/0x320
[  510.113853][T14565]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  510.113883][T14565]  ? __local_bh_enable_ip+0x12d/0x1c0
[  510.113922][T14565]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  510.113964][T14565]  j1939_sk_sendmsg+0x6f5/0x1350
[  510.114009][T14565]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  510.114033][T14565]  ? aa_sock_msg_perm+0x94/0x160
[  510.114058][T14565]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  510.114080][T14565]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  510.114105][T14565]  __sock_sendmsg+0x219/0x270
[  510.114128][T14565]  ____sys_sendmsg+0x505/0x830
[  510.114161][T14565]  ? __pfx_____sys_sendmsg+0x10/0x10
[  510.114197][T14565]  ? import_iovec+0x74/0xa0
[  510.114228][T14565]  ___sys_sendmsg+0x21f/0x2a0
[  510.114258][T14565]  ? __pfx____sys_sendmsg+0x10/0x10
[  510.114321][T14565]  ? __fget_files+0x2a/0x420
[  510.114346][T14565]  ? __fget_files+0x3a0/0x420
[  510.114381][T14565]  __x64_sys_sendmsg+0x19b/0x260
[  510.114411][T14565]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  510.114456][T14565]  ? do_syscall_64+0xba/0x210
[  510.114485][T14565]  do_syscall_64+0xf6/0x210
[  510.114511][T14565]  ? clear_bhb_loop+0x45/0xa0
[  510.114536][T14565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.114555][T14565] RIP: 0033:0x7f0ae1b8e969
[  510.114573][T14565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.114592][T14565] RSP: 002b:00007f0ae29fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  510.114613][T14565] RAX: ffffffffffffffda RBX: 00007f0ae1db5fa0 RCX: 00007f0ae1b8e969
[  510.114628][T14565] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  510.114640][T14565] RBP: 00007f0ae29fa090 R08: 0000000000000000 R09: 0000000000000000
[  510.114653][T14565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.114665][T14565] R13: 0000000000000000 R14: 00007f0ae1db5fa0 R15: 00007f0ae1edfa28
[  510.114696][T14565]  </TASK>
[  511.105291][   T30] audit: type=1326 audit(1746977776.343:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.128328][   T30] audit: type=1326 audit(1746977776.343:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.234572][   T30] audit: type=1326 audit(1746977776.343:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.361005][   T30] audit: type=1326 audit(1746977776.343:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.522416][   T30] audit: type=1326 audit(1746977776.343:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.624717][   T30] audit: type=1326 audit(1746977776.343:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.724825][   T30] audit: type=1326 audit(1746977776.343:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14573 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb616d8e969 code=0x7ffc0000
[  511.937003][ T5887] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  512.497075][ T5887] usb 2-1: Using ep0 maxpacket: 8
[  512.512682][ T5887] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  512.544961][ T5887] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  512.626701][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.649187][ T5887] usb 2-1: Product: syz
[  512.654610][ T5887] usb 2-1: Manufacturer: syz
[  512.662177][ T5887] usb 2-1: SerialNumber: syz
[  512.673577][ T5887] usb 2-1: config 0 descriptor??
[  512.725557][ T5834] usb 3-1: USB disconnect, device number 27
[  512.824910][T14607] FAULT_INJECTION: forcing a failure.
[  512.824910][T14607] name failslab, interval 1, probability 0, space 0, times 0
[  512.846681][ T5889] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  512.867096][T14607] CPU: 0 UID: 0 PID: 14607 Comm: syz.2.3263 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  512.867125][T14607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  512.867138][T14607] Call Trace:
[  512.867146][T14607]  <TASK>
[  512.867155][T14607]  dump_stack_lvl+0x189/0x250
[  512.867192][T14607]  ? __pfx_dump_stack_lvl+0x10/0x10
[  512.867221][T14607]  ? __pfx__printk+0x10/0x10
[  512.867247][T14607]  ? __pfx___might_resched+0x10/0x10
[  512.867264][T14607]  ? fs_reclaim_acquire+0x7d/0x100
[  512.867299][T14607]  should_fail_ex+0x414/0x560
[  512.867323][T14607]  ? xt_alloc_table_info+0x3b/0xa0
[  512.867347][T14607]  should_failslab+0xa8/0x100
[  512.867374][T14607]  __kvmalloc_node_noprof+0x168/0x5e0
[  512.867402][T14607]  ? xt_alloc_table_info+0x3b/0xa0
[  512.867432][T14607]  xt_alloc_table_info+0x3b/0xa0
[  512.867457][T14607]  do_ip6t_set_ctl+0x88a/0xce0
[  512.867488][T14607]  ? rcu_is_watching+0x15/0xb0
[  512.867518][T14607]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  512.867558][T14607]  ? __pfx___mutex_lock+0x10/0x10
[  512.867584][T14607]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  512.867614][T14607]  ? rcu_read_lock_any_held+0xb3/0x120
[  512.867634][T14607]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  512.867662][T14607]  nf_setsockopt+0x26c/0x290
[  512.867701][T14607]  rawv6_setsockopt+0x23b/0x5b0
[  512.867732][T14607]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  512.867758][T14607]  ? aa_sock_opt_perm+0x74/0x110
[  512.867781][T14607]  ? sock_common_setsockopt+0x36/0xc0
[  512.867803][T14607]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  512.867827][T14607]  do_sock_setsockopt+0x257/0x3e0
[  512.867856][T14607]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  512.867879][T14607]  ? __fget_files+0x2a/0x420
[  512.867909][T14607]  ? __fget_files+0x3a0/0x420
[  512.867933][T14607]  ? __fget_files+0x2a/0x420
[  512.867967][T14607]  __x64_sys_setsockopt+0x18b/0x220
