last executing test programs:

21.522747154s ago: executing program 1 (id=1928):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_secret(0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r3, 0xc01064c2, &(0x7f0000000100))
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000000), 0x10)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0xec, 0x5, 0x4})
r8 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000400)={0x3, 0x21, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f00000001c0)={0x15, 0x3, 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000040)={0x8, 0x2, 0x2})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x10004, 0x401f, 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
close_range(r5, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mkdir(&(0x7f0000000280)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)

20.543231801s ago: executing program 1 (id=1929):
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x0, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r1=>0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3], 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x200049c0)
sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x60011)
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000040)={"9fcaa0504b38d5004b764b4d2ada8bdf000000000000202700009400", r1, <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000080)={"fe0d1acce4a37e45d27e2a9be9f60700000400001a00", r4, <r5=>0xffffffffffffffff})
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r2)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000180)={0x30, r6, 0x10, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0x4, 0x1, 0x5, 0x20}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x400d814)
r7 = dup(r5)
syz_open_procfs(0x0, &(0x7f00000003c0)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000580)={0x3000, 0x16000})
r11 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r11, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r11, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
socket$pppl2tp(0x18, 0x1, 0x1)

19.488989636s ago: executing program 1 (id=1935):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x4c0c, 0x0, 0x0, 0x4}, 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x3, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x6edd, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
socket$kcm(0x10, 0x0, 0x10)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='vfat\x00', 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r5, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90a, 0x8000, '\x00', @ptr}})
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000006a0083b0cbe05f0000000000000000000000000008000e0004"], 0x20}}, 0x4000884)

17.035040181s ago: executing program 0 (id=1942):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "0062030082000000000000000000f7ffffff00"})
ppoll(&(0x7f0000000140)=[{r0}], 0x1, 0x0, 0x0, 0x700)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
syz_open_pts(r0, 0x0)
dup3(r1, r2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x40, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x40}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000850000007b000000180100002020752500000000002023c4a3cb50770d0ac11e7ad8d9979520207b010072000000000000f8ffffffb702000008000000b703000000000000000000000600000095000000e800"/105], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r6}, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x2, 0x2, 0x1)
r7 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
