last executing test programs:

2m50.238655587s ago: executing program 0 (id=158):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1)
r2 = socket(0x10, 0x3, 0x0)
r3 = openat$smackfs_load(0xffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/load-self2\x00', 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001000), r4)
sendmsg$IEEE802154_START_REQ(r4, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="04000000", @ANYRES16=r5, @ANYBLOB="010000000000000000000d000000"], 0x14}}, 0x0)
write$smackfs_load(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="29421e73f812f3fd1b5d76101060a46d205a13d9e771811f904d89fc9b65ea7d3568739d69320ee97f3a1c8bf8ffa412e86d30fa0b503ce8c0bcef9efdaf47efb2b8e6e43856564ee42839fbc242c9dfe5f87c76d8cffda620097badd8f18123de1033051b641b646934223d3a8b7d495f09389d6dc45a1afffecb0dfc"], 0x11f)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r6)
mount$nfs(0x0, &(0x7f0000000640)='.\x00', &(0x7f0000000680), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB])
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)={@map=r7, 0xffffffffffffffff, 0x3, 0x0, 0x0, @void, @value}, 0x20)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
dup(r8)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x14d802, 0x0)
dup(r9)

2m49.165261982s ago: executing program 0 (id=159):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0xf8, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xffe0}}, [@TCA_RATE={0x6, 0x5, {0xa8, 0x7b}}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0xb8, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0xa4, 0x6, [@m_ife={0x50, 0xb, 0x0, 0x0, {{0x8}, {0x4}, {0x27, 0x6, "3892c4d2eb75728faed731b8708e6a332c67f787554cd94e623e16d97c61b46e68bb87"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_connmark={0x50, 0x0, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0xf8}}, 0x0)
socket(0x10, 0x803, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x10080, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_PASTESEL(r4, 0x4b52, &(0x7f0000000340))
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r6, &(0x7f0000000200)={&(0x7f0000000c00)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x400c8e1}, 0x0)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000180)="290000002000190f00003fffffffda0602000000ffe80001dd0000040d001800ea11c21d0005000000", 0x29}], 0x1)

2m46.978122042s ago: executing program 0 (id=165):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2m46.584608343s ago: executing program 0 (id=167):
r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
close(r0)
r1 = syz_open_dev$radio(&(0x7f0000000140), 0x2, 0x2)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$FIONREAD(r2, 0x541b, &(0x7f00000000c0))
ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, &(0x7f0000000040)={0xc0000000, 0x100, "9cb619a71ba9ff8d9587e3eb07b54a544b55851f449c8520b002c4e0bfbf4d7e", 0x0, 0x2, 0x7c17, 0x80000000, 0x80007fff, 0x2, 0x6, 0x8000, [0x3, 0x5, 0x105, 0x3]})

2m46.27722896s ago: executing program 0 (id=169):
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_OPENQRY(r2, 0x4b4c, &(0x7f0000000140))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x20, 0x0, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x3, 0x7, 0x3, 0x0, 0x0, {0xa, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x810)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)={0x24, 0x0, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x24}}, 0x0)

2m43.841191561s ago: executing program 0 (id=174):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1d, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x1f00, 0x12)
socket(0x2a, 0x2, 0x0)
prlimit64(0x0, 0x1, &(0x7f0000000380)={0x6, 0x5ac}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
sendmmsg$inet6(r3, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x1}], 0x1}}], 0x1, 0x0)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fcff050000000000000001f46e65746465767b696d0000000f0002006e657464657673696d4b000000c4265fbcf3f7f1d4707baa00000000"], 0x44}}, 0x0)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000007f40)={0x0, "baca51190fe897d2c459882730b0be2a874d354f99e4d6047d9a6e2f23c8a92c", 0x1})

2m28.219556516s ago: executing program 32 (id=174):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1d, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x1f00, 0x12)
socket(0x2a, 0x2, 0x0)
prlimit64(0x0, 0x1, &(0x7f0000000380)={0x6, 0x5ac}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
sendmmsg$inet6(r3, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x1}], 0x1}}], 0x1, 0x0)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fcff050000000000000001f46e65746465767b696d0000000f0002006e657464657673696d4b000000c4265fbcf3f7f1d4707baa00000000"], 0x44}}, 0x0)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000007f40)={0x0, "baca51190fe897d2c459882730b0be2a874d354f99e4d6047d9a6e2f23c8a92c", 0x1})

39.412804731s ago: executing program 2 (id=432):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x2000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {}, {0x0, 0xd}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002ac0)=@delchain={0x4dc, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0x4ac, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0xe}}, @TCA_ROUTE4_ACT={0x4a0, 0x6, [@m_simple={0x1f0, 0x1f, 0x0, 0x0, {{0xb}, {0x98, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x2, 0x1, 0x2, 0x8}}, @TCA_DEF_DATA={0x2d, 0x3, '@-^[\xa5&,.\x00pe\xe9\xb9\xf1Q+=\xdf\xacqd\xb4\xd3\rj6\xb4\xa6fz\x91\xa6\xe9\xdfy\xef\xbcY\xbb[a'}, @TCA_DEF_DATA={0x7, 0x3, 'lo\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x403, 0xfffffffffffffffe, 0x6, 0x2}}, @TCA_DEF_DATA={0x7, 0x3, '\xfc}\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x1, 0x10000000, 0x4, 0x8}}, @TCA_DEF_DATA={0xb, 0x3, 'j\xbf!*{$\x00'}]}, {0x12d, 0x6, "bb56072c27c5e2984fb9b39740c7dea2e6372a168bf1fdb8ecb6019c9f5db834fcaca18620641b7aab2922f69d2f9b062f5ec4be8a5a603fe7236ffd67f60e9e007b34e0f9cb58fc8855dae5289e4e856559f64bc5a1c5683263937fdd088e5f34874e0d2d2273a7a09810d9042b32fb69223c74e88c41fda5268c22a3107d32ee49d3a99665178abfde24d27a872b23ece9d09c9560070a6e3cca383ccb4d1a6d7c302ab3ee820e67d26e78f72566a2f9765698d783e6c14d8da6156473bc39143eaba66c1921f94f19f65bc88b127c0eb8ac765b9220105c7c1060a0dd863f80d90bc3848a4fa52f73aaa4e21a1f0d6078cc5386cdfb2eef199f5261cf64455c3d8b7584e7e01a4e794f882f04307913cd5e00e1ebd8bbb0e6ed906dfc64b4608f285ecdef3d31a8"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_vlan={0x170, 0x3, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xb7e}]}, {0x131, 0x6, "b4f5f8a000aed611d1e3ee1aaa84601c97299db7511af811242f5e599e70462ff947d7fce8171ca76d6272e5926e4bcc41c5f2a45eda585981ca0de6f00b6a83a630a32eb3d933702dde61376ab26952f74f090fb6858f97715363bfca363004ef43db3a48e84090d7517b700dc6a2a2f94e7329147f25670ca37779fb3bb34630b673bfa93845abd7c43a11e2c7d51cd033af07fdedab1b0a4fd3289168734a438364c97d0791494427d5c5c48b1f99b2933a263cfb4ca5c4ae41bb0d4ad806597b90b1569a91f0af9997eb0a37a98b616eeb9b0e0d88e3faa90e480ed36ed0731503f2a4bda6e9158fad7756a073b2cec8125c7d5602435a45a08326af0e776af578e665ce74bc12a9711427e5e489a7fc95ee4920fca6d97a55e300de194ccb7e828af89c3c15e1ea664b79"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_vlan={0xe0, 0xc, 0x0, 0x0, {{0x9}, {0x50, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x30a}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x8, 0x6, 0x7, 0xf64, 0x2}, 0x2}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x4e9}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xee1}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x715}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x8a7}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}]}, {0x65, 0x6, "eda7d7a535361ed0c9b32a364b522addd6669254402ee3ff325c8cea5004909bdc00830603507c7cc3cb8a9b0bfd1aa374f3d137bd1e7f8b57e264a568809005b37e0f9e7b458fe6d976cd4a52b8661fb1fc93f220613f0a0b672f610c1e30c05b"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x30, 0x15, 0x0, 0x0, {{0xfffffffffffffe05}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_bpf={0x2c, 0x1b, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x4dc}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
write$P9_RSTATFS(r2, &(0x7f0000000040)={0x43, 0x9, 0x1, {0xac, 0x4, 0x5, 0x5, 0x6, 0x8a8, 0x4, 0x2, 0x4}}, 0x43)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r3 = io_uring_setup(0x2a11, &(0x7f0000000100)={0x0, 0x400000, 0x40})
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, 0x0, 0xfffffdb5)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r5 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000080)={0x11, 0x800, r6, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0xfffffffd, 0x5, 0x2, 0x0, &(0x7f0000000040), 0x2000000)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x8001}, 0x4)
syz_emit_ethernet(0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800450000280000001100069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x2)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
read$nci(r8, &(0x7f0000000a80)=""/218, 0xda)
ioctl$FUSE_DEV_IOC_CLONE(r7, 0x8004e500, &(0x7f0000000380)=r4)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
close_range(r1, r4, 0x0)
read$FUSE(r9, &(0x7f0000003800)={0x2020}, 0x2020)

38.172780145s ago: executing program 2 (id=436):
syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)={0x0, 0x0, 0x80000}, 0x20)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000d80)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x0, @private1}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000800)='P', 0x1}], 0x1}}], 0x1, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_tables_targets\x00')
ioctl$IMGETVERSION(0xffffffffffffffff, 0x80044942, 0x0)
r3 = syz_open_dev$vivid(&(0x7f0000000200), 0x2, 0x2)
ioctl$VIDIOC_TRY_FMT(r3, 0xc0d05640, &(0x7f0000000780)={0xa, @sdr={0x39565559}})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x2a, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x7e9, 0x2)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
io_uring_setup(0x50c7, &(0x7f00000002c0)={0x0, 0xff07, 0x80, 0x0, 0x40000000})
ioctl$SNDCTL_DSP_STEREO(r5, 0x40045010, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180)=0xfffffff9)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

32.115491502s ago: executing program 2 (id=448):
r0 = syz_usb_connect(0x0, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000022546940fa0ae803d0990102030109023600010000000009047500038cbb2a0009050a001000010000090588"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000040)={0x0, 0xc, 0x1, "06"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
request_key(0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001540), 0x180, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
pipe2$watch_queue(&(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
r7 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r7, 0x40045612, &(0x7f0000000000)=0x1)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r8}})
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r6, 0x0)
read$watch_queue(r5, &(0x7f0000000100)=""/222, 0xde)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r5, 0x5760, 0x11)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r6, 0xffffffffffffffff)
r9 = dup(r4)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000092000040"])
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000600)=0x31)
syz_usb_connect(0x0, 0x2d, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000c4b20710200e01015a7a0102030109021b00010000000009040000012e6d0a0009050747"], 0x0)
r10 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x20, 0x70bd29, 0x1}, 0x10}}, 0x20004010)
recvmmsg(r10, &(0x7f00000021c0)=[{{&(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, <r11=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
close_range(r11, 0xffffffffffffffff, 0x0)

29.440832142s ago: executing program 5 (id=451):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f000000d3c0)=@delchain={0x24, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xb}, {0xfff1, 0x3}, {0x9, 0xc}}}, 0x24}}, 0x4000040)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$cgroup_ro(r1, &(0x7f00000000c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
setuid(0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, 0x1410, 0x1, 0x70bd2c, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0xf000000, 0x0, 0x4011}, 0x0)

28.718172637s ago: executing program 5 (id=455):
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e0a"], 0xd)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1f82fc1b1000"], 0x20}, 0x1, 0xc00000000000000}, 0x0)
bind$bt_hci(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r4, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002b00)={0x2c, 0x0, 0xb, 0x101, 0x0, 0x0, {0x2}, [@NFTA_COMPAT_REV={0x8}, @NFTA_COMPAT_NAME={0x8, 0x1, 'osf\x00'}, @NFTA_COMPAT_TYPE={0x8}]}, 0x2c}}, 0x0)
write$binfmt_misc(r0, &(0x7f0000000080), 0xd)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x88}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'ip6_vti0\x00', 0x4000})
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000480), 0x0}, 0x20)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000440)=[{0xffffffffffffffff}], 0x1, 0x0)
r5 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r6 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r5, r6, r6}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a80)={'crct10dif\x00\x00\x00 \x00\x00\x00+\xcc\xff%\xd2cTH,\x00'}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'bond0\x00'})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000240)={'wlan1\x00'})

27.561285413s ago: executing program 5 (id=458):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
syz_emit_ethernet(0x80, &(0x7f0000000080)=ANY=[@ANYBLOB="0180c200000000000000000086dd609a83c9004a2f00fe880000000000000000000000000001fe8000000000000000000000000000aa0420655800000000000000000800000086dd34a6fc05080088be00000001100000000100000000000000080022fb00000000200000000200000000000000000000000800655800000000"], 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c000000100003042cbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0ffe0000000000003c00128009000100766c616e000000002c00028006000100000000001c0003800c00010000010000800000000c00010000000000ffffff7f0400048008000a00", @ANYRES32=r2, @ANYBLOB="08000500", @ANYRES32=r2], 0x6c}, 0x1, 0xba01}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) (async)
syz_emit_ethernet(0x80, &(0x7f0000000080)=ANY=[@ANYBLOB="0180c200000000000000000086dd609a83c9004a2f00fe880000000000000000000000000001fe8000000000000000000000000000aa0420655800000000000000000800000086dd34a6fc05080088be00000001100000000100000000000000080022fb00000000200000000200000000000000000000000800655800000000"], 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c000000100003042cbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0ffe0000000000003c00128009000100766c616e000000002c00028006000100000000001c0003800c00010000010000800000000c00010000000000ffffff7f0400048008000a00", @ANYRES32=r2, @ANYBLOB="08000500", @ANYRES32=r2], 0x6c}, 0x1, 0xba01}, 0x0) (async)

27.560804883s ago: executing program 2 (id=459):
syz_usb_connect$uac1(0x0, 0xb4, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000406b1d01014000010203010902a200030195b5b12504000000010100000a24010000000201020c240703000000ed129e8410eb2308000000000924030000000302000904010000010200000904010101010200000824020100000000090501090000000310072501800101010904020000010300000904020101010200000f"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r4, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r4, 0x0, <r5=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r3, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r5, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20ffa000})
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_JOIN_OCB(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x2c, r8, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xcf}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40011}, 0x40814)
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000bc0)={&(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, 0x0, 0x1, 0x1, 0x5, 0x9, {0x7e8c, 0x0, 0x1, 0x9, 0x2, 0xfffa, 0x3, 0x0, 0x3, 0x756e, 0x8, 0xc5, 0x7fff, 0x200, "564e0aadd224fa05902fa06f7ad9fc6c1f3de792ac819358adc5ca828a9d560a"}})
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000000)=0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r6, 0xc0745645, &(0x7f0000000100)={0x8d, [0x27e, 0xffff, 0x3, 0x7, 0xc95, 0x9, 0x6, 0x0, 0xa50, 0x4, 0x0, 0xffff, 0x6, 0x7, 0x3, 0x3, 0x4, 0x5, 0x81, 0x9, 0x3, 0x8, 0x0, 0xf6c, 0x0, 0xd, 0xfffe, 0x7, 0xd, 0x8, 0xfc00, 0x6, 0x1, 0x40, 0x2795, 0x2, 0x8001, 0x200, 0x6101, 0x7, 0x9, 0x200, 0x8, 0xe66, 0x3, 0x8, 0x5, 0x1], 0x6})
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001439)
socket$nl_netfilter(0x10, 0x3, 0xc)
futex_waitv(&(0x7f0000001980)=[{0x2, &(0x7f00000018c0)=0x2, 0x82}, {0x0, &(0x7f0000001900), 0x2}, {0x2000, 0x0, 0x82}], 0x3, 0x0, 0x0, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r10, 0x0, 0x1, &(0x7f00000000c0), &(0x7f0000000240)=0x4)

25.424912727s ago: executing program 1 (id=464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x9, 0x26}}}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xfffffffffffffff9}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x3c}}, 0x40840)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000a40)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\v\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32], 0x20)

25.372191359s ago: executing program 5 (id=465):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mount$9p_unix(&(0x7f0000000000)='\x00', &(0x7f0000000040)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200))
r6 = userfaultfd(0x801)
ioctl$UFFDIO_CONTINUE(r6, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r7 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f0000f1d000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0xfffffffffffffffd, 0x0, 0x0, 0x96f, 0x32, 0x20, 0x1, 0x21})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000000)={0x8, 0x0, 0x3017, 0x1, 0x7, 0x2, 0xc, 0x1})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9], 0x44}}, 0x0)

24.785855168s ago: executing program 1 (id=466):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1)
r2 = socket(0x10, 0x3, 0x0)
openat$smackfs_load(0xffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/load-self2\x00', 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001000), r3)
sendmsg$IEEE802154_START_REQ(r3, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="04000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000d000000"], 0x14}}, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r5)
mount$nfs(0x0, &(0x7f0000000640)='.\x00', &(0x7f0000000680), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB])
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)={@map=r6, 0xffffffffffffffff, 0x3, 0x0, 0x0, @void, @value}, 0x20)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r8 = dup(r7)
ioctl$BLKROSET(r8, 0x125d, &(0x7f0000000280)=0x7)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x14d802, 0x0)
dup(r9)

22.192853381s ago: executing program 2 (id=468):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x8000f28, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x14)
socket(0xa, 0x2400000001, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2000000, 0x0)

21.888246832s ago: executing program 1 (id=469):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f00000002c0), r1)
sendmsg$GTP_CMD_ECHOREQ(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@GTPA_VERSION={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048001}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000040)='\x00', 0x2, 0x2)

21.843475264s ago: executing program 5 (id=470):
socket(0x2, 0x3, 0x6)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r0)
close(r0)
r1 = socket$unix(0x1, 0x1, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x408640, 0x0)
ioctl$TCXONC(r4, 0x540a, 0x2)
close(r4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'geneve1\x00', <r5=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendto$inet6(r3, &(0x7f0000000540)="0503092c8f0b480301020d0086ddf7c25975e014b02f0800eb2b2ff0dac8897c6b118777faff30236beae6efafbb1c65f7ffff306610", 0x36, 0x800, 0x0, 0x0)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r6, 0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r7, 0x29, 0x36, &(0x7f0000000040)=@fragment={0x2e, 0x0, 0x0, 0x0, 0x0, 0x1c}, 0x8)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, 0xfffffffffffffffe, &(0x7f0000000840)=0x4a)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

21.624727683s ago: executing program 3 (id=472):
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xd, 0x0, &(0x7f0000000400)="5aee41dea43e9eee28e622e563", 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0xffffffffffffffff, 0x1, 0x8}, 0xc)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00f8048100000000439206a2a8594a95a1feb6f9d80f000000000000006a77f0c5ec", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000000000000100"/28], 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_ext={0x1c, 0x14, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x737, 0x0, 0x0, 0x0, 0xdcb9}, [@cb_func={0x18, 0x2, 0x4, 0x0, 0x4}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @cb_func={0x18, 0x7, 0x4, 0x0, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @generic={0x8, 0x3, 0x0, 0x8001, 0x5}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}]}, &(0x7f0000000000)='syzkaller\x00', 0x81, 0x17, &(0x7f0000000040)=""/23, 0x41100, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x45b3, r0, 0x1, &(0x7f0000000280)=[r3, r4, r1, r1, r1, r1], &(0x7f00000003c0)=[{0x3, 0x1, 0xe, 0x2}], 0x10, 0x1ff, @void, @value}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0xa)
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet(0x2, 0x0, 0x0)
r8 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r8, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r8, 0x3)
r9 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r9, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r10 = accept4(r8, 0x0, 0x0, 0x0)
recvmmsg(r9, &(0x7f0000002500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmmsg(r10, &(0x7f0000001500), 0x588, 0x0)

21.164087255s ago: executing program 1 (id=473):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chdir(&(0x7f0000000100)='./file0\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x408)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001300)={<r4=>0x0}, &(0x7f0000001340)=0xc)
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f0000001380)={0xfff, 0x8000, {<r5=>0xffffffffffffffff}, {}, 0xffff, 0x4})
ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000013c0)=<r6=>0x0)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r7, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001400)={<r8=>0x0}, &(0x7f0000001440)=0xc)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x6)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001480)=<r10=>0x0)
syz_clone3(&(0x7f0000001500)={0x50002400, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f00000001c0), {0x11}, &(0x7f00000002c0)=""/4096, 0x1000, &(0x7f00000012c0)=""/16, &(0x7f00000014c0)=[r4, r5, r6, r7, r8, r9, r10], 0x7, {r3}}, 0x58)

20.747549698s ago: executing program 4 (id=474):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffca, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='mlxsw_sp_acl_tcam_vregion_rehash\x00', r0, 0x0, 0x1}, 0x18) (fail_nth: 1)

20.421199173s ago: executing program 5 (id=475):
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f00000002c0)=[@request_death={0x400c630e, 0x2}], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$TUNSETOFFLOAD(r4, 0x8901, 0x2000ff04)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r5, 0x5452, &(0x7f0000000180)=0xf51)
readv(r5, &(0x7f0000000300)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1)
sendmmsg$inet(r5, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000480)="2cea9f7c99e894404a645475fdb14debbdaeb796e70de5b11d621087b1782b6d0882bc6f1ef322b4ab8962608925c565c69fb98c2a42062bcb1be2f25794220802df7c569394396570d6a3d9d40e50fcb06ec209d0a637f0ce8b1f76deadb861a0e7249a9f5c3d423486cfe193256a0c908cd0ebad787b1c705f6c7d1c01cf05", 0x80}], 0x1}}], 0x1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000040)=0x8000001)
ioctl$PPPIOCSACTIVE(r9, 0x40107446, &(0x7f00000001c0)={0x0, 0x0})
sendmmsg$unix(r8, &(0x7f0000000c40)=[{{&(0x7f0000000340)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, &(0x7f0000000640)=[@cred={{0x1c}}, @cred={{0xffffffffffffff60, 0x1, 0x2, {r6}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [r3, 0xffffffffffffffff, r4, r7, 0xffffffffffffffff, r5, r4, r8, r8]}}, @rights={{0x1c, 0x1, 0x1, [r0, r8, r8]}}], 0x118}}, {{&(0x7f0000000b00)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001100)=[{&(0x7f0000000980)="6e17b0e56dc1f2ed2eca27ce06bf385de6f8caa4ce4f77e52aeb63fa6feb0dbaeb53b250224f9a7fc63b28edc0b5218f54e209ecd095702f315839b74d315a14cd5f715452eb55963cd0c68dca023cad9d8bfdc01f65d421557d4df1034738bcbb8811839b425a986d2f7a34e2360119b2e9dc39acc6805c48336653ef3ddb0a4535c0bb845e060e7cb961246f0ccb981d36eee15a83b783bef67a48ba685f7d5cc618ec07aca5b6eaa01c04421ccb525f506bfcc088df4450048fb953c0a3b2ef27c927d32c541853ca11a5b930f49e3338ade42f7b840cdb7365aa458bca865584f6cb2d03", 0xe6}, {&(0x7f0000000cc0)="a076da5ded8089dce2d8bbe7d9fcd4858d711fb49f4f1bddd166a54b5cf9b0729b58b5a6bd7921afcac6458e49391412422df4ca58e1fcb65c44e465c9d4627d09fa078dfd085cc4e601fe987803d5fcde7c64b4e9b547f35f063aa6e839999ac7c1005a90754d3327cf595cddff4579729326e003178d9ea90a232004d01a3fc28414634c66877fd6d4d23e0eb81d8235e0f1dfc6ec1303b29354045f6ab7adfffb6e7773bffbdc2ca97b3633279d8f3d972c8f67c0d3abf69444ef96c2cd835db8", 0xc2}, {&(0x7f00000012c0)="2003ce94e7aacb01614119753bc877c0bd6b6196d7bc4ab8484c9b3062cf57f320058e06008c7d7dc7e1e4fb502ef1c86ab3b08564d5b6fd7d6a7c4599d446f735b020877ad04e06bf4f9e412ea01350aa38e02bc0d085fcf41c0f00000000000000e12c9251b42a930456fa1242ec0c7560f40231626520216102b1b7e57989d4de6f44586099321875ba29270bd2f08d5b4a237592bd52aabb7bfa8181331937a7e1992b76b99888297716b9df0882a02a203994cccd3f0867b70199590399424fd9cb27c21527bd0c5112d7f3c9a9ca34dcaddf0178160634b5d6c248ce0ee7c235135d1be805d0419c46b9c8ee5d01c2a8564a22654974c45641e926cf14ee5fadb11ed3b14861c8bb94473225b8877731ae037ff96184", 0x119}, {&(0x7f0000000a80)="e464e40d3d1b4fca2d10a0409ae61961fd85684ed87298eafb06a2bdf4ff710651db3126f621d88e7f58aa22a1a6005640f60c9e64e9748f9b10e6b6499fd2888d5b4e81fc678bca646e55ca622fcb145d5ea8b6b4a9c3b8174bd14ebb850d6adc8ce01882ec2699ce7094a91dff79da70553ecf8483ca", 0x77}, {&(0x7f0000000e80)="0183520c32fe653a4ed039eb848b439a4520bf3abc6088ea9f66be596e803c61f78d533ca67592773974827cf4bda9f0bb4570bddfa20a884b28805864404420786d683b5fa2e651aa54667e0942e6ce679fcc72e1aba899a1e761deea2dfcd5685bfd70440f296265108564483eda16300484f9527a6a3e23df5d6bb9273048", 0x80}, {&(0x7f0000000840)="2182351478473f76d3b248fbc4d0cc5f9c947726af2a2a9b865464dd703d940af2c715175ac94db3a147fb670400aa4af108cdca38dc", 0x36}, {&(0x7f0000000f00)="25ae8a5dd40fd78a5c484aa0fd46454c230e2963d2e711da151fbbb42ba7deda66d143d6027cab654658b30768cbd7b97adef7dad0e5b207ec94e9b260b25691a5431b04518589e4eb8cdd22e992d4e3ed82c28f7c70fbc5cc2eda92e4c9076d13221a813172af26fb900c7f7fe356", 0x6f}, {&(0x7f0000000b80)="0499193562025ca943265ee34083dd35d61f2b83bc317b4a04a060087238a1b1db758347c55c5c6530fc0637d2e346ea26e21f959095dd955b2dfd77", 0x3c}, {&(0x7f0000000f80)="55aa416e3ca2f5a6f52fb1dd355e8c2397dc1b44d117d5a48a5a96fef364595fd50fe45d68d62618ad16410b99f3a166b79ef5d613b86b11f56b29e08c90bca7b6668e27230e94c6a6845cb32ae6e6b9bcb5912b0c7c3b7f6418ee", 0x5b}, {&(0x7f00000011c0)="111ae02a84df5642f1c10429e3cc7300ddd54c863f1cb1026651fa83a0c268c22ea494e1e4179c63c4c744dd1b55413e6fa375e49a97c4e4240d3e701bd957d42f1f249cc627f22c893b2c83eac04d7c49738893a946c50fce4e598a2913e03193387890704c93a17a3b59eeb535338c1a0d3387d5e8d5bb6f6c3835243fe1d0661caca66bc94882350beb9f4270e48b3d4d3131ddf9d653f75ac19f7ecc4023566f8a846c02ded04df5667ffa94bbd00cdf98b6a1cfc278486a386c68265fb15249cd879760b48ef677ae13a6be7e4cc89aa4f68752c5a435c8fffec1967118fce34d860695a3859a17ba8e0d", 0xed}], 0xa, &(0x7f0000001540)=[@rights={{0x2c, 0x1, 0x1, [r0, 0xffffffffffffffff, r5, r5, r1, r2, r9]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x24, 0x1, 0x1, [r4, r2, r7, 0xffffffffffffffff, r9]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x24, 0x1, 0x1, [r1, r8, r2, r5, r7]}}, @rights={{0x2c, 0x1, 0x1, [r0, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x110, 0x40000}}], 0x2, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

