last executing test programs:

12.947732837s ago: executing program 4 (id=3091):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x0, 0x0, 0x3, 0x0, 0x1}, 0x48)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
memfd_create(&(0x7f0000000b40)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\xbd/\xd0J\xce=\x924\xc0\x17\x871N:\xb4\xea \x8e\xdelV\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8H\x7fsk\x9cD\xb3w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N', 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="31010000dccd5e08cb060700000800000001090224000100007e000904340102d469e70009058a", @ANYRES8], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioperm(0x100000000005, 0x10000b6, 0x40000001)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_VALIDATE={0x8}]}}}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x10, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r2)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r6, 0x10c, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x158, 0x150, 0x150, 0x0, 0xf8010000, 0x270, 0x238, 0x238, 0x270, 0x238, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "decb585218ebf5805f7356720db1714438ea1c4e4d43886e34ad04218b895e9936aa46525113c03de9cf73687ca94feda35eefade1197a320d00"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)

10.065746436s ago: executing program 4 (id=3098):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0xfe33)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000800), 0x0, 0x0)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000140)={&(0x7f0000000000)=[{0x0, 0xaa01, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0}], 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000000840)=""/102386, 0x18ff2}], 0x1, 0xcde, 0xfffffffe)
getpid()
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000002c0), 0x1c)
sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x80fe)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f0000007bc0)=@multiplanar_userptr={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8f502c54"}, 0x0, 0x2, {0x0}})
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x2, 0x1c9}, &(0x7f0000000340), &(0x7f0000000140))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000300)=ANY=[@ANYRES32=r2], 0x118)
socket$key(0xf, 0x3, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
socket$inet6(0xa, 0x2, 0x0)

8.711401082s ago: executing program 2 (id=3102):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x0, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x656}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x3}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote, 0x4}, {@multicast2}, {@private=0xa010102}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x380000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (fail_nth: 1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18080000000000000000100000b18d264339929d441b3cbd4f5c4da6294f2720702a68e4bee94c34c69207ed52305a73575774cf60e9420013e97472efc25d9daee4e3a9eba8bdc39ef9a0a55aff5a93228a81ec612ba43272d560597c3ff2e93f6c35b7c204224b8313fc2d39cd220b8f"], 0x0}, 0x90)

8.44389502s ago: executing program 0 (id=3103):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x21, 0x4, 0x0, 0x0, 0x84, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@rr={0x7, 0xb, 0xdb, [@broadcast, @empty]}, @noop, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@broadcast}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0xda, [@private=0xa010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
syz_usb_connect(0x0, 0xf5a, &(0x7f0000001580)={{0x12, 0x1, 0x110, 0x5f, 0x5e, 0x1d, 0x8, 0x201e, 0x2009, 0x47a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xf48, 0x4, 0x1, 0xac, 0x0, 0x3, [{{0x9, 0x4, 0x69, 0x7, 0x9, 0x0, 0x70, 0x6a, 0xe, [@uac_as={[@format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x4, 0xf, 0x7f, "33ddb7e617bb7f6f7d"}, @format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x2, 0x2, 0x10, 0x0, "fcab8439c1f5"}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x4, 0x3, 0x4, 0x0, "bb526c", "8e00"}, @as_header={0x7, 0x24, 0x1, 0xf}]}, @generic={0xa0, 0x0, "c650bbdb02a22c8635ea3a228bf220621af4eaa2098b27778a8aefa4a8de577e2442fc61518fae0073a51421e49a3d821c3e6ce0a43727fe5456970f1208d6ca4db0374f894993377d356cd0c394ca648dbc9461ec9f9dc15fbacf8bfaa4742b3a9267c5d87439476e1ad9bb5740e426c02b32e262b146d3bcd6a76d637816783561475ab7699eba86925c49c09090ea8e5b397ac22059fea018be684dd6"}], [{{0x9, 0x5, 0xa, 0x3, 0x40, 0x40, 0x2, 0xee, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x1, 0x7ff}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x4, 0xa}]}}, {{0x9, 0x5, 0xa, 0x1, 0x3ff, 0xa0, 0x5, 0xf, [@generic={0x5f, 0x5, "1ebe942a30236e66314405289862f050aadaa0df860f47ec7791f31f3d3f7bd4574cf77cb1e5893d22a9956d7c0271794796b050f902884cad95d7782139579b938ab3795ea39ac504edea20edd3d02613edf3f4679fab18487c363c31"}]}}, {{0x9, 0x5, 0x9, 0x1, 0x10, 0x5, 0x80, 0x2, [@generic={0x36, 0x6, "55027773f51a359dac7e7b21c427cc79a36eb32468e06cd4cd7411f08b00b5a1e3968b43a66762cc093af693f3ccb96088227aef"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x7bf, 0x3, 0x10, 0x2, [@generic={0x9f, 0x22, "b1ff33d5559cf3c4567282c58cbf847c1221df7642bd9190a59dac5d0e4a22542f0a4956dfb5de8e46da11013af9f9fd67b50e860dfbe179eb2dadeec4aa21cc0a15701be17205cb90334f99a9371b74784435878edf1d6564eaa03b77708d133c523db5d09f5d9a97f5dc42285e173fda25d1845d70ef0e92f3922b1c66f301af578f3f12fc330b9f824cde67fc8c29aa0a66593d0ab53dc637447f80"}]}}, {{0x9, 0x5, 0x8, 0x10, 0x10, 0x3, 0x6c, 0x2, [@generic={0x102, 0x2c, "594d3546ca38c3ac8d9acae0224e063323a87c79905755336c57945229225aa14012e60494bfdc89b72c2a67c0f2ca735ea191aa080e87e9118db711923dcbb01336d1868900ad6ed4285be864fb2b14c0b7a4b13ed74188665465c7d7e8eb8985888b534a69527db9249b1ea2354ac9d834f1b5656aa904e0e42e47e78466ef694c8743909203651b7cefc02f3a0e59138ae46455f335cb4a4a7c560fb6ccda8571072ca0c15356d6cf7ed9ba7c592c200d6696c54884df4e6ae74dc09ae833d3183a64526b93a276cd7e8dd18b5796fefdc4f13aafd23f78e35cae84fdd376883d82096e1a76718ce5e5f0ab34a22b1b1c6dd784e6fdde10e2c033c8f5de4d"}]}}, {{0x9, 0x5, 0x4, 0x2, 0x20, 0x7, 0x1, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x7}]}}, {{0x9, 0x5, 0x6, 0x3, 0x20, 0xea, 0x5, 0x10, [@generic={0xc7, 0x8, "4eb51e5cb3373ba7e44809f6c2b293f8876d545fd0b0ae878f8c7dc4b6ea1400c2906d44ed6491d751ae673b79c6b49ebea4a81fdea743e644874291363a7119e28485ac911f9f4a69e1671515428d070ee7b453793894bc2a80cfcc9dadb6855c6801566a2e5a0660942cfe93665b65c8c6abc7952297c25c305c8003be5840845861bfa730a735df65b2f407c706c27914e8e874b2ffae0f1daa6db4265d84428b432a7f6e447b85175f0bce636e52af415ae97078c0a9e8614e814afd28665ff090dbfc"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x20, 0x0, 0x6, 0x0, [@generic={0x73, 0x31, "6ad52fdee93c47c39598a738144f1b99e8ada42f595838fc7be444b1b1985b5173abde9dbb517f5cb3b4383b9e3c621a46e522a9c7f59fe296b31c4f69067be3147cc0b55ae1a38ef53cdf6035504c077dc630fc7058321479c96f4534b0665f965a7ddeb09a6c49c351894122f07b69a7"}, @generic={0x2b, 0x5, "e70793d24c86c248d42892b3ca2e9f1f0f6bcb3d30df7794a24d4c2c9b31e2a9db53ee34c19c7fae18"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x10, 0x1, 0xd4, 0xf0, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xff, 0x100}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xf, 0x1}]}}]}}, {{0x9, 0x4, 0x7f, 0x6, 0x2, 0x22, 0x46, 0x26, 0x4, [@cdc_ncm={{0x8, 0x24, 0x6, 0x0, 0x1, "29e8a1"}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0xd89c, 0x8001, 0x1, 0x1}, {0x6, 0x24, 0x1a, 0x8001, 0x5}, [@mbim={0xc, 0x24, 0x1b, 0x7ff, 0xc0fa, 0x8, 0xf, 0x10, 0x7}, @dmm={0x7, 0x24, 0x14, 0x6, 0xe00}, @dmm={0x7, 0x24, 0x14, 0x3, 0x5}, @obex={0x5, 0x24, 0x15, 0x4}, @mdlm={0x15, 0x24, 0x12, 0x9}, @country_functional={0xa, 0x24, 0x7, 0x3, 0x1, [0x800, 0x9]}]}], [{{0x9, 0x5, 0xc, 0x2, 0x8, 0x5, 0xcd, 0x9}}, {{0x9, 0x5, 0x2, 0x0, 0x8, 0xc, 0x5, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x9e, 0x4}]}}]}}, {{0x9, 0x4, 0xdb, 0x4, 0xe, 0x64, 0x8a, 0xb9, 0x2, [], [{{0x9, 0x5, 0xc, 0x10, 0x8, 0x0, 0xff, 0x9, [@generic={0xad, 0x11, "e8b71eab5ed001b8d7f7bebcaab074154e2f6c4ebf5374085e6cce5b5ab7563a87e5dff90e2dafa034a25785513ed08dec23bd2fd8dcf2887244f69557cf1d12cd8b4896072f0700a534dcd37c400384133a9222d277f079cfd05ee6a1ff67798461e1f58b688c584dfb27dca45f22961c29ee32d2131c1ab6d2a369f46e3dcdddf983cbedb9c0845c29e338cf9a00e9f584d88a29f586853aa6a2dd8bd36c4c1683c0c077792f24fc56d0"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x3e7, 0x1, 0x2, 0x7f}}, {{0x9, 0x5, 0x1, 0x1, 0x3df, 0x8, 0x7, 0x8, [@generic={0x74, 0x30, "323d87cd7c78eabae7ff6fccb6bce426c82fbeee34194c8eef50be09df48e39e3a6a9ab4f0a1f59a2f0887cbb762c430f64c7749564c43240e0657b2d672c4c8de1a03ddf55b1c8f01a4e6bf59efa1b871d820350af0651fcf6628975ad831cb1e47d96d349d1723869e2c6bf3454d84cc1a"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x6}]}}, {{0x9, 0x5, 0x80, 0x0, 0x10, 0x7, 0x0, 0x6, [@generic={0x1d, 0x22, "2f8414c5ab147ed2c2433331c02ad8ed70adaff59547839e19e478"}, @generic={0x8c, 0xd, "5d99f7f585737c97e46d9ebbb4e3e5125f2fd008a3be920334c86af23a05652d73d10664953ebc8da0e2ccb99cb76a4992347ef3168011ee06bb28702dee9fea79ad1bee479ad6ca2f416a596bce59a19045663d6de93d1aebcf05a05cad727d530b0699406a8fb5775841c8372003711a88cb44279aae4c52bdb8f6af3307d166d16c45376bdd133a3b"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x0, 0xf7, 0xe, 0x6, [@generic={0xdd, 0x9, "ebffaa5b97dcbbb5b472ffc0becbdcd432d8f875566106b827f68036e86114dc608001f23c1cbf55f42d4f371307ff30175c4a15917d803ba15073a069df6c2263923df4072780525e89b6c06bf6defc44a06272e5dc5d29956891f56e69016f6e969341391d8cb53cbaa374efd516c4f43fe4225e02bbfe67f55922099802dc58306bd859f4a37d2a7a66bda9e8275d544a00b3cbb2a6aa898f7f08afbc0f134607c6b52ab904190fb08a0d65b86fae3eda4a8e1962717d00a9b23f7bc37b1526b2846a924fa26ea3a23dbd8503750ac81134181cbfc104a4583a"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x20, 0xc0, 0xff, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x181, 0x5, 0x2}, @generic={0x9a, 0x4, "f41cdb5bdd7918975165f8197890482c8b264d80e44289175bca6ee8de9ccd9b83d42a2a86cf43c83e5bdf014c5650595888cd9b93f0cda2a86bc6459b820135b411f891afc4b2f61e45c031d768c8cbdfcfb8a7aff97059e030302b18040c5426133ef7e7a67d7913a673c76712e5c71c653dcac306311ddc8508ea38c5ae197fa12261d90606ab80e7110f3fa17e14f38547a07cb101bb"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x10, 0x39, 0x1, 0x0, [@generic={0xeb, 0x9, "b8bdce740a3133393f23b806396f20929fd4987a85da659315fa8545ec9d16cc9ff3fbc883b614c289460c62d763860402987f8715aff3c7db8086afeae1aa35a8025d182bb3d21ff1e4879fc3760514efbbd22f16963cee000f824d588e941adc77e4461fef73fd25b7140f6e0f579bfd423f5720471b9c1fd46643840c6bafd0ef2993ef86939a283985277cfa0e82c2f47feecdc487bc284d7f4b7859cee9ffb341e4940830fa6296fcf0861f465343682e126f0f44f0920b9027ae69b8858630fcd25f2e5644252503055a48c27b6e8576801ea6796879905d453aa4a83374835c87b60f134443"}, @generic={0x24, 0x21, "421eb62de077fc537352b0453c38dd864889fee5bd8e4db7a82f78580c52535462a6"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x400, 0x8, 0x9, 0x73}}, {{0x9, 0x5, 0x7, 0x0, 0x10, 0x6, 0x7, 0xb, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x9}]}}, {{0x9, 0x5, 0xc, 0x0, 0x418, 0x6, 0x4, 0x9a, [@generic={0x96, 0x24, "4bb15e77decfdbcb46dc1f0d8e4599c409a1fa742501c2c9d79148552d04e5cf23ede1d7179259993e520d2fedea927305b911dd0efe97664ffbf8ec91eb48a1dd4af830807d0830e2587086be518e1ca36d7313443b0437af7f6c257425f33ff76142b49f81169ed45df010fae61a18582200faec8553c2ebeeab293db119b01dba6bd3f68407cfd76527b4d31ce49e53421393"}]}}, {{0x9, 0x5, 0xc, 0x0, 0x8, 0x8, 0x5, 0x4e}}, {{0x9, 0x5, 0x80, 0x0, 0x20, 0x6a, 0xd, 0xfb, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0x10}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x7f, 0x2}]}}, {{0x9, 0x5, 0xd, 0x4, 0x1ff, 0x5, 0x3, 0x3}}, {{0x9, 0x5, 0x2, 0x10, 0x40, 0x6, 0x1d, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x9, 0x8}, @generic={0x26, 0x23, "c9e7eb8c6c275428cf0c67aae2032165ac12864aa4aae3b2f025e3c4f0fba0219583d0de"}]}}]}}, {{0x9, 0x4, 0x6d, 0x0, 0x8, 0x7b, 0xee, 0x34, 0x8, [@cdc_ecm={{0x7, 0x24, 0x6, 0x0, 0x0, "f149"}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x81, 0x9, 0x8001, 0x8}, [@dmm={0x7, 0x24, 0x14, 0x7, 0x8000}, @obex={0x5, 0x24, 0x15, 0x3}, @obex={0x5, 0x24, 0x15, 0x40}, @network_terminal={0x7, 0x24, 0xa, 0xc, 0x0, 0x8, 0xb8}, @network_terminal={0x7, 0x24, 0xa, 0x9, 0xe4, 0x81}, @network_terminal={0x7, 0x24, 0xa, 0xc7, 0x0, 0xfe, 0x8}]}], [{{0x9, 0x5, 0xf, 0x0, 0x0, 0x3, 0x4, 0xa, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x2, 0x6}, @generic={0x9b, 0xb, "78d38b31fad0875553e52db21325ca275006e63e0518c79c79b3f40fd7ebbc8b3a91a8d6ad0f03a0ced388e500922916f1a69daf0010080734cfff6822bb3d3d4b2e78f1f3dee633959a3ce1bcb72f8f25347c101da6bc75e4e9ac6bc9aa6e51a78606bac69c089f35faf6ba99fad2f4dffdc1a4a886b7904a6782ee8b406520d06fd70a9c40ff1c0e89def93cae190701576c93f70f0afc30"}]}}, {{0x9, 0x5, 0x1, 0x2, 0x20, 0x9, 0x8b, 0x6, [@generic={0xff, 0x0, "b126277862d9395e724a5729207b81d1364461575f08ed9430189ab05fddaba5fcbade1ba65ac4fbca1a0bd3ef6af1e1ec3a4a8ace5b14a92b68749b0f2f4fa4e22a9cc95510f8f377ba512ea0dd17f720906488d0dac0fbd03ea167a8ad203d3f14962a21faa2fd43c684053deaa1c826f707575afe4ac72e7b55af6a4e7bfc5c8eea8c392af1dd0009ead3890f55d2744ec6e3c3591dad1f1f9f428f5f24b89549b9577a19b91d5e258878cda6d287208662e1ee23a10146a7a4a7caec63a3d1b226996ef35545b434c7053d62949fde67862a346dfe89198780632452165ea358a4b07ce6c700d18ab2605007816c34a09a61e75ea219726a455630"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x30, 0x3}]}}, {{0x9, 0x5, 0x8, 0x10, 0x0, 0x8, 0x5, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x7f, 0x2}, @generic={0xd1, 0x9, "2fca6560b3aa9257ad693495e5e0ad464bd656d734d9b1b415059fa7c227b11ef310d880bfad9577e617ec401ac7c308d9a48fe7a3c4693103ba5adf623b002662ecadeba924945e24b80a2bd8d8ada421a41405544bc535d3977b6e75a6100687f40a0414489ef6a7b4afd12133a339d4e2d7ac3e84bda528a5ec70f72fdcc0233d59c39332062aa526209937000b0e224f1fce8d4d078b514f69f03d7c62ee3a9433dc3d9fda1612cc0ec066ee8583f449b1ca0de0270481cfd397a1ed14d33097d534a39c23d8372cba08cfdbbc"}]}}, {{0x9, 0x5, 0x72de9ac993973483, 0x1, 0x7bf, 0x9, 0x30, 0x3, [@generic={0x8e, 0x24, "f112122e60a8a9afc87cb97773f216f4ff7d413f7a7d2b8fd253f5e3c22d070d47e03be29b8c61f2301bd3fef3bc8805709189af61fba9c26bec29eb160a13f6473be5fcf15fd12eb588da1a7fba5fa49771d682cb65af32c76de67a6235c5cd652a6918ec43ce429fb70397114a3b10811c369c9e175ee2f255cc43c3f4a611032ace7dc18ec50e0cc8893f"}]}}, {{0x9, 0x5, 0xe, 0x10, 0x40, 0x3, 0x60, 0x4}}, {{0x9, 0x5, 0x8, 0x0, 0x418, 0xff, 0x9, 0x7f, [@generic={0x6a, 0x1, "bd23a43c5b7fd167733360954613ecf57051e51e4b2855ffd05dcb8a3f6494b36b52a13f497140d098aeb758ed11f5f1e862404de9ef5648ed224964d5510d34ffb790a221941bbf66d5377ecda64eb00b9ef4d6b7bbea2e9942ea2822b03244f6853960721f24d7"}]}}, {{0x9, 0x5, 0x5, 0x1, 0x1bf, 0x3, 0x5}}, {{0x9, 0x5, 0xf, 0x3, 0x3ff, 0x1, 0xe2, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x5, 0xf}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x5, 0x7}]}}]}}]}}]}}, &(0x7f0000002840)={0xa, &(0x7f0000002500)={0xa, 0x6, 0x201, 0x3, 0x10, 0x4, 0x20, 0x9}, 0x7a, &(0x7f00000028c0)={0x5, 0xf, 0x7a, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0xb, "56c800"}, @ss_container_id={0x14, 0x10, 0x4, 0xff, "1ba3000ab81ed519ede310208191445d"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xb, 0x81, 0x1, 0x5}, @ssp_cap={0x24, 0x10, 0xa, 0x9, 0x6, 0x7, 0xf00, 0x0, [0xc0, 0xff0000, 0x3fc0, 0xc030, 0x50, 0xe080]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0x0, 0xff, 0x1000, 0x10}, @ssp_cap={0x14, 0x10, 0xa, 0x10, 0x2, 0x8, 0xf, 0x7, [0xc000, 0xc0c0]}]}, 0x5, [{0x9, &(0x7f00000025c0)=@string={0xd, 0x3, "0037977d56669536849bbd"}}, {0x4, &(0x7f0000002600)=@lang_id={0x4, 0x3, 0x1009}}, {0x4, &(0x7f0000002540)=@string={0x0, 0x3, "1c5bfd4cc7972dce838a6f6d0132c9b1694b17573afbe2d5f8ebfcfe5f68089ef4eb6d69d735138e6b2626cb8b3333a8953a2ae8ae0c4b5b1a129d26d9eacd8d9ae6f293e5c56b78447056cb0cb5ca2cebaf73b80f2918e62644013682367141e678ca6af7ec93181587761a3b4171a423f9a67640b0ca2732d367a8d3"}}, {0xca, &(0x7f0000002680)=@string={0xca, 0x3, "4c576a53fd51a247831a36e8f2188e008cad8cffc12ac3b3c3d5278fc01693f8277b0d3e4226bf6e0fd00239063d11c9e1ea08f7a24289b81199f8bfb7e50cc8b2cdfc154a3c2e92d72adce0e5788fb7b566c8e7e43e004a28052a4bda55ae6f146d421ee802590fbb193c9582112605a57147af3922100627152074ac3e24c542e9b40a3fdc5a98bdb45aef4f31511995fdcf7d90d9d109377091cce2dc7d85e357bcd2474be4437145d090d6222479747fef3478c716459e4721406b51a28e46d260ed2c4a9aed"}}, {0xab, &(0x7f0000002780)=@string={0xab, 0x3, "a7d2d7328c0ed9d2a710ace1d4435d64c7dbc25ba15c4c3810ecdeacc211c6f9cf5e335ac98c7bb45355890fdb01c88b7a4b4a8c2bacdab38261b5b627f5463532b16a9d5ecec9ca5dafc048f385a06394d5b2b1aff3b37e4e96a53a2860e06aede2b175a26a41acf20064767f46912d15b89d9848289deed16b21cb5211d017df7e128c9996c7723ff3ff04597f8c95f919c9b4b108fc6f20a3d3ace69d8909f5f7e2fd96d2b16bf2"}}]})
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)="d80000001a0081044e81f782db4cb9041c1d0800f6007c05e8fe55a108000100ff0016002000034004020000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e665725cfa693c53fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5d4ee6ccd40dd6e4edef3d93452a92954b43370ed7778b10136e8eb585", 0xd8}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x380000b, 0x28011, r2, 0x0)
r4 = dup(r1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_clone3(&(0x7f0000001480)={0x8000880, &(0x7f00000000c0), &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000180), {0xb}, &(0x7f00000003c0)=""/166, 0xa6, &(0x7f0000000480)=""/4096, &(0x7f0000000280)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2, {r2}}, 0x58)
ioctl$SG_BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000001500)={'\x00', 0x0, 0x8, 0x2, 0x6, 0x42, r6})
ioctl$KVM_NMI(r2, 0xae9a)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000040))
write(0xffffffffffffffff, 0x0, 0x0)
r7 = io_uring_setup(0x5c01, &(0x7f0000000240))
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r8, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
setsockopt$inet_sctp6_SCTP_RTOINFO(r8, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x2}, 0x10)
sendto$inet6(r8, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r8, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, 0xe)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x59, 0x77, 0xc, 0x40, 0x9c0, 0x203, 0xd332, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xfa, 0x10, 0xc9}}]}}]}}, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