preadv(r7, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0xa3, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

15.093190496s ago: executing program 0 (id=1945):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
chdir(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000100)='syzkaller\x00'}, 0x90)
r5 = socket(0x10, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000380)=ANY=[@ANYRESOCT=r5, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="200000004300010000000000000b000800767863616e310000"], 0x20}}, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f0000000000)=0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f00000002c0))
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$binfmt_script(r1, 0x0, 0xb)
splice(r3, 0x0, r8, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r8, 0x0, 0xfdef)
splice(r0, 0x0, r8, 0x0, 0x80, 0x2)
write(r2, 0x0, 0x0)

12.303169238s ago: executing program 0 (id=1952):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f00000000c0)={0x200000, 0x200000})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = gettid()
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r2, &(0x7f0000001340)=[{&(0x7f0000001280)=""/151, 0x97}], 0x1)
readv(r2, &(0x7f0000001240)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0))
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, &(0x7f0000000040)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0x40286608, &(0x7f0000000180)={@desc={0x1, 0x0, @desc1}})
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000340), 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/timers\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c0012800900a06168816cf67f91dee27520440100766c616e00000000a8a4d270137e56a2ba52a34fab0c000280060001"], 0x44}}, 0x0)
r9 = fsmount(0xffffffffffffffff, 0x1, 0x7e)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r9, 0xc00c642e, &(0x7f0000000100)={<r10=>0x0, 0x0, r8})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r9, 0xc00c642d, &(0x7f0000000000)={r10})

11.192113013s ago: executing program 3 (id=1954):
getrlimit(0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000003e00952a0bf91a0b3e76d9e04c27fd7fc9e4c045a65f250c0b667ff6067f1a013981095829ed35d592e09296fc914e25225b3e5d3042385db1cf5e6c457873965ebdf5459837abfd23b443e2786bdf2377d5cbaa17f68e769e6426c16f5c0c2d28b68515c5cf38a0775939930fe50beab62c41c12faf522e9a9c996f2f46616dcabab194e1a45b9645d9ea5e576eea5203daa71d7d3c051a898858288bfa1ef704929ca1f8e0c77df12c0aa42de583068343b64ed516064638b0aa3a003d6c4a4eab5dd3eccf80ff93fc76275c9eeb41792ad7f6c2fcf707c7c4ca59a546b132b4a4555f04f32ad628"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1040}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_ALL_TARGETS={0x8}]}}}]}, 0x3c}}, 0x0)
r6 = socket(0xa, 0x0, 0x0)
getsockopt$inet6_mreq(r6, 0x10d, 0x0, 0x0, &(0x7f0000000000))
syz_open_dev$vim2m(&(0x7f0000000100), 0x1000007ff, 0x2)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
write$vga_arbiter(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="6465636f64657320696fab6d656d00"], 0xf)
mremap(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000000000/0x1000)=nil)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x0, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5}]}, 0x1c}}, 0x0)

11.113289378s ago: executing program 2 (id=1955):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000088b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x1)
socket$caif_stream(0x25, 0x1, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000080)={'ip6erspan0\x00', @random="201a4847569b"})