20.368457393s ago: executing program 2 (id=476):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
ioctl$KDDISABIO(r0, 0x4b37)
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_control_io(r1, &(0x7f00000002c0)={0x2c, &(0x7f00000000c0)={0x0, 0x30, 0x43, {0x43, 0x23, "406fa8204a89ee227dddc2f7ff908637e34fa3088a1ba1a2a112b220c88ebcc559a8261520698aba49119b65236b1a470865061143d7d209bc2f5c63fa2dc30610"}}, &(0x7f0000000140)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x827}}, &(0x7f0000000180)={0x0, 0xf, 0x8e, {0x5, 0xf, 0x8e, 0x5, [@wireless={0xb, 0x10, 0x1, 0x4, 0x11, 0x6, 0x6, 0x9, 0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xf, 0x2, 0xb, 0x1}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "049652c87fa10cd5f15200aacf6d3718"}, @generic={0x4c, 0x10, 0x3, "3c3cacd4d22c86bb4962d4540c428702990b9fc3f9bfd9bc8c550ac50d93e18d0a4367760c0082c3625f250e80107bb08e4b555c720fe2caa8e53ca2398622736c5efd2a133ff68c37"}, @ss_container_id={0x14, 0x10, 0x4, 0x10, "419b3082b9dca609beb1b741b59f84c5"}]}}, &(0x7f0000000240)={0x20, 0x29, 0xf, {0xf, 0x29, 0x3, 0x1, 0x0, 0x8, "50f6b5fd", "b0166839"}}, &(0x7f0000000280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x35, 0x2, 0x80, 0x2, 0xfd, 0x8, 0xa}}}, &(0x7f00000007c0)={0x84, &(0x7f0000000300)={0x40, 0xd, 0xf9, "60221cca5c27603585dcd60aff97aa636fcf767c202935519b78f3d7de0a6c3c0dea3bee67448a0c27074c9d81179a080f5c8eec7e96760e3da32032a4fe532f5d904278c1a174f2df2090133ccd0f0967549d6214cded8e3540b66d3a932cacfaf28b8a62b03355604e7382072df78f14ed95d55fc8a43230848d0bdef6140971e47a226926ca45ea65e0e630ce63880459381d5d9d488d5901c5768a6ca75b2db2735fb4a9726e91d3bcd9ba1c25c37958998fc98a1eae8ccab8fe924daaaafdf42d209b945090d27dd1bf266f4f724b145837b3c3e4fa63ec6dcb4503047031a25cd9ce34898ab1d555c0fb2e13747c34fa1dd921d49438"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0xfd}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x0, 0x2}}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x10, 0x2}}, &(0x7f0000000500)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000540)={0x40, 0x9, 0x1, 0x10}, &(0x7f0000000580)={0x40, 0xb, 0x2, '>d'}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x81}, &(0x7f0000000600)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f0000000640)={0x40, 0x17, 0x6, @local}, &(0x7f0000000680)={0x40, 0x19, 0x2, "1832"}, &(0x7f00000006c0)={0x40, 0x1a, 0x2, 0xd}, &(0x7f0000000700)={0x40, 0x1c, 0x1, 0xff}, &(0x7f0000000740)={0x40, 0x1e, 0x1, 0x5}, &(0x7f0000000780)={0x40, 0x21, 0x1, 0x4}})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000880)=[@in={0x2, 0x4e23, @local}, @in={0x2, 0x4e22, @broadcast}], 0x20)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f00000008c0)={0x6, 0x9, 0x0, 0x1, 0x7, "59667aa55f37532d1dfb854f46f8fc66f3c006", 0x3, 0x9})
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000900), 0x400000, 0x0)
process_mrelease(r3, 0x0)
syz_usb_disconnect(r1)
close_range(r2, r2, 0x0)
ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000940))
r4 = syz_usb_connect$cdc_ecm(0x4, 0x83, &(0x7f0000000980)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x71, 0x1, 0x1, 0x9, 0xd0, 0xb, [{{0x9, 0x4, 0x0, 0x4, 0x2, 0x2, 0x6, 0x0, 0x7f, {{0x7, 0x24, 0x6, 0x0, 0x0, 'Nv'}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0xd5, 0x4, 0xd, 0xff}, [@obex={0x5, 0x24, 0x15, 0x4}, @obex={0x5, 0x24, 0x15, 0x8}, @dmm={0x7, 0x24, 0x14, 0x401, 0x4}, @ncm={0x6, 0x24, 0x1a, 0x8, 0x941a6446c6962d21}, @mbim_extended={0x8, 0x24, 0x1c, 0x2, 0x9}, @mbim={0xc, 0x24, 0x1b, 0x5, 0x2, 0x9d, 0x5, 0x7, 0x6}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x5, 0x2}}], {{0x9, 0x5, 0x82, 0x2, 0x400, 0x8, 0x1, 0x80}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x4, 0x2, 0x4}}}}}]}}]}}, &(0x7f0000000b00)={0xa, &(0x7f0000000a40)={0xa, 0x6, 0x110, 0xbe, 0x8, 0xa4, 0x0, 0x3}, 0x1a, &(0x7f0000000a80)={0x5, 0xf, 0x1a, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0x40, 0x0, 0xa, 0xa, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x8, 0x3}]}, 0x1, [{0x20, &(0x7f0000000ac0)=@string={0x20, 0x3, "7e10928270d552a751328bc9c702841060883b969253fbff91e381a11a2a"}}]})
syz_usb_control_io$cdc_ecm(r4, &(0x7f0000000bc0)={0x14, &(0x7f0000000b40)={0x20, 0x23, 0x34, {0x34, 0x23, "c36e1c7f9b04ef64316e97ab5b717a99eabfd910d7abb58e95900c6fb6626d7ba7df96700b448e554da76f3cdfe276fa15bf"}}, &(0x7f0000000b80)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000d40)={0x1c, &(0x7f0000000c00)={0x20, 0xe, 0xa8, "a6f46f468393a981f23e58235c013b235b992ff5b23feaf9ea850abb94c09ce71ce0f070dfb53e6c2da6e024418d361310190d82e9027d5f3d1447aa4b7b51aff7df980447056f083a94436743a86a5801f3c1001ef390497042c86dc0c996541e4e552f24217925dc9ed7bf159c4679a94acde1fd07350abba38d6f01cc2f78df0532e105b1b8efa2e66634137169968022c5d1380f25da77926ffb24c6433d3271ee7063a9ec76"}, &(0x7f0000000cc0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000d00)={0x0, 0x8, 0x1, 0x1}})
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000d80)={0x0, r2, 0x3, 0xfff, 0x4, 0x8})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000dc0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
statx(0xffffffffffffff9c, &(0x7f0000001100)='./file0\x00', 0x100, 0x1418, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = epoll_create1(0x0)
r8 = accept$nfc_llcp(r2, &(0x7f0000001240), &(0x7f00000012c0)=0x60)
r9 = fspick(0xffffffffffffffff, &(0x7f0000001300)='./file0\x00', 0x0)
r10 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r11 = socket$inet_sctp(0x2, 0x5, 0x84)
r12 = socket$inet_smc(0x2b, 0x1, 0x0)
r13 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000002900), 0x80, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000002940)=<r14=>0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000002980)='./file0\x00', &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x1000)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000002a40)=<r16=>0x0)
r17 = geteuid()
getgroups(0x5, &(0x7f0000002a80)=[0xee01, <r18=>0xffffffffffffffff, 0x0, 0xee00, 0xffffffffffffffff])
sendmmsg$unix(r5, &(0x7f0000003a00)=[{{&(0x7f0000000e00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000010c0)=[{&(0x7f0000000e80)="63b08edd6c47ae68ead6ac1b5f910b329add81030cda6dd697ab933688e33b5f890c55cbd93963b5b00229584daaa2a7e7ddd2e2dc449ec901a64f4aef5eca613aca8396af254035313987cc3abfcef7151e45ad19803cca7ebf54cea476f992c0c24d02f6a72826f279c0e64bf4e2b27e42aa06e1834711f7a7b3ea62b2", 0x7e}, {&(0x7f0000000f00)="5b9429d2268d69b3315a3bdf10c02ea395e1435ea7b8fb53c4ab48b48be6bcacaeb4f804ed2f884f257a5ff18d80b22140ccb1cddd737c35fb650caad9bd64dd0e6d2149c937225872dfcba7960902fff073ee6712f389b5051cd860f1282723e3a2b029c61b60ec8373d776b4eb09585dac84a3e96ca115d7365a2742bba667dc0579846c3bb8f22e6a37ab", 0x8c}, {&(0x7f0000000fc0)="d25fb01fc1eee8c893fea9770338590d89ace671298e74a4c4e7ce57a4a563d6647970873a70e5bf272a9c141827bb79539c6c6772e9b3542c6f21f72a86ced5a6c820d03e1e612017a8349c8cd97ee919b124910ef66826892d8cfbc214bd7c2669433f414eca85282e9d1b807bea95f1683b948beb3fdbd1948ecfcb53239f89cbc8c1d0b34acff7ea456a55ec93aa3020f41e58a6520377a473a3284d8f2dc11cb7ee8d47557331b97e7c52b28e9fa5b18a3cf4954b3445cb4f845a0008e18657344ac021884cbe9fec8916747806", 0xd0}], 0x3, &(0x7f0000001340)=[@cred={{0x1c, 0x1, 0x2, {0x0, r6, 0xee00}}}, @rights={{0x34, 0x1, 0x1, [r2, r7, r0, r8, r9, r10, r0, r11, r2]}}, @rights={{0x2c, 0x1, 0x1, [r3, r12, r0, r2, r0, r2, r3]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x18, 0x1, 0x1, [r3, r0]}}], 0xb8, 0x4000014}}, {{0x0, 0x0, &(0x7f0000002400)=[{&(0x7f0000001400)="35650de150b76bc03ba743dbf8b5b2371bd3953d1a8007704d8b3c7e19dacb99d7a21b9bea7859d74af1d4b8012e3287c44e7fdc8cd4d732c61849534cb50b8179eea664e52f06018b8f1a8ccd64c041897a902ebd749dc00ef5b803c5d096557a5c92c8fdb930629618df2dc8c5de570f06beb8a04bf6e31c154ce3eafc8a5549bb4cc88ce9a1a85839fb00285d688f09f42122dbf474ba151dcc8b183a3def2639d8903754687b00b51a4aa03bc7cc88a595c6ad0cdebfe02092e79f7408ba42d4d7c0f9036f8e5e632ba524669f13829b766edf2bbd028c7ee1b0a3180805fc6b5a258bdda1964832ff233d1b4359a90dfd5aed07dd0507bbfafe4fc7342bd79e06b9334f60fc603b96768a0d20455cca57751de54357001779d769c881055aba5d6106dc50baba1c8227c38430b82d81d33c8f09d0ff2a4e68782ba4567f17f1109b947b611f87394903d1c907be10199458ef22249c4cbfd4e6dc52bfc04a6b00e7620835be495bb357ef4ee70bce8065c7c22d4c25e48b6ec4abc4a3702a3ede998be5e285dd4ae7a2fddef5c6da6ed4c901b000b58deaa1541690297d4229447575d2cb4719a602d07bd7ab9681fec3a35987f7f7a4286107c90722a6675da33093ca0c941f3f97b7fa40d2baadadb43cbeb8ef077588552ee671b4edcdc772f15d2d0422dbea2ce5420e5b710a2ef18ecb18f58d1d9529c3e8d14adb65c2d498101f7359d2068d176264a6329f1e2781ef51c80500dbc3e8fd76d443692e3e1bc136be6d0d419a9ab6e8f616b9b7256ac47dc362a3362500df43ae539cd64a490b9ea8666ffb1233ea43be785f67e11fba4211178dd0263ba39b3b3c241dfbe5105be260438f9bcd9c8e89da94dfa81a686a79824986dacd31bae8beaee91b50401b049616b84470f2dd4b68bfaa1b6b6e6317a89e269d3457095f6fb580d3baf907b28c44a7766eb8d6d2b2f7d25701ea1293da3cd2a9c7a0112d25f313c7c05d89ea8e1084552acca75f32ac2616437c89ad29aa6c2382b385951c76fa7641255f60474171887d8b4f00bee1efea4ee5d2e71a3fa775451f7ffd82abe3be28e33493f54337e0c9feaf9ed281fb8982a4efdf537964ee2c8b6a1fe90777de21855edf27692c81e74f9c8a57dfdf9d1d467f384aeceef13db2bfedf28114ddb04865140c94a35a621c229d57619a313851e8a3af2169f961fb1f6f96176521146f1a3e72522446b149c3e197077b9318ca54b2e378bc6705951d93e395f241aef6b924349eccad9d51617315408126ab59111a2fe57e316f14495d6259d045afe6cf829fe1e7296ffe5ec86f884ad9c2dd1ea3ff4c198d52c177971d1df8baba0a1fd0dc36f0299816881cfba658db89eda9aece1a7f4800ee70188a708bbfa2285e0e8b73920e2061a84c708b4bc477f12614ee31e2c59f0eb4cc42e726655f21b11901c04278f11ccb167f816e8618b0db2b381ea53fa9d12056062f242b1c4db183ff93111be96d5e24cd96bbb39cda746655afbe5a6858048a581f51d1fb4b4ba1143419d4344b0e30f82073a3a9c83df331a2bd66423466fe031a35324157c54275b6ae805bc6a2520fb43ee71066371f3f4d160d43271e064ac54697544f88c1bf2412571eed8b334c9bba5c052cba1bc86ac4cd8de100b510eb8acb314901778a2af7b21cb3d3c1bdca3af000f1f8e70f6f0723cd0b399bec8d832fe91dc07ee68fe8e629e04a512bfdc612222483a21a6210bd5b53fe46cae4c2a81ba5f240c4865eef3bde39d8d8348bf62e054006adb211c66529c01801f15e05bd7ea4b25995a8517d76e167c4153f284f71b48c55d36909190249f10a93482ee4a19a693cbc73cf0b513052032c4668a8a5fada2d6bb694cf6e037b9bc70cfcd8fc3bbba8c6383be6b759c26c47099fb7cd3265e0bcaa5ef3b44990dcdbdf9c86dd5c333669828765f2d33880fea3b8d7303618bbdaa4db0cc6e68b598693606d6f455f886bcffd5ce0b275e52a6363ddd388d2aeae165009dddb7eb461786ba46a40c6b06bc527e9b07f5717aa1dc21c1aedb098f42359ad3c2269d823eb4f5f1a306a3a34b6b86c90edd0a368209cf93dd0a3f7a3f6ed7b46742de71d3e7509dc49b741e610ae0fbdc614864c0b6d022cbf212542b7ce04843c9c32a87a3addfd87dfe795dc81c4c4f130a04bca20e2dc21a3ff7223fa12f50dfe85bccffa326f4290c246fd0120a11f4497626ed11c8e4f6883bb0474be7c6abbc38eece89006b4864dbf7ad6f578ba7306e68b84eeff1029ed8b8cd74a9b849caa92ac68c069e6342522349b7abfcbc8114a61f74c61099451dca82c588649da68a52ac00588b335accdf68d486beab321153a2f3ae1d69b0e46c63856616a0a9437fc5eaf29749d07c7824a9b180ed39e27042234e25d72686dd2085b4fae82714cdd5e19e15c636747747f1f4f8e311d170bfbb597396fb85041f9e08a973796e9ff74eb82ff8fc709fa15db0779c1c9a17a43a2c3f7122205b39d900f73d60011173cb703a34a4b1cf5d481d745fa666d997a2cd5e5974fefb8a98cfe60ddbd247bb43ea35b0833e7584cdb5c4739fb4ccff21eb5115df3d30358541fe8ea29590b89760fce14efe2ab4053f85542f04e851aedd00d61385f86e000b690bc6464eb490293b16abf95dc0a4e2b0249b1e9bafcda74f53c088f2c4e9ec4b0d55b5a784698e7cb4650c5abb47e89d94d06ae0dd2650062e0a16362c5fc4ce6857a2e11132c759d7e624782acf0b023d6529dd7b32be18e5559b12676ffe5a8eaae7dc48aff901594dbeaf538fa2e882f801504b48e50fa183d0b22814505dbe8b8b178786afbf6c2db884e9ed993007d62f94ddd477455ae3edd5904f2b6852e22410d1eaee38aa87ee82c9d4d0f668a801dd33356a4b43c3e6f75a210a4401e1d52bdf8945c401fcc05a8253a79cf0346ddc075f20e4652ac2ad4d4934f8a2e563ac2d9ce686d5243038112161b336e3634c70db63630f457a7b0afc4909487eb6a89621875b0f5f714e04aa4f1e731082f85ce252436b0dce290efff5b29880681e3ec6b1c05b88205904cefbd084838ca2b95d4e84f4f01553a6930e8459cdbf3979dd81a86b0a01b3a583db6bfed6c06b300123d9f8a09ee1fcc47744ccd68fe06981d1116b3788e4da136caaeba34107510ec0925667083174dbf4409f1d4aad5093c4286a7e633996bed30b9fcfdf2e1b25941970508a1c0a500439d94b55f58fc06bc115c76c128f51c00892356266441000b55f21550f087edfc91d8d65e7bed15b2071b83b3ef95f29fd65e35294d738fceccf8700dff89b0d2b165ed4552acf7f29e0d5ca73fafdb0d1053d0d07d649cc67b9057f7a0112289f134804d717f1159817c114c7b32860a8afbf484e4b638fd0d00e4afbe6d4905cfa55583e4c371812d6997342f6c4c479425d4d67402a27d7af88c865ee56bd7a732a24453a2a4a3fc3f31ad968e61852b35eb610e856ee57cbe0f26fb3a0fce722451574fb593c4a75e20e6f86df74abefeb723fae00d124d1e42a4dceb65e6a00915ad560df8b74f762c1c3795d798910fa0e17d3b0a9f23270a48f996b7d3b6342b0f060d28f6bff94c8b4db056231aef318c1383de95116a0e9c3727dbc5eb38a11ab164d2169f30dd0a89eab6752b12eedb120a3e10cb4527a635359bcd878e0faea1b86f8590a780beacd81cb050145f3a239a204ca0ddebb5ab3166603c3395ddef2b47266ff9788495ee21881372515381c824c596bfec87ef8bd6c728a84db17c7913781dd9068cd5f8e71809158315f8d6d2b8d3d9946c08c2bcd676eb5f96af436b10cfbefb0d9874019f46de666a520ad9d59753e6e25c5a1ef60d169f75c426fb1fda73d3f071a02cf7ff7a54d72675daca758340b0d5f8c821d2c47f9a0f66fd12cbd023d3f1cba96e2fd9d340432bf6480651cc6685687d1c356d03377f55569050c34245a1374d77c0223ade0f184ac881c9e76b579525a2f183ee37253095f44989f95b3d6ef289802048172b9d6df77d10b3f458482ebf6700bdc3e54f4dc4b7b179c111226554ca8481f061fbf9068b99484064ac1cba440573b7372a5631a9169e13abc832f0849259f91ff0379d19844a680c82ebb361ead0cd41977a2ce01973db1ce22aad265ed19b240c48df718de7051685ca987ef65bd5c2f0c971c62f80d31ce4d0cc2a46bcddfb4b0ae6a027b59c1fbbfdf2d3c62cd7e963645a51a8a06214e364a9f1029a842bfc240820bf23915dbaa6fb9c54fe389a98f608340db8701d223f5d46a79bf39db2e3770b575682b95da351a0d11d27e3e7cef28738fe62f4e7eea85120ce11bdee3bd24f60ea3e7fb105bf9b127a8a94a3ddf226a2afdfd94fdfe3a1a8a6e9183242e3128c2ed547a354929295cd9f242355bc6da92ceb8a30e1c0cf07e13affefef70ebc2f97257c9f61c88f69387fe89f2b9ffd72596f1bad037a97692863b15bf689cb7b3d63b868e1d2826ad0b5df106d7cdf68fd353c2f816c54fc6e3d87fa7467108c0a810b8b0b23b360c73539492d986f24c94de32361aaddd317e6fe23d694eb1e52c0483440cffbf24ac09437279df19ab4b8b41431065251aae9f0d29fa1a3e3090eeebaa8c513fb417fe3e7541e1264cf88a44d2af101f6af70f6d50cae1c879c133d9f8b548a63e4a3708c3b3350765eff6bafdea2f073c6f31bcbc65466e1a5abc13ddfbbff1969238b80d164522505bdfaba8043af0e9a1ff6f6e5275675285d7a271b2a82043b64f15440eb3365f20a1f111846b66d611ca1b6b5c0d3a10b253074d162dd33f6190557f3f342e079baaa440b73fc3d5a3a049527383e7437c2b165dc1ba98aeb7b7d00908f29513f1442e0f0f3d713dd9a8cbe983e781ebe81c82825f178313ab3225435ef7ebc9d1ca760d7a36bd276d6e4d9a1d72cf33b140fbec7b20219568a8c613e680ecc591f53673c99f59b9449c40e08bfd2981b7cd76f4a5fb35f25b451a390a148d194d721898d0eb23dad923461ee7cfc82c627e54dd50a66cf52ce8d8de16f9629b96a503a623fc0584399541ee63daeba385aaf3add0b05cdf25d395170e0ee7d02e3d21bccffd5a76c18f5cc02ed568b4ae1585a744593928843af677a25f2ed770a717ffb8594314e069338c506609b8197d4542b256898ebaf8980df3940c9c059941b09e37fbe5fc4fcc28cf9f1e6d864caf64dbc9b94d6a477d3b781532c71dcc0bf9fe6a6081c7e9fab31c94216b5b9599c0a2a50b1162fdfe87572d146c7518fd425266f8bd139b22962f21f15d219ac1929571ca4525f760079af59765246b113296f2b2a8d07d682fb09e34c2001784549cf04c641735a318ad828dfdd57ac58dbaf4c118cbdbec60aa12d4352a0522cbd406f7972e6db61fa4d91c5c0a94b46f8b2ed7ea650e25422cc8df8fa019ea0fa6e221b18d7c08bace7d86362fc6ee0412f6cb0a7e32fc90314d3e77be19e8ae0e0eb2717400059ea25421613ef3e835b864c33037f18ac0596bd9ef0b49a0cd485e988d4be82ce6c157cbf9aed47a2f72b992f9c077b5fe5461ae675918773c7090cd8e1db55de26ef1f0794c32f4b49fccb35b4dd9b5d0b1e068b89fbf3dbea21fad17d1dc2e086652f4410d4ca71d2c097c1ddc7d685a95913dc6bf7d65136f26a6594e681b61ca5d288c08c5da78d159466ee56e49d48a813914903ac8d3ed2ea06a5fa186702246b126062e2793920e2d260de21f26002f6d751957fd25a43d076c", 0x1000}], 0x1, 0x0, 0x0, 0x20008004}}, {{0x0, 0x0, &(0x7f0000002880)=[{&(0x7f0000002440)="d392730ccd9d05", 0x7}, {&(0x7f0000002480)="acc43f932c220bc2198d7084d78db4aeff9c654dcd5d93b7f7ff3e03a6bb93ff48e9274f996c06a4be668bead7b2b99932e98b95bb1eec6e6b8084df92d038db2459ef180fd0a1babc066f950eefc4ca4de2d1238cd790c0acfa51a3a2814bdfce98b7cc558ec40c3b31dca57ad5473aca068f1d7a768bb7d7a59e8fd2d9390dd8f437954451572fdfb8d960b6bef518", 0x90}, {&(0x7f0000002540)="8004697e6e700b0ebf528e5974b6973615758b5ceea22e4260002e044a6b0ba3a91a91ea01e9caafd9b729b6428ba7b1b563a9c2eabd4956e19c34c73d4eb068545954a30543b10dbba0efca389e1f90230b6a7754149be28e169a508c9dfa1a086d874e6c49f3fd40c133a80eccd6535d6683a2c92ad83039af381721425494bdfb5bd2a9f7dc8e87082b29a4fb", 0x8e}, {&(0x7f0000002600)="f1e60a1545f5d4b8c9337587c061b4023cfa171978f491900ca286c091c917f84bdbc3c58ac88b1893025b66b30ebefe3e52fd6a994ba6887f1e95a6ebff704e2b46a50d47e32a1891a69441abd817eac9e6bf114ab3f0f68d28e356ec3b7a8f221918e0d938e4927707919dd0092c292004abc208cfc32201830754b0737f76acea2ad53a69bae23a82011306af57adcb73e0bd9c09875ad83d9e", 0x9b}, {&(0x7f00000026c0)="295806fcffdcf16317e1ce6bc982f5e7f48b6a335ba25376e8151f5ad6e6eb6582448261bbf6f984bf5962bd1cd3b5bbfb0e8c66ff0991db5a60f42a097632f7498323cf52ab95d5fcc21b390501553bbcc2a73b0d23023f696a02822545c2adb436446c7d195b1de3bdaf9cbe37d2227195bb17e63983bb0e2cb6eed8b28f2daca5218852adf51ef532a3aaa418eef7ce93001f6d36d158669199c292082af2a1ea20491416f709d07e1533cd9542504c3dabbffe9c0c85e6d0d324a5dc2ad228b156cf8a7e78d69dc7a947c2153f78d135ae0e8884615d177762b0e3b5f6c0223cfac2be67c97764d112c54d553781970c4d3cabd7d08c0c", 0xf9}, {&(0x7f00000027c0)="62cfacbe7bad3c907f1cef79ae01301f78689ba716a4ce92b4d68190f2eabb0779a1772d7c38dcc2633a5b2cd69ed41573bc1a79e586ad01d02c01084412e8bb32d36bebd17099e854a137d33b5b8ef8757482d5a063150dd03c7644afb3ecd27c91a806f1206b6926ca6c5821069fc9c073f62a010d8ae771c0ca68d883ad79d55d5762457d", 0x86}], 0x6, &(0x7f0000002c80)=[@rights={{0x20, 0x1, 0x1, [r2, r2, r0, r13]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r14, r15}}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {r16, r17, r18}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r0]}}], 0xb0, 0x10}}, {{&(0x7f0000002d40)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000002f00)=[{&(0x7f0000002dc0)="9db57bf06b4c0eadab03fc7124c6ead8796d9497eef6a68211f6f409c30c4e29d54341756877aaeb6b8ba7550af058ffa00cf49fdcfa3c93ea85f6eeff1bde22683c0a540e48f54aadea703b7ea8a66bb27e106d0cc64189669fdfaaa30e246182ee1617bc3daf8aa1e57b8252905677a1cb", 0x72}, {&(0x7f0000002e40)="d5f2dfd17500141e7a1aa16da61983ec29b5dd754be648456cd4eb26dd851ad5039b0acde0515ffcee4ee36eef619e7031a1a5c8a63ecf1db0a797a2195004f6b97bf7fe71d52d6495946b59c05e3311942835854ffd3a14eb6b539178e1849857cd9ef5d66e1eb60168a617f34256d432ca25beff1c854072df738a9caaf6739db976eac40aba38a172d1118b5436c445ff830d594366babc92cf2150a24d6cfcf5159ecb6f6697ee", 0xa9}], 0x2, &(0x7f00000038c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r2, 0xffffffffffffffff, r2, r2, r0, r3, r0]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @rights={{0x20, 0x1, 0x1, [r3, r2, r2, r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x128, 0x80}}], 0x4, 0x20004810)

20.271920631s ago: executing program 1 (id=477):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000ff0f00000000004099b2ea1d497fbc00000000009500000000000000", @ANYRES32], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = openat$random(0xffffff9c, &(0x7f0000001180), 0x0, 0x0)
poll(&(0x7f00000011c0)=[{r2}], 0x1, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x1, &(0x7f0000000340)=0xffffffff, 0x4)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x5, 0x3d, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000040), 0x4)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TCFLSH(r7, 0x40204706, 0x20000002)

20.141356442s ago: executing program 4 (id=478):
r0 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
ioctl$int_in(r0, 0x5421, 0x0)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000002c0)={0x0, 0x1})

19.859842413s ago: executing program 4 (id=479):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1)
r2 = socket(0x10, 0x3, 0x0)
openat$smackfs_load(0xffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/load-self2\x00', 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001000), r3)
sendmsg$IEEE802154_START_REQ(r3, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="04000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000d000000"], 0x14}}, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r5)
mount$nfs(0x0, &(0x7f0000000640)='.\x00', &(0x7f0000000680), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB])
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)={@map=r6, 0xffffffffffffffff, 0x3, 0x0, 0x0, @void, @value}, 0x20)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r8 = dup(r7)
ioctl$BLKROSET(r8, 0x125d, &(0x7f0000000280)=0x7)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x14d802, 0x0)
dup(r9)

19.831768375s ago: executing program 3 (id=480):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mount$9p_unix(&(0x7f0000000000)='\x00', &(0x7f0000000040)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200))
r6 = userfaultfd(0x801)
ioctl$UFFDIO_CONTINUE(r6, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r7 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f0000f1d000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0xfffffffffffffffd, 0x0, 0x0, 0x96f, 0x32, 0x20, 0x1, 0x21})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000000)={0x8, 0x0, 0x3017, 0x1, 0x7, 0x2, 0xc, 0x1})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9], 0x44}}, 0x0)

18.581554379s ago: executing program 3 (id=481):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_io_uring_setup(0x24fa, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[@ANYBLOB='/'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}})
io_uring_enter(r4, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
listen(r8, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r9, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r9, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)