[  512.867998][T14607]  do_syscall_64+0xf6/0x210
[  512.868025][T14607]  ? clear_bhb_loop+0x45/0xa0
[  512.868050][T14607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.868069][T14607] RIP: 0033:0x7f11b718e969
[  512.868087][T14607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  512.868105][T14607] RSP: 002b:00007f11b806f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  512.868127][T14607] RAX: ffffffffffffffda RBX: 00007f11b73b5fa0 RCX: 00007f11b718e969
[  512.868142][T14607] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  512.868153][T14607] RBP: 00007f11b806f090 R08: 0000000000000498 R09: 0000000000000000
[  512.868166][T14607] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  512.868179][T14607] R13: 0000000000000000 R14: 00007f11b73b5fa0 R15: 00007f11b74dfa28
[  512.868210][T14607]  </TASK>
[  512.868820][T14607] xt_hashlimit: size too large, truncated to 1048576
[  513.246706][ T5889] usb 1-1: Using ep0 maxpacket: 8
[  513.259610][ T5889] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  513.275879][ T5895] usb 2-1: USB disconnect, device number 30
[  513.289231][ T5889] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  513.322536][ T5889] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  513.348246][ T5889] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  513.406120][ T5889] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  513.445768][ T5889] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.671335][ T5889] usb 1-1: GET_CAPABILITIES returned 0
[  513.678358][ T5889] usbtmc 1-1:16.0: can't read capabilities
[  513.900441][T14600] capability: warning: `syz.0.3261' uses deprecated v2 capabilities in a way that may be insecure
[  513.924435][ T5889] usb 1-1: USB disconnect, device number 22
[  514.195098][T14624] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3266'.
[  514.366906][T14629] xt_hashlimit: size too large, truncated to 1048576
[  514.776675][  T974] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  514.959965][  T974] usb 2-1: Using ep0 maxpacket: 32
[  514.976694][ T5889] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  515.009322][  T974] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  515.063711][  T974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.126244][  T974] usb 2-1: config 0 descriptor??
[  515.151117][  T974] gspca_main: sq930x-2.14.0 probing 041e:403c
[  515.188628][ T5889] usb 5-1: Using ep0 maxpacket: 16
[  515.202054][ T5889] usb 5-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  515.217453][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.236589][ T5889] usb 5-1: Product: syz
[  515.240881][ T5889] usb 5-1: Manufacturer: syz
[  515.246383][ T5889] usb 5-1: SerialNumber: syz
[  515.282242][ T5889] usb 5-1: config 0 descriptor??
[  515.366860][ T5895] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  515.456833][  T974] gspca_sq930x: reg_w 0305 fd00 failed -71
[  515.488317][  T974] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  515.518666][ T5889] speedtch 5-1:0.0: speedtch_bind: data interface not found!
[  515.530635][ T5895] usb 3-1: config 0 has an invalid interface number: 83 but max is 0
[  515.538933][ T5889] speedtch 5-1:0.0: usbatm_usb_probe: bind failed: -19!
[  515.551331][  T974] usb 2-1: USB disconnect, device number 31
[  515.567159][ T5889] usb 5-1: USB disconnect, device number 24
[  515.594384][ T5895] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  515.639465][ T5895] usb 3-1: config 0 has no interface number 0
[  515.694024][ T5895] usb 3-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  515.746373][ T5895] usb 3-1: config 0 interface 83 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  515.806742][ T5895] usb 3-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[  515.840499][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.858144][T14651] loop2: detected capacity change from 0 to 7
[  515.873626][ T5895] usb 3-1: config 0 descriptor??
[  515.954767][ T5895] ttusbir 3-1:0.83: cannot find expected altsetting
[  516.066400][T14651]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  516.075390][T14651] loop2: partition table partially beyond EOD, truncated
[  516.168291][T14651] loop2: p1 size 2989602745 extends beyond EOD, truncated
[  516.216306][T14646] program syz.2.3273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  516.541626][ T5889] usb 3-1: USB disconnect, device number 28
[  517.435140][ T5200]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  517.572462][ T5200] loop2: partition table partially beyond EOD, truncated
[  517.620584][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  517.631199][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  517.642642][ T5200] loop2: p1 size 2989602745 extends beyond EOD, truncated
[  517.650356][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  517.672344][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  517.682220][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  518.033622][ T5200]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  518.052315][ T5200] loop2: partition table partially beyond EOD, truncated
[  518.066964][ T5200] loop2: p1 size 2989602745 extends beyond EOD, truncated
[  518.766653][ T5887] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  518.958964][ T5887] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  518.969904][ T5887] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  519.010238][ T5887] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  519.019499][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.221091][T14693] FAULT_INJECTION: forcing a failure.
