last executing test programs:

16m57.818472537s ago: executing program 4 (id=442):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={<r2=>0x0, 0x0, 0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, 0x0, &(0x7f0000000300))
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=r2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x82}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7d}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

16m56.955695234s ago: executing program 4 (id=447):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)={0x114, 0x33, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x3, 0x0, 0x0, @u64=0x600}, @typed={0x14, 0x8, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x24040040}, 0x2000)

16m56.756252445s ago: executing program 4 (id=449):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000075f84c1071042703a46100000001090212"], 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)=""/42)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='fsi_master_acf_poll_response_busy\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000300))
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x0, &(0x7f0000000100)=0x7fffffff)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r8)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="01000100f300000000001f000000080002"], 0x1c}}, 0x0)
r10 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r11 = dup(r10)
write$6lowpan_enable(r11, &(0x7f0000000000)='0', 0x1)
setsockopt$sock_linger(r11, 0x1, 0xd, &(0x7f0000000180)={0x1, 0x90a8}, 0x8)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
r12 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendto$packet(r12, 0x0, 0xffffffffffffff66, 0x0, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
syz_usb_control_io$hid(r0, 0x0, 0x0)

16m51.428731226s ago: executing program 4 (id=460):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
getresuid(&(0x7f0000000140)=<r0=>0x0, &(0x7f00000002c0), &(0x7f0000000300))
quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, r0, &(0x7f0000000340))
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_RESET(r1, 0x5000, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x8, &(0x7f0000000080)=0x802, 0x4)
setsockopt$packet_int(r2, 0x107, 0x9, &(0x7f0000000000)=0xffffff80, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x4)
write(r3, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5'])
r4 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='mpol=interleave'])
syz_clone(0x800080, &(0x7f00000004c0)="0439f593fea2cfb8bb9d757826cfd00f24d9b328de8fdb35f53042a7264a804111113f7a6917d4c9fafe4ec308e86a8ce4682fb6840e9f6e7901806ace26b791986987a475aa8148884e484c6b2358df81a1f3da9349febde0b56c8ee81b3625acc414b156fee3f7ab08392b39008f0f8a72df5dd753d4166b87f2f4844ba0df587d448f0437263583167d735e9b59dabcb6dc73e6bb252d715d01c8491235770e66379e035b927463b6ffd1f5d452d2293d143525e1153667304f30afe6ce0da66ef489", 0xc4, &(0x7f00000005c0), &(0x7f00000006c0), &(0x7f0000000740)="e59139b9")
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000280)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r7}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x13, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="4e0113442bdc7b9cec078e3f69bba1aafb000800004195b12afe80007110"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
write$binfmt_script(r5, &(0x7f00000000c0), 0x4)

16m48.177746067s ago: executing program 4 (id=470):
r0 = socket$inet6(0xa, 0x3, 0xb6)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000080)=ANY=[@ANYBLOB='\\\x00\x00\x00'], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0xc0, 0x4, @loopback, 0x4}, 0x1c)
set_mempolicy(0x0, &(0x7f0000000000)=0x8, 0xfffffffffffffffb)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x300)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @random="ada68a2f96c6"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x200000400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)

16m46.107185165s ago: executing program 4 (id=478):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x23}}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = syz_open_dev$vbi(0x0, 0x1, 0x2)
r4 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000000480), &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000a00)="c218b8fb4f2711662cda1925942565487e7d348d3cb55586a0b8af4c8b0e15dd9b6a54e2b1949a11fd43529b6d7178ad1bca2c14db39ff5a5cc5653035257088bc479654863b4172cad06d296711c31da28fd6ee8733d014bdff64c5adb64d1df761b14bf856875d2ccbe1d4559c3a7600ffffff237a5aa929be91720ce0468e265d13f9ce80c2d474cff4fabd20cfa00fdc867ccd24521a769b61fd609b55a3672c221fc7ad9d29bb5a826e9e7fc46139e19be09c2528fdfba998dd047e8115c02807698c6c824a940100000000000000636c88246f7df2ea55c356a3f2ff7136e7f1cc7dc8a6500d08b554a0932784e08369203b220e9d7109cee984e6c620739f594cd4e06742cad50cc162b30348ab2082176734522f00f9b1baec7e6aeed020c10affa1d20a79dde91f42882b766be08d1a9b39060af788a357b05120948857f8dde09dbde139ec000000000000177c19e9d794dbc1fedae6b4fe888eb817", 0x161, r4)
r6 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r6, r7, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'crct10dif\x00\x00\x00 \x00\x00\x00+\xcc\xff%\xd2cTH,\x00'}})
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x4, 0x3, 0x0, [0x0, 0x18000000], [0x8200, 0x1]}}})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000300), 0x309000, 0x0)
ioctl$VIDIOC_QBUF(r3, 0xc058565d, 0x0)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r8, 0x4014563c, &(0x7f000001f9c0)={0xa, {0x8000, 0x200}})
ioctl$VIDIOC_S_SELECTION(r8, 0xc040565f, &(0x7f00000000c0)={0x2, 0x0, 0x0, {0x0, 0x0, 0xffffffff, 0xfffffff9}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r9, 0x8b2c, &(0x7f0000000040))

16m45.505823305s ago: executing program 32 (id=478):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x23}}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = syz_open_dev$vbi(0x0, 0x1, 0x2)
r4 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000000480), &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000a00)="c218b8fb4f2711662cda1925942565487e7d348d3cb55586a0b8af4c8b0e15dd9b6a54e2b1949a11fd43529b6d7178ad1bca2c14db39ff5a5cc5653035257088bc479654863b4172cad06d296711c31da28fd6ee8733d014bdff64c5adb64d1df761b14bf856875d2ccbe1d4559c3a7600ffffff237a5aa929be91720ce0468e265d13f9ce80c2d474cff4fabd20cfa00fdc867ccd24521a769b61fd609b55a3672c221fc7ad9d29bb5a826e9e7fc46139e19be09c2528fdfba998dd047e8115c02807698c6c824a940100000000000000636c88246f7df2ea55c356a3f2ff7136e7f1cc7dc8a6500d08b554a0932784e08369203b220e9d7109cee984e6c620739f594cd4e06742cad50cc162b30348ab2082176734522f00f9b1baec7e6aeed020c10affa1d20a79dde91f42882b766be08d1a9b39060af788a357b05120948857f8dde09dbde139ec000000000000177c19e9d794dbc1fedae6b4fe888eb817", 0x161, r4)
r6 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r6, r7, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'crct10dif\x00\x00\x00 \x00\x00\x00+\xcc\xff%\xd2cTH,\x00'}})
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x4, 0x3, 0x0, [0x0, 0x18000000], [0x8200, 0x1]}}})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000300), 0x309000, 0x0)
ioctl$VIDIOC_QBUF(r3, 0xc058565d, 0x0)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r8, 0x4014563c, &(0x7f000001f9c0)={0xa, {0x8000, 0x200}})
ioctl$VIDIOC_S_SELECTION(r8, 0xc040565f, &(0x7f00000000c0)={0x2, 0x0, 0x0, {0x0, 0x0, 0xffffffff, 0xfffffff9}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r9, 0x8b2c, &(0x7f0000000040))

2m41.176060589s ago: executing program 5 (id=3362):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x3, 0x0, 0xfffffffd}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xe, 0x0, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
faccessat2(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x7, 0x0)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="0f79fa660f1049ef66b9790a00000f32ba4100b009eef30fa7e866b9080900000f32f30f1efb66b8189f00000f23c00f21f86635030009000f23f8bad004ec2e0f0d977147", 0x45}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, &(0x7f0000000100))
r6 = socket(0x22, 0x2, 0x1)
bind$bt_hci(r6, &(0x7f0000000440)={0x1f, 0x3}, 0x6)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="01002cbd7000fedbdf251000000005000f00071000000800"], 0x24}, 0x1, 0x0, 0x0, 0x4004880}, 0x8882)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0031fdbd7000fcdbdf25010000000400068008000200000000000800020007000000"], 0x28}, 0x1, 0x0, 0x0, 0x44008805}, 0x0)

2m39.188778686s ago: executing program 5 (id=3371):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="4804", @ANYRES16], 0x448}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f38c1f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607104c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa87ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09002100000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf4ece4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000acc4d4ba52084d9b997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486216e6949f5e195d2cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c7f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f921860c6e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61fe2010000294800323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e75a7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e824f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5cd628ab84875f2deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c49a0189da9173c62f0ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d8935a9c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000016c0), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'gre0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000180)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x3c0, 0x43)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="0201130010061e00cb2f4359b648d5ed0000388dcf66ac141415ef06e63a808a5e5cbd43af9111aa0c520f06"], 0x3000}], 0x1}, 0x0)
sendfile(r4, r3, 0x0, 0x80004700)

2m36.376793575s ago: executing program 5 (id=3377):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0)
r5 = dup(r4)
fallocate(r5, 0x0, 0x0, 0x400)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xe0ffffff00000000}}, 0x1c)

2m36.288392294s ago: executing program 0 (id=3379):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12011003978959201051009011a96edcc54cbb42e0fe129d59000002030109021200017fdf3876be9a0b18e21984ad8fd72e2b97df847156d1958efc377def2d13dffc1aeb28b9a3440604aa5fddfd182d76db9fd2791d90eede84e23e732d0ebafe8e6d9a11349f67095f131414649dd4381accbac74f95b5b7a3ad059d5c51cf42c7d43a5f18971f2dfca8bb1d86bf1c557aac390511a010a8c9d37a5906d78eb21c3f4d4ac848aa08ad39a2666a9b4658a2cbac1656f8245dd7285d2797d184133538a01bc6b24741f2e5e8547326dcf2c1cdc0025442b915dffe4784c61a69a6d8c11890bf3e383af0208a836c39f47f13ae6d63c5416ba87a41d559049eb2a2e43764a4a4f94ed755a413206e1da8abdb9371450922b369f0d913409556444ec2429fe7eb0f7f7a201e678f922e36714f74462d17971fd0d285fe06dc7711698dd620bc181d15d80bd61f52e961f88e1584710166f3488fc0139c4a53029fe7297d5472b7256c6c0d538d2e4b2be1ad93619c2fa7a3872fb6dda240bee5d1873bf14b4f2b7355838106024e13b9ffb9811e9b7f48ded763c7d032ab7dfc9de448dce27a1674678183f7d98dae9b40e6a44f2d775dc5edb19721cf66f9646c1561692959cf78842c78f34f96443d6a5eaf90f6e5b923dcaf3bed04a4642dd92d8fb47db09b6e280816bf059b3d761ece747b4aac04a498a1225d47e01c5536ac129998bb9a211c84d169c678e8f237bbb34ad03add"], &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0})
syz_usb_disconnect(r0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201010200000010ac0543024000010203010902240001010146cc6eaa020002030103d50921070040012284090905810300049c0a03"], &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0})

2m32.720738804s ago: executing program 0 (id=3387):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYRESHEX=r1, @ANYRES32=r1, @ANYRES16=0x0, @ANYRES32, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRESHEX=r1, @ANYRES64=r1], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket(0x10, 0x3, 0x0)
r4 = openat$smackfs_load(0xffffff9c, &(0x7f0000000180)='/sys/fs/smackfs/load-self\x00', 0x2, 0x0)
write$smackfs_load(r4, &(0x7f0000000200)=ANY=[], 0x11f)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, 0x0)
setregid(0xffffffffffffffff, r5)
faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r8 = dup(r7)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0x15)
ioctl$TIOCVHANGUP(r9, 0x5437, 0x0)
ioctl$BLKRRPART(r8, 0x125f, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="850000000500000084000000000000009500000000000000719cbb20b0d1880917c7ff879d900b2971e697b982298a4612ffd874a646458d366ad8552303d0472753a3e06cbb7fe8db5b64b55fb32f2db15dffee61c55f7b109b99a698a42681a04bb97ac41bdce76062f50b40af29772ef7c0e3db2d00630cb57c049e010c77bc8f266c5791ec7d1946139bd2a7fe4eb045a99c69eaaadd6f81c6203e62523d7d05cb8579c0e73728fd19a2b708ac3fee68a38665c50b39dae3aec6b4974e9dd4c6a15957775dadc415fa0ed0e4e6ad6f14f36c8e5e0fbb3a6efa2e2af974f567ac51dca539f0030e1393f2af5b4e4286cf9760"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000000)={0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94)

2m32.177214146s ago: executing program 0 (id=3390):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@delchain={0x48, 0x66, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @mcast1}]}}]}, 0x48}}, 0x1000000)

2m32.088713707s ago: executing program 5 (id=3391):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = inotify_init1(0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYRES16=r0, @ANYRESDEC=0x0])
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x24000408)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c16dd245f6855ed3195da573089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f664040000009e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e6c2918a52194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3601], &(0x7f00000001c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r7=>0x0})
mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r6, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r7, 0x0, 0x0, 0x0, <r8=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r6, 0x3b89, &(0x7f00000002c0)={0x18, 0x0, r8, r9, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000080)={0x28, 0x2, r9, 0x0, &(0x7f0000236000/0x800000)=nil, 0x800000, 0x400000000000000})

2m31.961431003s ago: executing program 0 (id=3393):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
bpf$MAP_UPDATE_BATCH(0x1b, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000030400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a4fdaf8800210063db002e00000011d7f3b6947cd55916a61b8cd44e"], 0x28}}, 0x4014)
mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000000e80)=0x9, 0x9, 0x1)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000000100)=0x7fffffff, 0x6, 0x0)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
ioctl$SIOCX25SFACILITIES(r1, 0x89e3, 0x0)
ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, 0xffffffffffffffff)
ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000000)='ntfs\x00', 0x9007, 0x0)

2m30.817976977s ago: executing program 5 (id=3394):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched_retired(r1, &(0x7f000001be80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000012fc0)=@newtfilter={0xdc, 0x2c, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xe, 0x9}, {0xa, 0x7}}, [@f_rsvp6={{0xa}, {0xac, 0x2, [@TCA_RSVP_POLICE={0x3c, 0x5, [@TCA_POLICE_RATE64={0xc, 0x8, 0x4}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfffffc01}, @TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_RESULT={0x8, 0x5, 0xff}]}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x0, 0x5}, {0x80000, 0x7, 0xd}, 0x0, 0x7, 0x8}}, @TCA_RSVP_ACT={0x4c, 0x6, [@m_mirred={0x48, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0x19, 0x6, "e4cf417efa2642cba79654a718ac75b462651a06c9"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0xdc}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

2m30.283209031s ago: executing program 5 (id=3396):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r0, 0x48079000)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18001c00fcffffff0000001f000000000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r4}, 0x10)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r5)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r5, r3, 0x4, r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
pselect6(0x40, &(0x7f0000000040)={0x8, 0x4, 0x8000000288d, 0x7fffffffffffffff, 0x400000008, 0x6, 0x2, 0x6}, 0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r9, 0x0)
preadv(r9, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000180)="0f01df0f01c30f20c06635000004000f22c0de26010026d21f3d0060b80c008ed0b884018ec02680660fd94326", 0x2d}], 0x1, 0xe, 0x0, 0x0)

2m30.172339541s ago: executing program 0 (id=3398):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000100)={'gre0\x00', 0x0, 0x80, 0x8, 0x3, 0x3, {{0x2f, 0x4, 0x2, 0xd, 0xbc, 0x68, 0x0, 0x2, 0x29, 0x0, @multicast1, @local, {[@timestamp_addr={0x44, 0x14, 0x3b, 0x1, 0x9, [{@dev={0xac, 0x14, 0x14, 0x40}, 0x5}, {@local, 0x9}]}, @rr={0x7, 0x27, 0x3e, [@dev={0xac, 0x14, 0x14, 0xb}, @multicast1, @loopback, @multicast2, @loopback, @private=0xa010100, @local, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp={0x44, 0xc, 0xa1, 0x0, 0x0, [0x38, 0xde4]}, @end, @rr={0x7, 0x7, 0xa2, [@broadcast]}, @lsrr={0x83, 0x13, 0x18, [@loopback, @local, @rand_addr=0x64010102, @loopback]}, @cipso={0x86, 0xc, 0xffffffffffffffff, [{0x7, 0x6, "9304b786"}]}, @timestamp_addr={0x44, 0x2c, 0x59, 0x1, 0x2, [{@multicast2, 0x8000}, {@multicast1, 0x4}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, {@empty}, {@loopback, 0x101}]}, @lsrr={0x83, 0xb, 0xe5, [@rand_addr=0x64010101, @rand_addr=0x64010100]}, @end]}}}}})
connect(r1, &(0x7f0000000200)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x0, {0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, '\x00', 0x42}, 0x1}}, 0x4b)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x3a)

2m28.572765405s ago: executing program 0 (id=3401):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0)
r5 = dup(r4)
fallocate(r5, 0x0, 0x0, 0x400)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xe0ffffff00000000}}, 0x1c)

2m15.0308015s ago: executing program 33 (id=3396):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r0, 0x48079000)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18001c00fcffffff0000001f000000000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r4}, 0x10)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r5)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r5, r3, 0x4, r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
pselect6(0x40, &(0x7f0000000040)={0x8, 0x4, 0x8000000288d, 0x7fffffffffffffff, 0x400000008, 0x6, 0x2, 0x6}, 0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r9, 0x0)
preadv(r9, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000180)="0f01df0f01c30f20c06635000004000f22c0de26010026d21f3d0060b80c008ed0b884018ec02680660fd94326", 0x2d}], 0x1, 0xe, 0x0, 0x0)

2m13.259250893s ago: executing program 34 (id=3401):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0)
r5 = dup(r4)
fallocate(r5, 0x0, 0x0, 0x400)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xe0ffffff00000000}}, 0x1c)