18.403503161s ago: executing program 4 (id=482):
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x20}}, 0x4000)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000504000000000000000004"], 0x114}], 0x1}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0d080000000000000000170000000e0001006e657464657673296d0059ea64f0aea4ebc9746465fff6eacb7673696d300000100003000000000008000b000000000006001600000000000500120000000100"], 0x54}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32, @ANYBLOB="080001000000000008000200e0000002080009000e00000008000100ac1414"], 0x54}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x2, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9a42ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d70300000000000000d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df6c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8a9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2a9e99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8be1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828360459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16f37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaa072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a3ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a98838156ff00000000000000cdbf91f7582ab314be3e67b8c9459564c856339a80919ecf839560c62e69df8667b274cc53f83f2086cfd2664252471fad9081824d60741d663ee258705c364e162b84a09870acd0a19399103474444f4fa12dcbd10b40195b6088513029b60a34e4161fe48c092693eb07dc8ddcba2eac2efe30b285a877c862c73ff8a60cf73f1b17da0000000000005664181c1f28cd2880e6872bae932eaf4b0000000000007b662c0fe22cfd6d4bd7b851ae928cebeec6375b16af342e93c39d97e5d74d5a8e96c15fdcde7526b0af54b145e61b042c1e600390590a000000000000000000"], &(0x7f0000000100)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x10000000}, 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0xa, &(0x7f0000000040)={r4, 0xffffffffffffffff, 0x10, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x32, 0x0, 0x1}}, 0x3c)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x1, 0x4, 0xbf25, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000030feffff720af0fff8ffffff71a4f0ff000000002d040000000000003d400300000000006504000001ed000079110000000000006c440000000000007a0ab0fe000000007b13000000000000c500f9ffffff00009500000000000000023bc065b7a379d17cf9333379fc9e94af05000000f1a864a710aad58db6a693002e6b3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a715bc5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7a29aa0d7d600c095199fe3ff3128c4e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d0800af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d390dd65be2467b373eafd9aa58f2077184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c5da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b93d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6ffc3a15d96c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7cd86975023cb08cc7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c5538a294270a1ad10c80fef7c24c87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e17fb1c1ca571380d7b4ead35a655e0b4a26b702396df7e0cbe02b6e4314f244a94aa8e98b0b263f0083bf93f05beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba5823a34a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae2ed9dc06000000000000008fe26e37037f27f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e05000000d03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d0a874c74b777df005c55fc30511d00000000c85265b2bd83d64a532869d708000000000000007baa5b6a682b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a56edbd287eba77f35c35d91f3c62a0ca74836a640224de85f2b4a5fee500bbc584328a6a7a4628c4378c9b71dff64075b74a6520adb187b40d2cccbcb08c0634ee74658d3e23bf2871ed2aa2a05e319374511c8b0bf1b69d2b3782b3f481c314e7bd4615dbbf24c06ac95bd639e68d0e6aa7f0d07bf69a93365f803f0144af37236ea133c2255b0613bf8ba1d538e06c2411e8d70053b712084fd0e313de9bb19266e49a3a2190cb039c6f89610acd896319b9c8d1b8aac2eaa5a4f8be7419a09e3fb5be3be2fcdadd2299839cc40e684e6e2b4e1385fde7a0babcb0be672110268a34dad364fddee69e564119cebb6940c6356ff83ca527c573d700000000000000c6299263e6d9097f225de969485bce3d7dc471c0669bb6a467cf0de54dfcc1857048fe22a19dbb1b3cb9babaa839f1f6e817a62d95a5b971ff96a5c66c338c6f2a2da4644519f40761402e9c81013d76c7152c95ba5efa24ce1930f23a2277f057ffb6b0144f3b434a2adc456ef4d2fbdf7c6238c2bb00ffcf2d23d68cb9b027f3b22589f7956b66c5692b46ea03abb6a404c8ccceaa4ba4161409fcb54b86eaca26b24464e0ff504b87c90697ec2a82bbfd1c31713190d3e6e502c434909d6ba06cd0361a0fd90552272f24519ea9938413947edd3a0a7aa780c1dcdddf13b46ca94f37c89664c9cc1857d64ca371fa1b6131"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x50, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="19000000040000000400000009"], 0x48)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0xc0, 0x2, 0x1, 0x304, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_HELP={0x10, 0x5, 0x0, 0x1, {0x9, 0x1, 'pptp\x00'}}, @CTA_LABELS_MASK={0x2c, 0x17, [0x3, 0xfffffffe, 0x0, 0x0, 0x3, 0x5, 0x3, 0x7, 0x3, 0x5]}, @CTA_NAT_DST={0x4c, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @private0}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @loopback}, @CTA_NAT_PROTO={0x4}, @CTA_NAT_V4_MINIP={0x8, 0x1, @empty}, @CTA_NAT_V6_MINIP={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, @CTA_SYNPROXY={0x24, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_TSOFF={0x8}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0xe}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r6 = socket(0x10, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r7, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f0000000000), 0x400000000000235, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f00000000c0)='P', &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f0000001400), &(0x7f0000000000), 0x2}, 0x20)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
socket$unix(0x1, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)

16.968939334s ago: executing program 4 (id=483):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x300, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c"]}]}, 0x114}], 0x1}, 0x0)

16.646513481s ago: executing program 4 (id=484):
r0 = socket$inet6(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vlan0\x00'})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000080)=0x2e9aa845)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000010100c0"])
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f00001ad000/0x1000)=nil, 0x1000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
syz_usb_connect(0x4, 0x2d, &(0x7f00000008c0)=ANY=[@ANYBLOB="4e3233208d9970ab5b23d2ba245405acb17081e708fb302833a9fe79ebca1f2567ca3b4fd81f89ae1ff3797b91e8774db06fed6b9d07bc4c2e86978ab19b384ee4ef9748247167275a901216210ac24618431a40bf9eca84b5b661429fe069d7fd811b8b5f6f86c911ec457a19b98699e880d80427183030c6dce4e4407e0885f01f3de2b3870a304d8dcc009ab8b7709928732994c2a79bc6dce87e5118bfd456093210b65fca0d0f9f02caa9dbb7310216ed371a4279fd"], 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r7, 0x5606, 0x80)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r9=>r6, {0x7}}, './file0\x00'})
ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000300)={0x1, 0x1, 0x1000, 0x5d, &(0x7f00000000c0)="cc4cb0ba6b6e4dfe98f39574e5f6f275bea597f83c40b5ba14de94676da8bcd982441b4433279deee192f47033ad59c26c1a528f97a760cb472b46c569f8adb7ab6c017fa3ec61a229e074d846476cd41f8168f51807c170a2cd1d078f", 0x0, 0x0, 0x0})
sigaltstack(&(0x7f0000001040)={0x0, 0x80000001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000002f9b0000017963de1369dde300000f004083c5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0x1267, &(0x7f00000006c0), &(0x7f0000000740), &(0x7f0000000780))
r10 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000040)=ANY=[], 0xd046)
recvmsg(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000002540)=""/4094, 0xffe}, {&(0x7f0000000fc0)=""/4096, 0x1000}], 0x2}, 0x0)

16.301276638s ago: executing program 3 (id=485):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r0, 0x10d, 0xc, &(0x7f0000000000), &(0x7f00000000c0)=0x4) (async, rerun: 64)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x6f0ecefb80ac1db8, 0x0) (async, rerun: 64)
socket$qrtr(0x2a, 0x2, 0x0) (async)
r2 = syz_io_uring_setup(0x1f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000440), &(0x7f0000000140)=<r3=>0x0) (async)
syz_io_uring_setup(0x5e9, &(0x7f00000017c0), &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000840))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe90, 0x6})
io_uring_enter(r2, 0xb15, 0x0, 0x0, 0x0, 0x0)
r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
lseek(r5, 0x20000007ffffc, 0x1) (async, rerun: 32)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r6=>0x0}) (async, rerun: 32)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif\x00'}, 0x58) (async)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$kcm(r8, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000a80)=[{0x0}, {&(0x7f00000005c0)="8245a0b1235ada4490a781d70c09103c", 0xfda8}], 0x2}, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r6, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000})
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async, rerun: 32)
sendmmsg$inet6(r9, &(0x7f0000001880)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000140)="14530e23ac58f9d3a91c34c0626971f44fce25b07b124bfd", 0x18}], 0x1, &(0x7f00000001c0)}}, {{&(0x7f0000000480)={0xa, 0x4e21, 0x4, @loopback, 0x67}, 0x1c, &(0x7f00000004c0)=[{&(0x7f00000003c0)="457a602805d3ecaad8719e4af7a86407cdb013cb70ffc93544b2211823f1b44026ce713b446e277c7e309301f057bd26246c86f42f91a3f051eb3e38ebbc69880bfcb3f2bca2256e60507c94dba8812d73663a5d0c211a5c1b97b9e8389dde9679dfa4ac0f80ca80ce1b67f819bb9eab92a2c14273911dfe34ead4ebb8a2f79a0b7f4524538b2a550a1ea0d80f54e10dfb6366a414cfedbdbed0b3a950fd5fb56cf4c925d14650a6", 0xa8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)}, {&(0x7f0000000740)="d7d4899fb34b91122d1dab11a35509e1c8d921c4df9020fbdd76b3905c4cdf723b0edb53d8d5fb4a371f58a771ba4b3b87282956717690bbef8a1f1cfa", 0x3d}], 0x2}}], 0x4, 0x0) (async, rerun: 32)
shutdown(r9, 0x2) (async)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, <r10=>0xffffffffffffffff, 0x1}) (async)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000200"/38], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (async)
socket$rds(0x15, 0x5, 0x0)
r12 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r13 = dup(r12)
fallocate(r13, 0x11, 0x0, 0x74000) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500aab8964436663f000000000000950000000000deff17400000ffffffff000000000700000000000000", @ANYRES32, @ANYBLOB="00000000000000001850000000000000000000000000000018400000f8ffffff00000000000000009500000000000000"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r11, 0x8, 0x0, 0x0, 0x2, &(0x7f0000000940), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r1, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20ffa000}) (async)
sendmsg$nl_route(r5, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=@newnexthop={0x44, 0x68, 0x204, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x4, 0x0, 0x18}, [@NHA_GROUP_TYPE={0x6}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x7}, @NHA_GROUP={0xc, 0x2, [{0x0, 0x1}]}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

16.148619815s ago: executing program 3 (id=486):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f00000020c0)={0x2020}, 0x2020)
setns(r2, 0x2000000)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e086dd2088a8006006000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x304, &(0x7f0000000680)={@local, @dev, @void, {@ipv6={0x86dd, @tipc_packet={0x8, 0x6, "fc137e", 0x2ce, 0x6, 0xff, @empty, @remote, {[@dstopts={0x87, 0x22, '\x00', [@ra, @calipso={0x7, 0x28, {0x3, 0x8, 0x7f, 0x0, [0x5, 0x4, 0x4, 0xfff]}}, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x7, 0xd5, "7f61ad6ea034bd9c8f293a2b04afb8db4bf73635aacd71197596b636602404fb2a5f8a3edeccb3fbaa0d3406e905d7f6be8eb65f9b9f486e975d29d3952c7a2ec276c384722f771b168db8cedc0a030a84f0283d510925f2baab7dfbaa1f385b2062ae401481272576f6fc31c73c4216007b88541a49838184facc86d2b3cae8705357033f8260b76bd51a673c80eb745606b707bda6971d6c0077000873980519dd77c8e0937975e492d28d8352821bbcb39ea2e9c053fdf12dc4e69f77ea7413604e0cfda15af4cec6c6fae07a88c50249d86ea8"}]}, @routing={0x6, 0x8, 0x1, 0x9, 0x0, [@mcast1, @local, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @mcast1]}, @srh={0x2f, 0x4, 0x4, 0x2, 0x72, 0x30, 0x3, [@private0={0xfc, 0x0, '\x00', 0x1}, @remote]}, @srh={0x1, 0x10, 0x4, 0x8, 0x7, 0x0, 0x7, [@mcast2, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @local, @loopback, @mcast1, @local]}, @srh={0x67, 0x4, 0x4, 0x2, 0x24, 0x8, 0x7, [@mcast1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}]}, @dstopts={0x9, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x9}]}, @routing={0x2f, 0xa, 0x6, 0x1, 0x0, [@empty, @mcast1, @remote, @mcast2, @mcast2]}], @payload_named={{{{{0x2e, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x2, 0xfffd, 0x0, 0x1, 0x0, 0x3, 0x2, 0x4, 0x1, 0x3, 0x4e20, 0x4e23}, 0x2, 0x3}, 0x3, 0x3}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}}}, 0x0)

16.029268364s ago: executing program 3 (id=487):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x5, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000ffffff7f0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000fffdffffb702000008000000b70300000000000085000000d200000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000003880)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ssse3\x00'}, 0x58)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f0000000780)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)="25acc7fe0aaa6cbfc6b0da6998cf0344b861acea0e82bb779196f56dfb35984ef00cb39c88d00b4375e1b964ab88c21a7a69ee051d2e7c64692cd1e9d63fcacf9994ca2ab6d025979e1e902069e2d9da142359a22d8a903abf2ac849cd1875b8ad86c0c2fc6d0cd3846815661511e6bdff789b74f28785ed1592098ea57b0e11d41962cbc638fe5e3f52b71504912dda0756e4678c2e3bd290da15cc8fdc5c5f0f264760167c016ec3c67b33e9cbc6e323ab44f2160ff6bc924d72497842af78ef2d13cb3e085e66143b69cc1f216103030b70fef8759d82f9c01bc147c25da6ce9ce5c8db5796ef02c6", 0xea}, {&(0x7f0000000200)="76d37aa03d781582c3704df94b91116e2bddae9aae3c61a78150bf9e6adc5beb64132485ad33ff89724e7abc433ace16138bc110cfacb21dc2fab6e802c193a9197b7ceb427cc767ddf2b2c850c1e13b23f0fd62d7a6", 0x56}], 0x2}], 0x1, 0x0)
setsockopt$inet_group_source_req(r2, 0x0, 0x2b, &(0x7f0000000580)={0x2, {{0x2, 0x4e21, @multicast1}}, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x108)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000040)={0xa}, 0x8)
connect$bt_sco(r4, &(0x7f0000000000)={0x1f, @none}, 0x8)
shutdown(r4, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x800, 0x70bd2b, 0x25dfdbfc, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000811)

15.418447034s ago: executing program 1 (id=488):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={<r1=>r0, 0x7ff, 0x5, 0x8})
syz_open_dev$vim2m(&(0x7f0000000000), 0x7c, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(0x3)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x571001, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="7748399bf50cba6a29d8657b8c5f1b7a678b22d6c578d962036fbecd406bcc564290826980e477b5e0ab0f99f435ecd18ceb1c7bf7ba630c88b0ee30b54fd7876f93c380a563ea119d3afa3c32f7053c9d25ae16cffa5c82543f11734c2ddaeec06412aac5438f0e1dce9355af1853f451c58862095524b7c8646581250a4265c5515bb046a0e1dc933d11b7dd15a624c707c27562a1b3522f10d4f9", @ANYRES64=r1, @ANYRES8=r1, @ANYRESOCT, @ANYRES8=r3], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$HIDIOCSREPORT(r1, 0x400c4808, &(0x7f0000000200)={0x1, 0x200, 0x8})
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00f8000000000000000000000000000000000000000000000000004a4b6d0d"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x14, 0xf, &(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYRES32=r5, @ANYRES64=0x0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r9 = dup(r8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
syz_usb_connect(0x0, 0x47, &(0x7f0000001fc0)={{0x12, 0x1, 0x0, 0x31, 0x94, 0xb0, 0x8, 0x499, 0x1055, 0x1a4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x9e, 0x40, 0x2c, 0x0, [@uac_as={[@format_type_i_continuous={0x8}]}], [{{0x9, 0x5, 0x8d, 0x2}}, {{0x9, 0x5, 0x3, 0x3}}, {{0x9, 0x5, 0xb}}]}}]}}]}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="0209000002"], 0x10}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000240)=ANY=[@ANYRES32], &(0x7f0000001580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5.056990026s ago: executing program 33 (id=475):
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f00000002c0)=[@request_death={0x400c630e, 0x2}], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$TUNSETOFFLOAD(r4, 0x8901, 0x2000ff04)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r5, 0x5452, &(0x7f0000000180)=0xf51)
readv(r5, &(0x7f0000000300)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1)
sendmmsg$inet(r5, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000480)="2cea9f7c99e894404a645475fdb14debbdaeb796e70de5b11d621087b1782b6d0882bc6f1ef322b4ab8962608925c565c69fb98c2a42062bcb1be2f25794220802df7c569394396570d6a3d9d40e50fcb06ec209d0a637f0ce8b1f76deadb861a0e7249a9f5c3d423486cfe193256a0c908cd0ebad787b1c705f6c7d1c01cf05", 0x80}], 0x1}}], 0x1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000040)=0x8000001)
ioctl$PPPIOCSACTIVE(r9, 0x40107446, &(0x7f00000001c0)={0x0, 0x0})
sendmmsg$unix(r8, &(0x7f0000000c40)=[{{&(0x7f0000000340)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, &(0x7f0000000640)=[@cred={{0x1c}}, @cred={{0xffffffffffffff60, 0x1, 0x2, {r6}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [r3, 0xffffffffffffffff, r4, r7, 0xffffffffffffffff, r5, r4, r8, r8]}}, @rights={{0x1c, 0x1, 0x1, [r0, r8, r8]}}], 0x118}}, {{&(0x7f0000000b00)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001100)=[{&(0x7f0000000980)="6e17b0e56dc1f2ed2eca27ce06bf385de6f8caa4ce4f77e52aeb63fa6feb0dbaeb53b250224f9a7fc63b28edc0b5218f54e209ecd095702f315839b74d315a14cd5f715452eb55963cd0c68dca023cad9d8bfdc01f65d421557d4df1034738bcbb8811839b425a986d2f7a34e2360119b2e9dc39acc6805c48336653ef3ddb0a4535c0bb845e060e7cb961246f0ccb981d36eee15a83b783bef67a48ba685f7d5cc618ec07aca5b6eaa01c04421ccb525f506bfcc088df4450048fb953c0a3b2ef27c927d32c541853ca11a5b930f49e3338ade42f7b840cdb7365aa458bca865584f6cb2d03", 0xe6}, {&(0x7f0000000cc0)="a076da5ded8089dce2d8bbe7d9fcd4858d711fb49f4f1bddd166a54b5cf9b0729b58b5a6bd7921afcac6458e49391412422df4ca58e1fcb65c44e465c9d4627d09fa078dfd085cc4e601fe987803d5fcde7c64b4e9b547f35f063aa6e839999ac7c1005a90754d3327cf595cddff4579729326e003178d9ea90a232004d01a3fc28414634c66877fd6d4d23e0eb81d8235e0f1dfc6ec1303b29354045f6ab7adfffb6e7773bffbdc2ca97b3633279d8f3d972c8f67c0d3abf69444ef96c2cd835db8", 0xc2}, {&(0x7f00000012c0)="2003ce94e7aacb01614119753bc877c0bd6b6196d7bc4ab8484c9b3062cf57f320058e06008c7d7dc7e1e4fb502ef1c86ab3b08564d5b6fd7d6a7c4599d446f735b020877ad04e06bf4f9e412ea01350aa38e02bc0d085fcf41c0f00000000000000e12c9251b42a930456fa1242ec0c7560f40231626520216102b1b7e57989d4de6f44586099321875ba29270bd2f08d5b4a237592bd52aabb7bfa8181331937a7e1992b76b99888297716b9df0882a02a203994cccd3f0867b70199590399424fd9cb27c21527bd0c5112d7f3c9a9ca34dcaddf0178160634b5d6c248ce0ee7c235135d1be805d0419c46b9c8ee5d01c2a8564a22654974c45641e926cf14ee5fadb11ed3b14861c8bb94473225b8877731ae037ff96184", 0x119}, {&(0x7f0000000a80)="e464e40d3d1b4fca2d10a0409ae61961fd85684ed87298eafb06a2bdf4ff710651db3126f621d88e7f58aa22a1a6005640f60c9e64e9748f9b10e6b6499fd2888d5b4e81fc678bca646e55ca622fcb145d5ea8b6b4a9c3b8174bd14ebb850d6adc8ce01882ec2699ce7094a91dff79da70553ecf8483ca", 0x77}, {&(0x7f0000000e80)="0183520c32fe653a4ed039eb848b439a4520bf3abc6088ea9f66be596e803c61f78d533ca67592773974827cf4bda9f0bb4570bddfa20a884b28805864404420786d683b5fa2e651aa54667e0942e6ce679fcc72e1aba899a1e761deea2dfcd5685bfd70440f296265108564483eda16300484f9527a6a3e23df5d6bb9273048", 0x80}, {&(0x7f0000000840)="2182351478473f76d3b248fbc4d0cc5f9c947726af2a2a9b865464dd703d940af2c715175ac94db3a147fb670400aa4af108cdca38dc", 0x36}, {&(0x7f0000000f00)="25ae8a5dd40fd78a5c484aa0fd46454c230e2963d2e711da151fbbb42ba7deda66d143d6027cab654658b30768cbd7b97adef7dad0e5b207ec94e9b260b25691a5431b04518589e4eb8cdd22e992d4e3ed82c28f7c70fbc5cc2eda92e4c9076d13221a813172af26fb900c7f7fe356", 0x6f}, {&(0x7f0000000b80)="0499193562025ca943265ee34083dd35d61f2b83bc317b4a04a060087238a1b1db758347c55c5c6530fc0637d2e346ea26e21f959095dd955b2dfd77", 0x3c}, {&(0x7f0000000f80)="55aa416e3ca2f5a6f52fb1dd355e8c2397dc1b44d117d5a48a5a96fef364595fd50fe45d68d62618ad16410b99f3a166b79ef5d613b86b11f56b29e08c90bca7b6668e27230e94c6a6845cb32ae6e6b9bcb5912b0c7c3b7f6418ee", 0x5b}, {&(0x7f00000011c0)="111ae02a84df5642f1c10429e3cc7300ddd54c863f1cb1026651fa83a0c268c22ea494e1e4179c63c4c744dd1b55413e6fa375e49a97c4e4240d3e701bd957d42f1f249cc627f22c893b2c83eac04d7c49738893a946c50fce4e598a2913e03193387890704c93a17a3b59eeb535338c1a0d3387d5e8d5bb6f6c3835243fe1d0661caca66bc94882350beb9f4270e48b3d4d3131ddf9d653f75ac19f7ecc4023566f8a846c02ded04df5667ffa94bbd00cdf98b6a1cfc278486a386c68265fb15249cd879760b48ef677ae13a6be7e4cc89aa4f68752c5a435c8fffec1967118fce34d860695a3859a17ba8e0d", 0xed}], 0xa, &(0x7f0000001540)=[@rights={{0x2c, 0x1, 0x1, [r0, 0xffffffffffffffff, r5, r5, r1, r2, r9]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x24, 0x1, 0x1, [r4, r2, r7, 0xffffffffffffffff, r9]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x24, 0x1, 0x1, [r1, r8, r2, r5, r7]}}, @rights={{0x2c, 0x1, 0x1, [r0, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x110, 0x40000}}], 0x2, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

