last executing test programs:

30.278291493s ago: executing program 3 (id=8144):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000003380))
r3 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0})
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000000)={0x0, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r6, 0x0, 0xa)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
listen(r0, 0x0)

28.072172423s ago: executing program 3 (id=8157):
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000001880))
listen(r1, 0x400000001ffffffd)
r2 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = accept4(r1, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r8, r7, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvmsg$unix(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{0x0}, {0x0}, {&(0x7f0000000340)=""/229, 0x8ec0}], 0x3}, 0x0)
setsockopt$inet6_dccp_int(r3, 0x21, 0x3, &(0x7f0000000380)=0x1513, 0x4)
sendmsg$NL80211_CMD_SET_PMKSA(r3, 0x0, 0x0)
sendmmsg$inet(r3, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f0000002d40)=[{&(0x7f00000006c0)="f36ab720882d2b00320149bc921eb1b189d333b933c1715a5d4f505b8bb38d30e215b4412b1aaa2c70490f0026e630e9941121fe6b898793df7cd5fec3bfaedeea531dba290a54958f22e5b7c4a2f3dbd1355ccadf108fbfd0e434561904d86fb61c9baf76a52e529f26d89d142b41902c597f8f507bce81f5067f33fdac85b108ac183ae73376c020f240dcb9b6440b0d904bf834355a10df20ea4400404709b86f2f74d39e7b39d444faaabc7bda48e2a40ddab862bff13ace7cf2c08e1004c2a63269892de12e2e170958ceadf1ca2d7b0fe9a080395605ab3b24b70853e47b1e4c02ec676e92c9119b8f7ca39be8beaffe5af93025d78c5379efd0bb4facb648eff5275d7127ea8aab8a7e52ea3fb370c87be1a057c5af6d300785b6ac4e02fedf8aca1cd121bbfd5e221dd9508e7b30efbfc035eac8e0df9c9f4d4e4a46c7878e59ba4b6401fdc1ebd1352ac8deb341b19ce2a501bcb3202fe68e746fb3324498c8f310daa0cbe5f8af238dd883a1d330818e7dca9e723235f67374b643c8e049548818fc0d8250e95eb295259a918fabbe1433b0e9b90f657948e172e9ff20de0f0e8c31b767607e75970c06f1636cf6df09f35a05d0d938b543a0f4b594df72fe95fb76f68a4bf838ecddec33cec89bd2b7f8240926d9a86049ed704b0c6fba5f9bebe95c5d3c581827ff07f67c81b53b24914ab7759f6c63454a03771710b01dac45d4cae997f5ab6f98889c2caa1efe6f3e1c1c00aac9c4f181b4cb167dda86938605dd1909891bed2ea4d2712dfa03631dea8a13d4e32d1dd7de66a21d72069074cc194c5ccc80caacf955d34acb7929b9746b4d2cee47f6c8d6bb496b6139c90da634bdfcdcc2044025f88666fdcc89646b38f01b418363b0bdbb9856155b9c38aa3ae882325cdda45e4a55eadfb4dd0facdb8a574ead1e61730feeae49d5c869c9400b9ec72a1b3cbc441e5ceabe209e4b029c9bb7987a6f7bbc0efe1b6c843846fa2ba8764ce08430210f136fc27a647d6cfd0a7ef5e5728ff4dfe70382062db845fc67b662178df87ddc5867ef95f6fbc87c478158596e08c066acf589da9fcb1ffc6f4928de1f93e51c24ea68806c360e996689b6397f9d4a435f14a72c516c4b330a029772e24ce14625667a07ccdd0a88542e412441121ff0bd2fe76bd2afb39bae635fd0b8bf9c15a0786b36b64c596dc54b9c3c1a59b09dc33ff2d69be15ef5f8b76d9ae1078a2c11e643d921d255a2ee046278b08f27f666f0c8e85a8626364e3e5e5db33e38eb8715d59087018a19842180aa27ea26d2e3449aff4111a99d752883d7e73f2750a04a2c7bca257c603b85569e8aefef88b724decffb3f16e8944bda2552f21d903e80aaea4ed7b82c619eeac196c8f9025967f7db7672ffbce768318a0a0d20838ba518b6b716725562e0fe438976f89dbb68757bc7ae6329fbbd18655f606b2c5c8bff7c34a49bf834248cc9d3d527c58e238064f663c159919e769426b26c13de32cca0515b9225dc6b4c84e32e585001850265f0283b47e06d55402c388ea1a6f85378b68a24530811a9aad330d6adc5be24b00b8036f06270bb35c4b6855bbcc2af30f3b8e209bebda8ef4eac1d07069879c9dffeec5f2b0af1901d830054f06a54e5d2e49afb197b5b353b19e1565d8ea64a5da04de7e605ec2ca47dbe709d5c6e5473ac5ed58cbd1f4baea38992b2d9143921fee3793dfd8996c48276558583ad433a332f322918ae8ae20e8b73a59a1de39489bf3a5ebd7c8e20e11de4e10d45078751fc560b948792fe19fbcfcd616e8180f722111d8cfc3bffcd9554887a8813c7ca4afee0933788e01c6e6a48c80f37c22ed0436f810511faf5e53b34509ee4e16261cbd88784e8231a9253176139f9589758fadb3e82da7d600bb0b8f01af961b9a583c839c6c449ec9e3a972fd2f243d686939d30f0c93db94dfb982e3e90e719199c7a19aa3ad20ffae56f64ee019c3eecec0c55308b3b30f3426e819f46a7ea87408d6d2f33a33d74bd83d8d627948680495f794b14f5d82e82cec9c55c97b60d133383410685541b81af90330a35d2a2578cf957005338cf9a78f5b3350c76a0d27d9f763a26eb79dd464e6b08c9616a7e71887562c91bfa13897b2ba4e41fa3435cdf68a37846b301287c0d871831ef727f8f6c6ed2256a9b19f9dc38a7fc585d96732a872bef554c7867498352deb2df4abbb88a7bfdacacebf2b25e0e7b5b31e259439bdaf3f73ea32c2b1457e01f483409128ef5449d1ef92f17f010cbecbadbda810c5075fec7192d6ce2a7c4e3a041e19f2624b519fac696ac0797decfbbb82af9c49f657edb1f189235f4a873ab3bf1add0ed3f23d8183c04405c2f64c85758da13b99481f4c871e7906fe23168aee3ad5b6b32de1ab6d6508db2b9da885a09241f45cc85f440f27ad0ddcda77083eeb806bc0bb0d7435fc027c218db601535e9a6ad7040d633f2bf9334f8d6ccdc6f3093bd26406a479a333eed635c83f9ccbeb17baa7158a130c5884532068949480c0c2136b6515e96d0813377067b2f9edb1b115bb71c752e33fd378a76955b200aef09a244dbcf26aa84b78210dbf7f8469b990671524708d547e7cdb5baef5ee7637df8d8d94ce933b36653372bddbb9c11a8f1136a7f67b197e832dc0946d71581d9e6c98741a14133adf2c3c434796a7f42921f61c3d5cd6f3568223e3dbd3bf4b985a0b32cbdfd749855744c33bfdad0ea80923a3a51355dd7b4293f07da325774c44539e5e36b494a1466faa275a7f7480a6d764a89c99463394d77b94bd261d892c81d227f8361eaf76a22892e298b15b6f1203c31605c66ae04e7b645c024d6a0b3ae57d338667dbc3963390ba2d4d132e4c3421ec2c8c56eadbcfd45e1b389aa2d3f21678c5c3f5345390d8a4e92613cb766e192a10653d5cf9375879f2e54e0f6301129643f74d75cf334d15a30da837f8a2a3b2e74e5210081636d5b10b69319facd72adba668a111299570260a930f900565a704ce456c6b6ba4a296e36128d2d645c9f58944090727d715e40702f3342ee8a2494115fd10d7fed03e57def3f0a547633dcea919a0497805916e8b1c344df58d25455b79da855464ecf15889e8b6a51424628c36f041a89e683cc728c5e6651c5130d2db5a7db419bcbac6204330cf790607332f505a1b31072c6576ee736b5b5770a5ea2a61337fe17ca388f095c4171bd8cca775c4090587ab857947b203f63a749af24e747e7670d06b04c9b9a92ab74829ff708c52164267f0f9f6e329b386a2ae7c4c928c5910b9d1113fbc5a1b9631e2f36e5c95e2d4c9e94b72922d1bc98384aa43962656518571aedc7255d7a1bd742a4fa4e221fd7bb28ebbb2b92fbf2ec6d145a5aa56423965f82579726dba4c4ebd1f55596653bc9ee2e035c9759d6e30ad5eb93876068e3b50b0268990fdc16223bc906c6889debef4286132abe1ba9a04b89637fe4d60ec08b102d130b39a88ce37b63f257f6c129f31df21ce92a7805cdb5dc2f0ac06a96facdffa8857205d0f1ea2045c1de5eccc4c809da66c6c8957032c3dda7caf7670a9aa434294dcc7eaad666ed08e9975d73ca5a929e4972b6097f3672e7cd3efe91795e8b88aebcb0a9c65deedeb0177326972463270eadcf16b05398833db9482cc1edb5fd236194094ef75151a7c28f32502d26fe1f122316ec2a898204ec52430ffd5a383a5472aedd450539374a3cde2fe5e7263f8985fea2402fd5a881e8670c22b7ef3b4632a721e5a937c5604ec564e9382d2f7a947f467df4c4b91cc01e402cc0d7ceae3ffe0abdeeb83beb6240353e960df4fd17a49f3661d63f3005e90ff9c0e425a6bbb2e4e065df8d0707c1e16a9d60ef8f6f429dc58d608e084e57577992747e6a09784a273a707bef9dd8e958243c97d2d6de71d7242b3ece9ed7183f3db65057629a08b31cf38f7bbbace9f277897e056a27001cb4bd1d7135e8dd1c9cd8c70ce1ba23081cf6b43fcb5cf7cb249e96db71578508f8b98b121ca7328eb4c49a41a2d5b864640a4a94272f6377a22d0881033b1d85f6681ce052988e919fe48be9897f577c83033b5c81cd634e600282ea795af5c5ac1340e797d779c2905ca9df808dc4c4a55655b721569aa85b2119220afccfe776b5d5d774498b06a29c4c5fb07948a4ab40634ed3e94112e95810195279617023061055d8296693b9b2e537a212f2c1553891671cc115a2f4b2d192ba150d8a458976ed895f5908464124da606597342bc92a7c3752b3efd369588940f40bd287a35331fba04082670052b90d9fe43760c1172d1025ea42fd585ff0a2ecfd8897f2025006cbd9fcfdb0320ae8e58bf273ab7f476452dbfa05c750cdda96975313dd604b3a985c9f5197a366cd5b78cbc9d71857d6e5b00df47b8d30b2d598950b2e01b19ec2d498a0f0f9872cdaa10b8ddfff79531cf32030e85641f308b6c964514239edfb2ceed60fbe329340b7e3a45d2ab30e2efcdce99f0a78f631e05c47e20f9de4e2444fa57e83ae2c59f420391e786509c476b104c2ae6f769da4d227af2db591e2e69b4a24ad82c730be66a95a514d34080f4ebaf83c6a3544522297feba79cf28e3cc922ff90439dcfbb7c20ae9c4b2ed49923576bcb859a7e28cf8e5e5ea9b787e73c6a21898874ab2f98bc28fb67231ded78f5cfe695dadd6450ea0f21c17201eaa2722ff1ba387cd636725f90911e736775ced3fa14d86aa195301b4ce9ebccc6e6f8432594525bdd2c48fcdfd2323f181dce8697a453f339df607a5b62eef24edc345d2f0caba89b4899baabc5d87b44b211ef564ae2cf656c9ab513462313890f8f7f437fb1711d3c019900d96e5c6508c6cea2f8a1948b09d2f70475b41bdb0a184e1ac4dae954567917637cd4859e77daeff86e94adeeb8955fecafd975515958fab37efcd1928d6630caf83f431479ecc0e27ddbdf66b79e942e925adcba0aa63d8bdf7fa08f778ecb6dbd069d13feeab51040109c3726c97e15d0e3ef3eb2e82d56c31a24b8dcd5c33b9d3dc8a68ccd6bb6b11e8bad5009c1868e0d8c5988a7493a07c506e2c7e9f070edd2cc2125df8b5b931b01112ecdd1282696aef7db981c79f06e5bad6e27d7eeb2051aba0d8c70d724e50f8457517c0c89d64a658822ea2771a2977935e0e35b5db18322146233674dcc84220a68bebb1883784b2fb5429de49391f6a0148f3b6873e2b3e5749c4cfce936b24b02064cba6f28517e830d3b88b03e51187b586462d0b4eb12c2eb49382e544a173694314f9a1e0fad776352b618a556cca89cf51e7f1b885fdecd09f40a5977e79189df9aaafe307565cffa26794a09ac8a49d5017218ab440b4dbceeed85650da888a9bbe14b977bd71597e5df62afd90e4fceb2185eff8aedcf14b09d674733dfa11c49cba78d48d7959829ccf4f642f52e94c70ef277f90c6dfc9e5ce72052b3819d737c1f9544157fcef962c67d31cd6a2c470b2fc25f3753a2146e871b3bbc8671a639fc47242f15f95bd004a830804ce33fa7c3c35b580980024f16f8533512a4dd5f9c35944453ed9fca92baa459f95fd98bfaee19f3af57664f452726cb516917254ac9ac289a30af48c652fb37d1e88ee9774610051ab18f8bea0dc182d6cb53651f911f7fe1e7f4e0b99cd3d1e26a19cae", 0xfc0}, {&(0x7f0000000500)="bcf843c83ce1b3528eaffa82779b85885914e11923fe4ad749a995b9cd0216a19ca1363f92", 0x25}, {&(0x7f00000005c0)}, {&(0x7f0000002b00)="ea4ee248ce68733f342d73fb47912b405929cfaed82161e85642ab241d78c2e2670bd14570ae5dd9f942c2f25f22762978fbd5cd266488e9a047fa178da0c0ccf4507f1904e087fe5aedb4e30ec02691262565baf9c512d2ad5ae859ce1ea9ac3c22e096eb3afc997259f95587b0a27763744254459cd45972a03e08cbe02d026cebc2533084f0d086bf3772ae193ea0747d7dd2fdfa7fbe5a5a11b8f4225730b968ea5536f25d4c089915ec423806b43921b31df56fc1950ba280f940cddc059d096ddd9e323ea58d891106e3c39949263e1396ca74ed4d784fe8959cf2e1d8ee2b1c93b064ae2fdd9c8921e4cdd285fd560504d5a8903776c164b9f2a570", 0xff}, {&(0x7f0000001800)="076fa4733b71dfee26686d870201234cb9101870ea2e987d9d449a1d4920629d4cb67ec55129a79683c4649ac6893b4c60f2d62d7dd9fa6005", 0x39}, {0x0}, {&(0x7f0000002c00)="be68636dccd278e5a61d7b2e104083ddfde3b66deaf7866331acd9c08c7b962b77d81867192e04210f115fd4f4a9ae8b2b3a27549ecb5cede1d34de1ef3bc64cd721dc1ff74f8f56f8bf084db45b0ce2747f92fcf2", 0x55}, {&(0x7f0000002cc0)="282d6728dca8d31edd3c26ac7074b4931be8e78c7efb9f23cad01e6d4bac5cb97492a3cd9940c4121446e5bc4d8886d21d2a80355757cf864d2fad909516b79b77de1247ba72e834af", 0x49}], 0x8, &(0x7f0000002e00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@rr={0x7, 0xb, 0x17, [@rand_addr=0x64010101, @loopback]}]}}}], 0x50}}, {{&(0x7f0000002e80)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000002f80)}}, {{0x0, 0x0, &(0x7f0000004480)=[{&(0x7f0000003180)="6761cdfaec9f374a4a3fa425cb73fa2ddb8a9ae99fbcc4739ff371712d9adae63818f446447b455c79b39356cac341", 0x2f}, {&(0x7f00000031c0)="35f2b23c8aa8727fbc64d5ea41688506240811b1a757ebbde5be6a2a7511fba3036e0b94e914127f79b51b1f8eba224cda6df7383cd688ea0f8b47ab7e22860d97b713995ed3aed82de34ce614c80279004409ec22372d662291c8cbe94a71c399810de505e494d1f774cee3c2044ba54a9640c06e9a38", 0x77}, {&(0x7f0000003280)="517679e1286d1a6e44f0eb", 0xb}, {&(0x7f00000032c0)="47d0ea1a14a5fb15126c49508093fbbb4c8f77414a146dc3c4158aaff40ca477033e9e74708bf17e5025ca5fd213e019e1881ae5df3755c68e9736e706bf4b86e4dba54aafb912e75919ce3e8ef5d6e06bcf0799e93ddd7b8dbeb9c94673836525d443", 0x63}, {&(0x7f0000003380)="e2e58e4d10600b6351c0c272b0d2a5ee7a77be12d8660375d8fa97c126c870fdacfb09490f38467eff7ddbac85353521dbbd8b08f9cb1e356c4544e4abc9e7324828ce3ffc60711c4511a2ef9f65211e55c2000e166dfb7de2f8e0cc9b236a5048f7df314270005a7e61e7af5df8b550bce2487f11b1d4c226a54b0ee846567f80eb0a449048891652e28eff03c3f6c643a85a3d0b08574250b3770156c6a41bcad0501bf3e1cf27a45fa19c48cb77fb7f96a02412012d935f35f15e3867ccccd397f8bdcfa7e23308b8497058374c515043085a66b41566c4ca5044ed4eb56cbe6f9768e5671070f03874f5d2c77403298b12af6cdd3e5fa736e02619d34e33f5a2de97d374ddb134bd9618313e9d64962761d4aa8a149fba1c83034ac3e930236d2afb9d81d882323dcf82038f4d7621b50cbaf166230464bde805219631d9254ac920f20edd9dae2160637366eb330cb620067bd3e95c2bd1584e6dc2ec2eb50dd59a6de91bd4aac545c6e16426e3508c00cc54799e667c0f2ab298a76978ea3df02e84f546a6ba9a732fd0ec92fbca162ccbb32a804fade6293d32f9ad5389ab5fac032aa143011a9aded863171b95acf8bd366125bf13f1c0573b8f9b6216943c9c39246e76e3e0c9ed1984f7430d1dab668194bd6ce2fcc4eee85b75eac6c0cefad8b6dae0c596dd305eced7cf519ea7ed2e74ff4658f7f8bf7bb7a21a4ed8442597c5f60c9e352bb60785a356cddee0bb136133967a7b30197d5612e0bc75845b9e653d4222f87ce436c1b0cdbd4b7f091b2a93ee330ddf2e9538beece999d69fbaace88e7090aadfc9bba334fbf9ab9e0932d26e99ec6c67e8e2b6ce199a03316787363a1ced43092113b167a6741fae01705ff4ce42876c8f5162d2de5ad610049af79de458bcafe8cec945357646eaf9a22bb2ebfe7f1ff8b81edb249855282c2547c56050d6c9a2541703158aba761afea8833ce1e6360242b45f1275de3a2e36bca321faa11d4ff0e058455e134d4d0ee7951b2feeb1347004772f18623bae0aaa0f4e71fcc8b1de22b89220feda0330f92a933d9734f703eaa29fa1ba9bcffe9ca3a6f993408bf3b222b1eefd5627c45956428f94641dd35176edc59caf63f6943c4ec4eb8851c9a86323c4cfea0fb4cb010c733d6a32ec2d6e3d55b364712b9b8427a802b2f60a3ce777fc49437df80c90c551b6c4b317ef98d7d9907f13e6e4062b30049ea585474cf57a6eadbc7b26f157a0f18dcd0b43d4d4d16fbc2fdaf391319dc58bfbddc88387eb15c777289f5c5bcc5ede4619a7ee90fe9638f8d740dad44c62f385e3ec2b91449fd0fb15817296b89e448b8f83cd10eb25276036d3534982a8c89a282504ec134232b4cc9d39b34bad3ac5b969cb96358d984393b5a12f8f5ebf9ec66cce8d5be315662f5958f678ae2fc15e31ac64f2cd0204a474fa442d1c6f980e1e804e985ff0fdf4bdb0956751ced02656c9b6ed8b377b953b3c370b7dade814175f94982b1d432062773813b2d4e4c6b46e24f2bfa8a1ea949198e9a39b390abc7f0ce443e2d97072f37b20687e6998248ac0bb22e0097304aac6f007bd49566dbc77b795a4e0467c5f825b4982f4b76603c279d50d13fabd49e9d484274f7dd8012053da8ae7c3c8279e11cc5ac4bac9b21d5e8bcf735fb710ec05ac2899e94da2e73b9d9f6bca45dac640b34bd53cb105c59576065832509e60dac2c0573cf629412f9a2698bf2ba195d1ee381afdfb045fc22346cdac6982926ffb96098fff9f41dc1f873b6e46a09fafae5677bda19066e3840f3aaef4baa8cc415083d96147361e69e700ac28b0db2b631fb24c6e31f62dd38d27b998dfab3785a1bfb17f9b28ca3bd945622a576b26bdb11eed8b4677f6d4d928ee2fb1e835db63b3067f478f22ccc2d99a1428cf301e9b9e23ac5c21c78012e0761418ed0e61f3711bbad579bd1249a562ca473a5a5524919bcd5b811466f89a7582cb236ee49b4c9d1b8ac89264e5c1defbc9bc263eb7137ceb1557d3b84bb68247f0cfa1c3c36400a140af66a108c77ff07c61a2c960408982247c78bab1864fd1710acbde59d11d88a780344232817e23a73e51688fcb9a11cafab1ecca008b515c3f5a5cea15e28082f074899a6f6c08c44ff04d41afb07e8f9ed715185e7b481aed01a2343a63e833d506b38025bc218b734710cddf06a671335b46c91ed4ff713384f3fe47d8505a44385f8759c5f34c2b58724a5a297c15d0b5637e6dfa035ae6cae55c778abc19a15a0b3a088246252996649dc1e4b2e3395c25d0664d945956eba0b6a9bca4faf480b77d079e26aa7f3edd321ac8e471c304f48ddfe09e0152b7083d39a8fa61f3ad31aa19fcecbbdfd542c861000b3f7c873a06cf556f94b360c177c1cffbf8fa9bb692bc2976c311371f2c5b898b61fcd147ab7ccc2ab66d686013b6ae45f9dc121c9bf803af54cc544dd31137204a205541552c3fc80d7bc279b70ca49c311ed53cd38dc9b2f06d0cb520a4df959de17c43fdfa267df4cafb18e72afd5366cb3b7780e3a4550f5aa04d7870ec69aec84b0c0bb2765a81663507670ad530e8a0cd82de884975954221bc0efb42ddaf1d687e2d34c34785bb26ee7bd95ac8bef1ef3c9eecb39ba20a95205c19191a23fc266a46e9fd3ceef26be7e877222ce902a244267c8ffe7084b90a520218ee9a27c70dde37a07dd1e105e09de399630c3cfedd3aef0a370a271069262bc4ee7157c886599948aed5f1bb38f5cfe0479a62484a13a0e47e3ec4d1fb5f9b6d2b1dbf7aad9608d04263d1722b9148165f041e0f1bec0d46136410c28df1ae8309c70d420ab6107bcfd2c2b1ef9a702cc2e9dd853b033428098533ba7a8d34f8b9f405d621f256d5ba829131cf1a204520440483840b7deaa2de97935b5870ac22d0de85edfdd0b51560da39f91e95f993e9e30b7d8e8ad61d98d3cec4d2021ca02b9a8d978269daa6b4f09f0bd1f17cc5cd24a703ee9a3c87967509689e2c58e9679506089b1a35cd88a4acc95bc0024cf029b0a690020a89af350239c6ee1e935f44486c62fa7c0031f478b8522b537333d2874f67a42aeca92a534f3ac660ae33c29f7d4a35f2651ed40d6ce1b0e7dd90cc63038fdcdf6ed76b5658f9da81c481f78719b161353dd42a6587a51c3f68209d77f7b5352f7ac1a2afa445592d882309139cfbcdac48661c1900c69aa8e5fd743fed23b3fd37aea70579519a7c6c3f70178b0b59a3bcbce5f5313b5d2ff1b48fbb69dd1bcc98cbbab15d2ba4aca71c164b2e00d8a7a01047f8a61207b6a6fee2fb21e5007f09e2b5280c0a55b644b43f2561a9cd52e3995b4d86d1769f4dbf00d661254c1cca14c1a5bfafb08619a74968a4fe14173151928ef0929c80beb4a30d87eb4070442829f1253a472ab0153b35bb58065c8bf0e53d6a439c1e06342dc726f4ab6f114352b086b4950803909b51b4832aebafa8cf19cf29958f1e9f23fe3d6afed0956fb3f56986facb0adab637aaec8d18ce6043523ecf1c076ac7243bad96405fa6c28e35b88abd0ad990e8ab562e56b2005cc6824c88debd39c421e74d8c0504b67077853f2b8b881a3dc5fb99866c61d22869e0fb4831e217ce87ba2b2cf0d7e2818ee155cca9894db02e3d5271ae5e306a3ee542a54103b0c62b31373b47ec0cb1d2d5ea5495107db441edb23260cf52cc93a4c27d37189f21397b2895d1d6d71753d5dabaca3093539622c8b7fb069e5c4590c0e0f5d0cb1d2bce7322e9b7f6c8e5eee7613fbf509c3a900a58a055d01f62230fba33db139320b8c4462f24f45fbeaa0f6d603d49a0c1c44a90cf522402e25e8277305bd627389f3f4fc0b28225b137b7fb817ff6b4a62b9a589fcc593a1c7d502a8847bb348a5cc7acf617c804637c192cedaf67af0f909da71241919a3a4688e3dd313dac183712fa59425b2ab016bd13e98cf1fc639e32827f6b238b7de467f0136919e6a0c88a7566da393e7ec2dad6caf6640e56a16b8c622dab0de61586710b12a9ea2826f287a12820d319e32a9cd2c926bad9c82d04e8905328cad39c84fd7b0df1f32f10662f977efad20df55dfaa3571038c58681398e93bd0c841137eabbe4220fffffe48493d2580da2bb648c9cede16959cf4cc98ac83dc18b00ee17e6bd33985c760bd8a93885476f2e6570778f53b88162929912bd4fac457b860cadfc4a7623ea96ad9966e5a8a20d32fe4a022090dc9d5466f10415b4a1ca547b3f3399c12e17dac8e3f5822c41b79854395cf66a46b5cd088207ad41cdc0b64bf4e39476368549172485e34bc1fb1debe1c1d9fdcdba3de609ea2b447f4052a2072c14fba108305315dbd780e76a61bb1e43cf1d4ab5188e353b7d91bd92f6dd35bd894a0437acec08f039429ea0447be5a391957e55483aa185e656656c09590c8d48a1275532099e00caae0aff270c17b8d3ed8cb67dc802c0e7dacd5527401172dfca64f276581c0f219e6151bac0376c135f6171ad42b5fe113e5047fd683d631913a0951638d53b9a12abe096ff949aff204a8ed6db2a76cb2a0aec657d1098c9cee01633687129112587ff46b7a001926c3fdbe59d4cf6ab7668820303c9682dee03ff860b5cbae9039c030a13cbdc6e2acc87b730990357a63bfcea7368cc7caf2e8ce4f2fde2c657513a21f39595a559c1c7549c3b276842cd392b78c109f9793d1c7aef682e9b63fb7ac2d299bcd34095f9a8fdac4ff754d111f3a97752ce2ce5f7ab2f56399efaabe980a544e4cd1ae8ac4aed7da32b80ca827e75b992bbc8a879ae8b96cc35fd147855954a08f1e7d3a9d49e2d297dae15fa129126fd599c78021c5801413fa9b4a3201ea520c98036f154a40429f63725d35dcd6921943a52e912d6628817f469ec1ac68ff73ce240a57da68bfe066eae2fdd120d868e2e31b0be6e592548d92067e709d520d18e556250c2fc2f369636bee9019bc210926c245f7970a5034d32cd0fa0f1abd187bd50c810d39a7b75048b1af0d1fe74caa0d75f61681e4ac6d5a16d6203bc85fd12c026f7af4d8e0bd3d847cef0df0cc8435774ee0221cf0a500037767be199d61791836cf37de33d2d50f50205337d025870c18cf22f7b390c69662c056ebc14e2b3002d36047b6bbb61357489d85b03a032c36f7261eeec7be86d5f37938f8883e55fb775c110b53e671b5cc25f0392f004fce97904aa641977b631d5f51ba451909051937fd2fc3cab8055db2e6acdb7e3dd5d943d6c95d76a4e4270fbb713909b23b45c49df7d6072462654d799633773af1ca756ac106dd63cf4cae0731be4ae78c02e4000152e47a8f97cb4ea3581ccba6cd21dcd97e7f17f206eaf2272031a67157781e354952f364c030abe721dd4889e4c6eac26559b8aaf8bd01ebf5977b28ad7344954b33a1f7dfacc8a661446299721c172160a1a8fe7d0834c4ca328f5c0e4ad98378d530400dea8d09dd59d9ddf26dc817f403763c1df745d4a890fa05a8f49d5b735f6ddcff8821eeba0c7a5fd0ffc5ccca6dc54ca0a2f311ccbf5ceff96daa3bc25a7612f68310ccda5fed4c8e611240c300039b51996a0998c9801a83970587b760c202d83a322019bfcbfe68b31797ee6bc50c53aa949537a02d05b00c0bd361755e008d42bc35f8c3f26ba809247f3f6b508902f46bf6d0d0b11dc462404c20b7f6862f2237cec1d01067a026deab4b94f664d1945342126d570be95c855f36a45bee94202ea745b15f0ca9d8e754c40aff6c5443fec", 0x1000}, {&(0x7f0000004380)="7b149c53dc5b5533ad973619ff507017e50baf1f0d69bc9a44f49dcb5be0c8640825c65757a8d5f31b2baae115b97103a16565e8faca059cf3f5acb0308ded9eae70", 0x42}, {&(0x7f0000004440)="b49b6e81ea", 0x5}], 0x7, &(0x7f0000004500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @broadcast}}}], 0x20}}], 0x3, 0x0)
shutdown(r3, 0x0)