15.110616497s ago: executing program 2 (id=3737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = userfaultfd(0x80001)
readv(r3, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched_retired(r5, &(0x7f000001be80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000012fc0)=@newtfilter={0xf24, 0x2c, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xe, 0x9}, {0xa, 0x7}}, [@f_rsvp6={{0xa}, {0x70, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x0, 0x5}, {0x80000, 0x7, 0xd}, 0x0, 0x7, 0x8}}, @TCA_RSVP_ACT={0x4c, 0x6, [@m_mirred={0x48, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0x19, 0x6, "e4cf417efa2642cba79654a718ac75b462651a06c9"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @f_rsvp6={{0xa}, {0xe78, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0xfffffffc, 0x8, 0x3ff}, {0x3, 0xebc}, 0x2, 0x0, 0x31}}, @TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x11, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xe, 0x7, 0x6, 0x8b, 0x1}, 0x9, 0x3}, [{0xffffffff, 0xb, 0x17aa, 0x3, 0x7, 0x3dc}, {0xbd, 0x7, 0x7, 0x5, 0x77, 0x2}, {0x8, 0x5667, 0xfffffffc, 0xf, 0x7ff, 0xfff}, {0x401, 0xd051, 0x6, 0xfffffffa, 0x9, 0xfacf}, {0xf, 0x9, 0x4, 0xfffffffc, 0xda4, 0x7}, {0x8, 0x6, 0x9, 0x7fff, 0x3, 0x8c}, {0x8, 0x997, 0x4, 0x1000, 0x0, 0x637}, {0xbe, 0x8, 0x1, 0x200, 0xb5f1, 0x6}, {0x6, 0x2, 0xf18, 0x3, 0x6, 0x3}, {0x56, 0x80000000, 0xb, 0x9, 0x7, 0x8755}, {0x2, 0x2, 0x4, 0x3, 0x0, 0x4}, {0x200, 0x3, 0x2, 0x200, 0xc000000, 0xe2}, {0x5, 0x8000, 0x6, 0x5, 0xcb, 0xb}, {0xfff, 0x4, 0x7, 0x6, 0x0, 0x3}, {0x0, 0x4, 0x3, 0x4, 0x401, 0x8}, {0xff, 0x5, 0xcc, 0xd6, 0x4, 0xd}, {0x6, 0x6, 0x4, 0x9, 0x9, 0x9}, {0xfffffffe, 0x156191dc, 0x0, 0xffffffff, 0x2, 0xeb214f43}, {0x7f, 0x10, 0x9, 0x8, 0x4b5, 0x7fff}, {0x18, 0x8, 0xb, 0xfffffff9, 0x4, 0xfffffff9}, {0x3, 0x7, 0x8, 0x7e, 0x6, 0x4}, {0x1, 0x9, 0x8, 0x6, 0x401, 0x1}, {0x9, 0x1, 0xff, 0x2, 0x9, 0xe96}, {0x6, 0x2c8, 0x2bbd, 0x7, 0x996, 0x2}, {0x6, 0x5, 0x9, 0x7, 0x5, 0x804e}, {0x0, 0x800, 0x4, 0x2, 0xf5a, 0xc7f}, {0x7, 0xff, 0xffffff92, 0x8, 0x120000, 0x2}, {0x62e9, 0x5, 0x8, 0xffff, 0x0, 0x6}, {0xf, 0x3d, 0x1, 0x4, 0x4, 0x2}, {0x1, 0x520, 0xa, 0x7, 0x2, 0x1}, {0xfffffffa, 0x7, 0x3b3, 0x0, 0x7, 0x7fffffff}, {0x2, 0x8, 0x6, 0xb, 0x800, 0x4}, {0x6, 0x6421, 0x9, 0xfffffffc, 0x3, 0x6}, {0x93, 0x2, 0xfffffffd, 0xffffffff, 0xffffffff, 0x4}, {0x3, 0x2, 0x5, 0x0, 0x87c, 0x4217}, {0x80000001, 0x1, 0xfff, 0x7fffffff, 0x1, 0x4}, {0xfffffff8, 0x400, 0x7e00, 0x2, 0x6, 0x4}, {0x9, 0x40, 0x9, 0xfa1b, 0x800, 0xfffff2e5}, {0x5, 0x6, 0x3, 0x0, 0x80000001, 0xe25}, {0x400, 0x1, 0x4, 0x9, 0x6, 0x8}, {0x0, 0x401, 0x7fffffff, 0xfffffffe, 0x5, 0x3}, {0x101, 0x8, 0x4, 0x8, 0x5, 0x2}, {0xce86, 0x9, 0x1, 0x950, 0x9, 0xa7}, {0x27d, 0x8, 0xfffffff8, 0x8, 0x8}, {0x3, 0x2, 0x7, 0x8, 0xa9}, {0x9e, 0x6, 0x7, 0x80000000, 0x7, 0x7}, {0x9, 0x7, 0x0, 0x80000001, 0x1, 0xf}, {0x1, 0xffff, 0xa7, 0x10000, 0x16931a3f, 0x9}, {0xff, 0x1, 0xfffff801, 0x6, 0x8, 0x8e}, {0x3ff, 0xfffffff0, 0x0, 0x3, 0x0, 0x1}, {0xfffffff0, 0x1, 0x1d1, 0x8, 0xffffffff, 0x2}, {0x9, 0x56, 0xb, 0x40, 0xfffffff9, 0xc96}, {0x6b, 0x9, 0x1, 0x401, 0x8001}, {0x6fe, 0x5121, 0xae04, 0x3, 0x7, 0xbfb8}, {0xd, 0x7ff, 0x2fed, 0xb, 0x6, 0x27}, {0xfff, 0x9, 0x1c8, 0x8, 0xf7e, 0x1ff}, {0x0, 0x8, 0xd9, 0x8001, 0x1, 0xcde9}, {0x74, 0xe911, 0xfff, 0x22, 0x3, 0x5}, {0x401, 0x3, 0xff, 0x9, 0xfff, 0x4788}, {0x1eaa, 0x0, 0xfffffff8, 0x6, 0xff0000, 0x1ff}, {0x8001, 0xfbef, 0x9, 0x8d7e, 0x7, 0x3}, {0x9b7e, 0xffff, 0x7, 0x1, 0x1, 0x8}, {0xffffffff, 0x80, 0x7, 0xae, 0x3, 0x6}, {0xd81, 0xe, 0xdb, 0x5, 0x8369, 0x10001}, {0xa, 0x5, 0x7fffffff, 0x5, 0x80000000, 0x6}, {0x9a, 0x6, 0x5, 0x10001, 0x2004, 0x5}, {0x1, 0x4, 0x0, 0x87, 0x8001, 0x200}, {0x3, 0xc, 0x1, 0xe467, 0x77, 0xff}, {0x50dc, 0x0, 0x10001, 0x9, 0x2, 0x3}, {0x8001, 0x3e6, 0x400, 0x48a1, 0x8, 0x9}, {0x7, 0x26a4, 0x2, 0xdfd9, 0x4, 0x2}, {0x8, 0xdb, 0x5, 0x4, 0xab, 0x66df}, {0x10000, 0x3c83, 0x2, 0x3, 0x7, 0x4c}, {0x7, 0xebee, 0x7fff, 0xffffff4d, 0x3, 0x5}, {0x5, 0x1000, 0x1, 0xd27, 0x1, 0xbea}, {0x7fffffff, 0xc60, 0x7fffffff, 0x64}, {0x9, 0xfffffffe, 0xf, 0x1, 0x6, 0x9}, {0x10000, 0x2, 0x3ff, 0x2, 0x2, 0x3317}, {0x2a4a, 0x1, 0xe, 0xfffffffe, 0x6, 0xffff}, {0x2b, 0x7, 0xfffffffe, 0x0, 0x6, 0xe}, {0x9, 0x7, 0x7, 0x400, 0x4}, {0x8, 0x1, 0x8000, 0xeafc, 0x80, 0x4}, {0x7, 0x8, 0xfffffff7, 0x5, 0x2}, {0x0, 0x9, 0x6, 0x5, 0x80000001, 0x80000000}, {0x4, 0x100, 0xd, 0x4, 0xc}, {0x4, 0x6, 0x9, 0x8, 0xfffffffc, 0x7fff}, {0x10000, 0x4155, 0x4, 0x9d19, 0xff, 0xfff}, {0x9, 0xfffffff2, 0x6, 0xfffffffa, 0x80, 0x8}, {0x94e, 0x1, 0x101, 0x3, 0x0, 0xc772}, {0x3, 0x6, 0x9, 0x25d73910, 0x1, 0x3}, {0x5, 0x7, 0x7, 0xb, 0x7dbe, 0x6}, {0xf21, 0x2, 0x2, 0x8, 0x7, 0x9}, {0x2096, 0x7, 0x4, 0x8001, 0x2, 0x8}, {0x3, 0x5, 0x1, 0x2, 0x3e4, 0x40}, {0xfffffffd, 0xe, 0x5, 0x6, 0xd, 0x2}, {0x926, 0x8000, 0x1, 0x5, 0x6, 0x4}, {0x8, 0x5, 0x5, 0x3, 0x0, 0x1}, {0x2, 0x11b, 0x1, 0x7, 0x6}, {0x3, 0x1, 0xe, 0x7, 0x9, 0x3}, {0x9, 0x2737, 0x4b, 0x2, 0x80000000, 0x2130}, {0x10000, 0x2, 0x672, 0x5, 0x7}, {0x94, 0x2, 0xff, 0x0, 0x400, 0x5}, {0x9, 0xc, 0x101, 0x1, 0x3, 0x8f}, {0x3ff, 0x6, 0x10000, 0x10000, 0x800}, {0x0, 0x1, 0x3, 0x2, 0x4, 0x8}, {0x5, 0x80000001, 0x1, 0x81, 0x6, 0x4}, {0x1, 0x6, 0x51, 0xfffffff7, 0x0, 0x61000}, {0x80000000, 0x7, 0x8, 0x5, 0x40, 0x9c0}, {0x2, 0x7, 0x9, 0x8, 0xf4c5, 0x4}, {0x800, 0x1, 0x5, 0x0, 0x2, 0xeb6f}, {0x80000000, 0x8000, 0x10000, 0x7, 0x6, 0x8}, {0x0, 0x7, 0x4, 0x9, 0x1, 0x400}, {0xfffffffb, 0x9, 0x7f, 0x40, 0x0, 0x9}, {0x7fff, 0x0, 0x9, 0x1000, 0x7fff, 0x2}, {0x8, 0x9, 0x0, 0x6, 0xb02a, 0x10}, {0x8, 0x1ff, 0x401, 0xa44, 0x200, 0x1}, {0x4, 0xd, 0x9, 0x9, 0xfd, 0x9}, {0x3, 0x1, 0x6, 0xffffffff, 0x7f, 0x5}, {0x6, 0xc7, 0xd1, 0x0, 0xa70, 0x2}, {0xdc, 0x7, 0x8, 0x2, 0x81, 0xf}, {0x8000, 0x3ff, 0x2, 0x9, 0x6, 0x2}, {0x5, 0x6, 0xffff, 0x81, 0x6d, 0x101}, {0x40, 0x5, 0x10001, 0x38, 0x7, 0x5}, {0x5, 0x6, 0x7, 0x7fff, 0x7, 0x13f}, {0x8, 0x0, 0x1, 0xc87, 0x2, 0x9}, {0x10000, 0x0, 0x8, 0x101, 0x0, 0x25c8049d}, {0x2, 0xb767, 0x9, 0x5, 0x9, 0xafc}, {0x2, 0x444e, 0xe, 0x14d, 0x7f, 0x2c}], [{0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x4}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {}, {0x3, 0x1}, {0x8, 0x1}, {0x4}, {0x3}, {0x1}, {0x2}, {0x5, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x0, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x2, 0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x4, 0x1}, {0x3}, {0x3}, {0x3}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x4, 0x1}, {0xfcbb88fdd7d75dad, 0x1}, {0x3}, {}, {0x2, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0xcfa1d4745281e144}, {0x3, 0x1}, {0x5}, {0x2, 0x3}, {0x4}, {0x1, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {}, {0x2}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x4}, {0x2, 0x1}, {0x1}, {}, {0x2}, {0x3, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x2}, {0x5}, {0x2}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0xf24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

12.177786243s ago: executing program 7 (id=3743):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
r0 = socket$inet(0x2, 0x3, 0x5)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000100000001000000000000000000000000000000a9364e94580a675a649421c7bb0fe40de8b0df13e7a529ca66dac6503362fc2dedd8a65b06c26d9e6c41913d349917ec4ca0cf0d3e98c0cf8d1e51a9f782d2b18fe98a445cbcc325ab594df190d141066f068ee78fc60a1a857a1406ab629ae053232ee3400f8ea45fb853b7ec4b4b4c9b1b65054912840b8ff4e307c816a1b0fed2f40c91615e576b4d84c979002784d9805cfc31cb248f27b500b9209d8908b4"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe, 0x0, &(0x7f0000000300)="14fd54ab72df97e6256c00000000", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000680)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0602a759f400000004000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f00000003c0)='ip_vti0\x00')
socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r9=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r7, 0x84, 0x6, &(0x7f0000000380)={r9, @in={{0x2, 0x4e20, @rand_addr=0x64010102}}}, &(0x7f0000000100)=0x84)

11.960566313s ago: executing program 6 (id=3745):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mq_open(0x0, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
clock_gettime(0x0, 0x0)
r1 = add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='X', 0x5d, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r2, r2}, 0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={'md5-generic\x00'}})

10.870480411s ago: executing program 6 (id=3748):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0}, &(0x7f0000000240)=0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="240000002d0001000000000000000000089f3ca0416551aed92f5a2211f08c3088d5d6f41d5765e857bd3dc84563010e48041374f9567b15002950c54ff203af7ffb3dc93158dbf4ad1f529100"/88, @ANYRES32=r1, @ANYBLOB="0b000080976b64087c603000"], 0x24}], 0x1}, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240), 0x2, &(0x7f00000007c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@userxattr}, {@workdir}, {@xino_off}, {@xino_off}, {@index_off}], [{@dont_hash}, {@measure}, {@dont_hash}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@dont_hash}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@context={'context', 0x3d, 'system_u'}}]})
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r8, 0x40047451, &(0x7f0000000200))
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r8, &(0x7f0000000080)=[{&(0x7f00000004c0)="00214717a70700000008030600710a5e31163ceb9d04", 0x16}], 0x1, 0x0, 0x0)
setregid(0xffffffffffffffff, r7)
setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000300)={r2, r5, r7}, 0xc)
pipe2$9p(&(0x7f0000000240)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r10, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r11 = dup(r4)
write$FUSE_BMAP(r11, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec0400339b8fd15e58a83b3da942"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r12=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',privport,access=', @ANYRESDEC=r12])
mount$nfs4(&(0x7f0000000000)='/(^\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x140400, &(0x7f0000000500)={[{'\x8b'}, {'#^(-'}], [{@uid_eq}, {@pcr={'pcr', 0x3d, 0xb}}, {@fowner_lt={'fowner<', r1}}, {@fowner_eq={'fowner', 0x3d, r5}}, {@obj_role={'obj_role', 0x3d, '.'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@subj_user={'subj_user', 0x3d, '-'}}, {@fsmagic={'fsmagic', 0x3d, 0xd16}}, {@euid_lt={'euid<', r12}}, {@fsmagic={'fsmagic', 0x3d, 0x1}}]})
unshare(0x20400)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)

10.784817655s ago: executing program 7 (id=3749):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={0x0, 0x80}, 0x1, 0x7}, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_clone3(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000004c0)='net/ipv6_route\x00')
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00000000c0)=0x101, 0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x8b}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
sendmmsg$inet(r3, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0, 0x0, 0x0, 0x0, 0x6000000}}], 0x40001b6, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_ifreq(r1, 0x8910, 0x0)

9.827831275s ago: executing program 2 (id=3750):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
r0 = getpid()
prlimit64(r0, 0xd, &(0x7f0000000380)={0x2, 0x5}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
futex(&(0x7f0000000180)=0x2, 0x6, 0x2, &(0x7f0000000240)={0x0, 0x3938700}, &(0x7f0000000340)=0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x9, @empty, 0x200000}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e2200fffffdef000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="540100001900110000000000000000001d01000015000400000000000000000018feb80ad2196423070000000800050008000000"], 0x154}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

9.806133548s ago: executing program 1 (id=3751):
socket$inet6(0xa, 0x800, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f0200c00e7f4e32f61bcdf1e422000000000100802000000000001000aadc28da3457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

8.820468927s ago: executing program 7 (id=3753):
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)
readv(r4, 0x0, 0x0)
close(r3)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
r6 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched_retired(r6, &(0x7f000001be80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000012fc0)=@newtfilter={0xf54, 0x2c, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xe, 0x9}, {0xa, 0x7}}, [@f_rsvp6={{0xa}, {0xa0, 0x2, [@TCA_RSVP_POLICE={0x3c, 0x5, [@TCA_POLICE_RATE64={0xc, 0x8, 0x4}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfffffc01}, @TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_RESULT={0x8, 0x5, 0xff}]}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x0, 0x5}, {0x80000, 0x7, 0xd}, 0x0, 0x7, 0x8}}, @TCA_RSVP_ACT={0x40, 0x6, [@m_mirred={0x3c, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0xf, 0x6, "e4cf417efa2642cba79654"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @f_rsvp6={{0xa}, {0xe78, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0xfffffffc, 0x8, 0x3ff}, {0x3, 0xebc}, 0x2, 0x0, 0x31}}, @TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x11, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xe, 0x7, 0x6, 0x8b, 0x1}, 0x9, 0x3}, [{0xffffffff, 0xb, 0x17aa, 0x3, 0x7, 0x3dc}, {0xbd, 0x7, 0x7, 0x5, 0x77, 0x2}, {0x8, 0x5667, 0xfffffffc, 0xf, 0x7ff, 0xfff}, {0x401, 0xd051, 0x6, 0xfffffffa, 0x9, 0xfacf}, {0xf, 0x9, 0x4, 0xfffffffc, 0xda4, 0x7}, {0x8, 0x6, 0x9, 0x7fff, 0x3, 0x8c}, {0x8, 0x997, 0x4, 0x1000, 0x0, 0x637}, {0xbe, 0x8, 0x1, 0x200, 0xb5f1, 0x6}, {0x6, 0x2, 0xf18, 0x3, 0x6, 0x3}, {0x56, 0x80000000, 0xb, 0x9, 0x7, 0x8755}, {0x2, 0x2, 0x4, 0x3, 0x0, 0x4}, {0x200, 0x3, 0x2, 0x200, 0xc000000, 0xe2}, {0x5, 0x8000, 0x6, 0x5, 0xcb, 0xb}, {0xfff, 0x4, 0x7, 0x6, 0x0, 0x3}, {0x0, 0x4, 0x3, 0x4, 0x401, 0x8}, {0xff, 0x5, 0xcc, 0xd6, 0x4, 0xd}, {0x6, 0x6, 0x4, 0x9, 0x9, 0x9}, {0xfffffffe, 0x156191dc, 0x0, 0xffffffff, 0x2, 0xeb214f43}, {0x7f, 0x10, 0x9, 0x8, 0x4b5, 0x7fff}, {0x18, 0x8, 0xb, 0xfffffff9, 0x4, 0xfffffff9}, {0x3, 0x7, 0x8, 0x7e, 0x6, 0x4}, {0x1, 0x9, 0x8, 0x6, 0x401, 0x1}, {0x9, 0x1, 0xff, 0x2, 0x9, 0xe96}, {0x6, 0x2c8, 0x2bbd, 0x7, 0x996, 0x2}, {0x6, 0x5, 0x9, 0x7, 0x5, 0x804e}, {0x0, 0x800, 0x4, 0x2, 0xf5a, 0xc7f}, {0x7, 0xff, 0xffffff92, 0x8, 0x120000, 0x2}, {0x62e9, 0x5, 0x8, 0xffff, 0x0, 0x6}, {0xf, 0x3d, 0x1, 0x4, 0x4, 0x2}, {0x1, 0x520, 0xa, 0x7, 0x2, 0x1}, {0xfffffffa, 0x7, 0x3b3, 0x0, 0x7, 0x7fffffff}, {0x2, 0x8, 0x6, 0xb, 0x800, 0x4}, {0x6, 0x6421, 0x9, 0xfffffffc, 0x3, 0x6}, {0x93, 0x2, 0xfffffffd, 0xffffffff, 0xffffffff, 0x4}, {0x3, 0x2, 0x5, 0x0, 0x87c, 0x4217}, {0x80000001, 0x1, 0xfff, 0x7fffffff, 0x1, 0x4}, {0xfffffff8, 0x400, 0x7e00, 0x2, 0x6, 0x4}, {0x9, 0x40, 0x9, 0xfa1b, 0x800, 0xfffff2e5}, {0x5, 0x6, 0x3, 0x0, 0x80000001, 0xe25}, {0x400, 0x1, 0x4, 0x9, 0x6, 0x8}, {0x0, 0x401, 0x7fffffff, 0xfffffffe, 0x5, 0x3}, {0x101, 0x8, 0x4, 0x8, 0x5, 0x2}, {0xce86, 0x9, 0x1, 0x950, 0x9, 0xa7}, {0x27d, 0x8, 0xfffffff8, 0x8, 0x8}, {0x3, 0x2, 0x7, 0x8, 0xa9}, {0x9e, 0x6, 0x7, 0x80000000, 0x7, 0x7}, {0x9, 0x7, 0x0, 0x80000001, 0x1, 0xf}, {0x1, 0xffff, 0xa7, 0x10000, 0x16931a3f, 0x9}, {0xff, 0x1, 0xfffff801, 0x6, 0x8, 0x8e}, {0x3ff, 0xfffffff0, 0x0, 0x3, 0x0, 0x1}, {0xfffffff0, 0x1, 0x1d1, 0x8, 0xffffffff, 0x2}, {0x9, 0x56, 0xb, 0x40, 0xfffffff9, 0xc96}, {0x6b, 0x9, 0x1, 0x401, 0x8001}, {0x6fe, 0x5121, 0xae04, 0x3, 0x7, 0xbfb8}, {0xd, 0x7ff, 0x2fed, 0xb, 0x6, 0x27}, {0xfff, 0x9, 0x1c8, 0x8, 0xf7e, 0x1ff}, {0x0, 0x8, 0xd9, 0x8001, 0x1, 0xcde9}, {0x74, 0xe911, 0xfff, 0x22, 0x3, 0x5}, {0x401, 0x3, 0xff, 0x9, 0xfff, 0x4788}, {0x1eaa, 0x0, 0xfffffff8, 0x6, 0xff0000, 0x1ff}, {0x8001, 0xfbef, 0x9, 0x8d7e, 0x7, 0x3}, {0x9b7e, 0xffff, 0x7, 0x1, 0x1, 0x8}, {0xffffffff, 0x80, 0x7, 0xae, 0x3, 0x6}, {0xd81, 0xe, 0xdb, 0x5, 0x8369, 0x10001}, {0xa, 0x5, 0x7fffffff, 0x5, 0x80000000, 0x6}, {0x9a, 0x6, 0x5, 0x10001, 0x2004, 0x5}, {0x1, 0x4, 0x0, 0x87, 0x8001, 0x200}, {0x3, 0xc, 0x1, 0xe467, 0x77, 0xff}, {0x50dc, 0x0, 0x10001, 0x9, 0x2, 0x3}, {0x8001, 0x3e6, 0x400, 0x48a1, 0x8, 0x9}, {0x7, 0x26a4, 0x2, 0xdfd9, 0x4, 0x2}, {0x8, 0xdb, 0x5, 0x4, 0xab, 0x66df}, {0x10000, 0x3c83, 0x2, 0x3, 0x7, 0x4c}, {0x7, 0xebee, 0x7fff, 0xffffff4d, 0x3, 0x5}, {0x5, 0x1000, 0x1, 0xd27, 0x1, 0xbea}, {0x7fffffff, 0xc60, 0x7fffffff, 0x64}, {0x9, 0xfffffffe, 0xf, 0x1, 0x6, 0x9}, {0x10000, 0x2, 0x3ff, 0x2, 0x2, 0x3317}, {0x2a4a, 0x1, 0xe, 0xfffffffe, 0x6, 0xffff}, {0x2b, 0x7, 0xfffffffe, 0x0, 0x6, 0xe}, {0x9, 0x7, 0x7, 0x400, 0x4}, {0x8, 0x1, 0x8000, 0xeafc, 0x80, 0x4}, {0x7, 0x8, 0xfffffff7, 0x5, 0x2}, {0x0, 0x9, 0x6, 0x5, 0x80000001, 0x80000000}, {0x4, 0x100, 0xd, 0x4, 0xc}, {0x4, 0x6, 0x9, 0x8, 0xfffffffc, 0x7fff}, {0x10000, 0x4155, 0x4, 0x9d19, 0xff, 0xfff}, {0x9, 0xfffffff2, 0x6, 0xfffffffa, 0x80, 0x8}, {0x94e, 0x1, 0x101, 0x3, 0x0, 0xc772}, {0x3, 0x6, 0x9, 0x25d73910, 0x1, 0x3}, {0x5, 0x7, 0x7, 0xb, 0x7dbe, 0x6}, {0xf21, 0x2, 0x2, 0x8, 0x7, 0x9}, {0x2096, 0x7, 0x4, 0x8001, 0x2, 0x8}, {0x3, 0x5, 0x1, 0x2, 0x3e4, 0x40}, {0xfffffffd, 0xe, 0x5, 0x6, 0xd, 0x2}, {0x926, 0x8000, 0x1, 0x5, 0x6, 0x4}, {0x8, 0x5, 0x5, 0x3, 0x0, 0x1}, {0x2, 0x11b, 0x1, 0x7, 0x6}, {0x3, 0x1, 0xe, 0x7, 0x9, 0x3}, {0x9, 0x2737, 0x4b, 0x2, 0x80000000, 0x2130}, {0x10000, 0x2, 0x672, 0x5, 0x7}, {0x94, 0x2, 0xff, 0x0, 0x400, 0x5}, {0x9, 0xc, 0x101, 0x1, 0x3, 0x8f}, {0x3ff, 0x6, 0x10000, 0x10000, 0x800}, {0x0, 0x1, 0x3, 0x2, 0x4, 0x8}, {0x5, 0x80000001, 0x1, 0x81, 0x6, 0x4}, {0x1, 0x6, 0x51, 0xfffffff7, 0x0, 0x61000}, {0x80000000, 0x7, 0x8, 0x5, 0x40, 0x9c0}, {0x2, 0x7, 0x9, 0x8, 0xf4c5, 0x4}, {0x800, 0x1, 0x5, 0x0, 0x2, 0xeb6f}, {0x80000000, 0x8000, 0x10000, 0x7, 0x6, 0x8}, {0x0, 0x7, 0x4, 0x9, 0x1, 0x400}, {0xfffffffb, 0x9, 0x7f, 0x40, 0x0, 0x9}, {0x7fff, 0x0, 0x9, 0x1000, 0x7fff, 0x2}, {0x8, 0x9, 0x0, 0x6, 0xb02a, 0x10}, {0x8, 0x1ff, 0x401, 0xa44, 0x200, 0x1}, {0x4, 0xd, 0x9, 0x9, 0xfd, 0x9}, {0x3, 0x1, 0x6, 0xffffffff, 0x7f, 0x5}, {0x6, 0xc7, 0xd1, 0x0, 0xa70, 0x2}, {0xdc, 0x7, 0x8, 0x2, 0x81, 0xf}, {0x8000, 0x3ff, 0x2, 0x9, 0x6, 0x2}, {0x5, 0x6, 0xffff, 0x81, 0x6d, 0x101}, {0x40, 0x5, 0x10001, 0x38, 0x7, 0x5}, {0x5, 0x6, 0x7, 0x7fff, 0x7, 0x13f}, {0x8, 0x0, 0x1, 0xc87, 0x2, 0x9}, {0x10000, 0x0, 0x8, 0x101, 0x0, 0x25c8049d}, {0x2, 0xb767, 0x9, 0x5, 0x9, 0xafc}, {0x2, 0x444e, 0xe, 0x14d, 0x7f, 0x2c}], [{0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x4}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {}, {0x3, 0x1}, {0x8, 0x1}, {0x4}, {0x3}, {0x1}, {0x2}, {0x5, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x0, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x2, 0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x4, 0x1}, {0x3}, {0x3}, {0x3}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x4, 0x1}, {0xfcbb88fdd7d75dad, 0x1}, {0x3}, {}, {0x2, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0xcfa1d4745281e144}, {0x3, 0x1}, {0x5}, {0x2, 0x3}, {0x4}, {0x1, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {}, {0x2}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x4}, {0x2, 0x1}, {0x1}, {}, {0x2}, {0x3, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x2}, {0x5}, {0x2}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0xf54}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