[  519.221091][T14693] name failslab, interval 1, probability 0, space 0, times 0
[  519.235059][ T5887] usb 3-1: usb_control_msg returned -32
[  519.240919][T14693] CPU: 1 UID: 0 PID: 14693 Comm: syz.3.3287 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  519.240940][T14693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  519.240949][T14693] Call Trace:
[  519.240955][T14693]  <TASK>
[  519.240961][T14693]  dump_stack_lvl+0x189/0x250
[  519.240988][T14693]  ? __pfx_dump_stack_lvl+0x10/0x10
[  519.241009][T14693]  ? __pfx__printk+0x10/0x10
[  519.241025][T14693]  ? __pfx___might_resched+0x10/0x10
[  519.241038][T14693]  ? fs_reclaim_acquire+0x7d/0x100
[  519.241063][T14693]  should_fail_ex+0x414/0x560
[  519.241081][T14693]  should_failslab+0xa8/0x100
[  519.241102][T14693]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  519.241121][T14693]  ? __alloc_skb+0x112/0x2d0
[  519.241141][T14693]  __alloc_skb+0x112/0x2d0
[  519.241160][T14693]  _sctp_make_chunk+0x5e/0x430
[  519.241185][T14693]  sctp_make_datafrag_empty+0x122/0x230
[  519.241207][T14693]  ? __pfx_sctp_make_datafrag_empty+0x10/0x10
[  519.241225][T14693]  ? __kasan_kmalloc+0x93/0xb0
[  519.241243][T14693]  ? sctp_auth_send_cid+0x69/0x250
[  519.241266][T14693]  sctp_datamsg_from_user+0x726/0xef0
[  519.241294][T14693]  ? __genradix_ptr+0x1e1/0x220
[  519.241316][T14693]  sctp_sendmsg_to_asoc+0x1003/0x1810
[  519.241345][T14693]  ? __lock_acquire+0xaac/0xd20
[  519.241375][T14693]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  519.241398][T14693]  ? __local_bh_enable_ip+0x12d/0x1c0
[  519.241420][T14693]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  519.241444][T14693]  ? sctp_sendmsg_check_sflags+0x18d/0x2e0
[  519.241470][T14693]  sctp_sendmsg+0x1941/0x2810
[  519.241501][T14693]  ? __pfx_sctp_sendmsg+0x10/0x10
[  519.241525][T14693]  ? aa_sk_perm+0x81e/0x950
[  519.241542][T14693]  ? __pfx_aa_sk_perm+0x10/0x10
[  519.241558][T14693]  ? sock_rps_record_flow+0x19/0x400
[  519.241581][T14693]  ? inet_sendmsg+0x2f4/0x370
[  519.241600][T14693]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  519.241618][T14693]  __sock_sendmsg+0x19c/0x270
[  519.241634][T14693]  ____sys_sendmsg+0x505/0x830
[  519.241657][T14693]  ? __pfx_____sys_sendmsg+0x10/0x10
[  519.241683][T14693]  ? import_iovec+0x74/0xa0
[  519.241705][T14693]  ___sys_sendmsg+0x21f/0x2a0
[  519.241725][T14693]  ? __pfx____sys_sendmsg+0x10/0x10
[  519.241770][T14693]  ? __fget_files+0x2a/0x420
[  519.241788][T14693]  ? __fget_files+0x3a0/0x420
[  519.241815][T14693]  __x64_sys_sendmsg+0x19b/0x260
[  519.241836][T14693]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  519.241867][T14693]  ? do_syscall_64+0xba/0x210
[  519.241894][T14693]  do_syscall_64+0xf6/0x210
[  519.241912][T14693]  ? clear_bhb_loop+0x45/0xa0
[  519.241930][T14693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.241944][T14693] RIP: 0033:0x7f0ae1b8e969
[  519.241957][T14693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  519.241969][T14693] RSP: 002b:00007f0ae29fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  519.241985][T14693] RAX: ffffffffffffffda RBX: 00007f0ae1db5fa0 RCX: 00007f0ae1b8e969
[  519.241996][T14693] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  519.242005][T14693] RBP: 00007f0ae29fa090 R08: 0000000000000000 R09: 0000000000000000
[  519.242013][T14693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.242022][T14693] R13: 0000000000000000 R14: 00007f0ae1db5fa0 R15: 00007f0ae1edfa28
[  519.242043][T14693]  </TASK>
[  519.573343][ T5887] usbtmc 3-1:16.0: can't read capabilities
[  519.776377][ T5839] Bluetooth: hci4: command tx timeout
[  519.795156][T14696] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  519.863720][T14696] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  520.057507][T14703] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  520.530008][T14676] chnl_net:caif_netlink_parms(): no params data found
[  521.176627][ T5834] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  521.310104][T14676] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.334115][T14676] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.353208][ T5834] usb 1-1: Using ep0 maxpacket: 8
[  521.365053][T14676] bridge_slave_0: entered allmulticast mode
[  521.373631][ T5834] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  521.398946][T14676] bridge_slave_0: entered promiscuous mode
[  521.404984][ T5834] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.440587][ T5834] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  521.464627][ T5834] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  521.486904][ T5834] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  521.533572][ T5834] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice= 0.40
[  521.589961][T14676] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.636822][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  521.652330][T14676] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.671746][ T5834] usb 1-1: SerialNumber: syz
[  521.696406][T14676] bridge_slave_1: entered allmulticast mode
[  521.715013][T14676] bridge_slave_1: entered promiscuous mode
[  521.740780][ T5834] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  521.786865][ T5839] Bluetooth: hci4: command tx timeout
[  521.801318][ T5834] usbtest 1-1:1.0: Linux gadget zero
[  521.806941][ T5834] usbtest 1-1:1.0: high-speed {control in/out bulk-in int-in} tests (+alt)