4.934770886s ago: executing program 34 (id=476):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
ioctl$KDDISABIO(r0, 0x4b37)
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_control_io(r1, &(0x7f00000002c0)={0x2c, &(0x7f00000000c0)={0x0, 0x30, 0x43, {0x43, 0x23, "406fa8204a89ee227dddc2f7ff908637e34fa3088a1ba1a2a112b220c88ebcc559a8261520698aba49119b65236b1a470865061143d7d209bc2f5c63fa2dc30610"}}, &(0x7f0000000140)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x827}}, &(0x7f0000000180)={0x0, 0xf, 0x8e, {0x5, 0xf, 0x8e, 0x5, [@wireless={0xb, 0x10, 0x1, 0x4, 0x11, 0x6, 0x6, 0x9, 0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xf, 0x2, 0xb, 0x1}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "049652c87fa10cd5f15200aacf6d3718"}, @generic={0x4c, 0x10, 0x3, "3c3cacd4d22c86bb4962d4540c428702990b9fc3f9bfd9bc8c550ac50d93e18d0a4367760c0082c3625f250e80107bb08e4b555c720fe2caa8e53ca2398622736c5efd2a133ff68c37"}, @ss_container_id={0x14, 0x10, 0x4, 0x10, "419b3082b9dca609beb1b741b59f84c5"}]}}, &(0x7f0000000240)={0x20, 0x29, 0xf, {0xf, 0x29, 0x3, 0x1, 0x0, 0x8, "50f6b5fd", "b0166839"}}, &(0x7f0000000280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x35, 0x2, 0x80, 0x2, 0xfd, 0x8, 0xa}}}, &(0x7f00000007c0)={0x84, &(0x7f0000000300)={0x40, 0xd, 0xf9, "60221cca5c27603585dcd60aff97aa636fcf767c202935519b78f3d7de0a6c3c0dea3bee67448a0c27074c9d81179a080f5c8eec7e96760e3da32032a4fe532f5d904278c1a174f2df2090133ccd0f0967549d6214cded8e3540b66d3a932cacfaf28b8a62b03355604e7382072df78f14ed95d55fc8a43230848d0bdef6140971e47a226926ca45ea65e0e630ce63880459381d5d9d488d5901c5768a6ca75b2db2735fb4a9726e91d3bcd9ba1c25c37958998fc98a1eae8ccab8fe924daaaafdf42d209b945090d27dd1bf266f4f724b145837b3c3e4fa63ec6dcb4503047031a25cd9ce34898ab1d555c0fb2e13747c34fa1dd921d49438"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0xfd}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x0, 0x2}}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x10, 0x2}}, &(0x7f0000000500)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000540)={0x40, 0x9, 0x1, 0x10}, &(0x7f0000000580)={0x40, 0xb, 0x2, '>d'}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x81}, &(0x7f0000000600)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f0000000640)={0x40, 0x17, 0x6, @local}, &(0x7f0000000680)={0x40, 0x19, 0x2, "1832"}, &(0x7f00000006c0)={0x40, 0x1a, 0x2, 0xd}, &(0x7f0000000700)={0x40, 0x1c, 0x1, 0xff}, &(0x7f0000000740)={0x40, 0x1e, 0x1, 0x5}, &(0x7f0000000780)={0x40, 0x21, 0x1, 0x4}})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000880)=[@in={0x2, 0x4e23, @local}, @in={0x2, 0x4e22, @broadcast}], 0x20)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f00000008c0)={0x6, 0x9, 0x0, 0x1, 0x7, "59667aa55f37532d1dfb854f46f8fc66f3c006", 0x3, 0x9})
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000900), 0x400000, 0x0)
process_mrelease(r3, 0x0)
syz_usb_disconnect(r1)
close_range(r2, r2, 0x0)
ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000940))
r4 = syz_usb_connect$cdc_ecm(0x4, 0x83, &(0x7f0000000980)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x71, 0x1, 0x1, 0x9, 0xd0, 0xb, [{{0x9, 0x4, 0x0, 0x4, 0x2, 0x2, 0x6, 0x0, 0x7f, {{0x7, 0x24, 0x6, 0x0, 0x0, 'Nv'}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0xd5, 0x4, 0xd, 0xff}, [@obex={0x5, 0x24, 0x15, 0x4}, @obex={0x5, 0x24, 0x15, 0x8}, @dmm={0x7, 0x24, 0x14, 0x401, 0x4}, @ncm={0x6, 0x24, 0x1a, 0x8, 0x941a6446c6962d21}, @mbim_extended={0x8, 0x24, 0x1c, 0x2, 0x9}, @mbim={0xc, 0x24, 0x1b, 0x5, 0x2, 0x9d, 0x5, 0x7, 0x6}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x5, 0x2}}], {{0x9, 0x5, 0x82, 0x2, 0x400, 0x8, 0x1, 0x80}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x4, 0x2, 0x4}}}}}]}}]}}, &(0x7f0000000b00)={0xa, &(0x7f0000000a40)={0xa, 0x6, 0x110, 0xbe, 0x8, 0xa4, 0x0, 0x3}, 0x1a, &(0x7f0000000a80)={0x5, 0xf, 0x1a, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0x40, 0x0, 0xa, 0xa, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x8, 0x3}]}, 0x1, [{0x20, &(0x7f0000000ac0)=@string={0x20, 0x3, "7e10928270d552a751328bc9c702841060883b969253fbff91e381a11a2a"}}]})
syz_usb_control_io$cdc_ecm(r4, &(0x7f0000000bc0)={0x14, &(0x7f0000000b40)={0x20, 0x23, 0x34, {0x34, 0x23, "c36e1c7f9b04ef64316e97ab5b717a99eabfd910d7abb58e95900c6fb6626d7ba7df96700b448e554da76f3cdfe276fa15bf"}}, &(0x7f0000000b80)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000d40)={0x1c, &(0x7f0000000c00)={0x20, 0xe, 0xa8, "a6f46f468393a981f23e58235c013b235b992ff5b23feaf9ea850abb94c09ce71ce0f070dfb53e6c2da6e024418d361310190d82e9027d5f3d1447aa4b7b51aff7df980447056f083a94436743a86a5801f3c1001ef390497042c86dc0c996541e4e552f24217925dc9ed7bf159c4679a94acde1fd07350abba38d6f01cc2f78df0532e105b1b8efa2e66634137169968022c5d1380f25da77926ffb24c6433d3271ee7063a9ec76"}, &(0x7f0000000cc0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000d00)={0x0, 0x8, 0x1, 0x1}})
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000d80)={0x0, r2, 0x3, 0xfff, 0x4, 0x8})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000dc0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
statx(0xffffffffffffff9c, &(0x7f0000001100)='./file0\x00', 0x100, 0x1418, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = epoll_create1(0x0)
r8 = accept$nfc_llcp(r2, &(0x7f0000001240), &(0x7f00000012c0)=0x60)
r9 = fspick(0xffffffffffffffff, &(0x7f0000001300)='./file0\x00', 0x0)
r10 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r11 = socket$inet_sctp(0x2, 0x5, 0x84)
r12 = socket$inet_smc(0x2b, 0x1, 0x0)
r13 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000002900), 0x80, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000002940)=<r14=>0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000002980)='./file0\x00', &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x1000)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000002a40)=<r16=>0x0)
r17 = geteuid()
getgroups(0x5, &(0x7f0000002a80)=[0xee01, <r18=>0xffffffffffffffff, 0x0, 0xee00, 0xffffffffffffffff])
sendmmsg$unix(r5, &(0x7f0000003a00)=[{{&(0x7f0000000e00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000010c0)=[{&(0x7f0000000e80)="63b08edd6c47ae68ead6ac1b5f910b329add81030cda6dd697ab933688e33b5f890c55cbd93963b5b00229584daaa2a7e7ddd2e2dc449ec901a64f4aef5eca613aca8396af254035313987cc3abfcef7151e45ad19803cca7ebf54cea476f992c0c24d02f6a72826f279c0e64bf4e2b27e42aa06e1834711f7a7b3ea62b2", 0x7e}, {&(0x7f0000000f00)="5b9429d2268d69b3315a3bdf10c02ea395e1435ea7b8fb53c4ab48b48be6bcacaeb4f804ed2f884f257a5ff18d80b22140ccb1cddd737c35fb650caad9bd64dd0e6d2149c937225872dfcba7960902fff073ee6712f389b5051cd860f1282723e3a2b029c61b60ec8373d776b4eb09585dac84a3e96ca115d7365a2742bba667dc0579846c3bb8f22e6a37ab", 0x8c}, {&(0x7f0000000fc0)="d25fb01fc1eee8c893fea9770338590d89ace671298e74a4c4e7ce57a4a563d6647970873a70e5bf272a9c141827bb79539c6c6772e9b3542c6f21f72a86ced5a6c820d03e1e612017a8349c8cd97ee919b124910ef66826892d8cfbc214bd7c2669433f414eca85282e9d1b807bea95f1683b948beb3fdbd1948ecfcb53239f89cbc8c1d0b34acff7ea456a55ec93aa3020f41e58a6520377a473a3284d8f2dc11cb7ee8d47557331b97e7c52b28e9fa5b18a3cf4954b3445cb4f845a0008e18657344ac021884cbe9fec8916747806", 0xd0}], 0x3, &(0x7f0000001340)=[@cred={{0x1c, 0x1, 0x2, {0x0, r6, 0xee00}}}, @rights={{0x34, 0x1, 0x1, [r2, r7, r0, r8, r9, r10, r0, r11, r2]}}, @rights={{0x2c, 0x1, 0x1, [r3, r12, r0, r2, r0, r2, r3]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x18, 0x1, 0x1, [r3, r0]}}], 0xb8, 0x4000014}}, {{0x0, 0x0, &(0x7f0000002400)=[{&(0x7f0000001400)="35650de150b76bc03ba743dbf8b5b2371bd3953d1a8007704d8b3c7e19dacb99d7a21b9bea7859d74af1d4b8012e3287c44e7fdc8cd4d732c61849534cb50b8179eea664e52f06018b8f1a8ccd64c041897a902ebd749dc00ef5b803c5d096557a5c92c8fdb930629618df2dc8c5de570f06beb8a04bf6e31c154ce3eafc8a5549bb4cc88ce9a1a85839fb00285d688f09f42122dbf474ba151dcc8b183a3def2639d8903754687b00b51a4aa03bc7cc88a595c6ad0cdebfe02092e79f7408ba42d4d7c0f9036f8e5e632ba524669f13829b766edf2bbd028c7ee1b0a3180805fc6b5a258bdda1964832ff233d1b4359a90dfd5aed07dd0507bbfafe4fc7342bd79e06b9334f60fc603b96768a0d20455cca57751de54357001779d769c881055aba5d6106dc50baba1c8227c38430b82d81d33c8f09d0ff2a4e68782ba4567f17f1109b947b611f87394903d1c907be10199458ef22249c4cbfd4e6dc52bfc04a6b00e7620835be495bb357ef4ee70bce8065c7c22d4c25e48b6ec4abc4a3702a3ede998be5e285dd4ae7a2fddef5c6da6ed4c901b000b58deaa1541690297d4229447575d2cb4719a602d07bd7ab9681fec3a35987f7f7a4286107c90722a6675da33093ca0c941f3f97b7fa40d2baadadb43cbeb8ef077588552ee671b4edcdc772f15d2d0422dbea2ce5420e5b710a2ef18ecb18f58d1d9529c3e8d14adb65c2d498101f7359d2068d176264a6329f1e2781ef51c80500dbc3e8fd76d443692e3e1bc136be6d0d419a9ab6e8f616b9b7256ac47dc362a3362500df43ae539cd64a490b9ea8666ffb1233ea43be785f67e11fba4211178dd0263ba39b3b3c241dfbe5105be260438f9bcd9c8e89da94dfa81a686a79824986dacd31bae8beaee91b50401b049616b84470f2dd4b68bfaa1b6b6e6317a89e269d3457095f6fb580d3baf907b28c44a7766eb8d6d2b2f7d25701ea1293da3cd2a9c7a0112d25f313c7c05d89ea8e1084552acca75f32ac2616437c89ad29aa6c2382b385951c76fa7641255f60474171887d8b4f00bee1efea4ee5d2e71a3fa775451f7ffd82abe3be28e33493f54337e0c9feaf9ed281fb8982a4efdf537964ee2c8b6a1fe90777de21855edf27692c81e74f9c8a57dfdf9d1d467f384aeceef13db2bfedf28114ddb04865140c94a35a621c229d57619a313851e8a3af2169f961fb1f6f96176521146f1a3e72522446b149c3e197077b9318ca54b2e378bc6705951d93e395f241aef6b924349eccad9d51617315408126ab59111a2fe57e316f14495d6259d045afe6cf829fe1e7296ffe5ec86f884ad9c2dd1ea3ff4c198d52c177971d1df8baba0a1fd0dc36f0299816881cfba658db89eda9aece1a7f4800ee70188a708bbfa2285e0e8b73920e2061a84c708b4bc477f12614ee31e2c59f0eb4cc42e726655f21b11901c04278f11ccb167f816e8618b0db2b381ea53fa9d12056062f242b1c4db183ff93111be96d5e24cd96bbb39cda746655afbe5a6858048a581f51d1fb4b4ba1143419d4344b0e30f82073a3a9c83df331a2bd66423466fe031a35324157c54275b6ae805bc6a2520fb43ee71066371f3f4d160d43271e064ac54697544f88c1bf2412571eed8b334c9bba5c052cba1bc86ac4cd8de100b510eb8acb314901778a2af7b21cb3d3c1bdca3af000f1f8e70f6f0723cd0b399bec8d832fe91dc07ee68fe8e629e04a512bfdc612222483a21a6210bd5b53fe46cae4c2a81ba5f240c4865eef3bde39d8d8348bf62e054006adb211c66529c01801f15e05bd7ea4b25995a8517d76e167c4153f284f71b48c55d36909190249f10a93482ee4a19a693cbc73cf0b513052032c4668a8a5fada2d6bb694cf6e037b9bc70cfcd8fc3bbba8c6383be6b759c26c47099fb7cd3265e0bcaa5ef3b44990dcdbdf9c86dd5c333669828765f2d33880fea3b8d7303618bbdaa4db0cc6e68b598693606d6f455f886bcffd5ce0b275e52a6363ddd388d2aeae165009dddb7eb461786ba46a40c6b06bc527e9b07f5717aa1dc21c1aedb098f42359ad3c2269d823eb4f5f1a306a3a34b6b86c90edd0a368209cf93dd0a3f7a3f6ed7b46742de71d3e7509dc49b741e610ae0fbdc614864c0b6d022cbf212542b7ce04843c9c32a87a3addfd87dfe795dc81c4c4f130a04bca20e2dc21a3ff7223fa12f50dfe85bccffa326f4290c246fd0120a11f4497626ed11c8e4f6883bb0474be7c6abbc38eece89006b4864dbf7ad6f578ba7306e68b84eeff1029ed8b8cd74a9b849caa92ac68c069e6342522349b7abfcbc8114a61f74c61099451dca82c588649da68a52ac00588b335accdf68d486beab321153a2f3ae1d69b0e46c63856616a0a9437fc5eaf29749d07c7824a9b180ed39e27042234e25d72686dd2085b4fae82714cdd5e19e15c636747747f1f4f8e311d170bfbb597396fb85041f9e08a973796e9ff74eb82ff8fc709fa15db0779c1c9a17a43a2c3f7122205b39d900f73d60011173cb703a34a4b1cf5d481d745fa666d997a2cd5e5974fefb8a98cfe60ddbd247bb43ea35b0833e7584cdb5c4739fb4ccff21eb5115df3d30358541fe8ea29590b89760fce14efe2ab4053f85542f04e851aedd00d61385f86e000b690bc6464eb490293b16abf95dc0a4e2b0249b1e9bafcda74f53c088f2c4e9ec4b0d55b5a784698e7cb4650c5abb47e89d94d06ae0dd2650062e0a16362c5fc4ce6857a2e11132c759d7e624782acf0b023d6529dd7b32be18e5559b12676ffe5a8eaae7dc48aff901594dbeaf538fa2e882f801504b48e50fa183d0b22814505dbe8b8b178786afbf6c2db884e9ed993007d62f94ddd477455ae3edd5904f2b6852e22410d1eaee38aa87ee82c9d4d0f668a801dd33356a4b43c3e6f75a210a4401e1d52bdf8945c401fcc05a8253a79cf0346ddc075f20e4652ac2ad4d4934f8a2e563ac2d9ce686d5243038112161b336e3634c70db63630f457a7b0afc4909487eb6a89621875b0f5f714e04aa4f1e731082f85ce252436b0dce290efff5b29880681e3ec6b1c05b88205904cefbd084838ca2b95d4e84f4f01553a6930e8459cdbf3979dd81a86b0a01b3a583db6bfed6c06b300123d9f8a09ee1fcc47744ccd68fe06981d1116b3788e4da136caaeba34107510ec0925667083174dbf4409f1d4aad5093c4286a7e633996bed30b9fcfdf2e1b25941970508a1c0a500439d94b55f58fc06bc115c76c128f51c00892356266441000b55f21550f087edfc91d8d65e7bed15b2071b83b3ef95f29fd65e35294d738fceccf8700dff89b0d2b165ed4552acf7f29e0d5ca73fafdb0d1053d0d07d649cc67b9057f7a0112289f134804d717f1159817c114c7b32860a8afbf484e4b638fd0d00e4afbe6d4905cfa55583e4c371812d6997342f6c4c479425d4d67402a27d7af88c865ee56bd7a732a24453a2a4a3fc3f31ad968e61852b35eb610e856ee57cbe0f26fb3a0fce722451574fb593c4a75e20e6f86df74abefeb723fae00d124d1e42a4dceb65e6a00915ad560df8b74f762c1c3795d798910fa0e17d3b0a9f23270a48f996b7d3b6342b0f060d28f6bff94c8b4db056231aef318c1383de95116a0e9c3727dbc5eb38a11ab164d2169f30dd0a89eab6752b12eedb120a3e10cb4527a635359bcd878e0faea1b86f8590a780beacd81cb050145f3a239a204ca0ddebb5ab3166603c3395ddef2b47266ff9788495ee21881372515381c824c596bfec87ef8bd6c728a84db17c7913781dd9068cd5f8e71809158315f8d6d2b8d3d9946c08c2bcd676eb5f96af436b10cfbefb0d9874019f46de666a520ad9d59753e6e25c5a1ef60d169f75c426fb1fda73d3f071a02cf7ff7a54d72675daca758340b0d5f8c821d2c47f9a0f66fd12cbd023d3f1cba96e2fd9d340432bf6480651cc6685687d1c356d03377f55569050c34245a1374d77c0223ade0f184ac881c9e76b579525a2f183ee37253095f44989f95b3d6ef289802048172b9d6df77d10b3f458482ebf6700bdc3e54f4dc4b7b179c111226554ca8481f061fbf9068b99484064ac1cba440573b7372a5631a9169e13abc832f0849259f91ff0379d19844a680c82ebb361ead0cd41977a2ce01973db1ce22aad265ed19b240c48df718de7051685ca987ef65bd5c2f0c971c62f80d31ce4d0cc2a46bcddfb4b0ae6a027b59c1fbbfdf2d3c62cd7e963645a51a8a06214e364a9f1029a842bfc240820bf23915dbaa6fb9c54fe389a98f608340db8701d223f5d46a79bf39db2e3770b575682b95da351a0d11d27e3e7cef28738fe62f4e7eea85120ce11bdee3bd24f60ea3e7fb105bf9b127a8a94a3ddf226a2afdfd94fdfe3a1a8a6e9183242e3128c2ed547a354929295cd9f242355bc6da92ceb8a30e1c0cf07e13affefef70ebc2f97257c9f61c88f69387fe89f2b9ffd72596f1bad037a97692863b15bf689cb7b3d63b868e1d2826ad0b5df106d7cdf68fd353c2f816c54fc6e3d87fa7467108c0a810b8b0b23b360c73539492d986f24c94de32361aaddd317e6fe23d694eb1e52c0483440cffbf24ac09437279df19ab4b8b41431065251aae9f0d29fa1a3e3090eeebaa8c513fb417fe3e7541e1264cf88a44d2af101f6af70f6d50cae1c879c133d9f8b548a63e4a3708c3b3350765eff6bafdea2f073c6f31bcbc65466e1a5abc13ddfbbff1969238b80d164522505bdfaba8043af0e9a1ff6f6e5275675285d7a271b2a82043b64f15440eb3365f20a1f111846b66d611ca1b6b5c0d3a10b253074d162dd33f6190557f3f342e079baaa440b73fc3d5a3a049527383e7437c2b165dc1ba98aeb7b7d00908f29513f1442e0f0f3d713dd9a8cbe983e781ebe81c82825f178313ab3225435ef7ebc9d1ca760d7a36bd276d6e4d9a1d72cf33b140fbec7b20219568a8c613e680ecc591f53673c99f59b9449c40e08bfd2981b7cd76f4a5fb35f25b451a390a148d194d721898d0eb23dad923461ee7cfc82c627e54dd50a66cf52ce8d8de16f9629b96a503a623fc0584399541ee63daeba385aaf3add0b05cdf25d395170e0ee7d02e3d21bccffd5a76c18f5cc02ed568b4ae1585a744593928843af677a25f2ed770a717ffb8594314e069338c506609b8197d4542b256898ebaf8980df3940c9c059941b09e37fbe5fc4fcc28cf9f1e6d864caf64dbc9b94d6a477d3b781532c71dcc0bf9fe6a6081c7e9fab31c94216b5b9599c0a2a50b1162fdfe87572d146c7518fd425266f8bd139b22962f21f15d219ac1929571ca4525f760079af59765246b113296f2b2a8d07d682fb09e34c2001784549cf04c641735a318ad828dfdd57ac58dbaf4c118cbdbec60aa12d4352a0522cbd406f7972e6db61fa4d91c5c0a94b46f8b2ed7ea650e25422cc8df8fa019ea0fa6e221b18d7c08bace7d86362fc6ee0412f6cb0a7e32fc90314d3e77be19e8ae0e0eb2717400059ea25421613ef3e835b864c33037f18ac0596bd9ef0b49a0cd485e988d4be82ce6c157cbf9aed47a2f72b992f9c077b5fe5461ae675918773c7090cd8e1db55de26ef1f0794c32f4b49fccb35b4dd9b5d0b1e068b89fbf3dbea21fad17d1dc2e086652f4410d4ca71d2c097c1ddc7d685a95913dc6bf7d65136f26a6594e681b61ca5d288c08c5da78d159466ee56e49d48a813914903ac8d3ed2ea06a5fa186702246b126062e2793920e2d260de21f26002f6d751957fd25a43d076c", 0x1000}], 0x1, 0x0, 0x0, 0x20008004}}, {{0x0, 0x0, &(0x7f0000002880)=[{&(0x7f0000002440)="d392730ccd9d05", 0x7}, {&(0x7f0000002480)="acc43f932c220bc2198d7084d78db4aeff9c654dcd5d93b7f7ff3e03a6bb93ff48e9274f996c06a4be668bead7b2b99932e98b95bb1eec6e6b8084df92d038db2459ef180fd0a1babc066f950eefc4ca4de2d1238cd790c0acfa51a3a2814bdfce98b7cc558ec40c3b31dca57ad5473aca068f1d7a768bb7d7a59e8fd2d9390dd8f437954451572fdfb8d960b6bef518", 0x90}, {&(0x7f0000002540)="8004697e6e700b0ebf528e5974b6973615758b5ceea22e4260002e044a6b0ba3a91a91ea01e9caafd9b729b6428ba7b1b563a9c2eabd4956e19c34c73d4eb068545954a30543b10dbba0efca389e1f90230b6a7754149be28e169a508c9dfa1a086d874e6c49f3fd40c133a80eccd6535d6683a2c92ad83039af381721425494bdfb5bd2a9f7dc8e87082b29a4fb", 0x8e}, {&(0x7f0000002600)="f1e60a1545f5d4b8c9337587c061b4023cfa171978f491900ca286c091c917f84bdbc3c58ac88b1893025b66b30ebefe3e52fd6a994ba6887f1e95a6ebff704e2b46a50d47e32a1891a69441abd817eac9e6bf114ab3f0f68d28e356ec3b7a8f221918e0d938e4927707919dd0092c292004abc208cfc32201830754b0737f76acea2ad53a69bae23a82011306af57adcb73e0bd9c09875ad83d9e", 0x9b}, {&(0x7f00000026c0)="295806fcffdcf16317e1ce6bc982f5e7f48b6a335ba25376e8151f5ad6e6eb6582448261bbf6f984bf5962bd1cd3b5bbfb0e8c66ff0991db5a60f42a097632f7498323cf52ab95d5fcc21b390501553bbcc2a73b0d23023f696a02822545c2adb436446c7d195b1de3bdaf9cbe37d2227195bb17e63983bb0e2cb6eed8b28f2daca5218852adf51ef532a3aaa418eef7ce93001f6d36d158669199c292082af2a1ea20491416f709d07e1533cd9542504c3dabbffe9c0c85e6d0d324a5dc2ad228b156cf8a7e78d69dc7a947c2153f78d135ae0e8884615d177762b0e3b5f6c0223cfac2be67c97764d112c54d553781970c4d3cabd7d08c0c", 0xf9}, {&(0x7f00000027c0)="62cfacbe7bad3c907f1cef79ae01301f78689ba716a4ce92b4d68190f2eabb0779a1772d7c38dcc2633a5b2cd69ed41573bc1a79e586ad01d02c01084412e8bb32d36bebd17099e854a137d33b5b8ef8757482d5a063150dd03c7644afb3ecd27c91a806f1206b6926ca6c5821069fc9c073f62a010d8ae771c0ca68d883ad79d55d5762457d", 0x86}], 0x6, &(0x7f0000002c80)=[@rights={{0x20, 0x1, 0x1, [r2, r2, r0, r13]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r14, r15}}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {r16, r17, r18}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r0]}}], 0xb0, 0x10}}, {{&(0x7f0000002d40)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000002f00)=[{&(0x7f0000002dc0)="9db57bf06b4c0eadab03fc7124c6ead8796d9497eef6a68211f6f409c30c4e29d54341756877aaeb6b8ba7550af058ffa00cf49fdcfa3c93ea85f6eeff1bde22683c0a540e48f54aadea703b7ea8a66bb27e106d0cc64189669fdfaaa30e246182ee1617bc3daf8aa1e57b8252905677a1cb", 0x72}, {&(0x7f0000002e40)="d5f2dfd17500141e7a1aa16da61983ec29b5dd754be648456cd4eb26dd851ad5039b0acde0515ffcee4ee36eef619e7031a1a5c8a63ecf1db0a797a2195004f6b97bf7fe71d52d6495946b59c05e3311942835854ffd3a14eb6b539178e1849857cd9ef5d66e1eb60168a617f34256d432ca25beff1c854072df738a9caaf6739db976eac40aba38a172d1118b5436c445ff830d594366babc92cf2150a24d6cfcf5159ecb6f6697ee", 0xa9}], 0x2, &(0x7f00000038c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r2, 0xffffffffffffffff, r2, r2, r0, r3, r0]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @rights={{0x20, 0x1, 0x1, [r3, r2, r2, r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x128, 0x80}}], 0x4, 0x20004810)

1.541249497s ago: executing program 35 (id=484):
r0 = socket$inet6(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vlan0\x00'})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000080)=0x2e9aa845)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000010100c0"])
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f00001ad000/0x1000)=nil, 0x1000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
syz_usb_connect(0x4, 0x2d, &(0x7f00000008c0)=ANY=[@ANYBLOB="4e3233208d9970ab5b23d2ba245405acb17081e708fb302833a9fe79ebca1f2567ca3b4fd81f89ae1ff3797b91e8774db06fed6b9d07bc4c2e86978ab19b384ee4ef9748247167275a901216210ac24618431a40bf9eca84b5b661429fe069d7fd811b8b5f6f86c911ec457a19b98699e880d80427183030c6dce4e4407e0885f01f3de2b3870a304d8dcc009ab8b7709928732994c2a79bc6dce87e5118bfd456093210b65fca0d0f9f02caa9dbb7310216ed371a4279fd"], 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r7, 0x5606, 0x80)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r9=>r6, {0x7}}, './file0\x00'})
ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000300)={0x1, 0x1, 0x1000, 0x5d, &(0x7f00000000c0)="cc4cb0ba6b6e4dfe98f39574e5f6f275bea597f83c40b5ba14de94676da8bcd982441b4433279deee192f47033ad59c26c1a528f97a760cb472b46c569f8adb7ab6c017fa3ec61a229e074d846476cd41f8168f51807c170a2cd1d078f", 0x0, 0x0, 0x0})
sigaltstack(&(0x7f0000001040)={0x0, 0x80000001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000002f9b0000017963de1369dde300000f004083c5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0x1267, &(0x7f00000006c0), &(0x7f0000000740), &(0x7f0000000780))
r10 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000040)=ANY=[], 0xd046)
recvmsg(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000002540)=""/4094, 0xffe}, {&(0x7f0000000fc0)=""/4096, 0x1000}], 0x2}, 0x0)

48.841213ms ago: executing program 36 (id=488):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={<r1=>r0, 0x7ff, 0x5, 0x8})
syz_open_dev$vim2m(&(0x7f0000000000), 0x7c, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(0x3)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x571001, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="7748399bf50cba6a29d8657b8c5f1b7a678b22d6c578d962036fbecd406bcc564290826980e477b5e0ab0f99f435ecd18ceb1c7bf7ba630c88b0ee30b54fd7876f93c380a563ea119d3afa3c32f7053c9d25ae16cffa5c82543f11734c2ddaeec06412aac5438f0e1dce9355af1853f451c58862095524b7c8646581250a4265c5515bb046a0e1dc933d11b7dd15a624c707c27562a1b3522f10d4f9", @ANYRES64=r1, @ANYRES8=r1, @ANYRESOCT, @ANYRES8=r3], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$HIDIOCSREPORT(r1, 0x400c4808, &(0x7f0000000200)={0x1, 0x200, 0x8})
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00f8000000000000000000000000000000000000000000000000004a4b6d0d"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x14, 0xf, &(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYRES32=r5, @ANYRES64=0x0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r9 = dup(r8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
syz_usb_connect(0x0, 0x47, &(0x7f0000001fc0)={{0x12, 0x1, 0x0, 0x31, 0x94, 0xb0, 0x8, 0x499, 0x1055, 0x1a4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x9e, 0x40, 0x2c, 0x0, [@uac_as={[@format_type_i_continuous={0x8}]}], [{{0x9, 0x5, 0x8d, 0x2}}, {{0x9, 0x5, 0x3, 0x3}}, {{0x9, 0x5, 0xb}}]}}]}}]}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="0209000002"], 0x10}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000240)=ANY=[@ANYRES32], &(0x7f0000001580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

0s ago: executing program 37 (id=487):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x5, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000ffffff7f0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000fffdffffb702000008000000b70300000000000085000000d200000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000003880)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ssse3\x00'}, 0x58)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f0000000780)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)="25acc7fe0aaa6cbfc6b0da6998cf0344b861acea0e82bb779196f56dfb35984ef00cb39c88d00b4375e1b964ab88c21a7a69ee051d2e7c64692cd1e9d63fcacf9994ca2ab6d025979e1e902069e2d9da142359a22d8a903abf2ac849cd1875b8ad86c0c2fc6d0cd3846815661511e6bdff789b74f28785ed1592098ea57b0e11d41962cbc638fe5e3f52b71504912dda0756e4678c2e3bd290da15cc8fdc5c5f0f264760167c016ec3c67b33e9cbc6e323ab44f2160ff6bc924d72497842af78ef2d13cb3e085e66143b69cc1f216103030b70fef8759d82f9c01bc147c25da6ce9ce5c8db5796ef02c6", 0xea}, {&(0x7f0000000200)="76d37aa03d781582c3704df94b91116e2bddae9aae3c61a78150bf9e6adc5beb64132485ad33ff89724e7abc433ace16138bc110cfacb21dc2fab6e802c193a9197b7ceb427cc767ddf2b2c850c1e13b23f0fd62d7a6", 0x56}], 0x2}], 0x1, 0x0)
setsockopt$inet_group_source_req(r2, 0x0, 0x2b, &(0x7f0000000580)={0x2, {{0x2, 0x4e21, @multicast1}}, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x108)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000040)={0xa}, 0x8)
connect$bt_sco(r4, &(0x7f0000000000)={0x1f, @none}, 0x8)
shutdown(r4, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x800, 0x70bd2b, 0x25dfdbfc, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000811)

kernel console output (not intermixed with test programs):