8.80684094s ago: executing program 2 (id=3754):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$vhost_vsock(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="020000000400000008000000010000008000000049c0f139bfa26527e5b2eb49e34cfcf905f9f2826fda20fd662e1a4e5e72424b72cb5cf6b4fe8d16ff10d5f8da1541e45a93f87fcb7de1aa5e995523613f508b88e3", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r2}, 0x4)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
prlimit64(r1, 0x3, &(0x7f0000000040)={0x7ffffffffffffffc, 0x808b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = epoll_create1(0x0)
r4 = socket(0x1, 0x80802, 0xefe)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0)={0x10000001})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x2, r4, 0x0)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r0], 0x48)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x18)

8.597741991s ago: executing program 1 (id=3755):
socket(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0x0, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x1}]}}]}, 0x3c}}, 0x4000)

7.352739972s ago: executing program 6 (id=3756):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000001300)={'team0\x00', <r3=>0x0})
syz_emit_ethernet(0x2a, &(0x7f0000000300)={@random="e90c630faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0xe000, 0xff, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x8}}}}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100", @ANYRES32=r3, @ANYBLOB="4400028040000100240001007072696f7269747900"/32, @ANYRES32=0x0], 0x60}}, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x2b6183, 0x0)
ioctl$IOMMU_DESTROY$stdev(r4, 0x3b80, &(0x7f0000000040)={0x8})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x200000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00'}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r5, 0x0, 0x3}, 0x18)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
ptrace(0x10, 0x0)
ptrace$getregset(0x4205, 0x0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
sched_setscheduler(0x0, 0x0, &(0x7f0000000340)=0xa)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r2)
r6 = epoll_create1(0x80000)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x20000014})
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r8, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r8, 0x0, 0x30, &(0x7f00000012c0)={0x2, {{0x2, 0x0, @multicast2}}, 0x0, 0xa, [{{0x2, 0x0, @broadcast}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x0, @loopback}}, {{0x2, 0x0, @empty}}, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}, {{0x2, 0x0, @loopback}}]}, 0x590)
setsockopt$inet_group_source_req(r8, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0xa0000001})
epoll_wait(r7, &(0x7f0000000380)=[{}], 0x1, 0x1004)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

7.18626261s ago: executing program 1 (id=3757):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0xfffd, 0x8000000, @loopback, 0x3}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async)
r1 = dup(r0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r3, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1}}}}, 0x30}}, 0x0) (async)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x30, r3, 0x20, 0x70bd2c, 0x25dfdbfd, {{}, {}, {0x14, 0x19, {0x200, 0x0, 0xffffffc0, 0x9}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x303}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x2, 0x4)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000280)={@mcast1, <r5=>0x0}, &(0x7f0000000300)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0x19, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf6e2}}, @call={0x85, 0x0, 0x0, 0xc6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x8, 0x9c, &(0x7f0000000480)=""/156, 0x40f00, 0x6f, '\x00', r5, @fallback=0x33, r1, 0x8, &(0x7f0000000540)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x3, 0x7, 0x40, 0x7}, 0x10, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

6.116873273s ago: executing program 7 (id=3758):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mq_open(0x0, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
clock_gettime(0x0, 0x0)
r1 = add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='X', 0x5d, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r2, r2}, 0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={'md5-generic\x00'}})

5.020702231s ago: executing program 1 (id=3760):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = userfaultfd(0x80001)
readv(r3, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched_retired(r5, &(0x7f000001be80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000012fc0)=@newtfilter={0xf24, 0x2c, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xe, 0x9}, {0xa, 0x7}}, [@f_rsvp6={{0xa}, {0x70, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x0, 0x5}, {0x80000, 0x7, 0xd}, 0x0, 0x7, 0x8}}, @TCA_RSVP_ACT={0x4c, 0x6, [@m_mirred={0x48, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0x19, 0x6, "e4cf417efa2642cba79654a718ac75b462651a06c9"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @f_rsvp6={{0xa}, {0xe78, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0xfffffffc, 0x8, 0x3ff}, {0x3, 0xebc}, 0x2, 0x0, 0x31}}, @TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x11, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xe, 0x7, 0x6, 0x8b, 0x1}, 0x9, 0x3}, [{0xffffffff, 0xb, 0x17aa, 0x3, 0x7, 0x3dc}, {0xbd, 0x7, 0x7, 0x5, 0x77, 0x2}, {0x8, 0x5667, 0xfffffffc, 0xf, 0x7ff, 0xfff}, {0x401, 0xd051, 0x6, 0xfffffffa, 0x9, 0xfacf}, {0xf, 0x9, 0x4, 0xfffffffc, 0xda4, 0x7}, {0x8, 0x6, 0x9, 0x7fff, 0x3, 0x8c}, {0x8, 0x997, 0x4, 0x1000, 0x0, 0x637}, {0xbe, 0x8, 0x1, 0x200, 0xb5f1, 0x6}, {0x6, 0x2, 0xf18, 0x3, 0x6, 0x3}, {0x56, 0x80000000, 0xb, 0x9, 0x7, 0x8755}, {0x2, 0x2, 0x4, 0x3, 0x0, 0x4}, {0x200, 0x3, 0x2, 0x200, 0xc000000, 0xe2}, {0x5, 0x8000, 0x6, 0x5, 0xcb, 0xb}, {0xfff, 0x4, 0x7, 0x6, 0x0, 0x3}, {0x0, 0x4, 0x3, 0x4, 0x401, 0x8}, {0xff, 0x5, 0xcc, 0xd6, 0x4, 0xd}, {0x6, 0x6, 0x4, 0x9, 0x9, 0x9}, {0xfffffffe, 0x156191dc, 0x0, 0xffffffff, 0x2, 0xeb214f43}, {0x7f, 0x10, 0x9, 0x8, 0x4b5, 0x7fff}, {0x18, 0x8, 0xb, 0xfffffff9, 0x4, 0xfffffff9}, {0x3, 0x7, 0x8, 0x7e, 0x6, 0x4}, {0x1, 0x9, 0x8, 0x6, 0x401, 0x1}, {0x9, 0x1, 0xff, 0x2, 0x9, 0xe96}, {0x6, 0x2c8, 0x2bbd, 0x7, 0x996, 0x2}, {0x6, 0x5, 0x9, 0x7, 0x5, 0x804e}, {0x0, 0x800, 0x4, 0x2, 0xf5a, 0xc7f}, {0x7, 0xff, 0xffffff92, 0x8, 0x120000, 0x2}, {0x62e9, 0x5, 0x8, 0xffff, 0x0, 0x6}, {0xf, 0x3d, 0x1, 0x4, 0x4, 0x2}, {0x1, 0x520, 0xa, 0x7, 0x2, 0x1}, {0xfffffffa, 0x7, 0x3b3, 0x0, 0x7, 0x7fffffff}, {0x2, 0x8, 0x6, 0xb, 0x800, 0x4}, {0x6, 0x6421, 0x9, 0xfffffffc, 0x3, 0x6}, {0x93, 0x2, 0xfffffffd, 0xffffffff, 0xffffffff, 0x4}, {0x3, 0x2, 0x5, 0x0, 0x87c, 0x4217}, {0x80000001, 0x1, 0xfff, 0x7fffffff, 0x1, 0x4}, {0xfffffff8, 0x400, 0x7e00, 0x2, 0x6, 0x4}, {0x9, 0x40, 0x9, 0xfa1b, 0x800, 0xfffff2e5}, {0x5, 0x6, 0x3, 0x0, 0x80000001, 0xe25}, {0x400, 0x1, 0x4, 0x9, 0x6, 0x8}, {0x0, 0x401, 0x7fffffff, 0xfffffffe, 0x5, 0x3}, {0x101, 0x8, 0x4, 0x8, 0x5, 0x2}, {0xce86, 0x9, 0x1, 0x950, 0x9, 0xa7}, {0x27d, 0x8, 0xfffffff8, 0x8, 0x8}, {0x3, 0x2, 0x7, 0x8, 0xa9}, {0x9e, 0x6, 0x7, 0x80000000, 0x7, 0x7}, {0x9, 0x7, 0x0, 0x80000001, 0x1, 0xf}, {0x1, 0xffff, 0xa7, 0x10000, 0x16931a3f, 0x9}, {0xff, 0x1, 0xfffff801, 0x6, 0x8, 0x8e}, {0x3ff, 0xfffffff0, 0x0, 0x3, 0x0, 0x1}, {0xfffffff0, 0x1, 0x1d1, 0x8, 0xffffffff, 0x2}, {0x9, 0x56, 0xb, 0x40, 0xfffffff9, 0xc96}, {0x6b, 0x9, 0x1, 0x401, 0x8001}, {0x6fe, 0x5121, 0xae04, 0x3, 0x7, 0xbfb8}, {0xd, 0x7ff, 0x2fed, 0xb, 0x6, 0x27}, {0xfff, 0x9, 0x1c8, 0x8, 0xf7e, 0x1ff}, {0x0, 0x8, 0xd9, 0x8001, 0x1, 0xcde9}, {0x74, 0xe911, 0xfff, 0x22, 0x3, 0x5}, {0x401, 0x3, 0xff, 0x9, 0xfff, 0x4788}, {0x1eaa, 0x0, 0xfffffff8, 0x6, 0xff0000, 0x1ff}, {0x8001, 0xfbef, 0x9, 0x8d7e, 0x7, 0x3}, {0x9b7e, 0xffff, 0x7, 0x1, 0x1, 0x8}, {0xffffffff, 0x80, 0x7, 0xae, 0x3, 0x6}, {0xd81, 0xe, 0xdb, 0x5, 0x8369, 0x10001}, {0xa, 0x5, 0x7fffffff, 0x5, 0x80000000, 0x6}, {0x9a, 0x6, 0x5, 0x10001, 0x2004, 0x5}, {0x1, 0x4, 0x0, 0x87, 0x8001, 0x200}, {0x3, 0xc, 0x1, 0xe467, 0x77, 0xff}, {0x50dc, 0x0, 0x10001, 0x9, 0x2, 0x3}, {0x8001, 0x3e6, 0x400, 0x48a1, 0x8, 0x9}, {0x7, 0x26a4, 0x2, 0xdfd9, 0x4, 0x2}, {0x8, 0xdb, 0x5, 0x4, 0xab, 0x66df}, {0x10000, 0x3c83, 0x2, 0x3, 0x7, 0x4c}, {0x7, 0xebee, 0x7fff, 0xffffff4d, 0x3, 0x5}, {0x5, 0x1000, 0x1, 0xd27, 0x1, 0xbea}, {0x7fffffff, 0xc60, 0x7fffffff, 0x64}, {0x9, 0xfffffffe, 0xf, 0x1, 0x6, 0x9}, {0x10000, 0x2, 0x3ff, 0x2, 0x2, 0x3317}, {0x2a4a, 0x1, 0xe, 0xfffffffe, 0x6, 0xffff}, {0x2b, 0x7, 0xfffffffe, 0x0, 0x6, 0xe}, {0x9, 0x7, 0x7, 0x400, 0x4}, {0x8, 0x1, 0x8000, 0xeafc, 0x80, 0x4}, {0x7, 0x8, 0xfffffff7, 0x5, 0x2}, {0x0, 0x9, 0x6, 0x5, 0x80000001, 0x80000000}, {0x4, 0x100, 0xd, 0x4, 0xc}, {0x4, 0x6, 0x9, 0x8, 0xfffffffc, 0x7fff}, {0x10000, 0x4155, 0x4, 0x9d19, 0xff, 0xfff}, {0x9, 0xfffffff2, 0x6, 0xfffffffa, 0x80, 0x8}, {0x94e, 0x1, 0x101, 0x3, 0x0, 0xc772}, {0x3, 0x6, 0x9, 0x25d73910, 0x1, 0x3}, {0x5, 0x7, 0x7, 0xb, 0x7dbe, 0x6}, {0xf21, 0x2, 0x2, 0x8, 0x7, 0x9}, {0x2096, 0x7, 0x4, 0x8001, 0x2, 0x8}, {0x3, 0x5, 0x1, 0x2, 0x3e4, 0x40}, {0xfffffffd, 0xe, 0x5, 0x6, 0xd, 0x2}, {0x926, 0x8000, 0x1, 0x5, 0x6, 0x4}, {0x8, 0x5, 0x5, 0x3, 0x0, 0x1}, {0x2, 0x11b, 0x1, 0x7, 0x6}, {0x3, 0x1, 0xe, 0x7, 0x9, 0x3}, {0x9, 0x2737, 0x4b, 0x2, 0x80000000, 0x2130}, {0x10000, 0x2, 0x672, 0x5, 0x7}, {0x94, 0x2, 0xff, 0x0, 0x400, 0x5}, {0x9, 0xc, 0x101, 0x1, 0x3, 0x8f}, {0x3ff, 0x6, 0x10000, 0x10000, 0x800}, {0x0, 0x1, 0x3, 0x2, 0x4, 0x8}, {0x5, 0x80000001, 0x1, 0x81, 0x6, 0x4}, {0x1, 0x6, 0x51, 0xfffffff7, 0x0, 0x61000}, {0x80000000, 0x7, 0x8, 0x5, 0x40, 0x9c0}, {0x2, 0x7, 0x9, 0x8, 0xf4c5, 0x4}, {0x800, 0x1, 0x5, 0x0, 0x2, 0xeb6f}, {0x80000000, 0x8000, 0x10000, 0x7, 0x6, 0x8}, {0x0, 0x7, 0x4, 0x9, 0x1, 0x400}, {0xfffffffb, 0x9, 0x7f, 0x40, 0x0, 0x9}, {0x7fff, 0x0, 0x9, 0x1000, 0x7fff, 0x2}, {0x8, 0x9, 0x0, 0x6, 0xb02a, 0x10}, {0x8, 0x1ff, 0x401, 0xa44, 0x200, 0x1}, {0x4, 0xd, 0x9, 0x9, 0xfd, 0x9}, {0x3, 0x1, 0x6, 0xffffffff, 0x7f, 0x5}, {0x6, 0xc7, 0xd1, 0x0, 0xa70, 0x2}, {0xdc, 0x7, 0x8, 0x2, 0x81, 0xf}, {0x8000, 0x3ff, 0x2, 0x9, 0x6, 0x2}, {0x5, 0x6, 0xffff, 0x81, 0x6d, 0x101}, {0x40, 0x5, 0x10001, 0x38, 0x7, 0x5}, {0x5, 0x6, 0x7, 0x7fff, 0x7, 0x13f}, {0x8, 0x0, 0x1, 0xc87, 0x2, 0x9}, {0x10000, 0x0, 0x8, 0x101, 0x0, 0x25c8049d}, {0x2, 0xb767, 0x9, 0x5, 0x9, 0xafc}, {0x2, 0x444e, 0xe, 0x14d, 0x7f, 0x2c}], [{0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x4}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {}, {0x3, 0x1}, {0x8, 0x1}, {0x4}, {0x3}, {0x1}, {0x2}, {0x5, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x0, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x2, 0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x4, 0x1}, {0x3}, {0x3}, {0x3}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x4, 0x1}, {0xfcbb88fdd7d75dad, 0x1}, {0x3}, {}, {0x2, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0xcfa1d4745281e144}, {0x3, 0x1}, {0x5}, {0x2, 0x3}, {0x4}, {0x1, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {}, {0x2}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x4}, {0x2, 0x1}, {0x1}, {}, {0x2}, {0x3, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x2}, {0x5}, {0x2}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0xf24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

5.002625651s ago: executing program 7 (id=3761):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x1ff, "a25f0d539ea1b2cc4479b25602fa1fa862fb7e6b1a3786793b2e143718a7687c", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r3, 0xc0383e04, &(0x7f00000000c0)={""/32, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)=[{}, {}, {}]})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet6(0xa, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r5=>0x0})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r8, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r6, 0xc01864b0, &(0x7f0000000080)={r8, r9})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r6, 0xc01864b0, &(0x7f0000000180)={0x0, r9, 0x1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)
socket(0x10, 0x80803, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0xfffffddf, &(0x7f00000002c0)={&(0x7f0000000900)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x0, 0x4, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0x0, 0x6, './file0\x00'}, @TCA_ACT_BPF_NAME={0x0, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS={0x0, 0x4, [{0x6, 0xf8, 0x9, 0x7fff}, {0x2, 0xff, 0x2, 0x1}, {0x4, 0x81, 0xf, 0xda74}, {0x8, 0xfe, 0x3}, {0x4, 0x1, 0x8, 0x55f8}]}, @TCA_ACT_BPF_OPS_LEN={0x0, 0x3, 0x9}]}, {0x0, 0x6, "981fb79cf7ca6f6edd31b7bff484488173e2ae29f9b0a8ef1d055685f958552a40a44a3a77670eba165fe8f21a3475e265189a9fc5af8fff159a66bc4d84b7d783fab8c226b1c02db35551"}, {0x0, 0x7, {0x1}}, {0x0, 0x8, {0x3, 0x2}}}}]}]}, 0xf0}}, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)

4.855302224s ago: executing program 6 (id=3762):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x50, r1, 0x1, 0x0, 0xffffffff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x80}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x50}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x20, 0x3d, 0x9, 0x0, 0x0, {0x4}, [@typed={0x4, 0x200}, @typed={0x8, 0x9, 0x0, 0x0, @u32=0xffe000}]}, 0x20}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) (async)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x50, r1, 0x1, 0x0, 0xffffffff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x80}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x50}}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x20, 0x3d, 0x9, 0x0, 0x0, {0x4}, [@typed={0x4, 0x200}, @typed={0x8, 0x9, 0x0, 0x0, @u32=0xffe000}]}, 0x20}}, 0x0) (async)

4.781088729s ago: executing program 3 (id=3763):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket(0x22, 0x2, 0x4)
getsockopt$SO_TIMESTAMP(r4, 0x1, 0x1c, 0x0, &(0x7f00000000c0))
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
syz_open_dev$loop(0x0, 0x9, 0x40401)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x3500000000000000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x4c, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}]}]}]}], {0x14}}, 0x74}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000100)='module_free\x00', r8}, 0x10)
close(r7)
close_range(r5, 0xffffffffffffffff, 0x0)

3.700774563s ago: executing program 6 (id=3764):
socket(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0x0, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x1}]}}]}, 0x3c}}, 0x4000) (fail_nth: 3)

3.700219988s ago: executing program 3 (id=3765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x9, 0x103ba, 0x1, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8, r0, 0x4}, 0x38)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx2\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$sock(r3, &(0x7f0000006640)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000006680)="f165163afcc0b8296b279d1a62c2a318c9d88469e1c45ae81563f387f3de7659e90b688f0e08422d5621406426164a47387b51b531282886bf045dd9e69e3744977f1db2636305573c1886aa76b47c94e8e113e7863ac0ab542b76417d5bfa2142a6ccd29f591f9194079cc10a31deedb2dcb41d891be4bc35afd597dd72cf630ef45e92177270d4bea051583416b9c13895c8424dc5600c70d5b5ddb53d11fbb65cfbacbafbeb6e87871a5d277caac56222dd034bcf60f0", 0xb8}, {&(0x7f0000000340)="e74f541d24c4b951ef", 0x9}], 0x2}}], 0x1, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=@getsa={0x34, 0x12, 0x8, 0x70bd2d, 0x0, {@in=@loopback, 0x0, 0x0, 0x3c}, [@mark={0xc}]}, 0x34}}, 0x0)

3.420848129s ago: executing program 3 (id=3766):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=@framed={{0x55, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x1c}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.420449496s ago: executing program 6 (id=3767):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100), 0x200002, 0x0)
syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
r1 = syz_io_uring_setup(0x10a, &(0x7f00000011c0)={0x0, 0x25885}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000001380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001340)={&(0x7f0000001240)={0xc4, 0x0, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xc, 0x31}}}}, [@NL80211_ATTR_QOS_MAP={0x2e, 0xc7, {[{0x9, 0x2}, {0x3, 0x4}, {0x6}, {0x7, 0x2}, {0x2, 0x2}, {0x8, 0x4}, {0x1, 0x2}, {0x6, 0x1}, {0x3, 0x4}, {0x0, 0x4}, {0x0, 0x5}, {0x2, 0x7}, {0x6, 0x6}, {0x3, 0x7}, {0x7, 0x1}, {0x8, 0x1}, {0xa8, 0x5}], "6fdec8b4ff535a71"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x9, 0x3}, {0x8, 0x6}, {0xe7, 0x6}, {0x1}, {0x7f, 0x4}, {0x5, 0x4}, {0x5, 0x5}, {0x8, 0x7}, {0x2, 0x7}, {0x4, 0x7}, {0x5e, 0x1}, {0x4, 0x3}, {0x1, 0x4}, {0x5, 0x7}, {0xf8, 0x2}, {0x2, 0x5}, {0xff, 0x5}, {0x3, 0x3}], "fc032613e719ac74"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x1, 0x7}, {0x5, 0x2}, {0x9, 0x3}, {0x6, 0x3}, {0x9, 0x3}, {0x9, 0x3}, {0x3, 0x5}, {0xb, 0x3}, {0xc1, 0x6}, {0xca, 0x6}, {0x9e, 0x6}, {0x9, 0x3}, {0xff, 0x1}, {0x0, 0x4}, {0x2, 0x5}, {0x3, 0x6}, {0x5, 0x1}, {0x8}, {0x3, 0x35}, {0x79, 0x2}], "e9ff4f090d817158"}}, @NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0xd2, 0x2}], "f6a6a2ec8059ba17"}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x48000}, 0x4000004)
r4 = openat$cgroup_pressure(r0, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
r5 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/mapped\x00', 0x2, 0x0)
write$smackfs_cipsonum(r5, &(0x7f0000000040), 0x14)
write$cgroup_pressure(r4, &(0x7f0000000080)={'full', 0x20, 0x2000000008, 0x20, 0x10000000fffff}, 0x2f)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x5, 0x7f, 0xef0, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000007c0), 0x402, r6}, 0x38)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000000)={0x0, &(0x7f00000004c0)=""/233, &(0x7f00000001c0), 0x0, 0x6, r6}, 0x38)
close(r4)
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x8, 0x600400)
ioctl$EVIOCGVERSION(r7, 0x80044501, &(0x7f00000001c0)=""/4096)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r8, 0x0, 0x14, 0x0, &(0x7f00000005c0)="18d26a3d96736249edf6d237b029399525aa0412", 0x0, 0x9, 0x0, 0x31, 0x0, &(0x7f0000000a40)="30dd0d6c12d6fae2fc8392ee65065e8dd08e5ce1c9b66ac2d50ca7ef5587fe58881c8a695d5645f8411a3c750fb033ec67", 0x0}, 0x50)
syz_usb_connect$uac1(0x0, 0xb1, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029f0003010000000904000000010100000a24010000000201020d24060000030800000031ce21c798329740594c137d0000000c24020201010608000010000c2402000000030000000000092406000601000000092403000000000500092406050001", @ANYBLOB="8528"], 0x0)