26.426146686s ago: executing program 3 (id=8164):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRESHEX, @ANYBLOB="0000000000000000400012800e00010069703665727370616e0000002c0002801400050000000000000000000000000000000002"], 0x60}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000000440000000800", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)

26.214036867s ago: executing program 3 (id=8165):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a3100000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a32000000000800034000000000d0000100b408b1e286b5c8f7a7321d1f80c982b3c96b4dac7dead86aceee30544dfdb289f2cae899fc3fe86ee3f122505d76d6b5878270ecb40c37908d60b9ed31d97a3e0ee856f3cf3c2fdfee967991f8d1ef7fdce37b30f8842735e543ac808675a64f66eb37009373328ddf992e92b3a5765bd5f765d73c578babbb08efd7b59dab641a88f3099e34bb7fbc04cb298bb0df6eb0dc4ca79864758aff38b7192698c89435c5699f4a9222ad4a2c68c9356b741f04ef667f7a169b8976632c7cb98f18ba558bc302c7b73401c42a76160c0002800800034000000000440002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a320000000008000180000000000900020073797a3200000000fc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be283921020180380002"], 0x17d4}}, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0xfd, 0x1fffc00})
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r4 = memfd_create(&(0x7f00000003c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x1000})
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000180)={<r7=>0x0, 0x0, r6})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000100)={r7})
r8 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r8)
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r10 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r11 = memfd_create(&(0x7f0000000300)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r11, 0xffff)
fcntl$addseals(r11, 0x409, 0x7)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r12=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r12)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0xc018937b, &(0x7f0000000500)={{0x1, 0x1, 0x18, r9, {0x0, r12}}, './file0\x00'})
ioctl$UDMABUF_CREATE(r10, 0x40187542, &(0x7f00000002c0)={r11, 0x0, 0x0, 0x1000})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f0000000180)={<r13=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r9, 0xc008640a, &(0x7f0000000100)={r13})
ioctl$DRM_IOCTL_GEM_CLOSE(r8, 0x40086409, &(0x7f0000000080)={r13})

25.753916608s ago: executing program 3 (id=8167):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x31, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x60, 0x2, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000000/0x3000)=nil, 0x800, &(0x7f00000000c0)=[{0x7, 0x4, 0x1bf8c002}], 0x1, 0x2ae000000000, 0x2, 0x2, 0x10, 0x10})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e023bd2a9eca19e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd6"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f0000000040)=r2, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090583ffd1"], 0x0)
read$FUSE(r4, &(0x7f0000000a40)={0x2020}, 0x1366)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mlock2(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0)
r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r5, 0xc0845657, &(0x7f0000000180)={0x0, @reserved})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f7, &(0x7f0000000000)={'bridge0\x00', 0x0})
syz_usb_connect$hid(0x4, 0x54, &(0x7f0000000380)=ANY=[@ANYBLOB="1201000000000000bd28780040000102030109022400010105f8b2f694ac485fdd46bc6a500009040002000301000409210000000122000009058103000000fe00"], 0x0)
remap_file_pages(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3, 0x5, 0x1)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000000080)=0x40000)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f00000000c0)=0x2000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000140)={@my=0x1})
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r4, 0x28, 0x0, &(0x7f0000000540)=0x20, 0x8)
r8 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r8, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)}], 0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000000000000400300010009000000bd00000000001c00000000000000000f00fd08000000", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c0000000000000000078f0208000000", @ANYRES32=0x0, @ANYBLOB="a00500000000000000000000240000000000050c00000000000000005c2c2281940800004410000000000000000000000000000000000000110000000000000000011000000000000000000073e10344e46c2a2e40c5d53408563299da77e1a6ecd904146b3bb010b0aa165afd7afdafffac2372748c1a5a4b54edf1449f95c83278d22bef7ea596e13cf86628ffbff74c16a3a537ec44234c3973d2a10f6f93b4468578048d9eb21c55ec64f2f87ece9e4267be5f197aa9b3682eb8ffcb8239adc3ca6e439a048d4c387f26c7fdde908748dfe7fd18"], 0x98}, 0x83c2)
sendmsg$sock(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000300)="97224712bdc58ebc597dd394c8f80b35cd35c0f1089b1cdad15ecbf6ccae94dc86c8f12a7ff1950614d2524a8d208545f47df93fd2e20e6be579d352f06f38461bb5f518269e9863d5a8f6e9971ee6235ba13d8df633", 0x56}, {&(0x7f00000008c0)="9680b16c366650fadc77cf4641fc1b96ef3c99376bd0491817d6a71bee41917d5f30fdf5f595e13b77ff09912aaa56e7328f6058ff352ab242cb6326408890b14abef06a", 0x44}, {&(0x7f0000000680)="ca9d03c2c38a0602", 0x8}, {&(0x7f00000006c0)="a20ae2b7929ecec1cb6790680f379f486b587898bd5e37cf34fb9a6b55ffc058e1bab2f4622ad31314532ca05680903ed0f8a0a4c8f8", 0x36}, {&(0x7f0000000780)="9992bf74d2df53cfc88d6be88fe164d9aa67353737875e6f015f2e4c4bc9091809dfe33648d41ae8caa9574864f037793825b63f827b8e4b186b8474ccca866c8602f28df84db8040000001cfa5438e44c434e9b0611ef9a7cb4179a5a692e1b08bcf6b0ea7ddc377f2a51e70ac0fb05b1209499de701295cb57211e3c8c55821d24df6b93", 0x85}], 0x5}, 0x4c880)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f00000001c0)={{@host, 0xffffffff}, @local, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x1})
capset(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8, 0x0, 0x7f, 0x4}, @func={0x2}]}}, 0x0, 0x36}, 0x20)

22.481182813s ago: executing program 3 (id=8171):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000740)=[{&(0x7f0000000a80)}, {&(0x7f0000000dc0)='Q{', 0x2}, {&(0x7f0000000040)="efced5", 0x3}, {&(0x7f0000000480)="526d0101985a6e40e7fc359c4146f13c5b69dd2d81034f324cb7797bc2a6e61b14e3d66b0a7bef1d1322287538e108ccb3660c5d8b7125f0aca3033d9e6e42b8b75d043a", 0x44}, {&(0x7f0000000200)="53876165c1d64b3887ff159308d6febc9954f948cc8fa7840b77e7307713bb79421767160fcfea47a86385f1c41de6af43519550f3a01fd3989d2bbd77da22aec98ee3e289f8d652f918326ee6300083bdba0e4646e9b90bea606137246fa9a6f1aad3a3cbe84020ff6aa2f2ebcb33c25c772e40699aaa0dd14d1ad7fe4e058e747ad0bd87692ae9754a4490027c6b2d20452fc6ab4e977006acf799e3cd06b986e472b6354f8033bb98f696ecb7754df4c584f9dbde5c4ce082592638d690d6c3e31b945e34b65a3e47475f34c9688d84baf490ee5e244eefe6b2227502877935509c12cd8b793e2218935c037f99beb3de8a359386413d5ce35dd973", 0xfd}], 0x5)
write$binfmt_script(r0, &(0x7f0000000040), 0x18a3c85)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
accept$alg(r1, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001000000c000000000000000095"], &(0x7f0000000100)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="14000000e803010000000000000000000000f203010000000000000000000000000a35c3f30700000000000000e0c544deabf0c32f8a8205669bf681b085089ea1c18cc511a2b7a2edb2c8f1ccc5a1569a882ad3ca9a8184b77559671669711b68d737a66918adc7d5ef4f80cce81416e60118f26c942cd6bbf5ae17117a0236f961cf83860b5eb1b24f583027c5f2e08abe006d64a8d561b97e4902ed0000000000000000000000000000000063c5e64276b9fac107ac72c940108711b3eaf7279dae7d746fec55f0bf09ecabf117f873761c3f37501c39e5b2bca13658491049523ea6a5662efc054472f7829a7d2ec8f653cddebfe8a9662dfbdc39989710829699fe16b524ffb2e0c8086e64cb8f0c34dd91d616"], 0x28}}, 0x20040010)
syz_clone(0x21104000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r4 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
ftruncate(r4, 0x2007ffc)
copy_file_range(r4, &(0x7f0000000180)=0x1ff, r4, 0x0, 0x9, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r5 = syz_open_dev$radio(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r5, 0xc0405665, &(0x7f0000000080)={0x8000, 0x5})
r6 = socket(0x10, 0x0, 0x0)
quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f0000003180)=@nullb, 0xee01, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x6}, 0x10)
syz_emit_ethernet(0x9a, &(0x7f0000000540)=ANY=[@ANYBLOB="0180c200000000000000000086dd6016b51100641100fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22006490780200000004000000030000000539fbfb20ed426ac447eb679702ed090abbb420adbe2f654f0737090094247796a2cd7f6fc229e89129a314afde72d96406c8ef043f001cc41a75729886a173f6826e14bc12a674ac3da5eb98f46cb5b3570ef53c320d794c4154c5730106b09bfbf7"], 0x0)
r7 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYRESDEC=r5], 0x1c}, 0x1, 0x0, 0x0, 0x888}, 0x4000000)

12.810331795s ago: executing program 1 (id=8205):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000140)={<r2=>0x0, @in6={{0xa, 0x4e22, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}}}, 0x0, 0x3, 0x4, 0x7fffffff}, &(0x7f0000000080)=0x98)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000240)={r2, @in={{0x2, 0x4e24, @multicast1}}, 0xfffffff7, 0x49, 0x200, 0x266, 0x4}, &(0x7f0000000300)=0x98)
sendmmsg(r0, &(0x7f0000003a80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2c000011)
socket(0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000480), 0x0, 0xfffffffffffffffd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x6)
ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000380)={0xaa, 0x580})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
syz_open_pts(0xffffffffffffffff, 0x801)

11.184492676s ago: executing program 1 (id=8209):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240))
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000080), 0x6902, 0x0)
ioctl$IMDELTIMER(r3, 0x80044941, &(0x7f00000000c0)=0x2)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00')
lseek(r4, 0x2000, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(0xffffffffffffffff, 0x0, 0xfce)

10.278165083s ago: executing program 2 (id=8211):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a40)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8}]}]}, 0x28}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x0, {0x24}}, 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff"], 0x84}}, 0x0)
fchdir(0xffffffffffffffff)
socket$nl_rdma(0x10, 0x3, 0x14)

9.961454681s ago: executing program 2 (id=8213):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000040)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000180)="41030400d3fc02000000ab5d71acedd7c9560385dcb1894f84d7dc039806892f05ce811c88f7", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x301, 0x0, 0x0, {0x24}}, 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c0007"], 0x84}}, 0x0)
syz_emit_ethernet(0x9a, &(0x7f0000000000)={@random="6bbc9f139af5", @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x64, 0x2b, 0x0, @private2, @local, {[], {0x20, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "82f63de64f6ce2ee11028289aefdb3449391a823213e6336516748a7949bb108", "402fa83b1d661c18462075368a186092", {"9ddeb8f71aa211390c8fa99eb916af2e", "040876a663a86d97f46b9665cc18492b"}}}}}}}}, 0x0)
fchdir(0xffffffffffffffff)

8.756497123s ago: executing program 4 (id=8218):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a3100000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a32000000000800034000000000d0000100b408b1e286b5c8f7a7321d1f80c982b3c96b4dac7dead86aceee30544dfdb289f2cae899fc3fe86ee3f122505d76d6b5878270ecb40c37908d60b9ed31d97a3e0ee856f3cf3c2fdfee967991f8d1ef7fdce37b30f8842735e543ac808675a64f66eb37009373328ddf992e92b3a5765bd5f765d73c578babbb08efd7b59dab641a88f3099e34bb7fbc04cb298bb0df6eb0dc4ca79864758aff38b7192698c89435c5699f4a9222ad4a2c68c9356b741f04ef667f7a169b8976632c7cb98f18ba558bc302c7b73401c42a76160c0002800800034000000000440002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a320000000008000180000000000900020073797a3200000000fc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be283921020180380002"], 0x17d4}}, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0xfd, 0x1fffc00})
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r4 = memfd_create(&(0x7f00000003c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x1000})
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000180)={<r7=>0x0, 0x0, r6})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000100)={r7})
r8 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r8)
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r10 = memfd_create(&(0x7f0000000300)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r10, 0xffff)
fcntl$addseals(r10, 0x409, 0x7)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r11=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r11)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0xc018937b, &(0x7f0000000500)={{0x1, 0x1, 0x18, r9, {0x0, r11}}, './file0\x00'})
r12 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f0000000180)={<r13=>0x0, 0x0, r12})
ioctl$DRM_IOCTL_GEM_FLINK(r9, 0xc008640a, &(0x7f0000000100)={r13})
ioctl$DRM_IOCTL_GEM_CLOSE(r8, 0x40086409, &(0x7f0000000080)={r13})

8.752512143s ago: executing program 1 (id=8219):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x8e}]}}, 0x0, 0x2a}, 0x20)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009980708b5192100c7980000000109021b00012000ac00090400000107000009090585cf"], 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002140)={'wlan0\x00'})

8.580792846s ago: executing program 4 (id=8220):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',gr', @ANYRESDEC=0x0])
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x61f285}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r3=>0x0)
io_submit(r3, 0x0, &(0x7f0000000780))
dup3(r2, r1, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x90)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000002000/0x3000)=nil)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0x8})
close(r4) (fail_nth: 4)

7.558334338s ago: executing program 2 (id=8222):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRESHEX, @ANYBLOB="0000000000000000400012800e00010069703665727370616e0000002c0002801400050000000000000000000000000000000002"], 0x60}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000044000000080003", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)

7.48774547s ago: executing program 4 (id=8223):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a40)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8}]}]}, 0x28}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x0, {0x24}}, 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff"], 0x84}}, 0x0)
fchdir(0xffffffffffffffff)
socket$nl_rdma(0x10, 0x3, 0x14)

7.209299502s ago: executing program 2 (id=8224):
socket(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000380)='./bus\x00', 0x0, 0x0)
r2 = creat(&(0x7f0000000200)='./bus\x00', 0x0)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000540)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES64=r0], 0x2b)
sendfile(r3, r1, 0x0, 0x4000000053d2)
r4 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, '\x00', 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x892f, 0x20}}}}}}}, 0x0)
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)

7.020879504s ago: executing program 4 (id=8225):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x7}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00'}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x13, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000040000000aabb22d76ab77168913a8f9900f6ffff17110000", @ANYRES32=r1, @ANYRESHEX=r2, @ANYRES32, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
getsockopt$ax25_int(r3, 0x101, 0x6, &(0x7f0000000300), &(0x7f0000000200)=0x4)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$EVIOCGSND(0xffffffffffffffff, 0x8040451a, 0x0)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000002280)={'vcan0\x00', @remote})
writev(r9, &(0x7f0000001400)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c94305", 0xe}], 0x1)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0)

6.9382802s ago: executing program 2 (id=8226):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c499202006f3d", @ANYRESHEX=r1, @ANYBLOB=',\x00'])
r2 = open(&(0x7f0000000400)='./file0\x00', 0x20000, 0x2c0)
syz_open_pts(r2, 0x402280)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37}, 0x20)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r7 = open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0)
fcntl$notify(r7, 0x402, 0x15)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')

5.318373837s ago: executing program 2 (id=8227):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x154}}, 0x9000)
r1 = syz_usbip_server_init(0x3)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r2, &(0x7f00000000c0)={0x1a, 0x309, 0x0, 0x5, 0x0, 0x0, @remote}, 0x10)
write$usbip_server(r1, &(0x7f0000000980)=ANY=[@ANYBLOB="000000030000000300000000000000010000000100010000000000c50000010700000017000000020000000000000000d9ea674cb745f1030ee2135d07ef8da5916b1a3650a15dec672c3b254efc68094486a8c06db50751318972661ff8331acde30b7866643ed73955b6949f82a02182fd6ce9b5b9f27eb889dfd6de034c7862365a46a75c199e680cfb93a21f710354bd1dd8124f4660d6179a4dce7c5a9fc05fad3451e852ac0747da2c25508c0db13eefa3d6da1f40a44bbdaaec8841151e5af587790101e3a77a9a60b0417788e765f42a8652406f6174bd9a076e9f0c973006406aff127de33767fae5ff2d4eb580847ee4fc000000040000000200000001000001ff00000007000000050000000000000000000000010000ffff0000000800000003000000c000000fff00000002000007ff000017ccffffffc1000000060000000100004dab0000000100000a3d000000490000800000000008000000070000005c0001000100000020000000bd0000dfffffff8fc900000001000052bc00000fff00000009000004000000000200ff0000000100000000fffffff9000007ff00000fff00000009000000090000000800000009000001cf00000006000005b600000004000101000001000000000fff000040000000000000000f140000e8d7000000200000000000000009000000040000d46d0000001c0000000800000fff000002a3000000060000003fffffffff000000000000800000001000fffffffc000000010000036100000006fffffffd0000000700000200000001000000000000000900000004000000fe000000070000089c5f"], 0x265)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000011c0)={0x18, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0))
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYRESDEC=r2, @ANYRESHEX], 0x7)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x4800)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x8, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000300)={{{@in=@dev={0xac, 0x14, 0x14, 0x2d}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xffff, 0x4e24, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffc}, {0xcb}, 0x0, 0xfffffffc, 0x1}, {{@in=@loopback, 0x0, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7}}, 0xe4)
syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffffffff00000001, 0x151000)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0402"], 0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
getpid()
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000032f44910c0090102a40a010203010902120001000000000904000000"], 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='comm\x00')
writev(r6, &(0x7f00000010c0)=[{&(0x7f0000000000)='X', 0x1}], 0x1)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})

5.318056396s ago: executing program 4 (id=8228):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a3100000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a32000000000800034000000000d0000100b408b1e286b5c8f7a7321d1f80c982b3c96b4dac7dead86aceee30544dfdb289f2cae899fc3fe86ee3f122505d76d6b5878270ecb40c37908d60b9ed31d97a3e0ee856f3cf3c2fdfee967991f8d1ef7fdce37b30f8842735e543ac808675a64f66eb37009373328ddf992e92b3a5765bd5f765d73c578babbb08efd7b59dab641a88f3099e34bb7fbc04cb298bb0df6eb0dc4ca79864758aff38b7192698c89435c5699f4a9222ad4a2c68c9356b741f04ef667f7a169b8976632c7cb98f18ba558bc302c7b73401c42a76160c0002800800034000000000440002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a320000000008000180000000000900020073797a3200000000fc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be283921020180380002"], 0x17d4}}, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0xfd, 0x1fffc00})
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r4 = memfd_create(&(0x7f00000003c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x1000})
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000180)={<r7=>0x0, 0x0, r6})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000100)={r7})
r8 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r8)
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r10 = memfd_create(&(0x7f0000000300)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r10, 0xffff)
fcntl$addseals(r10, 0x409, 0x7)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r11=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r11)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0xc018937b, &(0x7f0000000500)={{0x1, 0x1, 0x18, r9, {0x0, r11}}, './file0\x00'})
r12 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f0000000180)={<r13=>0x0, 0x0, r12})
ioctl$DRM_IOCTL_GEM_FLINK(r9, 0xc008640a, &(0x7f0000000100)={r13})
ioctl$DRM_IOCTL_GEM_CLOSE(r8, 0x40086409, &(0x7f0000000080)={r13})

5.313639769s ago: executing program 1 (id=8229):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240))
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000080), 0x6902, 0x0)
ioctl$IMDELTIMER(r3, 0x80044941, &(0x7f00000000c0)=0x2)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00')
lseek(r4, 0x2000, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(0xffffffffffffffff, 0x0, 0xfce)

4.950796873s ago: executing program 4 (id=8231):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newpolicy={0xc4, 0x13, 0x1, 0x0, 0x0, {{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x5}, {0x0, 0x0, 0x5}, 0x0, 0x8}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xc4}}, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="050200000000ffdbdf250c00000008000300", @ANYRES32=r2, @ANYBLOB="0400280014006e"], 0x9c}}, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fdinfo\x00')
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r6, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1}, 0x8)
fchdir(r4)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r7, 0xfffffffffffffffd, 0x58)
r8 = syz_open_pts(0xffffffffffffffff, 0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r4)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x10, 0x10, r8, 0x8cbe0000)
r9 = socket$inet(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000600)=ANY=[@ANYRESOCT=r9, @ANYRES32, @ANYBLOB="0008000000000000b70800000000e7037b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = accept(r9, &(0x7f00000002c0)=@phonet, &(0x7f0000000040)=0x80)
getsockopt$IPT_SO_GET_REVISION_MATCH(r10, 0x0, 0x42, &(0x7f00000001c0)={'icmp6\x00'}, &(0x7f0000000340)=0x1e)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x3}, @volatile={0x0, 0x0, 0x0, 0x5}, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, 0x0, 0x3e}, 0x20)
r11 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r11, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)
r12 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r12, 0x1, 0x19, &(0x7f0000000080)='syz_tun\x00', 0x4d)
sendto$unix(r12, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)