socket$tipc(0x1e, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00')
read$FUSE(r0, &(0x7f00000082c0)={0x2020}, 0x2020)
ioperm(0x7, 0x81, 0x2)
futex_waitv(0x0, 0x0, 0x2, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x2004c840}, 0x4000044)
socket(0x40000000015, 0x5, 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x27}, 0x74)
bind$nfc_llcp(r4, &(0x7f0000000280)={0x27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, "d929849825e6573561bd1ca44c226af5160e000000007760760beeab91e81597c80004da0000000200000000d2b6b9c2000000000000000000000000004000", 0x200000000000003}, 0x60)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r2, 0x0, &(0x7f0000000000), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r3, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
listen(0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)

11.103824859s ago: executing program 4 (id=1956):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @broadcast}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
listen(r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48)
r3 = syz_usb_connect(0x3, 0x2d, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x5a, 0xe4, 0xc4, 0x10, 0x596, 0x1, 0x5f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd6, 0x0, 0x1, 0xb5, 0xe1, 0x45, 0x0, [], [{{0x9, 0x5, 0x83, 0x0, 0x3ff, 0x3, 0x7, 0x4}}]}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000c80)={0x44, &(0x7f0000000a00)={0x40, 0x0, 0x10, "467b727d89e87f94d14d056d359a6db6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
close(0x3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xb8}]}, &(0x7f0000000040)='GPL\x00', 0x4, 0xb9, &(0x7f0000000080)=""/185}, 0x80)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r4, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90)

5.00432831s ago: executing program 1 (id=1957):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000004c0)={0x84, &(0x7f0000000240)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$addseals(0xffffffffffffffff, 0x409, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001000)={0x6, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x3}, 0x90)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000580)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000fc0)=@newqdisc={0x14c, 0x24, 0xd0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_PARMS={0xff1d}, @TCA_CHOKE_STAB={0x104, 0x2, "7aaa99f5b3ddaa38348cde7b2be8d0f1b491d1ff78f2b07396ce66afca82b0afe36edb0f831cd183067170c255cb555a737d4c3ee19251f9cbaaef1c81e92698bc2de6086485238bff5a23f21ffbdd9a115671021d69d6fe3550d53a55ab080e046efe21b344bce72df6ee7255e430f9d70381f400d6c66584c4be3b4f888b3e793ce36b4886d0026c8546dfc3bbc852d98511b0e1d211465d7c59265db7ce434d04a31c462a70614201490070f34016bdab6b49ce3ffe7cb3f0346339caf5f911f8de6d1e55e74b17709eae7e0ea43e97eb66daf38896a22292ea1515741c54184be655a308d4b25573e8fa6bc79a9697cfb4233b00"}]}}]}, 0x14c}, 0x1, 0x8100000018000000}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x9)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000200)=0x9, 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e21, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)

5.003387159s ago: executing program 3 (id=1958):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c0ef815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaad1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69922050000f5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762e122428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302be7ff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9d3fded31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000240)=0x3, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x44, r3, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x5}, 0x0)