7.667888667s ago: executing program 2 (id=3104):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0x6e, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=@newsa={0x184, 0x10, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@loopback}, {@in, 0x0, 0x32}, @in6=@private0, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha256-ssse3\x00'}, 0x36}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x10800, 0x0)
r5 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f00000001c0)=0x8)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r7, 0x84, 0x11, &(0x7f00000077c0)={r6}, 0x8)
sendmmsg$inet_sctp(r4, &(0x7f0000001a00)=[{&(0x7f0000000300)=@in6={0xa, 0x4e22, 0xef0, @loopback, 0x4}, 0x1c, &(0x7f00000003c0)=[{&(0x7f00000005c0)="5ff18e77aa1baa08c70bb604605de14ba740e43b09dbe2ea7b3ffe54da68e652d8b7f54f11ba1df61d12bedb6db6103a804c59c741e8061266ee825c5e29680f125b805d184016fe6a0e73e35254cf647b310556ea468fcc32ede26e165c3bc89359360d6a4536cfcdbd2f797ff133c265b43711d84d61d60cd715317bb8785ea5692d7134c99557fc8686e323b719ecf48d99201ca8cc067a9218959ceb4b11f0eedad6387389e57b83ecfadc572582df169c1a27f60b7d90646e613ffd136fba9c5f20ece6387f02251c436f36d69d5813bce60f11491458455bbe6f5e4b06b5280407a1401aa18b3c82c388b2f36e82ee24e4fc90314aa33640afc2bf7ace29372c64d5c1ef603bf7c3c94494e249b44547a69ee2591754867042817c063fa35411a35a2033a9ca27636a05354a0d3b1fd1c7384310a02c77b14ac75ea0e3d7211d86d246f3ec005f92ea2d86b4687c702352fa10d6081593e6a592f34265a25e102d710b621da22888a6629285f4b7b34ae75ebb92af0a2dbd56cca9b3557ed2adb45d9b9ff102cb289e6df52587923efa554962e1dc84b6ab9412c8034bfb2b7a302aab9689b4d3199a70a4bec2927ed7a3e2deb982d09d00f0d339d38ee7dff30967acc18fe4daa95bee385b6628db812c0f5ec1465d0ba64f11acfae19bf065dbec1db5b584bdcc7607cd538dde9e6b7021f74232d8d5823b544616f9096674b5377f45de11357c7615f9dafe36c82517314b62915b776032aa5480a4ab7d2aae7774361a91edec91aff270a62c4ca787b0c92bf6b2a14943637efc73a7f2d2bbf05c60c6d21bf51664bfe30e7e65886e1b7739ae0ade8b5c0ba91013590be7cd6ea4199d14cc974603733fe9a6879a1a0853f5dd5ca17d620f48e55dacac035ba17bb1afc1c8092a0ddde333a1d89aee9d63ad06e0852886c7d60438e3139c13955f614beaf79afde9e22c7f7d00816477ba78c97696422ff6ac6d521bc88c41e919ae8740ff177fe207fb39421ef0cc57c983ce67fa0b2514679700d0564db5f5a4b6becce3efca062b98ee6e34118184b8242f479d52686253de447bb875a4e3aaddbdb5c4d05e937ac9f60fa6819bab43fdd6428096bc732869959a95e912fe69ca65b678bbcf6980f1d9b768633ac0c1888e60edab5ceffbf826ce305449c8cb6bb7323564d1f556ed7f61ccd7cf4c22a604fc13cbb8d5de8d0c46aac95d300bd775a5cda7cff1eef3c559a0b186b0c7bb6e24850e19c30ab3e23db72af43a3cfcbf05bf0b82985956207d7e733b9fb21bde277212d088aec1bb55bf5e6d359050ae65736f550c7c3e81a8066596246c6876dfd09d2cf12c48cedd8e2ef26fd9d71bf2ff3da4c27ba0240565afeafd7bc8b8b4fd56e429955d7a0cefd34e67f6ba859a8f98791a39ee2a3fcbab9717d7803b75787802920977931ae9653b2d1a42d8026137c20d201570c2525c57839d2dad5bb6b5a4986608b0d502b0e8476dd2e1b0ecdb85f4cf8e91701bc2f871c0af28715dc7cd7b63618dc91c434f5775760d4b2c63b3294288d6c43aa176400afe438db470b8170c4ff7e6d6810e4f9100b83a788ae0b1afddc3d46cc2faa8939d32ec0600522371929e42844e29fae6e14d5b1016be0b33b0e02fe53edbbd6632af604e036f0195cdfd1250396497ff78eefa1d8977906cbc3f20dd2d7ae46f3f5b8cf0cf7bff1d8f978c90d3d43b3d097c427716a1a03016ee5577a8374564b733bd6f614ceca8d94dd108c05166ae2b8980bd2864c10dc9fe52a6de70b115fc9b0ac216604f1f71d23ddbde41f778226a320f7562e4bf89f4949c4ddcf5a6e4b86f45912e6e7a7230394f93467031246dad723697ac93a04bcfc6ce07b1cb3b3adcbb11efec8cd05fe7bed1b89c287e7c0b6027cdf81452d0c2da9ec7087ba5beab9e94c6060886038f39de85201ec7b3085d130333e1025f9d67712c524c674338d035fe081b447759bd7ec06473f853aba8d569d2154a4a06a5be0eea8374413a076d06b904597f11842e06a7281e64e4c51ff9c5ee152fc9ea1f85873e047502c5d55e551e7802e9ea3b5d86bbe4e52834c0c069f2e2e9373d16839bf6ac2d015190d9ab531353a5806be3734224bcf3c8f2faa642c856cb45445f03828d53fc928eb11282c81ebdb113130002c3620e7a1822dc8da01ad8a37102ad5fef023bd03c678e2c8e6683c28ebdb6ccc2d6b7ace953a90f9f7895e83a90c138e9d86a04565f2d090eac3ba31436fe6c51d6c974342c29dbb60f2a9355e98f1d63f3f48462bad76fa76db92715cce24a54a81fe260a2e71b794956ec9061224dcb236abd02ab6a3b91d8624e4fb999242e173013552ace97adb5931cb5f080149b69b1727551cd34a214664af516846191c06e9eba964842da1db9b2fa6f11a56cab19547e370615e5fb054af86e1688f63eee8da6870e33e24c6eabe4e4f023eed1eb2986e332fb90246d8667116a7d44073e170f9b0d5c334339e45c294aa6f1840af737f48f7340dba604aadb5f7c71877085091e1dcfc2e9fbea2cf782405e5053ddf5173f6c242caaac77ac40b6db32795171dc97a41ae4de2bfad4226d007f4619f8d6fc825c7181563aa03fecc269969368176df60860521913c64bfb075b98dfd5844b9badf3ea09d44d62b28896036ae6467960643c0907040b73c603c3edb010cf1c594bb299ea32019346ba7895a155af3f0a86619e31550184d55f0ad3410342b69ef7957465d45218fe90a7cad83f6d65200565ef0511fd9229203c5e0264c09fcf466a5797371b8dd95975092c57b1180975836377774abb7dcb2e0f238bafa353aa3c0aed6c4857e8779979c19259f87d4597ca2c955295dfbf7e0fab1ec99f66db44c767eb0352680ad5492af0fde3a4a309c5c68a311964f1744d46e45f3c95d1acd33648b2b367258684139e5e0922555c6ac13013a3ece4dd83092b1c30abf8bf644a0f6e174629f34838139f19c4d927b6c5b63e23cd3fbffc24447a9a3514c512662d14c90f5e15d5b102b111ebb585975c0c82ac51b4c3663fd1747307c7e7ff98c5bad7359dba6fd604badebcd2e19bd37af43a7c1f257ceb0182b94db6c105b367546dd6ab287f086e2c1d6cad2228ca4e64707bf2852b2c9316dd0d8dbf8c05d2f447e6d13f1fbfa54bdb18199c57e8f9596858fcc4320bd8c1ecaae1d8d1b330116fea95fb42654d594750093e58bfddec5df352280cef12608e9b92ace1bf4319b3269f2d1dc942670c7a8494f7c2d6fca9be13232ac761f713c9a0a853be35a0ba10a2df01f3cef3921fe24058b81a38d6a23810af0bf7d15a9a46c3e3d1d39a90e8f423f593a4387864ee31a4c173591408cb34ea802ca21259a0802c60a115ba9455b0450643624a5d1f10b03f5eb054275fb2f3cbc8421e361760320e084c3988842d15d71c69188deba513f96ce728d7b5e4d468ad003d3b2d5438d574bae0fce6b5b9e5036e79c1ae09db1879b35075314408548cb9c7ca60982bfd17b016f811f5f011730c77414996c6911045bb4aa9bef0308ec2a527cbb3878ae98ca023d1916587bb18cb730c800927b4b5e6cef5683d45a703f83ee57da32d12f5ebed9b1c004b5c7880930081b2f3bdd543d363fe30828ae13652e4db2c2edd63d502331c5082787a00894c031fca09f01e853eb1028da371463d5bec2ec40172214d3cb2d24265f04e9f3111ef78236979506603ce135c449f54a9b5998fc5c5c21fde145edb7e0f47b6626647b692ba79ab08a2f7296680f71b09f346f8f211177aaee4c59229d264739282226222ac391d65073640f34c14114d50f02268832e51cbfd1ce707c6c51763e419ee14978820bce3d9fd609ea48d86c06f082d42c2af8a07f50b069ea57d50f8f4387fc301cabc7834c186e6143e28492e8b4ce87a59051995f5ea6d7e78086686017e2309bf494e7d670a746582341133717c228b92f77470ac72c470a6600d47f1918271de73c649936239860d528d8784e705bc141382bdd5cd66fa50ef3cc4258846bcd2c7662829436525e1611eb650db79dbb381811650e7eac1507cb3ac0bb15e66747548a1e5a2f38be14c13d13292d78f197e84cd117a68be23e8a0786f8c6e84d64309dcc0d292d9e75eb6257c574cca1c8b0a96c51cf99fd95c61ab6131c8b4508a5ef0bd63836caa367553f6fdb3942d405b9adb796cb00342f111637c7c8cf985b67e498a1a1f66978f44ba04ce2cddd001e91d5faafbc39d3700cdb8826a22617ed2be4d24d4bddd8307fc85b84c85f7d14f512b9f7400e43b429b7374c0303dd98242f628a8accc413cfbbc5f20ef74023380d58335138b102aac25cd97bdd700c9fc65398fd13e8c0b5fa2a77b83d363d8bda0d97ad0a4191f97c9a35066d304b24c98738dc50376c6adb2286a8e632ceee4410fd831616b456a06c248d01cbfc7be53df28a7ce1fe0be019c4c01917694fe5d22878c62fe068e08d5abf317ae0658f3b1bba3ff15cf55d36171b8f3948b553ad31b25eb7e812e6d75d209ce8e9739376337fac68a25acd45216f0025da055adb2239ebc26ee775f7703fb310f6ff71f18c05ab9dc81d7293e9c6b0ee492fc59d2d081cddf46d7757e7a3480c82b509d57c605b6e42ff2dfd0fc18062610fc91b198673f00e629a9bed6b28d2e11439d40b0c151d45eab1fa2c68c2d59c18a09bc3f0c90e52f5092447fdcd34e00931e7911bcd4fb1857efe77c22c5cc0bd09b0bb6e0c932c48b22a47137fb08255ea3b518a319d2a56c8044fc568069fa9db916eb962b8a7844d1bbe7b4dce193f958a6920d4395ddc28d92553f448c6c3983c48589b516117141727abfc8da0af637e430da1aea83ee94c5eabf75d584d4beed02aadfc33b579c9034381f1bbdcfba5fb47d44a1cf5da84829548be5de7e24f9b4b3ae7296d60b3ac78b39a3424348399370b18d59804fef90817fff21e95fdd3ca9fa314b0d45ae14df74eba4658e32ba2f38f25b9d23409a053e178d48493c312266624660ba93208676f7e47480fd5ccfdd92f6e3dc3dec170d280a8baf4e43f3b26338da27ab9c4c42aba34ca42823d79cd4a0331ebe2150debd6b603e1a3daef3d5c9d1d95a0adda0988b59f56fc89463d02f4a446e2a69084a5951fe18b5fcde5c6d19e04074393002abf1c562c3b8d8688535a4f1ab5cb61061697c8dba1e1d6d42028f24502c3f0d89d1721395c415c075b419bdf54e23a098aad0b2b4d4f339814d92e42bbdc428221c474cb20621a671ed80061e98650d00fedf929116e8890cd61ff018451452a3325e4ca082d38f319873573c5801cda2a066cfc5f66eb81c6256fae2a8308657149b1a803bbeca861f6fb76707730040de38a957a5aeb921c813f64a6893d651c5ab8037f7ad8c0f1ab3d08423e4174c9126a39c18f6cb0a555adf381e277c1f29a370a8fccf343a6219c317ab30d4a7fc1e75aaf0b6e2ac16b299f3a218090d08b7041ff49323c7a8a1d6721104b1941c0a8dd7079449f9d8091a21b7981a8df791aed906d13c078cbca7cca293f18cb5ad056e539e07b8187923ce7eaab7a480e28d4a8f1936c531ea0b4716f94bdd24dd29f35ef6da4b98588bf5f15749ff3c60e856cda699a502918e3aab27bec5db3333e3de919aea42a968bafb79f90658a571a0d4abc64c9969752f5dd1808b26f6e4d55598e501730aee1704330cc3d98496a9e0e0f1a7b02740ba577eb55a16019ec560fff92122b0a3ef872330cffa3eec279c477d", 0x1000}, {&(0x7f0000000380)="3c4ad54e725575be6034e56a44631a557a", 0x11}], 0x2, &(0x7f00000015c0)=[@init={0x18, 0x84, 0x0, {0x6, 0xff, 0x8, 0x2afd}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0xffffffff}}], 0x30, 0x400c800}, {&(0x7f0000001600)=@in={0x2, 0x4e20, @private=0xa010102}, 0x10, &(0x7f0000001940)=[{&(0x7f0000001640)="e0a2a63d46d5a28c690a172f3858f40f4e363d31ddd1dc0a283e3bd7d79b74ad3b1517e29b203c3d65e3089f8bf4", 0x2e}, {&(0x7f0000001680)="85a4d294a5be572f26248f0782f4fe3bb09afe5415e5352914b2864306c86aadd3af8b3ef6ecbb4617cf8e3454c4710cdb6283e6608fbd42edc8dbbeb9a16f6b5b52fe398ba8eb150d991a30003d3aa5cbb6938c386a9d1a623f3a9552fe7e80a0d2a263b3a4e70671e7a229cf3b5595232fae8dcf021025535436b929815f27f1a4b4c25ee207749bdcd77292d25e8a69c6c16490b08207c3b1a3542693923d755c0299881cd86db43bb0367935", 0xae}, {&(0x7f0000001740)="b371e0867e539c04da93c6a0b532080a6bfdd77ce0d41366f43753c0e5410054794cb8b6805380a4e087b64e145aabffcc4aaeefd171c0a36d30f24f0424e4f6325ca688c192edd454ed70ca3d8cb6481ecfe7bb14d0602c8baa75fe06ed9943a1af606bac53a129fe2daa283a8d18c9a82cad2d1cb77131a16f2e10a95b5c3a885d90ac4a8ac3ff2f48b203d26f28b05b451130f0a9f4071fb3e705cf9bbb497f2f282dea9fc661a5f1a525f19484a507167ce3061136c065d1c8d0fe253c467c05d647913581f1b3900ae3cab44e9b7bd5202da4ae", 0xd6}, {&(0x7f0000001840)="bdabe98653dfb2189a9897b37aec750fe7c58997056a4d434b570e709174af73d9e30e7e1147988c5da05fe81cd28fd7eb53260059475bd1f15e0722c5d1b2ceebd0117603a45e7f295d0c614b1876804ab2af7eac675be94406cc0526a2cdfe2473180532a2127ed42ac893ff8d01237e5e96db9af91e2c61354c6ba4a46da4ab3a0ffcf633089f63b80e416ba9e4aec86cd2e70ed6bf58bb16bd1f46deceff1423dc561a30bf07ee014fb986c18960dac8221ff7929a6b662e6db772c9fed706e426b00e843f93f7664e6d558cfca7aba8d0ed7d20601c13d4e6841ac6eaf0ad739a242d441ea35b2c611830", 0xed}], 0x4, &(0x7f0000001980)=[@sndrcv={0x30, 0x84, 0x1, {0xcd56, 0xfff, 0x8007, 0x400, 0x8, 0x9, 0x101, 0x8, r6}}, @prinfo={0x18, 0x84, 0x5, {0x10, 0x7}}], 0x48, 0x8000}], 0x2, 0x10)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r3, 0x0)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$inet(r8, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp={0x44, 0x10, 0xa, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
acct(&(0x7f0000000000)='./file0\x00')
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010200000000000000000000000014000780050014000700000008001240000500000900020073797a3200000000050001000700000011000300686173683a6e65742c6e657400000000050005000a000000050004"], 0x60}}, 0x0)

7.372028005s ago: executing program 4 (id=3106):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000001000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000004380), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x0, &(0x7f0000000200)=0x4)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
connect$pptp(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
socket$netlink(0x10, 0x3, 0x0)
getpeername(0xffffffffffffffff, 0x0, 0x0)
write(r0, &(0x7f0000000000)="0a000000010001", 0x7)

6.543363733s ago: executing program 3 (id=3109):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f139046a23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8bf3145144f8df253f85eb6f1c853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e012533719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c024ed6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df00415312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c556059efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e3e4cd129d5f0cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9ff90400000000000000d64285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f151421ffff57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd113b1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be29010000bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6136497a622d2ca7e72e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000000000009546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f637d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65e000000002a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b31d6dbdca11ee1f4be392176707090de3fb76faa37af5e5690c6db25144fd00ae2bf40d5b353795ebf80d1457a1bb14aa1ad2cf1abf09aed6385f567be2d911b43221841518d6a6480fc7a1c99e65dea002d856facc32996d740a991667c88462ce1e0895322d07d50000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rseq_update\x00', r2}, 0x10)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES32=r4, @ANYRES16], 0x34}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000f1dbdf251a0018b709f1d1184e00000c000600030000000100ae115a1ffa00000827e951bd1705d3908412bf3a76b60ddfb384c98f863795676bb1d3c2ed32df29c3b154273c34d680dff4"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x810)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, r3, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4801)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)={@map, 0xffffffffffffffff, 0x18, 0x0, 0x0, @prog_fd}, 0x20)

5.887061765s ago: executing program 1 (id=3110):
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {0x0, 0x7fff}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2454, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xb], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x6, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x800000, 0x0, 0xa90d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
getdents64(r5, &(0x7f00000000c0)=""/44, 0x2c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0xcc000002, 0x0}, 0x0, 0x8, &(0x7f0000000440))
memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r0, 0x34, 0x400000000000000, 0xa9)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_io_uring_setup(0x360b, &(0x7f0000001040), &(0x7f0000000340)=<r8=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r8, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(0xffffffffffffffff, 0xb15, 0x0, 0x0, 0x0, 0x0)

5.076447629s ago: executing program 4 (id=3111):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x1ff)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095000000000000006535fff527202db32018680b53c3a7747b50e2f9bc819f3fe6a91a35546849cad9fc46c59b8029fb2d1a0a013bda4a290f4e0cc526deef81033e7b4b2245bfd854a7d2e2d9460f26439d134b635a199ad4f46ccbc0a0973181239881baf7ecfe5180d7b144c7d779269f6ac131efc22ff12fbfaee1f6a2a8e59ad280a025715925128cfbeb48cdbf3c73db893730c162a8"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a07, 0x1700)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000000240)=0x60, 0x2)
r8 = socket(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="1802000040000000000000000000000085000000410000008500000007000000950000000000000006ca70bd00a0d9e7d8942f1f94e7c9116d5a0f482116df2d663aec14135d8e4d2343c0923bd5de630d32236195e72e40d7928b7e72e1b33c3e1480fcf19470787a4c1dd8f0c59f44e40ca30383c6c7afc8d7e7c3a5ff5a20252ffbf3e03624ea7fbf7e15e4bbb16c2196acc407c53138b6453618c985080a24f747e7f7078fa6a19d5e533c151ef4c43a7be47dd13c7e8e3fb20c90e35890c1668dcd02481729c5400d244c914c96470816903b637f3863ae9be769de1bec064d14238a557b068b6e3835fd7a552ba97a68eaba7e1bf7c8050b010186725419bfab25980fd28971b51bee4ebd93ff5ce25216feffb999213aa6efa332c24ccfc35e69c9847c7bd1927ea75535799930a909a0378405f6e65a2386d3827b05793b9dfa745b0fe6b15866a89b96645dac8404e51258b2fe718fe817f44f8889d6432986d23cd6e0967ce24209ed1a52c135db8d881fe1f09e78740b41051e34e903be74caa51a7d7e683a"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000600)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, @private0, @mcast2={0xff, 0x3}, 0x7}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x11, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)

4.954020527s ago: executing program 0 (id=3112):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00000014000905000000000000000002000000", @ANYRES32=r2], 0x3c}}, 0x0)