86.132825][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.134481][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.149578][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.151320][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.167187][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.183674][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.192708][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.201800][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.210533][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.227010][ T5846] veth1_vlan: entered promiscuous mode
[   86.274938][ T5922] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3'.
[   86.291814][ T5847] Bluetooth: hci0: command tx timeout
[   86.297301][ T5847] Bluetooth: hci1: command tx timeout
[   86.306602][ T5151] Bluetooth: hci2: command tx timeout
[   86.371217][ T5847] Bluetooth: hci4: command tx timeout
[   86.376711][ T5847] Bluetooth: hci3: command tx timeout
[   86.474625][ T5846] veth0_macvtap: entered promiscuous mode
[   86.484090][ T5846] veth1_macvtap: entered promiscuous mode
[   86.500044][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.511109][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.526616][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.537365][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.547386][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.557896][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.568287][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.579018][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.590542][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.646849][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.676318][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.694518][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.719742][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.740001][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.753885][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.764021][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.776282][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.788015][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.068453][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.089053][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.124759][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.190977][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.199746][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.231097][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.377996][ T5847] Bluetooth: hci0: command tx timeout
[   88.421077][ T5151] Bluetooth: hci1: command tx timeout
[   88.426578][ T5151] Bluetooth: hci2: command tx timeout
[   88.467664][ T5151] Bluetooth: hci3: command tx timeout
[   88.473656][ T5151] Bluetooth: hci4: command tx timeout
[   88.648221][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.656227][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.665133][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.682303][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.771260][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.779768][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.920236][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.938759][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.961235][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.964180][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.020182][ T5852] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   89.246757][ T5852] usb 4-1: Using ep0 maxpacket: 16
[   89.524523][ T5852] usb 4-1: New USB device found, idVendor=07c4, idProduct=a109, bcdDevice=e8.ef
[   89.543037][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.588383][ T5852] usb 4-1: config 0 descriptor??
[   89.752841][ T5954] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.924871][ T5852] ums-datafab 4-1:0.0: USB Mass Storage device detected
[   90.207922][ T5852] ums-sddr55 4-1:0.0: USB Mass Storage device detected
[   90.268853][ T5939] capability: warning: `syz.3.7' uses 32-bit capabilities (legacy support in use)
[   90.794417][ T5952] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   90.805469][ T5952] batman_adv: batadv0: Adding interface: gretap1
[   90.811932][ T5952] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.837415][ T5952] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[   91.636776][ T5980] netlink: 96 bytes leftover after parsing attributes in process `syz.1.16'.
[   92.299913][ T3075] cfg80211: failed to load regulatory.db
[   93.587670][ T5852] usb 4-1: USB disconnect, device number 2
[   93.650774][ T5923] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   93.810631][ T5890] IPVS: starting estimator thread 0...
[   93.895635][ T5923] usb 1-1: config index 0 descriptor too short (expected 29296, got 36)
[   93.904852][ T5923] usb 1-1: config 99 has too many interfaces: 111, using maximum allowed: 32
[   93.921452][ T6017] tipc: Started in network mode
[   93.922741][ T5923] usb 1-1: config 99 has an invalid descriptor of length 101, skipping remainder of the config
[   93.940996][ T5923] usb 1-1: config 99 has 0 interfaces, different from the descriptor's value: 111
[   93.942143][ T6018] IPVS: using max 20 ests per chain, 48000 per kthread
[   93.950348][ T5923] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   93.967064][ T6017] tipc: Node identity ac1414aa, cluster identity 4711
[   93.984938][ T6017] tipc: Enabled bearer <udp:s>, priority 10
[   94.007289][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.023557][ T6014] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[   94.030318][ T6014] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   94.039416][ T6014] vhci_hcd vhci_hcd.0: Device attached
[   94.045253][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   94.047714][ T6021] vhci_hcd: connection closed
[   94.076572][   T62] vhci_hcd: stop threads
[   94.107554][   T62] vhci_hcd: release socket
[   94.150778][   T62] vhci_hcd: disconnect device
[   94.250836][ T5890] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   94.327887][ T6025] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   94.346921][ T5923] usb 1-1: string descriptor 0 read error: -71
[   94.362318][ T5923] usb 1-1: USB disconnect, device number 2
[   94.404861][ T5890] usb 2-1: device descriptor read/64, error -71
[   94.671567][ T5890] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   94.961204][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   95.370846][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   95.705564][ T5923] tipc: Node number set to 2886997162
[   95.850964][ T5890] usb 2-1: device descriptor read/64, error -71
[   95.980745][ T5890] usb usb2-port1: attempt power cycle
[   96.223618][ T6037] can0: slcan on ttyS3.
[   96.337509][ T6042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.353131][ T5890] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   96.366830][ T6042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.381621][ T5890] usb 2-1: device descriptor read/8, error -71
[   96.495179][ T6037] can0 (unregistered): slcan off ttyS3.
[   96.571352][   T58] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   96.660949][ T5890] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   96.684035][ T5890] usb 2-1: device descriptor read/8, error -71
[   96.692068][ T5923] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   96.759051][   T58] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   96.759106][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   96.759152][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   96.759194][   T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   96.759281][   T58] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   96.759324][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.793482][ T5890] usb usb2-port1: unable to enumerate USB device
[   96.818725][   T58] usb 3-1: config 0 descriptor??
[   96.912794][ T5923] usb 5-1: Using ep0 maxpacket: 32
[   96.948065][ T5923] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   96.948126][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   96.948307][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   96.948450][ T5923] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   96.948575][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.963232][ T5923] usb 5-1: config 0 descriptor??
[   96.984757][ T6047] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[   97.008565][ T5923] hub 5-1:0.0: USB hub found
[   97.211401][ T5923] hub 5-1:0.0: 2 ports detected
[   97.311124][   T58] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   97.311208][   T58] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   97.313352][   T58] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   97.333030][   T58] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   97.839056][ T6058] FAULT_INJECTION: forcing a failure.
[   97.839056][ T6058] name failslab, interval 1, probability 0, space 0, times 0
[   97.839126][ T6058] CPU: 0 UID: 0 PID: 6058 Comm: syz.1.38 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   97.839150][ T6058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   97.839167][ T6058] Call Trace:
[   97.839174][ T6058]  <TASK>
[   97.839181][ T6058]  dump_stack_lvl+0x241/0x360
[   97.839219][ T6058]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.839242][ T6058]  ? __pfx__printk+0x10/0x10
[   97.839266][ T6058]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[   97.839285][ T6058]  ? __pfx___might_resched+0x10/0x10
[   97.839313][ T6058]  should_fail_ex+0x3b0/0x4e0
[   97.839340][ T6058]  should_failslab+0xac/0x100
[   97.839357][ T6058]  ? proc_alloc_inode+0x2a/0xc0
[   97.839374][ T6058]  kmem_cache_alloc_lru_noprof+0x75/0x390
[   97.839392][ T6058]  ? __pfx_lock_release+0x10/0x10
[   97.839431][ T6058]  proc_alloc_inode+0x2a/0xc0
[   97.839448][ T6058]  ? __pfx_proc_alloc_inode+0x10/0x10
[   97.839467][ T6058]  alloc_inode+0x65/0x1a0
[   97.839488][ T6058]  new_inode+0x22/0x1d0
[   97.839510][ T6058]  proc_pid_make_inode+0x1f/0x130
[   97.839532][ T6058]  proc_ns_dir_lookup+0x20c/0x3a0
[   97.839551][ T6058]  ? __pfx_proc_ns_dir_lookup+0x10/0x10
[   97.839570][ T6058]  path_openat+0x11a7/0x3590
[   97.839615][ T6058]  ? __pfx_path_openat+0x10/0x10
[   97.839651][ T6058]  do_filp_open+0x27f/0x4e0
[   97.839675][ T6058]  ? __pfx_do_filp_open+0x10/0x10
[   97.839696][ T6058]  ? do_raw_spin_lock+0x14f/0x370
[   97.839729][ T6058]  ? __pfx_kfree_link+0x10/0x10
[   97.839763][ T6058]  do_sys_openat2+0x13e/0x1d0
[   97.839784][ T6058]  ? __pfx_do_sys_openat2+0x10/0x10
[   97.839802][ T6058]  ? __fget_files+0x2a/0x410
[   97.839823][ T6058]  ? __fget_files+0x2a/0x410
[   97.839846][ T6058]  __x64_sys_openat+0x247/0x2a0
[   97.839867][ T6058]  ? __pfx___x64_sys_openat+0x10/0x10
[   97.839890][ T6058]  ? do_syscall_64+0x100/0x230
[   97.839914][ T6058]  ? do_syscall_64+0xb6/0x230
[   97.839938][ T6058]  do_syscall_64+0xf3/0x230
[   97.839960][ T6058]  ? clear_bhb_loop+0x35/0x90
[   97.839978][ T6058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.840004][ T6058] RIP: 0033:0x7fccae77d1b0
[   97.840036][ T6058] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[   97.840067][ T6058] RSP: 002b:00007fccaf535f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   97.840086][ T6058] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fccae77d1b0
[   97.840098][ T6058] RDX: 0000000000000002 RSI: 00007fccaf535fa0 RDI: 00000000ffffff9c
[   97.840110][ T6058] RBP: 00007fccaf535fa0 R08: 0000000000000000 R09: 0000000000000000
[   97.840121][ T6058] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[   97.840131][ T6058] R13: 0000000000000000 R14: 00007fccae935fa0 R15: 00007ffd4dba0f38
[   97.840156][ T6058]  </TASK>
[   97.845615][ T6058] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[   97.845670][ T6058] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   97.846674][ T6058] vhci_hcd vhci_hcd.0: Device attached
[   97.850740][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   97.858194][ T6062] vhci_hcd: connection closed
[   97.861671][ T5923] hub 5-1:0.0: set hub depth failed
[   97.932168][   T51] usb 3-1: USB disconnect, device number 2
[   97.945517][ T1146] vhci_hcd: stop threads
[   98.030904][ T5888] vhci_hcd: vhci_device speed not set
[   98.718854][ T5923] usb 5-1: USB disconnect, device number 2
[   98.755427][ T1146] vhci_hcd: release socket
[   98.756666][ T1146] vhci_hcd: disconnect device
[   98.875369][ T5888] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[   98.885541][ T5888] usb 35-1: enqueue for inactive port 0
[   98.960836][ T5888] vhci_hcd: vhci_device speed not set
[   99.230939][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.271186][ T6083] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.140814][ T5923] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  100.626849][ T5923] usb 4-1: config 0 has no interfaces?
[  100.710856][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  100.771874][ T6104] loop2: detected capacity change from 0 to 7
[  101.109491][ T5923] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  101.128930][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.142531][ T5923] usb 4-1: Product: syz
[  101.142557][ T5923] usb 4-1: Manufacturer: syz
[  101.142575][ T5923] usb 4-1: SerialNumber: syz
[  101.144193][ T6104] Dev loop2: unable to read RDB block 7
[  101.144274][ T6104]  loop2: unable to read partition table
[  101.144445][ T6104] loop2: partition table beyond EOD, truncated
[  101.144493][ T6104] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  101.230035][ T6115] FAULT_INJECTION: forcing a failure.
[  101.230035][ T6115] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  101.230117][ T6115] CPU: 0 UID: 0 PID: 6115 Comm: syz.1.52 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  101.230145][ T6115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.230160][ T6115] Call Trace:
[  101.230169][ T6115]  <TASK>
[  101.230180][ T6115]  dump_stack_lvl+0x241/0x360
[  101.230221][ T6115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.230255][ T6115]  ? __pfx__printk+0x10/0x10
[  101.230293][ T6115]  ? snprintf+0xda/0x120
[  101.230319][ T6115]  should_fail_ex+0x3b0/0x4e0
[  101.230357][ T6115]  _copy_to_user+0x31/0xb0
[  101.230395][ T6115]  simple_read_from_buffer+0xca/0x150
[  101.230436][ T6115]  proc_fail_nth_read+0x1e9/0x250
[  101.230464][ T6115]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.230493][ T6115]  ? rw_verify_area+0x55e/0x6f0
[  101.230524][ T6115]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.230551][ T6115]  vfs_read+0x1fc/0xb70
[  101.230589][ T6115]  ? __pfx___mutex_lock+0x10/0x10
[  101.230625][ T6115]  ? __pfx_vfs_read+0x10/0x10
[  101.230672][ T6115]  ? __fget_files+0x2a/0x410
[  101.230699][ T6115]  ? __fget_files+0x395/0x410
[  101.230724][ T6115]  ? __fget_files+0x2a/0x410
[  101.230760][ T6115]  ksys_read+0x18f/0x2b0
[  101.230794][ T6115]  ? __pfx_ksys_read+0x10/0x10
[  101.230826][ T6115]  ? do_syscall_64+0x100/0x230
[  101.230861][ T6115]  ? do_syscall_64+0xb6/0x230
[  101.230894][ T6115]  do_syscall_64+0xf3/0x230
[  101.230925][ T6115]  ? clear_bhb_loop+0x35/0x90
[  101.230951][ T6115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.230983][ T6115] RIP: 0033:0x7fccae77d25c
[  101.231003][ T6115] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  101.231022][ T6115] RSP: 002b:00007fccaf515030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  101.231048][ T6115] RAX: ffffffffffffffda RBX: 00007fccae936080 RCX: 00007fccae77d25c
[  101.231065][ T6115] RDX: 000000000000000f RSI: 00007fccaf5150a0 RDI: 0000000000000005
[  101.231088][ T6115] RBP: 00007fccaf515090 R08: 0000000000000000 R09: 0000000000000000
[  101.231103][ T6115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.231117][ T6115] R13: 0000000000000000 R14: 00007fccae936080 R15: 00007ffd4dba0f38
[  101.231150][ T6115]  </TASK>
[  101.238667][ T5213] Dev loop2: unable to read RDB block 7
[  101.238870][ T5213]  loop2: unable to read partition table
[  101.239043][ T5213] loop2: partition table beyond EOD, truncated
[  101.267032][ T5923] usb 4-1: config 0 descriptor??
[  101.430517][ T5888] IPVS: starting estimator thread 0...
[  101.580818][ T6114] IPVS: using max 19 ests per chain, 45600 per kthread
[  102.483178][ T6087] netlink: 'syz.3.44': attribute type 39 has an invalid length.
[  102.673575][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  102.688691][ T6087] veth0_macvtap: left promiscuous mode
[  102.839115][ T6106] tty tty21: ldisc open failed (-12), clearing slot 20
[  102.851402][ T6109] tty tty23: ldisc open failed (-12), clearing slot 22
[  102.931060][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.138701][   T29] audit: type=1326 audit(1732636998.019:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.248706][   T29] audit: type=1326 audit(1732636998.029:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.315552][   T29] audit: type=1326 audit(1732636998.029:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.370289][   T29] audit: type=1326 audit(1732636998.029:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.398216][   T29] audit: type=1326 audit(1732636998.029:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.480000][   T29] audit: type=1326 audit(1732636998.029:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.566252][   T29] audit: type=1326 audit(1732636998.029:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.624319][   T29] audit: type=1326 audit(1732636998.029:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.687043][   T29] audit: type=1326 audit(1732636998.029:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.724020][   T29] audit: type=1326 audit(1732636998.029:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6128 comm="syz.1.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  103.752447][ T6143] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  103.921671][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.951182][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.888970][ T5888] usb 4-1: USB disconnect, device number 3
[  104.910029][ T6159] syz.2.71 uses obsolete (PF_INET,SOCK_PACKET)
[  105.404229][ T6165] 9pnet_virtio: no channels available for device syz
[  107.342579][ T6188] netlink: 176 bytes leftover after parsing attributes in process `syz.3.81'.
[  109.248450][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  109.248471][   T29] audit: type=1804 audit(1732637004.129:25): pid=6197 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.2.82" name="/newroot/18/file1" dev="fuse" ino=1 res=1 errno=0
[  109.304949][   T29] audit: type=1800 audit(1732637004.129:26): pid=6197 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.82" name="/" dev="fuse" ino=1 res=0 errno=0
[  109.390795][ T5840] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  109.446276][ T6178] binder: 6177:6178 ioctl c018620c 20000240 returned -1
[  109.487270][   T29] audit: type=1326 audit(1732637004.369:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.536525][ T6206] Zero length message leads to an empty skb
[  109.591269][   T29] audit: type=1326 audit(1732637004.399:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.613254][   T29] audit: type=1326 audit(1732637004.419:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.635131][   T29] audit: type=1326 audit(1732637004.419:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.668538][   T29] audit: type=1326 audit(1732637004.419:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.691319][ T5933] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  109.703261][   T29] audit: type=1326 audit(1732637004.419:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.728155][   T29] audit: type=1326 audit(1732637004.419:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.752681][ T6207] netlink: 24 bytes leftover after parsing attributes in process `syz.2.85'.
[  109.761963][   T29] audit: type=1326 audit(1732637004.419:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f797e819 code=0x7ffc0000
[  109.787600][ T6209] loop6: detected capacity change from 0 to 524287999
[  109.812320][ T5840] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  109.822925][ T5840] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  109.833570][ T5840] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  109.843507][ T5933] usb 1-1: config 0 interface 0 has no altsetting 0
[  109.847852][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.850535][ T5933] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  109.861950][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.878318][   T35] loop: Write error at byte offset 1, length 4096.
[  109.885472][ T5840] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  109.897707][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  109.907407][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  109.916410][ T5840] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  109.918638][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.936933][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.949380][ T5933] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.955681][   T11] loop: Write error at byte offset 1, length 4096.
[  109.969019][ T5933] usb 1-1: config 0 descriptor??
[  109.974438][ T5840] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  109.983997][ T5840] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  109.993874][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  110.003421][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.012060][ T5840] usb 4-1: Product: syz
[  110.020223][ T5840] usb 4-1: Manufacturer: syz
[  110.025246][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  110.035271][ T5840] cdc_wdm 4-1:1.0: skipping garbage
[  110.035736][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  110.040534][ T5840] cdc_wdm 4-1:1.0: skipping garbage
[  110.050073][ T5840] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  110.062388][   T11] loop: Write error at byte offset 1, length 4096.
[  110.070702][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  110.080229][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.092554][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  110.102329][   T35] loop: Write error at byte offset 1, length 4096.
[  110.114762][ T5840] cdc_wdm 4-1:1.0: Unknown control protocol
[  110.120786][    C0] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.121559][   T35] loop: Write error at byte offset 1, length 4096.
[  110.170313][    C0] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.196326][   T35] loop: Write error at byte offset 1, length 4096.
[  110.214652][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.229085][   T35] loop: Write error at byte offset 1, length 4096.
[  110.266511][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.282006][   T12] loop: Write error at byte offset 1, length 4096.
[  110.300906][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.317590][   T35] loop: Write error at byte offset 1, length 4096.
[  110.334883][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.341064][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.83'.
[  110.353254][   T12] loop: Write error at byte offset 1, length 4096.
[  110.370795][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  110.427823][    C0] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  110.434666][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  110.442682][    C0] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  110.449348][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  110.457045][    C0] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  110.463699][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  110.470282][   T58] usb 4-1: USB disconnect, device number 4
[  110.476245][    C0] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  110.476273][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  110.476293][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  110.781446][ T6218] 9pnet_virtio: no channels available for device syz
[  112.254897][ T5933] video4linux radio48: keene_cmd_set failed (-110)
[  112.261736][ T5933] radio-keene 1-1:0.0: V4L2 device registered as radio48
[  112.311028][ T6231] loop2: detected capacity change from 0 to 7
[  112.440952][ T6231] Dev loop2: unable to read RDB block 7
[  112.483181][ T6231]  loop2: unable to read partition table
[  112.552403][ T6231] loop2: partition table beyond EOD, truncated
[  112.561739][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.1.92'.
[  112.640911][ T6231] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  112.680948][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.1.92'.
[  112.717615][ T5213] Dev loop2: unable to read RDB block 7
[  112.727838][ T5213]  loop2: unable to read partition table
[  112.739931][ T5213] loop2: partition table beyond EOD, truncated
[  112.752084][ T5933] usb 1-1: USB disconnect, device number 3
[  112.927537][ T6239] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.971657][ T5852] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  113.047499][ T6242] 9pnet_fd: Insufficient options for proto=fd
[  113.310811][ T5852] usb 2-1: Using ep0 maxpacket: 8
[  113.318307][ T5852] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  113.328329][ T5852] usb 2-1: config 0 has no interface number 0
[  113.334973][ T5852] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  113.350787][ T5852] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  113.364508][ T5852] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  113.378052][ T5852] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  113.394903][ T5852] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  113.543318][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.062263][ T5852] usb 2-1: config 0 descriptor??
[  114.131151][ T5852] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  114.880499][ T6267] 9pnet_virtio: no channels available for device syz
[  115.673307][ T5933] usb 2-1: USB disconnect, device number 6
[  116.399124][ T5933] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  118.280518][ T6311] __vm_enough_memory: pid: 6311, comm: syz.1.108, bytes: 549159501824 not enough memory for the allocation
[  119.043441][ T6321] 9pnet_virtio: no channels available for device syz
[  120.533760][ T6345] netlink: 32 bytes leftover after parsing attributes in process `syz.1.116'.
[  121.543552][ T6364] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  123.430776][ T5888] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  123.637804][ T6340] syz.3.115 (6340): drop_caches: 2
[  123.710787][ T5852] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  123.816311][ T5888] usb 1-1: unable to get BOS descriptor or descriptor too short
[  123.825181][ T5888] usb 1-1: not running at top speed; connect to a high speed hub
[  123.835985][ T5888] usb 1-1: config 136 has an invalid descriptor of length 0, skipping remainder of the config
[  123.855031][ T5888] usb 1-1: config 136 has 2 interfaces, different from the descriptor's value: 3
[  123.871404][ T5888] usb 1-1: config 136 has no interface number 1
[  123.877709][ T5888] usb 1-1: too many endpoints for config 136 interface 2 altsetting 12: 89, using maximum allowed: 30
[  123.878435][ T6382] netlink: 4 bytes leftover after parsing attributes in process `syz.3.123'.
[  123.899006][ T5852] usb 3-1: Using ep0 maxpacket: 32
[  123.901011][ T5888] usb 1-1: config 136 interface 2 altsetting 12 has 0 endpoint descriptors, different from the interface descriptor's value: 89
[  123.920506][ T5888] usb 1-1: config 136 interface 2 has no altsetting 0
[  123.930911][ T5852] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[  123.937880][ T5888] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  123.940489][ T5852] usb 3-1: config 0 has no interface number 0
[  123.969664][ T5852] usb 3-1: config 0 interface 132 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  123.979316][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.986376][ T5852] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  123.996808][ T5852] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.004915][ T5852] usb 3-1: Product: syz
[  124.009144][ T5852] usb 3-1: Manufacturer: syz
[  124.013860][ T5852] usb 3-1: SerialNumber: syz
[  124.022638][ T5852] usb 3-1: config 0 descriptor??
[  124.028753][ T6370] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  124.048394][ T5888] usb 1-1: Product: syz
[  124.048868][ T5852] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  124.063100][ T5852] em28xx 3-1:0.132: Video interface 132 found: bulk
[  124.063785][ T5888] usb 1-1: Manufacturer: syz
[  124.097738][ T5888] usb 1-1: SerialNumber: syz
[  124.216872][ T5890] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  124.375203][ T5890] usb 4-1: config 0 has an invalid interface number: 17 but max is 0
[  124.383645][ T5890] usb 4-1: config 0 has no interface number 0
[  124.389825][ T5890] usb 4-1: config 0 interface 17 has no altsetting 0
[  124.400713][ T5890] usb 4-1: New USB device found, idVendor=19d2, idProduct=1148, bcdDevice=5c.71
[  124.433072][ T5890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.463966][ T5888] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  124.482688][ T5888] usb 1-1: MIDIStreaming interface descriptor not found
[  124.491179][ T5890] usb 4-1: config 0 descriptor??
[  124.500456][ T5852] em28xx 3-1:0.132: unknown em28xx chip ID (0)
[  124.673969][ T5888] usb 1-1: USB disconnect, device number 4
[  125.135310][ T6378] udevd[6378]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:136.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  125.171972][ T5852] em28xx 3-1:0.132: failed to read eeprom (err=-110)
[  125.178776][ T5852] em28xx 3-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-110]
[  125.241157][ T5840] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  125.276176][ T6409] 9pnet_virtio: no channels available for device syz
[  125.444113][ T5840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.466927][ T5840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.481764][ T5840] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  125.509780][ T5840] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  125.523252][ T5840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.545545][ T5840] usb 5-1: config 0 descriptor??
[  125.612483][ T5847] Bluetooth: hci4: link tx timeout
[  125.618303][ T5847] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  125.632879][ T5852] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  125.640930][ T5852] em28xx 3-1:0.132: analog set to bulk mode.
[  125.649716][   T58] em28xx 3-1:0.132: Registering V4L2 extension
[  126.296972][ T5848] Bluetooth: hci4: link tx timeout
[  126.302515][ T5848] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  126.343111][ T5848] Bluetooth: hci4: link tx timeout
[  126.348504][ T5848] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  126.391108][   T58] em28xx 3-1:0.132: failed to trigger read from i2c address 0x4a (error=-5)
[  126.409047][   T58] em28xx 3-1:0.132: failed to trigger read from i2c address 0x48 (error=-5)
[  126.418883][ T5852] usb 3-1: USB disconnect, device number 3
[  126.425727][ T5852] em28xx 3-1:0.132: Disconnecting em28xx
[  126.445611][   T58] em28xx 3-1:0.132: failed to trigger read from i2c address 0x42 (error=-5)
[  126.960763][ T6425] ubi0: attaching mtd0
[  126.967872][ T6425] ubi0: scanning is finished
[  126.972662][ T6425] ubi0: empty MTD device detected
[  127.787567][   T58] em28xx 3-1:0.132: Config register raw data: 0xffffffed
[  127.805372][   T58] em28xx 3-1:0.132: AC97 chip type couldn't be determined
[  128.805210][   T58] em28xx 3-1:0.132: No AC97 audio processor
[  129.518738][ T5848] Bluetooth: hci4: command 0x0406 tx timeout
[  129.545194][   T58] usb 3-1: Decoder not found
[  129.550026][   T58] em28xx 3-1:0.132: failed to create media graph
[  129.559255][ T5848] Bluetooth: hci4: link tx timeout
[  129.582786][ T5890] usb 4-1: string descriptor 0 read error: -32
[  129.592464][   T58] em28xx 3-1:0.132: V4L2 device video103 deregistered
[  129.644293][ T5840] usbhid 5-1:0.0: can't add hid device: -71
[  129.650608][ T5840] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  129.672323][ T6425] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  129.686431][ T6430] ubi0: attaching mtd0
[  129.693109][ T6430] ubi0: scanning is finished
[  129.722044][   T58] em28xx 3-1:0.132: Remote control support is not available for this card.
[  129.794888][ T6430] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  129.818529][ T5840] usb 5-1: USB disconnect, device number 3
[  129.949977][ T5852] em28xx 3-1:0.132: Closing input extension
[  130.105647][ T5923] usb 4-1: USB disconnect, device number 5
[  130.293557][ T5852] em28xx 3-1:0.132: Freeing device
[  130.600467][ T6451] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  130.616921][ T6451] batman_adv: batadv0: Adding interface: gretap1
[  130.623784][ T6451] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.649378][ T6451] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  131.339466][ T6459] netlink: 12 bytes leftover after parsing attributes in process `syz.3.135'.
[  132.879679][ T6466] input: syz1 as /devices/virtual/input/input5
[  133.281272][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  133.288101][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  133.520311][ T6477] warning: `syz.4.142' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  133.834649][ T6477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.142'.
[  134.592417][ T6492] ubi0: attaching mtd0
[  134.598380][ T6492] ubi0: scanning is finished
[  135.247117][ T6492] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  135.470946][ T6498] netlink: 8 bytes leftover after parsing attributes in process `syz.4.147'.
[  135.726831][ T6504] netlink: 240 bytes leftover after parsing attributes in process `syz.1.149'.
[  135.963602][ T5852] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  136.141004][ T5852] usb 5-1: Using ep0 maxpacket: 16
[  136.149015][ T5852] usb 5-1: unable to get BOS descriptor or descriptor too short
[  136.163576][ T5852] usb 5-1: config 0 has no interfaces?
[  136.183777][ T5852] usb 5-1: New USB device found, idVendor=0c88, idProduct=0021, bcdDevice=19.47
[  136.194133][ T5852] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.231033][ T5852] usb 5-1: Product: syz
[  136.231197][ T5888] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  136.242086][ T5852] usb 5-1: Manufacturer: syz
[  136.260300][ T5852] usb 5-1: SerialNumber: syz
[  136.288551][ T5852] usb 5-1: config 0 descriptor??
[  136.533843][ T5852] usb 5-1: USB disconnect, device number 4
[  136.630771][ T5888] usb 4-1: Using ep0 maxpacket: 32