2.869450115s ago: executing program 0 (id=8233):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
ftruncate(r0, 0x8001)
socket(0x21, 0x2, 0xa)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000006d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={r2, 0xfffffffffffffea8, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000300)=""/70, 0x46}}, 0x10)
getsockopt$nfc_llcp(r0, 0x110, 0x1, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x24, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x2c, 0xc0, 0x3, 0x0, [{@broadcast, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@private=0xfffffffd}]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x8}}, {@multicast2}, {@private=0xa010102}, {@broadcast}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr=0xffffffff]}]}}}}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r7}, &(0x7f0000000500), &(0x7f0000000540)='%pI4   \x00'}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64=r4, @ANYRESOCT=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r8}, 0xc)
write$binfmt_script(r6, &(0x7f0000000240), 0x208e24b)
ioctl$KVM_CAP_HYPERV_SYNIC2(r0, 0x4068aea3, &(0x7f0000000640))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r6, 0x0)
r9 = dup(r5)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r10, 0xae9a)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

2.392400898s ago: executing program 0 (id=8234):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRESHEX, @ANYBLOB="0000000000000000400012800e00010069703665727370616e0000002c0002801400050000000000000000000000000000000002"], 0x60}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r1, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)

2.114277903s ago: executing program 0 (id=8235):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a40)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8}]}]}, 0x28}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x0, {0x24}}, 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff"], 0x84}}, 0x0)
fchdir(0xffffffffffffffff)
socket$nl_rdma(0x10, 0x3, 0x14)

1.63906478s ago: executing program 1 (id=8236):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0x16, 0xa, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x44)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={&(0x7f0000000300)=""/87, 0x57, 0x0, 0x0}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@bloom_filter={0x1e, 0x6, 0x8, 0x1, 0x180, r0, 0x7a8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x2, 0xe}, 0x48)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, 0x0, r2}, 0x38)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r6, 0x3a, 0x1, &(0x7f00000000c0), 0xff2a)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x34, r4, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @default=0x9b4}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8}]]}, 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000ff8000000000001811000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$inet6(r0, &(0x7f0000000b00)={&(0x7f0000000840)={0xa, 0x4e22, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000880)="ab7c9ee9caabb396e0299505eb3779372a83105dd7fa259ce91052729aaf71984442e9c146661e784ac1cc0e5259bd5540b67902e17295ca76920b4de25b4ba87850683d8ffa07c935df7c24c43920a35cd2d08b5640e222941774f14efc48e0bc460fadf4801de4bdd4e773adf2d379e1acd786717de6927c98dec7bd9f2dba5150e126e4e32c8980bd2ed45380084976512387d3bac2f2753c0d7d0c06daa70f92585f8ccfd4be9eb5e3a14246c72249d390a76ff07e3564da94d3ae3e0706d0e68a0a", 0xc4}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="88be64285e3ca2d0d2000000360000002f0d000000000000010400000000ff667cade1e7fd94d8c9ac417b988995c439312cf0c87390358f13b70b2a9849a603b37a583cd820de7939c0ca718a87ed076e71d034e4fea914fe7086938517183bb292350e2550541779fec109fc4b9f06d7cef5b31a0be23ea8447a7f7819503b84f6a87833538a3a8400001400000000000000290000003400000001000000000000001400000000000000290000000b0000000000000600"], 0xb8}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mount_setattr(0xffffffffffffffff, &(0x7f00000002c0)='./file0/file0\x00', 0x8800, &(0x7f00000007c0)={0xa, 0x2}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, 0x2, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x4}]}, 0x1c}}, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0xa, &(0x7f0000000040), 0x4)
mkdir(&(0x7f0000000800)='./file0\x00', 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

1.46460685s ago: executing program 0 (id=8237):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000700)={0x0, 0x700, &(0x7f00000006c0)={&(0x7f0000000940)={0x54, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0x54}}, 0x0)

1.398452112s ago: executing program 1 (id=8238):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x26, 0x4, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@multicast1}, {@dev, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1}, {@private}]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private=0xa010104}, {}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (fail_nth: 5)

1.328612042s ago: executing program 0 (id=8239):
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
renameat2(r1, 0x0, r1, &(0x7f0000000200)='./bus\x00', 0x0)
accept4$alg(r0, 0x0, 0x0, 0x80800)
setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, &(0x7f0000000040)={0x2, {{0xa, 0x4e21, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x101}}}, 0x88)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r6}, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r7}, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r9, 0x400448de, &(0x7f0000000240)={0x0, 0x0, "957008"})

0s ago: executing program 0 (id=8240):
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4), 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_setup(0x410f, &(0x7f0000000200))
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002500)={{r1}, &(0x7f0000002480), &(0x7f00000024c0)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r1, &(0x7f0000000180), &(0x7f0000000040)=@udp6=r0}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r3, &(0x7f0000000240)={0x1d, r5}, 0x18)
connect$can_j1939(r3, &(0x7f0000000180)={0x1d, 0x0, 0x0, {}, 0xff}, 0x18)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000), 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb8847000086dd6008010800142f11c05ac9936d42a7000000000000000001fc01000000000000000000000000000000008902"], 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0285629, &(0x7f0000000140)={0x80000a, 0x0, 0x0, "1c21133df2f20d55806b2eb1d750185ff5ab6545a058e05b2197edb1439b1cc2"})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