4.586748419s ago: executing program 1 (id=3113):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/52, 0x34}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000001280)=""/4096, 0x1000}], 0x1}}], 0x2, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000004980)=@newtfilter={0x990, 0x2c, 0x0, 0x0, 0x0, {}, [@f_rsvp={{0x9}, {0x960, 0x2, [@TCA_RSVP_POLICE={0x41c, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x304b2875}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x80, 0x7fff, 0x800, 0x80000000, 0x4, 0x40, 0x4, 0xd, 0x8, 0x2f8, 0x5, 0xffff, 0x9, 0x8, 0x3, 0xcb02, 0x4, 0x0, 0x8, 0x7, 0x0, 0x2, 0x4, 0x80, 0x9, 0x800, 0x8, 0x3, 0x80000, 0x5, 0x8, 0x5, 0x800, 0x6c4, 0x4, 0x0, 0x80, 0x3, 0x0, 0x6c77, 0x1, 0x8, 0x2, 0x80000000, 0x1, 0x3, 0x9, 0xe07a, 0xfffff801, 0x24ae, 0xf8, 0x40, 0x200000, 0x1, 0x400, 0x3, 0x77c, 0x4, 0x10, 0xa, 0x101, 0x8, 0x4, 0xb, 0x8, 0x7, 0x9, 0x4, 0xe, 0x3, 0x9, 0x9, 0xc9ab, 0x5, 0x4, 0x8a, 0x10001, 0x76, 0x7, 0x6, 0xffff, 0xa, 0x5, 0x3e1, 0x5, 0x7, 0x2, 0x9, 0x6, 0x80000000, 0x9, 0x7ff, 0x3, 0xd34, 0xd, 0x9, 0x0, 0x400, 0x5c9, 0xe, 0x101, 0x7, 0x2, 0x6, 0x7, 0x5, 0x7, 0x1, 0x7f, 0x6, 0x1e9, 0x8d, 0x2, 0x2, 0x9, 0x8, 0x7, 0x6, 0x9, 0x1ff, 0x1, 0xbc6, 0x2, 0x4, 0x4, 0x8, 0x8441, 0x2, 0xd862, 0x963, 0x0, 0x3f8c, 0x8000, 0x5, 0x64, 0x5, 0xd, 0x101, 0x2, 0x3, 0x5, 0x46e84e58, 0x7f, 0x4, 0x7f, 0x4, 0x5, 0x7, 0x401, 0x7f, 0x9, 0x6, 0xc0, 0x7, 0x2, 0x6, 0xd5, 0x2, 0x6, 0x1, 0xffffffed, 0x0, 0x8, 0x5, 0x1ff, 0x3, 0x7, 0x80, 0xb5fb, 0x5, 0x0, 0x5, 0x1ff, 0x80, 0x7f9f9bb1, 0x0, 0x2, 0x1, 0xc, 0x38a8, 0xc2, 0x8000, 0x8001, 0x92dd, 0x80, 0x30a, 0x2, 0x57f, 0xfffffffe, 0x4, 0x452e, 0x7619, 0x3, 0x0, 0x5, 0x2, 0xbed0, 0x8, 0xbfa6, 0x3, 0x9, 0x8001, 0x4, 0x8, 0x3674, 0x3, 0x101, 0xffff8001, 0x1, 0x3, 0x8, 0x101, 0x800, 0x8, 0x9, 0x7, 0xfffff192, 0xffffffff, 0xd, 0x1, 0x7fff, 0x10, 0x200, 0x5d2, 0x1, 0x1, 0x3, 0x80, 0x80000000, 0xaa, 0x0, 0x5, 0x3, 0x3af773c1, 0xfffffffa, 0x10, 0xdf44678f, 0xc778, 0x7, 0x3, 0x200000, 0x3, 0x10001, 0x5, 0x6, 0x4, 0x401, 0x79, 0x8a, 0x3, 0x9, 0xfffffbb8, 0xffff, 0x7, 0x1000]}]}, @TCA_RSVP_CLASSID={0x8, 0x1, {0x8, 0xfff1}}, @TCA_RSVP_ACT={0x2d0, 0x6, [@m_connmark={0x184, 0x2, 0x0, 0x0, {{0xd}, {0x100, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0x1, 0x2, 0x1, 0x10001}, 0x101}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x5, 0xc, 0x3, 0x8, 0x9}, 0xa3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x401, 0x101, 0x7, 0x7ff, 0x3}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xe9b8, 0x5, 0x8, 0x4}, 0x8001}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9146, 0x2, 0x2, 0xd, 0x9}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x80, 0x156, 0x0, 0x10, 0x1ff}, 0x100}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x5, 0x4, 0x20000000, 0x0, 0x1}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0xfffffffe, 0x6, 0x41, 0xff}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x80000000, 0x7, 0x0, 0xb19b}, 0xfff}}]}, {0x58, 0x6, "e1acf0679064ef81150e06b5444abcd203ace721f840f82feea4c8e51376c14d2e1ab7c135d206c6582e9ae284edab6cdf94b479187dfe595ddfa1130f03b8f3b58b1b5d5d44f1a6a7e1873c9a3c36734407a996"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_vlan={0x6c, 0x4, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xef0}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x141}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xaf2}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x8, 0x80, 0x3, 0xea, 0x9}, 0x2}}]}, {0xb, 0x6, "ba067e09daac79"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_xt={0x5c, 0x4, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0xb827}, @TCA_IPT_INDEX={0x8}, @TCA_IPT_INDEX={0x8, 0x3, 0x1}, @TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}]}, {0x9, 0x6, "f7ffb054ca"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_connmark={0x80, 0x6, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x2, 0x4, 0x9, 0x1}, 0x6}}]}, {0x33, 0x6, "283d7ec09a33628b07131fad02022c44549ffe3d2288044aad949cf66f64cfff3e48525941758e523efb46630404fb"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x5, 0x6, 0x4}, {0xffff73c8, 0x7}, 0x33, 0x2, 0xdf}}, @TCA_RSVP_ACT={0x1e8, 0x6, [@m_connmark={0xac, 0x14, 0x0, 0x0, {{0xd}, {0x4}, {0x79, 0x6, "b23ba49a7fb2d737fba4f157b26f682216d0f05a2be9c0a6e3b4dc549b49476b4a42c8440f3963766993315d53a64e5286bbf8ea77059c96ae84172ebc352d35575cbf32748c147f6c3dc9c6edbc80f69e54f8bb78b159d02552227430e614b6a2f39b7be044c4b958e8b1b5206f6c67693324b312"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_tunnel_key={0xc4, 0x0, 0x0, 0x0, {{0xf}, {0x4}, {0x91, 0x6, "6849ea88eb19cc7c035bb60c1625877cdb1eff953161267bfff2f1b82231390bbb7a9f97a1984e52371dc62b96697e64a1496b8a9d63c0d4f6faae538c14c1cae7e521b9d2874911b487abee91556f7bc3b8fc9b845095fb4deb1908980e1bc1db6f3ca6a72169bde318a9f1c0c3871c5a83e3fe2eb808676e33d042db307ceb4d97da315436a7414dc1d3a325"}, {0xc}, {0xc}}}, @m_simple={0x74, 0x0, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x5, 0x3, '\x00'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0xb, 0x3, 'mirred\x00'}]}, {0x4}, {0xc}, {0xc}}}]}, @TCA_RSVP_PINFO={0x20}, @TCA_RSVP_PINFO={0x20}, @TCA_RSVP_PINFO={0x20}]}}]}, 0x990}}, 0x0)

4.586028027s ago: executing program 0 (id=3114):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
memfd_create(&(0x7f0000000800)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb73V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/[\xbf\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x03\x88\a\xf2\x00`(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\x04\x00\x00\x00\x00\x00\x00\x003\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D\x04\fF\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1du\x8f\n\xbc\x1b\xbe\xc8\x1a1\xbb\xd8\x83l\xa6\xbep\xe8yu\xff\xeaQ#2<\xed\xabqu\x9a\xc2\x94t\xe0&?S\xf3T\xd6\x134\x91`\xf2\xc6\xbe\x0f*\xcb\xa6\xdc\x18bg\xa8*\x01`\xc0[\xc9\xf8\xc8|\a\x94\x1b\xb1\v0Gr\vGP\xb4\x18\xc2\x94U }7\x1cS\xca\xee\x16\x02\x15\x91[\xb1$\x1e\x85w\x18o\x05\xd8\x81&\v\x91`\x11\xd2\x1bp\xad\xfek \xd2ILK\xe3\xf2\xf6\xe5\xa5\xa5\x8eq q\xa8.\x85\x1cC#\xf1\xc5R\x1f\x15\xf7\x90\x12\xaa\xd1\xfe\xf6\xaf\rt\xf5\xd6=d\x19\x10|\x7f\x10R\xe2\xbc\xa6\xfbm\xb0\xcb\xb4\x1b}\x8c\xf2\x9c9\xc9\xf0i\xe0\xac\xc3\x17$\x00'/743, 0x6)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100), 0xfffb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
socket(0x11, 0x3, 0x0)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r5, 0x4068aea3, &(0x7f0000000000)={0xc4})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
setsockopt$sock_int(r6, 0x1, 0x5, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r6, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
ioctl$VIDIOC_QUERY_DV_TIMINGS(r3, 0x80845663, &(0x7f00000003c0)={0x0, @reserved})
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r7, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000005e0001"], 0x1c}], 0x1, 0x0, 0xfffffffffffffe27}, 0x88010)
r8 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a00000008241c00000008000905810300020000000904010000020d00000904010102020d0000090582020800000000090503020002000000e495f6891d0d4b0b1b057640434beed0e45a5620385f0a34074d34eb38ee956550be6b9a5007633808a5c4dd588098488ccc6f9637a1b8fa44e68463bb3cfe815bf59c0c46e9941ff03340494001fd0864f82d115fbada9fc98cb1b1acf4e07018565792fe774e"], 0x0)
syz_usb_control_io$cdc_ncm(r8, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx\x00'}, 0x58)
accept$alg(r9, 0x0, 0x0)

4.525929397s ago: executing program 2 (id=3115):
io_setup(0x20000007, &(0x7f0000000000)=<r0=>0x0)
r1 = socket(0x8, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
io_setup(0x2, &(0x7f0000000040)=<r2=>0x0)
io_destroy(r2)
io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

4.245789893s ago: executing program 2 (id=3116):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0xfe33)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000800), 0x0, 0x0)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000140)={&(0x7f0000000000)=[{0x0, 0xaa01, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0}], 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000000840)=""/102386, 0x18ff2}], 0x1, 0xcde, 0xfffffffe)
getpid()
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000002c0), 0x1c)
sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x80fe)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f0000007bc0)=@multiplanar_userptr={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8f502c54"}, 0x0, 0x2, {0x0}})
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x2, 0x1c9}, &(0x7f0000000340), &(0x7f0000000140))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000300)=ANY=[@ANYRES32=r2], 0x118)
socket$key(0xf, 0x3, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
socket$inet6(0xa, 0x2, 0x0)

3.650799333s ago: executing program 3 (id=3117):
syz_io_uring_setup(0x7934, &(0x7f0000000200), 0x0, 0x0)
socket(0x8000000010, 0x2, 0x0)
pipe(0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000580)=ANY=[@ANYRES16=r0])

3.617451652s ago: executing program 1 (id=3118):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x0, 0x0, 0x3, 0x0, 0x1}, 0x48)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
memfd_create(&(0x7f0000000b40)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\xbd/\xd0J\xce=\x924\xc0\x17\x871N:\xb4\xea \x8e\xdelV\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8H\x7fsk\x9cD\xb3w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N', 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="31010000dccd5e08cb060700000800000001090224000100007e000904340102d469e70009058a", @ANYRES8], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioperm(0x100000000005, 0x10000b6, 0x40000001)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_VALIDATE={0x8}]}}}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x10, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r2)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x158, 0x150, 0x150, 0x0, 0xf8010000, 0x270, 0x238, 0x238, 0x270, 0x238, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "decb585218ebf5805f7356720db1714438ea1c4e4d43886e34ad04218b895e9936aa46525113c03de9cf73687ca94feda35eefade1197a320d00"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)

3.155813918s ago: executing program 4 (id=3119):
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="31010000dccd5e08cb0607000008000000010902", @ANYRES8], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

2.623688691s ago: executing program 3 (id=3120):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x103)
mount$cgroup(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x0, &(0x7f0000000040)={[{@name={'name', 0x3d, 'user_.'}}, {@name={'name', 0x3d, 'user_.'}}]})
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000000000006b1142000000000006000000000000009500000c00000000af7df298783117bd723c5bfd46714a08217d3d0f2c8bdb9e249965cfdbfd2e6f4427eeecd9139d66e6b28b6078c2b28cfa6ea4e4efffabce54e369a256909bbf5a878c10ee8a7e6c12a053b3231421b41f116cb89ad2616246e3462f86982dfed3add07594ce1e21c95d05785f17e79d76552f9eef35be345916223c66"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0xd}, 0x1c)
socket$inet6(0x10, 0x2, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x4c, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x18, "fe94b89fc43c3328eae0cae1f5eba329e6f216"})
splice(r3, 0x0, r1, 0x0, 0x7ffff000, 0x0)

2.217690807s ago: executing program 0 (id=3121):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000001000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000004380), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
connect$pptp(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
socket$netlink(0x10, 0x3, 0x0)
getpeername(0xffffffffffffffff, 0x0, 0x0)
write(r0, &(0x7f0000000000)="0a000000010001", 0x7)

1.905619364s ago: executing program 2 (id=3122):
unshare(0x8a040000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="14"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000a800800014000000002080002400000000e05000300000000000900010073797a30000000000900020073797a3200000000380000000e0a030000000000000000000a0000050900020073797a30000000000900010073797a31000000000900010073797a3000000000140000001100010000000000000000000000000a"], 0xb8}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @loopback, @multicast1}, &(0x7f00000000c0)=0xc)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index=0xa, 0x0, 0x20000001, 0x8020, 0x0, 0x1, {0x401}})
syz_open_dev$sg(0x0, 0x0, 0x8002)
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f0000000400)=""/74, 0x4a, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=@newtclass={0x40, 0x28, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff1}, {}, {0xffff}}, [@tclass_kind_options=@c_taprio={0xb}, @TCA_RATE={0x6, 0x5, {0x0, 0xfe}}, @TCA_RATE={0x6}]}, 0x40}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xc4}, {&(0x7f00000007c0)=""/154, 0x3a}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x10, 0x803, 0x0)
recvfrom$inet6(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
pipe(&(0x7f00000001c0))
write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[], 0xfffffe3e)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@ipv6_newroute={0x38, 0x18, 0x309, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x4, r6}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_ACTION={0x8, 0x1, 0x8}}]}, 0x38}}, 0x0)

1.68336648s ago: executing program 3 (id=3123):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61157400000000006113380000000000bfa000000000000007000000080000002d03010000000000950018b0000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a"], 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (fail_nth: 8)

1.616776674s ago: executing program 1 (id=3124):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00000014000905000000000000000002000000", @ANYRES32=r2], 0x3c}}, 0x0)

1.497276393s ago: executing program 1 (id=3125):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61157400000000006113380000000000bfa000000000000007000000080000002d03010000000000950018b0000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a"], 0x0}, 0x90)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syz_tun\x00'})
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0xfffffffffffffffe, &(0x7f0000001280)=0x5a)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="03000000ffff000000000000080045000030000000000067907800000000ffffffff2100907812000228250000000000000000000000e0000002a41414aa"], 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={r4, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000240)=0x3)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x1406, 0x1}, 0x10}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.045577466s ago: executing program 3 (id=3126):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x656}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x3}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote, 0x4}, {@multicast2}, {@private=0xa010102}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xda, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x380000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18080000000000000000100000b18d264339929d441b3cbd4f5c4da6294f2720702a68e4bee94c34c69207ed52305a73575774cf60e9420013e97472efc25d9daee4e3a9eba8bdc39ef9a0a55aff5a93228a81ec612ba43272d560597c3ff2e93f6c35b7c204224b8313fc2d39cd220b8f2249084f9d985947e0d0ace5961e03e6943f5b4ce95fca462574bf3f1f601f9274c4ce37f2", @ANYRES32, @ANYBLOB="000000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x4, 0xea, &(0x7f0000000340)=""/234}, 0x90)

967.036583ms ago: executing program 2 (id=3127):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f139046a23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8bf3145144f8df253f85eb6f1c853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e012533719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c024ed6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df00415312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c556059efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e3e4cd129d5f0cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9ff90400000000000000d64285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f151421ffff57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd113b1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be29010000bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6136497a622d2ca7e72e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000000000009546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f637d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65e000000002a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b31d6dbdca11ee1f4be392176707090de3fb76faa37af5e5690c6db25144fd00ae2bf40d5b353795ebf80d1457a1bb14aa1ad2cf1abf09aed6385f567be2d911b43221841518d6a6480fc7a1c99e65dea002d856facc32996d740a991667c88462ce1e0895322d07d50000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rseq_update\x00', r2}, 0x10)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES32=r4, @ANYRES16], 0x34}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000f1dbdf251a0018b709f1d1184e00000c000600030000000100ae115a1ffa00000827e951bd1705d3908412bf3a76b60ddfb384c98f863795676bb1d3c2ed32df29c3b154273c34d680dff4"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x810)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, r3, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4801)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)={@map, 0xffffffffffffffff, 0x18, 0x0, 0x0, @prog_fd}, 0x20)

318.636298ms ago: executing program 0 (id=3128):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/52, 0x34}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000001280)=""/4096, 0x1000}], 0x1}}], 0x2, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000004980)=@newtfilter={0xa48, 0x2c, 0x0, 0x0, 0x0, {}, [@f_rsvp={{0x9}, {0xa18, 0x2, [@TCA_RSVP_POLICE={0x41c, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x304b2875}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x80, 0x7fff, 0x800, 0x80000000, 0x4, 0x40, 0x4, 0xd, 0x8, 0x2f8, 0x5, 0xffff, 0x9, 0x8, 0x3, 0xcb02, 0x4, 0x0, 0x8, 0x7, 0x0, 0x2, 0x4, 0x80, 0x9, 0x800, 0x8, 0x3, 0x80000, 0x5, 0x8, 0x5, 0x800, 0x6c4, 0x4, 0x0, 0x80, 0x3, 0x0, 0x6c77, 0x1, 0x8, 0x2, 0x80000000, 0x1, 0x3, 0x9, 0xe07a, 0xfffff801, 0x24ae, 0xf8, 0x40, 0x200000, 0x1, 0x400, 0x3, 0x77c, 0x4, 0x10, 0xa, 0x101, 0x8, 0x4, 0xb, 0x8, 0x7, 0x9, 0x4, 0xe, 0x3, 0x9, 0x9, 0xc9ab, 0x5, 0x4, 0x8a, 0x10001, 0x76, 0x7, 0x6, 0xffff, 0xa, 0x5, 0x3e1, 0x5, 0x7, 0x2, 0x9, 0x6, 0x80000000, 0x9, 0x7ff, 0x3, 0xd34, 0xd, 0x9, 0x0, 0x400, 0x5c9, 0xe, 0x101, 0x7, 0x2, 0x6, 0x7, 0x5, 0x7, 0x1, 0x7f, 0x6, 0x1e9, 0x8d, 0x2, 0x2, 0x9, 0x8, 0x7, 0x6, 0x9, 0x1ff, 0x1, 0xbc6, 0x2, 0x4, 0x4, 0x8, 0x8441, 0x2, 0xd862, 0x963, 0x0, 0x3f8c, 0x8000, 0x5, 0x64, 0x5, 0xd, 0x101, 0x2, 0x3, 0x5, 0x46e84e58, 0x7f, 0x4, 0x7f, 0x4, 0x5, 0x7, 0x401, 0x7f, 0x9, 0x6, 0xc0, 0x7, 0x2, 0x6, 0xd5, 0x2, 0x6, 0x1, 0xffffffed, 0x0, 0x8, 0x5, 0x1ff, 0x3, 0x7, 0x80, 0xb5fb, 0x5, 0x0, 0x5, 0x1ff, 0x80, 0x7f9f9bb1, 0x0, 0x2, 0x1, 0xc, 0x38a8, 0xc2, 0x8000, 0x8001, 0x92dd, 0x80, 0x30a, 0x2, 0x57f, 0xfffffffe, 0x4, 0x452e, 0x7619, 0x3, 0x0, 0x5, 0x2, 0xbed0, 0x8, 0xbfa6, 0x3, 0x9, 0x8001, 0x4, 0x8, 0x3674, 0x3, 0x101, 0xffff8001, 0x1, 0x3, 0x8, 0x101, 0x800, 0x8, 0x9, 0x7, 0xfffff192, 0xffffffff, 0xd, 0x1, 0x7fff, 0x10, 0x200, 0x5d2, 0x1, 0x1, 0x3, 0x80, 0x80000000, 0xaa, 0x0, 0x5, 0x3, 0x3af773c1, 0xfffffffa, 0x10, 0xdf44678f, 0xc778, 0x7, 0x3, 0x200000, 0x3, 0x10001, 0x5, 0x6, 0x4, 0x401, 0x79, 0x8a, 0x3, 0x9, 0xfffffbb8, 0xffff, 0x7, 0x1000]}]}, @TCA_RSVP_CLASSID={0x8, 0x1, {0x8, 0xfff1}}, @TCA_RSVP_ACT={0x2d0, 0x6, [@m_connmark={0x184, 0x2, 0x0, 0x0, {{0xd}, {0x100, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0x1, 0x2, 0x1, 0x10001}, 0x101}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x5, 0xc, 0x3, 0x8, 0x9}, 0xa3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x401, 0x101, 0x7, 0x7ff, 0x3}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xe9b8, 0x5, 0x8, 0x4}, 0x8001}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9146, 0x2, 0x2, 0xd, 0x9}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x80, 0x156, 0x0, 0x10, 0x1ff}, 0x100}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x5, 0x4, 0x20000000, 0x0, 0x1}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0xfffffffe, 0x6, 0x41, 0xff}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x80000000, 0x7, 0x0, 0xb19b}, 0xfff}}]}, {0x58, 0x6, "e1acf0679064ef81150e06b5444abcd203ace721f840f82feea4c8e51376c14d2e1ab7c135d206c6582e9ae284edab6cdf94b479187dfe595ddfa1130f03b8f3b58b1b5d5d44f1a6a7e1873c9a3c36734407a996"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_vlan={0x6c, 0x4, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xef0}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x141}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xaf2}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x8, 0x80, 0x3, 0xea, 0x9}, 0x2}}]}, {0xb, 0x6, "ba067e09daac79"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_xt={0x5c, 0x4, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0xb827}, @TCA_IPT_INDEX={0x8}, @TCA_IPT_INDEX={0x8, 0x3, 0x1}, @TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}]}, {0x9, 0x6, "f7ffb054ca"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_connmark={0x80, 0x6, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x2, 0x4, 0x9, 0x1}, 0x6}}]}, {0x33, 0x6, "283d7ec09a33628b07131fad02022c44549ffe3d2288044aad949cf66f64cfff3e48525941758e523efb46630404fb"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x5, 0x6, 0x4}, {0xffff73c8, 0x7}, 0x33, 0x2, 0xdf}}, @TCA_RSVP_ACT={0x2a0, 0x6, [@m_connmark={0xac, 0x14, 0x0, 0x0, {{0xd}, {0x4}, {0x79, 0x6, "b23ba49a7fb2d737fba4f157b26f682216d0f05a2be9c0a6e3b4dc549b49476b4a42c8440f3963766993315d53a64e5286bbf8ea77059c96ae84172ebc352d35575cbf32748c147f6c3dc9c6edbc80f69e54f8bb78b159d02552227430e614b6a2f39b7be044c4b958e8b1b5206f6c67693324b312"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_simple={0xb8, 0x0, 0x0, 0x0, {{0xb}, {0x60, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0x8, 0x3, 'GPL\x00'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0xa, 0x3, 'wlan1\x00'}]}, {0x2d, 0x6, "6ebf6a8f480d7f161493749ee2ea758bdfb13ff0880b02086623704e10f32a60a24586f82e392ac4f5"}, {0xc}, {0xc}}}, @m_tunnel_key={0xc4, 0x0, 0x0, 0x0, {{0xf}, {0x4}, {0x91, 0x6, "6849ea88eb19cc7c035bb60c1625877cdb1eff953161267bfff2f1b82231390bbb7a9f97a1984e52371dc62b96697e64a1496b8a9d63c0d4f6faae538c14c1cae7e521b9d2874911b487abee91556f7bc3b8fc9b845095fb4deb1908980e1bc1db6f3ca6a72169bde318a9f1c0c3871c5a83e3fe2eb808676e33d042db307ceb4d97da315436a7414dc1d3a325"}, {0xc}, {0xc}}}, @m_simple={0x74, 0x0, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x5, 0x3, '\x00'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0xb, 0x3, 'mirred\x00'}]}, {0x4}, {0xc}, {0xc}}}]}, @TCA_RSVP_PINFO={0x20}, @TCA_RSVP_PINFO={0x20}, @TCA_RSVP_PINFO={0x20}]}}]}, 0xa48}}, 0x0)