[  136.642947][ T5888] usb 4-1: unable to get BOS descriptor or descriptor too short
[  136.997483][ T5888] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.245556][ T5888] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  137.311588][ T5888] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  137.421537][ T5888] usb 4-1: string descriptor 0 read error: -22
[  137.437907][ T5888] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  137.489363][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.874731][ T5840] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  138.551417][ T5888] cdc_ncm 4-1:1.0: bind() failure
[  138.577359][ T5888] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  138.584870][ T5888] cdc_ncm 4-1:1.1: bind() failure
[  138.615804][ T5888] usb 4-1: USB disconnect, device number 6
[  138.674682][ T5840] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.694482][ T5840] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  138.800808][ T5840] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  138.810713][ T5840] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  138.904399][ T5840] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  138.919706][ T5840] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.014563][ T5852] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  139.041636][ T5840] usb 2-1: Product: syz
[  139.073248][ T5840] usb 2-1: Manufacturer: syz
[  139.143104][ T5840] usb 2-1: SerialNumber: syz
[  139.180384][ T5852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.254707][ T5852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.309082][ T5852] usb 5-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00
[  139.332652][ T5852] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.386221][ T5852] usb 5-1: config 0 descriptor??
[  139.951137][ T5852] usbhid 5-1:0.0: can't add hid device: -71
[  139.957376][ T5852] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  140.087943][ T6578] netlink: 12 bytes leftover after parsing attributes in process `syz.1.152'.
[  140.097349][ T6578] netlink: 20 bytes leftover after parsing attributes in process `syz.1.152'.
[  140.329661][ T5852] usb 5-1: USB disconnect, device number 5
[  141.309883][ T5840] usb 2-1: cannot find UAC_HEADER
[  141.316182][ T5840] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  141.481615][ T5840] usb 2-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  141.515968][ T5840] usb 2-1: MIDIStreaming interface descriptor not found
[  141.634604][ T5840] usb 2-1: USB disconnect, device number 7
[  142.063269][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  142.093705][ T6598] fuse: Unknown parameter '&1	÷?à-ìÉ„Z¢e?]‰'
[  142.549065][ T5840] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  142.735183][ T5840] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  142.794479][ T5840] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  143.299640][ T5840] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  143.309027][ T5840] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.323766][ T6602] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  143.335024][ T5840] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  144.921721][ T5890] usb 2-1: USB disconnect, device number 8
[  146.177508][ T5890] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  146.392515][ T5890] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.403030][ T5890] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  146.414009][ T5890] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  146.423773][ T5890] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  146.442288][ T5890] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  146.451826][ T5890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.459878][ T5890] usb 2-1: Product: syz
[  146.464211][ T5890] usb 2-1: Manufacturer: syz
[  146.469754][ T5890] usb 2-1: SerialNumber: syz
[  146.881312][   T51] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  148.010850][   T51] usb 4-1: Using ep0 maxpacket: 16
[  148.032264][   T51] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  148.186277][   T51] usb 4-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[  148.195683][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.203817][   T51] usb 4-1: Product: syz
[  148.208983][   T51] usb 4-1: Manufacturer: syz
[  148.213775][   T51] usb 4-1: SerialNumber: syz
[  148.221443][   T51] usb 4-1: config 0 descriptor??
[  150.851645][ T6673] netlink: 20 bytes leftover after parsing attributes in process `syz.4.183'.
[  150.860947][ T6673] FAULT_INJECTION: forcing a failure.
[  150.860947][ T6673] name failslab, interval 1, probability 0, space 0, times 0
[  150.876323][ T6673] CPU: 0 UID: 0 PID: 6673 Comm: syz.4.183 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  150.886627][ T6673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.896721][ T6673] Call Trace:
[  150.900032][ T6673]  <TASK>
[  150.903002][ T6673]  dump_stack_lvl+0x241/0x360
[  150.907828][ T6673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.913083][ T6673]  ? __pfx__printk+0x10/0x10
[  150.917728][ T6673]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  150.923757][ T6673]  ? __pfx___might_resched+0x10/0x10
[  150.929101][ T6673]  should_fail_ex+0x3b0/0x4e0
[  150.933841][ T6673]  should_failslab+0xac/0x100
[  150.938574][ T6673]  kmem_cache_alloc_node_noprof+0x77/0x380
[  150.944431][ T6673]  ? __alloc_skb+0x1c3/0x440
[  150.949093][ T6673]  __alloc_skb+0x1c3/0x440
[  150.953572][ T6673]  ? __pfx___alloc_skb+0x10/0x10
[  150.958574][ T6673]  ? netlink_ack_tlv_len+0x6e/0x200
[  150.963838][ T6673]  netlink_ack+0x13f/0xa30
[  150.968313][ T6673]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  150.973841][ T6673]  netlink_rcv_skb+0x262/0x430
[  150.978665][ T6673]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  150.984187][ T6673]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  150.989600][ T6673]  ? netlink_deliver_tap+0x2e/0x1b0
[  150.994859][ T6673]  netlink_unicast+0x7f6/0x990
[  150.999682][ T6673]  ? __pfx_netlink_unicast+0x10/0x10
[  151.005020][ T6673]  ? __virt_addr_valid+0x183/0x530
[  151.010189][ T6673]  ? __check_object_size+0x48e/0x900
[  151.015612][ T6673]  netlink_sendmsg+0x8e4/0xcb0
[  151.020441][ T6673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.025796][ T6673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.031141][ T6673]  __sock_sendmsg+0x221/0x270
[  151.035885][ T6673]  ____sys_sendmsg+0x52a/0x7e0
[  151.040704][ T6673]  ? __pfx_____sys_sendmsg+0x10/0x10
[  151.046037][ T6673]  ? __fget_files+0x2a/0x410
[  151.050696][ T6673]  ? __fget_files+0x2a/0x410
[  151.055359][ T6673]  __sys_sendmsg+0x269/0x350
[  151.060186][ T6673]  ? __pfx_lock_release+0x10/0x10
[  151.065275][ T6673]  ? __pfx___sys_sendmsg+0x10/0x10
[  151.070445][ T6673]  ? __pfx_vfs_write+0x10/0x10
[  151.075304][ T6673]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  151.082023][ T6673]  ? do_syscall_64+0x100/0x230
[  151.086863][ T6673]  ? do_syscall_64+0xb6/0x230
[  151.091603][ T6673]  do_syscall_64+0xf3/0x230
[  151.096166][ T6673]  ? clear_bhb_loop+0x35/0x90
[  151.100903][ T6673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.106848][ T6673] RIP: 0033:0x7fa91d97e819
[  151.111300][ T6673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.130962][ T6673] RSP: 002b:00007fa91e7fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.140059][ T6673] RAX: ffffffffffffffda RBX: 00007fa91db36160 RCX: 00007fa91d97e819
[  151.148069][ T6673] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 000000000000000a
[  151.156083][ T6673] RBP: 00007fa91e7fd090 R08: 0000000000000000 R09: 0000000000000000
[  151.164099][ T6673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.172123][ T6673] R13: 0000000000000000 R14: 00007fa91db36160 R15: 00007fff957357a8
[  151.180177][ T6673]  </TASK>
[  151.436243][   T51] usb 4-1: ignoring: not an USB2CAN converter
[  151.960168][   T51] usb 4-1: USB disconnect, device number 7
[  152.477710][ T5890] usb 2-1: cannot find UAC_HEADER
[  152.484065][ T5890] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  152.502133][ T5890] usb 2-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  152.511270][ T5890] usb 2-1: MIDIStreaming interface descriptor not found
[  152.565599][ T5890] usb 2-1: USB disconnect, device number 9
[  153.558296][ T6690] binder: BINDER_SET_CONTEXT_MGR already set
[  153.566189][ T6690] binder: 6689:6690 ioctl 4018620d 200001c0 returned -16
[  154.292062][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  154.800903][ T5923] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  155.845670][ T5923] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  155.855921][ T5923] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  155.867666][ T5923] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  155.877874][ T5923] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  156.005975][ T5923] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  156.025488][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.042171][ T5923] usb 5-1: Product: syz
[  156.082013][ T6720] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  156.092452][ T5923] usb 5-1: Manufacturer: syz
[  156.097880][ T5923] usb 5-1: SerialNumber: syz
[  156.310894][ T5890] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  156.487763][ T5890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.508649][ T5890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.546774][ T5890] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  156.679000][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.398968][ T5890] usb 3-1: config 0 descriptor??
[  158.299412][ T6729] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  159.073617][ T5923] usb 5-1: cannot find UAC_HEADER
[  159.243629][ T5923] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  159.459859][ T5890] hid-led 0003:27B8:01ED.0002: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.2-1/input0
[  160.485267][ T6736] netlink: 4 bytes leftover after parsing attributes in process `syz.3.198'.
[  160.574622][ T6735] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  160.585536][ T6735] batman_adv: batadv0: Adding interface: gretap1
[  160.592376][ T6735] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.619363][ T6735] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  160.684264][ T5923] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  160.790856][ T5890] hid-led 0003:27B8:01ED.0002: ThingM blink(1) initialized
[  160.862495][ T5890] usb 3-1: USB disconnect, device number 4
[  160.912147][ T5923] usb 5-1: MIDIStreaming interface descriptor not found
[  161.334742][ T5923] usb 5-1: USB disconnect, device number 6
[  164.483322][ T6752] (unnamed net_device) (uninitialized): up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[  164.631905][ T6373] udevd[6373]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  164.663031][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  164.690841][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  164.701236][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  164.709524][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  164.721814][ T5847] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  164.729249][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  166.614700][ T6759] chnl_net:caif_netlink_parms(): no params data found
[  166.770837][ T5847] Bluetooth: hci5: command tx timeout
[  167.109679][ T6759] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.151370][ T6759] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.159943][ T6759] bridge_slave_0: entered allmulticast mode
[  167.168625][ T6759] bridge_slave_0: entered promiscuous mode
[  167.177569][ T6759] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.187363][ T6759] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.208284][ T6759] bridge_slave_1: entered allmulticast mode
[  167.225521][ T6759] bridge_slave_1: entered promiscuous mode
[  167.969373][ T6759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.076675][ T6759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.942772][ T5847] Bluetooth: hci5: command tx timeout
[  169.708506][ T6759] team0: Port device team_slave_0 added
[  170.059992][ T6759] team0: Port device team_slave_1 added
[  170.527673][ T6759] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.575056][ T6759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.666659][ T6759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.693555][ T6759] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.700760][ T6759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.726879][ T6759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.970083][ T6827] sp0: Synchronizing with TNC
[  170.984384][ T6759] hsr_slave_0: entered promiscuous mode
[  171.012635][ T5847] Bluetooth: hci5: command tx timeout
[  171.032297][ T6829] netlink: 'syz.2.221': attribute type 7 has an invalid length.
[  171.044934][ T6829] netlink: 244 bytes leftover after parsing attributes in process `syz.2.221'.
[  171.056482][ T6759] hsr_slave_1: entered promiscuous mode
[  171.064598][ T6759] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  171.074305][ T6759] Cannot create hsr debugfs directory
[  171.752919][ T6830] Falling back ldisc for ttyS3.
[  173.029954][ T6759] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  173.093060][ T5847] Bluetooth: hci5: command tx timeout
[  173.095500][ T6759] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  173.173591][ T6759] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  173.234150][ T6759] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  173.625846][ T6759] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.744937][ T6759] 8021q: adding VLAN 0 to HW filter on device team0
[  174.753552][ T6759] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  174.764049][ T6759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  175.159462][ T6853] trusted_key: syz.1.226 sent an empty control message without MSG_MORE.
[  175.174411][ T6853] loop2: detected capacity change from 0 to 7
[  175.202762][ T6853] Dev loop2: unable to read RDB block 7
[  175.208432][ T6853]  loop2: unable to read partition table
[  175.215917][ T6853] loop2: partition table beyond EOD, truncated
[  175.222272][ T6853] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  175.264413][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.272686][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.362594][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.369816][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.334246][ T6759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.424462][ T6874] FAULT_INJECTION: forcing a failure.
[  178.424462][ T6874] name failslab, interval 1, probability 0, space 0, times 0
[  178.501589][ T6874] CPU: 0 UID: 0 PID: 6874 Comm: syz.1.232 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  178.511929][ T6874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  178.522038][ T6874] Call Trace:
[  178.525358][ T6874]  <TASK>
[  178.528410][ T6874]  dump_stack_lvl+0x241/0x360
[  178.533138][ T6874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.538387][ T6874]  ? __pfx__printk+0x10/0x10
[  178.543007][ T6874]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  178.549622][ T6874]  ? __pfx___might_resched+0x10/0x10
[  178.554937][ T6874]  should_fail_ex+0x3b0/0x4e0
[  178.559645][ T6874]  should_failslab+0xac/0x100
[  178.564349][ T6874]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  178.570699][ T6874]  ? smk_write_rules_list+0x15a/0x450
[  178.576108][ T6874]  memdup_user_nul+0x2f/0x100
[  178.580816][ T6874]  smk_write_rules_list+0x15a/0x450
[  178.586045][ T6874]  ? __pfx_smk_write_rules_list+0x10/0x10
[  178.591801][ T6874]  ? __pfx_smk_write_load_self2+0x10/0x10
[  178.597560][ T6874]  vfs_write+0x2a3/0xd30
[  178.601848][ T6874]  ? __pfx_vfs_write+0x10/0x10
[  178.606646][ T6874]  ? __fget_files+0x2a/0x410
[  178.611271][ T6874]  ? __fget_files+0x395/0x410
[  178.615998][ T6874]  ? __fget_files+0x2a/0x410
[  178.620639][ T6874]  ksys_write+0x18f/0x2b0
[  178.625022][ T6874]  ? __pfx_ksys_write+0x10/0x10
[  178.629909][ T6874]  ? do_syscall_64+0x100/0x230
[  178.634719][ T6874]  ? do_syscall_64+0xb6/0x230
[  178.639437][ T6874]  do_syscall_64+0xf3/0x230
[  178.643995][ T6874]  ? clear_bhb_loop+0x35/0x90
[  178.648707][ T6874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.654638][ T6874] RIP: 0033:0x7fccae77e819
[  178.659076][ T6874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.678706][ T6874] RSP: 002b:00007fccaf536038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  178.687144][ T6874] RAX: ffffffffffffffda RBX: 00007fccae935fa0 RCX: 00007fccae77e819
[  178.695143][ T6874] RDX: 0000000000000021 RSI: 00000000200007c0 RDI: 0000000000000003
[  178.703129][ T6874] RBP: 00007fccaf536090 R08: 0000000000000000 R09: 0000000000000000
[  178.711120][ T6874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.719103][ T6874] R13: 0000000000000000 R14: 00007fccae935fa0 R15: 00007ffd4dba0f38
[  178.727102][ T6874]  </TASK>
[  179.229558][ T6888] netlink: 'syz.4.236': attribute type 10 has an invalid length.
[  179.387884][ T6888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.408931][ T6888] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  180.419863][ T6759] veth0_vlan: entered promiscuous mode
[  180.433503][ T6759] veth1_vlan: entered promiscuous mode
[  180.458778][ T6759] veth0_macvtap: entered promiscuous mode
[  180.472088][ T6759] veth1_macvtap: entered promiscuous mode
[  180.534382][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.545614][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.557347][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.570125][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.607811][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.828786][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.847245][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.944711][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.958855][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.974503][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.998855][ T6759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.084898][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.114038][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.132508][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.149377][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.164238][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.182684][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.193177][   T51] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  181.219060][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.249193][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.259298][ T6759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.270061][ T6759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.280582][ T5888] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  181.290397][ T6759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.301477][ T6759] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.310265][ T6759] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.319501][ T6759] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.328776][ T6759] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.431517][   T51] usb 5-1: Using ep0 maxpacket: 32
[  181.439404][   T51] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.451001][   T51] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.469195][   T51] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  181.479273][   T51] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  181.488401][   T51] usb 5-1: Product: syz
[  181.493304][   T51] usb 5-1: Manufacturer: syz
[  181.529561][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.537696][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.537735][   T51] hub 5-1:4.0: USB hub found
[  181.556359][ T5888] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  181.566037][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.579616][ T5888] usb 2-1: config 0 descriptor??
[  181.749994][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.770208][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.882465][ T5888] gs_usb 2-1:0.0: Couldn't get device config: (err=-110)
[  183.889686][ T5888] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -110
[  185.602548][ T5943] usb 2-1: USB disconnect, device number 10
[  185.741917][   T51] hub 5-1:4.0: config failed, can't read hub descriptor (err -22)
[  185.773387][   T51] usb 5-1: USB disconnect, device number 7
[  185.846311][ T6936] netlink: 'syz.4.249': attribute type 10 has an invalid length.
[  186.571358][ T5852] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  186.730862][ T5943] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  186.840833][ T5852] usb 4-1: Using ep0 maxpacket: 8
[  186.880985][ T5943] usb 2-1: device descriptor read/64, error -71
[  186.951155][ T5852] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  186.971010][ T5923] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  187.001072][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  187.016641][ T5852] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  187.029513][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  187.041710][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  187.103778][ T6951] loop2: detected capacity change from 0 to 7
[  187.122415][ T5852] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  187.129935][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  187.130933][ T6951] Dev loop2: unable to read RDB block 7
[  187.143500][ T5852] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  187.159466][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  187.171406][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  187.184425][ T5852] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  187.201059][ T5943] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  187.209409][ T6951]  loop2: unable to read partition table
[  187.218852][ T6951] loop2: partition table beyond EOD, truncated
[  187.229994][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  187.253820][ T6951] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  187.263830][ T5852] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  187.297598][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  187.314093][ T5923] usb 6-1: Using ep0 maxpacket: 16
[  187.328476][ T5923] usb 6-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  187.340797][ T5943] usb 2-1: device descriptor read/64, error -71
[  187.356781][ T5923] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.391031][ T5923] usb 6-1: Product: syz
[  187.395296][ T5923] usb 6-1: Manufacturer: syz
[  187.407747][ T5852] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  187.447989][ T5923] usb 6-1: SerialNumber: syz
[  187.456138][ T5943] usb usb2-port1: attempt power cycle
[  188.346127][ T5923] usb 6-1: config 0 descriptor??
[  188.357407][ T5923] ums-onetouch 6-1:0.0: USB Mass Storage device detected
[  188.385527][ T5852] usb 4-1: string descriptor 0 read error: -22
[  188.399180][ T5852] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  188.432106][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.570151][ T5852] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  188.701645][ T5943] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  188.707225][   T51] usb 6-1: USB disconnect, device number 2
[  188.721701][ T5943] usb 2-1: device descriptor read/8, error -71
[  188.827598][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  188.827617][   T29] audit: type=1326 audit(1732637083.709:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6938 comm="syz.3.246" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44c437e819 code=0x0
[  188.976528][ T6968] 9pnet_virtio: no channels available for device syz
[  189.021165][ T5888] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  189.117129][ T6970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.153368][ T6970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.197063][ T5888] usb 5-1: Using ep0 maxpacket: 16
[  189.234657][ T5888] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06
[  189.293457][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  189.351711][ T5888] usb 5-1: Product: syz
[  189.369641][   T51] usb 4-1: USB disconnect, device number 8
[  189.421350][ T5888] usb 5-1: Manufacturer: syz
[  189.477907][ T5943] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  189.494800][ T5888] usb 5-1: SerialNumber: syz
[  189.532918][ T5888] r8152-cfgselector 5-1: Unknown version 0x0000
[  189.539259][ T5888] r8152-cfgselector 5-1: config 0 descriptor??
[  189.690777][ T5943] usb 2-1: device not accepting address 14, error -71
[  189.698189][ T5943] usb usb2-port1: unable to enumerate USB device
[  190.756895][ T6966] tipc: Started in network mode
[  190.762856][ T6966] tipc: Node identity 4, cluster identity 4711
[  190.769408][ T6966] tipc: Node number set to 4
[  192.397280][ T5852] r8152-cfgselector 5-1: USB disconnect, device number 8
[  194.635209][ T5847] Bluetooth: hci4: link tx timeout
[  194.642608][ T5847] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  194.697062][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  194.704421][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  194.757275][ T7044] binder: 7039:7044 ioctl c0306201 0 returned -14
[  195.175572][ T7049] 9pnet_virtio: no channels available for device syz
[  196.831847][ T5847] Bluetooth: hci4: command 0x0406 tx timeout
[  197.351881][ T7061] FAULT_INJECTION: forcing a failure.
[  197.351881][ T7061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.411027][ T7061] CPU: 1 UID: 0 PID: 7061 Comm: syz.3.272 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  197.421357][ T7061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  197.431465][ T7061] Call Trace:
[  197.434778][ T7061]  <TASK>
[  197.437741][ T7061]  dump_stack_lvl+0x241/0x360
[  197.442487][ T7061]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.447754][ T7061]  ? __pfx__printk+0x10/0x10
[  197.452411][ T7061]  ? tomoyo_path_number_perm+0x6f9/0x860
[  197.458102][ T7061]  ? __pfx_lock_release+0x10/0x10
[  197.463179][ T7061]  ? tomoyo_path_number_perm+0x206/0x860
[  197.469057][ T7061]  should_fail_ex+0x3b0/0x4e0
[  197.473809][ T7061]  _copy_from_user+0x2f/0xc0
[  197.478461][ T7061]  video_usercopy+0x378/0x1180
[  197.483285][ T7061]  ? __pfx___video_do_ioctl+0x10/0x10
[  197.488698][ T7061]  ? __pfx_video_usercopy+0x10/0x10
[  197.493960][ T7061]  ? smack_file_ioctl+0x2f7/0x3a0
[  197.499082][ T7061]  ? __fget_files+0x2a/0x410
[  197.503758][ T7061]  ? __fget_files+0x2a/0x410
[  197.508516][ T7061]  v4l2_ioctl+0x189/0x1e0
[  197.512934][ T7061]  ? __pfx_v4l2_ioctl+0x10/0x10
[  197.517838][ T7061]  __se_sys_ioctl+0xf5/0x170
[  197.522476][ T7061]  do_syscall_64+0xf3/0x230
[  197.527015][ T7061]  ? clear_bhb_loop+0x35/0x90
[  197.531715][ T7061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.537648][ T7061] RIP: 0033:0x7f44c437e819
[  197.542087][ T7061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.561718][ T7061] RSP: 002b:00007f44c5180038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  197.570168][ T7061] RAX: ffffffffffffffda RBX: 00007f44c4535fa0 RCX: 00007f44c437e819
[  197.578188][ T7061] RDX: 0000000020000000 RSI: 00000000c0405602 RDI: 0000000000000003
[  197.586360][ T7061] RBP: 00007f44c5180090 R08: 0000000000000000 R09: 0000000000000000
[  197.594354][ T7061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.602348][ T7061] R13: 0000000000000000 R14: 00007f44c4535fa0 R15: 00007ffe19648de8
[  197.610382][ T7061]  </TASK>
[  197.690957][ T5918] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  197.856951][ T5918] usb 2-1: config 0 has an invalid interface descriptor of length 2, skipping
[  197.866382][ T5918] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  197.878687][ T5918] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  197.920800][ T5918] usb 2-1: New USB device found, idVendor=0403, idProduct=ff00, bcdDevice=5c.04
[  197.929933][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.085108][ T5918] usb 2-1: config 0 descriptor??
[  198.098070][ T5918] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  198.378126][ T5918] ftdi_sio ttyUSB0: unknown device type: 0x5c04
[  198.711029][   T51] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  198.991256][   T51] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  198.991318][   T51] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  198.991349][   T51] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  198.991381][   T51] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  198.994614][   T51] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  198.994650][   T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.994676][   T51] usb 3-1: Product: syz
[  198.994695][   T51] usb 3-1: Manufacturer: syz
[  198.994715][   T51] usb 3-1: SerialNumber: syz
[  199.496124][ T7101] loop2: detected capacity change from 0 to 7
[  199.535128][ T7101]  loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2
[  199.548417][ T7103] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  199.558782][ T7103] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  199.609913][ T7101] loop2: partition table partially beyond EOD, truncated
[  199.901088][ T7101] loop2: p1 size 276741282 extends beyond EOD, truncated
[  200.351315][ T7101] loop2: p2 start 579963744 is beyond EOD, truncated
[  200.445087][ T6374] udevd[6374]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  200.551916][ T7109] FAULT_INJECTION: forcing a failure.
[  200.551916][ T7109] name failslab, interval 1, probability 0, space 0, times 0
[  200.565167][ T7109] CPU: 1 UID: 0 PID: 7109 Comm: syz.5.283 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  200.575496][ T7109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  200.585612][ T7109] Call Trace:
[  200.589021][ T7109]  <TASK>
[  200.591999][ T7109]  dump_stack_lvl+0x241/0x360
[  200.596757][ T7109]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.602021][ T7109]  ? __pfx__printk+0x10/0x10
[  200.606755][ T7109]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  200.612186][ T7109]  ? __pfx___might_resched+0x10/0x10
[  200.617808][ T7109]  should_fail_ex+0x3b0/0x4e0
[  200.622531][ T7109]  should_failslab+0xac/0x100
[  200.627230][ T7109]  __kmalloc_node_noprof+0xe1/0x4d0
[  200.632445][ T7109]  ? __kvmalloc_node_noprof+0x72/0x190
[  200.637933][ T7109]  __kvmalloc_node_noprof+0x72/0x190
[  200.643245][ T7109]  xt_alloc_table_info+0x3d/0xa0
[  200.648208][ T7109]  do_arpt_set_ctl+0xb84/0x1650
[  200.653176][ T7109]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[  200.658484][ T7109]  ? __pfx___mutex_trylock_common+0x10/0x10
[  200.664398][ T7109]  ? nf_setsockopt+0x240/0x2c0
[  200.669208][ T7109]  ? __pfx_lock_release+0x10/0x10
[  200.674249][ T7109]  ? rcu_is_watching+0x15/0xb0
[  200.679135][ T7109]  ? __mutex_unlock_slowpath+0x21e/0x790
[  200.684793][ T7109]  ? __pfx___mutex_lock+0x10/0x10
[  200.689849][ T7109]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  200.695865][ T7109]  nf_setsockopt+0x295/0x2c0
[  200.700571][ T7109]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  200.706487][ T7109]  do_sock_setsockopt+0x3af/0x720
[  200.711543][ T7109]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  200.717115][ T7109]  ? __fget_files+0x395/0x410
[  200.721806][ T7109]  ? __fget_files+0x2a/0x410
[  200.726420][ T7109]  __x64_sys_setsockopt+0x1ee/0x280
[  200.731650][ T7109]  do_syscall_64+0xf3/0x230
[  200.736258][ T7109]  ? clear_bhb_loop+0x35/0x90
[  200.740961][ T7109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.746898][ T7109] RIP: 0033:0x7f49ac97e819
[  200.751421][ T7109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.771304][ T7109] RSP: 002b:00007f49ad841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  200.779739][ T7109] RAX: ffffffffffffffda RBX: 00007f49acb35fa0 RCX: 00007f49ac97e819
[  200.787751][ T7109] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
[  200.795772][ T7109] RBP: 00007f49ad841090 R08: 0000000000000068 R09: 0000000000000000
[  200.803759][ T7109] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  200.811747][ T7109] R13: 0000000000000000 R14: 00007f49acb35fa0 R15: 00007fff5b1e7888
[  200.819772][ T7109]  </TASK>
[  200.900283][ T5852] usb 2-1: USB disconnect, device number 15
[  200.954921][ T5852] ftdi_sio 2-1:0.0: device disconnected
[  201.030471][ T7115] =======================================================
[  201.030471][ T7115] WARNING: The mand mount option has been deprecated and
[  201.030471][ T7115]          and is ignored by this kernel. Remove the mand
[  201.030471][ T7115]          option from the mount to silence this warning.
[  201.030471][ T7115] =======================================================
[  201.424507][   T51] usb 3-1: cannot find UAC_HEADER
[  201.429891][   T51] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  201.463218][   T51] usb 3-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  201.471039][   T51] usb 3-1: MIDIStreaming interface descriptor not found
[  201.915533][ T7130] netlink: 'syz.4.288': attribute type 12 has an invalid length.
[  201.943508][   T51] usb 3-1: USB disconnect, device number 5
[  202.538414][ T6057] udevd[6057]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  203.069506][ T7149] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  203.125554][ T7149] batman_adv: batadv0: Adding interface: gretap1
[  203.166903][ T7149] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.366869][ T7149] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  203.744396][ T7167] FAULT_INJECTION: forcing a failure.
[  203.744396][ T7167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.758593][ T7167] CPU: 1 UID: 0 PID: 7167 Comm: syz.2.294 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  203.769000][ T7167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  203.779213][ T7167] Call Trace:
[  203.782550][ T7167]  <TASK>
[  203.785524][ T7167]  dump_stack_lvl+0x241/0x360
[  203.790265][ T7167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.795533][ T7167]  ? __pfx__printk+0x10/0x10
[  203.800180][ T7167]  ? snprintf+0xda/0x120
[  203.804461][ T7167]  should_fail_ex+0x3b0/0x4e0
[  203.809189][ T7167]  _copy_to_user+0x31/0xb0
[  203.813668][ T7167]  simple_read_from_buffer+0xca/0x150
[  203.819102][ T7167]  proc_fail_nth_read+0x1e9/0x250
[  203.824182][ T7167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.829789][ T7167]  ? rw_verify_area+0x55e/0x6f0
[  203.834698][ T7167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.840294][ T7167]  vfs_read+0x1fc/0xb70
[  203.844517][ T7167]  ? __pfx___mutex_lock+0x10/0x10