ock_acquire+0x10/0x10
[ 2734.811583][ T3721]  ? __pfx_nl802154_pre_doit+0x10/0x10
[ 2734.817072][ T3721]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[ 2734.823090][ T3721]  ? __pfx_nl802154_post_doit+0x10/0x10
[ 2734.828824][ T3721]  ? __pfx___might_resched+0x10/0x10
[ 2734.834171][ T3721]  netlink_rcv_skb+0x1e3/0x430
[ 2734.838988][ T3721]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2734.844053][ T3721]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2734.849431][ T3721]  genl_rcv+0x28/0x40
[ 2734.853455][ T3721]  netlink_unicast+0x7ea/0x980
[ 2734.858278][ T3721]  ? __pfx_netlink_unicast+0x10/0x10
[ 2734.863691][ T3721]  ? __virt_addr_valid+0x183/0x530
[ 2734.868856][ T3721]  ? __check_object_size+0x49c/0x900
[ 2734.874184][ T3721]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2734.879343][ T3721]  netlink_sendmsg+0x8db/0xcb0
[ 2734.884167][ T3721]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2734.889502][ T3721]  ? __import_iovec+0x536/0x820
[ 2734.894394][ T3721]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2734.899724][ T3721]  ? security_socket_sendmsg+0x87/0xb0
[ 2734.905251][ T3721]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2734.910720][ T3721]  __sock_sendmsg+0x221/0x270
[ 2734.915444][ T3721]  ____sys_sendmsg+0x525/0x7d0
[ 2734.920268][ T3721]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2734.925610][ T3721]  ? rcu_read_lock_any_held+0xb7/0x160
[ 2734.931123][ T3721]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 2734.937071][ T3721]  __sys_sendmsg+0x2b0/0x3a0
[ 2734.941811][ T3721]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2734.946961][ T3721]  ? vfs_write+0x7c4/0xc90
[ 2734.951453][ T3721]  ? do_sys_openat2+0x17a/0x1d0
[ 2734.956385][ T3721]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2734.962753][ T3721]  ? do_syscall_64+0x100/0x230
[ 2734.967556][ T3721]  ? do_syscall_64+0xb6/0x230
[ 2734.972270][ T3721]  do_syscall_64+0xf3/0x230
[ 2734.976809][ T3721]  ? clear_bhb_loop+0x35/0x90
[ 2734.981544][ T3721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2734.987499][ T3721] RIP: 0033:0x7f5eda975bd9
[ 2734.991951][ T3721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2735.011601][ T3721] RSP: 002b:00007f5edb7f2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2735.020074][ T3721] RAX: ffffffffffffffda RBX: 00007f5edab03f60 RCX: 00007f5eda975bd9
[ 2735.028093][ T3721] RDX: 0000000000000000 RSI: 0000000020000f40 RDI: 000000000000000a
[ 2735.036099][ T3721] RBP: 00007f5edb7f20a0 R08: 0000000000000000 R09: 0000000000000000
[ 2735.044101][ T3721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2735.052104][ T3721] R13: 000000000000000b R14: 00007f5edab03f60 R15: 00007ffe619eba08
[ 2735.060173][ T3721]  </TASK>
[ 2735.752945][ T3736] binder: 3734:3736 ioctl c0306201 200003c0 returned -14
[ 2735.805967][ T3737] x_tables: duplicate underflow at hook 2
[ 2736.117949][T23031] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 2736.317440][T23031] usb 2-1: Using ep0 maxpacket: 8
[ 2736.345718][T23031] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2736.363078][T23031] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2736.374664][T23031] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2736.386478][T23031] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2736.407496][T23031] usb 2-1: config 0 descriptor??
[ 2736.419087][ T3755] sctp: [Deprecated]: syz.3.7886 (pid 3755) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2736.419087][ T3755] Use struct sctp_sack_info instead
[ 2736.720285][T23031] usb 2-1: USB disconnect, device number 56
[ 2737.022139][ T3759] FAULT_INJECTION: forcing a failure.
[ 2737.022139][ T3759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2737.036041][ T3759] CPU: 1 PID: 3759 Comm: syz.0.7887 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2737.046156][ T3759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2737.056243][ T3759] Call Trace:
[ 2737.059551][ T3759]  <TASK>
[ 2737.062513][ T3759]  dump_stack_lvl+0x241/0x360
[ 2737.067331][ T3759]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2737.072586][ T3759]  ? __pfx__printk+0x10/0x10
[ 2737.077250][ T3759]  should_fail_ex+0x3b0/0x4e0
[ 2737.081981][ T3759]  _copy_from_user+0x2f/0xe0
[ 2737.086609][ T3759]  move_addr_to_kernel+0x82/0x150
[ 2737.091681][ T3759]  copy_msghdr_from_user+0x43e/0x680
[ 2737.096992][ T3759]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 2737.102832][ T3759]  __sys_sendmsg+0x23d/0x3a0
[ 2737.107454][ T3759]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2737.112593][ T3759]  ? vfs_write+0x7c4/0xc90
[ 2737.117067][ T3759]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2737.123412][ T3759]  ? do_syscall_64+0x100/0x230
[ 2737.128188][ T3759]  ? do_syscall_64+0xb6/0x230
[ 2737.132874][ T3759]  do_syscall_64+0xf3/0x230
[ 2737.137392][ T3759]  ? clear_bhb_loop+0x35/0x90
[ 2737.142079][ T3759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2737.147989][ T3759] RIP: 0033:0x7f9d67775bd9
[ 2737.152525][ T3759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2737.172148][ T3759] RSP: 002b:00007f9d685bc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2737.180598][ T3759] RAX: ffffffffffffffda RBX: 00007f9d67903f60 RCX: 00007f9d67775bd9
[ 2737.188586][ T3759] RDX: 0000000000000000 RSI: 0000000020000780 RDI: 0000000000000006
[ 2737.196566][ T3759] RBP: 00007f9d685bc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2737.204663][ T3759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2737.212648][ T3759] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2737.220716][ T3759]  </TASK>
[ 2737.296693][ T3763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7888'.
[ 2737.877787][T29096] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[ 2738.077323][T29096] usb 4-1: Using ep0 maxpacket: 8
[ 2738.085709][T29096] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 2738.130992][T29096] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 2738.170812][T29096] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 2738.202414][T29096] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2738.277949][T23031] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 2738.462474][T29096] usb 4-1: string descriptor 0 read error: -71
[ 2738.482285][T29096] hub 4-1:32.0: USB hub found
[ 2738.517486][T23031] usb 2-1: Using ep0 maxpacket: 8
[ 2738.517507][T29096] hub 4-1:32.0: config failed, can't read hub descriptor (err -22)
[ 2738.529600][T23031] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 2738.563744][T23031] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 2738.591023][T23031] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 2738.621698][T23031] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2738.647660][T29096] usb 4-1: USB disconnect, device number 110
[ 2738.876419][T23031] usb 2-1: string descriptor 0 read error: -71
[ 2738.894929][T23031] hub 2-1:32.0: USB hub found
[ 2738.913207][T23031] hub 2-1:32.0: config failed, can't read hub descriptor (err -22)
[ 2738.937013][ T3717] udevd[3717]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2739.031140][T23031] usb 2-1: USB disconnect, device number 57
[ 2739.298843][ T3717] udevd[3717]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2739.641152][ T3798] sctp: [Deprecated]: syz.1.7901 (pid 3798) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2739.641152][ T3798] Use struct sctp_sack_info instead
[ 2739.694973][ T3799] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7902'.
[ 2739.949765][ T3805] binder: 3804:3805 ioctl c0306201 200003c0 returned -14
[ 2740.157668][T31932] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 2740.237651][T23031] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 2740.377444][T31932] usb 3-1: Using ep0 maxpacket: 8
[ 2740.416551][T31932] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 2740.452157][T23031] usb 5-1: Using ep0 maxpacket: 8
[ 2740.467798][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2740.501943][T31932] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2740.522480][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2740.534106][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2740.548124][T23031] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2740.558500][T23031] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2740.568505][T23031] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2740.568606][T31932] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 2740.586528][T23031] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2740.603073][T23031] usb 5-1: config 0 descriptor??
[ 2740.630956][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2740.667306][T31932] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2740.697871][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2740.719771][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2740.738689][T31932] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 2740.746582][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2740.762351][T31932] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2740.774472][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2740.785915][T31932] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2740.804642][T31932] usb 3-1: string descriptor 0 read error: -22
[ 2740.811278][T31932] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2740.821646][T31932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2740.876325][T31932] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 2740.906302][T29096] usb 5-1: USB disconnect, device number 6
[ 2741.202221][ T3831] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7913'.
[ 2741.267898][ T5141] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 2741.457343][ T5141] usb 2-1: Using ep0 maxpacket: 8
[ 2741.470083][ T5141] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 2741.491739][ T5141] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 2741.525413][ T3836] netlink: 'syz.0.7915': attribute type 16 has an invalid length.
[ 2741.547884][ T3836] netlink: 'syz.0.7915': attribute type 3 has an invalid length.
[ 2741.547921][ T5141] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 2741.588883][ T3836] netlink: 'syz.0.7915': attribute type 1 has an invalid length.
[ 2741.603725][ T3836] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.7915'.
[ 2741.615869][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2741.854618][ T5141] usb 2-1: string descriptor 0 read error: -71
[ 2741.873923][ T5141] hub 2-1:32.0: USB hub found
[ 2741.898032][ T5141] hub 2-1:32.0: config failed, can't read hub descriptor (err -22)
[ 2741.999463][ T5141] usb 2-1: USB disconnect, device number 58
[ 2742.399281][ T3717] udevd[3717]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2742.490910][ T3846] fuse: Bad value for 'fd'
[ 2743.536472][ T3856] sctp: [Deprecated]: syz.3.7919 (pid 3856) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2743.536472][ T3856] Use struct sctp_sack_info instead
[ 2743.897452][T29096] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 2744.067390][T29096] usb 1-1: device descriptor read/64, error -71
[ 2744.390474][T29096] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 2744.512684][ T3867] FAULT_INJECTION: forcing a failure.
[ 2744.512684][ T3867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2744.552545][ T3867] CPU: 0 PID: 3867 Comm: syz.3.7923 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2744.562704][ T3867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2744.572795][ T3867] Call Trace:
[ 2744.576106][ T3867]  <TASK>
[ 2744.579241][ T3867]  dump_stack_lvl+0x241/0x360
[ 2744.583974][ T3867]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2744.589224][ T3867]  ? __pfx__printk+0x10/0x10
[ 2744.593868][ T3867]  ? snprintf+0xda/0x120
[ 2744.598148][ T3867]  should_fail_ex+0x3b0/0x4e0
[ 2744.602874][ T3867]  _copy_to_user+0x2f/0xb0
[ 2744.607334][ T3867]  simple_read_from_buffer+0xca/0x150
[ 2744.612757][ T3867]  proc_fail_nth_read+0x1e9/0x250
[ 2744.617826][ T3867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2744.623418][ T3867]  ? rw_verify_area+0x520/0x6b0
[ 2744.628313][ T3867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2744.633904][ T3867]  vfs_read+0x204/0xbc0
[ 2744.638094][ T3867]  ? __pfx_lock_release+0x10/0x10
[ 2744.643222][ T3867]  ? __pfx_vfs_read+0x10/0x10
[ 2744.647920][ T3867]  ? __fget_files+0x29/0x470
[ 2744.652711][ T3867]  ? __fget_files+0x3f6/0x470
[ 2744.657425][ T3867]  ksys_read+0x1a0/0x2c0
[ 2744.661712][ T3867]  ? __pfx_ksys_read+0x10/0x10
[ 2744.666504][ T3867]  ? do_syscall_64+0x100/0x230
[ 2744.671280][ T3867]  ? do_syscall_64+0xb6/0x230
[ 2744.675968][ T3867]  do_syscall_64+0xf3/0x230
[ 2744.680482][ T3867]  ? clear_bhb_loop+0x35/0x90
[ 2744.685175][ T3867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2744.691101][ T3867] RIP: 0033:0x7f969cb746bc
[ 2744.695534][ T3867] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 2744.715258][ T3867] RSP: 002b:00007f969d8be040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2744.723805][ T3867] RAX: ffffffffffffffda RBX: 00007f969cd03f60 RCX: 00007f969cb746bc
[ 2744.731806][ T3867] RDX: 000000000000000f RSI: 00007f969d8be0b0 RDI: 0000000000000004
[ 2744.739892][ T3867] RBP: 00007f969d8be0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2744.747884][ T3867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2744.755889][ T3867] R13: 000000000000000b R14: 00007f969cd03f60 R15: 00007ffc1ebb1898
[ 2744.763901][ T3867]  </TASK>
[ 2744.808218][T29096] usb 1-1: device descriptor read/64, error -71
[ 2744.939317][T29096] usb usb1-port1: attempt power cycle
[ 2745.048121][ T3873] netlink: 204644 bytes leftover after parsing attributes in process `syz.3.7925'.
[ 2745.069241][ T3875] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7924'.
[ 2745.324824][ T3878] binder: 3877:3878 ioctl c0306201 200003c0 returned -14
[ 2745.367749][T29096] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[ 2745.474001][T23020] usb 3-1: USB disconnect, device number 86
[ 2745.667709][T29089] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 2745.833411][ T3889] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7927'.
[ 2745.847365][ T3889] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7927'.
[ 2745.898549][T29089] usb 5-1: Using ep0 maxpacket: 8
[ 2745.981633][T29089] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2746.015481][T29089] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2746.074991][T29089] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2746.115455][T29089] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2746.139571][T29089] usb 5-1: config 0 descriptor??
[ 2746.467565][T31932] usb 5-1: USB disconnect, device number 7
[ 2746.487380][T23031] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 2746.728639][T23031] usb 2-1: Using ep0 maxpacket: 16
[ 2746.770817][T23031] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[ 2746.817340][T23031] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2746.825495][T23031] usb 2-1: Product: syz
[ 2746.867153][T23031] usb 2-1: Manufacturer: syz
[ 2746.874217][T23031] usb 2-1: SerialNumber: syz
[ 2746.909035][T23031] usb 2-1: config 0 descriptor??
[ 2746.930299][T23031] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 2747.534968][ T3907] sctp: [Deprecated]: syz.4.7933 (pid 3907) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2747.534968][ T3907] Use struct sctp_sack_info instead
[ 2749.570255][ T5141] usb 2-1: USB disconnect, device number 59
[ 2749.680574][ T3921] trusted_key: encrypted_key: insufficient parameters specified
[ 2749.897690][T31932] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 2750.283939][T31932] usb 5-1: Using ep0 maxpacket: 8
[ 2750.432144][T29096] usb 1-1: device descriptor read/8, error -110
[ 2750.435714][T31932] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 2750.473669][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2750.580523][T31932] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2750.607612][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2750.634751][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2750.651833][T31932] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 2750.667340][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2750.705976][T31932] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2750.735047][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2750.748254][T29096] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 2750.777056][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2750.795569][T31932] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 2750.827327][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2750.847741][T31932] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2750.887493][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2750.919976][T31932] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2750.937557][T31932] usb 5-1: string descriptor 0 read error: -22
[ 2750.944181][T31932] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2751.077622][T29096] usb 1-1: device not accepting address 96, error -71
[ 2751.078333][T31932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2751.109021][T29096] usb usb1-port1: unable to enumerate USB device
[ 2751.118613][T31932] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 2752.288150][ T3943] binder: 3942:3943 ioctl c0306201 200003c0 returned -14
[ 2752.647520][T29096] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 2752.698429][ T5141] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 2752.859817][T29096] usb 2-1: Using ep0 maxpacket: 8
[ 2752.877813][T29096] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2752.904215][T29096] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2752.947365][ T5141] usb 1-1: Using ep0 maxpacket: 32
[ 2752.957017][T29096] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2752.976453][ T5141] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2752.996772][T29096] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2752.996998][ T3955] sctp: [Deprecated]: syz.3.7946 (pid 3955) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2752.996998][ T3955] Use struct sctp_sack_info instead
[ 2753.005636][ T5141] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2753.065065][T29096] usb 2-1: config 0 descriptor??
[ 2753.078840][ T5141] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2753.115560][ T5141] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 2753.154955][ T5141] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2753.185775][ T5141] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2753.195450][ T5141] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2753.207827][ T5141] usb 1-1: Product: syz
[ 2753.224070][ T5141] usb 1-1: Manufacturer: syz
[ 2753.234520][ T5141] usb 1-1: SerialNumber: syz
[ 2753.360127][ T5137] usb 5-1: USB disconnect, device number 8
[ 2753.420448][T31932] usb 2-1: USB disconnect, device number 60
[ 2753.547537][ T5141] usb 1-1: 0:2 : does not exist
[ 2753.590814][ T5141] usb 1-1: USB disconnect, device number 97
[ 2753.881816][ T3717] udevd[3717]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2754.059386][T29096] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 2754.289002][T29096] usb 5-1: Using ep0 maxpacket: 16
[ 2754.424604][ T5137] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 2755.215920][T29096] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[ 2755.240370][ T3979] Invalid option length (208320) for dns_resolver key
[ 2755.257466][T29096] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2755.265602][T29096] usb 5-1: Product: syz
[ 2755.287124][T29096] usb 5-1: Manufacturer: syz
[ 2755.312661][T29096] usb 5-1: SerialNumber: syz
[ 2755.320303][ T3982] FAULT_INJECTION: forcing a failure.
[ 2755.320303][ T3982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2755.337492][ T3982] CPU: 1 PID: 3982 Comm: syz.0.7953 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2755.347608][ T3982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2755.357666][ T3982] Call Trace:
[ 2755.360981][ T3982]  <TASK>
[ 2755.363913][ T3982]  dump_stack_lvl+0x241/0x360
[ 2755.368608][ T3982]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2755.373817][ T3982]  ? __pfx__printk+0x10/0x10
[ 2755.378418][ T3982]  ? __pfx_lock_release+0x10/0x10
[ 2755.383531][ T3982]  ? __lock_acquire+0x1346/0x1fd0
[ 2755.388595][ T3982]  should_fail_ex+0x3b0/0x4e0
[ 2755.393294][ T3982]  _copy_from_user+0x2f/0xe0
[ 2755.397908][ T3982]  kstrtouint_from_user+0xc6/0x190
[ 2755.403049][ T3982]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 2755.408794][ T3982]  ? __pfx_lock_acquire+0x10/0x10
[ 2755.413852][ T3982]  proc_fail_nth_write+0xaa/0x2d0
[ 2755.418909][ T3982]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 2755.424811][ T3982]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 2755.430464][ T3982]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 2755.436126][ T3982]  vfs_write+0x2a2/0xc90
[ 2755.440400][ T3982]  ? __pfx_vfs_write+0x10/0x10
[ 2755.445187][ T3982]  ? __fget_files+0x29/0x470
[ 2755.449795][ T3982]  ? __fget_files+0x3f6/0x470
[ 2755.454508][ T3982]  ksys_write+0x1a0/0x2c0
[ 2755.458851][ T3982]  ? __pfx_ksys_write+0x10/0x10
[ 2755.463709][ T3982]  ? do_syscall_64+0x100/0x230
[ 2755.468483][ T3982]  ? do_syscall_64+0xb6/0x230
[ 2755.473160][ T3982]  do_syscall_64+0xf3/0x230
[ 2755.477693][ T3982]  ? clear_bhb_loop+0x35/0x90
[ 2755.482463][ T3982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2755.488365][ T3982] RIP: 0033:0x7f9d6777475f
[ 2755.492794][ T3982] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[ 2755.512405][ T3982] RSP: 002b:00007f9d685bc040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 2755.520852][ T3982] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9d6777475f
[ 2755.528924][ T3982] RDX: 0000000000000001 RSI: 00007f9d685bc0b0 RDI: 0000000000000004
[ 2755.536898][ T3982] RBP: 00007f9d685bc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2755.544868][ T3982] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 2755.552842][ T3982] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2755.560831][ T3982]  </TASK>
[ 2755.608800][T29096] usb 5-1: config 0 descriptor??
[ 2755.664899][T29096] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 2755.747474][ T5137] usb 4-1: Using ep0 maxpacket: 16
[ 2755.766519][ T5137] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 2755.783934][ T5137] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2755.797921][ T3986] FAULT_INJECTION: forcing a failure.
[ 2755.797921][ T3986] name failslab, interval 1, probability 0, space 0, times 0
[ 2755.827376][ T3986] CPU: 0 PID: 3986 Comm: syz.2.7955 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2755.833924][ T5137] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2755.837491][ T3986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2755.837510][ T3986] Call Trace:
[ 2755.837521][ T3986]  <TASK>
[ 2755.837532][ T3986]  dump_stack_lvl+0x241/0x360
[ 2755.837575][ T3986]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2755.837609][ T3986]  ? __pfx__printk+0x10/0x10
[ 2755.837645][ T3986]  ? __pfx___might_resched+0x10/0x10
[ 2755.837681][ T3986]  should_fail_ex+0x3b0/0x4e0
[ 2755.837719][ T3986]  ? proc_self_get_link+0xe0/0x170
[ 2755.837750][ T3986]  should_failslab+0x9/0x20
[ 2755.861574][ T3985] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[ 2755.862007][ T3986]  kmalloc_trace_noprof+0x6c/0x2c0
[ 2755.866682][ T3985] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2755.871877][ T3986]  proc_self_get_link+0xe0/0x170
[ 2755.889970][ T5137] usb 4-1: config 0 descriptor??
[ 2755.891669][ T3986]  ? __pfx_proc_self_get_link+0x10/0x10
[ 2755.909202][ T5137] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 2755.915345][ T3986]  pick_link+0x631/0xd50
[ 2755.915394][ T3986]  step_into+0xca9/0x1080
[ 2755.946891][ T3986]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 2755.952135][ T3986]  ? __d_lookup+0x85/0x7e0
[ 2755.956566][ T3986]  ? __d_lookup+0x727/0x7e0
[ 2755.961083][ T3986]  ? __d_lookup+0x85/0x7e0
[ 2755.965519][ T3986]  ? __pfx_step_into+0x10/0x10
[ 2755.970314][ T3986]  ? bpf_lsm_inode_permission+0x9/0x10
[ 2755.975792][ T3986]  ? security_inode_permission+0xb7/0x100
[ 2755.981639][ T3986]  link_path_walk+0x748/0xea0
[ 2755.986369][ T3986]  ? __pfx_link_path_walk+0x10/0x10
[ 2755.991612][ T3986]  ? init_file+0x15c/0x200
[ 2755.996052][ T3986]  path_openat+0x257/0x35f0
[ 2756.000602][ T3986]  ? mark_lock+0x9a/0x350
[ 2756.004943][ T3986]  ? __pfx_stack_trace_save+0x10/0x10
[ 2756.010336][ T3986]  ? __lock_acquire+0x1346/0x1fd0
[ 2756.015398][ T3986]  ? __lock_acquire+0x1346/0x1fd0
[ 2756.020444][ T3986]  ? __pfx_path_openat+0x10/0x10
[ 2756.025429][ T3986]  do_filp_open+0x235/0x490
[ 2756.029959][ T3986]  ? __pfx_do_filp_open+0x10/0x10
[ 2756.035031][ T3986]  ? _raw_spin_unlock+0x28/0x50
[ 2756.039905][ T3986]  ? alloc_fd+0x5a1/0x640
[ 2756.044257][ T3986]  do_sys_openat2+0x13e/0x1d0
[ 2756.048955][ T3986]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2756.054965][ T3986]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2756.060221][ T3986]  ? __fget_files+0x3f6/0x470
[ 2756.064922][ T3986]  __x64_sys_openat+0x247/0x2a0
[ 2756.069799][ T3986]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2756.075187][ T3986]  ? do_syscall_64+0x100/0x230
[ 2756.079961][ T3986]  ? do_syscall_64+0xb6/0x230
[ 2756.084646][ T3986]  do_syscall_64+0xf3/0x230
[ 2756.089158][ T3986]  ? clear_bhb_loop+0x35/0x90
[ 2756.093874][ T3986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2756.099789][ T3986] RIP: 0033:0x7f0281974610
[ 2756.104219][ T3986] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44
[ 2756.123921][ T3986] RSP: 002b:00007f0282787f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2756.132358][ T3986] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0281974610
[ 2756.140342][ T3986] RDX: 0000000000000002 RSI: 00007f0282787fb0 RDI: 00000000ffffff9c
[ 2756.148335][ T3986] RBP: 00007f0282787fb0 R08: 0000000000000000 R09: 00007f0282787ce7
[ 2756.156472][ T3986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 2756.164497][ T3986] R13: 000000000000000b R14: 00007f0281b03f60 R15: 00007ffdc04711b8
[ 2756.172605][ T3986]  </TASK>
[ 2756.187569][ T3985] vhci_hcd vhci_hcd.0: Device attached
[ 2756.422421][ T3988] vhci_hcd: cannot find a urb of seqnum 3 max seqnum 5
[ 2756.458190][   T35] vhci_hcd: stop threads
[ 2756.528904][ T3996] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2756.538000][ T3996] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2756.683666][ T3998] gfs2: gfs2 mount does not exist
[ 2757.289714][    T9] usb 11-1: new high-speed USB device number 8 using vhci_hcd
[ 2757.297801][   T35] vhci_hcd: release socket
[ 2757.302313][   T35] vhci_hcd: disconnect device
[ 2757.314311][    T9] usb 11-1: enqueue for inactive port 0
[ 2757.528095][    T9] vhci_hcd: vhci_device speed not set
[ 2757.676001][T23031] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 2757.897349][T23031] usb 2-1: Using ep0 maxpacket: 16
[ 2757.911780][T23031] usb 2-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[ 2757.921229][T23031] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2757.950157][T23031] usb 2-1: Product: syz
[ 2757.954487][T23031] usb 2-1: Manufacturer: syz
[ 2757.959324][T23031] usb 2-1: SerialNumber: syz
[ 2757.997760][T23031] usb 2-1: config 0 descriptor??
[ 2758.035031][T23031] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[ 2758.109003][T29096] usb 4-1: USB disconnect, device number 111
[ 2758.265776][T23031] gp8psk: usb in 128 operation failed.
[ 2758.292841][T23031] gp8psk: usb in 137 operation failed.
[ 2758.321172][T23031] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2758.379203][T23031] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[ 2758.419807][T29096] usb 5-1: USB disconnect, device number 9
[ 2758.431975][T23031] usb 2-1: media controller created
[ 2758.580382][T23031] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2758.648426][T23031] gp8psk_fe: Frontend revision 1 attached
[ 2758.668498][T23031] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[ 2758.706518][T23031] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[ 2758.780238][ T4013] sctp: [Deprecated]: syz.4.7960 (pid 4013) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2758.780238][ T4013] Use struct sctp_sack_info instead
[ 2758.982254][T23031] gp8psk: usb in 138 operation failed.
[ 2759.002401][T23031] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[ 2759.042017][ T4016] binder: 4015:4016 ioctl c0306201 200003c0 returned -14
[ 2759.047471][T23031] gp8psk: found Genpix USB device pID = 201 (hex)
[ 2759.107949][T23031] usb 2-1: USB disconnect, device number 61
[ 2759.390440][T23031] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[ 2759.507344][T31932] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 2759.711784][T31932] usb 1-1: Using ep0 maxpacket: 8
[ 2759.719691][T31932] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2759.747057][T31932] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2759.765518][T31932] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2759.775896][T31932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2759.836632][T31932] usb 1-1: config 0 descriptor??
[ 2760.011864][ T4032] FAULT_INJECTION: forcing a failure.
[ 2760.011864][ T4032] name failslab, interval 1, probability 0, space 0, times 0
[ 2760.084321][ T4032] CPU: 0 PID: 4032 Comm: syz.2.7965 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2760.094540][ T4032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2760.104643][ T4032] Call Trace:
[ 2760.107954][ T4032]  <TASK>
[ 2760.110915][ T4032]  dump_stack_lvl+0x241/0x360
[ 2760.115651][ T4032]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2760.120871][ T4032]  ? __pfx__printk+0x10/0x10
[ 2760.125481][ T4032]  ? netlink_insert+0x10b7/0x14b0
[ 2760.130517][ T4032]  should_fail_ex+0x3b0/0x4e0
[ 2760.135224][ T4032]  ? __alloc_skb+0x1c3/0x440
[ 2760.139863][ T4032]  should_failslab+0x9/0x20
[ 2760.144386][ T4032]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2760.150213][ T4032]  __alloc_skb+0x1c3/0x440
[ 2760.154647][ T4032]  ? __pfx___alloc_skb+0x10/0x10
[ 2760.159603][ T4032]  ? netlink_autobind+0xd6/0x2f0
[ 2760.164550][ T4032]  ? netlink_autobind+0x2b0/0x2f0
[ 2760.169687][ T4032]  netlink_sendmsg+0x631/0xcb0
[ 2760.174479][ T4032]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2760.179802][ T4032]  ? __import_iovec+0x536/0x820
[ 2760.184667][ T4032]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2760.189955][ T4032]  ? security_socket_sendmsg+0x87/0xb0
[ 2760.195427][ T4032]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2760.200725][ T4032]  __sock_sendmsg+0x221/0x270
[ 2760.205409][ T4032]  ____sys_sendmsg+0x525/0x7d0
[ 2760.210191][ T4032]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2760.215516][ T4032]  __sys_sendmsg+0x2b0/0x3a0
[ 2760.220265][ T4032]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2760.225387][ T4032]  ? vfs_write+0x7c4/0xc90