1.968337325s ago: executing program 1 (id=3768):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)={@broadcast, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x1, 0x6, 0x1c, 0x68, 0x0, 0x7, 0x1, 0x0, @empty, @loopback}, @echo={0x8, 0x0, 0x0, 0xc, 0x5}}}}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setresuid(0x0, 0xee00, 0x0)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x54, 0x12, 0x81c0ba3cd11c26f5, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4e22, [0x8]}, 0xffffeffc, 0x4}, [@INET_DIAG_REQ_BYTECODE={0x8, 0x1, "a1b3e4a5"}]}, 0x54}}, 0x40d8)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000100)={0x20000014})
epoll_wait(r5, &(0x7f0000000180)=[{}], 0x1, 0x10000400)
close_range(r3, 0xffffffffffffffff, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x6c, 0xc, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000000)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x0, 0x4}, 0x0)
setreuid(0xee01, 0x0)
setreuid(0x0, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r8, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)={0x18, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@bridge_dellink={0x34, 0x11, 0x5, 0x2, 0x0, {0x7, 0x0, 0x0, r7, 0x24000}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x3, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x0, 0x25}]}}]}]}, 0x34}}, 0x0)

1.906324192s ago: executing program 2 (id=3769):
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)
readv(r4, 0x0, 0x0)
close(r3)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
r6 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched_retired(r6, &(0x7f000001be80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000012fc0)=@newtfilter={0xf58, 0x2c, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xe, 0x9}, {0xa, 0x7}}, [@f_rsvp6={{0xa}, {0xa4, 0x2, [@TCA_RSVP_POLICE={0x3c, 0x5, [@TCA_POLICE_RATE64={0xc, 0x8, 0x4}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfffffc01}, @TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_RESULT={0x8, 0x5, 0xff}]}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x0, 0x5}, {0x80000, 0x7, 0xd}, 0x0, 0x7, 0x8}}, @TCA_RSVP_ACT={0x44, 0x6, [@m_mirred={0x40, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0x14, 0x6, "e4cf417efa2642cba79654a718ac75b4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @f_rsvp6={{0xa}, {0xe78, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0xfffffffc, 0x8, 0x3ff}, {0x3, 0xebc}, 0x2, 0x0, 0x31}}, @TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x11, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xe, 0x7, 0x6, 0x8b, 0x1}, 0x9, 0x3}, [{0xffffffff, 0xb, 0x17aa, 0x3, 0x7, 0x3dc}, {0xbd, 0x7, 0x7, 0x5, 0x77, 0x2}, {0x8, 0x5667, 0xfffffffc, 0xf, 0x7ff, 0xfff}, {0x401, 0xd051, 0x6, 0xfffffffa, 0x9, 0xfacf}, {0xf, 0x9, 0x4, 0xfffffffc, 0xda4, 0x7}, {0x8, 0x6, 0x9, 0x7fff, 0x3, 0x8c}, {0x8, 0x997, 0x4, 0x1000, 0x0, 0x637}, {0xbe, 0x8, 0x1, 0x200, 0xb5f1, 0x6}, {0x6, 0x2, 0xf18, 0x3, 0x6, 0x3}, {0x56, 0x80000000, 0xb, 0x9, 0x7, 0x8755}, {0x2, 0x2, 0x4, 0x3, 0x0, 0x4}, {0x200, 0x3, 0x2, 0x200, 0xc000000, 0xe2}, {0x5, 0x8000, 0x6, 0x5, 0xcb, 0xb}, {0xfff, 0x4, 0x7, 0x6, 0x0, 0x3}, {0x0, 0x4, 0x3, 0x4, 0x401, 0x8}, {0xff, 0x5, 0xcc, 0xd6, 0x4, 0xd}, {0x6, 0x6, 0x4, 0x9, 0x9, 0x9}, {0xfffffffe, 0x156191dc, 0x0, 0xffffffff, 0x2, 0xeb214f43}, {0x7f, 0x10, 0x9, 0x8, 0x4b5, 0x7fff}, {0x18, 0x8, 0xb, 0xfffffff9, 0x4, 0xfffffff9}, {0x3, 0x7, 0x8, 0x7e, 0x6, 0x4}, {0x1, 0x9, 0x8, 0x6, 0x401, 0x1}, {0x9, 0x1, 0xff, 0x2, 0x9, 0xe96}, {0x6, 0x2c8, 0x2bbd, 0x7, 0x996, 0x2}, {0x6, 0x5, 0x9, 0x7, 0x5, 0x804e}, {0x0, 0x800, 0x4, 0x2, 0xf5a, 0xc7f}, {0x7, 0xff, 0xffffff92, 0x8, 0x120000, 0x2}, {0x62e9, 0x5, 0x8, 0xffff, 0x0, 0x6}, {0xf, 0x3d, 0x1, 0x4, 0x4, 0x2}, {0x1, 0x520, 0xa, 0x7, 0x2, 0x1}, {0xfffffffa, 0x7, 0x3b3, 0x0, 0x7, 0x7fffffff}, {0x2, 0x8, 0x6, 0xb, 0x800, 0x4}, {0x6, 0x6421, 0x9, 0xfffffffc, 0x3, 0x6}, {0x93, 0x2, 0xfffffffd, 0xffffffff, 0xffffffff, 0x4}, {0x3, 0x2, 0x5, 0x0, 0x87c, 0x4217}, {0x80000001, 0x1, 0xfff, 0x7fffffff, 0x1, 0x4}, {0xfffffff8, 0x400, 0x7e00, 0x2, 0x6, 0x4}, {0x9, 0x40, 0x9, 0xfa1b, 0x800, 0xfffff2e5}, {0x5, 0x6, 0x3, 0x0, 0x80000001, 0xe25}, {0x400, 0x1, 0x4, 0x9, 0x6, 0x8}, {0x0, 0x401, 0x7fffffff, 0xfffffffe, 0x5, 0x3}, {0x101, 0x8, 0x4, 0x8, 0x5, 0x2}, {0xce86, 0x9, 0x1, 0x950, 0x9, 0xa7}, {0x27d, 0x8, 0xfffffff8, 0x8, 0x8}, {0x3, 0x2, 0x7, 0x8, 0xa9}, {0x9e, 0x6, 0x7, 0x80000000, 0x7, 0x7}, {0x9, 0x7, 0x0, 0x80000001, 0x1, 0xf}, {0x1, 0xffff, 0xa7, 0x10000, 0x16931a3f, 0x9}, {0xff, 0x1, 0xfffff801, 0x6, 0x8, 0x8e}, {0x3ff, 0xfffffff0, 0x0, 0x3, 0x0, 0x1}, {0xfffffff0, 0x1, 0x1d1, 0x8, 0xffffffff, 0x2}, {0x9, 0x56, 0xb, 0x40, 0xfffffff9, 0xc96}, {0x6b, 0x9, 0x1, 0x401, 0x8001}, {0x6fe, 0x5121, 0xae04, 0x3, 0x7, 0xbfb8}, {0xd, 0x7ff, 0x2fed, 0xb, 0x6, 0x27}, {0xfff, 0x9, 0x1c8, 0x8, 0xf7e, 0x1ff}, {0x0, 0x8, 0xd9, 0x8001, 0x1, 0xcde9}, {0x74, 0xe911, 0xfff, 0x22, 0x3, 0x5}, {0x401, 0x3, 0xff, 0x9, 0xfff, 0x4788}, {0x1eaa, 0x0, 0xfffffff8, 0x6, 0xff0000, 0x1ff}, {0x8001, 0xfbef, 0x9, 0x8d7e, 0x7, 0x3}, {0x9b7e, 0xffff, 0x7, 0x1, 0x1, 0x8}, {0xffffffff, 0x80, 0x7, 0xae, 0x3, 0x6}, {0xd81, 0xe, 0xdb, 0x5, 0x8369, 0x10001}, {0xa, 0x5, 0x7fffffff, 0x5, 0x80000000, 0x6}, {0x9a, 0x6, 0x5, 0x10001, 0x2004, 0x5}, {0x1, 0x4, 0x0, 0x87, 0x8001, 0x200}, {0x3, 0xc, 0x1, 0xe467, 0x77, 0xff}, {0x50dc, 0x0, 0x10001, 0x9, 0x2, 0x3}, {0x8001, 0x3e6, 0x400, 0x48a1, 0x8, 0x9}, {0x7, 0x26a4, 0x2, 0xdfd9, 0x4, 0x2}, {0x8, 0xdb, 0x5, 0x4, 0xab, 0x66df}, {0x10000, 0x3c83, 0x2, 0x3, 0x7, 0x4c}, {0x7, 0xebee, 0x7fff, 0xffffff4d, 0x3, 0x5}, {0x5, 0x1000, 0x1, 0xd27, 0x1, 0xbea}, {0x7fffffff, 0xc60, 0x7fffffff, 0x64}, {0x9, 0xfffffffe, 0xf, 0x1, 0x6, 0x9}, {0x10000, 0x2, 0x3ff, 0x2, 0x2, 0x3317}, {0x2a4a, 0x1, 0xe, 0xfffffffe, 0x6, 0xffff}, {0x2b, 0x7, 0xfffffffe, 0x0, 0x6, 0xe}, {0x9, 0x7, 0x7, 0x400, 0x4}, {0x8, 0x1, 0x8000, 0xeafc, 0x80, 0x4}, {0x7, 0x8, 0xfffffff7, 0x5, 0x2}, {0x0, 0x9, 0x6, 0x5, 0x80000001, 0x80000000}, {0x4, 0x100, 0xd, 0x4, 0xc}, {0x4, 0x6, 0x9, 0x8, 0xfffffffc, 0x7fff}, {0x10000, 0x4155, 0x4, 0x9d19, 0xff, 0xfff}, {0x9, 0xfffffff2, 0x6, 0xfffffffa, 0x80, 0x8}, {0x94e, 0x1, 0x101, 0x3, 0x0, 0xc772}, {0x3, 0x6, 0x9, 0x25d73910, 0x1, 0x3}, {0x5, 0x7, 0x7, 0xb, 0x7dbe, 0x6}, {0xf21, 0x2, 0x2, 0x8, 0x7, 0x9}, {0x2096, 0x7, 0x4, 0x8001, 0x2, 0x8}, {0x3, 0x5, 0x1, 0x2, 0x3e4, 0x40}, {0xfffffffd, 0xe, 0x5, 0x6, 0xd, 0x2}, {0x926, 0x8000, 0x1, 0x5, 0x6, 0x4}, {0x8, 0x5, 0x5, 0x3, 0x0, 0x1}, {0x2, 0x11b, 0x1, 0x7, 0x6}, {0x3, 0x1, 0xe, 0x7, 0x9, 0x3}, {0x9, 0x2737, 0x4b, 0x2, 0x80000000, 0x2130}, {0x10000, 0x2, 0x672, 0x5, 0x7}, {0x94, 0x2, 0xff, 0x0, 0x400, 0x5}, {0x9, 0xc, 0x101, 0x1, 0x3, 0x8f}, {0x3ff, 0x6, 0x10000, 0x10000, 0x800}, {0x0, 0x1, 0x3, 0x2, 0x4, 0x8}, {0x5, 0x80000001, 0x1, 0x81, 0x6, 0x4}, {0x1, 0x6, 0x51, 0xfffffff7, 0x0, 0x61000}, {0x80000000, 0x7, 0x8, 0x5, 0x40, 0x9c0}, {0x2, 0x7, 0x9, 0x8, 0xf4c5, 0x4}, {0x800, 0x1, 0x5, 0x0, 0x2, 0xeb6f}, {0x80000000, 0x8000, 0x10000, 0x7, 0x6, 0x8}, {0x0, 0x7, 0x4, 0x9, 0x1, 0x400}, {0xfffffffb, 0x9, 0x7f, 0x40, 0x0, 0x9}, {0x7fff, 0x0, 0x9, 0x1000, 0x7fff, 0x2}, {0x8, 0x9, 0x0, 0x6, 0xb02a, 0x10}, {0x8, 0x1ff, 0x401, 0xa44, 0x200, 0x1}, {0x4, 0xd, 0x9, 0x9, 0xfd, 0x9}, {0x3, 0x1, 0x6, 0xffffffff, 0x7f, 0x5}, {0x6, 0xc7, 0xd1, 0x0, 0xa70, 0x2}, {0xdc, 0x7, 0x8, 0x2, 0x81, 0xf}, {0x8000, 0x3ff, 0x2, 0x9, 0x6, 0x2}, {0x5, 0x6, 0xffff, 0x81, 0x6d, 0x101}, {0x40, 0x5, 0x10001, 0x38, 0x7, 0x5}, {0x5, 0x6, 0x7, 0x7fff, 0x7, 0x13f}, {0x8, 0x0, 0x1, 0xc87, 0x2, 0x9}, {0x10000, 0x0, 0x8, 0x101, 0x0, 0x25c8049d}, {0x2, 0xb767, 0x9, 0x5, 0x9, 0xafc}, {0x2, 0x444e, 0xe, 0x14d, 0x7f, 0x2c}], [{0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x4}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {}, {0x3, 0x1}, {0x8, 0x1}, {0x4}, {0x3}, {0x1}, {0x2}, {0x5, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x0, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x2, 0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x4, 0x1}, {0x3}, {0x3}, {0x3}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x4, 0x1}, {0xfcbb88fdd7d75dad, 0x1}, {0x3}, {}, {0x2, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0xcfa1d4745281e144}, {0x3, 0x1}, {0x5}, {0x2, 0x3}, {0x4}, {0x1, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {}, {0x2}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x4}, {0x2, 0x1}, {0x1}, {}, {0x2}, {0x3, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x2}, {0x5}, {0x2}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x5, 0x1}, {0x5}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0xf58}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

1.880043856s ago: executing program 3 (id=3770):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYRESHEX=r1, @ANYRES32=r1, @ANYRES16=0x0, @ANYRES32, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRESHEX=r1, @ANYRES64=r1], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket(0x10, 0x3, 0x0)
r4 = openat$smackfs_load(0xffffff9c, &(0x7f0000000180)='/sys/fs/smackfs/load-self\x00', 0x2, 0x0)
write$smackfs_load(r4, &(0x7f0000000200)=ANY=[], 0x11f)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, 0x0)
setregid(0xffffffffffffffff, r5)
faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r7 = dup(0xffffffffffffffff)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x15)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
ioctl$BLKRRPART(r7, 0x125f, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="850000000500000084000000000000009500000000000000719cbb20b0d1880917c7ff879d900b2971e697b982298a4612ffd874a646458d366ad8552303d0472753a3e06cbb7fe8db5b64b55fb32f2db15dffee61c55f7b109b99a698a42681a04bb97ac41bdce76062f50b40af29772ef7c0e3db2d00630cb57c049e010c77bc8f266c5791ec7d1946139bd2a7fe4eb045a99c69eaaadd6f81c6203e62523d7d05cb8579c0e73728fd19a2b708ac3fee68a38665c50b39dae3aec6b4974e9dd4c6a15957775dadc415fa0ed0e4e6ad6f14f36c8e5e0fbb3a6efa2e2af974f567ac51dca539f0030e1393f2af5b4e4286cf9760"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000000)={0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94)

1.223427011s ago: executing program 3 (id=3771):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mq_open(0x0, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
clock_gettime(0x0, 0x0)
r1 = add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='X', 0x5d, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r2, r2}, &(0x7f0000000180)=""/82, 0x52, 0x0)

728.699126ms ago: executing program 1 (id=3772):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000001300)={'team0\x00', <r3=>0x0})
syz_emit_ethernet(0x2a, &(0x7f0000000300)={@random="e90c630faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0xe000, 0xff, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x8}}}}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100", @ANYRES32=r3, @ANYBLOB="4400028040000100240001007072696f7269747900"/32, @ANYRES32=0x0], 0x60}}, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x2b6183, 0x0)
ioctl$IOMMU_DESTROY$stdev(r4, 0x3b80, &(0x7f0000000040)={0x8})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x200000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00'}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r5, 0x0, 0x3}, 0x18)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
ptrace(0x10, 0x0)
ptrace$getregset(0x4205, 0x0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
sched_setscheduler(0x0, 0x0, &(0x7f0000000340)=0xa)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r2)
r6 = epoll_create1(0x80000)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x20000014})
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r8, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r8, 0x0, 0x30, &(0x7f00000012c0)={0x2, {{0x2, 0x0, @multicast2}}, 0x0, 0xa, [{{0x2, 0x0, @broadcast}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x0, @loopback}}, {{0x2, 0x0, @empty}}, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}, {{0x2, 0x0, @loopback}}]}, 0x590)
setsockopt$inet_group_source_req(r8, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0xa0000001})
epoll_wait(r7, &(0x7f0000000380)=[{}], 0x1, 0x1004)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

657.31113ms ago: executing program 2 (id=3773):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched_retired(r1, &(0x7f000001be80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000012fc0)=@newtfilter={0xd8, 0x2c, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xe, 0x9}, {0xa, 0x7}}, [@f_rsvp6={{0xa}, {0x74, 0x2, [@TCA_RSVP_POLICE={0x4}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x0, 0x5}, {0x80000, 0x7, 0xd}, 0x0, 0x7, 0x8}}, @TCA_RSVP_ACT={0x4c, 0x6, [@m_mirred={0x48, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0x19, 0x6, "e4cf417efa2642cba79654a718ac75b462651a06c9"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @f_rsvp6={{0xa}, {0x28, 0x2, [@TCA_RSVP_PINFO={0x20, 0x4, {{0xfffffffc, 0x8, 0x3ff}, {0x3, 0xebc}, 0x2, 0x0, 0x31}}, @TCA_RSVP_ACT={0x4}]}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

97.369811ms ago: executing program 7 (id=3774):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x10, 0x0, 0x4, 0xfc, 0x0, 0xff, 0x5, 0x1400}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
prctl$PR_MCE_KILL(0x23, 0x2, 0x7fffffffeffe)
syz_usbip_server_init(0x1)
socket$kcm(0x2c, 0x3, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000014006b030231a6080c000af32c00000000f800250502000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594f1817d", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

40.214935ms ago: executing program 3 (id=3775):
r0 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
write$smackfs_load(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000060a0b04000000000000000002000000040004800900010073797a30000000000900020073797a3200000000140000f4eaa2e546e389a800000000000000000a"], 0x58}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x98, 0x0, 0x9}, {0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xde, 0x0, 0x0, 0x8000000000008}, {0x3fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb5, 0x0, 0x1, 0x3d, 0x5}]})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3, '\x00', 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8, 0x8}, {0x3, 0x3, 0x6, 0xa, 0x9, 0xfff0, 0x41}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r4}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18)

0s ago: executing program 2 (id=3776):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001300)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffe30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$PIO_CMAP(r2, 0x4b32, 0x0)
getpid()
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000400)={0x1, 0x2, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x2)
r4 = syz_io_uring_setup(0x7ed5, &(0x7f0000000080)={0x0, 0x1061, 0x400}, 0x0, &(0x7f0000000100))
io_uring_enter(r4, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$mouse(0x0, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000200)=@int=0xf9b, 0x4)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS2(r6, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "f93670335b092d31d4f25cc48cb13a383332ea"})
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d340987f70e06d038e7ff7fc6e5539b3247298b089b070d356e090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
gettid()
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

kernel console output (not intermixed with test programs):