303.997728ms ago: executing program 3 (id=3129):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x1ff)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095000000000000006535fff527202db32018680b53c3a7747b50e2f9bc819f3fe6a91a35546849cad9fc46c59b8029fb2d1a0a013bda4a290f4e0cc526deef81033e7b4b2245bfd854a7d2e2d9460f26439d134b635a199ad4f46ccbc0a0973181239881baf7ecfe5180d7b144c7d779269f6ac131efc22ff12fbfaee1f6a2a8e59ad280a025715925128cfbeb48cdbf3c73db893730c162a8"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a07, 0x1700)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000000240)=0x60, 0x2)
r8 = socket(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="1802000040000000000000000000000085000000410000008500000007000000950000000000000006ca70bd00a0d9e7d8942f1f94e7c9116d5a0f482116df2d663aec14135d8e4d2343c0923bd5de630d32236195e72e40d7928b7e72e1b33c3e1480fcf19470787a4c1dd8f0c59f44e40ca30383c6c7afc8d7e7c3a5ff5a20252ffbf3e03624ea7fbf7e15e4bbb16c2196acc407c53138b6453618c985080a24f747e7f7078fa6a19d5e533c151ef4c43a7be47dd13c7e8e3fb20c90e35890c1668dcd02481729c5400d244c914c96470816903b637f3863ae9be769de1bec064d14238a557b068b6e3835fd7a552ba97a68eaba7e1bf7c8050b010186725419bfab25980fd28971b51bee4ebd93ff5ce25216feffb999213aa6efa332c24ccfc35e69c9847c7bd1927ea75535799930a909a0378405f6e65a2386d3827b05793b9dfa745b0fe6b15866a89b96645dac8404e51258b2fe718fe817f44f8889d6432986d23cd6e0967ce24209ed1a52c135db8d881fe1f09e78740b41051e34e903be74caa51a7d7e683a"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000600)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, @private0, @mcast2={0xff, 0x3}, 0x7}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x11, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)

113.895573ms ago: executing program 1 (id=3130):
syz_io_uring_setup(0x7934, &(0x7f0000000200), 0x0, 0x0)
socket(0x8000000010, 0x2, 0x0)
pipe(0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000580)=ANY=[@ANYRES16=r0])

73.648882ms ago: executing program 0 (id=3131):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/tty/drivers\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000000280), 0x0, 0x59dc, 0x0)
syz_emit_vhci(0x0, 0xd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1cc, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_CLASSID={0x8}, @TCA_U32_MARK={0x10}, @TCA_U32_FLAGS={0x8}]}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x130, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x124, 0x6, [@m_connmark={0xc0, 0x0, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{}, 0xffff}}]}, {0x4}, {0xc}, {0xc}}}, @m_skbedit={0x60, 0x10, 0x0, 0x0, {{0xc}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x7, 0x6}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x4}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x4}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xe, 0xe}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x3}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x1cc}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/64, 0x40}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x3)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setparam(0x0, &(0x7f0000000400))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000003a80)={0x0, 0x1c, &(0x7f0000003980)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}]}, &(0x7f0000003ac0)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000576000/0xd000)=nil, 0xd000}})
write$binfmt_aout(r4, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r2], 0xc8)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000400000014001680100008800c000180"], 0x38}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
connect$pppl2tp(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, {0xa, 0x4e20, 0x2, @mcast2, 0xfffffff7}}}, 0x32)
accept4(0xffffffffffffffff, &(0x7f0000000540)=@nl=@unspec, &(0x7f0000000200)=0x80, 0x800)
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r7, &(0x7f0000000100)=ANY=[], 0x1a3)

0s ago: executing program 4 (id=3132):
semget$private(0x0, 0x5, 0x0)
r0 = socket$inet(0x2, 0x6, 0x0)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$inet6(0xa, 0x6, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_smc(0x2b, 0x1, 0x0)
epoll_create1(0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
close(r4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000040)={0x3ff}, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

kernel console output (not intermixed with test programs):