4.90511414s ago: executing program 3 (id=1959):
syz_emit_ethernet(0x2e, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c20000000073907800000000e000050000000000000c907801000000000000000000001c0000000000000000"], 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000180)={0x1, 'veth1_to_batadv\x00', {}, 0x787d})
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = syz_clone(0xb080d000, &(0x7f0000000400)="f5c0507d02f3af7573010aa542eaf6b4bfad4451de87b06f368d9e8446f63b7f1e3e69a362e9be7ea0921ca8542a315bab189471b63a5c280d7daf3e43d849d8eb1688ad06f1170e02f77b8175a81ec303315410177b25a16a6bbba58448046d96bdb0ed20111a28d69cbdb118eb08b28f3105f3035fe2f1c7176a3a823655d29bf44469795f1b978e225c3f18ba6ee3a6911af4d1d9d4742eb840211653ea22441a002b9e192dc6934e85dec283c925d56609ad63491acd62ab08861d2d7c95ccbb9de94aa750f7853e99ccada01dd4eea218a4e09114abfaa5b639cadd0e41c7686aaee35ae2507dbe6216d141554aa3a799d9cdd630d95642c9ae85a427756e53dc93b56edede0152ab4ae9c01689c8e3fa16c10b13702c56d642de637815d9788e291395e2db742f8aea079103f04dd28ff3d3843986baca74975c1880cb64f328b26db4916aeafdbfbc3f98e5248fb87b2f592c8d7039d76d2d6d8ffe0e408e2f582cff628e915b83b264486597b275a30e0cfcbe5081f59417effdc4f5bb5004bc60c5c474971c7cfacc00e5488e4d3200116691e90038103a8610d7a4e1dc9f952940f415a48d04eadae2475a63ad5ab1056d65e75bdc3fd29442528d17bd35722ea36770cd3a7fed0426ebd88965f28e4a660da58f2e71474e8b6f84be884b4af71a42740617c175fbf8425108a16ae8bbcd2c47bc985800630ae4f50960ded8206f4feb7540ec1d1927e88b883fd053620bb33aa7ffb31d2519f0fc4942d93fbe00bee1a39a31eac4f2c0cc4591b66fafc1b85b5763173910330fbd867ddb90133a460d338a45f40bacfd202604b2b8b85454f182399c2e0776e2dbe5df357e2209a10071447caf186343bebb84e00de0dd6e981c30e0caa99fc883d51b1906f8cb7a5fe29d9ee94121596f0e4fc2baf6bdedd1f2465bbfd316d8d05f17fb38f1287494e07cba85e2a4d4dbd536edb7114ee25e805f328933df50de18149b7bc21f963c83188e57be9df4e2bf1db138d110942f883775022359f886cdcdcf6cee66fd9cc7ec6d8a01bd6f1616d87d1c24cc8e702d4638d8c9e61b866b08cd0902e894bf9641761b832d30b95c120e42223b3cb2977dc6094b95bcb54625291bfbb203387841cc61bd42eedf9f61e7b9d1d2acb8865ad4fbc8d3348734af409aca9111361ab979e87b657db2651f56a96643149d50fd39cb9832216b7402986827963355432e8386ee1effaabfdff6f6893679ce5748875a1390791d3749aef3a2c2b8e3c7a61ae85bad901556640fec8a3151352a5735fb01c2edbd6336022f6f8827d8ceb1039b58b93b6788da4654657f98ae6b4da92714e1b21469048e19b773dd73ba041296d298760254bb22a877816f173217307e558292af32c3d911fe95852c4c0432410208a286d4ffcde1d27f4ffed4d726f49ad96151f3b56ea65d18e133fd323113ba10407e34c6b9d27667cfef9cd5140b5dd6ba487791843ce589ab0aec176aca2f366e451b39b4738209579267ea881aec2dc7ac67eaabdfd31347b2cf48cfd0f40a253c299f97fb67f7d9cece73baddf3605b861343f87718b62f89dd3c1a52f281bdaaab4556fa73dad1da55f74ba99fdf1b48ed981fb4f747171c6988334b4dd35cbeaeeeb95eb55b1e1046dfe02b1b6a6b179331f52227d13f85bf6f4b41a7fee313c216efbb84c379a9116bdf0b113a952047be58685d07800af2e7fdc18b589f6e9949116ff6250cfaa39bcfbc369a1c4c1e6dc21b73f2e152b5d000719faef2a0fff57ed0ceec677773a8c40658dbd9029ed038bf0947132f7a8f5c09996fb43687e06c7ff53f77629330bb64f20aef5893d0417cf20da452082a2dd2a951b8796528ca564d79b8344261198d2428bd3b12eba6a2da80a51f7fd4748ad85c43dd85e406d0ab628374f8082199b60f919144f6a89ae3fbb66f0f458e3d0a231ab79921851bb25568c606a44666e8ae3704d0d46052ac77134a1b215809eb8ebebaa9d551f087a3ff9e763e84fb1f815a916eee8884f0c79138cac0c75b91991dd037eadb5b663b6e9082f83ae473c96a57155a7e1651b719