[  203.849580][ T7167]  ? __pfx_vfs_read+0x10/0x10
[  203.854388][ T7167]  ? __fget_files+0x2a/0x410
[  203.859160][ T7167]  ? __fget_files+0x395/0x410
[  203.863883][ T7167]  ? __fget_files+0x2a/0x410
[  203.868516][ T7167]  ksys_read+0x18f/0x2b0
[  203.872844][ T7167]  ? __pfx_ksys_read+0x10/0x10
[  203.877673][ T7167]  ? do_syscall_64+0x100/0x230
[  203.882489][ T7167]  ? do_syscall_64+0xb6/0x230
[  203.887208][ T7167]  do_syscall_64+0xf3/0x230
[  203.891760][ T7167]  ? clear_bhb_loop+0x35/0x90
[  203.896505][ T7167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.902458][ T7167] RIP: 0033:0x7fd5f797d25c
[  203.906908][ T7167] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  203.926640][ T7167] RSP: 002b:00007fd5f8744030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  203.935100][ T7167] RAX: ffffffffffffffda RBX: 00007fd5f7b35fa0 RCX: 00007fd5f797d25c
[  203.943104][ T7167] RDX: 000000000000000f RSI: 00007fd5f87440a0 RDI: 0000000000000005
[  203.951198][ T7167] RBP: 00007fd5f8744090 R08: 0000000000000000 R09: 0000000000000000
[  203.959193][ T7167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.967243][ T7167] R13: 0000000000000000 R14: 00007fd5f7b35fa0 R15: 00007fff42a265c8
[  203.975366][ T7167]  </TASK>
[  204.182971][ T7168] 9pnet_virtio: no channels available for device syz
[  204.290291][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.2.295'.
[  205.468241][ T7182] IPv6: sit1: Disabled Multicast RS
[  207.022134][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  207.028241][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  207.035898][ T5841] Bluetooth: hci2: command 0x0406 tx timeout
[  207.090778][   T58] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  207.318505][   T58] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  207.363399][   T58] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  207.981121][   T58] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  208.235463][   T58] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  208.367608][ T7216] netlink: 48 bytes leftover after parsing attributes in process `syz.4.305'.
[  208.383127][   T58] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  208.400733][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.408834][   T58] usb 3-1: Product: syz
[  208.413168][   T58] usb 3-1: Manufacturer: syz
[  208.417820][   T58] usb 3-1: SerialNumber: syz
[  208.794962][ T7216] fuse: Bad value for 'rootmode'
[  208.856956][ T7220] 9pnet_fd: Insufficient options for proto=fd
[  208.864336][   T29] audit: type=1326 audit(1732637103.749:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  208.950787][ T5888] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  208.979106][   T29] audit: type=1326 audit(1732637103.789:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  209.081730][   T29] audit: type=1326 audit(1732637103.789:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  209.236789][ T7233] netlink: 12 bytes leftover after parsing attributes in process `syz.2.302'.
[  209.247167][ T7233] netlink: 20 bytes leftover after parsing attributes in process `syz.2.302'.
[  209.867377][ T5888] usb 5-1: New USB device found, idVendor=0a21, idProduct=8001, bcdDevice=f0.bb
[  209.876990][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.885289][   T29] audit: type=1326 audit(1732637103.789:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  209.918913][ T5888] usb 5-1: Product: syz
[  209.936096][ T5888] usb 5-1: Manufacturer: syz
[  209.947007][ T5888] usb 5-1: SerialNumber: syz
[  209.963785][ T5888] usb 5-1: config 0 descriptor??
[  209.975343][ T5888] usb_serial_simple 5-1:0.0: carelink converter detected
[  209.988015][ T5888] usb 5-1: carelink converter now attached to ttyUSB0
[  210.011584][   T29] audit: type=1326 audit(1732637103.809:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  210.033577][   T29] audit: type=1326 audit(1732637103.809:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  210.106572][   T29] audit: type=1326 audit(1732637103.809:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  210.131574][ T7222] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  210.184391][ T7222] batman_adv: batadv0: Adding interface: gretap1
[  210.216305][   T29] audit: type=1326 audit(1732637103.809:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  210.248449][ T5918] usb 5-1: USB disconnect, device number 9
[  210.259869][ T5918] carelink ttyUSB0: carelink converter now disconnected from ttyUSB0
[  210.291107][ T5918] usb_serial_simple 5-1:0.0: device disconnected
[  210.351835][   T29] audit: type=1326 audit(1732637103.819:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  210.390976][ T7222] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.437670][ T7222] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  210.506857][   T29] audit: type=1326 audit(1732637103.819:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7221 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fccae77e819 code=0x7ffc0000
[  211.650975][   T58] usb 3-1: cannot find UAC_HEADER
[  211.656445][   T58] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  211.711006][   T58] usb 3-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  211.718529][   T58] usb 3-1: MIDIStreaming interface descriptor not found
[  212.970767][   T58] usb 3-1: USB disconnect, device number 6
[  216.716668][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  217.850810][ T5852] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  217.861113][ T5918] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  218.033613][ T5918] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  218.044130][ T5918] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  218.056812][ T5918] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  218.067205][ T5918] usb 6-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  218.205350][ T5918] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  218.222786][ T5918] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.232894][ T5918] usb 6-1: Product: syz
[  218.237129][ T5918] usb 6-1: Manufacturer: syz
[  218.248775][ T5918] usb 6-1: SerialNumber: syz
[  220.845733][ T7327] netlink: 12 bytes leftover after parsing attributes in process `syz.5.320'.
[  220.845781][ T7327] netlink: 20 bytes leftover after parsing attributes in process `syz.5.320'.
[  221.394786][ T7326] tty tty24: ldisc open failed (-12), clearing slot 23
[  221.439053][ T5852] usb 5-1: device descriptor read/all, error -71
[  223.351866][    C1] raw-gadget.1 gadget.5: ignoring, device is not running
[  223.359842][    C1] raw-gadget.1 gadget.5: ignoring, device is not running
[  224.049894][ T5918] usb 6-1: cannot find UAC_HEADER
[  224.057562][ T5918] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  224.121825][ T5918] usb 6-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  224.129559][ T5918] usb 6-1: MIDIStreaming interface descriptor not found
[  225.824465][ T7359] process 'syz.1.334' launched './file1' with NULL argv: empty string added
[  226.208008][ T5918] usb 6-1: USB disconnect, device number 3
[  226.246984][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  226.256855][ T7370] FAULT_INJECTION: forcing a failure.
[  226.256855][ T7370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.303561][ T7380] 9pnet_virtio: no channels available for device syz
[  227.719370][ T7370] CPU: 1 UID: 0 PID: 7370 Comm: syz.3.336 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  227.729718][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  227.739815][ T7370] Call Trace:
[  227.743128][ T7370]  <TASK>
[  227.746096][ T7370]  dump_stack_lvl+0x241/0x360
[  227.750833][ T7370]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.756079][ T7370]  ? __pfx__printk+0x10/0x10
[  227.760720][ T7370]  ? __pfx_lock_release+0x10/0x10
[  227.765789][ T7370]  should_fail_ex+0x3b0/0x4e0
[  227.770527][ T7370]  _copy_from_user+0x2f/0xc0
[  227.775173][ T7370]  copy_msghdr_from_user+0xae/0x680
[  227.780441][ T7370]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  227.786292][ T7370]  ? __fget_files+0x2a/0x410
[  227.790944][ T7370]  ? __fget_files+0x2a/0x410
[  227.795609][ T7370]  __sys_sendmsg+0x209/0x350
[  227.800255][ T7370]  ? __pfx_lock_release+0x10/0x10
[  227.805341][ T7370]  ? __pfx___sys_sendmsg+0x10/0x10
[  227.810526][ T7370]  ? __pfx_vfs_write+0x10/0x10
[  227.815379][ T7370]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  227.821752][ T7370]  ? do_syscall_64+0x100/0x230
[  227.826569][ T7370]  ? do_syscall_64+0xb6/0x230
[  227.831299][ T7370]  do_syscall_64+0xf3/0x230
[  227.835870][ T7370]  ? clear_bhb_loop+0x35/0x90
[  227.840601][ T7370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.846565][ T7370] RIP: 0033:0x7f44c437e819
[  227.851047][ T7370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.870700][ T7370] RSP: 002b:00007f44c513e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  227.879177][ T7370] RAX: ffffffffffffffda RBX: 00007f44c4536160 RCX: 00007f44c437e819
[  227.887202][ T7370] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008
[  227.895217][ T7370] RBP: 00007f44c513e090 R08: 0000000000000000 R09: 0000000000000000
[  227.903245][ T7370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.911263][ T7370] R13: 0000000000000000 R14: 00007f44c4536160 R15: 00007ffe19648de8
[  227.919316][ T7370]  </TASK>
[  228.321009][   T58] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  228.390153][ T7388] netlink: 12 bytes leftover after parsing attributes in process `syz.1.341'.
[  228.542054][   T58] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  228.552641][   T58] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  230.515499][   T58] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  230.525327][   T58] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  230.565093][   T58] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  230.673439][ T5943] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  230.681201][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.689350][   T58] usb 5-1: Product: syz
[  230.693904][   T58] usb 5-1: Manufacturer: syz
[  230.699129][   T58] usb 5-1: SerialNumber: syz
[  230.999440][ T5943] usb 3-1: Using ep0 maxpacket: 32
[  231.121231][ T5943] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  231.323148][ T5943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.566546][   T58] usb 5-1: cannot find UAC_HEADER
[  231.593557][ T5943] usb 3-1: config 0 descriptor??
[  231.631347][   T58] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  231.775635][ T5943] usb 3-1: can't set config #0, error -71
[  231.828209][ T5943] usb 3-1: USB disconnect, device number 7
[  231.834484][   T58] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  231.857229][   T58] usb 5-1: MIDIStreaming interface descriptor not found
[  231.985752][   T58] usb 5-1: USB disconnect, device number 12
[  233.074410][ T7412] 9pnet_fd: Insufficient options for proto=fd
[  234.255903][ T7439] FAULT_INJECTION: forcing a failure.
[  234.255903][ T7439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.276850][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  234.552069][ T7443] 9pnet_virtio: no channels available for device syz
[  235.260768][ T7439] CPU: 0 UID: 0 PID: 7439 Comm: syz.5.353 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  235.271115][ T7439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  235.281290][ T7439] Call Trace:
[  235.284600][ T7439]  <TASK>
[  235.287560][ T7439]  dump_stack_lvl+0x241/0x360
[  235.292296][ T7439]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.297543][ T7439]  ? __pfx__printk+0x10/0x10
[  235.302193][ T7439]  ? snprintf+0xda/0x120
[  235.306467][ T7439]  should_fail_ex+0x3b0/0x4e0
[  235.311196][ T7439]  _copy_to_user+0x31/0xb0
[  235.315659][ T7439]  simple_read_from_buffer+0xca/0x150
[  235.321092][ T7439]  proc_fail_nth_read+0x1e9/0x250
[  235.326163][ T7439]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  235.331752][ T7439]  ? rw_verify_area+0x55e/0x6f0
[  235.336659][ T7439]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  235.342243][ T7439]  vfs_read+0x1fc/0xb70
[  235.346458][ T7439]  ? __pfx___mutex_lock+0x10/0x10
[  235.351546][ T7439]  ? __pfx_vfs_read+0x10/0x10
[  235.356280][ T7439]  ? udpv6_setsockopt+0x73/0xb0
[  235.361198][ T7439]  ? __fget_files+0x2a/0x410
[  235.365879][ T7439]  ? __fget_files+0x395/0x410
[  235.370595][ T7439]  ? __fget_files+0x2a/0x410
[  235.375235][ T7439]  ksys_read+0x18f/0x2b0
[  235.379530][ T7439]  ? __pfx_ksys_read+0x10/0x10
[  235.384346][ T7439]  ? do_syscall_64+0x100/0x230
[  235.389157][ T7439]  ? do_syscall_64+0xb6/0x230
[  235.393879][ T7439]  do_syscall_64+0xf3/0x230
[  235.398434][ T7439]  ? clear_bhb_loop+0x35/0x90
[  235.403130][ T7439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.409045][ T7439] RIP: 0033:0x7f49ac97d25c
[  235.413476][ T7439] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  235.433101][ T7439] RSP: 002b:00007f49ad841030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  235.441627][ T7439] RAX: ffffffffffffffda RBX: 00007f49acb35fa0 RCX: 00007f49ac97d25c
[  235.449611][ T7439] RDX: 000000000000000f RSI: 00007f49ad8410a0 RDI: 0000000000000004
[  235.457594][ T7439] RBP: 00007f49ad841090 R08: 0000000000000000 R09: 0000000000000000
[  235.465580][ T7439] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  235.473568][ T7439] R13: 0000000000000000 R14: 00007f49acb35fa0 R15: 00007fff5b1e7888
[  235.481570][ T7439]  </TASK>
[  238.051147][ T5888] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  239.192789][ T5888] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  239.231082][ T5888] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  239.261309][ T5888] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  239.273581][ T5888] usb 4-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  239.534623][ T5888] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  239.564438][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.573051][ T5888] usb 4-1: Product: syz
[  239.577268][ T5888] usb 4-1: Manufacturer: syz
[  239.582284][ T5888] usb 4-1: SerialNumber: syz
[  240.741106][   T58] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  241.022813][   T58] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  241.165267][   T58] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  241.467295][   T58] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  241.577384][   T58] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  241.691675][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.852753][   T58] usb 5-1: Product: syz
[  241.862259][ T7504] team0: Port device bridge1 added
[  242.024491][   T58] usb 5-1: Manufacturer: syz
[  242.160821][   T58] usb 5-1: SerialNumber: syz
[  242.254412][   T58] cdc_ncm 5-1:1.0: skipping garbage
[  242.317946][ T5888] usb 4-1: cannot find UAC_HEADER
[  242.326176][ T5888] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  242.392413][ T5888] usb 4-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  242.402138][ T5888] usb 4-1: MIDIStreaming interface descriptor not found
[  242.591379][ T5888] usb 4-1: USB disconnect, device number 9
[  242.640875][   T58] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  242.671531][   T58] cdc_ncm 5-1:1.0: bind() failure
[  242.702174][ T7507] netlink: 'syz.5.367': attribute type 1 has an invalid length.
[  242.732659][ T7507] netlink: 'syz.5.367': attribute type 2 has an invalid length.
[  242.760938][   T58] usb 5-1: USB disconnect, device number 13
[  244.073342][ T6376] udevd[6376]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  247.147553][ T5918] IPVS: starting estimator thread 0...
[  247.188511][ T7560] tipc: Enabled bearer <udp:s>, priority 10
[  247.260859][ T7561] IPVS: using max 19 ests per chain, 45600 per kthread
[  247.450798][ T5918] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  247.563758][   T51] libceph: connect (1)[c::]:6789 error -101
[  247.571348][   T51] libceph: mon0 (1)[c::]:6789 connect error
[  247.591432][ T7564] ceph: No mds server is up or the cluster is laggy
[  247.601415][ T5918] usb 5-1: device descriptor read/64, error -71
[  247.840991][ T5918] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  247.981863][ T5918] usb 5-1: device descriptor read/64, error -71
[  248.061010][ T5950] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  248.102369][ T5918] usb usb5-port1: attempt power cycle
[  248.366433][ T5950] usb 6-1: Using ep0 maxpacket: 8
[  248.431555][ T5950] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  248.439938][ T5950] usb 6-1: config 0 has no interface number 0
[  248.461121][ T5950] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  248.544914][ T5950] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  248.594155][ T5950] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.611209][ T5918] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  248.631433][ T5918] usb 5-1: device descriptor read/8, error -71
[  248.670275][ T5950] usb 6-1: config 0 descriptor??
[  248.702558][ T5950] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  248.721174][ T7578] binder: 7575:7578 ioctl c0306201 0 returned -14
[  249.014826][ T5950] usb 6-1: USB disconnect, device number 4
[  249.028148][ T5950] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected
[  249.120740][ T5918] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  249.232147][ T5918] usb 5-1: device descriptor read/8, error -71
[  249.341276][ T5918] usb usb5-port1: unable to enumerate USB device
[  253.086867][ T7630] binder: 7627:7630 ioctl c0306201 0 returned -14
[  253.108570][ T7629] overlay: Unknown parameter 'appraise_type'
[  254.637129][ T7642] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  255.783725][ T5918] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  256.394677][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  256.401209][ T5918] usb 2-1: device descriptor read/64, error -71
[  256.407839][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  256.650834][ T5918] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  256.808771][ T5918] usb 2-1: device descriptor read/64, error -71
[  256.947259][ T5918] usb usb2-port1: attempt power cycle
[  257.298994][ T7675] ubi0: attaching mtd0
[  257.304398][ T7675] ubi0: scanning is finished
[  257.711623][ T7677] FAULT_INJECTION: forcing a failure.
[  257.711623][ T7677] name failslab, interval 1, probability 0, space 0, times 0
[  257.745422][ T7677] CPU: 0 UID: 0 PID: 7677 Comm: syz.1.409 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  257.755745][ T7677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  257.765845][ T7677] Call Trace:
[  257.769238][ T7677]  <TASK>
[  257.772195][ T7677]  dump_stack_lvl+0x241/0x360
[  257.777016][ T7677]  ? __pfx_dump_stack_lvl+0x10/0x10
[  257.782261][ T7677]  ? __pfx__printk+0x10/0x10
[  257.786896][ T7677]  ? ref_tracker_alloc+0x332/0x490
[  257.792058][ T7677]  should_fail_ex+0x3b0/0x4e0
[  257.796791][ T7677]  should_failslab+0xac/0x100
[  257.801514][ T7677]  ? skb_clone+0x20c/0x390
[  257.805969][ T7677]  kmem_cache_alloc_noprof+0x70/0x380
[  257.811471][ T7677]  skb_clone+0x20c/0x390
[  257.815755][ T7677]  __netlink_deliver_tap+0x3cc/0x7f0
[  257.821102][ T7677]  ? netlink_deliver_tap+0x2e/0x1b0
[  257.826348][ T7677]  netlink_deliver_tap+0x19d/0x1b0
[  257.831503][ T7677]  netlink_sendskb+0x68/0x140
[  257.836219][ T7677]  netlink_unicast+0x39d/0x990
[  257.841075][ T7677]  ? __pfx_netlink_unicast+0x10/0x10
[  257.846437][ T7677]  ctrl_getfamily+0x57a/0x6b0
[  257.851160][ T7677]  ? __pfx_ctrl_getfamily+0x10/0x10
[  257.856585][ T7677]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  257.862949][ T7677]  genl_rcv_msg+0xb14/0xec0
[  257.867481][ T7677]  ? __pfx_genl_rcv_msg+0x10/0x10
[  257.872547][ T7677]  ? __pfx_lock_acquire+0x10/0x10
[  257.877587][ T7677]  ? __pfx_ctrl_getfamily+0x10/0x10
[  257.882806][ T7677]  ? __pfx___might_resched+0x10/0x10
[  257.888123][ T7677]  netlink_rcv_skb+0x1e3/0x430
[  257.892909][ T7677]  ? __pfx_genl_rcv_msg+0x10/0x10
[  257.897949][ T7677]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  257.903266][ T7677]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  257.908756][ T7677]  genl_rcv+0x28/0x40
[  257.912749][ T7677]  netlink_unicast+0x7f6/0x990
[  257.917536][ T7677]  ? __pfx_netlink_unicast+0x10/0x10
[  257.922843][ T7677]  ? __virt_addr_valid+0x183/0x530
[  257.927972][ T7677]  ? __check_object_size+0x48e/0x900
[  257.933291][ T7677]  netlink_sendmsg+0x8e4/0xcb0
[  257.938096][ T7677]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.943411][ T7677]  ? __might_fault+0xaa/0x120
[  257.948109][ T7677]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.953417][ T7677]  __sock_sendmsg+0x221/0x270
[  257.958115][ T7677]  __sys_sendto+0x363/0x4c0
[  257.962643][ T7677]  ? __pfx___sys_sendto+0x10/0x10
[  257.967710][ T7677]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  257.973707][ T7677]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  257.980048][ T7677]  ? exc_page_fault+0x590/0x8c0
[  257.985008][ T7677]  __x64_sys_sendto+0xde/0x100
[  257.989815][ T7677]  do_syscall_64+0xf3/0x230
[  257.994370][ T7677]  ? clear_bhb_loop+0x35/0x90
[  257.999074][ T7677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.005002][ T7677] RIP: 0033:0x7fccae7806ac
[  258.009440][ T7677] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b
[  258.029074][ T7677] RSP: 002b:00007fccaf534ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  258.037508][ T7677] RAX: ffffffffffffffda RBX: 00007fccaf534fc0 RCX: 00007fccae7806ac
[  258.045492][ T7677] RDX: 0000000000000020 RSI: 00007fccaf535010 RDI: 0000000000000003
[  258.053473][ T7677] RBP: 0000000000000000 R08: 00007fccaf534f14 R09: 000000000000000c
[  258.061461][ T7677] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  258.069443][ T7677] R13: 00007fccaf534f68 R14: 00007fccaf535010 R15: 0000000000000000
[  258.077437][ T7677]  </TASK>
[  258.531271][ T7675] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  258.598506][ T7686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.411'.
[  259.760706][ T7692] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  262.785323][ T7706] kAFS: unparsable volume name
[  264.868479][   T58] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  265.146028][ T7733] FAULT_INJECTION: forcing a failure.
[  265.146028][ T7733] name failslab, interval 1, probability 0, space 0, times 0
[  265.208718][ T7733] CPU: 1 UID: 0 PID: 7733 Comm: syz.4.424 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  265.219062][ T7733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  265.229180][ T7733] Call Trace:
[  265.232505][ T7733]  <TASK>
[  265.235496][ T7733]  dump_stack_lvl+0x241/0x360
[  265.240262][ T7733]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.245549][ T7733]  ? __pfx__printk+0x10/0x10
[  265.250202][ T7733]  ? fs_reclaim_acquire+0x93/0x130
[  265.255414][ T7733]  ? __pfx___might_resched+0x10/0x10
[  265.260778][ T7733]  should_fail_ex+0x3b0/0x4e0
[  265.265534][ T7733]  should_failslab+0xac/0x100
[  265.270262][ T7733]  ? security_inode_alloc+0x37/0x310
[  265.275599][ T7733]  kmem_cache_alloc_noprof+0x70/0x380
[  265.281050][ T7733]  security_inode_alloc+0x37/0x310
[  265.286243][ T7733]  inode_init_always_gfp+0xa0f/0xd90
[  265.291615][ T7733]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  265.297132][ T7733]  alloc_inode+0x9f/0x1a0
[  265.301518][ T7733]  new_inode+0x22/0x1d0
[  265.305734][ T7733]  shmem_get_inode+0x39d/0xf20
[  265.310564][ T7733]  shmem_mknod+0x191/0x3d0
[  265.315069][ T7733]  shmem_mkdir+0x33/0x70
[  265.319375][ T7733]  vfs_mkdir+0x2f9/0x4f0
[  265.323718][ T7733]  do_mkdirat+0x264/0x3a0
[  265.328132][ T7733]  ? __phys_addr_symbol+0x2f/0x70
[  265.333228][ T7733]  ? __check_object_size+0x48e/0x900
[  265.338591][ T7733]  ? __pfx_do_mkdirat+0x10/0x10
[  265.343506][ T7733]  ? strncpy_from_user+0x152/0x270
[  265.348684][ T7733]  ? getname_flags+0x1e3/0x540
[  265.353500][ T7733]  __x64_sys_mkdir+0x6c/0x80
[  265.358157][ T7733]  do_syscall_64+0xf3/0x230
[  265.362725][ T7733]  ? clear_bhb_loop+0x35/0x90
[  265.367445][ T7733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.373392][ T7733] RIP: 0033:0x7fa91d97e819
[  265.377856][ T7733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.397517][ T7733] RSP: 002b:00007fa91e83f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  265.405997][ T7733] RAX: ffffffffffffffda RBX: 00007fa91db35fa0 RCX: 00007fa91d97e819
[  265.414021][ T7733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000300
[  265.422039][ T7733] RBP: 00007fa91e83f090 R08: 0000000000000000 R09: 0000000000000000
[  265.430060][ T7733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.438079][ T7733] R13: 0000000000000000 R14: 00007fa91db35fa0 R15: 00007fff957357a8
[  265.446140][ T7733]  </TASK>
[  266.241996][ T7740] ubi0: attaching mtd0
[  266.254426][ T7740] ubi0: scanning is finished
[  266.721992][ T7740] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  267.010829][   T58] usb 4-1: device not accepting address 10, error -71
[  271.785069][ T7785] FAULT_INJECTION: forcing a failure.
[  271.785069][ T7785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.875028][ T7785] CPU: 0 UID: 0 PID: 7785 Comm: syz.1.437 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  271.885436][ T7785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  271.895518][ T7785] Call Trace:
[  271.898820][ T7785]  <TASK>
[  271.901779][ T7785]  dump_stack_lvl+0x241/0x360
[  271.906502][ T7785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.911742][ T7785]  ? __pfx__printk+0x10/0x10
[  271.916380][ T7785]  ? __pfx_lock_release+0x10/0x10
[  271.921444][ T7785]  should_fail_ex+0x3b0/0x4e0
[  271.926192][ T7785]  _copy_from_user+0x2f/0xc0
[  271.930819][ T7785]  copy_msghdr_from_user+0xae/0x680
[  271.936057][ T7785]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  271.941900][ T7785]  ? __fget_files+0x2a/0x410
[  271.946530][ T7785]  ? __fget_files+0x2a/0x410
[  271.951168][ T7785]  __sys_sendmsg+0x209/0x350
[  271.955787][ T7785]  ? __pfx_lock_release+0x10/0x10
[  271.960846][ T7785]  ? __pfx___sys_sendmsg+0x10/0x10
[  271.965998][ T7785]  ? __pfx_vfs_write+0x10/0x10
[  271.970838][ T7785]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  271.977195][ T7785]  ? do_syscall_64+0x100/0x230
[  271.982016][ T7785]  ? do_syscall_64+0xb6/0x230
[  271.986762][ T7785]  do_syscall_64+0xf3/0x230
[  271.991329][ T7785]  ? clear_bhb_loop+0x35/0x90
[  271.996066][ T7785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.002014][ T7785] RIP: 0033:0x7fccae77e819
[  272.006463][ T7785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.026120][ T7785] RSP: 002b:00007fccaf536038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.034575][ T7785] RAX: ffffffffffffffda RBX: 00007fccae935fa0 RCX: 00007fccae77e819
[  272.042577][ T7785] RDX: 0000000000008010 RSI: 0000000020000680 RDI: 0000000000000004
[  272.050576][ T7785] RBP: 00007fccaf536090 R08: 0000000000000000 R09: 0000000000000000
[  272.058577][ T7785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.066576][ T7785] R13: 0000000000000000 R14: 00007fccae935fa0 R15: 00007ffd4dba0f38
[  272.074595][ T7785]  </TASK>
[  272.093314][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.4.439'.
[  272.430878][   T25] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  272.621060][   T25] usb 3-1: Using ep0 maxpacket: 8
[  272.635885][   T25] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  272.644442][   T25] usb 3-1: config 179 has no interface number 0
[  272.651237][   T25] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  272.662525][   T25] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  272.775791][   T25] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  272.905514][   T25] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  273.026158][   T25] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  273.040134][   T25] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  273.049852][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.070787][ T7782] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  273.451214][ T7804] 9pnet_fd: Insufficient options for proto=fd
[  274.298367][ T7782] netlink: 165 bytes leftover after parsing attributes in process `syz.2.436'.
[  275.141885][ T7782] syz.2.436 (7782): drop_caches: 2
[  275.650489][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  275.650511][   T29] audit: type=1326 audit(1732637170.519:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7820 comm="syz.5.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ac97e819 code=0x7ffc0000
[  275.731189][   T58] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  275.759253][   T29] audit: type=1326 audit(1732637170.519:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7820 comm="syz.5.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f49ac97e819 code=0x7ffc0000
[  275.826453][   T29] audit: type=1326 audit(1732637170.529:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7820 comm="syz.5.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ac97e819 code=0x7ffc0000
[  275.930693][ T5950] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  276.072373][   T58] usb 5-1: Using ep0 maxpacket: 8
[  276.120731][   T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  276.160860][ T5950] usb 2-1: Using ep0 maxpacket: 32
[  276.166306][   T29] audit: type=1326 audit(1732637170.569:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7820 comm="syz.5.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49ac97e819 code=0x7ffc0000
[  276.188761][   T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  276.249939][   T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  276.260614][ T5950] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.270409][ T5950] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  276.299153][   T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  276.313231][ T5950] usb 2-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[  276.323195][   T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  276.332369][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.340524][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.381866][ T5950] usb 2-1: config 0 descriptor??
[  276.677002][ T5933] usb 3-1: USB disconnect, device number 8
[  276.677113][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  276.691334][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  276.880333][ T7831] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  277.485397][ T7823] overlayfs: missing 'lowerdir'
[  277.667961][ T5950] wacom 0003:056A:00D0.0003: unknown main item tag 0x0
[  277.689714][ T5950] wacom 0003:056A:00D0.0003: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[  277.701354][   T58] usb 5-1: usb_control_msg returned -32
[  277.707003][   T58] usbtmc 5-1:16.0: can't read capabilities
[  279.581510][   T58] usb 5-1: USB disconnect, device number 18
[  279.930619][ T5950] wacom 0003:056A:00D0.0003: hidraw0: USB HID vff.fc Device [HID 056a:00d0] on usb-dummy_hcd.1-1/input0
[  279.949991][ T5950] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D0.0003/input/input7
[  281.388661][ T5950] usb 2-1: USB disconnect, device number 19
[  281.399177][ T7870] vlan2: entered allmulticast mode
[  281.405063][ T7870] bridge0: entered allmulticast mode
[  281.415484][ T7870] bridge0: port 3(vlan2) entered blocking state
[  281.422034][ T7870] bridge0: port 3(vlan2) entered disabled state
[  282.418143][ T7870] bridge0: left allmulticast mode
[  282.527733][ T7873] vlan2: entered allmulticast mode
[  282.542161][ T7873] bridge0: entered allmulticast mode
[  282.704964][ T7873] bridge0: port 3(vlan2) entered blocking state
[  282.752753][ T7873] bridge0: port 3(vlan2) entered disabled state
[  283.200121][ T7873] bridge0: left allmulticast mode
[  283.340684][ T5933] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  285.527926][   T29] audit: type=1326 audit(1732637180.409:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7884 comm="syz.3.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c437e819 code=0x7fc00000
[  285.560980][ T5933] usb 3-1: device descriptor read/all, error -71
[  287.283084][ T7920] netlink: 96 bytes leftover after parsing attributes in process `syz.4.471'.
[  288.184819][ T7931] FAULT_INJECTION: forcing a failure.
[  288.184819][ T7931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.278918][ T7931] CPU: 0 UID: 0 PID: 7931 Comm: syz.4.474 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  288.289273][ T7931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  288.299373][ T7931] Call Trace:
[  288.302684][ T7931]  <TASK>
[  288.305643][ T7931]  dump_stack_lvl+0x241/0x360
[  288.310371][ T7931]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.315617][ T7931]  ? __pfx__printk+0x10/0x10
[  288.320259][ T7931]  ? __pfx_lock_release+0x10/0x10
[  288.325347][ T7931]  should_fail_ex+0x3b0/0x4e0
[  288.330073][ T7931]  _copy_from_user+0x2f/0xc0
[  288.334713][ T7931]  __sys_bpf+0x1a4/0x810
[  288.339007][ T7931]  ? __pfx___sys_bpf+0x10/0x10
[  288.343824][ T7931]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  288.349834][ T7931]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  288.356202][ T7931]  ? do_syscall_64+0x100/0x230
[  288.361017][ T7931]  __x64_sys_bpf+0x7c/0x90
[  288.365472][ T7931]  do_syscall_64+0xf3/0x230
[  288.370010][ T7931]  ? clear_bhb_loop+0x35/0x90
[  288.374741][ T7931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.380683][ T7931] RIP: 0033:0x7fa91d97e819
[  288.385138][ T7931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.404792][ T7931] RSP: 002b:00007fa91e83f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  288.413263][ T7931] RAX: ffffffffffffffda RBX: 00007fa91db35fa0 RCX: 00007fa91d97e819
[  288.421290][ T7931] RDX: 0000000000000018 RSI: 0000000020000080 RDI: 0000000000000011
[  288.429304][ T7931] RBP: 00007fa91e83f090 R08: 0000000000000000 R09: 0000000000000000
[  288.437313][ T7931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.445332][ T7931] R13: 0000000000000000 R14: 00007fa91db35fa0 R15: 00007fff957357a8
[  288.453372][ T7931]  </TASK>
[  289.024492][ T5848] Bluetooth: hci5: command 0x0406 tx timeout
[  289.050818][ T5933] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  289.290034][ T5933] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  290.185388][ T5933] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.193524][ T5933] usb 3-1: Product: syz
[  290.197721][ T5933] usb 3-1: Manufacturer: syz
[  290.202424][ T5933] usb 3-1: SerialNumber: syz
[  290.353815][ T5933] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  290.430046][ T5923] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  291.498340][ T7960] netlink: 'syz.4.482': attribute type 1 has an invalid length.
[  291.506544][ T7960] netlink: 244 bytes leftover after parsing attributes in process `syz.4.482'.