[  521.983988][ T5886] usb 1-1: USB disconnect, device number 23
[  522.140155][T14676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  522.177736][ T5834] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  522.193145][T14676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  522.350716][ T5834] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  522.365664][ T5834] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  522.385537][ T6047] veth0_to_bridge: left allmulticast mode
[  522.406756][ T6047] veth0_to_bridge: left promiscuous mode
[  522.414972][ T5834] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  522.436836][ T6047] bridge0: port 3(veth0_to_bridge) entered disabled state
[  522.445629][ T5834] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  522.459252][ T5834] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  522.496767][ T5834] usb 4-1: config 0 interface 0 has no altsetting 0
[  522.528358][ T6047] bridge_slave_1: left allmulticast mode
[  522.540140][ T6047] bridge_slave_1: left promiscuous mode
[  522.547930][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state
[  522.560387][ T5834] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  522.569582][ T5834] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  522.579213][ T5834] usb 4-1: Product: syz
[  522.583809][ T5834] usb 4-1: Manufacturer: syz
[  522.606691][ T5834] usb 4-1: SerialNumber: syz
[  522.621734][ T6047] bridge_slave_0: left allmulticast mode
[  522.653958][ T6047] bridge_slave_0: left promiscuous mode
[  522.663601][ T5834] usb 4-1: config 0 descriptor??
[  522.693629][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state
[  522.701501][T14727] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  522.739366][ T5834] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  522.768823][ T5834] ldusb 4-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  522.946660][ T5834] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  523.043591][ T6047] ip6gretap0 (unregistering): left promiscuous mode
[  523.138390][ T5834] usb 2-1: Using ep0 maxpacket: 8
[  523.163416][ T5834] usb 2-1: too many endpoints for config 0 interface 0 altsetting 4: 65, using maximum allowed: 30
[  523.178640][ T5834] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  523.189964][ T5834] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  523.200209][ T5834] usb 2-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  523.213428][ T5834] usb 2-1: config 0 interface 0 has no altsetting 0
[  523.255769][ T5834] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  523.303014][ T5834] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.373016][ T5834] usb 2-1: config 0 descriptor??
[  523.818302][ T5834] kye 0003:0458:5011.0007: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  523.835685][ T5834] kye 0003:0458:5011.0007: unknown main item tag 0x0
[  523.864716][ T5834] kye 0003:0458:5011.0007: unknown main item tag 0x0
[  523.872265][ T5839] Bluetooth: hci4: command tx timeout
[  523.880923][ T5834] kye 0003:0458:5011.0007: unknown main item tag 0x0
[  523.890773][ T5834] kye 0003:0458:5011.0007: unknown main item tag 0x0
[  523.922123][ T5834] kye 0003:0458:5011.0007: hidraw0: USB HID v0.05 Device [HID 0458:5011] on usb-dummy_hcd.1-1/input0
[  523.935356][ T5834] kye 0003:0458:5011.0007: tablet-enabling feature report not found
[  523.943828][ T5834] kye 0003:0458:5011.0007: tablet enabling failed
[  524.113289][ T5834] usb 2-1: USB disconnect, device number 32
[  524.160205][ T6047] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  524.174666][ T6047] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  524.184763][ T6047] bond0 (unregistering): Released all slaves
[  524.204451][ T6047] bond1 (unregistering): Released all slaves
[  524.331001][ T6047] bond2 (unregistering): Released all slaves
[  524.464921][ T6047] bond3 (unregistering): (slave veth0_to_bond): Releasing active interface
[  524.475747][ T6047] bond3 (unregistering): Released all slaves
[  524.631614][ T6047] bond4 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  524.644577][ T6047] bond4 (unregistering): Released all slaves
[  524.705014][T14759] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  524.807507][T14676] team0: Port device team_slave_0 added
[  524.944723][T14676] team0: Port device team_slave_1 added
[  525.027648][T14762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3299'.
[  525.167899][T14676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  525.203447][T14676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  525.238801][T14676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  525.306161][T14676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  525.318715][T14680] usbtmc 3-1:16.0: usbtmc_ioctl_request failed -110
[  525.362861][T14676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  525.428858][ T5834] usb 3-1: USB disconnect, device number 29
[  525.435077][T14676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  525.754715][T14676] hsr_slave_0: entered promiscuous mode
[  525.768432][T14779] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3304'.
[  525.780297][T14676] hsr_slave_1: entered promiscuous mode
[  525.792091][T14676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  525.809644][T14676] Cannot create hsr debugfs directory
[  525.823232][T14781] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3304'.