[ 2760.229858][ T4032]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2760.236203][ T4032]  ? do_syscall_64+0x100/0x230
[ 2760.240986][ T4032]  ? do_syscall_64+0xb6/0x230
[ 2760.245671][ T4032]  do_syscall_64+0xf3/0x230
[ 2760.250182][ T4032]  ? clear_bhb_loop+0x35/0x90
[ 2760.254865][ T4032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2760.260773][ T4032] RIP: 0033:0x7f0281975bd9
[ 2760.265191][ T4032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2760.284799][ T4032] RSP: 002b:00007f0282788048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2760.293217][ T4032] RAX: ffffffffffffffda RBX: 00007f0281b03f60 RCX: 00007f0281975bd9
[ 2760.301189][ T4032] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[ 2760.309249][ T4032] RBP: 00007f02827880a0 R08: 0000000000000000 R09: 0000000000000000
[ 2760.317253][ T4032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2760.325253][ T4032] R13: 000000000000000b R14: 00007f0281b03f60 R15: 00007ffdc04711b8
[ 2760.333247][ T4032]  </TASK>
[ 2760.394198][T31932] usb 1-1: USB disconnect, device number 98
[ 2760.946820][ T4039] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2760.956301][ T4039] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2761.038779][ T4040] gfs2: gfs2 mount does not exist
[ 2762.101043][ T4042] Bluetooth: MGMT ver 1.22
[ 2762.737559][T31932] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 2762.745259][ T5137] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 2762.937387][ T5137] usb 1-1: Using ep0 maxpacket: 16
[ 2762.954264][T31932] usb 3-1: Using ep0 maxpacket: 16
[ 2762.993092][ T5137] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 2763.041958][ T5137] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2763.057836][T31932] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[ 2763.077359][T31932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2763.106196][ T5137] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2763.116748][T31932] usb 3-1: Product: syz
[ 2763.152445][ T5137] usb 1-1: config 0 descriptor??
[ 2763.157708][T31932] usb 3-1: Manufacturer: syz
[ 2763.162387][T31932] usb 3-1: SerialNumber: syz
[ 2763.191602][ T5137] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 2763.216979][T31932] usb 3-1: config 0 descriptor??
[ 2763.255423][T31932] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 2765.129417][ T4065] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7974'.
[ 2765.322212][ T5137] usb 3-1: USB disconnect, device number 87
[ 2765.462580][   T29] kauditd_printk_skb: 1 callbacks suppressed
[ 2765.462601][   T29] audit: type=1326 audit(1720842082.701:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4068 comm="syz.2.7976" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0281975bd9 code=0x0
[ 2765.532509][ T4067] UBIFS error (pid: 4067): cannot open "./file0", error -22
[ 2765.534917][    T9] usb 1-1: USB disconnect, device number 99
[ 2765.853789][ T4079] binder: 4078:4079 ioctl c0306201 200003c0 returned -14
[ 2767.027915][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 2767.558678][    T9] usb 5-1: Using ep0 maxpacket: 8
[ 2767.590797][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2767.737732][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2767.746902][    T9] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2767.770084][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2767.794503][    T9] usb 5-1: config 0 descriptor??
[ 2767.987408][ T4102] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7985'.
[ 2768.359866][ T4105] program syz.2.7986 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2768.404024][    T9] usb 5-1: USB disconnect, device number 10
[ 2768.859161][ T4118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7990'.
[ 2768.911129][ T4118] vxcan3: entered promiscuous mode
[ 2768.943544][ T4118] netlink: 52 bytes leftover after parsing attributes in process `syz.3.7990'.
[ 2768.978958][ T4118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7990'.
[ 2769.148253][    T9] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[ 2769.235106][ T4125] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2769.370628][    T9] usb 3-1: Using ep0 maxpacket: 16
[ 2769.380533][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 2769.397630][    T9] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2769.415831][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2769.446595][    T9] usb 3-1: config 0 descriptor??
[ 2769.471901][    T9] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 2770.505322][ T4141] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7997'.
[ 2770.536535][ T4141] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7997'.
[ 2770.815014][ T4144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7998'.
[ 2770.904839][T29096] usb 3-1: USB disconnect, device number 88
[ 2772.189593][ T4157] binder: 4156:4157 ioctl c0306201 200003c0 returned -14
[ 2772.220622][ T4160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8004'.
[ 2772.418992][ T4166] team0: Port device bridge1 added
[ 2772.567467][T29096] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[ 2773.117445][T29096] usb 1-1: Using ep0 maxpacket: 8
[ 2773.124855][T29096] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2773.158008][T29096] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2773.167048][T29096] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2773.378771][T29096] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2773.429218][T29096] usb 1-1: config 0 descriptor??
[ 2773.464075][ T4181] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2773.473279][ T4181] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2773.498685][T31932] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 2773.546451][ T4182] gfs2: gfs2 mount does not exist
[ 2773.763013][T31932] usb 2-1: Using ep0 maxpacket: 8
[ 2774.328499][T31932] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 2774.341886][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2774.448444][T31932] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2774.466736][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2774.481372][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2774.524522][T31932] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 2774.532823][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2774.560092][T29096] usb 1-1: USB disconnect, device number 100
[ 2774.586367][T31932] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2774.623818][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2774.863013][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2774.882096][T31932] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 2774.892377][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2774.906301][T31932] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2774.919481][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2775.168672][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 2775.583344][T31932] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2775.649745][T31932] usb 2-1: string descriptor 0 read error: -71
[ 2775.665339][T31932] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2775.686203][T31932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2775.730489][T31932] usb 2-1: can't set config #168, error -71
[ 2775.753863][ T4190] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8012'.
[ 2775.754846][T31932] usb 2-1: USB disconnect, device number 62
[ 2775.839923][ T4190] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8012'.
[ 2776.695461][ T4205] FAULT_INJECTION: forcing a failure.
[ 2776.695461][ T4205] name failslab, interval 1, probability 0, space 0, times 0
[ 2776.852253][ T4205] CPU: 1 PID: 4205 Comm: syz.0.8014 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2776.862391][ T4205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2776.872649][ T4205] Call Trace:
[ 2776.875953][ T4205]  <TASK>
[ 2776.878908][ T4205]  dump_stack_lvl+0x241/0x360
[ 2776.883722][ T4205]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2776.888962][ T4205]  ? __pfx__printk+0x10/0x10
[ 2776.893596][ T4205]  ? netlink_insert+0x10b7/0x14b0
[ 2776.898693][ T4205]  should_fail_ex+0x3b0/0x4e0
[ 2776.903427][ T4205]  ? __alloc_skb+0x1c3/0x440
[ 2776.908061][ T4205]  should_failslab+0x9/0x20
[ 2776.912599][ T4205]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2776.918445][ T4205]  __alloc_skb+0x1c3/0x440
[ 2776.922896][ T4205]  ? __pfx___alloc_skb+0x10/0x10
[ 2776.927859][ T4205]  ? __rcu_read_unlock+0xa1/0x110
[ 2776.932920][ T4205]  ? netlink_autobind+0xd6/0x2f0
[ 2776.937896][ T4205]  ? netlink_autobind+0x2b0/0x2f0
[ 2776.942954][ T4205]  netlink_sendmsg+0x631/0xcb0
[ 2776.947780][ T4205]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2776.953113][ T4205]  ? __import_iovec+0x536/0x820
[ 2776.957999][ T4205]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2776.963329][ T4205]  ? security_socket_sendmsg+0x87/0xb0
[ 2776.968847][ T4205]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2776.974173][ T4205]  __sock_sendmsg+0x221/0x270
[ 2776.978896][ T4205]  ____sys_sendmsg+0x525/0x7d0
[ 2776.983716][ T4205]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2776.989164][ T4205]  __sys_sendmsg+0x2b0/0x3a0
[ 2776.993957][ T4205]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2776.999185][ T4205]  do_syscall_64+0xf3/0x230
[ 2777.003728][ T4205]  ? clear_bhb_loop+0x35/0x90
[ 2777.008482][ T4205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2777.014429][ T4205] RIP: 0033:0x7f9d67775bd9
[ 2777.018877][ T4205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2777.038537][ T4205] RSP: 002b:00007f9d685bc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2777.047006][ T4205] RAX: ffffffffffffffda RBX: 00007f9d67903f60 RCX: 00007f9d67775bd9
[ 2777.055019][ T4205] RDX: 0000000000000000 RSI: 000000002000c2c0 RDI: 0000000000000004
[ 2777.063050][ T4205] RBP: 00007f9d685bc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2777.071066][ T4205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2777.079160][ T4205] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2777.087179][ T4205]  </TASK>
[ 2777.868744][ T4223] FAULT_INJECTION: forcing a failure.
[ 2777.868744][ T4223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2777.905194][ T4223] CPU: 0 PID: 4223 Comm: syz.4.8022 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2777.915347][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2777.925452][ T4223] Call Trace:
[ 2777.928770][ T4223]  <TASK>
[ 2777.931726][ T4223]  dump_stack_lvl+0x241/0x360
[ 2777.936475][ T4223]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2777.941723][ T4223]  ? __pfx__printk+0x10/0x10
[ 2777.946362][ T4223]  ? __pfx_lock_release+0x10/0x10
[ 2777.951428][ T4223]  ? vfs_write+0x7c4/0xc90
[ 2777.955900][ T4223]  should_fail_ex+0x3b0/0x4e0
[ 2777.960636][ T4223]  _copy_from_user+0x2f/0xe0
[ 2777.965270][ T4223]  __sys_bpf+0x1a4/0x810
[ 2777.969570][ T4223]  ? __pfx___sys_bpf+0x10/0x10
[ 2777.974398][ T4223]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2777.980411][ T4223]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2777.986770][ T4223]  ? do_syscall_64+0x100/0x230
[ 2777.991564][ T4223]  __x64_sys_bpf+0x7c/0x90
[ 2777.996012][ T4223]  do_syscall_64+0xf3/0x230
[ 2778.000536][ T4223]  ? clear_bhb_loop+0x35/0x90
[ 2778.005232][ T4223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2778.011276][ T4223] RIP: 0033:0x7f6484175bd9
[ 2778.015727][ T4223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2778.035454][ T4223] RSP: 002b:00007f6484f82048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2778.043887][ T4223] RAX: ffffffffffffffda RBX: 00007f6484303f60 RCX: 00007f6484175bd9
[ 2778.051870][ T4223] RDX: 0000000000000050 RSI: 0000000020000180 RDI: 000000000000000a
[ 2778.059939][ T4223] RBP: 00007f6484f820a0 R08: 0000000000000000 R09: 0000000000000000
[ 2778.067927][ T4223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2778.076004][ T4223] R13: 000000000000000b R14: 00007f6484303f60 R15: 00007ffecbf29608
[ 2778.084003][ T4223]  </TASK>
[ 2778.087076][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2778.143865][ T4220] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2778.152722][ T4220] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2778.221890][ T4228] gfs2: gfs2 mount does not exist
[ 2779.644760][ T4234] binder: 4233:4234 ioctl c0306201 200003c0 returned -14
[ 2780.027992][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 2780.128917][T23020] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 2780.192811][ T4239] fuse: Bad value for 'fd'
[ 2780.577462][    T9] usb 5-1: Using ep0 maxpacket: 8
[ 2780.710950][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2780.761852][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2780.819900][    T9] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2780.890949][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2781.036345][    T9] usb 5-1: config 0 descriptor??
[ 2781.970188][T25080] usb 5-1: USB disconnect, device number 11
[ 2782.356308][ T4254] xt_ipcomp: unknown flags 12
[ 2784.052135][ T4278] overlayfs: failed to resolve './file0': -2
[ 2784.621730][   T29] audit: type=1326 audit(1720842101.861:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4282 comm="syz.0.8035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2785.026717][   T29] audit: type=1326 audit(1720842101.861:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4282 comm="syz.0.8035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2785.048409][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2785.156382][   T29] audit: type=1326 audit(1720842101.861:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4282 comm="syz.0.8035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2785.598669][   T29] audit: type=1326 audit(1720842101.861:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4282 comm="syz.0.8035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2785.685298][ T4300] fuse: Bad value for 'fd'
[ 2788.884969][ T4337] netlink: 'syz.3.8046': attribute type 16 has an invalid length.
[ 2789.017479][ T4337] netlink: 'syz.3.8046': attribute type 3 has an invalid length.
[ 2789.420971][ T4341] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2789.577617][T10493] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[ 2789.589074][ T9700] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 2789.807637][ T9700] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[ 2789.826569][ T9700] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2789.862489][ T9700] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 2789.888955][ T9700] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 2789.913795][ T9700] usb 5-1: Manufacturer: syz
[ 2789.943607][ T9700] usb 5-1: config 0 descriptor??
[ 2789.976848][ T4359] binder: 4357:4359 ioctl c0306201 200003c0 returned -14
[ 2790.028072][T10493] usb 3-1: Using ep0 maxpacket: 8
[ 2790.072456][T10493] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 2790.136817][T10493] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2790.358859][T10493] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2790.530962][T10493] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2790.592899][T10493] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2790.667114][T10493] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 2790.703537][T10493] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2790.711975][T29096] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 2790.804286][ T4368] FAULT_INJECTION: forcing a failure.
[ 2790.804286][ T4368] name failslab, interval 1, probability 0, space 0, times 0
[ 2790.812476][   T29] audit: type=1326 audit(1720842108.041:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2790.817069][ T4368] CPU: 1 PID: 4368 Comm: syz.0.8057 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2790.848588][ T4368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2790.858685][ T4368] Call Trace:
[ 2790.861999][ T4368]  <TASK>
[ 2790.864963][ T4368]  dump_stack_lvl+0x241/0x360
[ 2790.869699][ T4368]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2790.874954][ T4368]  ? __pfx__printk+0x10/0x10
[ 2790.879601][ T4368]  ? __pfx___might_resched+0x10/0x10
[ 2790.884935][ T4368]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2790.891057][ T4368]  should_fail_ex+0x3b0/0x4e0
[ 2790.895793][ T4368]  ? mas_alloc_nodes+0x26c/0x840
[ 2790.900754][ T4368]  should_failslab+0x9/0x20
[ 2790.905286][ T4368]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2790.910680][ T4368]  mas_alloc_nodes+0x26c/0x840
[ 2790.915478][ T4368]  mas_preallocate+0xfca/0x1730
[ 2790.920367][ T4368]  ? __pfx_mas_preallocate+0x10/0x10
[ 2790.925688][ T4368]  ? __mas_set_range+0x133/0x3c0
[ 2790.930662][ T4368]  __split_vma+0x2e5/0xc30
[ 2790.935132][ T4368]  ? __pfx___split_vma+0x10/0x10
[ 2790.940132][ T4368]  vma_modify+0x194/0x350
[ 2790.944496][ T4368]  mlock_fixup+0x278/0x3b0
[ 2790.948957][ T4368]  apply_vma_lock_flags+0x31e/0x460
[ 2790.954202][ T4368]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[ 2790.959942][ T4368]  ? __down_write_common+0x162/0x200
[ 2790.965281][ T4368]  ? do_mlock+0x192/0x7b0
[ 2790.969649][ T4368]  do_mlock+0x535/0x7b0
[ 2790.973912][ T4368]  ? __pfx_do_mlock+0x10/0x10
[ 2790.978618][ T4368]  ? __secure_computing+0x125/0x370
[ 2790.983838][ T4368]  __x64_sys_mlock2+0xad/0xd0
[ 2790.988548][ T4368]  do_syscall_64+0xf3/0x230
[ 2790.993079][ T4368]  ? clear_bhb_loop+0x35/0x90
[ 2790.997881][ T4368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2791.003800][ T4368] RIP: 0033:0x7f9d67775bd9
[ 2791.008229][ T4368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2791.027842][ T4368] RSP: 002b:00007f9d685bc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[ 2791.036291][ T4368] RAX: ffffffffffffffda RBX: 00007f9d67903f60 RCX: 00007f9d67775bd9
[ 2791.044283][ T4368] RDX: 0000000000000000 RSI: 0000000000009000 RDI: 0000000020ff5000
[ 2791.052270][ T4368] RBP: 00007f9d685bc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2791.060251][ T4368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2791.068243][ T4368] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2791.076245][ T4368]  </TASK>
[ 2791.112371][ T4348] netlink: 'syz.2.8051': attribute type 2 has an invalid length.
[ 2791.137375][   T29] audit: type=1326 audit(1720842108.041:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2791.142150][ T4347] netlink: 9412 bytes leftover after parsing attributes in process `syz.4.8050'.
[ 2791.175547][ T4370] netlink: 'syz.1.8058': attribute type 16 has an invalid length.
[ 2791.195471][ T4370] netlink: 'syz.1.8058': attribute type 3 has an invalid length.
[ 2791.210490][ T9700] rc_core: IR keymap rc-hauppauge not found
[ 2791.217560][T29096] usb 4-1: Using ep0 maxpacket: 8
[ 2791.223023][T10493] usb 3-1: usb_control_msg returned -32
[ 2791.225460][ T9700] Registered IR keymap rc-empty
[ 2791.236175][   T29] audit: type=1326 audit(1720842108.041:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9d67774610 code=0x7ffc0000
[ 2791.238756][T10493] usbtmc 3-1:16.0: can't read capabilities
[ 2791.260794][ T9700] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 2791.296748][T29096] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2791.325383][ T9700] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input185
[ 2791.339058][T29096] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2791.346636][   T29] audit: type=1326 audit(1720842108.041:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9d6777475f code=0x7ffc0000
[ 2791.385240][   T29] audit: type=1326 audit(1720842108.041:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2791.394588][T29096] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2791.444902][ T9700] usb 5-1: USB disconnect, device number 12
[ 2791.461269][T29096] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2791.508770][   T29] audit: type=1326 audit(1720842108.341:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9d677746bc code=0x7ffc0000
[ 2791.549490][T29096] usb 4-1: config 0 descriptor??
[ 2791.566333][ T4380] FAULT_INJECTION: forcing a failure.
[ 2791.566333][ T4380] name failslab, interval 1, probability 0, space 0, times 0
[ 2791.599610][   T29] audit: type=1326 audit(1720842108.341:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9d6777475f code=0x7ffc0000
[ 2791.629417][ T4382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2791.653493][ T4380] CPU: 0 PID: 4380 Comm: syz.0.8060 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2791.658903][ T4382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2791.663603][ T4380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2791.681420][ T4380] Call Trace:
[ 2791.684734][ T4380]  <TASK>
[ 2791.687710][ T4380]  dump_stack_lvl+0x241/0x360
[ 2791.688376][   T29] audit: type=1326 audit(1720842108.341:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9d6777490a code=0x7ffc0000
[ 2791.692420][ T4380]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2791.692474][ T4380]  ? __pfx__printk+0x10/0x10
[ 2791.723615][ T4380]  should_fail_ex+0x3b0/0x4e0
[ 2791.728370][ T4380]  ? fib_create_info+0xa3f/0x2510
[ 2791.733482][ T4380]  should_failslab+0x9/0x20
[ 2791.738037][ T4380]  __kmalloc_noprof+0xd8/0x400
[ 2791.742869][ T4380]  fib_create_info+0xa3f/0x2510
[ 2791.747792][ T4380]  ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 2791.753563][ T4380]  ? __pfx_lock_release+0x10/0x10
[ 2791.758639][ T4380]  fib_table_insert+0x1f6/0x1f30
[ 2791.763644][ T4380]  ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 2791.769419][ T4380]  ? lwtunnel_valid_encap_type+0x265/0x5f0
[ 2791.774546][   T29] audit: type=1326 audit(1720842108.341:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2791.775249][ T4380]  ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 2791.802544][ T4380]  ? __pfx_fib_table_insert+0x10/0x10
[ 2791.807990][ T4380]  ? fib_new_table+0x120/0x2d0
[ 2791.812825][ T4380]  inet_rtm_newroute+0x149/0x290
[ 2791.817825][ T4380]  ? __pfx_inet_rtm_newroute+0x10/0x10
[ 2791.823334][ T4380]  ? do_syscall_64+0xf3/0x230
[ 2791.828076][ T4380]  ? __pfx_inet_rtm_newroute+0x10/0x10
[ 2791.833677][ T4380]  rtnetlink_rcv_msg+0x89b/0x1180
[ 2791.835135][   T29] audit: type=1326 audit(1720842108.341:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4367 comm="syz.0.8057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67775bd9 code=0x7ffc0000
[ 2791.838723][ T4380]  ? rtnetlink_rcv_msg+0x208/0x1180
[ 2791.838757][ T4380]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2791.838785][ T4380]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2791.838815][ T4380]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2791.838847][ T4380]  ? __local_bh_enable_ip+0x168/0x200
[ 2791.838872][ T4380]  ? lockdep_hardirqs_on+0x99/0x150
[ 2791.838909][ T4380]  ? __local_bh_enable_ip+0x168/0x200
[ 2791.838932][ T4380]  ? dev_hard_start_xmit+0x773/0x7e0
[ 2791.838969][ T4380]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 2791.839000][ T4380]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2791.839031][ T4380]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 2791.897497][T23020] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 2791.899366][ T4380]  ? __dev_queue_xmit+0x16c9/0x3d30
[ 2791.905194][    C1] raw-gadget.1 gadget.1: ignoring, device is not running
[ 2791.909787][ T4380]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 2791.945641][ T4380]  ? ref_tracker_free+0x643/0x7e0
[ 2791.950733][ T4380]  netlink_rcv_skb+0x1e3/0x430
[ 2791.955550][ T4380]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2791.961052][ T4380]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2791.966417][ T4380]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2791.971679][ T4380]  netlink_unicast+0x7ea/0x980
[ 2791.976520][ T4380]  ? __pfx_netlink_unicast+0x10/0x10
[ 2791.981863][ T4380]  ? __virt_addr_valid+0x183/0x530
[ 2791.987055][ T4380]  ? __check_object_size+0x49c/0x900
[ 2791.992396][ T4380]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2791.997822][ T4380]  netlink_sendmsg+0x8db/0xcb0
[ 2792.002653][ T4380]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2792.008004][ T4380]  ? __import_iovec+0x536/0x820
[ 2792.012905][ T4380]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2792.018267][ T4380]  ? security_socket_sendmsg+0x87/0xb0
[ 2792.023783][ T4380]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2792.029126][ T4380]  __sock_sendmsg+0x221/0x270
[ 2792.033854][ T4380]  ____sys_sendmsg+0x525/0x7d0
[ 2792.038684][ T4380]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2792.044067][ T4380]  __sys_sendmsg+0x2b0/0x3a0
[ 2792.048803][ T4380]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2792.053966][ T4380]  ? vfs_write+0x7c4/0xc90
[ 2792.058484][ T4380]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2792.064863][ T4380]  ? do_syscall_64+0x100/0x230
[ 2792.069679][ T4380]  ? do_syscall_64+0xb6/0x230
[ 2792.074399][ T4380]  do_syscall_64+0xf3/0x230
[ 2792.077513][T23020] usb 2-1: device descriptor read/64, error -32
[ 2792.078923][ T4380]  ? clear_bhb_loop+0x35/0x90
[ 2792.078957][ T4380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2792.095807][ T4380] RIP: 0033:0x7f9d67775bd9
[ 2792.100264][ T4380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2792.119925][ T4380] RSP: 002b:00007f9d685bc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2792.128394][ T4380] RAX: ffffffffffffffda RBX: 00007f9d67903f60 RCX: 00007f9d67775bd9
[ 2792.136412][ T4380] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[ 2792.144424][ T4380] RBP: 00007f9d685bc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2792.152435][ T4380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2792.160446][ T4380] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2792.168524][ T4380]  </TASK>
[ 2792.251516][ T4387] netlink: 'syz.4.8062': attribute type 27 has an invalid length.
[ 2792.321646][T10493] usb 4-1: USB disconnect, device number 113
[ 2792.347757][T23020] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 2792.484079][ T4395] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.8063'.
[ 2792.517642][T23020] usb 2-1: device descriptor read/64, error -71
[ 2792.635686][ T4398] FAULT_INJECTION: forcing a failure.
[ 2792.635686][ T4398] name failslab, interval 1, probability 0, space 0, times 0
[ 2792.649710][T23020] usb usb2-port1: attempt power cycle
[ 2792.665445][ T4398] CPU: 1 PID: 4398 Comm: syz.4.8065 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2792.675577][ T4398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2792.685696][ T4398] Call Trace:
[ 2792.689004][ T4398]  <TASK>
[ 2792.692029][ T4398]  dump_stack_lvl+0x241/0x360
[ 2792.696729][ T4398]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2792.701944][ T4398]  ? __pfx__printk+0x10/0x10
[ 2792.706556][ T4398]  ? ref_tracker_alloc+0x332/0x490
[ 2792.711690][ T4398]  should_fail_ex+0x3b0/0x4e0
[ 2792.716400][ T4398]  ? skb_clone+0x20c/0x390
[ 2792.720829][ T4398]  should_failslab+0x9/0x20
[ 2792.725438][ T4398]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2792.730838][ T4398]  skb_clone+0x20c/0x390
[ 2792.735121][ T4398]  __netlink_deliver_tap+0x3cc/0x7c0
[ 2792.740448][ T4398]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2792.745663][ T4398]  netlink_deliver_tap+0x19d/0x1b0
[ 2792.750789][ T4398]  netlink_unicast+0x7b8/0x980
[ 2792.755571][ T4398]  ? __pfx_netlink_unicast+0x10/0x10
[ 2792.760880][ T4398]  ? __virt_addr_valid+0x183/0x530
[ 2792.766036][ T4398]  ? __check_object_size+0x49c/0x900
[ 2792.771368][ T4398]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2792.776503][ T4398]  netlink_sendmsg+0x8db/0xcb0
[ 2792.781296][ T4398]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2792.786600][ T4398]  ? __import_iovec+0x536/0x820
[ 2792.791462][ T4398]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2792.796850][ T4398]  ? security_socket_sendmsg+0x87/0xb0
[ 2792.802438][ T4398]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2792.807861][ T4398]  __sock_sendmsg+0x221/0x270
[ 2792.812578][ T4398]  ____sys_sendmsg+0x525/0x7d0
[ 2792.817465][ T4398]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2792.822777][ T4398]  __sys_sendmsg+0x2b0/0x3a0
[ 2792.827383][ T4398]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2792.832507][ T4398]  ? vfs_write+0x7c4/0xc90
[ 2792.836971][ T4398]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2792.843332][ T4398]  ? do_syscall_64+0x100/0x230
[ 2792.848145][ T4398]  ? do_syscall_64+0xb6/0x230
[ 2792.852840][ T4398]  do_syscall_64+0xf3/0x230
[ 2792.857372][ T4398]  ? clear_bhb_loop+0x35/0x90
[ 2792.862095][ T4398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2792.868023][ T4398] RIP: 0033:0x7f6484175bd9
[ 2792.872448][ T4398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2792.892074][ T4398] RSP: 002b:00007f6484f82048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2792.900513][ T4398] RAX: ffffffffffffffda RBX: 00007f6484303f60 RCX: 00007f6484175bd9
[ 2792.908604][ T4398] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[ 2792.916864][ T4398] RBP: 00007f6484f820a0 R08: 0000000000000000 R09: 0000000000000000
[ 2792.924934][ T4398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2792.932915][ T4398] R13: 000000000000000b R14: 00007f6484303f60 R15: 00007ffecbf29608
[ 2792.940907][ T4398]  </TASK>
[ 2793.099233][T10493] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 2793.223960][ T5141] usb 3-1: USB disconnect, device number 89
[ 2793.556959][T23020] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 2793.580810][T10493] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 5
[ 2793.595282][T10493] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 2793.605122][T23020] usb 2-1: device descriptor read/8, error -71
[ 2793.616985][T10493] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2794.687245][T10493] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2794.707575][T10493] usb 1-1: SerialNumber: syz
[ 2795.090107][T10493] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[ 2795.108907][ T4423] FAULT_INJECTION: forcing a failure.
[ 2795.108907][ T4423] name failslab, interval 1, probability 0, space 0, times 0
[ 2795.138629][ T4423] CPU: 1 PID: 4423 Comm: syz.2.8075 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2795.148776][ T4423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2795.158883][ T4423] Call Trace:
[ 2795.162198][ T4423]  <TASK>
[ 2795.165179][ T4423]  dump_stack_lvl+0x241/0x360
[ 2795.170012][ T4423]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2795.175265][ T4423]  ? __pfx__printk+0x10/0x10
[ 2795.179913][ T4423]  ? ref_tracker_alloc+0x332/0x490
[ 2795.185076][ T4423]  should_fail_ex+0x3b0/0x4e0
[ 2795.189816][ T4423]  ? skb_clone+0x20c/0x390
[ 2795.194288][ T4423]  should_failslab+0x9/0x20
[ 2795.198844][ T4423]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2795.204272][ T4423]  skb_clone+0x20c/0x390
[ 2795.208581][ T4423]  __netlink_deliver_tap+0x3cc/0x7c0
[ 2795.213945][ T4423]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2795.219202][ T4423]  netlink_deliver_tap+0x19d/0x1b0
[ 2795.224370][ T4423]  netlink_unicast+0x7b8/0x980