[  291.531105][ T7960] netlink: 48 bytes leftover after parsing attributes in process `syz.4.482'.
[  291.583640][ T7961] netlink: 28 bytes leftover after parsing attributes in process `syz.4.482'.
[  291.597917][ T7961] netlink: 96 bytes leftover after parsing attributes in process `syz.4.482'.
[  291.990731][ T7964] netlink: 'syz.4.483': attribute type 1 has an invalid length.
[  292.008538][ T7964] netlink: 224 bytes leftover after parsing attributes in process `syz.4.483'.
[  292.450910][ T5923] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  292.458725][ T5923] ath9k_htc: Failed to initialize the device
[  292.511936][ T5923] usb 3-1: ath9k_htc: USB layer deinitialized
[  292.559801][ T5918] usb 3-1: USB disconnect, device number 10
[  293.546989][ T7987] 9pnet: Could not find request transport: fd0x0000000000000008
[  294.931446][ T5847] Bluetooth: hci5: command 0x0406 tx timeout
[  304.429320][ T6312] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.506937][ T6312] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.570383][ T6312] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.617150][ T6312] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.728867][ T6312] bridge_slave_1: left allmulticast mode
[  304.735180][ T6312] bridge_slave_1: left promiscuous mode
[  304.742885][ T6312] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.761754][ T6312] bridge_slave_0: left allmulticast mode
[  304.767530][ T6312] bridge_slave_0: left promiscuous mode
[  304.773852][ T6312] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.944418][ T6312] batman_adv: batadv0: Removing interface: gretap1
[  305.133787][ T6312] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  305.148624][ T6312] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  305.159489][ T6312] bond0 (unregistering): Released all slaves
[  305.426393][ T6312] hsr_slave_0: left promiscuous mode
[  305.432746][ T6312] hsr_slave_1: left promiscuous mode
[  305.439109][ T6312] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.446813][ T6312] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.455719][ T6312] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.463787][ T6312] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.483368][ T6312] veth1_macvtap: left promiscuous mode
[  305.489200][ T6312] veth0_macvtap: left promiscuous mode
[  305.496249][ T6312] veth1_vlan: left promiscuous mode
[  305.503188][ T6312] veth0_vlan: left promiscuous mode
[  305.916473][ T6312] team0 (unregistering): Port device team_slave_1 removed
[  305.959028][ T6312] team0 (unregistering): Port device team_slave_0 removed
[  317.582940][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  317.589529][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  379.014275][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  379.022768][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  440.452623][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  440.460062][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  444.931045][   T30] INFO: task syz.2.476:7962 blocked for more than 143 seconds.
[  444.938688][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  444.946095][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  444.955089][   T30] task:syz.2.476       state:D stack:27128 pid:7962  tgid:7934  ppid:5849   flags:0x00000004
[  444.966798][   T30] Call Trace:
[  444.970157][   T30]  <TASK>
[  444.973415][   T30]  __schedule+0x17fb/0x4be0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  444.978015][   T30]  ? __pfx___schedule+0x10/0x10
[  444.983230][   T30]  ? __pfx_lock_release+0x10/0x10
[  444.988314][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  444.994469][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  445.000415][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  445.006871][   T30]  ? schedule+0x90/0x320
[  445.011463][   T30]  schedule+0x14b/0x320
[  445.015848][   T30]  schedule_preempt_disabled+0x13/0x30
[  445.021439][   T30]  __mutex_lock+0x7e7/0xee0
[  445.026001][   T30]  ? __mutex_lock+0x5ef/0xee0
[  445.030891][   T30]  ? lock_system_sleep+0x60/0xa0
[  445.035882][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  445.041026][   T30]  ? misc_open+0x54/0x340
[  445.045417][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  445.090785][   T30]  ? chrdev_open+0x36e/0x600
[  445.095482][   T30]  lock_system_sleep+0x60/0xa0
[  445.100292][   T30]  ? __pfx_snapshot_open+0x10/0x10
[  445.128573][   T30]  snapshot_open+0x27/0x280
[  445.133556][   T30]  ? __pfx_snapshot_open+0x10/0x10
[  445.138720][   T30]  misc_open+0x2cc/0x340
[  445.143062][   T30]  chrdev_open+0x521/0x600
[  445.147524][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  445.152651][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  445.157899][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  445.162938][   T30]  do_dentry_open+0xbe1/0x1b70
[  445.167746][   T30]  vfs_open+0x3e/0x330
[  445.173054][   T30]  path_openat+0x2c84/0x3590
[  445.177737][   T30]  ? __pfx_path_openat+0x10/0x10
[  445.182909][   T30]  do_filp_open+0x27f/0x4e0
[  445.187461][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  445.192672][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  445.197773][   T30]  do_sys_openat2+0x13e/0x1d0
[  445.202578][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  445.207824][   T30]  __x64_sys_openat+0x247/0x2a0
[  445.213094][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  445.218511][   T30]  ? do_syscall_64+0x100/0x230
[  445.223381][   T30]  ? do_syscall_64+0xb6/0x230
[  445.228098][   T30]  do_syscall_64+0xf3/0x230
[  445.232759][   T30]  ? clear_bhb_loop+0x35/0x90
[  445.237470][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.243595][   T30] RIP: 0033:0x7fd5f797e819
[  445.248059][   T30] RSP: 002b:00007fd5f8723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  445.256899][   T30] RAX: ffffffffffffffda RBX: 00007fd5f7b36080 RCX: 00007fd5f797e819
[  445.264988][   T30] RDX: 0000000000000080 RSI: 0000000020002900 RDI: ffffffffffffff9c
[  445.274222][   T30] RBP: 00007fd5f79f175e R08: 0000000000000000 R09: 0000000000000000
[  445.282368][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  445.290376][   T30] R13: 0000000000000000 R14: 00007fd5f7b36080 R15: 00007fff42a265c8
[  445.298589][   T30]  </TASK>
[  445.301786][   T30] INFO: task syz.4.484:7969 blocked for more than 143 seconds.
[  445.309364][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  445.316879][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  445.325757][   T30] task:syz.4.484       state:D stack:26448 pid:7969  tgid:7968  ppid:5846   flags:0x00000004
[  445.336850][   T30] Call Trace:
[  445.340173][   T30]  <TASK>
[  445.345031][   T30]  __schedule+0x17fb/0x4be0
[  445.349630][   T30]  ? __pfx___schedule+0x10/0x10
[  445.354625][   T30]  ? __pfx_lock_release+0x10/0x10
[  445.359665][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  445.365742][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  445.371988][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  445.379417][   T30]  ? schedule+0x90/0x320
[  445.383808][   T30]  schedule+0x14b/0x320
[  445.387999][   T30]  schedule_preempt_disabled+0x13/0x30
[  445.393637][   T30]  __mutex_lock+0x7e7/0xee0
[  445.398185][   T30]  ? __mutex_lock+0x5ef/0xee0
[  445.402974][   T30]  ? misc_open+0x54/0x340
[  445.407437][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  445.413108][   T30]  ? chrdev_open+0xfb/0x600
[  445.417676][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  445.423458][   T30]  misc_open+0x54/0x340
[  445.427658][   T30]  chrdev_open+0x521/0x600
[  445.432458][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  445.437438][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  445.442752][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  445.447724][   T30]  do_dentry_open+0xbe1/0x1b70
[  445.452737][   T30]  vfs_open+0x3e/0x330
[  445.456847][   T30]  path_openat+0x2c84/0x3590
[  445.461576][   T30]  ? __pfx_path_openat+0x10/0x10
[  445.466596][   T30]  do_filp_open+0x27f/0x4e0
[  445.471279][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  445.477243][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  445.482434][   T30]  do_sys_openat2+0x13e/0x1d0
[  445.487147][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  445.492607][   T30]  __x64_sys_openat+0x247/0x2a0
[  445.497515][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  445.503002][   T30]  ? do_syscall_64+0x100/0x230
[  445.507821][   T30]  ? do_syscall_64+0xb6/0x230
[  445.512699][   T30]  do_syscall_64+0xf3/0x230
[  445.517248][   T30]  ? clear_bhb_loop+0x35/0x90
[  445.522057][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.528001][   T30] RIP: 0033:0x7fa91d97e819
[  445.532616][   T30] RSP: 002b:00007fa91e83f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  445.541391][   T30] RAX: ffffffffffffffda RBX: 00007fa91db35fa0 RCX: 00007fa91d97e819
[  445.549390][   T30] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 00000000ffffff9c
[  445.557512][   T30] RBP: 00007fa91d9f175e R08: 0000000000000000 R09: 0000000000000000
[  445.565610][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  445.573795][   T30] R13: 0000000000000000 R14: 00007fa91db35fa0 R15: 00007fff957357a8
[  445.583018][   T30]  </TASK>
[  445.586093][   T30] INFO: task syz.4.484:7970 blocked for more than 144 seconds.
[  445.593814][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  445.601209][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  445.609895][   T30] task:syz.4.484       state:D stack:24992 pid:7970  tgid:7968  ppid:5846   flags:0x00000004
[  445.620330][   T30] Call Trace:
[  445.623699][   T30]  <TASK>
[  445.626669][   T30]  __schedule+0x17fb/0x4be0
[  445.631400][   T30]  ? __pfx___schedule+0x10/0x10
[  445.636306][   T30]  ? __pfx_lock_release+0x10/0x10
[  445.641460][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  445.647390][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  445.653646][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  445.660017][   T30]  ? schedule+0x90/0x320
[  445.664860][   T30]  schedule+0x14b/0x320
[  445.669090][   T30]  schedule_preempt_disabled+0x13/0x30
[  445.674756][   T30]  __mutex_lock+0x7e7/0xee0
[  445.679301][   T30]  ? __mutex_lock+0x5ef/0xee0
[  445.685045][   T30]  ? misc_open+0x54/0x340
[  445.689422][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  445.694660][   T30]  ? chrdev_open+0xfb/0x600
[  445.699200][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  445.704950][   T30]  misc_open+0x54/0x340
[  445.709136][   T30]  chrdev_open+0x521/0x600
[  445.713722][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  445.718694][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  445.724005][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  445.728979][   T30]  do_dentry_open+0xbe1/0x1b70
[  445.734013][   T30]  vfs_open+0x3e/0x330
[  445.738135][   T30]  path_openat+0x2c84/0x3590
[  445.742890][   T30]  ? __pfx_path_openat+0x10/0x10
[  445.747889][   T30]  do_filp_open+0x27f/0x4e0
[  445.752687][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  445.757852][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  445.763315][   T30]  do_sys_openat2+0x13e/0x1d0
[  445.768049][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  445.773508][   T30]  __x64_sys_openat+0x247/0x2a0
[  445.778405][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  445.784897][   T30]  ? do_syscall_64+0x100/0x230
[  445.789715][   T30]  ? do_syscall_64+0xb6/0x230
[  445.794581][   T30]  do_syscall_64+0xf3/0x230
[  445.799125][   T30]  ? clear_bhb_loop+0x35/0x90
[  445.803894][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.809823][   T30] RIP: 0033:0x7fa91d97e819
[  445.814449][   T30] RSP: 002b:00007fa91e81e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  445.822985][   T30] RAX: ffffffffffffffda RBX: 00007fa91db36080 RCX: 00007fa91d97e819
[  445.831136][   T30] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: ffffffffffffff9c
[  445.839139][   T30] RBP: 00007fa91d9f175e R08: 0000000000000000 R09: 0000000000000000
[  445.847226][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  445.855397][   T30] R13: 0000000000000000 R14: 00007fa91db36080 R15: 00007fff957357a8
[  445.863785][   T30]  </TASK>
[  445.866867][   T30] INFO: task syz.4.484:7971 blocked for more than 144 seconds.
[  445.875011][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  445.882508][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  445.892355][   T30] task:syz.4.484       state:D stack:27360 pid:7971  tgid:7968  ppid:5846   flags:0x00000004
[  445.902701][   T30] Call Trace:
[  445.906007][   T30]  <TASK>
[  445.908944][   T30]  __schedule+0x17fb/0x4be0
[  445.913678][   T30]  ? __pfx___schedule+0x10/0x10
[  445.918578][   T30]  ? __pfx_lock_release+0x10/0x10
[  445.923714][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  445.929660][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  445.935753][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  445.942215][   T30]  ? schedule+0x90/0x320
[  445.946498][   T30]  schedule+0x14b/0x320
[  445.950844][   T30]  schedule_preempt_disabled+0x13/0x30
[  445.956361][   T30]  __mutex_lock+0x7e7/0xee0
[  445.961037][   T30]  ? __mutex_lock+0x5ef/0xee0
[  445.965757][   T30]  ? misc_open+0x54/0x340
[  445.970095][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  445.975369][   T30]  ? chrdev_open+0xfb/0x600
[  445.979909][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  445.985834][   T30]  misc_open+0x54/0x340
[  445.991042][   T30]  chrdev_open+0x521/0x600
[  445.995525][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.000501][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  446.005919][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.011070][   T30]  do_dentry_open+0xbe1/0x1b70
[  446.015891][   T30]  vfs_open+0x3e/0x330
[  446.019972][   T30]  path_openat+0x2c84/0x3590
[  446.024738][   T30]  ? __pfx_path_openat+0x10/0x10
[  446.029792][   T30]  do_filp_open+0x27f/0x4e0
[  446.034575][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  446.039652][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  446.044933][   T30]  do_sys_openat2+0x13e/0x1d0
[  446.049653][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  446.055072][   T30]  __x64_sys_openat+0x247/0x2a0
[  446.059975][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  446.065467][   T30]  ? exc_page_fault+0x590/0x8c0
[  446.070378][   T30]  ? do_syscall_64+0xb6/0x230
[  446.075322][   T30]  do_syscall_64+0xf3/0x230
[  446.079889][   T30]  ? clear_bhb_loop+0x35/0x90
[  446.084667][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.091892][   T30] RIP: 0033:0x7fa91d97d1b0
[  446.096357][   T30] RSP: 002b:00007fa91e7faef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  446.104886][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa91d97d1b0
[  446.113008][   T30] RDX: 0000000000000002 RSI: 00007fa91d9f14f4 RDI: 00000000ffffff9c
[  446.121102][   T30] RBP: 00007fa91d9f14f4 R08: 0000000000000000 R09: 0000000000000000
[  446.129104][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  446.137299][   T30] R13: 000000000000002d R14: 00000000200008c0 R15: 00007fff957357a8
[  446.145421][   T30]  </TASK>
[  446.148480][   T30] INFO: task syz.3.487:7982 blocked for more than 144 seconds.
[  446.156237][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  446.163656][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  446.172518][   T30] task:syz.3.487       state:D stack:23480 pid:7982  tgid:7981  ppid:5843   flags:0x00000004
[  446.182854][   T30] Call Trace:
[  446.186160][   T30]  <TASK>
[  446.189099][   T30]  __schedule+0x17fb/0x4be0
[  446.194760][   T30]  ? __pfx___schedule+0x10/0x10
[  446.199668][   T30]  ? __pfx_lock_release+0x10/0x10
[  446.204997][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  446.211459][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  446.217426][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  446.223866][   T30]  ? schedule+0x90/0x320
[  446.228144][   T30]  schedule+0x14b/0x320
[  446.232465][   T30]  schedule_preempt_disabled+0x13/0x30
[  446.237963][   T30]  __mutex_lock+0x7e7/0xee0
[  446.242576][   T30]  ? __mutex_lock+0x5ef/0xee0
[  446.247297][   T30]  ? misc_open+0x54/0x340
[  446.251806][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  446.256874][   T30]  ? chrdev_open+0xfb/0x600
[  446.261474][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  446.267150][   T30]  misc_open+0x54/0x340
[  446.271467][   T30]  chrdev_open+0x521/0x600
[  446.275918][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.280961][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  446.286240][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.291656][   T30]  do_dentry_open+0xbe1/0x1b70
[  446.297364][   T30]  vfs_open+0x3e/0x330
[  446.301597][   T30]  path_openat+0x2c84/0x3590
[  446.306275][   T30]  ? __pfx_path_openat+0x10/0x10
[  446.311604][   T30]  do_filp_open+0x27f/0x4e0
[  446.316146][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  446.321321][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  446.326415][   T30]  do_sys_openat2+0x13e/0x1d0
[  446.331300][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  446.336562][   T30]  ? __sys_bind+0x219/0x290
[  446.341186][   T30]  __x64_sys_openat+0x247/0x2a0
[  446.346072][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  446.351628][   T30]  ? do_syscall_64+0x100/0x230
[  446.356435][   T30]  ? do_syscall_64+0xb6/0x230
[  446.361223][   T30]  do_syscall_64+0xf3/0x230
[  446.365922][   T30]  ? clear_bhb_loop+0x35/0x90
[  446.370976][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.376929][   T30] RIP: 0033:0x7f44c437e819
[  446.382071][   T30] RSP: 002b:00007f44c5180038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  446.390851][   T30] RAX: ffffffffffffffda RBX: 00007f44c4535fa0 RCX: 00007f44c437e819
[  446.399700][   T30] RDX: 0000000000000000 RSI: 0000000020001740 RDI: ffffffffffffff9c
[  446.407802][   T30] RBP: 00007f44c43f175e R08: 0000000000000000 R09: 0000000000000000
[  446.415972][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  446.424437][   T30] R13: 0000000000000000 R14: 00007f44c4535fa0 R15: 00007ffe19648de8
[  446.432555][   T30]  </TASK>
[  446.435611][   T30] INFO: task syz.1.488:7986 blocked for more than 144 seconds.
[  446.443286][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  446.450809][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  446.459494][   T30] task:syz.1.488       state:D stack:27360 pid:7986  tgid:7985  ppid:5836   flags:0x00000004
[  446.469762][   T30] Call Trace:
[  446.473242][   T30]  <TASK>
[  446.476203][   T30]  __schedule+0x17fb/0x4be0
[  446.480853][   T30]  ? __pfx___schedule+0x10/0x10
[  446.485740][   T30]  ? __pfx_lock_release+0x10/0x10
[  446.490939][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  446.496922][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  446.503939][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  446.510321][   T30]  ? schedule+0x90/0x320
[  446.514738][   T30]  schedule+0x14b/0x320
[  446.518932][   T30]  schedule_preempt_disabled+0x13/0x30
[  446.524486][   T30]  __mutex_lock+0x7e7/0xee0
[  446.529030][   T30]  ? __mutex_lock+0x5ef/0xee0
[  446.534339][   T30]  ? misc_open+0x54/0x340
[  446.538708][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  446.543854][   T30]  ? chrdev_open+0xfb/0x600
[  446.548406][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  446.554235][   T30]  misc_open+0x54/0x340
[  446.558437][   T30]  chrdev_open+0x521/0x600
[  446.562979][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.567950][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  446.573328][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.578302][   T30]  do_dentry_open+0xbe1/0x1b70
[  446.583213][   T30]  vfs_open+0x3e/0x330
[  446.587336][   T30]  path_openat+0x2c84/0x3590
[  446.592150][   T30]  ? __pfx_path_openat+0x10/0x10
[  446.597145][   T30]  do_filp_open+0x27f/0x4e0
[  446.602798][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  446.607866][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  446.613125][   T30]  do_sys_openat2+0x13e/0x1d0
[  446.617843][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  446.623187][   T30]  __x64_sys_openat+0x247/0x2a0
[  446.628076][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  446.633636][   T30]  ? exc_page_fault+0x590/0x8c0
[  446.638530][   T30]  ? do_syscall_64+0xb6/0x230
[  446.643513][   T30]  do_syscall_64+0xf3/0x230
[  446.648060][   T30]  ? clear_bhb_loop+0x35/0x90
[  446.652915][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.658851][   T30] RIP: 0033:0x7fccae77e819
[  446.663394][   T30] RSP: 002b:00007fccaf536038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  446.672063][   T30] RAX: ffffffffffffffda RBX: 00007fccae935fa0 RCX: 00007fccae77e819
[  446.680078][   T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  446.688392][   T30] RBP: 00007fccae7f175e R08: 0000000000000000 R09: 0000000000000000
[  446.696572][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  446.705708][   T30] R13: 0000000000000001 R14: 00007fccae935fa0 R15: 00007ffd4dba0f38
[  446.713945][   T30]  </TASK>
[  446.717024][   T30] INFO: task syz.1.488:7987 blocked for more than 145 seconds.
[  446.724663][   T30]       Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  446.732132][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  446.740917][   T30] task:syz.1.488       state:D stack:24184 pid:7987  tgid:7985  ppid:5836   flags:0x00000004
[  446.751505][   T30] Call Trace:
[  446.754815][   T30]  <TASK>
[  446.757759][   T30]  __schedule+0x17fb/0x4be0
[  446.762411][   T30]  ? __pfx___schedule+0x10/0x10
[  446.767303][   T30]  ? __pfx_lock_release+0x10/0x10
[  446.772575][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  446.778543][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  446.784550][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  446.791109][   T30]  ? schedule+0x90/0x320
[  446.795406][   T30]  schedule+0x14b/0x320
[  446.799578][   T30]  schedule_preempt_disabled+0x13/0x30
[  446.805130][   T30]  __mutex_lock+0x7e7/0xee0
[  446.810821][   T30]  ? __mutex_lock+0x5ef/0xee0
[  446.815573][   T30]  ? misc_open+0x54/0x340
[  446.819986][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  446.825189][   T30]  ? chrdev_open+0xfb/0x600
[  446.829743][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  446.835616][   T30]  misc_open+0x54/0x340
[  446.839905][   T30]  chrdev_open+0x521/0x600
[  446.844522][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.849533][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  446.855359][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  446.860367][   T30]  do_dentry_open+0xbe1/0x1b70
[  446.865490][   T30]  vfs_open+0x3e/0x330
[  446.869657][   T30]  path_openat+0x2c84/0x3590
[  446.874662][   T30]  ? __pfx_path_openat+0x10/0x10
[  446.879696][   T30]  do_filp_open+0x27f/0x4e0
[  446.884348][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  446.889418][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  446.894683][   T30]  do_sys_openat2+0x13e/0x1d0
[  446.899410][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  446.904782][   T30]  __x64_sys_openat+0x247/0x2a0
[  446.910916][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  446.916357][   T30]  ? exc_page_fault+0x590/0x8c0
[  446.921321][   T30]  ? do_syscall_64+0xb6/0x230
[  446.926124][   T30]  do_syscall_64+0xf3/0x230
[  446.930811][   T30]  ? clear_bhb_loop+0x35/0x90
[  446.935563][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.941624][   T30] RIP: 0033:0x7fccae77d1b0
[  446.946095][   T30] RSP: 002b:00007fccaf512ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  446.954766][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fccae77d1b0
[  446.962863][   T30] RDX: 0000000000000002 RSI: 00007fccae7f14f4 RDI: 00000000ffffff9c
[  446.971268][   T30] RBP: 00007fccae7f14f4 R08: 0000000000000000 R09: 0000000000000000
[  446.979284][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  446.987382][   T30] R13: 0000000000000047 R14: 0000000020001fc0 R15: 00007ffd4dba0f38
[  446.995567][   T30]  </TASK>
[  446.998607][   T30] 
[  446.998607][   T30] Showing all locks held in the system:
[  447.006445][   T30] 1 lock held by khungtaskd/30:
[  447.012602][   T30]  #0: ffffffff8e93c520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  447.022683][   T30] 2 locks held by getty/5590:
[  447.027386][   T30]  #0: ffff88814dee40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  447.037316][   T30]  #1: ffffc90002fee2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  447.047569][   T30] 5 locks held by syz.0.174/6636:
[  447.052773][   T30]  #0: ffff8880347c29b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x254/0x320
[  447.062001][   T30]  #1: ffff8880356a2420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x225/0xd30
[  447.071103][   T30]  #2: ffff888067c2a488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1ea/0x500
[  447.081225][   T30]  #3: ffff8881412ceb48 (kn->active#61){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  447.091558][   T30]  #4: ffffffff8e7ef588 (system_transition_mutex){+.+.}-{4:4}, at: software_resume+0x45/0x3d0
[  447.102042][   T30] 5 locks held by kworker/u8:13/7487:
[  447.107449][   T30] 2 locks held by syz.2.476/7962:
[  447.112664][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.122139][   T30]  #1: ffffffff8e7ef588 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[  447.132739][   T30] 1 lock held by syz.4.484/7969:
[  447.137703][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.146284][   T30] 1 lock held by syz.4.484/7970:
[  447.151352][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.159822][   T30] 1 lock held by syz.4.484/7971:
[  447.164852][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.173477][   T30] 1 lock held by syz.3.487/7982:
[  447.178437][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.186997][   T30] 1 lock held by syz.1.488/7986:
[  447.192335][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.200957][   T30] 1 lock held by syz.1.488/7987:
[  447.205913][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.214556][   T30] 1 lock held by syz-executor/7993:
[  447.220798][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.229338][   T30] 1 lock held by syz-executor/7994:
[  447.234731][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.243331][   T30] 1 lock held by syz-executor/7997:
[  447.248541][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.257202][   T30] 1 lock held by syz-executor/8000:
[  447.262590][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.271321][   T30] 1 lock held by syz-executor/8001:
[  447.276547][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.285129][   T30] 1 lock held by syz-executor/8003:
[  447.290358][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.298992][   T30] 1 lock held by syz-executor/8005:
[  447.304409][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.313045][   T30] 1 lock held by syz-executor/8007:
[  447.319340][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.327981][   T30] 1 lock held by syz-executor/8009:
[  447.333545][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.342483][   T30] 1 lock held by syz-executor/8011:
[  447.347733][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.356465][   T30] 1 lock held by syz-executor/8014:
[  447.361810][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.370780][   T30] 1 lock held by syz-executor/8015:
[  447.376028][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.384670][   T30] 1 lock held by syz-executor/8017:
[  447.389892][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.398557][   T30] 1 lock held by syz-executor/8019:
[  447.403902][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.412831][   T30] 1 lock held by syz-executor/8021:
[  447.418075][   T30]  #0: ffffffff8f18b728 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  447.428333][   T30] 
[  447.430789][   T30] =============================================
[  447.430789][   T30] 
[  447.439559][   T30] NMI backtrace for cpu 0
[  447.443930][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  447.454086][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  447.464145][   T30] Call Trace:
[  447.467425][   T30]  <TASK>
[  447.470359][   T30]  dump_stack_lvl+0x241/0x360
[  447.475053][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  447.480259][   T30]  ? __pfx__printk+0x10/0x10
[  447.484873][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  447.489922][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  447.495406][   T30]  ? _printk+0xd5/0x120
[  447.499567][   T30]  ? __pfx__printk+0x10/0x10
[  447.504166][   T30]  ? __wake_up_klogd+0xcc/0x110
[  447.509027][   T30]  ? __pfx__printk+0x10/0x10
[  447.513628][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  447.518652][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  447.524647][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  447.530649][   T30]  watchdog+0xffb/0x1040
[  447.534936][   T30]  ? watchdog+0x1ea/0x1040
[  447.539388][   T30]  ? __pfx_watchdog+0x10/0x10
[  447.544075][   T30]  kthread+0x2f0/0x390
[  447.548167][   T30]  ? __pfx_watchdog+0x10/0x10
[  447.552871][   T30]  ? __pfx_kthread+0x10/0x10
[  447.557498][   T30]  ret_from_fork+0x4b/0x80
[  447.561966][   T30]  ? __pfx_kthread+0x10/0x10
[  447.566590][   T30]  ret_from_fork_asm+0x1a/0x30
[  447.571394][   T30]  </TASK>
[  447.575430][   T30] Sending NMI from CPU 0 to CPUs 1:
[  447.581388][    C1] NMI backtrace for cpu 1
[  447.581405][    C1] CPU: 1 UID: 0 PID: 6312 Comm: kworker/u8:11 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  447.581427][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  447.581440][    C1] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[  447.581471][    C1] RIP: 0010:debug_lockdep_rcu_enabled+0x21/0x40
[  447.581500][    C1] Code: 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 31 c0 83 3d e7 88 53 04 00 74 1e 83 3d 7a ba 53 04 00 74 15 65 48 8b 0c 25 80 d4 03 00 <31> c0 83 b9 dc 0a 00 00 00 0f 94 c0 c3 cc cc cc cc 66 2e 0f 1f 84
[  447.581517][    C1] RSP: 0018:ffffc9000b3579b8 EFLAGS: 00000202
[  447.581533][    C1] RAX: 0000000000000000 RBX: 00000000000000ce RCX: ffff8880313cbc00
[  447.581547][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aea80 RDI: ffffffff8c6076a0
[  447.581562][    C1] RBP: ffffc9000b357af8 R08: ffffffff942e9887 R09: 1ffffffff285d310
[  447.581577][    C1] R10: dffffc0000000000 R11: fffffbfff285d311 R12: ffff888061fee000
[  447.581592][    C1] R13: ffff88802f165b00 R14: dffffc0000000000 R15: ffff888035eb0670
[  447.581607][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  447.581623][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  447.581637][    C1] CR2: 000055f7eadddf50 CR3: 000000000e738000 CR4: 00000000003526f0
[  447.581656][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  447.581667][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  447.581680][    C1] Call Trace:
[  447.581686][    C1]  <NMI>
[  447.581695][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  447.581714][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  447.581737][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  447.581756][    C1]  ? nmi_handle+0x2a/0x5a0
[  447.581787][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  447.581815][    C1]  ? nmi_handle+0x14f/0x5a0
[  447.581836][    C1]  ? nmi_handle+0x2a/0x5a0
[  447.581858][    C1]  ? debug_lockdep_rcu_enabled+0x21/0x40
[  447.581883][    C1]  ? default_do_nmi+0x63/0x160
[  447.581903][    C1]  ? exc_nmi+0x123/0x1f0
[  447.581922][    C1]  ? end_repeat_nmi+0xf/0x53
[  447.581947][    C1]  ? debug_lockdep_rcu_enabled+0x21/0x40
[  447.581974][    C1]  ? debug_lockdep_rcu_enabled+0x21/0x40
[  447.582001][    C1]  ? debug_lockdep_rcu_enabled+0x21/0x40
[  447.582027][    C1]  </NMI>
[  447.582033][    C1]  <TASK>
[  447.582039][    C1]  batadv_iv_ogm_schedule+0x448/0x10a0
[  447.582064][    C1]  ? batadv_iv_ogm_schedule+0x41e/0x10a0
[  447.582089][    C1]  ? __pfx_batadv_iv_ogm_schedule+0x10/0x10
[  447.582110][    C1]  ? batadv_send_skb_packet+0x439/0x690
[  447.582140][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x6fe/0x810
[  447.582171][    C1]  ? process_scheduled_works+0x976/0x1850
[  447.582208][    C1]  process_scheduled_works+0xa63/0x1850
[  447.582252][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  447.582286][    C1]  ? assign_work+0x364/0x3d0
[  447.582317][    C1]  worker_thread+0x870/0xd30
[  447.582339][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  447.582367][    C1]  ? __kthread_parkme+0x169/0x1d0
[  447.582387][    C1]  ? __pfx_worker_thread+0x10/0x10
[  447.582405][    C1]  kthread+0x2f0/0x390
[  447.582425][    C1]  ? __pfx_worker_thread+0x10/0x10
[  447.582442][    C1]  ? __pfx_kthread+0x10/0x10
[  447.582463][    C1]  ret_from_fork+0x4b/0x80
[  447.582480][    C1]  ? __pfx_kthread+0x10/0x10
[  447.582501][    C1]  ret_from_fork_asm+0x1a/0x30
[  447.582537][    C1]  </TASK>
[  447.584231][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  447.919932][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  447.930116][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  447.940195][   T30] Call Trace:
[  447.943497][   T30]  <TASK>
[  447.946449][   T30]  dump_stack_lvl+0x241/0x360
[  447.951155][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  447.956399][   T30]  ? __pfx__printk+0x10/0x10
[  447.961005][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  447.967018][   T30]  ? vscnprintf+0x5d/0x90
[  447.971365][   T30]  panic+0x349/0x880
[  447.975287][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  447.981459][   T30]  ? __pfx_panic+0x10/0x10
[  447.985898][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  447.991297][   T30]  ? __irq_work_queue_local+0x137/0x410
[  447.996860][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  448.002252][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  448.008422][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  448.014587][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  448.020755][   T30]  watchdog+0x103a/0x1040
[  448.025120][   T30]  ? watchdog+0x1ea/0x1040
[  448.029558][   T30]  ? __pfx_watchdog+0x10/0x10
[  448.034237][   T30]  kthread+0x2f0/0x390
[  448.038319][   T30]  ? __pfx_watchdog+0x10/0x10
[  448.043015][   T30]  ? __pfx_kthread+0x10/0x10
[  448.047632][   T30]  ret_from_fork+0x4b/0x80
[  448.052069][   T30]  ? __pfx_kthread+0x10/0x10
[  448.056688][   T30]  ret_from_fork_asm+0x1a/0x30
[  448.061498][   T30]  </TASK>
[  448.064868][   T30] Kernel Offset: disabled
[  448.069210][   T30] Rebooting in 86400 seconds..