[  525.880050][ T6047] hsr_slave_0: left promiscuous mode
[  525.898804][ T6047] hsr_slave_1: left promiscuous mode
[  525.916271][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_1
[  525.946971][ T5839] Bluetooth: hci4: command tx timeout
[  526.524363][T14798] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  526.944091][ T6047] team0 (unregistering): Port device team_slave_1 removed
[  526.992925][ T6047] team0 (unregistering): Port device team_slave_0 removed
[  527.757139][ T5834] usb 4-1: USB disconnect, device number 21
[  527.807291][ T5834] ldusb 4-1:0.0: LD USB Device #1 now disconnected
[  527.884922][T14808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3311'.
[  527.922096][T14808] bridge0: port 2(bridge_slave_1) entered learning state
[  527.972282][T14808] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.114209][T14822] FAULT_INJECTION: forcing a failure.
[  528.114209][T14822] name failslab, interval 1, probability 0, space 0, times 0
[  528.190283][T14822] CPU: 0 UID: 0 PID: 14822 Comm: syz.1.3315 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  528.190316][T14822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  528.190330][T14822] Call Trace:
[  528.190339][T14822]  <TASK>
[  528.190349][T14822]  dump_stack_lvl+0x189/0x250
[  528.190389][T14822]  ? __pfx_dump_stack_lvl+0x10/0x10
[  528.190420][T14822]  ? __pfx__printk+0x10/0x10
[  528.190448][T14822]  ? __pfx___might_resched+0x10/0x10
[  528.190466][T14822]  ? fs_reclaim_acquire+0x7d/0x100
[  528.190502][T14822]  should_fail_ex+0x414/0x560
[  528.190529][T14822]  should_failslab+0xa8/0x100
[  528.190559][T14822]  __kmalloc_cache_noprof+0x70/0x3d0
[  528.190584][T14822]  ? cgroup_pidlist_start+0x8e3/0x10c0
[  528.190610][T14822]  cgroup_pidlist_start+0x8e3/0x10c0
[  528.190641][T14822]  ? __pfx_cgroup_pidlist_start+0x10/0x10
[  528.190688][T14822]  kernfs_seq_start+0x17d/0x3c0
[  528.190716][T14822]  traverse+0x15c/0x570
[  528.190739][T14822]  ? aa_file_perm+0x11f/0xed0
[  528.190775][T14822]  seq_read_iter+0xcfe/0xe10
[  528.190803][T14822]  ? __lock_acquire+0xaac/0xd20
[  528.190832][T14822]  ? kernfs_fop_read_iter+0x13f/0x640
[  528.190863][T14822]  do_iter_readv_writev+0x56b/0x7f0
[  528.190893][T14822]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  528.190934][T14822]  ? rw_verify_area+0x258/0x650
[  528.190960][T14822]  vfs_readv+0x257/0x840
[  528.190995][T14822]  ? __pfx_vfs_readv+0x10/0x10
[  528.191039][T14822]  ? __fget_files+0x2a/0x420
[  528.191070][T14822]  ? __fget_files+0x3a0/0x420
[  528.191095][T14822]  ? __fget_files+0x2a/0x420
[  528.191173][T14822]  __x64_sys_preadv+0x197/0x2a0
[  528.191198][T14822]  ? rcu_is_watching+0x15/0xb0
[  528.191230][T14822]  ? __pfx___x64_sys_preadv+0x10/0x10
[  528.191260][T14822]  ? do_syscall_64+0xba/0x210
[  528.191291][T14822]  do_syscall_64+0xf6/0x210
[  528.191318][T14822]  ? clear_bhb_loop+0x45/0xa0
[  528.191344][T14822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.191364][T14822] RIP: 0033:0x7fb52fd8e969
[  528.191383][T14822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.191401][T14822] RSP: 002b:00007fb530bca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  528.191423][T14822] RAX: ffffffffffffffda RBX: 00007fb52ffb5fa0 RCX: 00007fb52fd8e969
[  528.191438][T14822] RDX: 0000000000000001 RSI: 0000200000000600 RDI: 0000000000000005
[  528.191451][T14822] RBP: 00007fb530bca090 R08: 0000000000020002 R09: 0000000000000000
[  528.191465][T14822] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  528.191477][T14822] R13: 0000000000000000 R14: 00007fb52ffb5fa0 R15: 00007fb5300dfa28
[  528.191511][T14822]  </TASK>
[  528.685568][T14831] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  528.763980][T14835] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3319'.
[  528.809985][T14835] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3319'.
[  529.221240][T14852] FAULT_INJECTION: forcing a failure.
[  529.221240][T14852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  529.228657][T14854] netlink: 320 bytes leftover after parsing attributes in process `syz.0.3323'.