[ 2795.229294][ T4423]  ? __pfx_netlink_unicast+0x10/0x10
[ 2795.234631][ T4423]  ? __virt_addr_valid+0x183/0x530
[ 2795.239804][ T4423]  ? __check_object_size+0x49c/0x900
[ 2795.245228][ T4423]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2795.250411][ T4423]  netlink_sendmsg+0x8db/0xcb0
[ 2795.255289][ T4423]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2795.260642][ T4423]  ? __import_iovec+0x536/0x820
[ 2795.265539][ T4423]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2795.270865][ T4423]  ? security_socket_sendmsg+0x87/0xb0
[ 2795.276386][ T4423]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2795.281722][ T4423]  __sock_sendmsg+0x221/0x270
[ 2795.286443][ T4423]  ____sys_sendmsg+0x525/0x7d0
[ 2795.291266][ T4423]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2795.296731][ T4423]  __sys_sendmsg+0x2b0/0x3a0
[ 2795.301381][ T4423]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2795.306539][ T4423]  ? vfs_write+0x7c4/0xc90
[ 2795.311072][ T4423]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2795.317442][ T4423]  ? do_syscall_64+0x100/0x230
[ 2795.322248][ T4423]  ? do_syscall_64+0xb6/0x230
[ 2795.326969][ T4423]  do_syscall_64+0xf3/0x230
[ 2795.331537][ T4423]  ? clear_bhb_loop+0x35/0x90
[ 2795.336256][ T4423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2795.338239][ T4428] FAULT_INJECTION: forcing a failure.
[ 2795.338239][ T4428] name failslab, interval 1, probability 0, space 0, times 0
[ 2795.342175][ T4423] RIP: 0033:0x7f0281975bd9
[ 2795.359307][ T4423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2795.378933][ T4423] RSP: 002b:00007f0282788048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2795.387369][ T4423] RAX: ffffffffffffffda RBX: 00007f0281b03f60 RCX: 00007f0281975bd9
[ 2795.395354][ T4423] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[ 2795.403375][ T4423] RBP: 00007f02827880a0 R08: 0000000000000000 R09: 0000000000000000
[ 2795.411382][ T4423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2795.419364][ T4423] R13: 000000000000000b R14: 00007f0281b03f60 R15: 00007ffdc04711b8
[ 2795.427361][ T4423]  </TASK>
[ 2795.477895][ T4428] CPU: 0 PID: 4428 Comm: syz.3.8076 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2795.488034][ T4428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2795.498132][ T4428] Call Trace:
[ 2795.501440][ T4428]  <TASK>
[ 2795.504418][ T4428]  dump_stack_lvl+0x241/0x360
[ 2795.509158][ T4428]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2795.514410][ T4428]  ? __pfx__printk+0x10/0x10
[ 2795.519064][ T4428]  should_fail_ex+0x3b0/0x4e0
[ 2795.523884][ T4428]  ? smack_sk_alloc_security+0xed/0x250
[ 2795.529474][ T4428]  should_failslab+0x9/0x20
[ 2795.534025][ T4428]  kmalloc_trace_noprof+0x6c/0x2c0
[ 2795.539192][ T4428]  smack_sk_alloc_security+0xed/0x250
[ 2795.544620][ T4428]  security_sk_alloc+0x75/0xb0
[ 2795.549435][ T4428]  sk_prot_alloc+0xfa/0x210
[ 2795.553994][ T4428]  sk_alloc+0x38/0x370
[ 2795.558113][ T4428]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2795.564054][ T4428]  sctp_v6_create_accept_sk+0x114/0x5a0
[ 2795.569753][ T4428]  ? __pfx_sctp_v6_create_accept_sk+0x10/0x10
[ 2795.575872][ T4428]  sctp_accept+0x57b/0x7a0
[ 2795.580332][ T4428]  ? file_init_path+0x437/0x580
[ 2795.585262][ T4428]  ? __pfx_sctp_accept+0x10/0x10
[ 2795.590255][ T4428]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 2795.596467][ T4428]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 2795.601737][ T4428]  inet_accept+0xb3/0x150
[ 2795.606118][ T4428]  do_accept+0x4bf/0x6c0
[ 2795.610424][ T4428]  ? __pfx_do_accept+0x10/0x10
[ 2795.615273][ T4428]  __sys_accept4+0x11e/0x1c0
[ 2795.619919][ T4428]  ? __pfx___sys_accept4+0x10/0x10
[ 2795.625075][ T4428]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2795.631448][ T4428]  ? do_syscall_64+0x100/0x230
[ 2795.636259][ T4428]  __x64_sys_accept+0x7d/0x90
[ 2795.640989][ T4428]  do_syscall_64+0xf3/0x230
[ 2795.645536][ T4428]  ? clear_bhb_loop+0x35/0x90
[ 2795.650263][ T4428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2795.656208][ T4428] RIP: 0033:0x7f969cb75bd9
[ 2795.660665][ T4428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2795.680422][ T4428] RSP: 002b:00007f969d89d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 2795.688919][ T4428] RAX: ffffffffffffffda RBX: 00007f969cd04038 RCX: 00007f969cb75bd9
[ 2795.697029][ T4428] RDX: 0000000020000180 RSI: 00000000200002c0 RDI: 0000000000000003
[ 2795.705045][ T4428] RBP: 00007f969d89d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2795.713064][ T4428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2795.721077][ T4428] R13: 000000000000006e R14: 00007f969cd04038 R15: 00007ffc1ebb1898
[ 2795.729201][ T4428]  </TASK>
[ 2795.766423][ T4431] binder: 4430:4431 ioctl c0306201 200003c0 returned -14
[ 2796.178179][T10493] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[ 2796.202853][ T4436] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8079'.
[ 2796.403882][T10493] usb 3-1: Using ep0 maxpacket: 8
[ 2796.416373][T10493] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2796.433566][T10493] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2796.443187][T10493] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2796.452801][T10493] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2796.468960][T10493] usb 3-1: config 0 descriptor??
[ 2796.540174][ T4444] FAULT_INJECTION: forcing a failure.
[ 2796.540174][ T4444] name failslab, interval 1, probability 0, space 0, times 0
[ 2796.553017][ T4444] CPU: 1 PID: 4444 Comm: syz.3.8081 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2796.563116][ T4444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2796.573247][ T4444] Call Trace:
[ 2796.576583][ T4444]  <TASK>
[ 2796.579550][ T4444]  dump_stack_lvl+0x241/0x360
[ 2796.584281][ T4444]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2796.589527][ T4444]  ? __pfx__printk+0x10/0x10
[ 2796.594160][ T4444]  ? __pfx___might_resched+0x10/0x10
[ 2796.599494][ T4444]  ? __lock_acquire+0x1346/0x1fd0
[ 2796.604554][ T4444]  should_fail_ex+0x3b0/0x4e0
[ 2796.609308][ T4444]  should_failslab+0x9/0x20
[ 2796.613845][ T4444]  __kmalloc_node_noprof+0xdf/0x440
[ 2796.619081][ T4444]  ? qdisc_alloc+0x97/0xa80
[ 2796.623639][ T4444]  qdisc_alloc+0x97/0xa80
[ 2796.628009][ T4444]  ? mark_lock+0x9a/0x350
[ 2796.632380][ T4444]  qdisc_create_dflt+0x62/0x4b0
[ 2796.637275][ T4444]  dev_activate+0x3c0/0x1240
[ 2796.641901][ T4444]  ? __dev_open+0x34a/0x450
[ 2796.646450][ T4444]  ? __pfx_dev_activate+0x10/0x10
[ 2796.651512][ T4444]  ? dev_set_rx_mode+0x233/0x2e0
[ 2796.656499][ T4444]  __dev_open+0x352/0x450
[ 2796.660864][ T4444]  ? __pfx___dev_open+0x10/0x10
[ 2796.665749][ T4444]  ? dev_set_rx_mode+0xb8/0x2e0
[ 2796.670645][ T4444]  __dev_change_flags+0x1e2/0x6f0
[ 2796.675727][ T4444]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2796.681764][ T4444]  ? __pfx___dev_change_flags+0x10/0x10
[ 2796.687376][ T4444]  ? rcu_is_watching+0x15/0xb0
[ 2796.692172][ T4444]  ? trace_contention_end+0x3c/0x120
[ 2796.697498][ T4444]  ? __mutex_lock+0x2ef/0xd70
[ 2796.702220][ T4444]  dev_change_flags+0x8b/0x1a0
[ 2796.707027][ T4444]  dev_ifsioc+0x7c8/0xe70
[ 2796.711401][ T4444]  ? __pfx_dev_ifsioc+0x10/0x10
[ 2796.716296][ T4444]  ? dev_load+0x21/0x1f0
[ 2796.720578][ T4444]  dev_ioctl+0x719/0x1340
[ 2796.724952][ T4444]  sock_do_ioctl+0x240/0x460
[ 2796.729578][ T4444]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 2796.734749][ T4444]  ? __asan_memset+0x23/0x50
[ 2796.739391][ T4444]  ? smack_file_ioctl+0x2a1/0x3a0
[ 2796.744481][ T4444]  sock_ioctl+0x629/0x8e0
[ 2796.748951][ T4444]  ? __pfx_sock_ioctl+0x10/0x10
[ 2796.753856][ T4444]  ? __fget_files+0x3f6/0x470
[ 2796.758564][ T4444]  ? __fget_files+0x29/0x470
[ 2796.763194][ T4444]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2796.768180][ T4444]  ? security_file_ioctl+0x87/0xb0
[ 2796.773328][ T4444]  ? __pfx_sock_ioctl+0x10/0x10
[ 2796.778230][ T4444]  __se_sys_ioctl+0xfc/0x170
[ 2796.782871][ T4444]  do_syscall_64+0xf3/0x230
[ 2796.787421][ T4444]  ? clear_bhb_loop+0x35/0x90
[ 2796.792145][ T4444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2796.798175][ T4444] RIP: 0033:0x7f969cb75bd9
[ 2796.802622][ T4444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2796.822265][ T4444] RSP: 002b:00007f969d87c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2796.830718][ T4444] RAX: ffffffffffffffda RBX: 00007f969cd04110 RCX: 00007f969cb75bd9
[ 2796.838719][ T4444] RDX: 0000000020000100 RSI: 0000000000008914 RDI: 0000000000000009
[ 2796.846713][ T4444] RBP: 00007f969d87c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2796.854707][ T4444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2796.862706][ T4444] R13: 000000000000006e R14: 00007f969cd04110 R15: 00007ffc1ebb1898
[ 2796.870728][ T4444]  </TASK>
[ 2796.877077][ T4444] pim6reg1: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 2796.886644][ T4444] pim6reg1: entered promiscuous mode
[ 2796.892101][ T4444] pim6reg1: entered allmulticast mode
[ 2796.990550][ T9700] usb 1-1: USB disconnect, device number 101
[ 2797.017347][T23020] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 2797.101965][T10493] usb 3-1: USB disconnect, device number 90
[ 2797.329478][T23020] usb 2-1: Using ep0 maxpacket: 16
[ 2797.354853][T23020] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2797.406328][T23020] usb 2-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[ 2797.447937][T23020] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2797.456433][T23020] usb 2-1: Product: syz
[ 2798.353916][T23020] usb 2-1: Manufacturer: syz
[ 2798.367251][T23020] usb 2-1: SerialNumber: syz
[ 2798.454306][T23020] usb 2-1: config 0 descriptor??
[ 2798.763022][ T5141] usb 2-1: USB disconnect, device number 67
[ 2798.889783][ T4469] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.8089'.
[ 2798.933751][ T4469] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.8089'.
[ 2798.944143][ T4469] netlink: 485 bytes leftover after parsing attributes in process `syz.2.8089'.
[ 2799.057445][ T5137] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 2799.231270][ T4482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8092'.
[ 2799.257549][ T5137] usb 1-1: Using ep0 maxpacket: 8
[ 2799.267061][ T5137] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 2799.328403][ T5137] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 2799.354222][ T5137] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 2799.365940][ T5137] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2799.374784][ T9700] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[ 2799.572808][ T9700] usb 4-1: Using ep0 maxpacket: 16
[ 2799.588701][ T9700] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[ 2799.612451][ T4492] syz.1.8093: attempt to access beyond end of device
[ 2799.612451][ T4492] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[ 2799.626529][ T9700] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2799.643679][ T9700] usb 4-1: Product: syz
[ 2799.656587][ T9700] usb 4-1: Manufacturer: syz
[ 2799.664435][ T9700] usb 4-1: SerialNumber: syz
[ 2799.673251][ T4492] exFAT-fs (loop1): unable to read boot sector
[ 2799.695919][ T9700] usb 4-1: config 0 descriptor??
[ 2799.707996][ T4492] exFAT-fs (loop1): failed to read boot sector
[ 2799.723921][ T9700] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 2799.734884][ T4492] exFAT-fs (loop1): failed to recognize exfat type
[ 2800.018712][   T29] audit: type=1326 audit(1720842117.251:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0281975bd9 code=0x7ffc0000
[ 2800.038357][ T4497] syz.2.8096 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 2800.092345][   T29] audit: type=1326 audit(1720842117.251:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0281975bd9 code=0x7ffc0000
[ 2800.169729][   T29] audit: type=1326 audit(1720842117.261:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f0281975bd9 code=0x7ffc0000
[ 2800.199054][   T29] audit: type=1326 audit(1720842117.321:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0281975bd9 code=0x7ffc0000
[ 2800.238298][   T29] audit: type=1326 audit(1720842117.321:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0281975bd9 code=0x7ffc0000
[ 2800.268603][   T29] audit: type=1326 audit(1720842117.361:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0281974610 code=0x7ffc0000
[ 2800.606370][ T5141] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[ 2800.632168][   T29] audit: type=1326 audit(1720842117.361:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f02819757db code=0x7ffc0000
[ 2801.599301][ T5141] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[ 2801.627579][   T29] audit: type=1326 audit(1720842117.361:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f02819757db code=0x7ffc0000
[ 2801.662740][ T5141] usb 3-1: config 0 has no interface number 0
[ 2801.675588][ T5141] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2801.697878][ T5141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2801.717084][   T29] audit: type=1326 audit(1720842117.361:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f02819757db code=0x7ffc0000
[ 2801.766136][ T5141] usb 3-1: config 0 descriptor??
[ 2801.803126][ T5141] cp210x 3-1:0.3: cp210x converter detected
[ 2801.821282][ T4508] binder: 4507:4508 ioctl c0306201 200003c0 returned -14
[ 2801.827502][ T5137] usb 1-1: string descriptor 0 read error: -71
[ 2801.837288][   T29] audit: type=1326 audit(1720842117.361:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4496 comm="syz.2.8096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f02819757db code=0x7ffc0000
[ 2801.850410][ T5137] hub 1-1:32.0: USB hub found
[ 2801.948354][ T5137] hub 1-1:32.0: config failed, can't read hub descriptor (err -22)
[ 2802.071203][ T5141] cp210x 3-1:0.3: failed to get vendor val 0x370b size 1: -121
[ 2802.167360][T10493] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 2802.200180][ T5141] cp210x 3-1:0.3: querying part number failed
[ 2802.213534][T23020] usb 4-1: USB disconnect, device number 114
[ 2802.322690][ T4519] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2802.332915][ T4519] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2802.416858][ T4521] gfs2: gfs2 mount does not exist
[ 2802.450046][ T5137] usb 1-1: USB disconnect, device number 102
[ 2803.269511][T10493] usb 5-1: Using ep0 maxpacket: 8
[ 2803.365121][ T5141] usb 3-1: cp210x converter now attached to ttyUSB0
[ 2803.386530][T10493] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2803.445753][ T5141] usb 3-1: USB disconnect, device number 91
[ 2803.452086][T10493] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2803.498558][T10493] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 2803.509347][ T5141] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2803.523558][ T4532] netlink: 4580 bytes leftover after parsing attributes in process `syz.3.8102'.
[ 2803.530647][ T5141] cp210x 3-1:0.3: device disconnected
[ 2803.545212][ T4349] udevd[4349]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2803.567355][T10493] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2803.597074][T10493] usb 5-1: config 0 descriptor??
[ 2803.766248][ T4532] netlink: 4580 bytes leftover after parsing attributes in process `syz.3.8102'.
[ 2803.800260][ T4532] netlink: 485 bytes leftover after parsing attributes in process `syz.3.8102'.
[ 2803.897798][ T5141] usb 5-1: USB disconnect, device number 13
[ 2804.541892][ T4540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8105'.
[ 2805.147928][T23020] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[ 2805.279676][ T4560] fuse: Bad value for 'fd'
[ 2805.377349][T23020] usb 4-1: device descriptor read/64, error -71
[ 2806.377559][T23020] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 2806.627805][T23020] usb 4-1: device descriptor read/64, error -71
[ 2806.632741][ T4573] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2806.694907][ T4575] netlink: 'syz.0.8114': attribute type 1 has an invalid length.
[ 2806.703133][ T4575] netlink: 'syz.0.8114': attribute type 4 has an invalid length.
[ 2806.725512][ T4578] misc userio: No port type given on /dev/userio
[ 2806.725979][ T4575] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.8114'.
[ 2806.768686][T23020] usb usb4-port1: attempt power cycle
[ 2806.803808][ T4582] netlink: 4580 bytes leftover after parsing attributes in process `syz.0.8116'.
[ 2806.815339][ T4582] netlink: 4580 bytes leftover after parsing attributes in process `syz.0.8116'.
[ 2806.824789][ T4582] netlink: 485 bytes leftover after parsing attributes in process `syz.0.8116'.
[ 2807.168397][T31932] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 2807.187303][T23020] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 2807.232333][T23020] usb 4-1: device descriptor read/8, error -71
[ 2807.357475][T31932] usb 2-1: Using ep0 maxpacket: 8
[ 2807.373583][T31932] usb 2-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[ 2807.389745][T31932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2807.413671][T31932] usb 2-1: Product: syz
[ 2807.421063][T31932] usb 2-1: Manufacturer: syz
[ 2807.426451][T31932] usb 2-1: SerialNumber: syz
[ 2807.452976][T31932] usb 2-1: config 0 descriptor??
[ 2807.469727][T31932] option 2-1:0.0: GSM modem (1-port) converter detected
[ 2807.517662][T23020] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 2807.559605][T23020] usb 4-1: device descriptor read/8, error -71
[ 2807.600851][ T4597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8120'.
[ 2807.689215][T23020] usb usb4-port1: unable to enumerate USB device
[ 2807.745677][ T5141] usb 2-1: USB disconnect, device number 68
[ 2807.769105][ T5141] option 2-1:0.0: device disconnected
[ 2807.825048][ T4600] fuse: Bad value for 'fd'
[ 2807.954875][ T4605] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8123'.
[ 2809.204568][ T4628] fuse: Bad value for 'fd'
[ 2811.629317][ T4642] __nla_validate_parse: 3 callbacks suppressed
[ 2811.629344][ T4642] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8131'.
[ 2811.729806][ T4651] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8136'.
[ 2811.760860][ T4652] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8138'.
[ 2811.831085][ T4652] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8138'.
[ 2811.904483][ T4652] netlink: 485 bytes leftover after parsing attributes in process `syz.4.8138'.
[ 2813.610160][ T4663] dccp_close: ABORT with 4539 bytes unread
[ 2813.804354][ T4684] netlink: 'syz.4.8146': attribute type 16 has an invalid length.
[ 2813.804583][ T4687] netlink: 'syz.1.8147': attribute type 2 has an invalid length.
[ 2813.852443][ T4684] netlink: 'syz.4.8146': attribute type 3 has an invalid length.
[ 2813.896680][ T4690] fuse: Bad value for 'fd'
[ 2814.155341][ T4698] netlink: 4580 bytes leftover after parsing attributes in process `syz.1.8150'.
[ 2814.173242][ T4696] netlink: 56 bytes leftover after parsing attributes in process `syz.4.8149'.
[ 2814.183610][ T4698] netlink: 4580 bytes leftover after parsing attributes in process `syz.1.8150'.
[ 2814.183641][ T4698] netlink: 485 bytes leftover after parsing attributes in process `syz.1.8150'.
[ 2814.219279][ T4699] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.8151'.
[ 2814.230206][ T4683] kexec: Could not allocate control_code_buffer
[ 2816.239286][T31932] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 2816.448676][T31932] usb 5-1: Using ep0 maxpacket: 8
[ 2816.459438][T31932] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2816.494131][T31932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2816.545283][T31932] usb 5-1: config 0 descriptor??
[ 2816.694007][ T4746] __nla_validate_parse: 6 callbacks suppressed
[ 2816.694031][ T4746] netlink: 4580 bytes leftover after parsing attributes in process `syz.3.8165'.
[ 2816.764136][ T4746] netlink: 4580 bytes leftover after parsing attributes in process `syz.3.8165'.
[ 2816.799531][ T4746] netlink: 485 bytes leftover after parsing attributes in process `syz.3.8165'.
[ 2816.842401][T31932] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 2817.656429][ T4760] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8166'.
[ 2818.177673][ T5141] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 2818.424329][ T5141] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2818.443416][ T5141] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2818.457495][ T5141] usb 4-1: New USB device found, idVendor=056a, idProduct=0031, bcdDevice= 0.00
[ 2818.489864][ T5141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2818.508405][ T5141] usb 4-1: config 0 descriptor??
[ 2818.803402][T31932] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 2818.847976][T31932] asix 5-1:0.0: probe with driver asix failed with error -71
[ 2818.909094][T31932] usb 5-1: USB disconnect, device number 14
[ 2818.948632][ T4744] kexec: Could not allocate control_code_buffer
[ 2819.006802][ T4757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2819.046060][ T4757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2819.112969][ T4776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8170'.
[ 2819.266336][ T5141] usbhid 4-1:0.0: can't add hid device: -71
[ 2819.272944][ T5141] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2819.316404][ T5141] usb 4-1: USB disconnect, device number 119
[ 2820.770623][ T1099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2820.797649][T31932] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 2820.968235][T31932] usb 2-1: device descriptor read/64, error -71
[ 2821.001922][ T1099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2821.039709][ T4791] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8175'.
[ 2821.072522][   T29] kauditd_printk_skb: 22 callbacks suppressed
[ 2821.072543][   T29] audit: type=1326 audit(1720842138.311:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4788 comm="syz.2.8174" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0281975bd9 code=0x0
[ 2821.181418][ T1099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2821.249485][ T4796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8174'.
[ 2821.262335][T31932] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 2821.575196][T31932] usb 2-1: device descriptor read/64, error -71
[ 2821.848471][T31932] usb usb2-port1: attempt power cycle
[ 2821.925277][ T1099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2822.038607][T14969] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2822.053788][T14969] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2822.068544][T14969] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2822.081798][T14969] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2822.091014][T14969] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 2822.098274][ T4804] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.8177'.
[ 2822.098383][ T4804] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.8177'.
[ 2822.098403][ T4804] netlink: 485 bytes leftover after parsing attributes in process `syz.2.8177'.
[ 2822.138487][T14969] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2822.287458][T31932] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 2822.329133][T31932] usb 2-1: device descriptor read/8, error -71
[ 2822.511109][ T1099] bridge_slave_1: left allmulticast mode
[ 2822.527147][ T1099] bridge_slave_1: left promiscuous mode
[ 2822.767516][T31932] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 2822.849413][T31932] usb 2-1: device descriptor read/8, error -71
[ 2823.094539][T31932] usb usb2-port1: unable to enumerate USB device
[ 2823.112417][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2823.555017][ T1099] bridge_slave_0: left allmulticast mode
[ 2823.581493][ T1099] bridge_slave_0: left promiscuous mode
[ 2823.601480][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2823.638193][ T4823] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8182'.
[ 2823.733674][ T4827] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8183'.
[ 2823.964370][ T4822] kexec: Could not allocate control_code_buffer
[ 2824.117684][T23020] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 2824.210840][T14969] Bluetooth: hci1: command tx timeout
[ 2824.318213][T23020] usb 2-1: too many configurations: 65, using maximum allowed: 8
[ 2824.364449][T23020] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[ 2824.385802][T23020] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2824.834573][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2824.847554][ T9700] usb 2-1: USB disconnect, device number 73
[ 2824.872394][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2824.890676][ T1099] bond0 (unregistering): Released all slaves
[ 2824.914148][ T1099] bond1 (unregistering): Released all slaves
[ 2825.051689][ T4838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8186'.
[ 2825.359594][ T4850] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8190'.
[ 2825.418772][ T4850] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8190'.
[ 2825.452968][ T4850] netlink: 485 bytes leftover after parsing attributes in process `syz.4.8190'.
[ 2825.539215][ T4801] chnl_net:caif_netlink_parms(): no params data found
[ 2826.042399][ T4859] batadv_slave_1: entered promiscuous mode
[ 2826.162707][ T1099] hsr_slave_0: left promiscuous mode
[ 2826.220618][ T1099] hsr_slave_1: left promiscuous mode
[ 2826.267523][T14969] Bluetooth: hci1: command tx timeout
[ 2826.275164][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2826.295888][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2826.421488][ T1099] veth1_macvtap: left promiscuous mode
[ 2826.435908][ T1099] veth0_macvtap: left promiscuous mode
[ 2826.448640][ T1099] veth1_vlan: left promiscuous mode
[ 2826.462962][ T1099] veth0_vlan: left promiscuous mode
[ 2826.830377][ T4874] FAULT_INJECTION: forcing a failure.
[ 2826.830377][ T4874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2826.847422][ T4874] CPU: 1 PID: 4874 Comm: syz.0.8194 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2826.857561][ T4874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2826.867656][ T4874] Call Trace:
[ 2826.870972][ T4874]  <TASK>
[ 2826.873943][ T4874]  dump_stack_lvl+0x241/0x360
[ 2826.878773][ T4874]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2826.884046][ T4874]  ? __pfx__printk+0x10/0x10
[ 2826.888785][ T4874]  ? __pfx_lock_release+0x10/0x10
[ 2826.893866][ T4874]  should_fail_ex+0x3b0/0x4e0
[ 2826.898602][ T4874]  _copy_from_user+0x2f/0xe0
[ 2826.903242][ T4874]  video_usercopy+0x378/0x1180
[ 2826.908192][ T4874]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2826.913618][ T4874]  ? __pfx_video_usercopy+0x10/0x10
[ 2826.918854][ T4874]  ? smack_file_ioctl+0x2fa/0x3a0
[ 2826.923948][ T4874]  ? __fget_files+0x3f6/0x470
[ 2826.928685][ T4874]  ? __fget_files+0x29/0x470
[ 2826.933318][ T4874]  v4l2_ioctl+0x18c/0x1e0
[ 2826.937685][ T4874]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 2826.942595][ T4874]  __se_sys_ioctl+0xfc/0x170
[ 2826.947252][ T4874]  do_syscall_64+0xf3/0x230
[ 2826.951788][ T4874]  ? clear_bhb_loop+0x35/0x90
[ 2826.956497][ T4874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2826.962420][ T4874] RIP: 0033:0x7f9d67775bd9
[ 2826.966856][ T4874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2826.986525][ T4874] RSP: 002b:00007f9d685bc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2826.994981][ T4874] RAX: ffffffffffffffda RBX: 00007f9d67903f60 RCX: 00007f9d67775bd9
[ 2827.002980][ T4874] RDX: 0000000020000340 RSI: 00000000c0d05640 RDI: 0000000000000003
[ 2827.010976][ T4874] RBP: 00007f9d685bc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2827.018987][ T4874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2827.026970][ T4874] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2827.034984][ T4874]  </TASK>
[ 2827.365814][ T4889] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8198'.
[ 2828.347995][T14969] Bluetooth: hci1: command tx timeout
[ 2828.494254][ T4900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8199'.
[ 2828.594630][ T1099] team0 (unregistering): Port device team_slave_1 removed
[ 2828.690750][ T1099] team0 (unregistering): Port device team_slave_0 removed
[ 2829.696393][ T4904] netlink: 16410 bytes leftover after parsing attributes in process `syz.4.8200'.
[ 2829.724413][ T4864] batadv_slave_1: left promiscuous mode
[ 2829.745808][ T4801] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2829.776360][ T4801] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2829.806307][ T4801] bridge_slave_0: entered allmulticast mode
[ 2829.829048][ T4801] bridge_slave_0: entered promiscuous mode
[ 2829.845460][ T4801] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2829.866772][ T4801] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2829.884334][ T4801] bridge_slave_1: entered allmulticast mode
[ 2829.884449][ T4910] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8202'.
[ 2829.903529][ T4801] bridge_slave_1: entered promiscuous mode
[ 2829.937018][ T4910] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8202'.
[ 2829.958318][ T4910] netlink: 485 bytes leftover after parsing attributes in process `syz.4.8202'.
[ 2830.429590][T14969] Bluetooth: hci1: command tx timeout
[ 2830.525787][ T4801] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2830.935994][ T4801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2831.321904][T23020] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 2831.327131][ T4801] team0: Port device team_slave_0 added
[ 2831.402724][ T4801] team0: Port device team_slave_1 added
[ 2831.539679][T23020] usb 1-1: Using ep0 maxpacket: 8
[ 2831.569186][T23020] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 2831.600692][T23020] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2831.633710][T23020] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2831.651571][ T4801] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2831.685360][ T4801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2831.688396][T23020] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2831.739336][T23020] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2831.753282][T23020] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 2831.765906][T23020] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2831.774426][ T4801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2831.806400][ T4801] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2831.813890][ T4801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2831.886111][ T4801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2832.006177][ T4930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2832.067335][T23020] usb 1-1: usb_control_msg returned -32
[ 2832.072991][T23020] usbtmc 1-1:16.0: can't read capabilities
[ 2832.123960][ T4930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2832.405936][ T4801] hsr_slave_0: entered promiscuous mode
[ 2832.423659][ T4938] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8210'.
[ 2832.469493][ T4801] hsr_slave_1: entered promiscuous mode
[ 2832.483490][ T4801] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2832.495152][ T4801] Cannot create hsr debugfs directory