tes leftover after parsing attributes in process `syz.3.2753'.
[ 1134.939715][T16313] random: crng reseeded on system resumption
[ 1135.824303][T16337] FAULT_INJECTION: forcing a failure.
[ 1135.824303][T16337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1135.857919][T16337] CPU: 1 UID: 0 PID: 16337 Comm: syz.2.2764 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1135.868734][T16337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1135.878809][T16337] Call Trace:
[ 1135.882101][T16337]  <TASK>
[ 1135.885042][T16337]  dump_stack_lvl+0x241/0x360
[ 1135.889743][T16337]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1135.894954][T16337]  ? __pfx__printk+0x10/0x10
[ 1135.899560][T16337]  ? __pfx_lock_release+0x10/0x10
[ 1135.904610][T16337]  should_fail_ex+0x3b0/0x4e0
[ 1135.909300][T16337]  _copy_to_user+0x2f/0xb0
[ 1135.913733][T16337]  bpf_test_finish+0x30f/0x8b0
[ 1135.918519][T16337]  ? __pfx_bpf_test_finish+0x10/0x10
[ 1135.923825][T16337]  ? convert_skb_to___skb+0x2d3/0x510
[ 1135.929215][T16337]  bpf_prog_test_run_skb+0xfe5/0x1820
[ 1135.934621][T16337]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1135.940449][T16337]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1135.946271][T16337]  bpf_prog_test_run+0x33a/0x3b0
[ 1135.951240][T16337]  __sys_bpf+0x48d/0x810
[ 1135.955499][T16337]  ? __pfx___sys_bpf+0x10/0x10
[ 1135.960292][T16337]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1135.966291][T16337]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1135.972638][T16337]  ? do_syscall_64+0x100/0x230
[ 1135.977422][T16337]  __x64_sys_bpf+0x7c/0x90
[ 1135.981859][T16337]  do_syscall_64+0xf3/0x230
[ 1135.986386][T16337]  ? clear_bhb_loop+0x35/0x90
[ 1135.991086][T16337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.996999][T16337] RIP: 0033:0x7fe8bbd77299
[ 1136.000188][ T9640] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1136.001417][T16337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1136.028554][T16337] RSP: 002b:00007fe8bcae1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1136.036968][T16337] RAX: ffffffffffffffda RBX: 00007fe8bbf05f80 RCX: 00007fe8bbd77299
[ 1136.044933][T16337] RDX: 0000000000000048 RSI: 00000000200002c0 RDI: 000000000000000a
[ 1136.052895][T16337] RBP: 00007fe8bcae10a0 R08: 0000000000000000 R09: 0000000000000000
[ 1136.060859][T16337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1136.068822][T16337] R13: 000000000000000b R14: 00007fe8bbf05f80 R15: 00007ffd7efdaf58
[ 1136.076798][T16337]  </TASK>
[ 1136.238535][T16343] syz.3.2763: attempt to access beyond end of device
[ 1136.238535][T16343] nbd3: rw=4096, sector=2, nr_sectors = 2 limit=0
[ 1136.252107][T16343] EXT4-fs (nbd3): unable to read superblock
[ 1136.259795][ T9640] usb 5-1: device descriptor read/64, error -71
[ 1136.628626][ T9640] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1136.928426][ T9640] usb 5-1: device descriptor read/64, error -71
[ 1137.001864][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2768'.
[ 1137.068819][ T9640] usb usb5-port1: attempt power cycle
[ 1137.518470][ T9640] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 1137.564889][T16368] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2771'.
[ 1137.606136][ T9640] usb 5-1: device descriptor read/8, error -71
[ 1137.908540][ T9640] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 1137.991172][ T9640] usb 5-1: device descriptor read/8, error -71
[ 1138.069998][    C1] eth0: bad gso: type: 1, size: 1408
[ 1138.148980][ T9640] usb usb5-port1: unable to enumerate USB device
[ 1138.548456][ T9640] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1138.750260][ T9640] usb 5-1: Using ep0 maxpacket: 8
[ 1138.772795][ T9640] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1138.927837][ T9640] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1138.947031][T16391] netlink: 'syz.0.2777': attribute type 11 has an invalid length.
[ 1139.018838][T16392] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2776'.
[ 1139.029241][T16392] netlink: 'syz.2.2776': attribute type 1 has an invalid length.
[ 1139.037442][T16392] netlink: 'syz.2.2776': attribute type 2 has an invalid length.
[ 1139.047525][T16392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2776'.
[ 1139.699923][ T9640] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1139.718402][ T9640] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1139.746254][ T9640] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1139.779028][ T9640] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1139.788148][ T9640] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.915674][T16399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2780'.
[ 1140.140393][ T9640] usb 5-1: GET_CAPABILITIES returned 68
[ 1140.540748][ T9640] usbtmc 5-1:16.0: can't read capabilities
[ 1140.587308][T16402] netlink: 'syz.2.2781': attribute type 4 has an invalid length.
[ 1140.629374][T16402] netlink: 'syz.2.2781': attribute type 4 has an invalid length.
[ 1141.696094][   T46] usb 5-1: USB disconnect, device number 73
[ 1141.780200][T16431] netlink: 'syz.1.2789': attribute type 11 has an invalid length.
[ 1142.369495][T16446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2794'.
[ 1142.433817][T16450] cgroup: name respecified
[ 1142.727523][T16458] netlink: 'syz.3.2798': attribute type 4 has an invalid length.
[ 1142.803352][T16458] netlink: 'syz.3.2798': attribute type 4 has an invalid length.
[ 1143.965733][T16473] netlink: 'syz.0.2801': attribute type 11 has an invalid length.
[ 1144.978514][T14212] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1145.191723][T14212] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1145.234921][T14212] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1145.278701][T14212] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1145.287969][T14212] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1145.322064][T16489] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1145.351237][T14212] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1145.690181][T16507] cgroup: name respecified
[ 1146.100701][   T46] usb 3-1: USB disconnect, device number 75
[ 1148.038456][    T8] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1148.058595][T14210] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1148.258541][T14210] usb 3-1: Using ep0 maxpacket: 32
[ 1148.273258][T14210] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1148.291521][T14210] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1148.307430][T14210] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1148.318025][T14210] usb 3-1: New USB device found, idVendor=057e, idProduct=201e, bcdDevice= 0.00
[ 1148.336260][T14210] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1148.351210][T14210] usb 3-1: config 0 descriptor??
[ 1148.390375][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1148.401852][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1148.412119][    T8] usb 2-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 1148.425586][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1148.499654][T16542] syz.0.2821: attempt to access beyond end of device
[ 1148.499654][T16542] nbd0: rw=4096, sector=2, nr_sectors = 2 limit=0
[ 1148.512892][T16542] EXT4-fs (nbd0): unable to read superblock
[ 1148.545522][    T8] usb 2-1: config 0 descriptor??
[ 1148.975590][T16531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1149.030364][T16531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1149.038402][T16530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1149.079054][T16530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1149.345984][    T8] cougar 0003:060B:700A.000D: item fetching failed at offset 2/5
[ 1149.369525][    T8] cougar 0003:060B:700A.000D: parse failed
[ 1149.398218][    T8] cougar 0003:060B:700A.000D: probe with driver cougar failed with error -22
[ 1149.479508][T14210] nintendo 0003:057E:201E.000E: unknown main item tag 0x0
[ 1149.486712][T14210] nintendo 0003:057E:201E.000E: unknown main item tag 0x0
[ 1149.517065][T14210] nintendo 0003:057E:201E.000E: hidraw0: USB HID v80.00 Device [HID 057e:201e] on usb-dummy_hcd.2-1/input0
[ 1149.785583][T14210] nintendo 0003:057E:201E.000E: Failed to get joycon info; ret=-38
[ 1149.830851][T14212] usb 2-1: USB disconnect, device number 57
[ 1150.062862][T14210] nintendo 0003:057E:201E.000E: Failed to retrieve controller info; ret=-38
[ 1150.163798][T14210] nintendo 0003:057E:201E.000E: Failed to initialize controller; ret=-38
[ 1150.183717][T16560] netlink: 'syz.3.2826': attribute type 4 has an invalid length.
[ 1150.259783][T16563] netlink: 'syz.3.2826': attribute type 4 has an invalid length.
[ 1150.306951][T14210] nintendo 0003:057E:201E.000E: probe - fail = -38
[ 1150.314573][T14210] nintendo 0003:057E:201E.000E: probe with driver nintendo failed with error -38
[ 1150.330839][T14210] usb 3-1: USB disconnect, device number 76
[ 1150.467594][T16574] geneve2: entered promiscuous mode
[ 1150.512034][T16574] geneve2: entered allmulticast mode
[ 1150.723027][ T9472] Bluetooth: hci1: unexpected event for opcode 0x0c47
[ 1150.817858][T16583] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2831'.
[ 1150.983198][ T6324] Bluetooth: (null): Too short H5 packet
[ 1150.999451][ T6324] Bluetooth: (null): Invalid header checksum
[ 1151.015144][ T6324] Bluetooth: (null): Invalid header checksum
[ 1151.090312][ T7997] Bluetooth: (null): Invalid header checksum
[ 1151.206235][ T1118] Bluetooth: (null): Invalid header checksum
[ 1151.311662][   T12] Bluetooth: (null): Invalid header checksum
[ 1151.419655][ T7997] Bluetooth: (null): Invalid header checksum
[ 1153.678485][T14210] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 1153.878559][T14210] usb 5-1: Using ep0 maxpacket: 8
[ 1153.897738][T14210] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1153.938539][T14210] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1153.963660][T14210] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1154.006708][T14210] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1154.062345][T14210] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1154.092309][T14210] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.017378][T14210] usb 5-1: GET_CAPABILITIES returned 0
[ 1155.029040][ T9472] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1155.048683][ T9472] Bluetooth: hci1: Injecting HCI hardware error event
[ 1155.243153][T14210] usbtmc 5-1:16.0: can't read capabilities
[ 1155.423307][T15307] Bluetooth: hci1: hardware error 0x00
[ 1155.642958][T16672] netlink: 'syz.0.2856': attribute type 29 has an invalid length.
[ 1155.884987][T16672] netlink: 'syz.0.2856': attribute type 29 has an invalid length.
[ 1156.149301][T16672] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1156.177200][T16672] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[ 1157.020357][T16688] netlink: 'syz.3.2859': attribute type 3 has an invalid length.
[ 1157.028180][T16688] netlink: 'syz.3.2859': attribute type 4 has an invalid length.
[ 1157.058105][T16688] netlink: 'syz.3.2859': attribute type 7 has an invalid length.
[ 1157.101941][T16688] netlink: 'syz.3.2859': attribute type 8 has an invalid length.
[ 1157.103959][ T5266] usb 5-1: USB disconnect, device number 74
[ 1157.139327][T16688] netlink: 'syz.3.2859': attribute type 7 has an invalid length.
[ 1157.179430][T16688] netlink: 198180 bytes leftover after parsing attributes in process `syz.3.2859'.
[ 1157.227865][T16695] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2862'.
[ 1157.290969][T16695] ��g�G: entered promiscuous mode
[ 1157.528878][T15307] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1158.018536][T14210] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1158.206589][T16718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2869'.
[ 1158.222547][T14210] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1158.249035][T14210] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1158.268690][T14210] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1158.278246][T14210] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1158.306936][T16708] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1158.319638][T14210] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1158.342200][ T6324] Bluetooth: (null): Too short H5 packet
[ 1158.363543][ T6324] Bluetooth: (null): Invalid header checksum
[ 1158.391272][ T6324] Bluetooth: (null): Invalid header checksum
[ 1158.451106][ T6324] Bluetooth: (null): Invalid header checksum
[ 1158.466356][T16721] FAULT_INJECTION: forcing a failure.
[ 1158.466356][T16721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1158.497821][T16721] CPU: 0 UID: 0 PID: 16721 Comm: syz.3.2870 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1158.508634][T16721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1158.518708][T16721] Call Trace:
[ 1158.521999][T16721]  <TASK>
[ 1158.524939][T16721]  dump_stack_lvl+0x241/0x360
[ 1158.529637][T16721]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1158.534847][T16721]  ? __pfx__printk+0x10/0x10
[ 1158.539460][T16721]  should_fail_ex+0x3b0/0x4e0
[ 1158.544157][T16721]  _copy_from_user+0x2f/0xe0
[ 1158.548762][T16721]  move_addr_to_kernel+0x82/0x150
[ 1158.553808][T16721]  copy_msghdr_from_user+0x43e/0x680
[ 1158.559101][T16721]  ? _parse_integer_limit+0x1b5/0x200
[ 1158.564487][T16721]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1158.570319][T16721]  __sys_sendmmsg+0x374/0x740
[ 1158.575029][T16721]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1158.580274][T16721]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1158.586183][T16721]  ? ksys_write+0x23e/0x2c0
[ 1158.590694][T16721]  ? __pfx_lock_release+0x10/0x10
[ 1158.595761][T16721]  ? vfs_write+0x7c4/0xc90
[ 1158.600195][T16721]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1158.605837][T16721]  ? __pfx_vfs_write+0x10/0x10
[ 1158.610631][T16721]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1158.616629][T16721]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1158.622973][T16721]  ? do_syscall_64+0x100/0x230
[ 1158.627752][T16721]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1158.632616][T16721]  do_syscall_64+0xf3/0x230
[ 1158.637132][T16721]  ? clear_bhb_loop+0x35/0x90
[ 1158.641825][T16721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1158.647748][T16721] RIP: 0033:0x7fc062177299
[ 1158.652184][T16721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1158.671807][T16721] RSP: 002b:00007fc062f89048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1158.680416][T16721] RAX: ffffffffffffffda RBX: 00007fc062305f80 RCX: 00007fc062177299
[ 1158.688395][T16721] RDX: 0000000000000001 RSI: 00000000200077c0 RDI: 0000000000000003
[ 1158.696374][T16721] RBP: 00007fc062f890a0 R08: 0000000000000000 R09: 0000000000000000
[ 1158.704350][T16721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1158.712328][T16721] R13: 000000000000000b R14: 00007fc062305f80 R15: 00007fffdcf15008
[ 1158.720326][T16721]  </TASK>
[ 1158.751665][ T7997] Bluetooth: (null): Invalid header checksum
[ 1158.833826][ T6324] Bluetooth: (null): Invalid header checksum
[ 1158.938738][ T7997] Bluetooth: (null): Invalid header checksum
[ 1159.556588][T16733] syz.3.2871: attempt to access beyond end of device
[ 1159.556588][T16733] nbd3: rw=4096, sector=2, nr_sectors = 2 limit=0
[ 1159.569815][T16733] EXT4-fs (nbd3): unable to read superblock
[ 1160.092248][   T58] usb 5-1: USB disconnect, device number 75
[ 1160.648650][ T9640] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1160.720398][    T8] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1160.812521][T16753] FAULT_INJECTION: forcing a failure.
[ 1160.812521][T16753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1160.826108][T16753] CPU: 1 UID: 0 PID: 16753 Comm: syz.4.2880 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1160.836936][T16753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1160.846984][T16753] Call Trace:
[ 1160.850254][T16753]  <TASK>
[ 1160.853176][T16753]  dump_stack_lvl+0x241/0x360
[ 1160.857854][T16753]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1160.863055][T16753]  ? __pfx__printk+0x10/0x10
[ 1160.867667][T16753]  should_fail_ex+0x3b0/0x4e0
[ 1160.872364][T16753]  _copy_from_user+0x2f/0xe0
[ 1160.876955][T16753]  bpf_test_init+0x11f/0x180
[ 1160.881451][ T9640] usb 1-1: Using ep0 maxpacket: 8
[ 1160.881534][T16753]  bpf_prog_test_run_skb+0x2bb/0x1820
[ 1160.891228][ T9640] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1160.891883][T16753]  ? __pfx_lock_release+0x10/0x10
[ 1160.891931][T16753]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1160.904607][ T9640] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1160.906707][T16753]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1160.906739][T16753]  bpf_prog_test_run+0x33a/0x3b0
[ 1160.913224][ T9640] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1160.922222][T16753]  __sys_bpf+0x48d/0x810
[ 1160.922254][T16753]  ? __pfx___sys_bpf+0x10/0x10
[ 1160.922285][T16753]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1160.922311][T16753]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1160.929310][    T8] usb 2-1: Using ep0 maxpacket: 32
[ 1160.933023][T16753]  ? do_syscall_64+0x100/0x230
[ 1160.933058][T16753]  __x64_sys_bpf+0x7c/0x90
[ 1160.978431][T16753]  do_syscall_64+0xf3/0x230
[ 1160.982940][T16753]  ? clear_bhb_loop+0x35/0x90
[ 1160.987630][T16753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1160.993691][T16753] RIP: 0033:0x7f4188577299
[ 1160.998100][T16753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1161.017786][T16753] RSP: 002b:00007f4189269048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1161.026195][T16753] RAX: ffffffffffffffda RBX: 00007f4188705f80 RCX: 00007f4188577299
[ 1161.034159][T16753] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a
[ 1161.042123][T16753] RBP: 00007f41892690a0 R08: 0000000000000000 R09: 0000000000000000
[ 1161.050083][T16753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1161.058045][T16753] R13: 000000000000000b R14: 00007f4188705f80 R15: 00007fff67674d88
[ 1161.066019][T16753]  </TASK>
[ 1161.079614][ T9640] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1161.094421][ T9640] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1161.104089][ T9640] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1161.115569][    T8] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1161.124757][    T8] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1161.165171][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1161.205622][    T8] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1161.229656][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1161.247561][    T8] usb 2-1: Product: syz
[ 1161.257305][    T8] usb 2-1: Manufacturer: syz
[ 1161.268625][    T8] usb 2-1: SerialNumber: syz
[ 1161.369399][ T9640] usb 1-1: GET_CAPABILITIES returned 0
[ 1161.383367][ T9640] usbtmc 1-1:16.0: can't read capabilities
[ 1161.948236][    T8] usb 2-1: 0:2 : does not exist
[ 1161.992210][    T8] usb 2-1: USB disconnect, device number 58
[ 1162.074726][T16767] usbtmc 1-1:16.0: send_request_dev_dep_msg_in returned -90
[ 1162.709775][ T9472] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1162.726169][ T9472] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1162.734934][ T9472] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1162.743214][ T9472] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1162.754741][ T9472] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1162.762816][ T9472] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1162.932771][T15696] udevd[15696]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1163.021674][ T6318] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.257874][ T6318] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.374630][ T6318] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.492610][ T6318] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.583156][T16783] program syz.4.2886 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1163.617707][T16783] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1163.729500][    T8] usb 1-1: USB disconnect, device number 73
[ 1163.923736][T16768] chnl_net:caif_netlink_parms(): no params data found
[ 1164.056503][ T6318] bridge_slave_1: left allmulticast mode
[ 1164.071477][ T6318] bridge_slave_1: left promiscuous mode
[ 1164.091241][ T6318] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1164.134435][ T6318] bridge_slave_0: left allmulticast mode
[ 1164.151839][ T6318] bridge_slave_0: left promiscuous mode
[ 1164.165409][ T6318] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1164.810531][ T9472] Bluetooth: hci5: command tx timeout
[ 1165.566894][ T6318] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1165.584560][ T6318] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1165.600623][ T6318] bond0 (unregistering): Released all slaves
[ 1165.613199][ T6318] bond1 (unregistering): Released all slaves
[ 1165.624551][ T6318] bond2 (unregistering): Released all slaves
[ 1165.652687][T16796] netlink: 'syz.4.2890': attribute type 11 has an invalid length.
[ 1165.667749][T16807] netlink: 340 bytes leftover after parsing attributes in process `syz.1.2892'.
[ 1165.934284][T16768] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1165.969112][T16768] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1166.007137][T16768] bridge_slave_0: entered allmulticast mode
[ 1166.038998][T16768] bridge_slave_0: entered promiscuous mode
[ 1166.127864][T16768] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1166.137832][T16768] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1166.166182][T16768] bridge_slave_1: entered allmulticast mode
[ 1166.174860][T16768] bridge_slave_1: entered promiscuous mode
[ 1166.311743][T16768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1166.326371][T16768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1166.368460][   T58] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1166.376854][ T6318] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1166.386508][    T8] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1166.405702][ T6318] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1166.420322][ T6318] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1166.427918][ T6318] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1166.483427][ T6318] veth1_macvtap: left promiscuous mode
[ 1166.491736][ T6318] veth0_macvtap: left promiscuous mode
[ 1166.499895][ T6318] veth1_vlan: left promiscuous mode
[ 1166.505344][ T6318] veth0_vlan: left promiscuous mode
[ 1166.608479][    T8] usb 5-1: Using ep0 maxpacket: 8
[ 1166.762252][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1166.778426][   T58] usb 4-1: Using ep0 maxpacket: 16
[ 1166.804188][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1166.805157][   T58] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1166.856191][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1166.866558][   T58] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1166.874932][    T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1166.888492][   T58] usb 4-1: Product: syz
[ 1166.892685][   T58] usb 4-1: Manufacturer: syz
[ 1166.897286][   T58] usb 4-1: SerialNumber: syz
[ 1166.903213][ T9472] Bluetooth: hci5: command tx timeout
[ 1166.926630][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1166.948521][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.955269][   T58] usb 4-1: config 0 descriptor??
[ 1166.999472][   T58] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1167.026315][   T58] usb 4-1: Detected FT232H
[ 1167.189801][    T8] usb 5-1: GET_CAPABILITIES returned 0
[ 1167.216430][    T8] usbtmc 5-1:16.0: can't read capabilities
[ 1168.978563][ T9472] Bluetooth: hci5: command tx timeout
[ 1169.987363][   T25] usb 5-1: USB disconnect, device number 76
[ 1170.090089][T16839] program syz.1.2901 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1170.111648][T16839] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1170.239144][   T58] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1170.256204][   T58] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1170.271289][   T58] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[ 1170.313558][   T58] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1170.373738][   T58] usb 4-1: USB disconnect, device number 68
[ 1170.549409][   T58] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1170.570433][   T58] ftdi_sio 4-1:0.0: device disconnected
[ 1171.050497][ T9472] Bluetooth: hci5: command tx timeout
[ 1171.508483][   T25] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[ 1171.702975][   T25] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1171.712498][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1171.740910][   T25] usb 1-1: config 0 descriptor??
[ 1171.755250][   T25] cp210x 1-1:0.0: cp210x converter detected
[ 1171.760324][ T6318] team0 (unregistering): Port device team_slave_1 removed
[ 1171.812045][ T6318] team0 (unregistering): Port device team_slave_0 removed
[ 1172.585960][T16861] netlink: 'syz.1.2905': attribute type 11 has an invalid length.
[ 1172.701549][T16768] team0: Port device team_slave_0 added
[ 1172.750374][T16768] team0: Port device team_slave_1 added
[ 1172.886069][T16768] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1172.893504][T16768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1172.965111][T16768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1172.993336][T16768] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1173.001669][T16768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1173.028794][T16768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1173.068572][T14210] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 1173.131061][   T25] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71
[ 1173.139282][   T25] cp210x 1-1:0.0: querying part number failed
[ 1173.150274][   T25] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1173.166740][   T25] usb 1-1: USB disconnect, device number 74
[ 1173.220139][   T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1173.847885][   T25] cp210x 1-1:0.0: device disconnected
[ 1173.868863][T14210] usb 2-1: Using ep0 maxpacket: 16
[ 1173.885362][T14210] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1173.901621][T14210] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1173.923494][T14210] usb 2-1: Product: syz
[ 1173.938230][T14210] usb 2-1: Manufacturer: syz
[ 1173.944409][T14210] usb 2-1: SerialNumber: syz
[ 1173.986274][T16768] hsr_slave_0: entered promiscuous mode
[ 1173.998674][T14210] usb 2-1: config 0 descriptor??
[ 1174.010679][T14210] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1174.020484][T16768] hsr_slave_1: entered promiscuous mode
[ 1174.038492][T16768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1174.046087][T16768] Cannot create hsr debugfs directory
[ 1174.052765][T14210] usb 2-1: Detected FT232H
[ 1174.889465][   T25] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1177.189231][   T25] usb 5-1: Using ep0 maxpacket: 8
[ 1177.958550][T14210] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1178.017405][   T25] usb 5-1: device descriptor read/all, error -71
[ 1178.026179][T14210] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1178.052095][T14210] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[ 1178.071557][T14210] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1178.110076][T14210] usb 2-1: USB disconnect, device number 59
[ 1178.133311][T14210] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1178.166135][T14210] ftdi_sio 2-1:0.0: device disconnected
[ 1178.181645][ T1260] ieee802154 phy0 wpan0: encryption failed: -22
[ 1178.188088][ T1260] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.308916][T16893] program syz.4.2914 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1178.319667][   T46] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1178.327708][T16893] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1178.528618][   T46] usb 4-1: Using ep0 maxpacket: 16
[ 1178.544306][   T46] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1178.561616][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1178.583672][   T46] usb 4-1: Product: syz
[ 1178.588590][   T46] usb 4-1: Manufacturer: syz
[ 1178.603164][   T46] usb 4-1: SerialNumber: syz
[ 1178.611627][T16902] netlink: 'syz.4.2917': attribute type 11 has an invalid length.
[ 1178.612608][   T46] usb 4-1: config 0 descriptor??
[ 1178.650027][   T46] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1178.668669][   T46] usb 4-1: Detected FT232H
[ 1178.883577][T16768] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1178.903008][T16768] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1178.917766][T16768] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1178.930084][   T46] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1178.956816][   T46] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1178.964606][T16768] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1179.005500][   T46] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[ 1179.031459][   T46] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1179.089521][   T46] usb 4-1: USB disconnect, device number 69
[ 1179.112006][   T46] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1179.303934][   T46] ftdi_sio 4-1:0.0: device disconnected
[ 1180.152844][T16768] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1180.208206][T16768] 8021q: adding VLAN 0 to HW filter on device team0
[ 1180.260135][  T942] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1180.267341][  T942] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1180.286872][T16916] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2921'.
[ 1180.373391][  T942] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1180.380630][  T942] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1180.398970][T16916] can0: slcan on ptm0.
[ 1180.578462][   T46] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1180.631525][T16768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1180.662417][T16915] can0 (unregistered): slcan off ptm0.