workdir'
[  955.499360][ T5834] usb 1-1: Using ep0 maxpacket: 32
[  955.524406][ T5834] usb 1-1: config 2 has no interfaces?
[  955.532320][ T5834] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0147, bcdDevice=32.13
[  955.542256][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  955.551225][ T5834] usb 1-1: Product: syz
[  955.763003][ T5834] usb 1-1: Manufacturer: syz
[  955.768265][ T5834] usb 1-1: SerialNumber: syz
[  955.998302][T16959] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  956.006984][T16959] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  956.024958][ T5921] usb 1-1: USB disconnect, device number 56
[  961.657729][ T5921] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  962.329859][T17046] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3052'.
[  962.403871][T17047] gfs2: not a GFS2 filesystem
[  962.650086][ T5921] usb 1-1: Using ep0 maxpacket: 32
[  962.955265][ T5921] usb 1-1: unable to get BOS descriptor or descriptor too short
[  962.964045][ T5921] usb 1-1: config 7 has an invalid interface number: 241 but max is 0
[  962.977391][ T5921] usb 1-1: config 7 has no interface number 0
[  962.983621][ T5921] usb 1-1: config 7 interface 241 altsetting 4 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[  962.994842][ T5921] usb 1-1: config 7 interface 241 has no altsetting 0
[  963.239951][ T5921] usb 1-1: New USB device found, idVendor=b8aa, idProduct=8ad9, bcdDevice=74.13
[  963.249183][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  963.257283][ T5921] usb 1-1: Product: syz
[  964.217559][ T5921] usb 1-1: Manufacturer: 㔒랇娯版랧躸鳕禔�ꬨ霽윤✟�鈽⿇艚�粀鉓࠳Υ艫翤⤤ꂙ犅䜟휆誈幰ꡡ싦䛤�焣ह�孹ᔆ奂ᕜ㸋㻽蓙炄橎�㺟�Ẍ㌮滹端뉈뮑䀆跡絜㾾◣鷶纻�Ⱘ奧機��濪蜦⹠ꭉ๋	⑮
[  964.246609][ T5921] usb 1-1: SerialNumber: syz
[  965.358575][ T5870] IPVS: starting estimator thread 0...
[  965.629942][T17027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  965.647562][T17066] IPVS: using max 22 ests per chain, 52800 per kthread
[  965.745274][T17027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  965.797673][T17027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  966.117064][T17027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  966.918745][ T5921] usb 1-1: bad CDC descriptors
[  966.933117][ T5921] usb 1-1: USB disconnect, device number 57
[  967.912561][T17104] FAULT_INJECTION: forcing a failure.
[  967.912561][T17104] name failslab, interval 1, probability 0, space 0, times 0
[  967.926058][T17104] CPU: 0 UID: 0 PID: 17104 Comm: syz.3.3067 Not tainted 6.13.0-rc3-syzkaller #0
[  967.935116][T17104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  967.945196][T17104] Call Trace:
[  967.948492][T17104]  <TASK>
[  967.951435][T17104]  dump_stack_lvl+0x241/0x360
[  967.956137][T17104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  967.961358][T17104]  ? __pfx__printk+0x10/0x10
[  967.965981][T17104]  ? fs_reclaim_acquire+0x93/0x130
[  967.971111][T17104]  ? __pfx___might_resched+0x10/0x10
[  967.976420][T17104]  ? __lock_acquire+0x1397/0x2100
[  967.981472][T17104]  should_fail_ex+0x3b0/0x4e0
[  967.986173][T17104]  should_failslab+0xac/0x100
[  967.990878][T17104]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  967.997220][T17104]  ? smk_import_entry+0x18d/0x610
[  968.002286][T17104]  kstrndup+0x41/0xb0
[  968.006290][T17104]  smk_import_entry+0x18d/0x610
[  968.011185][T17104]  smk_fill_rule+0x4d/0x630
[  968.015739][T17104]  smk_parse_long_rule+0x617/0x7e0
[  968.020897][T17104]  ? __pfx_smk_parse_long_rule+0x10/0x10
[  968.026818][T17104]  ? __might_fault+0xaa/0x120
[  968.031524][T17104]  ? _copy_from_user+0x99/0xc0
[  968.036323][T17104]  smk_write_rules_list+0x2f9/0x450
[  968.041570][T17104]  ? __pfx_smk_write_rules_list+0x10/0x10
[  968.047325][T17104]  ? __pfx_smk_write_load_self2+0x10/0x10
[  968.053070][T17104]  vfs_write+0x2a3/0xd30
[  968.057344][T17104]  ? __pfx_vfs_write+0x10/0x10
[  968.062130][T17104]  ? __fget_files+0x2a/0x410
[  968.066744][T17104]  ? __fget_files+0x395/0x410
[  968.071436][T17104]  ? __fget_files+0x2a/0x410
[  968.076047][T17104]  ksys_write+0x18f/0x2b0
[  968.080405][T17104]  ? __pfx_ksys_write+0x10/0x10
[  968.085278][T17104]  ? do_syscall_64+0x100/0x230
[  968.090068][T17104]  ? do_syscall_64+0xb6/0x230
[  968.094765][T17104]  do_syscall_64+0xf3/0x230
[  968.099287][T17104]  ? clear_bhb_loop+0x35/0x90
[  968.103982][T17104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  968.109892][T17104] RIP: 0033:0x7f0ab4385d19
[  968.114323][T17104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  968.133957][T17104] RSP: 002b:00007f0ab5108038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  968.142397][T17104] RAX: ffffffffffffffda RBX: 00007f0ab4576160 RCX: 00007f0ab4385d19
[  968.150473][T17104] RDX: 00000000000000d5 RSI: 0000000020000300 RDI: 0000000000000008
[  968.158456][T17104] RBP: 00007f0ab5108090 R08: 0000000000000000 R09: 0000000000000000
[  968.166440][T17104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.174423][T17104] R13: 0000000000000000 R14: 00007f0ab4576160 R15: 00007ffc001b5ca8
[  968.182428][T17104]  </TASK>
[  971.171199][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  971.517661][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  971.574231][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  971.638981][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  971.658134][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  971.665542][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  971.723937][T17115] »»»»»» speed is unknown, defaulting to 1000
[  972.031203][T17134] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  972.262372][ T5834] IPVS: starting estimator thread 0...
[  972.403522][T17140] IPVS: using max 19 ests per chain, 45600 per kthread
[  973.717840][   T54] Bluetooth: hci3: command tx timeout
[  973.981442][T17115] chnl_net:caif_netlink_parms(): no params data found
[  974.217365][T17163] netlink: 'syz.3.3085': attribute type 10 has an invalid length.
[  974.262645][T17159] vlan3: entered promiscuous mode
[  974.268195][T17159] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  974.350251][T17163] 8021q: adding VLAN 0 to HW filter on device team0
[  974.381233][T17163] bond0: (slave team0): Enslaving as an active interface with an up link
[  974.692249][T17115] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.707721][T17115] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.734270][T17115] bridge_slave_0: entered allmulticast mode
[  974.751836][T17115] bridge_slave_0: entered promiscuous mode
[  974.794168][T17115] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.822470][T17115] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.847739][T17115] bridge_slave_1: entered allmulticast mode
[  974.870537][T17115] bridge_slave_1: entered promiscuous mode
[  975.021284][T17115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  976.039899][   T54] Bluetooth: hci3: command tx timeout
[  976.073566][T17115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  976.444925][T17115] team0: Port device team_slave_0 added
[  976.482724][T17115] team0: Port device team_slave_1 added
[  976.698194][ T5870] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  976.867699][ T5870] usb 4-1: Using ep0 maxpacket: 8
[  977.397505][ T5870] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  977.422413][T17200] input: syz1 as /devices/virtual/input/input47
[  977.453010][T17200] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3095'.
[  977.467489][ T5870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.479538][T17115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  977.486512][T17115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  977.512438][    C0] vkms_vblank_simulate: vblank timer overrun
[  977.523396][ T5870] usb 4-1: config 0 descriptor??
[  977.554197][T17115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  977.630939][T17115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  977.647064][T17115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  977.741789][T17115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  977.957525][T17115] hsr_slave_0: entered promiscuous mode
[  977.964736][T17115] hsr_slave_1: entered promiscuous mode
[  978.155884][   T54] Bluetooth: hci3: command tx timeout
[  979.250012][T17115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  979.259606][T17115] Cannot create hsr debugfs directory
[  979.539160][ T5870] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  979.549967][ T5870] asix 4-1:0.0: probe with driver asix failed with error -71
[  979.561564][ T5870] usb 4-1: USB disconnect, device number 74
[  979.885068][T17115] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  979.897607][T17115] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  980.750328][T17234] program syz.1.3103 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  980.904286][   T54] Bluetooth: hci3: command tx timeout
[  981.915787][T17115] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  981.939241][T17115] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  982.389511][T17115] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  982.400949][T17115] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  982.426521][T17249] 
: renamed from bond0 (while UP)
[  983.318611][T17115] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  983.417302][T17115] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  985.103100][T17269] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3113'.
[  986.244428][T17269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3113'.
[  986.939910][T17115] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  987.546574][T17115] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  987.560172][T17115] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  987.621635][T17115] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  987.750299][T17294] xt_hashlimit: overflow, try lower: 1125899906842624/8
[  987.777828][ T5834] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  987.850472][T17115] 8021q: adding VLAN 0 to HW filter on device bond0
[  987.882894][T17115] 8021q: adding VLAN 0 to HW filter on device team0
[  987.921673][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  987.928890][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  987.940393][ T5834] usb 1-1: Using ep0 maxpacket: 16
[  987.976550][ T5834] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  987.998471][ T5834] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  988.022414][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  988.058041][ T5834] usb 1-1: Product: syz
[  988.066077][T17305] 9p: Unknown Cache mode or invalid value l
[  988.088210][ T5834] usb 1-1: Manufacturer: syz
[  988.092864][ T5834] usb 1-1: SerialNumber: syz
[  988.119085][T17298] netlink: 'syz.1.3121': attribute type 2 has an invalid length.
[  988.140722][ T7602] bridge0: port 2(bridge_slave_1) entered blocking state
[  988.147894][ T7602] bridge0: port 2(bridge_slave_1) entered forwarding state
[  988.167100][ T5834] usb 1-1: config 0 descriptor??
[  988.174854][ T5834] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  989.136733][ T5834] usb 1-1: Detected FT232R
[  989.369033][ T5834] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  989.726935][T17289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  989.738025][T17289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  990.112023][ T5834] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[  990.311394][ T5834] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  990.503579][T17322] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  990.616947][ T5834] usb 1-1: USB disconnect, device number 58
[  990.675900][T17325] overlayfs: conflicting lowerdir path
[  990.729235][ T5834] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  990.805015][ T5834] ftdi_sio 1-1:0.0: device disconnected
[  991.202172][T17333] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  991.259294][T17115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  991.314207][T17115] veth0_vlan: entered promiscuous mode
[  991.442087][T17115] veth1_vlan: entered promiscuous mode
[  991.649822][T17115] veth0_macvtap: entered promiscuous mode
[  991.670644][   T29] audit: type=1326 audit(1734357670.561:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  991.790375][T17115] veth1_macvtap: entered promiscuous mode
[  991.986144][   T29] audit: type=1326 audit(1734357670.561:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.091361][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  992.119029][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.129586][   T29] audit: type=1326 audit(1734357670.571:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.151268][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  992.153292][   T29] audit: type=1326 audit(1734357670.571:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.161903][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.161927][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  992.161944][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.161962][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  992.161976][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.163815][T17115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  992.251754][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  992.262533][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.272671][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  992.283921][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.294072][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  992.305064][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.315411][T17115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  992.326712][T17115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  992.338388][T17115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  992.348736][   T29] audit: type=1326 audit(1734357670.571:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.361284][T17341] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  992.370606][   T29] audit: type=1326 audit(1734357670.571:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.378811][T17341] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  992.378849][T17341] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  992.378879][T17341] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  992.426398][   T29] audit: type=1326 audit(1734357670.571:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.449455][   T29] audit: type=1326 audit(1734357670.571:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.471267][   T29] audit: type=1326 audit(1734357670.571:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17336 comm="syz.3.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f0ab4385d19 code=0x7ffc0000
[  992.602744][T17115] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  992.627602][T17115] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  992.669606][T17115] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  992.687589][T17115] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  993.204227][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  993.210907][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  994.606966][T17368] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  995.258554][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  995.266400][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  995.364955][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  995.400836][T17367] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  995.413479][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  995.415999][T17367] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  995.559517][T17367] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  995.774645][T17367] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  995.909247][T17367] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  996.074780][T17367] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  996.132794][T17367] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  996.154418][T17367] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  996.180194][T17367] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  996.198748][T17367] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  996.222199][T17367] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  996.244596][T17388] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.3143'.
[  996.265635][T17367] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  996.275898][T17391] netlink: 'syz.2.3066': attribute type 21 has an invalid length.
[  996.284094][T17391] netlink: 'syz.2.3066': attribute type 6 has an invalid length.
[  996.292073][T17391] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3066'.
[  997.486988][T16320] Bluetooth: hci5: command 0x0c1a tx timeout
[  997.881144][T16320] Bluetooth: hci2: command 0x0c1a tx timeout
[  998.798602][T16320] Bluetooth: hci0: command 0x0c1a tx timeout
[  998.804834][T16320] Bluetooth: hci3: command 0x0c1a tx timeout
[  998.836669][T17417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3145'.
[  999.558074][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1000.028949][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1000.854530][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1000.862187][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1001.638756][T16320] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1002.038072][T16320] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1002.528939][  T975] usb 4-1: new full-speed USB device number 75 using dummy_hcd
[ 1002.735036][  T975] usb 4-1: device descriptor read/64, error -71
[ 1002.923646][T16320] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1002.927138][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1002.977986][  T975] usb 4-1: new full-speed USB device number 76 using dummy_hcd
[ 1003.128231][  T975] usb 4-1: device descriptor read/64, error -71
[ 1003.251494][  T975] usb usb4-port1: attempt power cycle
[ 1004.217259][  T975] usb 4-1: new full-speed USB device number 77 using dummy_hcd
[ 1004.278669][  T975] usb 4-1: device descriptor read/8, error -71
[ 1004.616532][T17489] »»»»»» speed is unknown, defaulting to 1000
[ 1004.697975][  T975] usb 4-1: new full-speed USB device number 78 using dummy_hcd
[ 1004.741924][  T975] usb 4-1: device descriptor read/8, error -71
[ 1004.858295][  T975] usb usb4-port1: unable to enumerate USB device
[ 1005.019334][T17491] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3171'.
[ 1005.609698][T17506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3174'.
[ 1005.652343][T17506] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1005.677941][T17506] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1005.688682][T17506] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1005.696226][T17506] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1007.993622][T17530] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3179'.
[ 1008.119918][T17530] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3179'.
[ 1009.414249][   T29] audit: type=1326 audit(1734357688.421:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17538 comm="syz.3.3184" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ab4385d19 code=0x0
[ 1009.588431][T17554] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3186'.
[ 1010.026120][T17555] FAULT_INJECTION: forcing a failure.
[ 1010.026120][T17555] name failslab, interval 1, probability 0, space 0, times 0
[ 1010.051973][T17555] CPU: 1 UID: 0 PID: 17555 Comm: syz.1.3187 Not tainted 6.13.0-rc3-syzkaller #0
[ 1010.061052][T17555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1010.071128][T17555] Call Trace:
[ 1010.074422][T17555]  <TASK>
[ 1010.077360][T17555]  dump_stack_lvl+0x241/0x360
[ 1010.082055][T17555]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1010.087246][T17555]  ? __pfx__printk+0x10/0x10
[ 1010.091832][T17555]  ? fs_reclaim_acquire+0x93/0x130
[ 1010.097035][T17555]  ? __pfx___might_resched+0x10/0x10
[ 1010.102333][T17555]  ? dynamic_dname+0x141/0x1b0
[ 1010.107093][T17555]  should_fail_ex+0x3b0/0x4e0
[ 1010.111774][T17555]  should_failslab+0xac/0x100
[ 1010.116467][T17555]  __kmalloc_noprof+0xdd/0x4c0
[ 1010.121244][T17555]  ? tomoyo_encode+0x26f/0x540
[ 1010.126007][T17555]  tomoyo_encode+0x26f/0x540
[ 1010.130587][T17555]  ? __pfx_anon_inodefs_dname+0x10/0x10
[ 1010.136126][T17555]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1010.141773][T17555]  tomoyo_path_number_perm+0x236/0x860
[ 1010.147215][T17555]  ? __lock_acquire+0x1397/0x2100
[ 1010.152243][T17555]  ? tomoyo_path_number_perm+0x206/0x860
[ 1010.157868][T17555]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1010.163856][T17555]  ? __fget_files+0x2a/0x410
[ 1010.168437][T17555]  ? __fget_files+0x2a/0x410
[ 1010.173012][T17555]  security_file_ioctl+0xc6/0x2a0
[ 1010.178034][T17555]  __se_sys_ioctl+0x46/0x170
[ 1010.182635][T17555]  do_syscall_64+0xf3/0x230
[ 1010.187134][T17555]  ? clear_bhb_loop+0x35/0x90
[ 1010.191798][T17555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1010.197684][T17555] RIP: 0033:0x7ff4e9785d19
[ 1010.202086][T17555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1010.221690][T17555] RSP: 002b:00007ff4ea52f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1010.230114][T17555] RAX: ffffffffffffffda RBX: 00007ff4e9975fa0 RCX: 00007ff4e9785d19
[ 1010.238074][T17555] RDX: 0000000020000040 RSI: 00000000c028aa05 RDI: 0000000000000008
[ 1010.246032][T17555] RBP: 00007ff4ea52f090 R08: 0000000000000000 R09: 0000000000000000
[ 1010.254017][T17555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1010.261980][T17555] R13: 0000000000000000 R14: 00007ff4e9975fa0 R15: 00007ffc0b259568
[ 1010.269995][T17555]  </TASK>
[ 1010.277831][T17555] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1011.258032][T17568] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3189'.
[ 1011.736172][T17562] veth0_vlan: left promiscuous mode
[ 1011.742595][T17562] veth0_vlan: entered promiscuous mode
[ 1016.485501][T17630] random: crng reseeded on system resumption
[ 1016.496505][T17633] vlan3: entered promiscuous mode
[ 1016.527516][T17633] vlan3: entered allmulticast mode
[ 1016.560299][T17633] xfrm0: entered allmulticast mode
[ 1016.597729][T17633] xfrm0: entered promiscuous mode
[ 1016.605295][T17633] team0: Port device vlan3 added
[ 1016.818613][T17640] netlink: 'syz.5.3210': attribute type 10 has an invalid length.
[ 1016.853553][T17640] bond0: (slave netdevsim0): no link monitoring support
[ 1016.879483][T17640] bond0: (slave netdevsim0): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[ 1016.949695][T17640] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[ 1016.989484][T17640] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1018.906908][T17662] Cannot find add_set index 0 as target
[ 1019.857600][   T29] audit: type=1326 audit(1734357697.931:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.2.3216" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f52ebb85d19 code=0x0
[ 1021.803059][T17690] x_tables: duplicate underflow at hook 1
[ 1022.090982][T17700] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3229'.
[ 1022.402303][T17704] »»»»»» speed is unknown, defaulting to 1000
[ 1025.312992][T17730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3236'.
[ 1025.322186][T17730] bridge_slave_1: left allmulticast mode
[ 1025.327903][T17730] bridge_slave_1: left promiscuous mode
[ 1025.333782][T17730] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1025.450790][T17730] bridge_slave_0: left allmulticast mode
[ 1025.456712][T17730] bridge_slave_0: left promiscuous mode
[ 1025.463252][T17730] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1026.307987][ T5872] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1026.468013][ T5872] usb 1-1: Using ep0 maxpacket: 8
[ 1026.494256][ T5872] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 15
[ 1026.528328][ T5872] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1026.598079][ T5872] usb 1-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[ 1026.649600][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1026.677716][ T5921] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 1026.720005][ T5872] usb 1-1: Product: syz
[ 1026.724256][ T5872] usb 1-1: Manufacturer: syz
[ 1026.729990][ T5834] IPVS: starting estimator thread 0...
[ 1026.737322][ T5872] usb 1-1: SerialNumber: syz
[ 1026.756953][ T5872] usb 1-1: config 0 descriptor??
[ 1026.779138][T17735] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1026.813683][ T5872] powermate 1-1:0.0: probe with driver powermate failed with error -22
[ 1026.828941][ T5921] usb 4-1: Using ep0 maxpacket: 32
[ 1026.849747][ T5921] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1026.860819][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1026.883074][ T5921] usb 4-1: Product: syz
[ 1026.896368][ T5921] usb 4-1: Manufacturer: syz
[ 1026.904201][ T5921] usb 4-1: SerialNumber: syz
[ 1026.909291][T17748] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1026.954077][ T5921] usb 4-1: config 0 descriptor??
[ 1027.087805][T17750] netlink: 'syz.2.3241': attribute type 39 has an invalid length.
[ 1027.123547][T17750] veth0_macvtap: left promiscuous mode
[ 1027.553930][T17740] cgroup: fork rejected by pids controller in /syz3
[ 1027.563361][ T5921] airspy 4-1:0.0: usb_control_msg() failed -71 request 09
[ 1027.571254][ T5921] airspy 4-1:0.0: Could not detect board
[ 1027.577054][ T5921] airspy 4-1:0.0: probe with driver airspy failed with error -71
[ 1027.642204][ T5921] usb 4-1: USB disconnect, device number 79
[ 1027.893831][T17759] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3243'.
[ 1028.752948][ T3564] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1028.816640][   T46] usb 1-1: USB disconnect, device number 59
[ 1030.269943][T17783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3249'.
[ 1030.440209][ T3564] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1030.467475][ T3564] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1030.569104][ T3564] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1030.597255][ T3564] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1030.674356][ T3564] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1030.712820][ T3564] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1030.757897][   T54] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1030.898031][   T46] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1031.003023][ T3564] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1031.017945][ T3564] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1031.048148][   T46] usb 1-1: Using ep0 maxpacket: 16
[ 1031.298811][ T3564] bridge_slave_1: left allmulticast mode
[ 1031.304773][ T3564] bridge_slave_1: left promiscuous mode
[ 1031.312881][ T3564] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1031.336907][ T3564] bridge_slave_0: left allmulticast mode
[ 1031.360100][ T3564] bridge_slave_0: left promiscuous mode
[ 1031.374450][   T46] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1031.382985][ T3564] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1031.384205][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1031.398810][   T46] usb 1-1: Product: syz
[ 1031.403112][   T46] usb 1-1: Manufacturer: syz
[ 1031.408413][   T46] usb 1-1: SerialNumber: syz
[ 1031.470632][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1031.483630][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1031.493783][ T5826] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1031.502199][ T5826] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1031.533648][ T5826] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1031.542447][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1031.585698][   T46] r8152-cfgselector 1-1: Unknown version 0x0000
[ 1031.592675][   T46] r8152-cfgselector 1-1: config 0 descriptor??
[ 1033.658168][ T5826] Bluetooth: hci2: command tx timeout
[ 1034.529379][T17828] xt_TCPMSS: Only works on TCP SYN packets
[ 1034.755927][ T3564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1034.801987][ T3564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1034.840617][ T3564] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1034.889715][ T3564] bond0 (unregistering): Released all slaves
[ 1034.976901][ T5872] r8152-cfgselector 1-1: USB disconnect, device number 60
[ 1034.995705][T17802] »»»»»» speed is unknown, defaulting to 1000
[ 1035.076777][   T29] audit: type=1326 audit(1734357714.081:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.170977][   T29] audit: type=1326 audit(1734357714.081:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.192554][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1035.206724][   T29] audit: type=1326 audit(1734357714.081:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.239493][   T29] audit: type=1326 audit(1734357714.081:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.261001][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1035.272730][   T29] audit: type=1326 audit(1734357714.081:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.294326][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1035.302434][   T29] audit: type=1326 audit(1734357714.081:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.324025][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1035.447547][ T5872] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1035.575379][   T29] audit: type=1326 audit(1734357714.081:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.597327][   T29] audit: type=1326 audit(1734357714.081:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff4e9785d53 code=0x7ffc0000