[ 2832.647779][ T4941] usbtmc 1-1:16.0: usb_control_msg returned -32
[ 2832.663541][T29096] usb 1-1: USB disconnect, device number 103
[ 2832.776399][ T4944] FAULT_INJECTION: forcing a failure.
[ 2832.776399][ T4944] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2832.837282][ T4944] CPU: 0 PID: 4944 Comm: syz.4.8212 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2832.847501][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2832.860943][ T4944] Call Trace:
[ 2832.861055][ T4944]  <TASK>
[ 2832.861069][ T4944]  dump_stack_lvl+0x241/0x360
[ 2832.861120][ T4944]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2832.861159][ T4944]  ? __pfx__printk+0x10/0x10
[ 2832.861210][ T4944]  should_fail_ex+0x3b0/0x4e0
[ 2832.861254][ T4944]  prepare_alloc_pages+0x1da/0x5d0
[ 2832.861298][ T4944]  __alloc_pages_noprof+0x166/0x6c0
[ 2832.861335][ T4944]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 2832.861383][ T4944]  ? __pfx_lock_release+0x10/0x10
[ 2832.861425][ T4944]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 2832.861465][ T4944]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 2832.861508][ T4944]  vma_alloc_folio_noprof+0xf3/0x1f0
[ 2832.861539][ T4944]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 2832.861578][ T4944]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 2832.861614][ T4944]  ? __anon_vma_prepare+0x3e5/0x4a0
[ 2832.861653][ T4944]  folio_prealloc+0x31/0x170
[ 2832.861689][ T4944]  handle_pte_fault+0x257b/0x7090
[ 2832.861750][ T4944]  ? __pfx_handle_pte_fault+0x10/0x10
[ 2832.861790][ T4944]  ? __pfx_lock_acquire+0x10/0x10
[ 2832.861819][ T4944]  ? __pmd_alloc+0x50b/0x630
[ 2832.861850][ T4944]  ? __pfx_lock_release+0x10/0x10
[ 2832.861875][ T4944]  ? do_raw_spin_lock+0x14f/0x370
[ 2832.861922][ T4944]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 2832.861966][ T4944]  ? _raw_spin_unlock+0x28/0x50
[ 2832.861991][ T4944]  ? __pmd_alloc+0x50b/0x630
[ 2832.862025][ T4944]  ? __pfx___pmd_alloc+0x10/0x10
[ 2832.862069][ T4944]  handle_mm_fault+0xfb0/0x19d0
[ 2832.862130][ T4944]  ? __pfx_handle_mm_fault+0x10/0x10
[ 2832.862180][ T4944]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2832.862215][ T4944]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 2832.862248][ T4944]  exc_page_fault+0x2b9/0x8c0
[ 2832.862290][ T4944]  asm_exc_page_fault+0x26/0x30
[ 2832.862326][ T4944] RIP: 0010:__put_user_4+0x11/0x20
[ 2832.862360][ T4944] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 2832.862381][ T4944] RSP: 0018:ffffc9000ccf79d8 EFLAGS: 00050202
[ 2832.862405][ T4944] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020000040
[ 2832.862429][ T4944] RDX: 0000000000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f54c0
[ 2832.862447][ T4944] RBP: ffffc9000ccf7b50 R08: ffffffff8fac686f R09: 1ffffffff1f58d0d
[ 2832.862465][ T4944] R10: dffffc0000000000 R11: fffffbfff1f58d0e R12: ffffc9000ccf7a20
[ 2832.862485][ T4944] R13: 1ffff9200199ef44 R14: dffffc0000000000 R15: 1ffff9200199ef40
[ 2832.862525][ T4944]  sk_ioctl+0x369/0x680
[ 2832.862558][ T4944]  ? __pfx_sk_ioctl+0x10/0x10
[ 2832.862604][ T4944]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2832.862632][ T4944]  ? tomoyo_path_number_perm+0x208/0x880
[ 2832.862672][ T4944]  ? __pfx_lock_release+0x10/0x10
[ 2832.862704][ T4944]  inet6_ioctl+0x203/0x280
[ 2832.862743][ T4944]  ? __pfx_inet6_ioctl+0x10/0x10
[ 2832.862784][ T4944]  ? tomoyo_path_number_perm+0x71a/0x880
[ 2832.862838][ T4944]  sock_do_ioctl+0x158/0x460
[ 2832.862870][ T4944]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 2832.862908][ T4944]  ? __asan_memset+0x23/0x50
[ 2832.862941][ T4944]  ? smack_file_ioctl+0x2a1/0x3a0
[ 2832.862982][ T4944]  sock_ioctl+0x629/0x8e0
[ 2832.863009][ T4944]  ? __pfx_sock_ioctl+0x10/0x10
[ 2832.863050][ T4944]  ? __fget_files+0x3f6/0x470
[ 2832.863074][ T4944]  ? __fget_files+0x29/0x470
[ 2832.863106][ T4944]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2832.863132][ T4944]  ? security_file_ioctl+0x87/0xb0
[ 2832.863157][ T4944]  ? __pfx_sock_ioctl+0x10/0x10
[ 2832.863197][ T4944]  __se_sys_ioctl+0xfc/0x170
[ 2832.863236][ T4944]  do_syscall_64+0xf3/0x230
[ 2832.863261][ T4944]  ? clear_bhb_loop+0x35/0x90
[ 2832.863287][ T4944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2832.863323][ T4944] RIP: 0033:0x7f6484175bd9
[ 2832.863343][ T4944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2832.863364][ T4944] RSP: 002b:00007f6484f82048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2832.863408][ T4944] RAX: ffffffffffffffda RBX: 00007f6484303f60 RCX: 00007f6484175bd9
[ 2832.863432][ T4944] RDX: 0000000020000040 RSI: 0000000000005411 RDI: 0000000000000003
[ 2832.863449][ T4944] RBP: 00007f6484f820a0 R08: 0000000000000000 R09: 0000000000000000
[ 2832.863466][ T4944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2832.863481][ T4944] R13: 000000000000000b R14: 00007f6484303f60 R15: 00007ffecbf29608
[ 2832.863517][ T4944]  </TASK>
[ 2833.490318][ T4952] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8214'.
[ 2833.491095][ T4953] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8214'.
[ 2833.491635][ T4952] netlink: 'syz.4.8214': attribute type 10 has an invalid length.
[ 2833.511653][ T4952] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 2833.841557][ T4962] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8216'.
[ 2833.841670][ T4962] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8216'.
[ 2833.841691][ T4962] netlink: 485 bytes leftover after parsing attributes in process `syz.4.8216'.
[ 2834.077548][ T4968] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8218'.
[ 2834.077626][ T4968] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8218'.
[ 2834.077639][ T4968] netlink: 485 bytes leftover after parsing attributes in process `syz.4.8218'.
[ 2834.356072][ T4973] fuse: Unknown parameter 'gr00000000000000000000'
[ 2834.357743][T29096] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 2834.396836][ T4973] FAULT_INJECTION: forcing a failure.
[ 2834.396836][ T4973] name failslab, interval 1, probability 0, space 0, times 0
[ 2834.402907][ T4946] tty tty1: ldisc open failed (-12), clearing slot 0
[ 2834.482006][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2834.667342][T29096] usb 2-1: Using ep0 maxpacket: 8
[ 2834.672813][ T4973] CPU: 0 PID: 4973 Comm: syz.4.8220 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2834.682908][ T4973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2834.693017][ T4973] Call Trace:
[ 2834.696333][ T4973]  <TASK>
[ 2834.699298][ T4973]  dump_stack_lvl+0x241/0x360
[ 2834.704034][ T4973]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2834.706501][ T4801] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2834.709349][ T4973]  ? __pfx__printk+0x10/0x10
[ 2834.709390][ T4973]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2834.709417][ T4973]  ? stack_trace_save+0x118/0x1d0
[ 2834.731605][ T4973]  ? __lock_acquire+0x1346/0x1fd0
[ 2834.736651][ T4973]  should_fail_ex+0x3b0/0x4e0
[ 2834.741353][ T4973]  ? snd_pcm_hw_refine+0x965/0x1b40
[ 2834.746592][ T4973]  should_failslab+0x9/0x20
[ 2834.751223][ T4973]  __kmalloc_noprof+0xd8/0x400
[ 2834.756039][ T4973]  snd_pcm_hw_refine+0x965/0x1b40
[ 2834.761114][ T4973]  ? kmalloc_trace_noprof+0x19c/0x2c0
[ 2834.766519][ T4973]  ? snd_pcm_oss_change_params_locked+0x1b6/0x3d60
[ 2834.773048][ T4973]  ? snd_pcm_oss_sync+0x37d/0xc30
[ 2834.778202][ T4973]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[ 2834.783767][ T4973]  ? __asan_memset+0x23/0x50
[ 2834.788379][ T4973]  ? snd_pcm_oss_change_params_locked+0x689/0x3d60
[ 2834.794912][ T4973]  snd_pcm_oss_change_params_locked+0x7a8/0x3d60
[ 2834.801271][ T4973]  ? __pfx___might_resched+0x10/0x10
[ 2834.806579][ T4973]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2834.812534][ T4973]  ? trace_contention_end+0x3c/0x120
[ 2834.817957][ T4973]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 2834.824846][ T4973]  ? __pfx___mutex_lock+0x10/0x10
[ 2834.829911][ T4973]  ? __fput+0x6e0/0x8a0
[ 2834.834099][ T4973]  ? __pfx_lock_release+0x10/0x10
[ 2834.839232][ T4973]  snd_pcm_oss_sync+0x37d/0xc30
[ 2834.844117][ T4973]  snd_pcm_oss_release+0x11e/0x280
[ 2834.849254][ T4973]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 2834.854913][ T4973]  __fput+0x24a/0x8a0
[ 2834.859021][ T4973]  __x64_sys_close+0x7f/0x110
[ 2834.863727][ T4973]  do_syscall_64+0xf3/0x230
[ 2834.868246][ T4973]  ? clear_bhb_loop+0x35/0x90
[ 2834.872955][ T4973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2834.878890][ T4973] RIP: 0033:0x7f6484175bd9
[ 2834.883325][ T4973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2834.903239][ T4973] RSP: 002b:00007f6484f61048 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 2834.911691][ T4973] RAX: ffffffffffffffda RBX: 00007f6484304038 RCX: 00007f6484175bd9
[ 2834.919679][ T4973] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008
[ 2834.927679][ T4973] RBP: 00007f6484f610a0 R08: 0000000000000000 R09: 0000000000000000
[ 2834.935668][ T4973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2834.943671][ T4973] R13: 000000000000006e R14: 00007f6484304038 R15: 00007ffecbf29608
[ 2834.951724][ T4973]  </TASK>
[ 2834.965092][ T4801] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2834.994831][ T4801] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2835.028713][ T4801] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2835.079906][T29096] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 2835.091175][T29096] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 2835.116424][T29096] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 2835.140304][T29096] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2835.356063][ T4980] netlink: 48 bytes leftover after parsing attributes in process `syz.2.8222'.
[ 2835.391083][T29096] usb 2-1: string descriptor 0 read error: -71
[ 2835.419255][T29096] hub 2-1:32.0: USB hub found
[ 2835.430068][T29096] hub 2-1:32.0: config failed, can't read hub descriptor (err -22)
[ 2835.545317][T29096] usb 2-1: USB disconnect, device number 74
[ 2835.581213][ T4801] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2835.742406][ T4801] 8021q: adding VLAN 0 to HW filter on device team0
[ 2835.787063][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2835.794335][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2835.811289][ T4988] 9pnet_fd: Insufficient options for proto=fd
[ 2835.828685][ T9700] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2835.835982][ T9700] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2835.848783][ T4732] udevd[4732]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2835.877131][ T4989] overlay: ./bus is not a directory
[ 2836.515719][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 2836.929130][ T4993] vcan0: entered allmulticast mode
[ 2837.552143][ T4998] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8228'.
[ 2837.592957][ T4998] netlink: 4580 bytes leftover after parsing attributes in process `syz.4.8228'.
[ 2837.615339][ T4998] netlink: 485 bytes leftover after parsing attributes in process `syz.4.8228'.
[ 2837.668096][ T5000] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[ 2837.674686][ T5000] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2837.766503][ T5000] vhci_hcd vhci_hcd.0: Device attached
[ 2838.125172][ T5019] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8230'.
[ 2838.593927][T29096] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 2838.817329][ T9700] usb 13-1: new high-speed USB device number 6 using vhci_hcd
[ 2838.847841][T29096] usb 3-1: Using ep0 maxpacket: 16
[ 2838.873700][T29096] usb 3-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[ 2838.914127][T29096] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2838.965583][T29096] usb 3-1: Product: syz
[ 2839.001187][T29096] usb 3-1: Manufacturer: syz
[ 2839.014706][T29096] usb 3-1: SerialNumber: syz
[ 2839.032528][T29096] usb 3-1: config 0 descriptor??
[ 2839.075356][T29096] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[ 2839.362093][T29096] gp8psk: usb in 128 operation failed.
[ 2839.396344][T29096] gp8psk: usb in 137 operation failed.
[ 2839.414647][T29096] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2839.432142][T29096] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[ 2839.450747][T29096] usb 3-1: media controller created
[ 2839.598080][T29096] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2839.677485][ T5011] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 2839.688173][ T4801] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2839.699972][T29096] gp8psk_fe: Frontend revision 1 attached
[ 2839.720093][T29096] usb 3-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[ 2839.727522][ T5011] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 2839.748387][T29096] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[ 2839.922836][T29096] gp8psk: usb in 138 operation failed.
[ 2839.946483][T29096] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[ 2839.982140][T29096] gp8psk: found Genpix USB device pID = 201 (hex)
[ 2840.010919][T29096] usb 3-1: USB disconnect, device number 92
[ 2840.234433][ T5011] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2840.261287][ T4801] veth0_vlan: entered promiscuous mode
[ 2840.277591][ T5011] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 2840.286777][T29096] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[ 2840.317080][ T4801] veth1_vlan: entered promiscuous mode
[ 2840.449909][ T5011] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2840.469455][ T5011] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 2840.510536][ T4801] veth0_macvtap: entered promiscuous mode
[ 2840.531757][ T4801] veth1_macvtap: entered promiscuous mode
[ 2840.645448][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.672532][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.687921][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.703056][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.713610][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.725937][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.736631][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.750389][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.761521][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.773206][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.784099][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.796333][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.815567][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2840.857458][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.880629][ T4801] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2840.903039][ T5011] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2840.910019][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2840.910048][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.910062][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2840.910080][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.910097][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2840.910115][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2840.997652][ T5011] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 2841.026597][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2841.048465][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2841.070702][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2841.090265][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2841.114972][ T4801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2841.136223][ T4801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2841.159053][ T4801] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2841.175232][ T4801] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2841.186243][ T4801] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2841.198084][ T4801] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2841.207102][ T4801] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2841.553153][ T5060] FAULT_INJECTION: forcing a failure.
[ 2841.553153][ T5060] name failslab, interval 1, probability 0, space 0, times 0
[ 2841.578782][ T5060] CPU: 1 PID: 5060 Comm: syz.1.8238 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2841.588929][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2841.599017][ T5060] Call Trace:
[ 2841.602327][ T5060]  <TASK>
[ 2841.605284][ T5060]  dump_stack_lvl+0x241/0x360
[ 2841.610018][ T5060]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2841.615266][ T5060]  ? __pfx__printk+0x10/0x10
[ 2841.619911][ T5060]  ? __pfx___might_resched+0x10/0x10
[ 2841.625682][ T5060]  ? __memcg_slab_post_alloc_hook+0x20f/0x7e0
[ 2841.631889][ T5060]  should_fail_ex+0x3b0/0x4e0
[ 2841.636625][ T5060]  ? __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[ 2841.642832][ T5060]  should_failslab+0x9/0x20
[ 2841.647379][ T5060]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2841.652802][ T5060]  __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[ 2841.658763][ T5060]  kvm_mmu_load+0x115/0x26e0
[ 2841.663408][ T5060]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 2841.669091][ T5060]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2841.675115][ T5060]  ? __pfx_kvm_mmu_load+0x10/0x10
[ 2841.680182][ T5060]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2841.686294][ T5060]  ? __asan_memset+0x23/0x50
[ 2841.690932][ T5060]  ? vmx_flush_tlb_all+0xc6/0x3c0
[ 2841.696024][ T5060]  ? __pfx_vmx_flush_tlb_all+0x10/0x10
[ 2841.701496][ T5060]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2841.707507][ T5060]  ? kvm_apic_has_interrupt+0x9d4/0xa70
[ 2841.713115][ T5060]  ? vmx_get_nmi_mask+0xdf/0x1a0
[ 2841.718091][ T5060]  vcpu_run+0x6b72/0x87f0
[ 2841.722504][ T5060]  ? __pfx_vcpu_run+0x10/0x10
[ 2841.727229][ T5060]  ? __local_bh_enable_ip+0x168/0x200
[ 2841.732619][ T5060]  ? lockdep_hardirqs_on+0x99/0x150
[ 2841.737838][ T5060]  ? __pfx_lock_acquire+0x10/0x10
[ 2841.742882][ T5060]  ? fpu_swap_kvm_fpstate+0x82/0x460
[ 2841.748171][ T5060]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2841.753980][ T5060]  ? xfd_validate_state+0x6e/0x150
[ 2841.759103][ T5060]  ? rcu_is_watching+0x15/0xb0
[ 2841.763875][ T5060]  ? rcu_is_watching+0x15/0xb0
[ 2841.768665][ T5060]  kvm_arch_vcpu_ioctl_run+0xa7e/0x1920
[ 2841.774221][ T5060]  ? mark_lock+0x9a/0x350
[ 2841.778576][ T5060]  ? kvm_arch_vcpu_ioctl_run+0x1c9/0x1920
[ 2841.784597][ T5060]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 2841.790801][ T5060]  ? __pfx_lock_acquire+0x10/0x10
[ 2841.795845][ T5060]  ? get_task_pid+0x23/0x310
[ 2841.800575][ T5060]  ? __pfx_lock_release+0x10/0x10
[ 2841.805605][ T5060]  ? kvm_vcpu_ioctl+0x1d9/0xd00
[ 2841.810483][ T5060]  ? get_task_pid+0x23/0x310
[ 2841.815615][ T5060]  kvm_vcpu_ioctl+0x7f5/0xd00
[ 2841.820338][ T5060]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2841.825541][ T5060]  ? smack_file_ioctl+0x356/0x3a0
[ 2841.830581][ T5060]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 2841.835995][ T5060]  ? __fget_files+0x29/0x470
[ 2841.840602][ T5060]  ? __fget_files+0x3f6/0x470
[ 2841.845298][ T5060]  ? __fget_files+0x29/0x470
[ 2841.849911][ T5060]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2841.854860][ T5060]  ? security_file_ioctl+0x87/0xb0
[ 2841.859986][ T5060]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2841.865694][ T5060]  __se_sys_ioctl+0xfc/0x170
[ 2841.870312][ T5060]  do_syscall_64+0xf3/0x230
[ 2841.874881][ T5060]  ? clear_bhb_loop+0x35/0x90
[ 2841.879590][ T5060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2841.885523][ T5060] RIP: 0033:0x7f5eda975bd9
[ 2841.889963][ T5060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2841.909616][ T5060] RSP: 002b:00007f5edb7b0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2841.918090][ T5060] RAX: ffffffffffffffda RBX: 00007f5edab04110 RCX: 00007f5eda975bd9
[ 2841.926097][ T5060] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[ 2841.934347][ T5060] RBP: 00007f5edb7b00a0 R08: 0000000000000000 R09: 0000000000000000
[ 2841.942327][ T5060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2841.950513][ T5060] R13: 000000000000006e R14: 00007f5edab04110 R15: 00007ffe619eba08
[ 2841.958546][ T5060]  </TASK>
[ 2841.961718][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2842.514545][ T5061] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[ 2844.598354][T14969] Bluetooth: hci0: command tx timeout
[ 2897.951262][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 2959.393314][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 2992.677861][   T30] INFO: task kworker/1:6:9700 blocked for more than 143 seconds.
[ 2992.685662][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2992.693805][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2992.705999][   T30] task:kworker/1:6     state:D stack:19952 pid:9700  tgid:9700  ppid:2      flags:0x00004000
[ 2992.716597][   T30] Workqueue: usb_hub_wq hub_event
[ 2992.721780][   T30] Call Trace:
[ 2992.725084][   T30]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2992.728122][   T30]  __schedule+0x1796/0x49d0
[ 2992.732853][   T30]  ? __pfx___schedule+0x10/0x10
[ 2992.737868][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2992.743891][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2992.749577][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2992.754815][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 2992.760118][   T30]  ? schedule+0x90/0x320
[ 2992.764398][   T30]  schedule+0x14b/0x320
[ 2992.768712][   T30]  usb_kill_urb+0x1c9/0x300
[ 2992.773255][   T30]  ? __pfx_usb_kill_urb+0x10/0x10
[ 2992.778704][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 2992.784829][   T30]  usb_start_wait_urb+0x1b0/0x520
[ 2992.789997][   T30]  ? __pfx_usb_start_wait_urb+0x10/0x10
[ 2992.795686][   T30]  ? __kmalloc_noprof+0x217/0x400
[ 2992.800828][   T30]  usb_control_msg+0x2b1/0x4c0
[ 2992.805634][   T30]  ? __pfx_usb_control_msg+0x10/0x10
[ 2992.814332][   T30]  ? __kasan_kmalloc+0x98/0xb0
[ 2992.833178][   T30]  ? hub_port_init+0x178/0x2670
[ 2992.859591][   T30]  ? kmalloc_trace_noprof+0x19c/0x2c0
[ 2992.865053][   T30]  hub_port_init+0xc21/0x2670
[ 2992.876199][   T30]  hub_event+0x295f/0x5150
[ 2992.887359][   T30]  ? __pfx_hub_event+0x10/0x10
[ 2992.892212][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 2992.898073][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2992.904581][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2992.911460][   T30]  ? process_scheduled_works+0x945/0x1830
[ 2992.917618][   T30]  process_scheduled_works+0xa2c/0x1830
[ 2992.923256][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2992.929652][   T30]  ? assign_work+0x364/0x3d0
[ 2992.934318][   T30]  worker_thread+0x86d/0xd50
[ 2992.940500][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2992.946446][   T30]  ? __kthread_parkme+0x169/0x1d0
[ 2992.951874][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 2992.957021][   T30]  kthread+0x2f0/0x390
[ 2992.961152][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 2992.966325][   T30]  ? __pfx_kthread+0x10/0x10
[ 2992.971022][   T30]  ret_from_fork+0x4b/0x80
[ 2992.975473][   T30]  ? __pfx_kthread+0x10/0x10
[ 2992.981617][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2992.986437][   T30]  </TASK>
[ 2992.989849][   T30] INFO: task kworker/1:2:31932 blocked for more than 143 seconds.
[ 2992.998080][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2993.005735][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2993.014692][   T30] task:kworker/1:2     state:D stack:22064 pid:31932 tgid:31932 ppid:2      flags:0x00004000
[ 2993.024968][   T30] Workqueue: events rfkill_global_led_trigger_worker
[ 2993.031728][   T30] Call Trace:
[ 2993.035036][   T30]  <TASK>
[ 2993.038355][   T30]  __schedule+0x1796/0x49d0
[ 2993.042937][   T30]  ? __pfx___schedule+0x10/0x10
[ 2993.049142][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2993.055159][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2993.060260][   T30]  ? kick_pool+0x1bd/0x620
[ 2993.064703][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2993.070317][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 2993.075552][   T30]  ? schedule+0x90/0x320
[ 2993.079847][   T30]  schedule+0x14b/0x320
[ 2993.084034][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2993.090764][   T30]  __mutex_lock+0x6a4/0xd70
[ 2993.095307][   T30]  ? __mutex_lock+0x527/0xd70
[ 2993.100354][   T30]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 2993.106641][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2993.111729][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2993.117963][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2993.124589][   T30]  ? process_scheduled_works+0x945/0x1830
[ 2993.130714][   T30]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 2993.136827][   T30]  ? process_scheduled_works+0x945/0x1830
[ 2993.142636][   T30]  process_scheduled_works+0xa2c/0x1830
[ 2993.148290][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2993.154305][   T30]  ? assign_work+0x364/0x3d0
[ 2993.160480][   T30]  worker_thread+0x86d/0xd50
[ 2993.165129][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2993.171120][   T30]  ? __kthread_parkme+0x169/0x1d0
[ 2993.176199][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 2993.181565][   T30]  kthread+0x2f0/0x390
[ 2993.185667][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 2993.191165][   T30]  ? __pfx_kthread+0x10/0x10
[ 2993.195878][   T30]  ret_from_fork+0x4b/0x80
[ 2993.201566][   T30]  ? __pfx_kthread+0x10/0x10
[ 2993.206196][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2993.211080][   T30]  </TASK>
[ 2993.214139][   T30] INFO: task syz-executor:4801 blocked for more than 143 seconds.
[ 2993.222338][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2993.230204][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2993.238964][   T30] task:syz-executor    state:D stack:20288 pid:4801  tgid:4801  ppid:1      flags:0x00000004
[ 2993.249629][   T30] Call Trace:
[ 2993.252942][   T30]  <TASK>
[ 2993.255900][   T30]  __schedule+0x1796/0x49d0
[ 2993.260519][   T30]  ? __pfx___schedule+0x10/0x10
[ 2993.265429][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2993.271695][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2993.277593][   T30]  ? schedule+0x90/0x320
[ 2993.281873][   T30]  schedule+0x14b/0x320
[ 2993.286140][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2993.291676][   T30]  __mutex_lock+0x6a4/0xd70
[ 2993.296224][   T30]  ? __mutex_lock+0x527/0xd70
[ 2993.300964][   T30]  ? rfkill_fop_open+0x131/0x850
[ 2993.305934][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2993.313560][   T30]  ? __init_waitqueue_head+0xae/0x150
[ 2993.319089][   T30]  rfkill_fop_open+0x131/0x850
[ 2993.323892][   T30]  ? module_put+0x13a/0x2d0
[ 2993.328474][   T30]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 2993.333789][   T30]  misc_open+0x313/0x390
[ 2993.338414][   T30]  chrdev_open+0x5b0/0x630
[ 2993.342871][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2993.347997][   T30]  ? security_file_open+0x51a/0x750
[ 2993.353245][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2993.358238][   T30]  do_dentry_open+0x970/0x1450
[ 2993.363062][   T30]  vfs_open+0x3e/0x330
[ 2993.367505][   T30]  path_openat+0x2c01/0x35f0
[ 2993.372136][   T30]  ? mark_lock+0x9a/0x350
[ 2993.376474][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2993.382856][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2993.390531][   T30]  ? __pfx_path_openat+0x10/0x10
[ 2993.395541][   T30]  do_filp_open+0x235/0x490
[ 2993.400475][   T30]  ? __pfx_do_filp_open+0x10/0x10
[ 2993.406097][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 2993.411037][   T30]  ? alloc_fd+0x5a1/0x640
[ 2993.415443][   T30]  do_sys_openat2+0x13e/0x1d0
[ 2993.421274][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2993.426516][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2993.432885][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2993.439319][   T30]  __x64_sys_openat+0x247/0x2a0
[ 2993.444227][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2993.449703][   T30]  ? do_syscall_64+0x100/0x230
[ 2993.454498][   T30]  ? do_syscall_64+0xb6/0x230
[ 2993.459607][   T30]  do_syscall_64+0xf3/0x230
[ 2993.464138][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2993.468961][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2993.474951][   T30] RIP: 0033:0x7f0fbdf74610
[ 2993.479463][   T30] RSP: 002b:00007ffd4a147010 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2993.488322][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0fbdf74610
[ 2993.496346][   T30] RDX: 0000000000000002 RSI: 00007f0fbdfe3e09 RDI: 00000000ffffff9c
[ 2993.505230][   T30] RBP: 00007f0fbdfe3e09 R08: 0000000000000000 R09: 0000000000000000
[ 2993.513634][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000000c
[ 2993.521817][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 2993.529934][   T30]  </TASK>
[ 2993.533031][   T30] INFO: task syz.2.8227:4999 blocked for more than 144 seconds.
[ 2993.541060][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2993.548867][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2993.557647][   T30] task:syz.2.8227      state:D stack:22656 pid:4999  tgid:4999  ppid:31701  flags:0x00004006
[ 2993.568063][   T30] Call Trace:
[ 2993.571373][   T30]  <TASK>
[ 2993.574342][   T30]  __schedule+0x1796/0x49d0
[ 2993.580825][   T30]  ? __pfx___schedule+0x10/0x10
[ 2993.585816][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2993.591570][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2993.597255][   T30]  ? schedule+0x90/0x320
[ 2993.601539][   T30]  schedule+0x14b/0x320
[ 2993.605813][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2993.612519][   T30]  __mutex_lock+0x6a4/0xd70
[ 2993.617120][   T30]  ? kobject_put+0x443/0x480
[ 2993.621839][   T30]  ? __mutex_lock+0x527/0xd70
[ 2993.626574][   T30]  ? rfkill_unregister+0xd0/0x230
[ 2993.632186][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2993.637295][   T30]  ? __pfx_device_del+0x10/0x10
[ 2993.642205][   T30]  ? __pfx_nfc_genl_device_removed+0x10/0x10
[ 2993.649401][   T30]  rfkill_unregister+0xd0/0x230
[ 2993.654324][   T30]  nfc_unregister_device+0x96/0x2a0
[ 2993.659936][   T30]  virtual_ncidev_close+0x59/0x90
[ 2993.665026][   T30]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 2993.670915][   T30]  __fput+0x24a/0x8a0
[ 2993.675053][   T30]  task_work_run+0x24f/0x310
[ 2993.679879][   T30]  ? __pfx_task_work_run+0x10/0x10
[ 2993.685053][   T30]  ? syscall_exit_to_user_mode+0xa3/0x360
[ 2993.691235][   T30]  syscall_exit_to_user_mode+0x168/0x360
[ 2993.696936][   T30]  do_syscall_64+0x100/0x230
[ 2993.701661][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2993.706408][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2993.712466][   T30] RIP: 0033:0x7f0281975bd9
[ 2993.716920][   T30] RSP: 002b:00007ffdc0471298 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 2993.725662][   T30] RAX: 0000000000000000 RBX: 00000000002b4c15 RCX: 00007f0281975bd9