[  529.249531][T14852] CPU: 0 UID: 0 PID: 14852 Comm: syz.3.3322 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  529.249562][T14852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  529.249575][T14852] Call Trace:
[  529.249583][T14852]  <TASK>
[  529.249592][T14852]  dump_stack_lvl+0x189/0x250
[  529.249637][T14852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  529.249668][T14852]  ? __pfx__printk+0x10/0x10
[  529.249701][T14852]  should_fail_ex+0x414/0x560
[  529.249728][T14852]  _copy_to_user+0x31/0xb0
[  529.249758][T14852]  simple_read_from_buffer+0xe1/0x170
[  529.249789][T14852]  proc_fail_nth_read+0x1df/0x250
[  529.249821][T14852]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  529.249853][T14852]  ? rw_verify_area+0x258/0x650
[  529.249873][T14852]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  529.249903][T14852]  vfs_read+0x1fd/0x980
[  529.249932][T14852]  ? __pfx___mutex_lock+0x10/0x10
[  529.249959][T14852]  ? __pfx_vfs_read+0x10/0x10
[  529.249988][T14852]  ? __fget_files+0x2a/0x420
[  529.250020][T14852]  ? __fget_files+0x3a0/0x420
[  529.250044][T14852]  ? __fget_files+0x2a/0x420
[  529.250079][T14852]  ksys_read+0x145/0x250
[  529.250104][T14852]  ? __pfx_ksys_read+0x10/0x10
[  529.250131][T14852]  ? do_syscall_64+0xba/0x210
[  529.250161][T14852]  do_syscall_64+0xf6/0x210
[  529.250188][T14852]  ? clear_bhb_loop+0x45/0xa0
[  529.250213][T14852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.250234][T14852] RIP: 0033:0x7f0ae1b8d37c
[  529.250252][T14852] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  529.250271][T14852] RSP: 002b:00007f0ae29d9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  529.250292][T14852] RAX: ffffffffffffffda RBX: 00007f0ae1db6080 RCX: 00007f0ae1b8d37c
[  529.250307][T14852] RDX: 000000000000000f RSI: 00007f0ae29d90a0 RDI: 0000000000000005
[  529.250320][T14852] RBP: 00007f0ae29d9090 R08: 0000000000000000 R09: 0000000000000000
[  529.250332][T14852] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  529.250345][T14852] R13: 0000000000000000 R14: 00007f0ae1db6080 R15: 00007f0ae1edfa28
[  529.250377][T14852]  </TASK>
[  529.881690][T14868] trusted_key: encrypted_key: insufficient parameters specified
[  529.998628][T14868] 8021q: VLANs not supported on ip6tnl0
[  530.276781][T14876] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3330'.
[  530.310453][T14876] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3330'.
[  530.325122][T14676] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  530.338812][T14880] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  530.375896][T14676] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  530.460425][T14676] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  530.499445][T14676] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  530.854194][T14676] 8021q: adding VLAN 0 to HW filter on device bond0
[  530.965196][T14676] 8021q: adding VLAN 0 to HW filter on device team0
[  531.038716][ T6052] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.046013][ T6052] bridge0: port 1(bridge_slave_0) entered forwarding state
[  531.143368][ T6052] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.150655][ T6052] bridge0: port 2(bridge_slave_1) entered forwarding state
[  531.302927][T14909] binder: BINDER_SET_CONTEXT_MGR already set
[  531.309055][T14909] binder: 14902:14909 ioctl 4018620d 200000000040 returned -16
[  531.454987][T14676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  531.469883][T14917] FAULT_INJECTION: forcing a failure.
[  531.469883][T14917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.490299][T14916] FAULT_INJECTION: forcing a failure.
[  531.490299][T14916] name failslab, interval 1, probability 0, space 0, times 0
[  531.507522][T14917] CPU: 0 UID: 0 PID: 14917 Comm: syz.1.3339 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  531.507554][T14917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  531.507565][T14917] Call Trace:
[  531.507571][T14917]  <TASK>
[  531.507578][T14917]  dump_stack_lvl+0x189/0x250
[  531.507601][T14917]  ? __lock_acquire+0xaac/0xd20
[  531.507624][T14917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.507644][T14917]  ? __pfx__printk+0x10/0x10
[  531.507658][T14917]  ? __might_fault+0xb0/0x130
[  531.507685][T14917]  should_fail_ex+0x414/0x560
[  531.507703][T14917]  _copy_from_user+0x2d/0xb0
[  531.507724][T14917]  kstrtouint_from_user+0xc4/0x170
[  531.507742][T14917]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  531.507771][T14917]  proc_fail_nth_write+0x88/0x240
[  531.507791][T14917]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  531.507815][T14917]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  531.507836][T14917]  vfs_write+0x27b/0xa90
[  531.507859][T14917]  ? __pfx_vfs_write+0x10/0x10
[  531.507885][T14917]  ? __fget_files+0x2a/0x420
[  531.507906][T14917]  ? __fget_files+0x3a0/0x420
[  531.507923][T14917]  ? __fget_files+0x2a/0x420
[  531.507948][T14917]  ksys_write+0x145/0x250
[  531.507963][T14917]  ? rcu_is_watching+0x15/0xb0
[  531.507985][T14917]  ? __pfx_ksys_write+0x10/0x10