[ 1035.621508][   T29] audit: type=1326 audit(1734357714.111:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff4e9785d53 code=0x7ffc0000
[ 1035.643318][ T5872] usb 1-1: Using ep0 maxpacket: 32
[ 1035.655760][ T5872] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1035.667299][ T5872] usb 1-1: config 0 has no interface number 0
[ 1035.674386][T17843] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3269'.
[ 1035.683899][   T29] audit: type=1326 audit(1734357714.111:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17836 comm="syz.1.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e9785d19 code=0x7ffc0000
[ 1035.711260][ T5872] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1035.721749][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1035.727643][ T5826] Bluetooth: hci2: command tx timeout
[ 1035.731096][ T5872] usb 1-1: Product: syz
[ 1035.747932][ T5872] usb 1-1: Manufacturer: syz
[ 1035.752579][ T5872] usb 1-1: SerialNumber: syz
[ 1035.840103][ T5872] usb 1-1: config 0 descriptor??
[ 1035.872303][ T5872] smsc95xx v2.0.0
[ 1036.701407][ T5872] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[ 1036.813158][ T5872] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1036.856011][ T5872] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1037.168566][ T5872] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1037.181365][ T5872] usb 1-1: USB disconnect, device number 61
[ 1037.808542][ T5826] Bluetooth: hci2: command tx timeout
[ 1037.879007][T17859] FAULT_INJECTION: forcing a failure.
[ 1037.879007][T17859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1037.977513][T17859] CPU: 1 UID: 0 PID: 17859 Comm: syz.2.3273 Not tainted 6.13.0-rc3-syzkaller #0
[ 1037.986609][T17859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1037.996687][T17859] Call Trace:
[ 1037.999985][T17859]  <TASK>
[ 1038.003195][T17859]  dump_stack_lvl+0x241/0x360
[ 1038.007910][T17859]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1038.013141][T17859]  ? __pfx__printk+0x10/0x10
[ 1038.017759][T17859]  ? __pfx_lock_release+0x10/0x10
[ 1038.022910][T17859]  should_fail_ex+0x3b0/0x4e0
[ 1038.027699][T17859]  _copy_from_user+0x2f/0xc0
[ 1038.032318][T17859]  memdup_user+0x64/0xc0
[ 1038.036585][T17859]  i2cdev_ioctl_rdwr+0x1b7/0x710
[ 1038.041553][T17859]  i2cdev_ioctl+0x759/0x9f0
[ 1038.046088][T17859]  ? __pfx_i2cdev_ioctl+0x10/0x10
[ 1038.051149][T17859]  ? __fget_files+0x2a/0x410
[ 1038.055765][T17859]  ? __pfx_i2cdev_ioctl+0x10/0x10
[ 1038.060821][T17859]  __se_sys_ioctl+0xf5/0x170
[ 1038.065447][T17859]  do_syscall_64+0xf3/0x230
[ 1038.069987][T17859]  ? clear_bhb_loop+0x35/0x90
[ 1038.074696][T17859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.080636][T17859] RIP: 0033:0x7f52ebb85d19
[ 1038.085087][T17859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1038.104920][T17859] RSP: 002b:00007f52ec96b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1038.113371][T17859] RAX: ffffffffffffffda RBX: 00007f52ebd75fa0 RCX: 00007f52ebb85d19
[ 1038.121382][T17859] RDX: 0000000020000340 RSI: 0000000000000707 RDI: 0000000000000003
[ 1038.129381][T17859] RBP: 00007f52ec96b090 R08: 0000000000000000 R09: 0000000000000000
[ 1038.137369][T17859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1038.145368][T17859] R13: 0000000000000000 R14: 00007f52ebd75fa0 R15: 00007fffddde2c08
[ 1038.153826][T17859]  </TASK>
[ 1038.156960][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1038.170752][ T3564] hsr_slave_0: left promiscuous mode
[ 1038.198206][ T3564] hsr_slave_1: left promiscuous mode
[ 1038.209404][ T3564] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1038.217043][ T3564] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1038.275945][ T3564] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1038.284486][ T3564] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1038.309440][ T3564] veth1_macvtap: left promiscuous mode
[ 1038.315028][ T3564] veth0_macvtap: left promiscuous mode
[ 1038.320757][ T3564] veth1_vlan: left promiscuous mode
[ 1038.326061][ T3564] veth0_vlan: left promiscuous mode
[ 1038.890277][T17877] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1038.925069][T17877] CIFS mount error: No usable UNC path provided in device string!
[ 1038.925069][T17877] 
[ 1038.944277][T17877] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1039.862408][ T3564] team0 (unregistering): Port device team_slave_1 removed
[ 1039.885278][ T5826] Bluetooth: hci2: command tx timeout
[ 1039.944488][ T3564] team0 (unregistering): Port device team_slave_0 removed
[ 1040.654456][T17802] chnl_net:caif_netlink_parms(): no params data found
[ 1040.681998][T17872] syz_tun: entered allmulticast mode
[ 1040.754864][T17872] syz_tun: left allmulticast mode
[ 1041.699816][T17881] delete_channel: no stack
[ 1041.827103][T17802] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1041.838427][T17802] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1041.845924][T17802] bridge_slave_0: entered allmulticast mode
[ 1041.871884][T17802] bridge_slave_0: entered promiscuous mode
[ 1041.892210][T17802] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1041.899779][T17802] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.942131][T17802] bridge_slave_1: entered allmulticast mode
[ 1041.974535][T17802] bridge_slave_1: entered promiscuous mode
[ 1042.135752][T17802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1042.365640][T17802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1042.505054][ T3564] IPVS: stop unused estimator thread 0...
[ 1042.891952][T17802] team0: Port device team_slave_0 added
[ 1042.909039][T17802] team0: Port device team_slave_1 added
[ 1043.004225][T17802] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1043.051187][T17802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1043.412295][T17802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1043.464258][T17802] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1043.477266][T17802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1043.504457][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1043.511675][T17802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1043.774506][T17915] netlink: 108 bytes leftover after parsing attributes in process `syz.5.3288'.
[ 1044.381039][ T5921] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1044.727533][ T5921] usb 2-1: Using ep0 maxpacket: 16
[ 1044.743933][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1044.758525][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1044.780881][ T5921] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1044.790749][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1044.802591][ T5921] usb 2-1: config 0 descriptor??
[ 1044.855563][T17802] hsr_slave_0: entered promiscuous mode
[ 1044.864336][T17802] hsr_slave_1: entered promiscuous mode
[ 1044.879183][T17802] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1044.897747][T17802] Cannot create hsr debugfs directory
[ 1045.420029][ T5921] usbhid 2-1:0.0: can't add hid device: -71
[ 1045.448212][ T5921] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1045.464268][ T5921] usb 2-1: USB disconnect, device number 60
[ 1045.968234][T17926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3292'.
[ 1046.112616][T17802] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1046.215712][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[ 1046.222230][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.230124][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.237995][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.245956][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.253858][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.261785][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.269685][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.277618][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.285671][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.293607][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.301499][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.309454][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.317336][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.325283][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.333183][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.341165][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.349102][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.357004][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.364916][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.372851][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.380752][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.388682][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.396531][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.404494][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.412380][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.420360][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.430698][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.430778][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.446459][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.454548][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.462533][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.470597][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.478627][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.486720][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.494711][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1046.502867][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1046.510824][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1047.029552][T17802] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1047.050993][T17802] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1047.093287][T17802] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1047.423457][T17802] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1047.521251][T17802] 8021q: adding VLAN 0 to HW filter on device team0
[ 1047.562312][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.569485][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.600541][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.607745][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1048.539489][T17955] overlayfs: overlapping lowerdir path
[ 1048.831029][T17957] overlayfs: overlapping lowerdir path
[ 1050.742157][T17802] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1050.900587][T17802] veth0_vlan: entered promiscuous mode
[ 1051.009950][T18002] binder: 17993:18002 unknown command 0
[ 1051.015677][T18002] binder: 17993:18002 ioctl c0306201 20000040 returned -22
[ 1051.036203][T17802] veth1_vlan: entered promiscuous mode
[ 1051.044903][T17997] binder: 17993:17997 ioctl 4020ae46 20000000 returned -22
[ 1051.094649][T17802] veth0_macvtap: entered promiscuous mode
[ 1051.109119][T17802] veth1_macvtap: entered promiscuous mode
[ 1051.144724][T17802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1051.177603][T17802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.198110][ T5912] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 1051.206803][T17802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1051.222027][T17802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.232189][T17802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1051.246291][T17802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.339561][T17802] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1051.377529][ T5912] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1051.381689][T17802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.401617][ T5912] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1051.428918][  T975] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1051.438281][T17802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.450274][T17802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.492272][ T5912] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1051.584395][ T5912] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1051.608390][T17802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.616265][ T5912] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1051.626773][T17802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.627940][  T975] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1051.645210][T17802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.663711][  T975] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[ 1051.694382][ T5912] usb 3-1: config 0 descriptor??
[ 1051.716836][  T975] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1051.773658][  T975] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1051.785283][  T975] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[ 1051.795592][  T975] usb 2-1: Product: syz
[ 1051.803246][  T975] usb 2-1: Manufacturer: syz
[ 1051.809703][  T975] usb 2-1: SerialNumber: syz
[ 1051.810436][T17802] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1051.873324][  T975] cdc_mbim 2-1:1.0: skipping garbage
[ 1052.060066][T18004] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1052.109938][T17802] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1052.130663][T17802] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1052.141034][T17802] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1052.150280][T17802] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1052.265326][T18011] mac80211_hwsim hwsim8 wlan0: left allmulticast mode
[ 1052.274193][T18011] mac80211_hwsim hwsim8 wlan0: left promiscuous mode
[ 1052.429344][T18011] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1052.435338][T18011] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1052.508711][T18011] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1052.514930][T18011] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1052.700326][T18004] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1052.709939][T18011] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1052.717559][T18011] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1052.806280][T18011] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1052.813522][T18011] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1052.908987][  T975] cdc_mbim 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1052.915683][  T975] cdc_mbim 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[ 1052.924886][  T975] cdc_mbim 2-1:1.0: setting rx_max = 2048
[ 1052.931520][ T5912] usbhid 3-1:0.0: can't add hid device: -71
[ 1052.938116][ T5912] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1052.950827][ T5912] usb 3-1: USB disconnect, device number 67
[ 1053.028824][ T7602] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1053.056018][ T7602] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1053.075943][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1053.101299][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1053.133297][  T975] cdc_mbim 2-1:1.0: setting tx_max = 184
[ 1053.177084][  T975] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1053.215431][  T975] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1053.248949][  T975] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[ 1053.266674][  T975] usb 2-1: USB disconnect, device number 61
[ 1053.742255][  T120] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1053.949237][  T120] usb 4-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[ 1053.960475][  T120] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 184
[ 1053.994316][  T120] usb 4-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[ 1054.027204][  T120] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1054.081059][  T120] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[ 1054.657930][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.664632][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.224492][  T120] gspca_sn9c2028: read1 error -32
[ 1055.232005][  T120] gspca_sn9c2028: read1 error -32
[ 1055.419553][T18043] vxcan1: entered promiscuous mode
[ 1055.425618][T18043] vlan4: entered promiscuous mode
[ 1055.477277][   T46] usb 4-1: USB disconnect, device number 80
[ 1055.535008][T18046] FAULT_INJECTION: forcing a failure.
[ 1055.535008][T18046] name failslab, interval 1, probability 0, space 0, times 0
[ 1055.548310][T18046] CPU: 0 UID: 0 PID: 18046 Comm: syz.1.3325 Not tainted 6.13.0-rc3-syzkaller #0
[ 1055.557378][T18046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1055.567480][T18046] Call Trace:
[ 1055.570800][T18046]  <TASK>
[ 1055.573750][T18046]  dump_stack_lvl+0x241/0x360
[ 1055.578466][T18046]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1055.583714][T18046]  should_fail_ex+0x3b0/0x4e0
[ 1055.588437][T18046]  should_failslab+0xac/0x100
[ 1055.593151][T18046]  __kmalloc_noprof+0xdd/0x4c0
[ 1055.597948][T18046]  ? cap_capable+0x1b4/0x250
[ 1055.602565][T18046]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[ 1055.608845][T18046]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[ 1055.614948][T18046]  genl_rcv_msg+0x802/0xec0
[ 1055.618529][T18043] vxcan1: left promiscuous mode
[ 1055.619471][T18046]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1055.629370][T18046]  ? mark_lock+0x9a/0x360
[ 1055.633740][T18046]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1055.639754][T18046]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1055.646120][T18046]  ? irqentry_exit+0x63/0x90
[ 1055.650741][T18046]  ? lockdep_hardirqs_on+0x99/0x150
[ 1055.655974][T18046]  ? __pfx_ncsi_clear_interface_nl+0x10/0x10
[ 1055.661998][T18046]  ? netlink_rcv_skb+0x92/0x430
[ 1055.666883][T18046]  netlink_rcv_skb+0x1e3/0x430
[ 1055.671684][T18046]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1055.676746][T18046]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1055.682075][T18046]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1055.687311][T18046]  ? netlink_deliver_tap+0x5f/0x1b0
[ 1055.692544][T18046]  genl_rcv+0x28/0x40
[ 1055.696558][T18046]  netlink_unicast+0x7f6/0x990
[ 1055.701360][T18046]  ? __pfx_netlink_unicast+0x10/0x10
[ 1055.706680][T18046]  ? __virt_addr_valid+0x45f/0x530
[ 1055.711860][T18046]  ? __phys_addr_symbol+0x2f/0x70
[ 1055.716912][T18046]  ? __check_object_size+0x47a/0x730
[ 1055.722236][T18046]  netlink_sendmsg+0x8e4/0xcb0
[ 1055.727043][T18046]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1055.732362][T18046]  ? tomoyo_socket_sendmsg_permission+0x12e/0x420
[ 1055.738819][T18046]  ? __pfx_inet_sendmsg+0x10/0x10
[ 1055.743873][T18046]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1055.749184][T18046]  __sock_sendmsg+0x221/0x270
[ 1055.753897][T18046]  ____sys_sendmsg+0x52a/0x7e0
[ 1055.758700][T18046]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1055.764013][T18046]  ? __fget_files+0x2a/0x410
[ 1055.768644][T18046]  ? __fget_files+0x2a/0x410
[ 1055.773270][T18046]  __sys_sendmsg+0x269/0x350
[ 1055.777894][T18046]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1055.783058][T18046]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1055.789454][T18046]  do_syscall_64+0xf3/0x230
[ 1055.794012][T18046]  ? clear_bhb_loop+0x35/0x90
[ 1055.798724][T18046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1055.805102][T18046] RIP: 0033:0x7ff4e9785d19
[ 1055.809648][T18046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1055.829281][T18046] RSP: 002b:00007ff4ea50e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1055.837721][T18046] RAX: ffffffffffffffda RBX: 00007ff4e9976080 RCX: 00007ff4e9785d19
[ 1055.845777][T18046] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000007
[ 1055.853757][T18046] RBP: 00007ff4ea50e090 R08: 0000000000000000 R09: 0000000000000000
[ 1055.861749][T18046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1055.869767][T18046] R13: 0000000000000000 R14: 00007ff4e9976080 R15: 00007ffc0b259568
[ 1055.877779][T18046]  </TASK>
[ 1057.431701][T18068] FAULT_INJECTION: forcing a failure.
[ 1057.431701][T18068] name failslab, interval 1, probability 0, space 0, times 0
[ 1057.478281][T18068] CPU: 1 UID: 0 PID: 18068 Comm: syz.5.3333 Not tainted 6.13.0-rc3-syzkaller #0
[ 1057.487364][T18068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1057.497437][T18068] Call Trace:
[ 1057.500719][T18068]  <TASK>
[ 1057.503731][T18068]  dump_stack_lvl+0x241/0x360
[ 1057.508414][T18068]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1057.513611][T18068]  ? __pfx__printk+0x10/0x10
[ 1057.518201][T18068]  ? __kmalloc_cache_noprof+0x48/0x390
[ 1057.523828][T18068]  ? __pfx___might_resched+0x10/0x10
[ 1057.529116][T18068]  should_fail_ex+0x3b0/0x4e0
[ 1057.533793][T18068]  should_failslab+0xac/0x100
[ 1057.538472][T18068]  __kmalloc_cache_noprof+0x70/0x390
[ 1057.543751][T18068]  ? genl_start+0x1cb/0x6d0
[ 1057.548268][T18068]  genl_start+0x1cb/0x6d0
[ 1057.552605][T18068]  __netlink_dump_start+0x45c/0x790
[ 1057.557811][T18068]  genl_rcv_msg+0x88c/0xec0
[ 1057.562330][T18068]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1057.567357][T18068]  ? __pfx_genl_start+0x10/0x10
[ 1057.572223][T18068]  ? __pfx_genl_dumpit+0x10/0x10
[ 1057.577162][T18068]  ? __pfx_genl_done+0x10/0x10
[ 1057.581937][T18068]  ? __pfx_lock_acquire+0x10/0x10
[ 1057.586992][T18068]  ? __pfx_ovs_vport_cmd_dump+0x10/0x10
[ 1057.592539][T18068]  ? __pfx___might_resched+0x10/0x10
[ 1057.597839][T18068]  netlink_rcv_skb+0x1e3/0x430
[ 1057.602602][T18068]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1057.607627][T18068]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1057.612919][T18068]  ? __netlink_deliver_tap+0x7aa/0x7f0
[ 1057.618385][T18068]  genl_rcv+0x28/0x40
[ 1057.622363][T18068]  netlink_unicast+0x7f6/0x990
[ 1057.627131][T18068]  ? __pfx_netlink_unicast+0x10/0x10
[ 1057.632417][T18068]  ? __virt_addr_valid+0x45f/0x530
[ 1057.637532][T18068]  ? __phys_addr_symbol+0x2f/0x70
[ 1057.642563][T18068]  ? __check_object_size+0x47a/0x730
[ 1057.647855][T18068]  netlink_sendmsg+0x8e4/0xcb0
[ 1057.652637][T18068]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1057.657929][T18068]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1057.663207][T18068]  __sock_sendmsg+0x221/0x270
[ 1057.667890][T18068]  ____sys_sendmsg+0x52a/0x7e0
[ 1057.672660][T18068]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1057.677937][T18068]  ? __fget_files+0x2a/0x410
[ 1057.682523][T18068]  ? __fget_files+0x2a/0x410
[ 1057.687113][T18068]  __sys_sendmsg+0x269/0x350
[ 1057.691698][T18068]  ? __pfx_lock_release+0x10/0x10
[ 1057.696720][T18068]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1057.701838][T18068]  ? __pfx_vfs_write+0x10/0x10
[ 1057.706618][T18068]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1057.712939][T18068]  ? do_syscall_64+0x100/0x230
[ 1057.717706][T18068]  ? do_syscall_64+0xb6/0x230
[ 1057.722382][T18068]  do_syscall_64+0xf3/0x230
[ 1057.726882][T18068]  ? clear_bhb_loop+0x35/0x90
[ 1057.731556][T18068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1057.737454][T18068] RIP: 0033:0x7fe152385d19
[ 1057.741889][T18068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1057.761497][T18068] RSP: 002b:00007fe153239038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1057.769914][T18068] RAX: ffffffffffffffda RBX: 00007fe152575fa0 RCX: 00007fe152385d19
[ 1057.777886][T18068] RDX: 000000000000c040 RSI: 0000000020000000 RDI: 0000000000000003
[ 1057.785851][T18068] RBP: 00007fe153239090 R08: 0000000000000000 R09: 0000000000000000
[ 1057.793817][T18068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1057.801803][T18068] R13: 0000000000000000 R14: 00007fe152575fa0 R15: 00007ffd2328b438
[ 1057.809812][T18068]  </TASK>
[ 1058.179564][ T5912] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1058.388733][ T5912] usb 4-1: Using ep0 maxpacket: 8
[ 1058.403276][ T5912] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1058.432314][ T5912] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1058.496937][ T5912] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.668191][T18079] netlink: 'syz.0.3339': attribute type 10 has an invalid length.
[ 1058.677443][ T5912] usb 4-1: config 0 descriptor??
[ 1058.691885][ T5912] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1058.699192][T18079] syz_tun: entered promiscuous mode
[ 1058.735290][T18079] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1058.915198][T18090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3343'.
[ 1059.114925][T18096] input: syz0 as /devices/virtual/input/input50
[ 1059.192155][   T46] usb 1-1: new full-speed USB device number 62 using dummy_hcd
[ 1060.381644][T18104] Cannot find set identified by id 0 to match
[ 1061.207292][T18107] »»»»»» speed is unknown, defaulting to 1000
[ 1061.417014][ T5912] gspca_vc032x: reg_w err -110
[ 1061.422229][ T5912] vc032x 4-1:0.0: probe with driver vc032x failed with error -110
[ 1062.125023][T14917] usb 4-1: USB disconnect, device number 81
[ 1062.841705][T18126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3355'.
[ 1063.027617][T18130] overlayfs: missing 'lowerdir'
[ 1063.071960][T18130] Process accounting resumed
[ 1063.834150][T18136] cgroup: fork rejected by pids controller in /syz0
[ 1068.080174][T18223] fuse: Bad value for 'user_id'
[ 1068.085080][T18223] fuse: Bad value for 'user_id'
[ 1068.236698][T18226] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3366'.
[ 1068.278033][   T46] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1068.296187][T18228] netlink: 'syz.2.3367': attribute type 1 has an invalid length.
[ 1068.437793][   T46] usb 1-1: Using ep0 maxpacket: 16
[ 1068.445998][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1068.475888][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1068.517266][   T46] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1068.550655][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1068.588647][   T46] usb 1-1: config 0 descriptor??
[ 1069.414090][T18242] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1069.515779][   T46] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.0018/input/input52
[ 1069.620556][   T46] appleir 0003:05AC:8241.0018: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[ 1071.552030][T18257] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1071.793193][   T46] usb 1-1: reset high-speed USB device number 63 using dummy_hcd
[ 1072.038305][ T5921] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1072.287626][ T5921] usb 2-1: Using ep0 maxpacket: 16
[ 1072.296017][T18270] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3378'.
[ 1072.327588][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1072.359158][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1072.387779][ T5921] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1072.396875][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1072.421064][ T5921] usb 2-1: config 0 descriptor??
[ 1072.587640][T18276] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3380'.
[ 1072.629633][T18276] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3380'.
[ 1072.859729][ T5921] usbhid 2-1:0.0: can't add hid device: -71
[ 1072.865772][ T5921] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1072.890194][ T5921] usb 2-1: USB disconnect, device number 62
[ 1072.917670][   T46] usb 1-1: device descriptor read/64, error -71
[ 1073.158602][   T46] usb 1-1: reset high-speed USB device number 63 using dummy_hcd
[ 1073.171900][   T46] usb 1-1: device reset changed ep0 maxpacket size!
[ 1073.205353][ T5912] usb 1-1: USB disconnect, device number 63
[ 1073.358365][ T5912] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 1073.614780][ T5912] usb 1-1: Using ep0 maxpacket: 32
[ 1074.606015][ T5912] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1074.621074][ T5912] usb 1-1: too many configurations: 76, using maximum allowed: 8
[ 1074.651053][ T5912] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1074.659034][ T5912] usb 1-1: can't read configurations, error -61
[ 1074.808211][ T5912] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 1074.977483][ T5912] usb 1-1: Using ep0 maxpacket: 32
[ 1074.993891][ T5912] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1075.010659][ T5912] usb 1-1: too many configurations: 76, using maximum allowed: 8
[ 1075.040243][ T5912] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1075.057557][ T5912] usb 1-1: can't read configurations, error -61
[ 1075.075822][ T5912] usb usb1-port1: attempt power cycle
[ 1075.475407][ T5912] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1075.874641][ T5912] usb 1-1: device descriptor read/8, error -71
[ 1076.725030][T18312] fuse: Bad value for 'user_id'
[ 1076.736665][T18312] fuse: Bad value for 'user_id'
[ 1077.025954][T18319] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1077.906766][T18320] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3393'.
[ 1078.329374][ T5872] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 1078.498090][ T5872] usb 3-1: Using ep0 maxpacket: 16