bdd795f1ce2a10e554003db5e19ed7d5d753794210510475d6b8483db431af09d4a1be832b69c6b072b12e5a4c4cc5270baaeacc02348d6c56d70225ed58f5c4362976431cc0944362dce4249d3ea2f67e7d23b671ea4b831e3b16fa23f3d2b33266a6c78dfd690d4314b678b8fd6225d66a38a883553c01eb3d3f3ac8ecd2a6053875a31c96c7af913be0cc78212a7e7af6a5c90f633aad3693f38b63e98c9581a6291bdcaaf68ec657fec81f02b2eb52452451ec14c56c91491d5d6aa45e5f54de716f769c56f3523d8448e25b04097a34a43c4536b23a26a455b42503ce56cfe7460e780545bd833106e9ef7bc99560ab849dbabbed2030143062f41195c44ccc9d4a2d663173159c6c55f2f023916eb4233e91ad4559d3ec20f2ad28b6f33f6086c58fe3aec224c472a6f31050bf4fb381ea9f95d4dd43a4a651811e8b4ae67af52b740017a02f6cc6bda9b1d29fd6a10982545755b58a21354d82a4beace8667ae541c98aba1d674d85f149ffcd57cd3662fd2719b52cb1d6d1ecabdfb4daa76baa483148dc01e0bb1009b5534a19adfd7bfcf870c94d6173a0d5c03459f80953af627e17703416007280a360ee29b2618e0ee6994f2196997bbb2da605f47d73f7fa3ecc3ed1ba1374aae45d92a2b6f8ff939e5992063de32622620023894fa82f15a17990bf0baa255f8787434ed708dfc48796d6027adaa0cdeb3239a5a63ac2a7ded5a4b951994b14497a5ccbf1130332db9d3543e9fdbe0269036ead900c2c2a1f6cff03a83e107a5128546a7de481e5113e3f30134df796baa188890f7add7c38b3a5152e7f02b7bd8c1bcddeb5da9f3d6a6fb689ebdc0f60cb8f776b92d7ac653caab6c8d616ec5a7a960062a88b37453f617265a501b7a053d36e165161cbc4d78b665b0b231db1d2ea5ec5736dded59e9eb40305a969ff7989738ff01a3c903bd2a5318611de78b6b3d71cc0c49aae0235ac4a10236553569355cf79ef8b77f4dd63d70e52781d527c702c25f64c363fb77c11f4dc607d8a62cb175a14955a4debcde70a5c484de17b1a2f18b7924f4eb023b2960e0eeb1d09e978f3e489bb165c2e0143f9a27fd6847ec9f726d66c4a67edd7af04f073a9cf3a3c60899f89cff073c732e01906737ea252cd5162dc5993a3585c631448a7f73bb18b5c872acfc27036fc3c73605002340ead35996958e4b9459074134d82d9e86a29e240d1b17f0c22dfddcd32f23a439aa92385f1bf1096d6ba833fa24eb9f68628386ee5086326e50c98110760a287f000f0f7a0a21b2f0dac8d41a9fcb86554f1e76ef676cd0a7ac0ae5b3b9e502b7c1244719146c5f4db7e09b69d249f195201018e24681f9df9cf016d6520ae608b317716a42d218e3aa8fafd57d22c23dbd76e27941341973822fd91b3c7a310c993560c06239a4c4087e01c7ca7da846dde7a36aabf82c7232516b26fd947bb4b0601cb230a37f2c77cfe274885ca02f1c0f265a2ab1c21014b5ae94e064b85333cf328f91bd52d56ee55431a2afccd4b81e2f3dc6c199e4e7ebbeb9c8bf6cf439050e41e01d13c4ad7c928a599f5a96fd054146f0d12355390a5bd8daa4dcafc6d5cbede06f46909e1e146d0a0a0ca50c6d343f2f1c2b8d5e634d467f6b836da080e49ad24397773dca353b390eab202ce7c28aa45b749af0f634acdc5c9971a2f9025d8662d57f656d00f26cb16bbbe54beaaae3bfc8ecaf16b6330332401c2dd3847cd86db8543fb87a2c0388fc4b1edfd3bee30937c9a5dc6accf4230f19649b644c632c7449de28bfd0b3d3b3300e3cfe748d9c9ccd3526658d2307ef64432782838df6ccdd8478b6a08022f16353a9278bf006e0f0119f51b79c4f5f727e80d29a45a282e16deabd774b1d262e047d24e75e4e8bd37b336a22496452be5031431418c90cc355d8da709a5756ec2281a0bfa7a2fd37f447949fe2a18bfa196a7c15ed7fbeae5578018675ce58a2b860de58dce79bc9be9fae8b94e43f397a229b09d85941b1439fb7d7b5f3269c2378f38196f957073b04f03a3b6c4f85f3768e6818ffefdd92322b1cda7ae33c1fd7061d658724f36d3230302600eb065e2dab069bed2d2494e310db1ea2aab2afa4b1e5031acc091dc0d8e0363c080c5a1e49dde0960a128289e70a888a785e37eb7adba933d41054c3dc69b5b68b8454555602d0ecda44bdd08037d714ad0f846c09d90577d659cdab5f08bb763ba48ad5136a6e18fa8b8fc164ceda5e8d1ce960fa13de6f1605014705f9f18c19bf53754d8721031294418cfb349ff1ab30a5f39bef1c453b3f24b0ffc815061c075c4f33e16326df74f7e6bc2cfc92c0a8093fb4a6d7bf8fd354041cf1fb2e218c71eae070162fcd0abf02c1513b61c8f757995051db623e399d0259709722f75fa131bad3aebabe0473dd8f59d995f34c9b44cd8f394c5518d7ee1b05b1b72aaa11dbb4e68cbc17c31181af4a4a32b5e773925cca12b76a8b97e2299046a2105b43844f84389