[  531.508004][T14917]  ? do_syscall_64+0xba/0x210
[  531.508026][T14917]  do_syscall_64+0xf6/0x210
[  531.508044][T14917]  ? clear_bhb_loop+0x45/0xa0
[  531.508062][T14917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.508076][T14917] RIP: 0033:0x7fb52fd8d41f
[  531.508090][T14917] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  531.508103][T14917] RSP: 002b:00007fb530ba9030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  531.508119][T14917] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb52fd8d41f
[  531.508131][T14917] RDX: 0000000000000001 RSI: 00007fb530ba90a0 RDI: 0000000000000006
[  531.508140][T14917] RBP: 00007fb530ba9090 R08: 0000000000000000 R09: 0000000000000000
[  531.508149][T14917] R10: 0000000000004100 R11: 0000000000000293 R12: 0000000000000001
[  531.508158][T14917] R13: 0000000000000000 R14: 00007fb52ffb6080 R15: 00007fb5300dfa28
[  531.508180][T14917]  </TASK>
[  531.540463][T14916] CPU: 1 UID: 0 PID: 14916 Comm: syz.3.3340 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  531.540501][T14916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  531.540515][T14916] Call Trace:
[  531.540524][T14916]  <TASK>
[  531.540533][T14916]  dump_stack_lvl+0x189/0x250
[  531.540571][T14916]  ? lockdep_hardirqs_on+0x9c/0x150
[  531.540597][T14916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.540629][T14916]  ? __pfx__printk+0x10/0x10
[  531.540658][T14916]  ? sctp_get_port_local+0xe4c/0x1610
[  531.540686][T14916]  should_fail_ex+0x414/0x560
[  531.540714][T14916]  should_failslab+0xa8/0x100
[  531.540745][T14916]  __kmalloc_cache_noprof+0x70/0x3d0
[  531.540773][T14916]  ? sctp_add_bind_addr+0x8c/0x370
[  531.540807][T14916]  sctp_add_bind_addr+0x8c/0x370
[  531.540832][T14916]  ? sctp_auto_asconf_init+0x15c/0x1e0
[  531.540858][T14916]  sctp_do_bind+0x5ab/0x940
[  531.540892][T14916]  sctp_setsockopt_bindx+0x260/0x430
[  531.540921][T14916]  sctp_setsockopt+0x7eb/0x1200
[  531.540954][T14916]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  531.540980][T14916]  do_sock_setsockopt+0x257/0x3e0
[  531.541012][T14916]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  531.541036][T14916]  ? __fget_files+0x2a/0x420
[  531.541069][T14916]  ? __fget_files+0x3a0/0x420
[  531.541095][T14916]  ? __fget_files+0x2a/0x420
[  531.541141][T14916]  __x64_sys_setsockopt+0x18b/0x220
[  531.541176][T14916]  do_syscall_64+0xf6/0x210
[  531.541205][T14916]  ? clear_bhb_loop+0x45/0xa0
[  531.541231][T14916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.541252][T14916] RIP: 0033:0x7f0ae1b8e969
[  531.541271][T14916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.541290][T14916] RSP: 002b:00007f0ae29fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  531.541314][T14916] RAX: ffffffffffffffda RBX: 00007f0ae1db5fa0 RCX: 00007f0ae1b8e969
[  531.541330][T14916] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000004
[  531.541343][T14916] RBP: 00007f0ae29fa090 R08: 000000000000001c R09: 0000000000000000
[  531.541357][T14916] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[  531.541371][T14916] R13: 0000000000000000 R14: 00007f0ae1db5fa0 R15: 00007f0ae1edfa28
[  531.541405][T14916]  </TASK>
[  531.993391][T14676] veth0_vlan: entered promiscuous mode
[  532.004351][T14676] veth1_vlan: entered promiscuous mode
[  532.029459][T14676] veth0_macvtap: entered promiscuous mode
[  532.038454][T14676] veth1_macvtap: entered promiscuous mode
[  532.053494][T14676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.063986][T14676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.075099][T14676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.085562][T14676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.096572][T14676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  532.108957][T14676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.119532][T14676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.129371][T14676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.139808][T14676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.149786][T14676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.160240][T14676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.170080][T14676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.181318][T14676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.192482][T14676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.202344][T14676] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  532.211124][T14676] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  532.219868][T14676] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  532.228589][T14676] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  532.295759][   T55] ------------[ cut here ]------------
[  532.301956][   T55] WARNING: CPU: 1 PID: 55 at net/bluetooth/hci_conn.c:568 hci_conn_timeout+0xff/0x290
[  532.311762][   T55] Modules linked in:
[  532.315987][   T55] CPU: 1 UID: 0 PID: 55 Comm: kworker/u9:0 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  532.316654][ T5889] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  532.328176][   T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.345992][   T55] Workqueue: hci5 hci_conn_timeout