[ 1078.635313][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1078.655050][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1078.665534][ T5872] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1078.676372][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1079.344595][ T5872] usb 3-1: config 0 descriptor??
[ 1079.934072][ T5872] usbhid 3-1:0.0: can't add hid device: -71
[ 1079.940135][ T5872] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1079.953837][ T5872] usb 3-1: USB disconnect, device number 68
[ 1081.035111][T18352] vlan2: entered allmulticast mode
[ 1081.056180][T18352] bridge_slave_0: entered allmulticast mode
[ 1082.277508][ T5872] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1082.516155][ T5872] usb 2-1: Using ep0 maxpacket: 16
[ 1082.550540][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1082.577535][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1082.607539][ T5872] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1082.679433][  T975] usb 3-1: new full-speed USB device number 69 using dummy_hcd
[ 1082.722723][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1082.853021][ T5872] usb 2-1: config 0 descriptor??
[ 1082.893304][  T975] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1082.906951][  T975] usb 3-1: not running at top speed; connect to a high speed hub
[ 1082.921000][  T975] usb 3-1: config 163 has an invalid descriptor of length 0, skipping remainder of the config
[ 1082.933521][  T975] usb 3-1: config 163 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1082.952962][  T975] usb 3-1: config 163 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1083.017479][  T975] usb 3-1: config 163 interface 0 has no altsetting 0
[ 1083.057953][  T975] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1083.102304][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1083.124928][  T975] usb 3-1: Product: syz
[ 1083.139783][  T975] usb 3-1: Manufacturer: syz
[ 1083.152358][  T975] usb 3-1: SerialNumber: syz
[ 1083.316184][ T5872] usbhid 2-1:0.0: can't add hid device: -71
[ 1083.323507][ T5872] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1083.349934][ T5872] usb 2-1: USB disconnect, device number 63
[ 1083.388625][  T975] usb 3-1: bad CDC descriptors
[ 1083.397292][  T975] usb 3-1: USB disconnect, device number 69
[ 1085.976063][   T29] kauditd_printk_skb: 24 callbacks suppressed
[ 1085.976082][   T29] audit: type=1326 audit(1734357764.982:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18415 comm="syz.1.3422" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff4e9785d19 code=0x0
[ 1086.467746][ T5872] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1086.629472][ T5872] usb 4-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[ 1086.649015][ T5872] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 184
[ 1086.673109][ T5872] usb 4-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[ 1086.694700][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1086.712326][ T5872] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[ 1087.629845][ T5872] gspca_sn9c2028: read1 error -32
[ 1087.637655][ T5872] gspca_sn9c2028: read1 error -32
[ 1087.717658][ T5921] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1087.846881][  T975] usb 4-1: USB disconnect, device number 82
[ 1087.877891][ T5921] usb 2-1: Using ep0 maxpacket: 16
[ 1087.893984][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1087.924999][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1087.934920][ T5921] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1087.944271][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1087.960364][ T5921] usb 2-1: config 0 descriptor??
[ 1088.766584][ T5921] usbhid 2-1:0.0: can't add hid device: -71
[ 1088.869269][ T5921] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1089.069544][ T5921] usb 2-1: USB disconnect, device number 64
[ 1089.660327][T18441] input: syz1 as /devices/virtual/input/input53
[ 1091.407381][T18460] FAULT_INJECTION: forcing a failure.
[ 1091.407381][T18460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1091.420589][T18460] CPU: 1 UID: 0 PID: 18460 Comm: syz.3.3436 Not tainted 6.13.0-rc3-syzkaller #0
[ 1091.429634][T18460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1091.439703][T18460] Call Trace:
[ 1091.442995][T18460]  <TASK>
[ 1091.445936][T18460]  dump_stack_lvl+0x241/0x360
[ 1091.450640][T18460]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1091.455854][T18460]  ? __pfx__printk+0x10/0x10
[ 1091.460468][T18460]  should_fail_ex+0x3b0/0x4e0
[ 1091.465170][T18460]  _copy_from_user+0x2f/0xc0
[ 1091.469785][T18460]  move_addr_to_kernel+0x82/0x150
[ 1091.474829][T18460]  copy_msghdr_from_user+0x43e/0x680
[ 1091.480144][T18460]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1091.485964][T18460]  ? __fget_files+0x2a/0x410
[ 1091.490573][T18460]  ? __fget_files+0x2a/0x410
[ 1091.495190][T18460]  __sys_sendmsg+0x209/0x350
[ 1091.499803][T18460]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1091.504972][T18460]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1091.511314][T18460]  ? do_syscall_64+0x100/0x230
[ 1091.516104][T18460]  ? do_syscall_64+0xb6/0x230
[ 1091.520800][T18460]  do_syscall_64+0xf3/0x230
[ 1091.525324][T18460]  ? clear_bhb_loop+0x35/0x90
[ 1091.530017][T18460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1091.535935][T18460] RIP: 0033:0x7fd3b5985d19
[ 1091.540368][T18460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1091.559999][T18460] RSP: 002b:00007fd3b6760038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1091.568444][T18460] RAX: ffffffffffffffda RBX: 00007fd3b5b76160 RCX: 00007fd3b5985d19
[ 1091.576518][T18460] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 000000000000000d
[ 1091.584503][T18460] RBP: 00007fd3b6760090 R08: 0000000000000000 R09: 0000000000000000
[ 1091.592495][T18460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1091.600486][T18460] R13: 0000000000000000 R14: 00007fd3b5b76160 R15: 00007ffeff01c088
[ 1091.608490][T18460]  </TASK>
[ 1092.598082][ T5872] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1092.757078][T18468] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3440'.
[ 1092.776762][T18468] netlink: 'syz.1.3440': attribute type 25 has an invalid length.
[ 1092.787835][ T5872] usb 4-1: Using ep0 maxpacket: 16
[ 1092.791517][T18468] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1092.794728][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1092.801746][T18468] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1092.801799][T18468] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1092.801829][T18468] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1092.825492][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1092.884141][ T5872] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1092.903825][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1092.917730][ T5872] usb 4-1: config 0 descriptor??
[ 1093.332266][ T5872] usbhid 4-1:0.0: can't add hid device: -71
[ 1093.338712][ T5872] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1093.351717][ T5872] usb 4-1: USB disconnect, device number 83
[ 1094.809672][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1095.053857][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1095.112413][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1095.141484][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1095.153642][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1095.162788][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1095.322588][T18480] »»»»»» speed is unknown, defaulting to 1000
[ 1095.623819][   T46] IPVS: starting estimator thread 0...
[ 1095.787895][T18491] IPVS: using max 20 ests per chain, 48000 per kthread
[ 1096.432370][ T5826] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1096.445539][ T5826] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1096.455610][ T5826] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1096.469068][ T5826] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1096.478892][ T5826] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1096.487315][ T5826] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1097.220936][T18498] »»»»»» speed is unknown, defaulting to 1000
[ 1097.237570][   T54] Bluetooth: hci4: command tx timeout
[ 1097.250864][T18509] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3452'.
[ 1097.284752][T18480] chnl_net:caif_netlink_parms(): no params data found
[ 1097.511414][T18512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3454'.
[ 1098.031222][ T5921] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1098.248088][ T5921] usb 2-1: Using ep0 maxpacket: 16
[ 1098.256755][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1098.297989][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1098.475862][ T5921] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1098.485194][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1099.088897][ T5921] usb 2-1: config 0 descriptor??
[ 1099.172336][T18526] hsr0: entered promiscuous mode
[ 1099.188006][   T54] Bluetooth: hci6: command tx timeout
[ 1099.199331][T18480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1099.207222][T18480] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1099.244859][T18480] bridge_slave_0: entered allmulticast mode
[ 1099.278864][T18480] bridge_slave_0: entered promiscuous mode
[ 1099.308837][T18480] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1099.316032][T18480] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1099.323376][   T54] Bluetooth: hci4: command tx timeout
[ 1099.367945][T18480] bridge_slave_1: entered allmulticast mode
[ 1099.375051][T18480] bridge_slave_1: entered promiscuous mode
[ 1099.557996][ T5921] usbhid 2-1:0.0: can't add hid device: -71
[ 1099.564037][ T5921] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1099.609480][ T5921] usb 2-1: USB disconnect, device number 65
[ 1099.805596][T18480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1100.276574][T18480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1101.269222][   T54] Bluetooth: hci6: command tx timeout
[ 1101.368671][T18553] fuse: Bad value for 'user_id'
[ 1101.373588][T18553] fuse: Bad value for 'user_id'
[ 1101.397734][   T54] Bluetooth: hci4: command tx timeout
[ 1101.591486][T18480] team0: Port device team_slave_0 added
[ 1101.661455][T18480] team0: Port device team_slave_1 added
[ 1101.843947][T18557] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1102.635968][T18480] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1102.698728][T18480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1103.386379][   T54] Bluetooth: hci6: command tx timeout
[ 1103.406390][T18480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1103.479749][ T5826] Bluetooth: hci4: command tx timeout
[ 1103.490894][T18480] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1103.577434][T18480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1103.604467][T18480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1103.704942][T18559] infiniband syz2: set down
[ 1103.712156][T18559] infiniband syz2: added ipvlan0
[ 1103.718313][T18559] syz2: rxe_create_cq: returned err = -12
[ 1103.724201][T18559] infiniband syz2: Couldn't create ib_mad CQ
[ 1103.727855][T18498] chnl_net:caif_netlink_parms(): no params data found
[ 1103.732518][T18559] infiniband syz2: Couldn't open port 1
[ 1103.764722][T18559] RDS/IB: syz2: added
[ 1103.766032][T18480] hsr_slave_0: entered promiscuous mode
[ 1103.768947][T18559] smc: adding ib device syz2 with port count 1
[ 1103.781201][T18559] smc:    ib device syz2 port 1 has pnetid 
[ 1103.790139][T18480] hsr_slave_1: entered promiscuous mode
[ 1103.836630][T18480] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1103.856813][T18480] Cannot create hsr debugfs directory
[ 1103.987529][ T5921] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1104.137544][ T5921] usb 2-1: Using ep0 maxpacket: 16
[ 1104.164264][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1104.205107][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1104.249228][ T5921] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[ 1104.272340][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[ 1104.301776][ T5921] usb 2-1: Product: syz
[ 1104.306004][ T5921] usb 2-1: Manufacturer: syz
[ 1104.317577][ T5921] usb 2-1: SerialNumber: syz
[ 1104.399319][ T5921] usb 2-1: config 0 descriptor??
[ 1104.408365][ T5921] usb 2-1: NFC: intf ffff8880226db000 id ffffffff8f2fa260
[ 1104.612514][ T5921] usb 2-1: USB disconnect, device number 66
[ 1104.712837][T18498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1104.758145][T18498] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1104.765521][T18498] bridge_slave_0: entered allmulticast mode
[ 1104.778638][T18498] bridge_slave_0: entered promiscuous mode
[ 1104.887504][T18498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1104.894652][T18498] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1104.908266][T18498] bridge_slave_1: entered allmulticast mode
[ 1104.915378][T18498] bridge_slave_1: entered promiscuous mode
[ 1104.961502][T18480] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1105.356692][T18498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1105.394911][T18498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1105.524017][T18480] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1105.534414][T18480] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1105.560527][   T54] Bluetooth: hci6: command tx timeout
[ 1105.581480][T18480] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1105.631706][T18498] team0: Port device team_slave_0 added
[ 1105.663311][T18498] team0: Port device team_slave_1 added
[ 1105.747930][   T46] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1105.764423][T18498] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1105.781197][T18498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1105.820062][T18498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1105.864609][T18498] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1105.887510][T18498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1105.957977][   T46] usb 2-1: Using ep0 maxpacket: 16
[ 1105.959724][T18498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1105.968842][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1106.027499][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1106.037314][   T46] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1106.068055][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1106.098786][   T46] usb 2-1: config 0 descriptor??
[ 1106.143835][T18498] hsr_slave_0: entered promiscuous mode
[ 1106.170786][T18498] hsr_slave_1: entered promiscuous mode
[ 1106.207711][T18498] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1106.218626][T18498] Cannot create hsr debugfs directory
[ 1106.310108][T18480] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1106.421568][T18480] 8021q: adding VLAN 0 to HW filter on device team0
[ 1106.486235][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1106.493415][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1106.518798][   T46] usbhid 2-1:0.0: can't add hid device: -71
[ 1106.524835][   T46] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1106.551055][   T46] usb 2-1: USB disconnect, device number 67
[ 1106.576854][ T2207] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1106.584056][ T2207] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1106.865985][T18498] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1106.918900][T18498] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1106.940214][T18498] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1107.055822][T18498] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1107.169513][T18480] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1107.818195][T18498] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1107.835583][T18498] 8021q: adding VLAN 0 to HW filter on device team0
[ 1107.860209][ T2207] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1107.867375][ T2207] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1107.912391][ T2207] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1107.919590][ T2207] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1108.086259][T18498] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1108.446106][T18480] veth0_vlan: entered promiscuous mode
[ 1108.490619][T18480] veth1_vlan: entered promiscuous mode
[ 1108.579702][T18480] veth0_macvtap: entered promiscuous mode
[ 1108.613120][T18498] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1108.660473][T18480] veth1_macvtap: entered promiscuous mode
[ 1108.716215][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1108.830666][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.319716][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1109.461986][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.472067][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1109.507193][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.522393][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1109.537475][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.572695][T18480] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1109.597132][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1109.641842][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.676298][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1109.727897][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.760732][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1109.787604][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.817618][T18480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1109.847700][T18480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1109.879202][T18480] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1109.906227][T18480] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.948901][T18480] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.969346][T18480] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.980412][T18480] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1110.419035][  T120] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1110.824146][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1110.832529][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1110.840307][  T120] usb 2-1: Using ep0 maxpacket: 16
[ 1110.911891][  T120] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1110.926058][  T120] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1110.944420][  T120] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1110.947625][ T7602] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1110.956083][  T120] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.981718][  T120] usb 2-1: config 0 descriptor??
[ 1110.988064][ T7602] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1111.034264][T18498] veth0_vlan: entered promiscuous mode
[ 1111.074474][T18498] veth1_vlan: entered promiscuous mode
[ 1111.169001][T18498] veth0_macvtap: entered promiscuous mode
[ 1111.179586][T18498] veth1_macvtap: entered promiscuous mode
[ 1111.196246][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1111.206953][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.217124][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1111.228024][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.238426][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1111.253369][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.263648][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1111.274722][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.285253][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1111.296096][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.307660][T18498] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1111.348778][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1111.367460][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.377461][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1111.380681][T18633] fuse: Bad value for 'user_id'
[ 1111.397598][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.414626][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1111.426568][T18633] fuse: Bad value for 'user_id'
[ 1111.437461][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.457458][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1111.477487][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.497416][T18498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1111.508059][T18498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1111.528534][T18498] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1111.735511][  T120] usbhid 2-1:0.0: can't add hid device: -71
[ 1111.758368][T18498] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1111.767141][T18498] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1111.776653][  T120] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1111.806248][T18633] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1111.810276][  T120] usb 2-1: USB disconnect, device number 68
[ 1111.847723][T18498] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1111.897597][T18498] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.225875][T18640] bridge_slave_0: left allmulticast mode
[ 1112.268919][T18640] bridge_slave_0: left promiscuous mode
[ 1112.274773][T18640] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1112.490611][T18640] bridge_slave_1: left allmulticast mode
[ 1112.496390][T18640] bridge_slave_1: left promiscuous mode
[ 1112.668841][T18640] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1112.859221][T18640] bond0: (slave bond_slave_0): Releasing backup interface
[ 1113.733902][T18655] trusted_key: encrypted_key: insufficient parameters specified
[ 1113.907950][T18640] bond0: (slave bond_slave_1): Releasing backup interface
[ 1114.500418][T18640] team0: Port device team_slave_0 removed
[ 1115.162402][T18640] team0: Port device team_slave_1 removed
[ 1115.179621][T18640] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1115.203386][T18640] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1115.224943][T18640] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1115.233382][T18640] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1115.314758][T18648] team0: Mode changed to "loadbalance"
[ 1115.338248][T18658] tipc: Started in network mode
[ 1115.355073][T18658] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1115.377609][T18658] tipc: Enabled bearer <eth:team0>, priority 0
[ 1115.716831][ T3015] tipc: Resetting bearer <eth:team0>
[ 1116.025191][T18681] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3492'.
[ 1116.063626][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.077220][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.450406][  T975] tipc: Node number set to 11578026
[ 1116.572163][T18684] fuse: Bad value for 'user_id'
[ 1116.577127][T18684] fuse: Bad value for 'user_id'
[ 1117.608757][T18693] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1118.219905][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1118.237799][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1118.626850][T15171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1118.634983][T15171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1119.048628][T18701] fuse: Unknown parameter 'f'
[ 1119.285916][  T975] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1120.127938][  T975] usb 3-1: Using ep0 maxpacket: 16
[ 1120.854433][  T975] usb 3-1: device descriptor read/all, error -71
[ 1121.514917][   T29] audit: type=1800 audit(1734357799.552:464): pid=18710 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.3499" name="bus" dev="overlay" ino=771 res=0 errno=0
[ 1125.196467][T18741] fuse: Unknown parameter 'f'
[ 1126.397541][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1126.577604][    T9] usb 8-1: Using ep0 maxpacket: 16
[ 1126.637052][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1126.667566][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1126.697614][    T9] usb 8-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1126.716580][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1126.750391][    T9] usb 8-1: config 0 descriptor??
[ 1127.308567][    T9] usbhid 8-1:0.0: can't add hid device: -71
[ 1127.314764][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1127.347879][    T9] usb 8-1: USB disconnect, device number 2
[ 1127.579221][ T5912] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1128.521029][ T5912] usb 2-1: Using ep0 maxpacket: 32
[ 1128.547765][ T5912] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1128.557266][ T5912] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1128.637159][ T5912] usb 2-1: config 0 descriptor??
[ 1129.074786][ T5912] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1129.718293][ T5912] gspca_nw80x: reg_w err -71
[ 1129.723813][ T5912] nw80x 2-1:0.0: probe with driver nw80x failed with error -71
[ 1129.748424][ T5912] usb 2-1: USB disconnect, device number 69
[ 1131.277966][ T5870] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1131.449780][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1131.506952][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1131.554435][ T5870] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 1131.606128][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.697272][ T5870] usb 3-1: config 0 descriptor??
[ 1132.100181][T18786] netlink: 'syz.6.3522': attribute type 1 has an invalid length.
[ 1132.550263][ T5870] usbhid 3-1:0.0: can't add hid device: -71
[ 1132.556378][ T5870] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1132.600166][ T5870] usb 3-1: USB disconnect, device number 72
[ 1132.827550][  T975] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1132.989644][  T975] usb 4-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 255, changing to 11
[ 1133.017711][  T975] usb 4-1: config 0 interface 0 altsetting 12 endpoint 0x87 has invalid maxpacket 59390, setting to 1024
[ 1133.070322][  T975] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1133.570849][  T975] usb 4-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[ 1133.580777][  T975] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1133.589081][  T975] usb 4-1: Product: syz
[ 1133.593382][  T975] usb 4-1: Manufacturer: syz
[ 1133.598177][  T975] usb 4-1: SerialNumber: syz
[ 1133.629400][ T5870] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1133.797133][  T975] usb 4-1: config 0 descriptor??
[ 1134.237900][T18800] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1134.302782][  T975] keyspan 4-1:0.0: Keyspan 2 port adapter converter detected
[ 1134.310488][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 7
[ 1134.325981][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 81
[ 1134.337707][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 1
[ 1134.347530][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 2
[ 1134.355177][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 85
[ 1134.363824][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 5
[ 1134.373755][  T975] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[ 1134.382762][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 83
[ 1134.391126][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 3
[ 1134.399099][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 4
[ 1134.406721][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 86
[ 1134.414593][  T975] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 6
[ 1134.424947][  T975] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[ 1134.458039][    T9] usb 4-1: USB disconnect, device number 84
[ 1134.528422][    T9] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[ 1134.581638][    T9] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[ 1134.686188][    T9] keyspan 4-1:0.0: device disconnected
[ 1134.699584][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1134.710714][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1134.720784][ T5870] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 1134.730743][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.745632][ T5870] usb 3-1: config 0 descriptor??
[ 1135.936830][ T5870] usbhid 3-1:0.0: can't add hid device: -71
[ 1135.943550][ T5870] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1135.954150][ T5870] usb 3-1: USB disconnect, device number 73
[ 1136.845787][T18835] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1136.852010][T18835] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1136.951968][T18835] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1137.095950][T18845] erofs (device nbd3): cannot find valid erofs superblock
[ 1137.238883][T18835] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1137.252497][T18835] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1137.320311][T18835] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1137.599038][T18862] fuse: Unknown parameter 'f'
[ 1138.208125][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1138.464132][T18880] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3541'.
[ 1138.525360][T14917] hid-generic 0600:0000:5000080.0019: item fetching failed at offset 7/8
[ 1138.547843][T14917] hid-generic 0600:0000:5000080.0019: probe with driver hid-generic failed with error -22
[ 1139.038439][ T5872] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1139.177645][ T5872] usb 3-1: device descriptor read/64, error -71