[ 1180.778852][   T46] usb 5-1: Using ep0 maxpacket: 8
[ 1180.802462][   T46] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1180.823550][   T46] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1180.837020][   T46] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1180.854918][   T46] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1180.879720][   T46] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1180.890591][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1180.959133][T16937] program syz.1.2926 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1180.997326][T16937] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1181.013352][T16768] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1181.018567][T11039] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[ 1181.107999][T16768] veth0_vlan: entered promiscuous mode
[ 1181.114679][T16942] FAULT_INJECTION: forcing a failure.
[ 1181.114679][T16942] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1181.154684][T16768] veth1_vlan: entered promiscuous mode
[ 1181.158581][   T46] usb 5-1: GET_CAPABILITIES returned 0
[ 1181.165731][T16942] CPU: 1 UID: 0 PID: 16942 Comm: syz.3.2927 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1181.176505][T16942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1181.186579][T16942] Call Trace:
[ 1181.189878][T16942]  <TASK>
[ 1181.192833][T16942]  dump_stack_lvl+0x241/0x360
[ 1181.197543][T16942]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1181.202776][T16942]  ? __pfx__printk+0x10/0x10
[ 1181.206821][T16768] veth0_macvtap: entered promiscuous mode
[ 1181.207373][T16942]  ? __pfx_lock_release+0x10/0x10
[ 1181.218102][T16942]  should_fail_ex+0x3b0/0x4e0
[ 1181.222780][T16942]  _copy_from_user+0x2f/0xe0
[ 1181.227364][T16942]  do_ip_getsockopt+0x205/0x2940
[ 1181.232307][T16942]  ? __pfx_do_ip_getsockopt+0x10/0x10
[ 1181.237692][T16942]  ? __lock_acquire+0x137a/0x2040
[ 1181.242741][T16942]  ? __pfx_lock_acquire+0x10/0x10
[ 1181.247761][T16942]  ? get_pid_task+0x23/0x1f0
[ 1181.252353][T16942]  ip_getsockopt+0xed/0x2e0
[ 1181.256858][T16942]  ? __pfx_ip_getsockopt+0x10/0x10
[ 1181.261979][T16942]  tcp_getsockopt+0x163/0x1c0
[ 1181.266654][T16942]  ? __pfx_tcp_getsockopt+0x10/0x10
[ 1181.271854][T16942]  ? __fget_files+0x29/0x470
[ 1181.276437][T16942]  ? vfs_write+0x7c4/0xc90
[ 1181.280847][T16942]  ? __pfx_lock_release+0x10/0x10
[ 1181.285866][T16942]  ? sock_common_getsockopt+0x2e/0xb0
[ 1181.291234][T16942]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1181.297125][T16942]  do_sock_getsockopt+0x373/0x850
[ 1181.302147][T16942]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1181.307683][T16942]  ? __fget_files+0x3f6/0x470
[ 1181.312367][T16942]  __sys_getsockopt+0x271/0x330
[ 1181.317236][T16942]  ? __pfx___sys_getsockopt+0x10/0x10
[ 1181.322614][T16942]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1181.328944][T16942]  ? do_syscall_64+0x100/0x230
[ 1181.333712][T16942]  __x64_sys_getsockopt+0xb5/0xd0
[ 1181.338737][T16942]  do_syscall_64+0xf3/0x230
[ 1181.343238][T16942]  ? clear_bhb_loop+0x35/0x90
[ 1181.347919][T16942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.353838][T16942] RIP: 0033:0x7fc062177299
[ 1181.358251][T16942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1181.377853][T16942] RSP: 002b:00007fc062f89048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1181.386262][T16942] RAX: ffffffffffffffda RBX: 00007fc062305f80 RCX: 00007fc062177299
[ 1181.394245][T16942] RDX: 0000000000000034 RSI: 0000000000000000 RDI: 0000000000000003
[ 1181.402307][T16942] RBP: 00007fc062f890a0 R08: 00000000200001c0 R09: 0000000000000000
[ 1181.410277][T16942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1181.418246][T16942] R13: 000000000000000b R14: 00007fc062305f80 R15: 00007fffdcf15008
[ 1181.426227][T16942]  </TASK>
[ 1181.448810][   T46] usbtmc 5-1:16.0: can't read capabilities
[ 1181.458462][T11039] usb 1-1: Using ep0 maxpacket: 16
[ 1181.462481][T16768] veth1_macvtap: entered promiscuous mode
[ 1181.473801][T11039] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1181.504710][T11039] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1181.526975][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1181.532462][T11039] usb 1-1: Product: syz
[ 1181.550742][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.574667][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1181.585384][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.599242][T16944] random: crng reseeded on system resumption
[ 1181.616174][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1181.636995][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.657569][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1181.701967][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.738392][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1181.761171][T11039] usb 1-1: Manufacturer: syz
[ 1181.765819][T11039] usb 1-1: SerialNumber: syz
[ 1181.773006][T11039] usb 1-1: config 0 descriptor??
[ 1181.778923][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.790736][T16768] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1181.805216][T11039] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[ 1181.814301][T11039] usb 1-1: Detected FT232H
[ 1181.827203][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1182.915588][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1182.925803][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1182.958383][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1182.969835][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1182.983406][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1182.997846][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1183.008736][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1183.019304][T16768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1183.031906][T16768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1183.044479][T16768] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1183.059097][T16768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.069338][T16768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.079198][T16768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.092354][T16768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.103766][T16952] netlink: 'syz.3.2929': attribute type 10 has an invalid length.
[ 1183.144639][T16952] batman_adv: batadv0: Adding interface: team0
[ 1183.152181][T16952] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1183.189810][T16952] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 1183.225309][T16953] netlink: 'syz.3.2929': attribute type 10 has an invalid length.
[ 1183.233737][T16953] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2929'.
[ 1183.254313][T11039] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1183.262814][T16953] team0: entered promiscuous mode
[ 1183.267997][T16953] team_slave_0: entered promiscuous mode
[ 1183.274032][T11039] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1183.285034][T11039] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[ 1183.293573][T16953] team_slave_1: entered promiscuous mode
[ 1183.302985][T11039] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1183.303751][T16953] 8021q: adding VLAN 0 to HW filter on device team0
[ 1183.325141][T16953] batman_adv: batadv0: Interface activated: team0
[ 1183.334135][T16953] batman_adv: batadv0: Interface deactivated: team0
[ 1183.341553][T11039] usb 1-1: USB disconnect, device number 75
[ 1183.347344][T16953] batman_adv: batadv0: Removing interface: team0
[ 1183.357322][T16953] bridge0: port 3(team0) entered blocking state
[ 1183.373887][T11039] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1183.376929][T16953] bridge0: port 3(team0) entered disabled state
[ 1183.388739][T11039] ftdi_sio 1-1:0.0: device disconnected
[ 1183.399930][T16953] team0: entered allmulticast mode
[ 1183.406297][T16953] team_slave_0: entered allmulticast mode
[ 1183.442257][T16953] team_slave_1: entered allmulticast mode
[ 1183.460533][T16953] bridge0: port 3(team0) entered blocking state
[ 1183.466902][T16953] bridge0: port 3(team0) entered forwarding state
[ 1183.518564][   T25] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1183.581110][ T7994] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1183.618284][ T7994] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1183.652926][ T6326] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1183.683020][ T6326] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1183.708426][   T25] usb 2-1: Using ep0 maxpacket: 16
[ 1183.716900][   T25] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1183.725011][   T25] usb 2-1: can't read configurations, error -61
[ 1183.979854][   T25] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1184.836570][T14210] usb 5-1: USB disconnect, device number 79
[ 1185.087037][   T25] usb 2-1: device not accepting address 61, error -71
[ 1185.342272][   T25] usb usb2-port1: attempt power cycle
[ 1185.798477][T14210] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1186.628429][T14210] usb 5-1: Using ep0 maxpacket: 16
[ 1186.642453][T14210] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1186.661069][T14210] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1186.679582][T14210] usb 5-1: Product: syz
[ 1186.683791][T14210] usb 5-1: Manufacturer: syz
[ 1186.703053][T14210] usb 5-1: SerialNumber: syz
[ 1186.730407][T14210] usb 5-1: config 0 descriptor??
[ 1186.743969][T16988] autofs: Unknown parameter 'no98�����E'
[ 1186.751919][T14210] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[ 1186.780412][T14210] usb 5-1: Detected FT232H
[ 1186.788966][T16990] program syz.0.2937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1186.820862][T16990] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1187.728633][T14210] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1187.750775][T14210] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1187.783933][T14210] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[ 1187.815141][T14210] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1188.004353][T14210] usb 5-1: USB disconnect, device number 80
[ 1188.027233][T14210] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1188.055229][T14210] ftdi_sio 5-1:0.0: device disconnected
[ 1189.628976][T17020] FAULT_INJECTION: forcing a failure.
[ 1189.628976][T17020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1189.675775][T17020] CPU: 1 UID: 0 PID: 17020 Comm: syz.4.2944 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1189.686591][T17020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1189.696669][T17020] Call Trace:
[ 1189.699960][T17020]  <TASK>
[ 1189.702897][T17020]  dump_stack_lvl+0x241/0x360
[ 1189.707608][T17020]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1189.712818][T17020]  ? __pfx__printk+0x10/0x10
[ 1189.717422][T17020]  ? kstrtouint_from_user+0x128/0x190
[ 1189.722801][T17020]  ? __pfx_lock_release+0x10/0x10
[ 1189.727861][T17020]  should_fail_ex+0x3b0/0x4e0
[ 1189.732567][T17020]  _copy_from_user+0x2f/0xe0
[ 1189.737186][T17020]  mptcp_setsockopt+0x1710/0x3bc0
[ 1189.742246][T17020]  ? __pfx_mptcp_setsockopt+0x10/0x10
[ 1189.747649][T17020]  ? __pfx_lock_acquire+0x10/0x10
[ 1189.752695][T17020]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1189.758347][T17020]  ? sock_common_setsockopt+0x37/0xc0
[ 1189.763737][T17020]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1189.769649][T17020]  do_sock_setsockopt+0x3af/0x720
[ 1189.774698][T17020]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1189.780262][T17020]  ? __fget_files+0x29/0x470
[ 1189.784866][T17020]  ? __fget_files+0x3f6/0x470
[ 1189.789550][T17020]  __sys_setsockopt+0x1ae/0x250
[ 1189.794396][T17020]  __x64_sys_setsockopt+0xb5/0xd0
[ 1189.799413][T17020]  do_syscall_64+0xf3/0x230
[ 1189.803908][T17020]  ? clear_bhb_loop+0x35/0x90
[ 1189.808582][T17020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1189.814476][T17020] RIP: 0033:0x7f4188577299
[ 1189.818881][T17020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1189.838657][T17020] RSP: 002b:00007f4187fff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1189.847066][T17020] RAX: ffffffffffffffda RBX: 00007f4188706058 RCX: 00007f4188577299
[ 1189.855036][T17020] RDX: 0000000000000020 RSI: 0000000000000001 RDI: 0000000000000007
[ 1189.862999][T17020] RBP: 00007f4187fff0a0 R08: 0000000000000004 R09: 0000000000000000
[ 1189.870965][T17020] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[ 1189.879016][T17020] R13: 000000000000006e R14: 00007f4188706058 R15: 00007fff67674d88
[ 1189.886988][T17020]  </TASK>
[ 1190.204408][T17029] random: crng reseeded on system resumption
[ 1191.060404][T17039] FAULT_INJECTION: forcing a failure.
[ 1191.060404][T17039] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1191.917276][   T29] audit: type=1326 audit(1722323584.426:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17042 comm="syz.4.2950" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4188577299 code=0x0
[ 1191.918377][T17039] CPU: 0 UID: 0 PID: 17039 Comm: syz.0.2947 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1191.949075][T17039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1191.959148][T17039] Call Trace:
[ 1191.962450][T17039]  <TASK>
[ 1191.965387][T17039]  dump_stack_lvl+0x241/0x360
[ 1191.970093][T17039]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1191.975304][T17039]  ? __pfx__printk+0x10/0x10
[ 1191.979907][T17039]  ? __pfx_lock_release+0x10/0x10
[ 1191.984952][T17039]  should_fail_ex+0x3b0/0x4e0
[ 1191.989645][T17039]  _copy_from_user+0x2f/0xe0
[ 1191.994257][T17039]  copy_msghdr_from_user+0xae/0x680
[ 1191.999475][T17039]  ? _parse_integer_limit+0x1b5/0x200
[ 1192.004872][T17039]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1192.010711][T17039]  __sys_sendmmsg+0x374/0x740
[ 1192.015424][T17039]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1192.020694][T17039]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1192.026609][T17039]  ? ksys_write+0x23e/0x2c0
[ 1192.031133][T17039]  ? __pfx_lock_release+0x10/0x10
[ 1192.036190][T17039]  ? vfs_write+0x7c4/0xc90
[ 1192.040632][T17039]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1192.046292][T17039]  ? __pfx_vfs_write+0x10/0x10
[ 1192.051098][T17039]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1192.057102][T17039]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1192.063452][T17039]  ? do_syscall_64+0x100/0x230
[ 1192.066031][T17047] program syz.4.2950 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1192.068220][T17039]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1192.068252][T17039]  do_syscall_64+0xf3/0x230
[ 1192.086784][T17039]  ? clear_bhb_loop+0x35/0x90
[ 1192.091465][T17039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.091496][T17039] RIP: 0033:0x7f4f03577299
[ 1192.091515][T17039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1192.091530][T17039] RSP: 002b:00007f4f02fde048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1192.091549][T17039] RAX: ffffffffffffffda RBX: 00007f4f03706058 RCX: 00007f4f03577299
[ 1192.104811][T17047] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1192.121734][T17039] RDX: 00000000000003e8 RSI: 0000000020002340 RDI: 0000000000000004
[ 1192.121756][T17039] RBP: 00007f4f02fde0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1192.121769][T17039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1192.121781][T17039] R13: 000000000000006e R14: 00007f4f03706058 R15: 00007ffe6d350bc8
[ 1192.121808][T17039]  </TASK>
[ 1192.705240][    T8] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1192.940220][    T8] usb 4-1: Using ep0 maxpacket: 16
[ 1193.773241][    T8] usb 4-1: device descriptor read/all, error -71
[ 1194.088785][T17067] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2955'.
[ 1194.098623][T11039] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1194.301384][T11039] usb 2-1: Using ep0 maxpacket: 16
[ 1194.315348][T11039] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1194.330678][T11039] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1194.342421][T11039] usb 2-1: Product: syz
[ 1194.346641][T11039] usb 2-1: Manufacturer: syz
[ 1194.354494][T11039] usb 2-1: SerialNumber: syz
[ 1194.374364][T11039] usb 2-1: config 0 descriptor??
[ 1194.383296][T11039] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1194.399704][T11039] usb 2-1: Detected FT232H
[ 1194.645284][T11039] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1194.663953][T11039] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1194.672496][T11039] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[ 1194.685947][T11039] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1194.706025][T11039] usb 2-1: USB disconnect, device number 63
[ 1194.727271][T11039] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1194.765461][T11039] ftdi_sio 2-1:0.0: device disconnected
[ 1194.766670][T17079] slcan: can't register candev
[ 1194.788636][T17079] Falling back ldisc for ptm0.
[ 1195.314434][T17084] 9pnet_fd: Insufficient options for proto=fd
[ 1195.453610][T17086] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1195.453610][T17086] The task syz.1.2959 (17086) triggered the difference, watch for misbehavior.
[ 1195.966652][T17068] FAULT_INJECTION: forcing a failure.
[ 1195.966652][T17068] name failslab, interval 1, probability 0, space 0, times 0
[ 1195.981232][T17068] CPU: 0 UID: 0 PID: 17068 Comm: syz.4.2956 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1195.992025][T17068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1196.002087][T17068] Call Trace:
[ 1196.005373][T17068]  <TASK>
[ 1196.008292][T17068]  dump_stack_lvl+0x241/0x360
[ 1196.012978][T17068]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1196.018168][T17068]  ? __pfx__printk+0x10/0x10
[ 1196.022767][T17068]  ? ref_tracker_alloc+0x332/0x490
[ 1196.027888][T17068]  should_fail_ex+0x3b0/0x4e0
[ 1196.032552][T17068]  ? skb_clone+0x20c/0x390
[ 1196.036953][T17068]  should_failslab+0xac/0x100
[ 1196.041635][T17068]  ? skb_clone+0x20c/0x390
[ 1196.046057][T17068]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 1196.051421][T17068]  skb_clone+0x20c/0x390
[ 1196.055655][T17068]  __netlink_deliver_tap+0x3cc/0x7c0
[ 1196.060952][T17068]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1196.066159][T17068]  netlink_deliver_tap+0x19d/0x1b0
[ 1196.071258][T17068]  __netlink_sendskb+0x60/0xd0
[ 1196.076025][T17068]  netlink_dump+0x97d/0xd80
[ 1196.080549][T17068]  ? __pfx_netlink_dump+0x10/0x10
[ 1196.085587][T17068]  ? __pfx_lock_acquire+0x10/0x10
[ 1196.090713][T17068]  __netlink_dump_start+0x59f/0x780
[ 1196.095930][T17068]  ? __pfx_vxlan_vnifilter_dump+0x10/0x10
[ 1196.101657][T17068]  rtnetlink_rcv_msg+0xb3d/0xcf0
[ 1196.106608][T17068]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1196.112056][T17068]  ? __pfx_rtnl_dumpit+0x10/0x10
[ 1196.116987][T17068]  ? __pfx_vxlan_vnifilter_dump+0x10/0x10
[ 1196.122730][T17068]  netlink_rcv_skb+0x1e3/0x430
[ 1196.127505][T17068]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1196.132955][T17068]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1196.138249][T17068]  ? __rcu_read_unlock+0xa1/0x110
[ 1196.143273][T17068]  netlink_unicast+0x7f0/0x990
[ 1196.148051][T17068]  ? __pfx_netlink_unicast+0x10/0x10
[ 1196.153319][T17068]  ? __virt_addr_valid+0x183/0x530
[ 1196.158429][T17068]  ? __check_object_size+0x49c/0x900
[ 1196.163729][T17068]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1196.168846][T17068]  netlink_sendmsg+0x8e4/0xcb0
[ 1196.173603][T17068]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1196.178890][T17068]  ? __import_iovec+0x536/0x820
[ 1196.183755][T17068]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1196.189047][T17068]  ? security_socket_sendmsg+0x87/0xb0
[ 1196.194498][T17068]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1196.199783][T17068]  __sock_sendmsg+0x221/0x270
[ 1196.204483][T17068]  ____sys_sendmsg+0x525/0x7d0
[ 1196.209256][T17068]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1196.214534][T17068]  __sys_sendmsg+0x2b0/0x3a0
[ 1196.219122][T17068]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1196.224241][T17068]  ? vfs_write+0x7c4/0xc90
[ 1196.228711][T17068]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1196.235027][T17068]  ? do_syscall_64+0x100/0x230
[ 1196.239989][T17068]  ? do_syscall_64+0xb6/0x230
[ 1196.244697][T17068]  do_syscall_64+0xf3/0x230
[ 1196.249198][T17068]  ? clear_bhb_loop+0x35/0x90
[ 1196.253867][T17068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.259760][T17068] RIP: 0033:0x7f4188577299
[ 1196.264183][T17068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1196.283811][T17068] RSP: 002b:00007f4189269048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1196.292346][T17068] RAX: ffffffffffffffda RBX: 00007f4188705f80 RCX: 00007f4188577299
[ 1196.300330][T17068] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005
[ 1196.308322][T17068] RBP: 00007f41892690a0 R08: 0000000000000000 R09: 0000000000000000
[ 1196.316303][T17068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1196.324364][T17068] R13: 000000000000000b R14: 00007f4188705f80 R15: 00007fff67674d88
[ 1196.332443][T17068]  </TASK>
[ 1196.569166][T17096] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1196.585621][T17089] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[ 1196.931398][T17089] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1197.771136][T17108] random: crng reseeded on system resumption
[ 1198.730321][T15307] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1198.740763][T15307] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1198.755394][T15307] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1198.766360][T15307] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1198.775858][T15307] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1198.785401][T15307] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1198.858434][   T46] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1198.882559][T11039] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1198.943733][ T7994] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1199.078441][   T46] usb 2-1: Using ep0 maxpacket: 16
[ 1199.089144][   T46] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1199.108433][   T46] usb 2-1: can't read configurations, error -61
[ 1199.119588][T11039] usb 4-1: Using ep0 maxpacket: 16
[ 1199.133649][T11039] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1199.144486][ T7994] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1199.161042][T11039] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.177955][T11039] usb 4-1: Product: syz
[ 1199.185701][T11039] usb 4-1: Manufacturer: syz
[ 1199.195471][T11039] usb 4-1: SerialNumber: syz
[ 1199.225551][T11039] usb 4-1: config 0 descriptor??
[ 1199.233350][T11039] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1199.242461][T11039] usb 4-1: Detected FT232H
[ 1199.268720][   T46] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1199.344908][ T7994] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1199.492685][T11039] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1199.505781][   T46] usb 2-1: Using ep0 maxpacket: 16
[ 1199.509955][T11039] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1199.540452][T11039] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[ 1199.549602][   T46] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1199.557210][   T46] usb 2-1: can't read configurations, error -61
[ 1199.568794][   T46] usb usb2-port1: attempt power cycle
[ 1199.576905][T11039] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1199.578744][ T7994] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1199.606349][T11039] usb 4-1: USB disconnect, device number 72
[ 1199.658194][T11039] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1199.701911][T11039] ftdi_sio 4-1:0.0: device disconnected
[ 1199.796505][T17134] FAULT_INJECTION: forcing a failure.
[ 1199.796505][T17134] name failslab, interval 1, probability 0, space 0, times 0
[ 1199.809340][T17134] CPU: 1 UID: 0 PID: 17134 Comm: syz.4.2973 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1199.820230][T17134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1199.830309][T17134] Call Trace:
[ 1199.833624][T17134]  <TASK>
[ 1199.836575][T17134]  dump_stack_lvl+0x241/0x360
[ 1199.841285][T17134]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1199.846510][T17134]  ? __pfx__printk+0x10/0x10
[ 1199.851145][T17134]  ? fs_reclaim_acquire+0x93/0x140
[ 1199.856279][T17134]  ? __pfx___might_resched+0x10/0x10
[ 1199.861591][T17134]  should_fail_ex+0x3b0/0x4e0
[ 1199.866305][T17134]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1199.872056][T17134]  should_failslab+0xac/0x100
[ 1199.876798][T17134]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1199.882548][T17134]  __kmalloc_noprof+0xd8/0x400
[ 1199.887351][T17134]  ? kfree+0x4e/0x360
[ 1199.891366][T17134]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1199.896951][T17134]  tomoyo_path_number_perm+0x23a/0x880
[ 1199.902425][T17134]  ? tomoyo_path_number_perm+0x208/0x880
[ 1199.908134][T17134]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1199.914119][T17134]  ? __fget_files+0x29/0x470
[ 1199.918710][T17134]  ? __fget_files+0x3f6/0x470
[ 1199.923403][T17134]  ? __fget_files+0x29/0x470
[ 1199.928002][T17134]  security_file_ioctl+0x75/0xb0
[ 1199.932932][T17134]  __se_sys_ioctl+0x47/0x170
[ 1199.937516][T17134]  do_syscall_64+0xf3/0x230
[ 1199.942023][T17134]  ? clear_bhb_loop+0x35/0x90
[ 1199.946690][T17134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.952580][T17134] RIP: 0033:0x7f4188577299
[ 1199.956987][T17134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1199.976688][T17134] RSP: 002b:00007f4189269048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1199.985108][T17134] RAX: ffffffffffffffda RBX: 00007f4188705f80 RCX: 00007f4188577299
[ 1199.993249][T17134] RDX: 0000000020000900 RSI: 00000000000089f1 RDI: 0000000000000004
[ 1200.001207][T17134] RBP: 00007f41892690a0 R08: 0000000000000000 R09: 0000000000000000
[ 1200.009170][T17134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1200.017124][T17134] R13: 000000000000000b R14: 00007f4188705f80 R15: 00007fff67674d88
[ 1200.025099][T17134]  </TASK>
[ 1200.070882][T17134] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1200.098447][   T46] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1200.113795][T17122] chnl_net:caif_netlink_parms(): no params data found
[ 1200.129488][   T46] usb 2-1: Using ep0 maxpacket: 16
[ 1200.143027][   T46] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1200.160458][   T46] usb 2-1: can't read configurations, error -61
[ 1200.302076][ T7994] bridge_slave_1: left allmulticast mode
[ 1200.307771][ T7994] bridge_slave_1: left promiscuous mode
[ 1200.326246][ T7994] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1200.338767][   T46] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1200.369277][ T7994] bridge_slave_0: left allmulticast mode
[ 1200.375508][ T7994] bridge_slave_0: left promiscuous mode
[ 1200.388758][ T7994] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1200.399642][   T46] usb 2-1: Using ep0 maxpacket: 16
[ 1200.407599][   T46] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1200.422011][   T46] usb 2-1: can't read configurations, error -61
[ 1200.444144][   T46] usb usb2-port1: unable to enumerate USB device
[ 1200.449678][T17145] cgroup: name respecified
[ 1200.898746][ T9472] Bluetooth: hci5: command tx timeout
[ 1201.438092][ T7994] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1201.460428][ T7994] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1202.921157][ T7994] bond0 (unregistering): Released all slaves
[ 1203.007213][ T9472] Bluetooth: hci5: command tx timeout
[ 1203.817470][ T9472] Bluetooth: hci2: unexpected event for opcode 0x0c47
[ 1204.058185][T17122] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1204.072848][T17122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1204.087885][T17122] bridge_slave_0: entered allmulticast mode
[ 1204.111008][T17122] bridge_slave_0: entered promiscuous mode
[ 1204.118392][T11039] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1204.127150][T17122] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1204.136559][T17122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1204.162964][T17122] bridge_slave_1: entered allmulticast mode
[ 1204.174175][T17122] bridge_slave_1: entered promiscuous mode
[ 1204.186896][T17189] random: crng reseeded on system resumption
[ 1204.273157][ T7994] hsr_slave_0: left promiscuous mode
[ 1204.306858][ T7994] hsr_slave_1: left promiscuous mode
[ 1204.314648][ T7994] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1204.330037][ T7994] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1204.339648][T11039] usb 2-1: Using ep0 maxpacket: 16
[ 1204.361073][T11039] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1204.384801][T11039] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1204.395002][T11039] usb 2-1: Product: syz
[ 1204.399170][ T7994] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1204.399200][ T7994] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1204.428429][T11039] usb 2-1: Manufacturer: syz
[ 1204.435302][T11039] usb 2-1: SerialNumber: syz
[ 1204.450417][T11039] usb 2-1: config 0 descriptor??
[ 1204.459765][T11039] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1204.475234][T11039] usb 2-1: Detected FT232H
[ 1204.484205][T17199] FAULT_INJECTION: forcing a failure.
[ 1204.484205][T17199] name failslab, interval 1, probability 0, space 0, times 0
[ 1204.499753][T17199] CPU: 0 UID: 0 PID: 17199 Comm: syz.4.2992 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1204.508564][ T7994] veth1_macvtap: left promiscuous mode
[ 1204.510624][T17199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1204.516131][ T7994] veth0_macvtap: left promiscuous mode
[ 1204.526091][T17199] Call Trace:
[ 1204.526102][T17199]  <TASK>
[ 1204.526112][T17199]  dump_stack_lvl+0x241/0x360