[  532.351238][   T55] RIP: 0010:hci_conn_timeout+0xff/0x290
[  532.357113][   T55] Code: 48 89 df e8 63 fc 08 00 eb 07 e8 dc 45 69 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 17 d1 fe ff e8 c2 45 69 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[  532.376884][   T55] RSP: 0018:ffffc9000121faf0 EFLAGS: 00010293
[  532.383519][   T55] RAX: ffffffff8a568a6e RBX: ffff888031b34000 RCX: ffff8880216e5a00
[  532.392131][   T55] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[  532.400235][   T55] RBP: 00000000ffffffff R08: ffff888031b34013 R09: 1ffff11006366802
[  532.408283][   T55] R10: dffffc0000000000 R11: ffffed1006366803 R12: dffffc0000000000
[  532.416263][   T55] R13: ffff88801a1ee018 R14: ffff888031b34948 R15: ffff888031b34010
[  532.424305][   T55] FS:  0000000000000000(0000) GS:ffff8881261cb000(0000) knlGS:0000000000000000
[  532.433313][   T55] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  532.440018][   T55] CR2: 0000001b2d91b000 CR3: 0000000031478000 CR4: 00000000003526f0
[  532.448060][   T55] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  532.456930][   T55] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  532.464964][   T55] Call Trace:
[  532.468413][   T55]  <TASK>
[  532.471375][   T55]  ? process_scheduled_works+0x9ec/0x17a0
[  532.477569][   T55]  process_scheduled_works+0xadb/0x17a0
[  532.483204][   T55]  ? __pfx_process_scheduled_works+0x10/0x10
[  532.489844][   T55]  worker_thread+0x8a0/0xda0
[  532.492794][ T5889] usb 1-1: config 180 has an invalid descriptor of length 0, skipping remainder of the config
[  532.494491][   T55]  kthread+0x70e/0x8a0
[  532.509315][   T55]  ? __pfx_worker_thread+0x10/0x10
[  532.514431][   T55]  ? __pfx_kthread+0x10/0x10
[  532.519081][   T55]  ? __pfx_kthread+0x10/0x10
[  532.523676][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  532.528936][   T55]  ? lockdep_hardirqs_on+0x9c/0x150
[  532.534150][   T55]  ? __pfx_kthread+0x10/0x10
[  532.538969][   T55]  ret_from_fork+0x4b/0x80
[  532.543408][   T55]  ? __pfx_kthread+0x10/0x10
[  532.548043][   T55]  ret_from_fork_asm+0x1a/0x30
[  532.552822][   T55]  </TASK>
[  532.555856][   T55] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  532.563229][   T55] CPU: 1 UID: 0 PID: 55 Comm: kworker/u9:0 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  532.575204][   T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.585261][   T55] Workqueue: hci5 hci_conn_timeout
[  532.590492][   T55] Call Trace:
[  532.593772][   T55]  <TASK>
[  532.596712][   T55]  dump_stack_lvl+0x99/0x250
[  532.601312][   T55]  ? __asan_memcpy+0x40/0x70
[  532.605922][   T55]  ? __pfx_dump_stack_lvl+0x10/0x10
[  532.611138][   T55]  ? __pfx__printk+0x10/0x10
[  532.615737][   T55]  panic+0x2db/0x790
[  532.619642][   T55]  ? __pfx_panic+0x10/0x10
[  532.624085][   T55]  ? ret_from_fork_asm+0x1a/0x30
[  532.629026][   T55]  __warn+0x31b/0x4b0
[  532.633122][   T55]  ? hci_conn_timeout+0xff/0x290
[  532.638066][   T55]  ? hci_conn_timeout+0xff/0x290
[  532.643004][   T55]  report_bug+0x2be/0x4f0
[  532.647425][   T55]  ? hci_conn_timeout+0xff/0x290
[  532.652401][   T55]  ? hci_conn_timeout+0xff/0x290
[  532.657360][   T55]  ? hci_conn_timeout+0x101/0x290
[  532.662404][   T55]  handle_bug+0x84/0x160
[  532.666667][   T55]  exc_invalid_op+0x1a/0x50
[  532.671180][   T55]  asm_exc_invalid_op+0x1a/0x20
[  532.676036][   T55] RIP: 0010:hci_conn_timeout+0xff/0x290
[  532.681603][   T55] Code: 48 89 df e8 63 fc 08 00 eb 07 e8 dc 45 69 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 17 d1 fe ff e8 c2 45 69 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[  532.701309][   T55] RSP: 0018:ffffc9000121faf0 EFLAGS: 00010293
[  532.707386][   T55] RAX: ffffffff8a568a6e RBX: ffff888031b34000 RCX: ffff8880216e5a00
[  532.715484][   T55] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[  532.723468][   T55] RBP: 00000000ffffffff R08: ffff888031b34013 R09: 1ffff11006366802
[  532.731459][   T55] R10: dffffc0000000000 R11: ffffed1006366803 R12: dffffc0000000000
[  532.739469][   T55] R13: ffff88801a1ee018 R14: ffff888031b34948 R15: ffff888031b34010
[  532.747485][   T55]  ? hci_conn_timeout+0xfe/0x290
[  532.752460][   T55]  ? process_scheduled_works+0x9ec/0x17a0
[  532.758212][   T55]  process_scheduled_works+0xadb/0x17a0
[  532.763805][   T55]  ? __pfx_process_scheduled_works+0x10/0x10
[  532.769817][   T55]  worker_thread+0x8a0/0xda0
[  532.774437][   T55]  kthread+0x70e/0x8a0
[  532.778517][   T55]  ? __pfx_worker_thread+0x10/0x10
[  532.783646][   T55]  ? __pfx_kthread+0x10/0x10
[  532.788279][   T55]  ? __pfx_kthread+0x10/0x10
[  532.792882][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  532.798111][   T55]  ? lockdep_hardirqs_on+0x9c/0x150
[  532.803318][   T55]  ? __pfx_kthread+0x10/0x10
[  532.807930][   T55]  ret_from_fork+0x4b/0x80
[  532.812374][   T55]  ? __pfx_kthread+0x10/0x10
[  532.816986][   T55]  ret_from_fork_asm+0x1a/0x30
[  532.821769][   T55]  </TASK>
[  532.825129][   T55] Kernel Offset: disabled
[  532.829467][   T55] Rebooting in 86400 seconds..