[ 1139.317845][   T54] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1139.417498][ T5872] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1140.427476][ T5872] usb 3-1: device descriptor read/64, error -71
[ 1140.442384][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1140.538176][ T5872] usb usb3-port1: attempt power cycle
[ 1140.547440][ T5870] IPVS: starting estimator thread 0...
[ 1140.700778][T18894] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1141.007515][  T120] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1141.015260][ T5872] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1141.048339][ T5872] usb 3-1: device descriptor read/8, error -71
[ 1141.170436][  T120] usb 8-1: Using ep0 maxpacket: 16
[ 1141.189697][  T120] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1141.234958][  T120] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1141.312299][  T120] usb 8-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1141.352094][  T120] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1141.382986][  T120] usb 8-1: config 0 descriptor??
[ 1141.398289][T16320] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1141.578831][T18904] loop4: detected capacity change from 0 to 2
[ 1141.809920][  T120] usbhid 8-1:0.0: can't add hid device: -71
[ 1141.836440][  T120] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1141.867062][  T120] usb 8-1: USB disconnect, device number 3
[ 1142.604371][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1143.417980][ T5870] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1143.477530][   T54] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1143.580723][ T5870] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1143.603365][ T5870] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1143.674370][ T5870] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1143.761360][ T5870] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1143.832652][T18918] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1143.898168][ T5870] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[ 1145.206595][T18932] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1145.497772][T18938] fuse: Unknown parameter 'f'
[ 1145.608037][   T54] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1145.676740][ T5872] usb 8-1: USB disconnect, device number 4
[ 1146.569939][T18958] FAULT_INJECTION: forcing a failure.
[ 1146.569939][T18958] name failslab, interval 1, probability 0, space 0, times 0
[ 1146.583673][T18958] CPU: 0 UID: 0 PID: 18958 Comm: syz.2.3566 Not tainted 6.13.0-rc3-syzkaller #0
[ 1146.592740][T18958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1146.602851][T18958] Call Trace:
[ 1146.606152][T18958]  <TASK>
[ 1146.609118][T18958]  dump_stack_lvl+0x241/0x360
[ 1146.613832][T18958]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1146.619060][T18958]  ? __pfx__printk+0x10/0x10
[ 1146.623679][T18958]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[ 1146.629686][T18958]  ? __pfx___might_resched+0x10/0x10
[ 1146.635356][T18958]  should_fail_ex+0x3b0/0x4e0
[ 1146.640064][T18958]  should_failslab+0xac/0x100
[ 1146.644792][T18958]  kmem_cache_alloc_node_noprof+0x77/0x380
[ 1146.650624][T18958]  ? __alloc_skb+0x1c3/0x440
[ 1146.655239][T18958]  ? __inet_diag_dump_start+0x9d/0xa50
[ 1146.660736][T18958]  __alloc_skb+0x1c3/0x440
[ 1146.665183][T18958]  ? __sys_sendmsg+0x269/0x350
[ 1146.669976][T18958]  ? do_syscall_64+0xf3/0x230
[ 1146.674678][T18958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.680777][T18958]  ? __pfx___alloc_skb+0x10/0x10
[ 1146.685746][T18958]  netlink_dump+0x239/0xe10
[ 1146.690289][T18958]  ? __pfx_netlink_dump+0x10/0x10
[ 1146.695337][T18958]  ? cap_capable+0x1b4/0x250
[ 1146.699967][T18958]  ? ns_capable+0x8a/0xf0
[ 1146.704326][T18958]  ? __inet_diag_dump_start+0x8c9/0xa50
[ 1146.709912][T18958]  __netlink_dump_start+0x5a2/0x790
[ 1146.715145][T18958]  inet_diag_rcv_msg_compat+0x209/0x4e0
[ 1146.720985][T18958]  ? __pfx_inet_diag_rcv_msg_compat+0x10/0x10
[ 1146.727074][T18958]  ? sock_diag_rcv_msg+0xca/0x5f0
[ 1146.732127][T18958]  ? __pfx_lock_release+0x10/0x10
[ 1146.737186][T18958]  ? __pfx_inet_diag_dump_start_compat+0x10/0x10
[ 1146.743536][T18958]  ? __pfx_inet_diag_dump_compat+0x10/0x10
[ 1146.749369][T18958]  ? __pfx_inet_diag_dump_done+0x10/0x10
[ 1146.755042][T18958]  ? __pfx_inet_diag_rcv_msg_compat+0x10/0x10
[ 1146.761138][T18958]  sock_diag_rcv_msg+0x3dc/0x5f0
[ 1146.766112][T18958]  netlink_rcv_skb+0x1e3/0x430
[ 1146.770908][T18958]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[ 1146.776391][T18958]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1146.781722][T18958]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1146.786947][T18958]  netlink_unicast+0x7f6/0x990
[ 1146.791754][T18958]  ? __pfx_netlink_unicast+0x10/0x10
[ 1146.797066][T18958]  ? __virt_addr_valid+0x45f/0x530
[ 1146.802206][T18958]  ? __phys_addr_symbol+0x2f/0x70
[ 1146.807259][T18958]  ? __check_object_size+0x47a/0x730
[ 1146.812578][T18958]  netlink_sendmsg+0x8e4/0xcb0
[ 1146.817389][T18958]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1146.822723][T18958]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1146.828041][T18958]  __sock_sendmsg+0x221/0x270
[ 1146.832755][T18958]  ____sys_sendmsg+0x52a/0x7e0
[ 1146.837557][T18958]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1146.842869][T18958]  ? __fget_files+0x2a/0x410
[ 1146.847494][T18958]  ? __fget_files+0x2a/0x410
[ 1146.852120][T18958]  __sys_sendmsg+0x269/0x350
[ 1146.856741][T18958]  ? __pfx_lock_release+0x10/0x10
[ 1146.861798][T18958]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1146.866950][T18958]  ? __pfx_vfs_write+0x10/0x10
[ 1146.871765][T18958]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1146.878124][T18958]  ? do_syscall_64+0x100/0x230
[ 1146.882926][T18958]  ? do_syscall_64+0xb6/0x230
[ 1146.887635][T18958]  do_syscall_64+0xf3/0x230
[ 1146.892175][T18958]  ? clear_bhb_loop+0x35/0x90
[ 1146.896876][T18958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.902797][T18958] RIP: 0033:0x7f52ebb85d19
[ 1146.907237][T18958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1146.926874][T18958] RSP: 002b:00007f52ec96b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1146.935325][T18958] RAX: ffffffffffffffda RBX: 00007f52ebd75fa0 RCX: 00007f52ebb85d19
[ 1146.943341][T18958] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1146.951342][T18958] RBP: 00007f52ec96b090 R08: 0000000000000000 R09: 0000000000000000
[ 1146.959346][T18958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1146.967336][T18958] R13: 0000000000000000 R14: 00007f52ebd75fa0 R15: 00007fffddde2c08
[ 1146.975354][T18958]  </TASK>
[ 1147.364372][T18624] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1147.707450][T18624] usb 4-1: Using ep0 maxpacket: 16
[ 1147.716748][T18624] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1147.733036][T18624] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1147.782479][T18624] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1147.807996][T18624] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1147.858577][T18624] usb 4-1: config 0 descriptor??
[ 1149.025144][T18624] usbhid 4-1:0.0: can't add hid device: -71
[ 1149.031283][T18624] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1149.103845][T18624] usb 4-1: USB disconnect, device number 85
[ 1150.837656][T19039] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3570'.
[ 1152.294244][T19050] fuse: Unknown parameter 'f'
[ 1152.842636][  T975] usb 3-1: new full-speed USB device number 78 using dummy_hcd
[ 1153.167677][T19056] FAULT_INJECTION: forcing a failure.
[ 1153.167677][T19056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1153.207714][T19056] CPU: 0 UID: 0 PID: 19056 Comm: syz.7.3579 Not tainted 6.13.0-rc3-syzkaller #0
[ 1153.216796][T19056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1153.226955][T19056] Call Trace:
[ 1153.230250][T19056]  <TASK>
[ 1153.233195][T19056]  dump_stack_lvl+0x241/0x360
[ 1153.237898][T19056]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1153.243112][T19056]  ? __pfx__printk+0x10/0x10
[ 1153.247724][T19056]  ? kstrtouint_from_user+0x128/0x190
[ 1153.253112][T19056]  ? __pfx_lock_release+0x10/0x10
[ 1153.258174][T19056]  should_fail_ex+0x3b0/0x4e0
[ 1153.262917][T19056]  _copy_from_user+0x2f/0xc0
[ 1153.267521][T19056]  keyctl_dh_compute+0xb7/0x160
[ 1153.272395][T19056]  ? __pfx_keyctl_dh_compute+0x10/0x10
[ 1153.277961][T19056]  ? vfs_write+0x730/0xd30
[ 1153.282387][T19056]  __se_sys_keyctl+0x3f3/0x910
[ 1153.287153][T19056]  ? __mutex_unlock_slowpath+0x21e/0x790
[ 1153.292794][T19056]  ? __pfx___se_sys_keyctl+0x10/0x10
[ 1153.298080][T19056]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1153.304059][T19056]  ? __fget_files+0x2a/0x410
[ 1153.308651][T19056]  ? __fget_files+0x2a/0x410
[ 1153.313245][T19056]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1153.319231][T19056]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1153.325558][T19056]  ? do_syscall_64+0x100/0x230
[ 1153.330326][T19056]  ? __x64_sys_keyctl+0x20/0xc0
[ 1153.335177][T19056]  do_syscall_64+0xf3/0x230
[ 1153.339684][T19056]  ? clear_bhb_loop+0x35/0x90
[ 1153.344373][T19056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1153.350269][T19056] RIP: 0033:0x7f47f5785d19
[ 1153.354678][T19056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1153.374289][T19056] RSP: 002b:00007f47f35f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[ 1153.382715][T19056] RAX: ffffffffffffffda RBX: 00007f47f5976160 RCX: 00007f47f5785d19
[ 1153.390689][T19056] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000017
[ 1153.398666][T19056] RBP: 00007f47f35f6090 R08: 0000000020000180 R09: 0000000000000000
[ 1153.406639][T19056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1153.414610][T19056] R13: 0000000000000000 R14: 00007f47f5976160 R15: 00007ffe891407e8
[ 1153.422592][T19056]  </TASK>
[ 1153.425714][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1153.580711][  T975] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1153.601936][  T975] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1153.618344][  T975] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[ 1153.637917][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1153.655713][  T975] usb 3-1: SerialNumber: syz
[ 1153.778045][  T975] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[ 1153.807704][  T975] usb-storage 3-1:1.0: USB Mass Storage device detected
[ 1154.112576][  T975] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[ 1154.994347][  T975] scsi host1: usb-storage 3-1:1.0
[ 1158.199508][   T54] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1159.517605][ T5920] usb 3-1: USB disconnect, device number 78
[ 1159.678678][T19102] fuse: Bad value for 'fd'
[ 1161.413821][T19108] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1162.338033][T19110] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1163.863403][T19126] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3596'.
[ 1163.912230][T19126] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3596'.
[ 1165.805629][T19147] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3599'.
[ 1166.924591][T19158] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1171.666033][T19181] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1172.473932][T19191] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3614'.
[ 1172.581071][T19192] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3615'.
[ 1172.606135][T19192] Invalid source name
[ 1172.610573][T19192] UBIFS error (pid: 19192): cannot open "/dev/sr0", error -22
[ 1172.977675][T18624] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1173.053060][T19188] program syz.2.3613 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1174.414313][T19207] netlink: 'syz.1.3621': attribute type 11 has an invalid length.
[ 1174.498100][T18624] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82
[ 1174.519983][T18624] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1174.539632][T18624] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1174.557451][T18624] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1174.617955][T18624] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[ 1174.627707][T18624] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1174.636263][T18624] usb 4-1: Product: syz
[ 1174.648634][T18624] usb 4-1: Manufacturer: syz
[ 1174.663811][T18624] usb 4-1: SerialNumber: syz
[ 1174.679105][T19211] fuse: Unknown parameter 'f'
[ 1174.689674][T18624] usb 4-1: config 0 descriptor??
[ 1174.708846][T18624] redrat3 4-1:0.0: Couldn't find all endpoints
[ 1177.502535][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.509039][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.404968][ T5912] usb 4-1: USB disconnect, device number 86
[ 1178.511825][T19236] netlink: 47 bytes leftover after parsing attributes in process `syz.6.3631'.
[ 1178.529232][T19236] input: syz0 as /devices/virtual/input/input55
[ 1181.052622][T19253] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3632'.
[ 1182.477250][T19252] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[ 1182.483825][T19252] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1182.491773][T19252] vhci_hcd vhci_hcd.0: Device attached
[ 1182.620915][T19256] vhci_hcd: connection closed
[ 1182.667512][ T2207] vhci_hcd: stop threads
[ 1182.681816][ T2207] vhci_hcd: release socket
[ 1182.691473][ T2207] vhci_hcd: disconnect device
[ 1183.077884][T19267] netlink: 108 bytes leftover after parsing attributes in process `syz.1.3635'.
[ 1183.866273][T19269] can: request_module (can-proto-3) failed.
[ 1188.145040][T19311] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[ 1188.151623][T19311] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1188.159251][T19311] vhci_hcd vhci_hcd.0: Device attached
[ 1188.160494][T19313] vhci_hcd: connection closed
[ 1188.167206][ T2207] vhci_hcd: stop threads
[ 1188.176551][ T2207] vhci_hcd: release socket
[ 1188.193327][ T2207] vhci_hcd: disconnect device
[ 1189.881161][T19325] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3651'.
[ 1190.118731][T19325] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3651'.
[ 1190.127971][  T975] IPVS: starting estimator thread 0...
[ 1190.217551][T19346] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1191.067512][  T975] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1191.219739][  T975] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1191.261402][  T975] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1191.300161][  T975] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1191.325847][  T975] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1191.356217][  T975] usb 8-1: Product: syz
[ 1191.366290][  T975] usb 8-1: Manufacturer: syz
[ 1191.377491][  T975] usb 8-1: SerialNumber: syz
[ 1192.904329][  T975] cdc_ncm 8-1:1.0: bind() failure
[ 1193.317413][  T975] cdc_ncm 8-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1193.418671][  T975] cdc_mbim 8-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1193.447986][  T975] usbtest 8-1:1.1: probe with driver usbtest failed with error -71
[ 1193.474561][  T975] usb 8-1: USB disconnect, device number 5
[ 1193.492171][T19371] FAULT_INJECTION: forcing a failure.
[ 1193.492171][T19371] name failslab, interval 1, probability 0, space 0, times 0
[ 1193.506497][T19371] CPU: 1 UID: 0 PID: 19371 Comm: syz.2.3664 Not tainted 6.13.0-rc3-syzkaller #0
[ 1193.515558][T19371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1193.525632][T19371] Call Trace:
[ 1193.528907][T19371]  <TASK>
[ 1193.531828][T19371]  dump_stack_lvl+0x241/0x360
[ 1193.536507][T19371]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1193.541707][T19371]  ? __pfx__printk+0x10/0x10
[ 1193.546296][T19371]  ? kmem_cache_alloc_noprof+0x48/0x380
[ 1193.551867][T19371]  ? __pfx___might_resched+0x10/0x10
[ 1193.557178][T19371]  should_fail_ex+0x3b0/0x4e0
[ 1193.561876][T19371]  should_failslab+0xac/0x100
[ 1193.566552][T19371]  ? __pmd_alloc+0x10b/0x670
[ 1193.571139][T19371]  kmem_cache_alloc_noprof+0x70/0x380
[ 1193.576512][T19371]  __pmd_alloc+0x10b/0x670
[ 1193.580943][T19371]  ? __pfx___pmd_alloc+0x10/0x10
[ 1193.585923][T19371]  handle_mm_fault+0xea7/0x1ad0
[ 1193.590813][T19371]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1193.596128][T19371]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1193.601425][T19371]  exc_page_fault+0x2b9/0x8b0
[ 1193.606107][T19371]  ? __might_fault+0xaa/0x120
[ 1193.610823][T19371]  asm_exc_page_fault+0x26/0x30
[ 1193.615693][T19371] RIP: 0010:rep_movs_alternative+0x4a/0x70
[ 1193.621531][T19371] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[ 1193.641145][T19371] RSP: 0018:ffffc90004827c48 EFLAGS: 00050202
[ 1193.647220][T19371] RAX: ffffffff84ba6001 RBX: 00000000200007c6 RCX: 0000000000000186
[ 1193.655277][T19371] RDX: 0000000000000000 RSI: ffffc90004827cc0 RDI: 0000000020000640
[ 1193.663247][T19371] RBP: ffffc90004827f00 R08: 0000000000000005 R09: fffff52000904fc8
[ 1193.671217][T19371] R10: dffffc0000000000 R11: fffff52000904fc8 R12: 0000000000000186
[ 1193.679186][T19371] R13: 00007ffffffff000 R14: ffffc90004827cc0 R15: 0000000020000640
[ 1193.687161][T19371]  ? _copy_from_user+0x91/0xc0
[ 1193.691938][T19371]  _copy_to_user+0x8b/0xb0
[ 1193.696356][T19371]  __se_sys_newuname+0x108/0x250
[ 1193.701297][T19371]  ? __pfx___se_sys_newuname+0x10/0x10
[ 1193.706769][T19371]  ? vfs_write+0x730/0xd30
[ 1193.711231][T19371]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1193.717558][T19371]  ? do_syscall_64+0x100/0x230
[ 1193.722331][T19371]  ? do_syscall_64+0xb6/0x230
[ 1193.727042][T19371]  do_syscall_64+0xf3/0x230
[ 1193.731573][T19371]  ? clear_bhb_loop+0x35/0x90
[ 1193.736266][T19371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.742174][T19371] RIP: 0033:0x7f52ebb85d19
[ 1193.746593][T19371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1193.766202][T19371] RSP: 002b:00007f52ec96b038 EFLAGS: 00000246 ORIG_RAX: 000000000000003f
[ 1193.774623][T19371] RAX: ffffffffffffffda RBX: 00007f52ebd75fa0 RCX: 00007f52ebb85d19
[ 1193.782594][T19371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000640
[ 1193.790582][T19371] RBP: 00007f52ec96b090 R08: 0000000000000000 R09: 0000000000000000
[ 1193.798564][T19371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1193.806543][T19371] R13: 0000000000000000 R14: 00007f52ebd75fa0 R15: 00007fffddde2c08
[ 1193.814531][T19371]  </TASK>
[ 1194.397467][T19333] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1194.557586][T19333] usb 3-1: Using ep0 maxpacket: 16
[ 1194.602801][T19381] tmpfs: Unknown parameter 'hÿ[]'
[ 1194.638642][T19333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1194.769374][T19333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1194.796954][T19333] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[ 1194.807453][T19333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1194.923190][T19333] usb 3-1: config 0 descriptor??
[ 1197.620481][T19406] netlink: 108 bytes leftover after parsing attributes in process `syz.1.3676'.
[ 1198.706404][T19412] fuse: Unknown parameter 'f'
[ 1199.701889][  T120] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1199.888446][  T120] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1199.927501][  T120] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1199.990946][  T120] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1200.054801][  T120] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1200.086284][  T120] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1200.118594][  T120] usb 8-1: config 0 descriptor??
[ 1200.163173][T19437] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3690'.
[ 1200.295134][T19333] usbhid 3-1:0.0: can't add hid device: -32
[ 1200.312294][T19333] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[ 1200.529864][  T120] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[ 1200.575081][  T120] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[ 1200.642527][  T120] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[ 1200.712030][  T120] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[ 1200.794512][T19422] 9pnet_fd: Insufficient options for proto=fd
[ 1200.805227][  T975] usb 3-1: USB disconnect, device number 79
[ 1200.832580][T19333] usb 8-1: USB disconnect, device number 6
[ 1202.728900][T19478] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3701'.
[ 1203.229174][T19333] usb 3-1: new low-speed USB device number 80 using dummy_hcd
[ 1203.937128][T19491] netlink: 'syz.6.3705': attribute type 1 has an invalid length.
[ 1203.988876][T19491] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1203.996180][T19491] IPv6: NLM_F_CREATE should be set when creating new route
[ 1204.068274][T19333] usb 3-1: Invalid ep0 maxpacket: 16
[ 1204.201654][T19496] mac80211_hwsim hwsim36 wlan1: entered promiscuous mode
[ 1204.209213][T19496] mac80211_hwsim hwsim36 wlan1: entered allmulticast mode
[ 1204.218609][T19333] usb 3-1: new low-speed USB device number 81 using dummy_hcd
[ 1204.368124][T19333] usb 3-1: Invalid ep0 maxpacket: 16
[ 1204.374595][T19333] usb usb3-port1: attempt power cycle
[ 1204.718027][T19333] usb 3-1: new low-speed USB device number 82 using dummy_hcd
[ 1204.741525][T19333] usb 3-1: Invalid ep0 maxpacket: 16
[ 1204.880814][T19333] usb 3-1: new low-speed USB device number 83 using dummy_hcd
[ 1204.911390][T19333] usb 3-1: Invalid ep0 maxpacket: 16
[ 1204.920746][T19333] usb usb3-port1: unable to enumerate USB device
[ 1207.623828][T19542] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3722'.
[ 1211.808561][T19557] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3728'.
[ 1214.736517][T19603] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3740'.
[ 1214.789243][T19603] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3740'.
[ 1221.458157][T19668] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3756'.
[ 1221.508075][T19668] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3756'.
[ 1223.889148][T19693] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3762'.
[ 1228.496034][T19724] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3772'.
[ 1228.537680][T19724] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3772'.
[ 1228.883351][   T30] INFO: task syz.0.3401:18368 blocked for more than 143 seconds.
[ 1229.577656][   T30]       Not tainted 6.13.0-rc3-syzkaller #0
[ 1229.583697][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1229.598114][   T30] task:syz.0.3401      state:D stack:27360 pid:18368 tgid:18343 ppid:16783  flags:0x00000004
[ 1229.610333][   T30] Call Trace:
[ 1229.613874][   T30]  <TASK>
[ 1229.616946][   T30]  __schedule+0x17fb/0x4be0
[ 1229.622141][   T30]  ? __pfx___schedule+0x10/0x10
[ 1230.427483][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1230.432601][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1230.484881][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1230.541663][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1230.546867][   T30]  ? schedule+0x90/0x320
[ 1230.557584][   T30]  schedule+0x14b/0x320
[ 1230.561811][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1230.584551][   T30]  rwsem_down_write_slowpath+0xeee/0x13b0
[ 1230.590987][   T30]  ? rwsem_down_write_slowpath+0xa09/0x13b0
[ 1230.601840][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[ 1230.629002][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1230.637784][   T30]  down_write+0x1d7/0x220
[ 1230.645823][   T30]  ? __pfx_down_write+0x10/0x10
[ 1230.657090][   T30]  blkdev_fallocate+0x20e/0x490
[ 1230.667799][   T30]  vfs_fallocate+0x569/0x6e0
[ 1230.680867][   T30]  __x64_sys_fallocate+0xbc/0x110
[ 1230.691046][   T30]  do_syscall_64+0xf3/0x230
[ 1230.700626][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1230.710743][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.724113][   T30] RIP: 0033:0x7f0a3cb85d19
[ 1230.732705][   T30] RSP: 002b:00007f0a3da24038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1230.749696][   T30] RAX: ffffffffffffffda RBX: 00007f0a3cd76160 RCX: 00007f0a3cb85d19
[ 1230.766500][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 1230.803133][   T30] RBP: 00007f0a3cc01a20 R08: 0000000000000000 R09: 0000000000000000
[ 1230.823195][   T30] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000
[ 1230.847438][   T30] R13: 0000000000000000 R14: 00007f0a3cd76160 R15: 00007ffebd7316d8
[ 1230.873850][   T30]  </TASK>
[ 1230.885782][   T30] 
[ 1230.885782][   T30] Showing all locks held in the system:
[ 1230.943737][   T30] 2 locks held by kworker/u8:0/11:
[ 1230.958630][   T30]  #0: ffff88801df33148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[ 1230.989642][   T30]  #1: ffffc90000107d00 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[ 1231.022347][   T30] 1 lock held by khungtaskd/30:
[ 1231.038564][   T30]  #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[ 1231.063538][   T30] 2 locks held by getty/5578:
[ 1231.075280][   T30]  #0: ffff88803144e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1231.105628][   T30]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[ 1231.134648][   T30] 3 locks held by syz.5.3396/18327:
[ 1231.156254][   T30] 1 lock held by syz.5.3396/18328:
[ 1231.167304][   T30] 4 locks held by syz.5.3396/18334:
[ 1231.174237][   T30] 1 lock held by syz.0.3401/18368:
[ 1231.194126][   T30]  #0: ffff888148d3e540 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490
[ 1231.231247][   T30] 2 locks held by syz.3.3775/19740:
[ 1231.250832][   T30]  #0: ffffc900031deb58 (&kvm->lock){+.+.}-{4:4}, at: kvm_arch_vm_ioctl+0x885/0x17b0
[ 1231.280350][   T30]  #1: ffffc900031de0a8 (&kvm->slots_lock){+.+.}-{4:4}, at: kvm_pic_init+0x193/0x2f0
[ 1231.308954][   T30] 1 lock held by syz.3.3775/19741:
[ 1231.327791][   T30]  #0: ffffc900031deb58 (&kvm->lock){+.+.}-{4:4}, at: kvm_vm_ioctl_create_vcpu+0x5a/0xa00
[ 1231.337954][   T30] 
[ 1231.340302][   T30] =============================================
[ 1231.340302][   T30] 
[ 1231.349060][   T30] NMI backtrace for cpu 0
[ 1231.353404][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller #0
[ 1231.362171][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1231.372234][   T30] Call Trace:
[ 1231.375508][   T30]  <TASK>
[ 1231.378436][   T30]  dump_stack_lvl+0x241/0x360
[ 1231.383119][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1231.388319][   T30]  ? __pfx__printk+0x10/0x10
[ 1231.392929][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1231.397868][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1231.403325][   T30]  ? _printk+0xd5/0x120
[ 1231.407488][   T30]  ? __pfx__printk+0x10/0x10
[ 1231.412096][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1231.416956][   T30]  ? __pfx__printk+0x10/0x10
[ 1231.421551][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1231.426571][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1231.432550][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1231.438529][   T30]  watchdog+0xff6/0x1040
[ 1231.442767][   T30]  ? watchdog+0x1ea/0x1040
[ 1231.447183][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1231.451851][   T30]  kthread+0x2f0/0x390
[ 1231.455919][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1231.460604][   T30]  ? __pfx_kthread+0x10/0x10
[ 1231.465205][   T30]  ret_from_fork+0x4b/0x80
[ 1231.469619][   T30]  ? __pfx_kthread+0x10/0x10
[ 1231.474202][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1231.478974][   T30]  </TASK>
[ 1231.482142][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1231.490181][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30
[ 1231.491175][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1231.506149][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller #0
[ 1231.514914][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1231.524961][   T30] Call Trace:
[ 1231.528249][   T30]  <TASK>
[ 1231.531177][   T30]  dump_stack_lvl+0x241/0x360
[ 1231.535852][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1231.541050][   T30]  ? __pfx__printk+0x10/0x10
[ 1231.545641][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1231.551649][   T30]  ? vscnprintf+0x5d/0x90
[ 1231.555999][   T30]  panic+0x349/0x880
[ 1231.559917][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1231.566064][   T30]  ? __pfx_panic+0x10/0x10
[ 1231.570471][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1231.575871][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1231.581415][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1231.586795][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1231.592955][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1231.599114][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1231.605297][   T30]  watchdog+0x1035/0x1040
[ 1231.609657][   T30]  ? watchdog+0x1ea/0x1040
[ 1231.614093][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1231.618772][   T30]  kthread+0x2f0/0x390
[ 1231.622838][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1231.627505][   T30]  ? __pfx_kthread+0x10/0x10
[ 1231.632088][   T30]  ret_from_fork+0x4b/0x80
[ 1231.636496][   T30]  ? __pfx_kthread+0x10/0x10
[ 1231.641079][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1231.645850][   T30]  </TASK>
[ 1231.649148][   T30] Kernel Offset: disabled
[ 1231.653905][   T30] Rebooting in 86400 seconds..