a81f9d342fc01eed16c24f42ca8fe396530fb08c736c357120c2b573a38f13e7ea3398d55b6492b217260c04ef039c299c9796b6403937a2730cad318e8e236cddc060247c76281a7b15a745e83f673a5d2a067fa8e68f1e977f1a85dad5d4042a8f42db117c9cda4cc17fc41e9cb13cdc047baa70a2e3c8f65fe58288729d5d912bfa7db618ffb06796fb073db33e85426f114499e587c4c154f28dbd9fa496a90fdce117b580f115c260996c24ebe9203484e29251ab58e1019289abd792ad83584027772f3d7ee0f29d151f16286abe2b25c187d71fb65800ca7076aaafef7eaaa90e97480d40a59d31af02481de2875c662b01d443e796c301a1e9c25136478be1b4fb9ef936d4e43c43715e68d8f91cd0ec38d377e3e675fab7284b1ee1932d33d33d4013e4a4e1bf25d579e786372107bcd85ec5a0637c08e6b558c26ffce5e6c8c3f223614d9e07f94fdec0cf2c6e9c6db27fd9e99b40b78ce3c749c7db8652a4ef506f36a47bfdd1329469124630db80a2add704929206d4254cab7ee027e184aeed142e98eea6a62019ca1bc22e05af6d41cf626aaf434c3ee394ce2efa6b2891878b6f9690ea022ffa8696f6f9234c40b7ce418d0bf9b471df341c13644c5495dc50c60beb61cc479c9be56175a44f24f8809f3f56b69153354996610da9908357a04cc0d894c5bae426a8edb3eaebddb6faef586dbcdfb603ab19b3334d9241148a5f770b3c96a607797519e15c074c051128abcff758f1ab4914b8415aa8e1d56cd617af2a46901ce0e33320ab1483985b868f46fe7b743d45a902683921b17d01f1ffdbb62db356843917b5630961c75d456601d64cf2926768efc9a2cc2ed16defabea83811bc65d9dd78b12c51125c28ff859eea161457c5445df0536e5345fef2b9f96f6d8c276471677de22bde590883a462034344385a7db23528225965c4a7812f52c8ba51df2f8347a140f20a623eeb015c4d803ffb02539d435c9dd911a020ccf1851221b11218e0fbcf679a44626f16ee93fe5f92d115bf35b6723a9e7363a5df34492bb8b05735243760a1c62a0b36651655f7acfb7c99402a15da710b2b8062904a1edcb4d3715e0e4ed6d6c610a94e76e38b5fdce5908d3368a83f11a49e4166f1a15073fde02e27f018bc4d7e220a0f13f0b5e8edd", 0x1000, &(0x7f00000001c0), &(0x7f0000001440), &(0x7f0000001b40)="5d91d80124c0f501c39120cd0668943af5f46598b4007c9ff0048dccc5f96a5fa85afd3229a34548aa5a6b6185c0b6da9fa6b55365a5a2abcd3aa8f0ca0b5e4f05250a6770b77fc41b49ccb3754d9bde95abd5c36c33854c4f9b32722dfc3fa115e147de2642407012f413b11578910502ff7ff78b2f9ed9f4d56df8784ad96a657e564a9eec824759411545e000ba77e2a1e123ac09e1f564fca1fc390312beaa0aa73d35cc978e020900bc5c170b609c368614977a869bd7d860e986719ce3ca017ab2f28ab5954bebf571c8db16d5ba6f9e341bab6d770838be01309a8babbd34b37958c3d7dc840a1e167273a92cccb629c347d1da384cb8b07715e96f8639204d4c9d6ca7db8517e7f91179c80df95880306ee0a0ab056fabd30053fbd64f7f54dca4f19723a7697aa6ad2100b764b983a90120fc37f3f36f24a3e06898b00b7dcd0290ec32c7ad1edc11761fe2e760ab99ad6e32f30260f3cf1cae6e4d5b969cd49e226139a3d3d449289005a1697226ade0fd8e33037a5d037bb844c0d66fef2ae10eb1ba9f517244848a0fea8f270d4fa38c8de48dd5955b25e637a0ab42900dc243ffbab8db44b7731726d0a33a92e2835501cbd288b1dce0af9930f6f881fe268ca61241f4ca591e0085ab0471246862074f8d994a9b1aab9d10dfb24b89a141ebc4be99234ae08f40578224617ada6ac7ac16c17e372f7166ce104f769e5ffda5c51fca0744b6eb672de5915582edff03bd0c3affe69fc2a67c696ba16833e87409a44df33bf90b1534dfc3bcecb6e639d9065c5c664800b5f53742e8ab9ef3e6366b5209fbae02a6c2e89a3bd054af2331dd71d30cacb941b97c74bf61cf5aa370f685222df938b0e96341c02f50d51ac1513d309f994392f0aefb67a54f512545398e6edce3c33293e4678cc254d084ba7ff548423c4fe3d9150f998e7e072351a82d5a890ba8c1c5cc4b8005fc40488f4e55ea4d71b4b3b93bb1ea18b924c4c513c0e63ac75472b49b3076ef0d2ec5659be8afed43a3f86aea295bbbc254e54fa8cfae907c1b6514f380946f36aa22e028bb3b1f84e3a2fe018dcc9eafa60156af20c13a94477cc66a47d68a35d984419cf82bf1ca27874bf7e60b087578b49909f82f70af7ad87c36d809d583df55eb12dd0bf46c9396c0f11477354479bd155d107a72d9bba9e2c1ed6babf36fce1f832402811098712cfc09e7876dc056feb6f459cc1d25814eb2d5f4f0d0b0fa4e756630f52d4d338638e3969dd3426d3d69bab8d74dba444a54677e