[ 1204.526144][T17199]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1204.526166][T17199]  ? __pfx__printk+0x10/0x10
[ 1204.526190][T17199]  ? fs_reclaim_acquire+0x93/0x140
[ 1204.557409][T17199]  ? __pfx___might_resched+0x10/0x10
[ 1204.562725][T17199]  should_fail_ex+0x3b0/0x4e0
[ 1204.567412][T17199]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1204.573129][T17199]  should_failslab+0xac/0x100
[ 1204.577803][T17199]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1204.583519][T17199]  __kmalloc_noprof+0xd8/0x400
[ 1204.588290][T17199]  ? kfree+0x4e/0x360
[ 1204.592285][T17199]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1204.597839][T17199]  tomoyo_path_number_perm+0x23a/0x880
[ 1204.603297][T17199]  ? tomoyo_path_number_perm+0x208/0x880
[ 1204.608927][T17199]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1204.615018][T17199]  ? __fget_files+0x29/0x470
[ 1204.619613][T17199]  ? __fget_files+0x3f6/0x470
[ 1204.624280][T17199]  ? __fget_files+0x29/0x470
[ 1204.628866][T17199]  security_file_ioctl+0x75/0xb0
[ 1204.633801][T17199]  __se_sys_ioctl+0x47/0x170
[ 1204.638385][T17199]  do_syscall_64+0xf3/0x230
[ 1204.642883][T17199]  ? clear_bhb_loop+0x35/0x90
[ 1204.647557][T17199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.653443][T17199] RIP: 0033:0x7f4188577299
[ 1204.657937][T17199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1204.677542][T17199] RSP: 002b:00007f4189269048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1204.685955][T17199] RAX: ffffffffffffffda RBX: 00007f4188705f80 RCX: 00007f4188577299
[ 1204.693923][T17199] RDX: 0000000020000000 RSI: 0000000000005420 RDI: 0000000000000003
[ 1204.701892][T17199] RBP: 00007f41892690a0 R08: 0000000000000000 R09: 0000000000000000
[ 1204.709857][T17199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1204.717823][T17199] R13: 000000000000000b R14: 00007f4188705f80 R15: 00007fff67674d88
[ 1204.725799][T17199]  </TASK>
[ 1204.740497][ T7994] veth1_vlan: left promiscuous mode
[ 1204.745858][ T7994] veth0_vlan: left promiscuous mode
[ 1204.786005][T17199] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1204.859059][T11039] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1204.871903][T11039] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1204.913719][T11039] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[ 1204.924729][T11039] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1204.936203][T11039] usb 2-1: USB disconnect, device number 68
[ 1204.948803][T11039] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1204.964638][T11039] ftdi_sio 2-1:0.0: device disconnected
[ 1205.014838][T17203] cgroup: name respecified
[ 1205.049957][T15307] Bluetooth: hci5: command tx timeout
[ 1205.170441][   T25] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1205.363648][   T25] usb 4-1: Using ep0 maxpacket: 16
[ 1205.371717][   T25] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1205.390869][   T25] usb 4-1: can't read configurations, error -61
[ 1205.619729][   T25] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[ 1205.968427][   T25] usb 4-1: Using ep0 maxpacket: 16
[ 1205.974785][ T7994] team0 (unregistering): Port device team_slave_1 removed
[ 1205.976241][   T25] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1205.992492][   T25] usb 4-1: can't read configurations, error -61
[ 1205.999470][   T25] usb usb4-port1: attempt power cycle
[ 1206.049694][ T7994] team0 (unregistering): Port device team_slave_0 removed
[ 1206.467914][   T25] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1206.524632][   T25] usb 4-1: Using ep0 maxpacket: 16
[ 1206.555815][   T25] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1206.586946][   T25] usb 4-1: can't read configurations, error -61
[ 1206.808748][   T25] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[ 1206.851286][   T25] usb 4-1: Using ep0 maxpacket: 16
[ 1206.880723][   T25] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1206.890008][   T25] usb 4-1: can't read configurations, error -61
[ 1206.898722][   T25] usb usb4-port1: unable to enumerate USB device
[ 1207.130197][T15307] Bluetooth: hci5: command tx timeout
[ 1207.492016][T17122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1207.533288][T17122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1207.643423][T17122] team0: Port device team_slave_0 added
[ 1207.683555][T17122] team0: Port device team_slave_1 added
[ 1207.703410][T17231] FAULT_INJECTION: forcing a failure.
[ 1207.703410][T17231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1207.738111][T17231] CPU: 1 UID: 0 PID: 17231 Comm: syz.0.3001 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1207.748924][T17231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1207.758993][T17231] Call Trace:
[ 1207.762278][T17231]  <TASK>
[ 1207.765213][T17231]  dump_stack_lvl+0x241/0x360
[ 1207.769892][T17231]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1207.775077][T17231]  ? __pfx__printk+0x10/0x10
[ 1207.779652][T17231]  ? __pfx_lock_release+0x10/0x10
[ 1207.784663][T17231]  should_fail_ex+0x3b0/0x4e0
[ 1207.789343][T17231]  _copy_from_user+0x2f/0xe0
[ 1207.793944][T17231]  do_replace+0xe8/0x5b0
[ 1207.798181][T17231]  ? __pfx_lock_release+0x10/0x10
[ 1207.803203][T17231]  ? __pfx_do_replace+0x10/0x10
[ 1207.808049][T17231]  ? bpf_lsm_capable+0x9/0x10
[ 1207.812715][T17231]  ? security_capable+0x90/0xb0
[ 1207.817568][T17231]  do_ebt_set_ctl+0x2d5/0x17d0
[ 1207.822322][T17231]  ? release_sock+0x30/0x1f0
[ 1207.826913][T17231]  ? __lock_acquire+0x137a/0x2040
[ 1207.832020][T17231]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[ 1207.837225][T17231]  ? __pfx___might_resched+0x10/0x10
[ 1207.842519][T17231]  ? nf_setsockopt+0x240/0x2c0
[ 1207.847288][T17231]  ? __pfx_lock_release+0x10/0x10
[ 1207.852405][T17231]  ? rcu_is_watching+0x15/0xb0
[ 1207.857174][T17231]  ? trace_contention_end+0x3c/0x120
[ 1207.862455][T17231]  ? __mutex_lock+0x2ef/0xd70
[ 1207.867145][T17231]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1207.872785][T17231]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 1207.878173][T17231]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1207.884166][T17231]  nf_setsockopt+0x295/0x2c0
[ 1207.888789][T17231]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1207.894680][T17231]  do_sock_setsockopt+0x3af/0x720
[ 1207.899706][T17231]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1207.905246][T17231]  ? __fget_files+0x29/0x470
[ 1207.909831][T17231]  ? __fget_files+0x3f6/0x470
[ 1207.914506][T17231]  __sys_setsockopt+0x1ae/0x250
[ 1207.919351][T17231]  __x64_sys_setsockopt+0xb5/0xd0
[ 1207.924389][T17231]  do_syscall_64+0xf3/0x230
[ 1207.928903][T17231]  ? clear_bhb_loop+0x35/0x90
[ 1207.933587][T17231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.939481][T17231] RIP: 0033:0x7f4f03577299
[ 1207.943895][T17231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1207.963505][T17231] RSP: 002b:00007f4f02fff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1207.971919][T17231] RAX: ffffffffffffffda RBX: 00007f4f03705f80 RCX: 00007f4f03577299
[ 1207.979882][T17231] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003
[ 1207.987843][T17231] RBP: 00007f4f02fff0a0 R08: 0000000000000108 R09: 0000000000000000
[ 1207.995830][T17231] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1208.003804][T17231] R13: 000000000000000b R14: 00007f4f03705f80 R15: 00007ffe6d350bc8
[ 1208.011786][T17231]  </TASK>
[ 1208.019984][T15307] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1208.029040][T15307] Bluetooth: hci2: Injecting HCI hardware error event
[ 1208.039484][T15307] Bluetooth: hci2: hardware error 0x00
[ 1208.102999][T17122] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1208.136531][T17122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1208.197519][T17122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1208.212328][T17122] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1208.233530][T17122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1208.306561][T17122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1209.709353][T11039] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1209.804230][T17253] random: crng reseeded on system resumption
[ 1209.832521][T17122] hsr_slave_0: entered promiscuous mode
[ 1209.855785][T17122] hsr_slave_1: entered promiscuous mode
[ 1209.871061][T17122] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1209.888478][T17122] Cannot create hsr debugfs directory
[ 1209.938410][T11039] usb 1-1: Using ep0 maxpacket: 16
[ 1209.950836][T11039] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1209.985798][T11039] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1210.026224][T11039] usb 1-1: Product: syz
[ 1210.042951][T11039] usb 1-1: Manufacturer: syz
[ 1210.061172][T11039] usb 1-1: SerialNumber: syz
[ 1210.088569][T15307] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1210.137425][T11039] usb 1-1: config 0 descriptor??
[ 1210.167187][T11039] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[ 1210.207779][T11039] usb 1-1: Detected FT232H
[ 1210.377357][T11039] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1210.437575][T11039] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1210.450188][T11039] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[ 1210.466986][T11039] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1210.483690][T11039] usb 1-1: USB disconnect, device number 76
[ 1210.507677][T11039] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1210.528150][T11039] ftdi_sio 1-1:0.0: device disconnected
[ 1210.568261][   T29] audit: type=1326 audit(1722323603.076:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.600168][   T29] audit: type=1326 audit(1722323603.076:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.650547][   T29] audit: type=1326 audit(1722323603.086:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.652007][T17265] program syz.1.3010 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1210.696992][T17265] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1210.723125][    T8] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1210.760633][   T29] audit: type=1326 audit(1722323603.086:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.838608][   T29] audit: type=1326 audit(1722323603.086:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.860814][   T29] audit: type=1326 audit(1722323603.086:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.867070][T17122] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1210.942106][    T8] usb 4-1: Using ep0 maxpacket: 16
[ 1210.955806][    T8] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1210.970123][   T29] audit: type=1326 audit(1722323603.296:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1210.980749][    T8] usb 4-1: can't read configurations, error -61
[ 1211.011012][T17122] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1211.031594][T17271] cgroup: name respecified
[ 1211.034898][T17122] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1211.067946][T17122] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1211.083252][   T29] audit: type=1326 audit(1722323603.296:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17260 comm="syz.1.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1211.188573][    T8] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[ 1211.471506][    T8] usb 4-1: Using ep0 maxpacket: 16
[ 1211.631116][    T8] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1211.815938][    T8] usb 4-1: can't read configurations, error -61
[ 1211.885927][    T8] usb usb4-port1: attempt power cycle
[ 1211.901007][T17122] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1211.925487][T17122] 8021q: adding VLAN 0 to HW filter on device team0
[ 1211.951986][T14210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1211.959216][T14210] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1212.060351][T14210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1212.067542][T14210] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1212.318605][    T8] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 1212.372139][    T8] usb 4-1: Using ep0 maxpacket: 16
[ 1212.385656][    T8] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1212.400510][    T8] usb 4-1: can't read configurations, error -61
[ 1212.407774][T17122] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1212.471455][T17122] veth0_vlan: entered promiscuous mode
[ 1212.513142][T17122] veth1_vlan: entered promiscuous mode
[ 1212.558718][    T8] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1212.584389][T17122] veth0_macvtap: entered promiscuous mode
[ 1212.605806][T17122] veth1_macvtap: entered promiscuous mode
[ 1212.621822][    T8] usb 4-1: Using ep0 maxpacket: 16
[ 1212.637598][    T8] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1212.675047][    T8] usb 4-1: can't read configurations, error -61
[ 1212.700677][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1212.717403][    T8] usb usb4-port1: unable to enumerate USB device
[ 1212.726109][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1212.746172][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1212.756840][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1212.767021][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1212.940616][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.081039][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1213.217871][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.336010][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1213.389652][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.403375][T17122] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1213.413690][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1213.424479][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.434353][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1213.434372][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.434389][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1213.434404][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.434421][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1213.434434][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.434457][T17122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1213.510833][T17122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1213.522232][T17122] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1213.558106][T17122] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1213.567057][T17122] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1213.575990][T17122] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1213.584842][T17122] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1213.846696][ T1118] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1214.018517][ T1118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1214.661134][ T1118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1214.669926][ T1118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1214.674222][   T29] audit: type=1326 audit(1722323607.186:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17309 comm="syz.1.3020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1214.751133][   T29] audit: type=1326 audit(1722323607.186:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17309 comm="syz.1.3020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1214.849588][T17316] program syz.1.3020 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1214.867463][T17316] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1215.550946][T17351] netlink: 'syz.4.3027': attribute type 1 has an invalid length.
[ 1217.578532][   T25] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1217.768865][   T25] usb 4-1: device descriptor read/64, error -71
[ 1218.070427][   T25] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1218.218631][   T58] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[ 1218.481510][   T25] usb 4-1: device descriptor read/64, error -71
[ 1218.753011][   T25] usb usb4-port1: attempt power cycle
[ 1218.779704][   T58] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1218.792686][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1218.812810][   T58] usb 1-1: config 0 descriptor??
[ 1218.835358][   T58] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1218.857461][T14210] IPVS: starting estimator thread 0...
[ 1218.968538][T17403] IPVS: using max 18 ests per chain, 43200 per kthread
[ 1219.168626][   T25] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1219.219126][   T25] usb 4-1: device descriptor read/8, error -71
[ 1219.243629][   T58] cpia1 1-1:0.0: unexpected state after lo power cmd: e5
[ 1219.548469][   T25] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1219.591534][   T25] usb 4-1: device descriptor read/8, error -71
[ 1219.649918][   T58] cpia1 1-1:0.0: only firmware version 1 is supported (got: 229)
[ 1219.719204][   T25] usb usb4-port1: unable to enumerate USB device
[ 1219.788536][T14210] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 1219.989499][T14210] usb 3-1: Using ep0 maxpacket: 32
[ 1220.015200][T14210] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1220.045945][T14210] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1220.072936][T14210] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1220.097323][T14210] usb 3-1: Product: syz
[ 1220.107725][T14210] usb 3-1: Manufacturer: syz
[ 1220.128840][T14210] usb 3-1: SerialNumber: syz
[ 1220.171623][T14210] usb 3-1: config 0 descriptor??
[ 1220.212393][T17420] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1220.222499][  T942] usb 1-1: USB disconnect, device number 77
[ 1220.749540][  T942] usb 3-1: USB disconnect, device number 77
[ 1220.873487][T14210] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1221.211703][T17451] cgroup: name respecified
[ 1221.308440][T14210] usb 4-1: Using ep0 maxpacket: 16
[ 1221.327040][T14210] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[ 1221.347915][T14210] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1221.357285][T14210] usb 4-1: Product: syz
[ 1221.366328][T14210] usb 4-1: Manufacturer: syz
[ 1221.373137][T14210] usb 4-1: SerialNumber: syz
[ 1221.384764][T14210] usb 4-1: config 0 descriptor??
[ 1221.400337][T14210] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[ 1222.010104][T17440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1222.027759][T17440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1222.050933][T17440] FAULT_INJECTION: forcing a failure.
[ 1222.050933][T17440] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.077567][T17440] CPU: 1 UID: 0 PID: 17440 Comm: syz.3.3051 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1222.088394][T17440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1222.098468][T17440] Call Trace:
[ 1222.101759][T17440]  <TASK>
[ 1222.104698][T17440]  dump_stack_lvl+0x241/0x360
[ 1222.109401][T17440]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1222.114622][T17440]  ? __pfx__printk+0x10/0x10
[ 1222.119231][T17440]  ? fs_reclaim_acquire+0x93/0x140
[ 1222.124356][T17440]  ? __pfx___might_resched+0x10/0x10
[ 1222.129660][T17440]  should_fail_ex+0x3b0/0x4e0
[ 1222.134353][T17440]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1222.140088][T17440]  should_failslab+0xac/0x100
[ 1222.144781][T17440]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1222.150528][T17440]  __kmalloc_noprof+0xd8/0x400
[ 1222.155310][T17440]  ? kfree+0x4e/0x360
[ 1222.159308][T17440]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1222.164884][T17440]  tomoyo_path_number_perm+0x23a/0x880
[ 1222.170366][T17440]  ? tomoyo_path_number_perm+0x208/0x880
[ 1222.176016][T17440]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1222.182053][T17440]  ? __fget_files+0x29/0x470
[ 1222.186661][T17440]  ? __fget_files+0x3f6/0x470
[ 1222.191350][T17440]  ? __fget_files+0x29/0x470
[ 1222.195959][T17440]  security_file_ioctl+0x75/0xb0
[ 1222.200919][T17440]  __se_sys_ioctl+0x47/0x170
[ 1222.205528][T17440]  do_syscall_64+0xf3/0x230
[ 1222.210055][T17440]  ? clear_bhb_loop+0x35/0x90
[ 1222.214753][T17440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.220664][T17440] RIP: 0033:0x7fc062177299
[ 1222.225092][T17440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1222.244707][T17440] RSP: 002b:00007fc062f89048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1222.253110][T17440] RAX: ffffffffffffffda RBX: 00007fc062305f80 RCX: 00007fc062177299
[ 1222.261069][T17440] RDX: 0000000020000040 RSI: 00000000c0145608 RDI: 0000000000000007
[ 1222.269031][T17440] RBP: 00007fc062f890a0 R08: 0000000000000000 R09: 0000000000000000
[ 1222.276998][T17440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1222.284969][T17440] R13: 000000000000000b R14: 00007fc062305f80 R15: 00007fffdcf15008
[ 1222.292958][T17440]  </TASK>
[ 1222.328981][T14210] ssu100 4-1:0.0: probe with driver ssu100 failed with error -110
[ 1222.332214][T17440] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1223.093755][    T8] IPVS: starting estimator thread 0...
[ 1223.227806][T17468] IPVS: using max 18 ests per chain, 43200 per kthread
[ 1223.276497][    T8] usb 4-1: USB disconnect, device number 85
[ 1223.829235][T14210] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1224.018961][T14210] usb 3-1: device descriptor read/64, error -71
[ 1224.299130][T14210] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1224.478623][T14210] usb 3-1: device descriptor read/64, error -71
[ 1224.630324][T14210] usb usb3-port1: attempt power cycle
[ 1225.157733][T14210] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1225.225845][T14210] usb 3-1: device descriptor read/8, error -71
[ 1225.508404][T14210] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1225.542945][T14210] usb 3-1: device descriptor read/8, error -71
[ 1225.746635][T14210] usb usb3-port1: unable to enumerate USB device
[ 1225.808481][    T8] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1226.770184][    T8] usb 4-1: Using ep0 maxpacket: 8
[ 1226.832355][    T8] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1226.860211][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1227.205467][    T8] usb 4-1: Product: syz
[ 1227.209929][    T8] usb 4-1: Manufacturer: syz
[ 1227.214552][    T8] usb 4-1: SerialNumber: syz
[ 1227.236748][    T8] usb 4-1: config 0 descriptor??
[ 1227.491524][    T8] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1227.728572][T14212] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 1227.942501][T14212] usb 5-1: Using ep0 maxpacket: 8
[ 1227.964686][T14212] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[ 1227.994217][T14212] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1228.046372][T14212] usb 5-1: config 0 has no interface number 0
[ 1228.076306][T14212] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1228.124469][T14212] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1228.174650][T14212] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1228.227781][T14212] usb 5-1: config 0 interface 52 has no altsetting 0
[ 1228.262452][T14212] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1228.286229][T14212] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1228.348445][T14212] usb 5-1: config 0 descriptor??
[ 1228.565517][T14212] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.52/input/input55
[ 1228.594469][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.626939][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.653199][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.682020][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.691247][ T5266] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1228.752361][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.774780][    T8] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1228.784604][T17533] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.804243][T15697] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.849088][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1228.873527][T14212] usb 5-1: USB disconnect, device number 81
[ 1228.881462][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -19
[ 1228.888876][   T25] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1228.898569][ T5266] usb 3-1: Using ep0 maxpacket: 16
[ 1228.919410][ T5266] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1228.931144][ T5266] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1228.941442][ T5266] usb 3-1: New USB device found, idVendor=6666, idProduct=8802, bcdDevice= 0.00
[ 1228.952008][ T5266] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1228.964040][ T5266] usb 3-1: config 0 descriptor??
[ 1229.095751][T17556] FAULT_INJECTION: forcing a failure.
[ 1229.095751][T17556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1229.109443][T17556] CPU: 1 UID: 0 PID: 17556 Comm: syz.0.3079 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1229.120227][T17556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1229.130283][T17556] Call Trace:
[ 1229.133554][T17556]  <TASK>
[ 1229.136474][T17556]  dump_stack_lvl+0x241/0x360
[ 1229.141155][T17556]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1229.146345][T17556]  ? __pfx__printk+0x10/0x10
[ 1229.150931][T17556]  ? vfs_write+0x7c4/0xc90
[ 1229.155350][T17556]  should_fail_ex+0x3b0/0x4e0
[ 1229.160025][T17556]  _copy_from_user+0x2f/0xe0
[ 1229.164629][T17556]  move_addr_to_kernel+0x82/0x150
[ 1229.169673][T17556]  __sys_bind+0x168/0x2f0
[ 1229.174004][T17556]  ? __pfx___sys_bind+0x10/0x10
[ 1229.178864][T17556]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1229.185192][T17556]  ? do_syscall_64+0x100/0x230
[ 1229.189956][T17556]  __x64_sys_bind+0x7a/0x90
[ 1229.194456][T17556]  do_syscall_64+0xf3/0x230
[ 1229.198960][T17556]  ? clear_bhb_loop+0x35/0x90
[ 1229.203726][T17556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.209616][T17556] RIP: 0033:0x7f4f03577299
[ 1229.214021][T17556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1229.233632][T17556] RSP: 002b:00007f4f02fff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 1229.242046][T17556] RAX: ffffffffffffffda RBX: 00007f4f03705f80 RCX: 00007f4f03577299
[ 1229.250006][T17556] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003
[ 1229.257970][T17556] RBP: 00007f4f02fff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1229.265937][T17556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1229.273912][T17556] R13: 000000000000000b R14: 00007f4f03705f80 R15: 00007ffe6d350bc8
[ 1229.281892][T17556]  </TASK>
[ 1229.300167][   T25] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1229.313636][   T25] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1229.330828][   T25] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1229.345805][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1229.356509][   T25] usb 2-1: SerialNumber: syz
[ 1229.521294][ T5266] smartjoyplus 0003:6666:8802.000F: unknown main item tag 0x0
[ 1229.552269][ T5266] smartjoyplus 0003:6666:8802.000F: hidraw0: USB HID v0.00 Device [HID 6666:8802] on usb-dummy_hcd.2-1/input0
[ 1229.568349][ T5266] smartjoyplus 0003:6666:8802.000F: Force feedback for SmartJoy PLUS PS2/USB adapter
[ 1229.584571][   T25] usb 2-1: 0:2 : does not exist
[ 1229.688590][    T8] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1229.724883][ T5266] usb 3-1: USB disconnect, device number 82
[ 1229.815602][ T9640] usb 4-1: USB disconnect, device number 86
[ 1229.859204][T14212] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1229.878465][    T8] usb 1-1: Using ep0 maxpacket: 8
[ 1229.887419][    T8] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1229.896767][    T8] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1229.907434][    T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1229.917834][    T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1229.928559][    T8] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1229.968675][    T8] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1229.988166][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1230.434930][    T8] usb 1-1: GET_CAPABILITIES returned 68
[ 1230.493310][    T8] usbtmc 1-1:16.0: can't read capabilities
[ 1230.736202][T14212] usb 5-1: device descriptor read/64, error -71
[ 1231.002734][T17570] usbtmc 1-1:16.0: usb_control_msg returned -32
[ 1231.010414][T14212] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1231.029651][    T8] usb 1-1: USB disconnect, device number 78
[ 1231.168512][T14212] usb 5-1: device descriptor read/64, error -71
[ 1231.178637][   T25] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1231.289229][T14212] usb usb5-port1: attempt power cycle
[ 1231.378606][   T25] usb 3-1: Using ep0 maxpacket: 8
[ 1231.389997][   T25] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[ 1231.398187][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1231.410901][   T25] usb 3-1: config 0 has no interface number 0
[ 1231.422386][   T25] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1231.433507][   T25] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1231.444614][   T25] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1231.457715][   T25] usb 3-1: config 0 interface 52 has no altsetting 0
[ 1231.464664][   T25] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1231.473802][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1231.484340][   T25] usb 3-1: config 0 descriptor??
[ 1231.576279][T17575] FAULT_INJECTION: forcing a failure.
[ 1231.576279][T17575] name failslab, interval 1, probability 0, space 0, times 0
[ 1231.589537][T14210] usb 2-1: USB disconnect, device number 69
[ 1231.591186][T17575] CPU: 0 UID: 0 PID: 17575 Comm: syz.0.3086 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1231.595554][   T46] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1231.606198][T17575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1231.606217][T17575] Call Trace:
[ 1231.606228][T17575]  <TASK>
[ 1231.606238][T17575]  dump_stack_lvl+0x241/0x360
[ 1231.606270][T17575]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1231.606292][T17575]  ? __pfx__printk+0x10/0x10
[ 1231.606316][T17575]  ? fs_reclaim_acquire+0x93/0x140
[ 1231.606343][T17575]  ? __pfx___might_resched+0x10/0x10
[ 1231.606372][T17575]  should_fail_ex+0x3b0/0x4e0