[ 2993.734982][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 2993.743098][   T30] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000001ec04715bf
[ 2993.751419][   T30] R10: 00007f0281800000 R11: 0000000000000246 R12: 00007f0281b03f6c
[ 2993.760644][   T30] R13: 0000000000000032 R14: 00007f0281b05a60 R15: 00007f0281b03f60
[ 2993.768726][   T30]  </TASK>
[ 2993.771867][   T30] INFO: task syz.4.8231:5011 blocked for more than 144 seconds.
[ 2993.779901][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2993.787763][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2993.796457][   T30] task:syz.4.8231      state:D stack:23632 pid:5011  tgid:5009  ppid:2591   flags:0x00004006
[ 2993.806782][   T30] Call Trace:
[ 2993.810468][   T30]  <TASK>
[ 2993.813424][   T30]  __schedule+0x1796/0x49d0
[ 2993.818046][   T30]  ? __pfx___schedule+0x10/0x10
[ 2993.822937][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2993.828036][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2993.833559][   T30]  ? schedule+0x90/0x320
[ 2993.839415][   T30]  schedule+0x14b/0x320
[ 2993.843627][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2993.849263][   T30]  __mutex_lock+0x6a4/0xd70
[ 2993.853825][   T30]  ? __mutex_lock+0x527/0xd70
[ 2993.858624][   T30]  ? nfc_rfkill_set_block+0x50/0x310
[ 2993.863963][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2993.870578][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 2993.876276][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2993.882255][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2993.888683][   T30]  nfc_rfkill_set_block+0x50/0x310
[ 2993.893847][   T30]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 2993.900206][   T30]  rfkill_set_block+0x1f1/0x440
[ 2993.905123][   T30]  rfkill_fop_write+0x5bb/0x790
[ 2993.910084][   T30]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2993.915495][   T30]  ? bpf_lsm_file_permission+0x9/0x10
[ 2993.920956][   T30]  ? rw_verify_area+0x1d2/0x6b0
[ 2993.925864][   T30]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2993.931553][   T30]  vfs_write+0x2a2/0xc90
[ 2993.935821][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 2993.940664][   T30]  ? do_futex+0x392/0x560
[ 2993.945128][   T30]  ? __fget_files+0x29/0x470
[ 2993.951696][   T30]  ? __fget_files+0x3f6/0x470
[ 2993.956433][   T30]  ? __fget_files+0x29/0x470
[ 2993.961452][   T30]  ksys_write+0x1a0/0x2c0
[ 2993.965841][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 2993.970801][   T30]  ? do_syscall_64+0x100/0x230
[ 2993.975631][   T30]  ? do_syscall_64+0xb6/0x230
[ 2993.980948][   T30]  do_syscall_64+0xf3/0x230
[ 2993.985594][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2993.990636][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2993.996579][   T30] RIP: 0033:0x7f6484175bd9
[ 2994.001289][   T30] RSP: 002b:00007f6484f82048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2994.009989][   T30] RAX: ffffffffffffffda RBX: 00007f6484303f60 RCX: 00007f6484175bd9
[ 2994.020542][   T30] RDX: 0000000000000008 RSI: 0000000020000000 RDI: 0000000000000006
[ 2994.029111][   T30] RBP: 00007f64841e4e60 R08: 0000000000000000 R09: 0000000000000000
[ 2994.038655][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2994.046731][   T30] R13: 000000000000000b R14: 00007f6484303f60 R15: 00007ffecbf29608
[ 2994.054869][   T30]  </TASK>
[ 2994.058360][   T30] INFO: task syz.1.8238:5053 blocked for more than 144 seconds.
[ 2994.066031][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2994.074460][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2994.083189][   T30] task:syz.1.8238      state:D stack:25904 pid:5053  tgid:5052  ppid:811    flags:0x00000004
[ 2994.093470][   T30] Call Trace:
[ 2994.096754][   T30]  <TASK>
[ 2994.099911][   T30]  __schedule+0x1796/0x49d0
[ 2994.104561][   T30]  ? __pfx___schedule+0x10/0x10
[ 2994.109615][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2994.114686][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2994.120272][   T30]  ? schedule+0x90/0x320
[ 2994.124544][   T30]  schedule+0x14b/0x320
[ 2994.131963][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2994.137742][   T30]  __mutex_lock+0x6a4/0xd70
[ 2994.142309][   T30]  ? __mutex_lock+0x527/0xd70
[ 2994.146997][   T30]  ? misc_open+0x5c/0x390
[ 2994.152335][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2994.157446][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[ 2994.163128][   T30]  misc_open+0x5c/0x390
[ 2994.167417][   T30]  chrdev_open+0x5b0/0x630
[ 2994.171958][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2994.176922][   T30]  ? security_file_open+0x51a/0x750
[ 2994.182295][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2994.188025][   T30]  do_dentry_open+0x970/0x1450
[ 2994.192856][   T30]  vfs_open+0x3e/0x330
[ 2994.196965][   T30]  path_openat+0x2c01/0x35f0
[ 2994.201864][   T30]  ? mark_lock+0x9a/0x350
[ 2994.206206][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2994.212771][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2994.217965][   T30]  ? __pfx_path_openat+0x10/0x10
[ 2994.222985][   T30]  do_filp_open+0x235/0x490
[ 2994.227960][   T30]  ? __pfx_do_filp_open+0x10/0x10
[ 2994.233250][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 2994.238186][   T30]  ? alloc_fd+0x5a1/0x640
[ 2994.242557][   T30]  do_sys_openat2+0x13e/0x1d0
[ 2994.247420][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2994.252664][   T30]  ? smack_file_ioctl+0x356/0x3a0
[ 2994.258114][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 2994.263569][   T30]  __x64_sys_openat+0x247/0x2a0
[ 2994.268555][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2994.274021][   T30]  ? do_syscall_64+0x100/0x230
[ 2994.278902][   T30]  ? do_syscall_64+0xb6/0x230
[ 2994.283594][   T30]  do_syscall_64+0xf3/0x230
[ 2994.289584][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2994.294314][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2994.300324][   T30] RIP: 0033:0x7f5eda974610
[ 2994.304836][   T30] RSP: 002b:00007f5edb7f0480 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2994.313420][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5eda974610
[ 2994.322289][   T30] RDX: 0000000000000002 RSI: 00007f5eda9e3af1 RDI: 00000000ffffff9c
[ 2994.330677][   T30] RBP: 00007f5eda9e3af1 R08: 0000000000000000 R09: 0000000000000080
[ 2994.338853][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 2994.346886][   T30] R13: 0000000000000063 R14: 0000000020000000 R15: 0000000020001800
[ 2994.357697][   T30]  </TASK>
[ 2994.360866][   T30] INFO: task syz.0.8240:5064 blocked for more than 145 seconds.
[ 2994.369945][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2994.377640][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2994.386327][   T30] task:syz.0.8240      state:D stack:26656 pid:5064  tgid:5063  ppid:29057  flags:0x00000004
[ 2994.396787][   T30] Call Trace:
[ 2994.400112][   T30]  <TASK>
[ 2994.403051][   T30]  __schedule+0x1796/0x49d0
[ 2994.407720][   T30]  ? __pfx___schedule+0x10/0x10
[ 2994.412631][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2994.417862][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2994.423370][   T30]  ? schedule+0x90/0x320
[ 2994.428042][   T30]  schedule+0x14b/0x320
[ 2994.432292][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2994.438050][   T30]  __mutex_lock+0x6a4/0xd70
[ 2994.442599][   T30]  ? __mutex_lock+0x527/0xd70
[ 2994.447426][   T30]  ? misc_open+0x5c/0x390
[ 2994.451825][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2994.456904][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[ 2994.463453][   T30]  misc_open+0x5c/0x390
[ 2994.469147][   T30]  chrdev_open+0x5b0/0x630
[ 2994.473631][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2994.479766][   T30]  ? security_file_open+0x51a/0x750
[ 2994.485195][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2994.490699][   T30]  do_dentry_open+0x970/0x1450
[ 2994.495578][   T30]  vfs_open+0x3e/0x330
[ 2994.499908][   T30]  path_openat+0x2c01/0x35f0
[ 2994.504564][   T30]  ? mark_lock+0x9a/0x350
[ 2994.509232][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2994.514307][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2994.521074][   T30]  ? __pfx_path_openat+0x10/0x10
[ 2994.526111][   T30]  do_filp_open+0x235/0x490
[ 2994.530712][   T30]  ? __pfx_do_filp_open+0x10/0x10
[ 2994.535803][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 2994.540785][   T30]  ? alloc_fd+0x5a1/0x640
[ 2994.545152][   T30]  do_sys_openat2+0x13e/0x1d0
[ 2994.550269][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2994.555643][   T30]  ? fd_install+0x35c/0x5d0
[ 2994.561918][   T30]  __x64_sys_openat+0x247/0x2a0
[ 2994.566850][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2994.572405][   T30]  ? do_syscall_64+0x100/0x230
[ 2994.577790][   T30]  ? do_syscall_64+0xb6/0x230
[ 2994.582614][   T30]  do_syscall_64+0xf3/0x230
[ 2994.587608][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2994.592728][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2994.598846][   T30] RIP: 0033:0x7f9d67775bd9
[ 2994.603309][   T30] RSP: 002b:00007f9d685bc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2994.612201][   T30] RAX: ffffffffffffffda RBX: 00007f9d67903f60 RCX: 00007f9d67775bd9
[ 2994.620356][   T30] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: ffffffffffffff9c
[ 2994.629659][   T30] RBP: 00007f9d677e4e60 R08: 0000000000000000 R09: 0000000000000000
[ 2994.638025][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2994.646109][   T30] R13: 000000000000000b R14: 00007f9d67903f60 R15: 00007fff92fed828
[ 2994.654155][   T30]  </TASK>
[ 2994.657270][   T30] INFO: task syz.0.8240:5066 blocked for more than 145 seconds.
[ 2994.665008][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2994.674336][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2994.683107][   T30] task:syz.0.8240      state:D stack:27360 pid:5066  tgid:5063  ppid:29057  flags:0x00000004
[ 2994.693480][   T30] Call Trace:
[ 2994.696779][   T30]  <TASK>
[ 2994.700104][   T30]  __schedule+0x1796/0x49d0
[ 2994.704669][   T30]  ? __pfx___schedule+0x10/0x10
[ 2994.709676][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2994.714730][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2994.720284][   T30]  ? schedule+0x90/0x320
[ 2994.724652][   T30]  schedule+0x14b/0x320
[ 2994.729623][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2994.735669][   T30]  __mutex_lock+0x6a4/0xd70
[ 2994.740990][   T30]  ? __mutex_lock+0x527/0xd70
[ 2994.745717][   T30]  ? misc_open+0x5c/0x390
[ 2994.750464][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2994.755539][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[ 2994.761354][   T30]  misc_open+0x5c/0x390
[ 2994.765549][   T30]  chrdev_open+0x5b0/0x630
[ 2994.770064][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2994.775043][   T30]  ? security_file_open+0x51a/0x750
[ 2994.780464][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2994.785478][   T30]  do_dentry_open+0x970/0x1450
[ 2994.791669][   T30]  vfs_open+0x3e/0x330
[ 2994.795815][   T30]  path_openat+0x2c01/0x35f0
[ 2994.801946][   T30]  ? mark_lock+0x9a/0x350
[ 2994.806342][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2994.812701][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2994.818075][   T30]  ? __pfx_path_openat+0x10/0x10
[ 2994.823149][   T30]  do_filp_open+0x235/0x490
[ 2994.828456][   T30]  ? __pfx_do_filp_open+0x10/0x10
[ 2994.833564][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 2994.838550][   T30]  ? alloc_fd+0x5a1/0x640
[ 2994.842924][   T30]  do_sys_openat2+0x13e/0x1d0
[ 2994.847716][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2994.853011][   T30]  __x64_sys_openat+0x247/0x2a0
[ 2994.858041][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2994.863452][   T30]  ? exc_page_fault+0x590/0x8c0
[ 2994.868406][   T30]  ? do_syscall_64+0xb6/0x230
[ 2994.873120][   T30]  do_syscall_64+0xf3/0x230
[ 2994.877724][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2994.882512][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2994.888539][   T30] RIP: 0033:0x7f9d67775bd9
[ 2994.893006][   T30] RSP: 002b:00007f9d6857a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2994.902762][   T30] RAX: ffffffffffffffda RBX: 00007f9d67904110 RCX: 00007f9d67775bd9
[ 2994.917236][   T30] RDX: 0000000000000002 RSI: 0000000020000100 RDI: ffffffffffffff9c
[ 2994.925280][   T30] RBP: 00007f9d677e4e60 R08: 0000000000000000 R09: 0000000000000000
[ 2994.935017][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2994.943298][   T30] R13: 000000000000006e R14: 00007f9d67904110 R15: 00007fff92fed828
[ 2994.951438][   T30]  </TASK>
[ 2994.954531][   T30] INFO: task syz-executor:5070 blocked for more than 145 seconds.
[ 2994.962475][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2994.970275][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2994.979120][   T30] task:syz-executor    state:D stack:26816 pid:5070  tgid:5070  ppid:1      flags:0x00000004
[ 2994.991606][   T30] Call Trace:
[ 2994.994935][   T30]  <TASK>
[ 2994.997953][   T30]  __schedule+0x1796/0x49d0
[ 2995.002527][   T30]  ? __pfx___schedule+0x10/0x10
[ 2995.008615][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2995.013698][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2995.020452][   T30]  ? schedule+0x90/0x320
[ 2995.024728][   T30]  schedule+0x14b/0x320
[ 2995.029116][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2995.034607][   T30]  __mutex_lock+0x6a4/0xd70
[ 2995.040432][   T30]  ? __mutex_lock+0x527/0xd70
[ 2995.045233][   T30]  ? misc_open+0x5c/0x390
[ 2995.049691][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2995.054747][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[ 2995.060478][   T30]  misc_open+0x5c/0x390
[ 2995.064651][   T30]  chrdev_open+0x5b0/0x630
[ 2995.069510][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2995.074502][   T30]  ? security_file_open+0x51a/0x750
[ 2995.079823][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2995.084978][   T30]  do_dentry_open+0x970/0x1450
[ 2995.089848][   T30]  vfs_open+0x3e/0x330
[ 2995.093933][   T30]  path_openat+0x2c01/0x35f0
[ 2995.098647][   T30]  ? mark_lock+0x9a/0x350
[ 2995.103032][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2995.108233][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2995.113285][   T30]  ? __pfx_path_openat+0x10/0x10
[ 2995.118494][   T30]  do_filp_open+0x235/0x490
[ 2995.123048][   T30]  ? __pfx_do_filp_open+0x10/0x10
[ 2995.128772][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 2995.133663][   T30]  ? alloc_fd+0x5a1/0x640
[ 2995.139237][   T30]  do_sys_openat2+0x13e/0x1d0
[ 2995.143955][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2995.149307][   T30]  ? fd_install+0x9c/0x5d0
[ 2995.153758][   T30]  ? fd_install+0x35c/0x5d0
[ 2995.158633][   T30]  __x64_sys_openat+0x247/0x2a0
[ 2995.163535][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2995.168988][   T30]  ? do_syscall_64+0x100/0x230
[ 2995.173774][   T30]  ? do_syscall_64+0xb6/0x230
[ 2995.178877][   T30]  do_syscall_64+0xf3/0x230
[ 2995.183408][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2995.189823][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2995.195794][   T30] RIP: 0033:0x7fbad0374591
[ 2995.200326][   T30] RSP: 002b:00007ffdb204e0e0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 2995.208826][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fbad0374591
[ 2995.216827][   T30] RDX: 0000000000000002 RSI: 00007fbad03e3d5e RDI: 00000000ffffff9c
[ 2995.225169][   T30] RBP: 00007fbad03e3d5e R08: 0000000000000000 R09: 00007fbad103d6c0
[ 2995.235080][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[ 2995.244490][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 2995.253317][   T30]  </TASK>
[ 2995.256373][   T30] INFO: task syz-executor:5072 blocked for more than 145 seconds.
[ 2995.264263][   T30]       Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2995.273125][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2995.282478][   T30] task:syz-executor    state:D stack:26816 pid:5072  tgid:5072  ppid:1      flags:0x00000004
[ 2995.292819][   T30] Call Trace:
[ 2995.296124][   T30]  <TASK>
[ 2995.300848][   T30]  __schedule+0x1796/0x49d0
[ 2995.305415][   T30]  ? __pfx___schedule+0x10/0x10
[ 2995.310719][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2995.315782][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2995.321419][   T30]  ? schedule+0x90/0x320
[ 2995.325691][   T30]  schedule+0x14b/0x320
[ 2995.329955][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2995.335462][   T30]  __mutex_lock+0x6a4/0xd70
[ 2995.340461][   T30]  ? __mutex_lock+0x527/0xd70
[ 2995.345194][   T30]  ? misc_open+0x5c/0x390
[ 2995.349648][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2995.354704][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[ 2995.361549][   T30]  misc_open+0x5c/0x390
[ 2995.365764][   T30]  chrdev_open+0x5b0/0x630
[ 2995.370527][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2995.375585][   T30]  ? security_file_open+0x51a/0x750
[ 2995.381008][   T30]  ? __pfx_chrdev_open+0x10/0x10
[ 2995.385979][   T30]  do_dentry_open+0x970/0x1450
[ 2995.391856][   T30]  vfs_open+0x3e/0x330
[ 2995.395981][   T30]  path_openat+0x2c01/0x35f0
[ 2995.401143][   T30]  ? mark_lock+0x9a/0x350
[ 2995.405520][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2995.411949][   T30]  ? __lock_acquire+0x1346/0x1fd0
[ 2995.417033][   T30]  ? __pfx_path_openat+0x10/0x10
[ 2995.422179][   T30]  do_filp_open+0x235/0x490
[ 2995.426760][   T30]  ? __pfx_do_filp_open+0x10/0x10
[ 2995.432156][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 2995.437058][   T30]  ? alloc_fd+0x5a1/0x640
[ 2995.441689][   T30]  do_sys_openat2+0x13e/0x1d0
[ 2995.446440][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2995.452628][   T30]  ? fd_install+0x9c/0x5d0
[ 2995.457063][   T30]  ? fd_install+0x35c/0x5d0
[ 2995.462936][   T30]  __x64_sys_openat+0x247/0x2a0
[ 2995.468007][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2995.473429][   T30]  ? do_syscall_64+0x100/0x230
[ 2995.478317][   T30]  ? do_syscall_64+0xb6/0x230
[ 2995.483033][   T30]  do_syscall_64+0xf3/0x230
[ 2995.488793][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2995.493601][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2995.499602][   T30] RIP: 0033:0x7f313d374591
[ 2995.504041][   T30] RSP: 002b:00007ffedeed33b0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 2995.512582][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f313d374591
[ 2995.520777][   T30] RDX: 0000000000000002 RSI: 00007f313d3e3d5e RDI: 00000000ffffff9c
[ 2995.528936][   T30] RBP: 00007f313d3e3d5e R08: 0000000000000000 R09: 00007f313e03d6c0
[ 2995.536952][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[ 2995.545019][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 2995.554033][   T30]  </TASK>
[ 2995.558317][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[ 2995.568842][   T30] 
[ 2995.568842][   T30] Showing all locks held in the system:
[ 2995.576615][   T30] 1 lock held by khungtaskd/30:
[ 2995.581586][   T30]  #0: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 2995.591543][   T30] 2 locks held by getty/4840:
[ 2995.596226][   T30]  #0: ffff88802b1bf0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2995.606943][   T30]  #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 2995.617204][   T30] 5 locks held by kworker/1:6/9700:
[ 2995.622432][   T30]  #0: ffff88801b2c7548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 2995.633913][   T30]  #1: ffffc90014197d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 2995.646269][   T30]  #2: ffff888023e75190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[ 2995.655537][   T30]  #3: ffff888023dad518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b6/0x5150
[ 2995.665708][   T30]  #4: ffff888023c3c168 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f4/0x5150
[ 2995.676791][   T30] 3 locks held by kworker/u8:1/28093:
[ 2995.682441][   T30] 3 locks held by kworker/1:2/31932:
[ 2995.689065][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 2995.700279][   T30]  #1: ffffc9000a597d00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 2995.714807][   T30]  #2: ffffffff8f8acaa8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 2995.726423][   T30] 2 locks held by syz-executor/4801:
[ 2995.731845][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.740482][   T30]  #1: ffffffff8f8acaa8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_open+0x131/0x850
[ 2995.750664][   T30] 2 locks held by syz.2.8227/4999:
[ 2995.755809][   T30]  #0: ffff88806125d100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x63/0x2a0
[ 2995.765750][   T30]  #1: ffffffff8f8acaa8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xd0/0x230
[ 2995.775975][   T30] 2 locks held by syz.4.8231/5011:
[ 2995.782462][   T30]  #0: ffffffff8f8acaa8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a9/0x790
[ 2995.792690][   T30]  #1: ffff88806125d100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x310
[ 2995.803426][   T30] 1 lock held by syz.1.8238/5053:
[ 2995.808594][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.818569][   T30] 1 lock held by syz.0.8240/5064:
[ 2995.823638][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.832224][   T30] 1 lock held by syz.0.8240/5066:
[ 2995.837320][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.845839][   T30] 1 lock held by syz-executor/5070:
[ 2995.851193][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.859984][   T30] 1 lock held by syz-executor/5072:
[ 2995.865204][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.874333][   T30] 1 lock held by syz-executor/5075:
[ 2995.879882][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.889730][   T30] 1 lock held by syz-executor/5077:
[ 2995.894971][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.903583][   T30] 1 lock held by syz-executor/5079:
[ 2995.909954][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.918614][   T30] 1 lock held by syz-executor/5081:
[ 2995.923842][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.933314][   T30] 1 lock held by syz-executor/5083:
[ 2995.938661][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.956507][   T30] 1 lock held by syz-executor/5085:
[ 2995.962018][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.970597][   T30] 1 lock held by syz-executor/5087:
[ 2995.975790][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.984356][   T30] 1 lock held by syz-executor/5089:
[ 2995.989675][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2995.999427][   T30] 1 lock held by syz-executor/5091:
[ 2996.004648][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2996.013176][   T30] 1 lock held by syz-executor/5093:
[ 2996.019353][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2996.027989][   T30] 1 lock held by syz-executor/5095:
[ 2996.033385][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2996.042064][   T30] 1 lock held by syz-executor/5097:
[ 2996.048488][   T30]  #0: ffffffff8eb20a48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x5c/0x390
[ 2996.057016][   T30] 
[ 2996.059531][   T30] =============================================
[ 2996.059531][   T30] 
[ 2996.068046][   T30] NMI backtrace for cpu 1
[ 2996.072392][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2996.082285][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2996.092356][   T30] Call Trace:
[ 2996.095658][   T30]  <TASK>
[ 2996.098599][   T30]  dump_stack_lvl+0x241/0x360
[ 2996.103324][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2996.108629][   T30]  ? __pfx__printk+0x10/0x10
[ 2996.113235][   T30]  ? vprintk_emit+0x631/0x770
[ 2996.118103][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[ 2996.123235][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 2996.128193][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2996.133668][   T30]  ? _printk+0xd5/0x120
[ 2996.137840][   T30]  ? __pfx__printk+0x10/0x10
[ 2996.142455][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 2996.147326][   T30]  ? __pfx__printk+0x10/0x10
[ 2996.152021][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 2996.157235][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2996.163247][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 2996.169244][   T30]  watchdog+0xfde/0x1020
[ 2996.173521][   T30]  ? watchdog+0x1ea/0x1020
[ 2996.177956][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2996.182644][   T30]  kthread+0x2f0/0x390
[ 2996.186724][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2996.191435][   T30]  ? __pfx_kthread+0x10/0x10
[ 2996.196037][   T30]  ret_from_fork+0x4b/0x80
[ 2996.200573][   T30]  ? __pfx_kthread+0x10/0x10
[ 2996.205181][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2996.209981][   T30]  </TASK>
[ 2996.213636][   T30] Sending NMI from CPU 1 to CPUs 0:
[ 2996.219613][    C0] NMI backtrace for cpu 0
[ 2996.219627][    C0] CPU: 0 PID: 28093 Comm: kworker/u8:1 Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2996.219648][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2996.219661][    C0] Workqueue: bat_events batadv_nc_worker
[ 2996.219691][    C0] RIP: 0010:lockdep_softirqs_off+0x11b/0x440
[ 2996.219714][    C0] Code: 40 4c 89 e3 48 c1 eb 03 42 80 3c 2b 00 74 08 4c 89 e7 e8 78 6d 86 00 48 c7 44 24 40 00 00 00 00 9c 8f 44 24 40 42 80 3c 2b 00 <74> 08 4c 89 e7 e8 6b 6c 86 00 f6 44 24 41 02 0f 85 18 01 00 00 4d
[ 2996.219730][    C0] RSP: 0018:ffffc9000a547900 EFLAGS: 00000046
[ 2996.219746][    C0] RAX: 0000000000000004 RBX: 1ffff920014a8f28 RCX: ffffffff9476e603
[ 2996.219765][    C0] RDX: 1ffff110037e5e61 RSI: 0000000000000201 RDI: ffffffff8b48a558
[ 2996.219779][    C0] RBP: ffffc9000a5479b0 R08: ffffffff92f7665f R09: 1ffffffff25eeccb
[ 2996.219793][    C0] R10: dffffc0000000000 R11: fffffbfff25eeccc R12: ffffc9000a547940
[ 2996.219807][    C0] R13: dffffc0000000000 R14: 1ffff920014a8f24 R15: ffff88801a75da00
[ 2996.219822][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[ 2996.219838][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2996.219851][    C0] CR2: 000055c3d6a81058 CR3: 000000000e132000 CR4: 00000000003506f0
[ 2996.219867][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2996.219879][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2996.219891][    C0] Call Trace:
[ 2996.219899][    C0]  <NMI>
[ 2996.219907][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 2996.219929][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 2996.219951][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2996.219972][    C0]  ? nmi_handle+0x2a/0x5a0
[ 2996.220009][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 2996.220030][    C0]  ? nmi_handle+0x14f/0x5a0
[ 2996.220057][    C0]  ? nmi_handle+0x2a/0x5a0
[ 2996.220085][    C0]  ? lockdep_softirqs_off+0x11b/0x440
[ 2996.220104][    C0]  ? default_do_nmi+0x63/0x160
[ 2996.220126][    C0]  ? exc_nmi+0x123/0x1f0
[ 2996.220147][    C0]  ? end_repeat_nmi+0xf/0x53
[ 2996.220169][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 2996.220195][    C0]  ? lockdep_softirqs_off+0x11b/0x440
[ 2996.220215][    C0]  ? lockdep_softirqs_off+0x11b/0x440
[ 2996.220235][    C0]  ? lockdep_softirqs_off+0x11b/0x440
[ 2996.220254][    C0]  </NMI>
[ 2996.220260][    C0]  <TASK>
[ 2996.220268][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 2996.220294][    C0]  ? __pfx_lockdep_softirqs_off+0x10/0x10
[ 2996.220313][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2996.220335][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2996.220357][    C0]  __local_bh_disable_ip+0xfb/0x220
[ 2996.220375][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 2996.220393][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 2996.220418][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 2996.220444][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 2996.220461][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 2996.220479][    C0]  ? batadv_nc_purge_paths+0x30f/0x3b0
[ 2996.220505][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2996.220527][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 2996.220552][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 2996.220580][    C0]  _raw_spin_lock_bh+0x1c/0x50
[ 2996.220598][    C0]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[ 2996.220626][    C0]  batadv_nc_purge_paths+0xe8/0x3b0
[ 2996.220660][    C0]  batadv_nc_worker+0x328/0x610
[ 2996.220685][    C0]  ? batadv_nc_worker+0xcb/0x610
[ 2996.220712][    C0]  ? process_scheduled_works+0x945/0x1830
[ 2996.220731][    C0]  process_scheduled_works+0xa2c/0x1830
[ 2996.220771][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2996.220796][    C0]  ? assign_work+0x364/0x3d0
[ 2996.220817][    C0]  worker_thread+0x86d/0xd50
[ 2996.220842][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2996.220863][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 2996.220886][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2996.220905][    C0]  kthread+0x2f0/0x390
[ 2996.220927][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2996.220946][    C0]  ? __pfx_kthread+0x10/0x10
[ 2996.220968][    C0]  ret_from_fork+0x4b/0x80
[ 2996.220991][    C0]  ? __pfx_kthread+0x10/0x10
[ 2996.221013][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2996.221048][    C0]  </TASK>
[ 2996.228308][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 2996.228329][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00231-ge091caf99f3a #0
[ 2996.228356][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2996.228372][   T30] Call Trace:
[ 2996.228383][   T30]  <TASK>
[ 2996.228395][   T30]  dump_stack_lvl+0x241/0x360
[ 2996.228442][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2996.228480][   T30]  ? __pfx__printk+0x10/0x10
[ 2996.228520][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2996.228556][   T30]  ? vscnprintf+0x5d/0x90
[ 2996.228588][   T30]  panic+0x349/0x860
[ 2996.228626][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 2996.228659][   T30]  ? __pfx_panic+0x10/0x10
[ 2996.228691][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 2996.228728][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 2996.228757][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 2996.228784][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 2996.228813][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 2996.228845][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 2996.228879][   T30]  watchdog+0x101d/0x1020
[ 2996.228909][   T30]  ? watchdog+0x1ea/0x1020
[ 2996.228943][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2996.228970][   T30]  kthread+0x2f0/0x390
[ 2996.229000][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2996.229027][   T30]  ? __pfx_kthread+0x10/0x10
[ 2996.229058][   T30]  ret_from_fork+0x4b/0x80
[ 2996.229089][   T30]  ? __pfx_kthread+0x10/0x10
[ 2996.229120][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2996.229171][   T30]  </TASK>
[ 2996.231891][   T30] Kernel Offset: disabled
[ 2996.789804][   T30] Rebooting in 86400 seconds..