[ 1231.606396][T17575]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1231.606421][T17575]  should_failslab+0xac/0x100
[ 1231.606445][T17575]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1231.606467][T17575]  __kmalloc_noprof+0xd8/0x400
[ 1231.606489][T17575]  ? kfree+0x4e/0x360
[ 1231.606515][T17575]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1231.606549][T17575]  tomoyo_path_number_perm+0x23a/0x880
[ 1231.606576][T17575]  ? tomoyo_path_number_perm+0x208/0x880
[ 1231.606597][T17575]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1231.606657][T17575]  ? __fget_files+0x29/0x470
[ 1231.606680][T17575]  ? __fget_files+0x3f6/0x470
[ 1231.606699][T17575]  ? __fget_files+0x29/0x470
[ 1231.606727][T17575]  security_file_ioctl+0x75/0xb0
[ 1231.606754][T17575]  __se_sys_ioctl+0x47/0x170
[ 1231.606776][T17575]  do_syscall_64+0xf3/0x230
[ 1231.606799][T17575]  ? clear_bhb_loop+0x35/0x90
[ 1231.606827][T17575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1231.606852][T17575] RIP: 0033:0x7f4f03577299
[ 1231.606872][T17575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1231.606889][T17575] RSP: 002b:00007f4f02fff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1231.606913][T17575] RAX: ffffffffffffffda RBX: 00007f4f03705f80 RCX: 00007f4f03577299
[ 1231.606929][T17575] RDX: 00000000200001c0 RSI: 0000000000005412 RDI: 0000000000000004
[ 1231.606942][T17575] RBP: 00007f4f02fff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1231.606955][T17575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1231.606968][T17575] R13: 000000000000000b R14: 00007f4f03705f80 R15: 00007ffe6d350bc8
[ 1231.606997][T17575]  </TASK>
[ 1231.708509][T14212] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1231.754276][   T12] Bluetooth: (null): Invalid header checksum
[ 1231.775931][T17575] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1231.795483][   T12] Bluetooth: (null): Invalid header checksum
[ 1231.808736][   T25] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input56
[ 1231.837478][   T12] Bluetooth: (null): Invalid header checksum
[ 1231.883388][   T12] Bluetooth: (null): Too short H5 packet
[ 1231.889471][   T12] Bluetooth: (null): Invalid header checksum
[ 1231.899058][ T4653] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1231.958451][   T46] usb 4-1: Using ep0 maxpacket: 32
[ 1231.965494][   T46] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1231.983847][T14212] usb 5-1: device descriptor read/8, error -71
[ 1232.000399][ T4653] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1232.026897][   T46] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1232.051387][ T4653] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1232.204270][   T46] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1232.212631][   T46] usb 4-1: Product: syz
[ 1232.216819][   T46] usb 4-1: Manufacturer: syz
[ 1232.221781][   T46] usb 4-1: SerialNumber: syz
[ 1232.230265][   T46] usb 4-1: config 0 descriptor??
[ 1232.239156][T17572] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1232.270557][ T4653] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1232.333816][T17569] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1232.364461][T14212] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1232.410120][T14212] usb 5-1: device descriptor read/8, error -71
[ 1232.445055][T15669] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1232.491112][ T4653] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1232.530556][T14212] usb usb5-port1: unable to enumerate USB device
[ 1232.564370][ T9640] usb 3-1: USB disconnect, device number 83
[ 1232.597654][ T4653] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -19
[ 1232.689790][T17591] program syz.4.3090 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1232.932238][T14212] usb 4-1: USB disconnect, device number 87
[ 1233.319298][ T9640] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1233.544104][ T9640] usb 5-1: Using ep0 maxpacket: 8
[ 1233.583449][ T9640] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[ 1233.592792][ T9640] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1233.618349][ T9640] usb 5-1: config 0 has no interface number 0
[ 1233.747801][T17600] netlink: 'syz.2.3092': attribute type 1 has an invalid length.
[ 1234.262949][ T9640] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1234.274131][ T9640] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1234.285445][ T9640] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1234.298385][ T9640] usb 5-1: config 0 interface 52 has no altsetting 0
[ 1234.305124][ T9640] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1234.314244][ T9640] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1234.379406][ T9640] usb 5-1: config 0 descriptor??
[ 1234.629996][ T9640] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.52/input/input57
[ 1234.672296][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1234.729194][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1234.791585][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1234.848637][T17596] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1234.883020][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1234.942610][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1234.993273][T15669] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1235.081515][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1235.106203][ T4653] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1235.108501][   T46] usb 5-1: USB disconnect, device number 86
[ 1235.418571][  T942] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1235.608434][  T942] usb 1-1: Using ep0 maxpacket: 8
[ 1235.625887][  T942] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1235.640051][  T942] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1235.661055][  T942] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1235.712846][  T942] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1235.742923][  T942] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1235.786543][  T942] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1235.816367][  T942] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1236.058193][  T942] usb 1-1: GET_CAPABILITIES returned 68
[ 1236.066644][   T46] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1236.079449][  T942] usbtmc 1-1:16.0: can't read capabilities
[ 1236.270541][   T46] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1236.286205][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1236.320075][   T46] usb 5-1: config 0 descriptor??
[ 1236.356477][   T46] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1236.498796][  T942] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[ 1236.690565][T17632] usbtmc 1-1:16.0: usb_control_msg returned -32
[ 1236.736568][ T9640] usb 1-1: USB disconnect, device number 79
[ 1236.783377][  T942] usb 4-1: Using ep0 maxpacket: 8
[ 1236.858520][  T942] usb 4-1: config index 0 descriptor too short (expected 255, got 36)
[ 1236.937688][  T942] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1236.991288][  T942] usb 4-1: config 0 has no interfaces?
[ 1236.996933][  T942] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1237.028477][  T942] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1237.044792][  T942] usb 4-1: config 0 descriptor??
[ 1237.349330][T17640] FAULT_INJECTION: forcing a failure.
[ 1237.349330][T17640] name failslab, interval 1, probability 0, space 0, times 0
[ 1237.386103][T17640] CPU: 0 UID: 0 PID: 17640 Comm: syz.2.3102 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1237.396917][T17640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1237.406989][T17640] Call Trace:
[ 1237.410286][T17640]  <TASK>
[ 1237.413233][T17640]  dump_stack_lvl+0x241/0x360
[ 1237.417945][T17640]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1237.423176][T17640]  ? __pfx__printk+0x10/0x10
[ 1237.427806][T17640]  ? fs_reclaim_acquire+0x93/0x140
[ 1237.432937][T17640]  ? __pfx___might_resched+0x10/0x10
[ 1237.438236][T17640]  should_fail_ex+0x3b0/0x4e0
[ 1237.442915][T17640]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1237.448642][T17640]  should_failslab+0xac/0x100
[ 1237.453321][T17640]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1237.459049][T17640]  __kmalloc_noprof+0xd8/0x400
[ 1237.463828][T17640]  ? kfree+0x4e/0x360
[ 1237.467816][T17640]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1237.473373][T17640]  tomoyo_path_number_perm+0x23a/0x880
[ 1237.478842][T17640]  ? tomoyo_path_number_perm+0x208/0x880
[ 1237.484476][T17640]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1237.490483][T17640]  ? __fget_files+0x29/0x470
[ 1237.495081][T17640]  ? __fget_files+0x3f6/0x470
[ 1237.499769][T17640]  ? __fget_files+0x29/0x470
[ 1237.504388][T17640]  security_file_ioctl+0x75/0xb0
[ 1237.509339][T17640]  __se_sys_ioctl+0x47/0x170
[ 1237.513944][T17640]  do_syscall_64+0xf3/0x230
[ 1237.518474][T17640]  ? clear_bhb_loop+0x35/0x90
[ 1237.523157][T17640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1237.529057][T17640] RIP: 0033:0x7f05c3d77299
[ 1237.533494][T17640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1237.553110][T17640] RSP: 002b:00007f05c37ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1237.561799][T17640] RAX: ffffffffffffffda RBX: 00007f05c3f06058 RCX: 00007f05c3d77299
[ 1237.569777][T17640] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[ 1237.577762][T17640] RBP: 00007f05c37ff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1237.585728][T17640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1237.593699][T17640] R13: 000000000000006e R14: 00007f05c3f06058 R15: 00007ffdaf9f02d8
[ 1237.601680][T17640]  </TASK>
[ 1237.652761][T17640] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1237.838782][   T46] usb 5-1: USB disconnect, device number 87
[ 1237.888751][   T58] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1238.088435][   T58] usb 1-1: Using ep0 maxpacket: 8
[ 1238.100818][   T58] usb 1-1: config 1 has an invalid interface number: 105 but max is 3
[ 1238.118452][   T58] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1238.148539][   T58] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 4
[ 1238.170883][   T58] usb 1-1: config 1 has no interface number 0
[ 1238.203864][   T58] usb 1-1: config 1 interface 105 altsetting 7 endpoint 0xA has an invalid bInterval 64, changing to 10
[ 1238.226930][   T58] usb 1-1: config 1 interface 105 altsetting 7 has a duplicate endpoint with address 0xA, skipping
[ 1238.238737][   T58] usb 1-1: config 1 interface 105 altsetting 7 has an endpoint descriptor with address 0x1E, changing to 0xE
[ 1238.262676][   T58] usb 1-1: config 1 interface 105 altsetting 7 endpoint 0xE has invalid maxpacket 10900, setting to 1024
[ 1238.287114][   T58] usb 1-1: config 1 interface 105 altsetting 7 bulk endpoint 0xE has invalid maxpacket 1024
[ 1238.302156][T17651] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies.
[ 1238.308887][   T58] usb 1-1: config 1 interface 105 altsetting 7 endpoint 0x5 has invalid maxpacket 1983, setting to 64
[ 1238.324547][   T58] usb 1-1: config 1 interface 105 altsetting 7 has 6 endpoint descriptors, different from the interface descriptor's value: 9
[ 1238.347304][   T58] usb 1-1: config 1 interface 105 has no altsetting 0
[ 1238.362467][   T58] usb 1-1: New USB device found, idVendor=201e, idProduct=2009, bcdDevice= 4.7a
[ 1238.377555][   T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1238.405862][   T58] usb 1-1: Manufacturer: ဉ
[ 1238.427259][   T58] usb 1-1: SerialNumber: 坌卪函䞢᪃ᣲŽ권ﾌ⫁돃헃輧ᛀ笧㸍♂溿퀏㤂㴆중䊢뢉餑뿸젌춲ᗼ㱊鈮⫗磥랏暵㻤䨀Ԩ䬪嗚澮洔Ṃ˨ཙᦻ锼ᆂԦ熥꽇∹ؐᔧ琠㺬씤઴顚뒽ㅏᥑﶕ総৑瀷첑蕽埣튼䭇䏤䕱郐⋖礤罴㓯인䔖䞞䀡八躢퉆䨬
[ 1238.599074][T17646] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1238.973582][T17646] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3103'.
[ 1239.014468][T17663] cgroup: name respecified
[ 1239.226296][  T942] usb 4-1: USB disconnect, device number 88
[ 1239.611951][ T1260] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.618584][ T1260] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.688139][T17644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1239.748825][T17644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1239.977341][   T58] option 1-1:1.105: GSM modem (1-port) converter detected
[ 1240.047993][   T58] usb 1-1: USB disconnect, device number 80
[ 1240.092093][   T58] option 1-1:1.105: device disconnected
[ 1240.727350][   T29] kauditd_printk_skb: 31 callbacks suppressed
[ 1240.727367][   T29] audit: type=1326 audit(1722323633.236:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1240.843948][   T29] audit: type=1326 audit(1722323633.276:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1240.894877][   T29] audit: type=1326 audit(1722323633.276:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.003548][   T29] audit: type=1326 audit(1722323633.276:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.076507][T17673] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3112'.
[ 1241.110325][   T29] audit: type=1326 audit(1722323633.276:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.186460][   T29] audit: type=1326 audit(1722323633.276:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.279793][   T29] audit: type=1326 audit(1722323633.286:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.348732][   T29] audit: type=1326 audit(1722323633.286:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.377734][   T29] audit: type=1326 audit(1722323633.286:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5817d77299 code=0x7ffc0000
[ 1241.400396][   T29] audit: type=1326 audit(1722323633.286:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17667 comm="syz.1.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5817d75cd0 code=0x7ffc0000
[ 1241.828405][T14212] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1241.878526][ T9640] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1242.059143][T14212] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1242.070050][T14212] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.077324][ T9640] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1242.091424][T14212] usb 3-1: config 0 descriptor??
[ 1242.117136][ T9640] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[ 1242.120499][T14212] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1242.158806][ T9640] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1242.188868][ T9640] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1242.196909][ T9640] usb 1-1: Product: syz
[ 1242.211559][ T9640] usb 1-1: Manufacturer: syz
[ 1242.216197][ T9640] usb 1-1: SerialNumber: syz
[ 1242.447642][T17677] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1242.528433][ T5266] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 1242.673617][ T9640] cdc_ncm 1-1:1.0: bind() failure
[ 1242.702729][ T9640] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1242.711499][ T9640] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1242.734078][ T5266] usb 2-1: Using ep0 maxpacket: 8
[ 1242.756992][ T9640] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[ 1242.819082][ T5266] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[ 1242.846046][ T5266] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1242.857383][ T9640] usb 1-1: USB disconnect, device number 81
[ 1242.867890][ T5266] usb 2-1: config 0 has no interface number 0
[ 1242.895131][ T5266] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1242.916420][ T5266] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1242.932058][ T5266] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1243.003779][ T5266] usb 2-1: config 0 interface 52 has no altsetting 0
[ 1243.026449][ T5266] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1243.058869][   T46] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1243.068377][ T5266] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1243.081342][ T5266] usb 2-1: config 0 descriptor??
[ 1243.208089][T17705] cgroup: name respecified
[ 1243.228822][T14212] usb 3-1: USB disconnect, device number 84
[ 1243.268718][   T46] usb 5-1: Using ep0 maxpacket: 8
[ 1243.287731][   T46] usb 5-1: config index 0 descriptor too short (expected 255, got 36)
[ 1243.299204][   T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1243.314050][   T46] usb 5-1: config 0 has no interfaces?
[ 1243.318011][ T5266] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input58
[ 1243.319978][   T46] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1243.342488][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1243.353283][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.354585][   T46] usb 5-1: config 0 descriptor??
[ 1243.372706][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.404883][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.424383][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.458825][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.468243][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.483307][T15669] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.506779][ T4653] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.534160][T17694] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1243.625243][ T5266] usb 2-1: USB disconnect, device number 70
[ 1244.193817][T17717] FAULT_INJECTION: forcing a failure.
[ 1244.193817][T17717] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1244.238466][T17717] CPU: 1 UID: 0 PID: 17717 Comm: syz.3.3123 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0
[ 1244.249282][T17717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1244.257216][T17719] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3124'.
[ 1244.259336][T17717] Call Trace:
[ 1244.271646][T17717]  <TASK>
[ 1244.274591][T17717]  dump_stack_lvl+0x241/0x360
[ 1244.279296][T17717]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1244.284527][T17717]  ? __pfx__printk+0x10/0x10
[ 1244.289152][T17717]  should_fail_ex+0x3b0/0x4e0
[ 1244.293854][T17717]  prepare_alloc_pages+0x1da/0x5d0
[ 1244.298999][T17717]  __alloc_pages_noprof+0x166/0x6c0
[ 1244.304224][T17717]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1244.309973][T17717]  ? __pfx_validate_chain+0x10/0x10
[ 1244.315198][T17717]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1244.320686][T17717]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1244.326700][T17717]  vma_alloc_folio_noprof+0x12e/0x230
[ 1244.332106][T17717]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1244.338032][T17717]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1244.343252][T17717]  folio_prealloc+0x31/0x170
[ 1244.347866][T17717]  do_wp_page+0x11cc/0x52f0
[ 1244.352405][T17717]  ? __pfx_do_wp_page+0x10/0x10
[ 1244.357282][T17717]  ? __pfx_lock_acquire+0x10/0x10
[ 1244.362333][T17717]  ? do_raw_spin_lock+0x14f/0x370
[ 1244.367405][T17717]  handle_pte_fault+0x1138/0x6eb0
[ 1244.372445][T17717]  ? __pfx_validate_chain+0x10/0x10
[ 1244.377819][T17717]  ? __lock_acquire+0x137a/0x2040
[ 1244.382843][T17717]  ? mark_lock+0x9a/0x350
[ 1244.387177][T17717]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1244.392565][T17717]  ? mt_find+0x226/0x850
[ 1244.396799][T17717]  ? __pfx_lock_release+0x10/0x10
[ 1244.401828][T17717]  handle_mm_fault+0xf70/0x1880
[ 1244.406692][T17717]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1244.412005][T17717]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1244.418365][T17717]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1244.423663][T17717]  exc_page_fault+0x2b9/0x8c0
[ 1244.428353][T17717]  asm_exc_page_fault+0x26/0x30
[ 1244.433212][T17717] RIP: 0010:rep_movs_alternative+0x4a/0x70
[ 1244.439021][T17717] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[ 1244.458622][T17717] RSP: 0018:ffffc900032a7a50 EFLAGS: 00050202
[ 1244.464684][T17717] RAX: ffffffff84a79001 RBX: 0000000020001180 RCX: 0000000000000180
[ 1244.472644][T17717] RDX: 0000000000000000 RSI: ffff888065f2ed40 RDI: 0000000020001000
[ 1244.480633][T17717] RBP: ffffc900032a7b88 R08: ffff888065f2eebf R09: 1ffff1100cbe5dd7
[ 1244.488605][T17717] R10: dffffc0000000000 R11: ffffed100cbe5dd8 R12: 0000000000000e80
[ 1244.496572][T17717] R13: 0000000000000e80 R14: 0000000020000300 R15: ffff888065f2e040
[ 1244.504563][T17717]  ? _copy_to_user+0x21/0xb0
[ 1244.509168][T17717]  _copy_to_user+0x86/0xb0
[ 1244.513605][T17717]  bpf_test_finish+0x293/0x8b0
[ 1244.518388][T17717]  ? __pfx_bpf_test_finish+0x10/0x10
[ 1244.523687][T17717]  ? bpf_prog_test_run_skb+0x820/0x1820
[ 1244.529248][T17717]  ? convert___skb_to_skb+0x41/0x620
[ 1244.534530][T17717]  ? convert_skb_to___skb+0x2d3/0x510
[ 1244.539900][T17717]  bpf_prog_test_run_skb+0xfe5/0x1820
[ 1244.545286][T17717]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1244.551100][T17717]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1244.556910][T17717]  bpf_prog_test_run+0x33a/0x3b0
[ 1244.561845][T17717]  __sys_bpf+0x48d/0x810
[ 1244.566119][T17717]  ? __pfx___sys_bpf+0x10/0x10
[ 1244.570909][T17717]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1244.576896][T17717]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1244.583226][T17717]  ? do_syscall_64+0x100/0x230
[ 1244.587993][T17717]  __x64_sys_bpf+0x7c/0x90
[ 1244.592408][T17717]  do_syscall_64+0xf3/0x230
[ 1244.596907][T17717]  ? clear_bhb_loop+0x35/0x90
[ 1244.601585][T17717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1244.607474][T17717] RIP: 0033:0x7fc062177299
[ 1244.611884][T17717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1244.631499][T17717] RSP: 002b:00007fc062f89048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1244.639911][T17717] RAX: ffffffffffffffda RBX: 00007fc062305f80 RCX: 00007fc062177299
[ 1244.647873][T17717] RDX: 000000000000004c RSI: 0000000020000240 RDI: 000000000000000a
[ 1244.655833][T17717] RBP: 00007fc062f890a0 R08: 0000000000000000 R09: 0000000000000000
[ 1244.663795][T17717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1244.671788][T17717] R13: 000000000000000b R14: 00007fc062305f80 R15: 00007fffdcf15008
[ 1244.679775][T17717]  </TASK>
[ 1245.803406][ T5262] usb 5-1: USB disconnect, device number 88
[ 1323.613618][T15307] Bluetooth: hci5: command 0x0406 tx timeout
[ 1351.938249][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1351.945283][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P17732/1:b..l
[ 1351.953887][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=105221, q=327 ncpus=2)
[ 1351.961673][    C1] task:syz.3.3129      state:R  running task     stack:24048 pid:17732 tgid:17731 ppid:14919  flags:0x00004002
[ 1351.974592][    C1] Call Trace:
[ 1351.977860][    C1]  <TASK>
[ 1351.980779][    C1]  __schedule+0x17ae/0x4a10
[ 1351.985276][    C1]  ? page_ext_get+0x1d6/0x2a0
[ 1351.989938][    C1]  ? __pfx___schedule+0x10/0x10
[ 1351.994795][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1352.000779][    C1]  ? __lock_acquire+0x137a/0x2040
[ 1352.005797][    C1]  ? preempt_schedule_irq+0xf0/0x1c0
[ 1352.011075][    C1]  preempt_schedule_irq+0xfb/0x1c0
[ 1352.016173][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1352.021882][    C1]  irqentry_exit+0x5e/0x90
[ 1352.026281][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1352.032249][    C1] RIP: 0010:lock_is_held_type+0x13b/0x190
[ 1352.037971][    C1] Code: 75 44 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 4c 41 f7 c4 00 02 00 00 74 01 fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 42 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f
[ 1352.058358][    C1] RSP: 0018:ffffc9000448ef30 EFLAGS: 00000206
[ 1352.064417][    C1] RAX: 351199e6bc00c600 RBX: 0000000000000000 RCX: 0000000080000000
[ 1352.072386][    C1] RDX: ffff888023185a00 RSI: ffffffff8beae6e0 RDI: ffffffff8c3f9280
[ 1352.080345][    C1] RBP: 0000000000000002 R08: ffffffff8491bc6d R09: 1ffffffff269d300
[ 1352.088305][    C1] R10: dffffc0000000000 R11: fffffbfff269d301 R12: 0000000000000246
[ 1352.096266][    C1] R13: ffff888023185a00 R14: 00000000ffffffff R15: ffffffff8e765458
[ 1352.104230][    C1]  ? blkcg_css+0xad/0x1d0
[ 1352.108558][    C1]  blkcg_css+0xc9/0x1d0
[ 1352.112697][    C1]  ? blk_cgroup_congested+0x1b/0x200
[ 1352.117961][    C1]  blk_cgroup_congested+0xbb/0x200
[ 1352.123057][    C1]  __folio_throttle_swaprate+0x84/0x1d0
[ 1352.128611][    C1]  shmem_add_to_page_cache+0x89c/0x1830
[ 1352.134154][    C1]  ? __pfx_shmem_add_to_page_cache+0x10/0x10
[ 1352.140128][    C1]  ? percpu_ref_put+0x19/0x180
[ 1352.144886][    C1]  shmem_alloc_and_add_folio+0x90b/0x14e0
[ 1352.150608][    C1]  ? __pfx_filemap_get_entry+0x10/0x10
[ 1352.156056][    C1]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1352.162202][    C1]  ? shmem_allowable_huge_orders+0x2d0/0x310
[ 1352.168176][    C1]  shmem_get_folio_gfp+0x8dc/0x2370
[ 1352.173390][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1352.178594][    C1]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1352.184222][    C1]  shmem_fault+0x252/0x6f0
[ 1352.188630][    C1]  ? __pfx_shmem_fault+0x10/0x10
[ 1352.193555][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1352.198572][    C1]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1352.204019][    C1]  __do_fault+0x135/0x460
[ 1352.208332][    C1]  ? handle_pte_fault+0x21d9/0x6eb0
[ 1352.213517][    C1]  handle_pte_fault+0x3b18/0x6eb0
[ 1352.218707][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1352.223720][    C1]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1352.229089][    C1]  ? follow_page_pte+0x29a/0x1ee0
[ 1352.234102][    C1]  ? follow_page_pte+0x83f/0x1ee0
[ 1352.239113][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1352.244130][    C1]  ? count_memcg_event_mm+0x3c2/0x420
[ 1352.249504][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1352.254706][    C1]  ? folio_mark_accessed+0x6f6/0x11b0
[ 1352.260155][    C1]  handle_mm_fault+0xf70/0x1880
[ 1352.265006][    C1]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1352.270287][    C1]  ? __pfx_find_vma+0x10/0x10
[ 1352.274950][    C1]  ? vma_is_secretmem+0xd/0x50
[ 1352.279700][    C1]  ? check_vma_flags+0x500/0x5a0
[ 1352.284623][    C1]  __get_user_pages+0x6ec/0x16a0
[ 1352.289583][    C1]  ? __pfx___get_user_pages+0x10/0x10
[ 1352.294979][    C1]  populate_vma_page_range+0x264/0x330
[ 1352.300427][    C1]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1352.306390][    C1]  ? userfaultfd_unmap_complete+0x30c/0x360
[ 1352.312269][    C1]  ? do_mmap+0x961/0x1010
[ 1352.316586][    C1]  __mm_populate+0x27a/0x460
[ 1352.321260][    C1]  ? __pfx___mm_populate+0x10/0x10
[ 1352.326410][    C1]  vm_mmap_pgoff+0x2c3/0x3d0
[ 1352.331016][    C1]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1352.336131][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1352.342541][    C1]  ? do_syscall_64+0x100/0x230
[ 1352.347297][    C1]  ? ksys_mmap_pgoff+0xdf/0x720
[ 1352.352227][    C1]  ? __x64_sys_mmap+0x7f/0x140
[ 1352.356980][    C1]  do_syscall_64+0xf3/0x230
[ 1352.361471][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1352.366159][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1352.372039][    C1] RIP: 0033:0x7fc062177299
[ 1352.376443][    C1] RSP: 002b:00007fc062f89048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1352.384842][    C1] RAX: ffffffffffffffda RBX: 00007fc062305f80 RCX: 00007fc062177299
[ 1352.392796][    C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 1352.400752][    C1] RBP: 00007fc0621e48e6 R08: ffffffffffffffff R09: 0000000000000000
[ 1352.408705][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[ 1352.416658][    C1] R13: 000000000000000b R14: 00007fc062305f80 R15: 00007fffdcf15008
[ 1352.424625][    C1]  </TASK>
[ 1352.427636][    C1] rcu: rcu_preempt kthread starved for 10391 jiffies! g105221 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1352.438907][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1352.448862][    C1] rcu: RCU grace-period kthread stack dump:
[ 1352.454829][    C1] task:rcu_preempt     state:R  running task     stack:25656 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1352.466626][    C1] Call Trace:
[ 1352.469888][    C1]  <TASK>
[ 1352.472812][    C1]  __schedule+0x17ae/0x4a10
[ 1352.477329][    C1]  ? __pfx___schedule+0x10/0x10
[ 1352.482163][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1352.487167][    C1]  ? __asan_memset+0x23/0x50
[ 1352.491739][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[ 1352.497549][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1352.503886][    C1]  ? schedule+0x90/0x320
[ 1352.508115][    C1]  schedule+0x14b/0x320
[ 1352.512256][    C1]  schedule_timeout+0x1be/0x310
[ 1352.517095][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1352.522467][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1352.527737][    C1]  ? prepare_to_swait_event+0x32e/0x350
[ 1352.533269][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1352.538100][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1352.543284][    C1]  ? rcu_gp_init+0x1256/0x1630
[ 1352.548056][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1352.553013][    C1]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[ 1352.559076][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1352.564356][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1352.570239][    C1]  ? finish_swait+0xd4/0x1e0
[ 1352.574813][    C1]  rcu_gp_kthread+0xa7/0x3b0
[ 1352.579405][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1352.584696][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1352.590587][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1352.595693][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1352.600877][    C1]  kthread+0x2f0/0x390
[ 1352.604927][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1352.610106][    C1]  ? __pfx_kthread+0x10/0x10
[ 1352.614675][    C1]  ret_from_fork+0x4b/0x80
[ 1352.619077][    C1]  ? __pfx_kthread+0x10/0x10
[ 1352.623651][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1352.628405][    C1]  </TASK>
[ 1352.631406][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1352.637707][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1352.642914][    C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30