11a6704d5d392cfd927fc32ccb43f0e459c5e5bcb6812d132553b26fc5c075bb333ced391653082029a5b9160e2163e855a41ea18132212a347602ba5523aed798f8b6b3f7c88e1de9b67f99338b0a1fa0d11be08005ed5af471cdb3e2fa1136aa5f4fe2c9dd7d650ab5635205c03610a13279a9dd9803fff2939b0972a23c1fae2205a7cd2837d19d1b43e0adbd63c8d4b0c280968391c38410cbac3250690a746a7dc7423254944a1c4c8bb72e8162ab176ea314853527eb83adea18e5538e51a00b26d4d6db48aae43f8aba31378bcba99834eeea8b68b96d78c556be528cd586717e6338b6dbf98fc4a2ebb9533d28d844ba9f9c68a229004381134af5d04d830c1b7399c52100d702b07b8c3d121c058da7b8af4328ac95268614657ec03908e8169a285539c0de956cec3980d78a8ddf5d309b75351a6156a37a50e292392bbee0f2bf63c1c47709f268508a5327ea1efbec85376b00ace8127d9a17cd747156d65f754e2f974454a6c8f294a0b4b182a08af7370770b277281f51413c0ce27a09f732835170a7475545248d55d8d3e7cbbb8d0e7198f28df77cde3353d50376271b7f327e06280836965cab24cdc950cc6f12e1e4106581617f37c3f09855394fcccfc055abcf26aceba5b2f13ef8a261d6f49816dcf16106f50108c2c1a52ddad1e6157c33e0f4c4bd3cca5a014d3b0a875b68278a736741d8c3c329c1072e2fcc7ca85c0ebd97047327c12b15c6412178831438fabc81e47169f8e9058cd3ad2addb2c439440653821d4d062dfa5fe7cc8f822257e660e31ec12e70a73b882ed297cc6b636795dddc5ee67f657b98fb49ad783a0e7fbc5347cfcf9cfa97377c341982caebc4d8b4566d7e7192592e0c578d8873834ab31a673eadc8dca1eb98f3921861ad2ac98549823a96e02b83fc3c195db7c772619c78f3fb264e8f86de944aabf827188bc08387fdd424f1e3f62d09da26efd3dbeb31a89356831cac19aaed77eb9a73b88721b548642312ff16e8cfcfb3e847d9994e28c5611443a06f8a0ec636311fd20fc358c9dd738325c45d62a9998dfe8d271426473fc47e157e3ddcefb343d7ff1f7059256e402faa43b502a494e0bca7b0eac6b613cb20ed15f853cbbe1c39473b16a9f5c3929ec1c297b5456b32b2095d11d4aa228d9f78c320836a7bb11c884b9c72ff5749ebf527ca3b39f66ba7e9a828d22f340271960c950fce7812112f38e084e2eca1883ef02b77412e5f114aed1ad52eb7797b6fc935adc6495218b6a054e7153855bcff1c3468c832c204ce44d52b1473c29e0b76bc9fdb212ed065c9ed034722106c8a7364cbb5aca4102a095b9a5472457ac7436c7c38716a4479a4ddc548480706bd3610e1f5e89e119bd7d962f255469e1bf7496b21405a2f9c1fbddc7d9e34fb0f5bfd99805e29bf174eedf6ab9fe0e9ab41438fe0afc296352384c04a1509154b85901ec00019c5387e57334abec47a7f761376575063066893569cb8f40b6d82c309916aa7b07d3f3c3d1e6cb668c07892a8ac32784c2776c79adc2eab70c9a9001f88aaf5ef195d600f609cc05e771bc1a4739748b303ab5dd0e9fd44fb43930f90a947c83593f6a1a1d86de779753568cddd3c7a736664cc0b67db5cb1d9623c58b7cf1e2fb3fbd5628357bd73deead1b301d32c9a58e1aaa3bcaa7aef5b9a542434d9eaa1eb24ac99bd9f41b948e9bf8ce696a0717dc58077d90be7cb74871fd0f4f0bbbc1e5fe1e38b8d24e9f29fb0c92942a2136896e55a13f9d280ca9a5711a722e9b3bccc1513b802cc2dbbdaa3a6a991a876b5809ad6ebcad091c4e0d84a1db6d0839e8166cb1716ce32b52ef672080a5b74d14c5a349f986dd1c4916846e22a3f973da0b6bb1cfdcd38abdd0dd2cfc89bc7828c039406fcdf3a8e84d5f55246bf77d94f8aede21bf32a8647e6dc0f3cedccee38cdba35cfdcf009bad1c3480778045ab4962486fcc965e8598b635c6863027dcf0d4b979b00853a37cc1e13496e2c7dc376a1b58a69fb2a9d82bfc232813ab7ff984761daa1a96805b50dedf73fd384010a7dd2f0adec85673064f2adecfcd02304317ba940caf8391436cd15f5b2bb6adf55a59185633b3dbdcd973d42d472bfb3c8f9c3e3e1e90fd419925b05a6e1ad6c106f87bb718b4157f7edc951ba1885b9185adb1338b82e3e6e5b5635b8a1bfdb352a5d104b59074c55838f2115fd425f2b145f1dd5efeb3fd767f1a86d0fa926bc26f4de0becbbdbd46823856f345c5d9239ba32c94707dba6522ef15bded17af940a6dcc8e5cfc865d6010856acfcd34a38f72408760bd8059d0f55b2056c8f0005f493576f7fcd481b986a7f6ced0a32dc7b0837e8ac621dcd0419e142b90c2cb74e04c0fdcddf79508b9596a3445d52d061fb32a52abc0b6ab8219a97170ef8e3213918c52aa928a535aa437fe1d1f37a17ebf17f95f8daabbbe380f272c5dc9f6223b6ff6006f27348885c178875473101435fc57895749cb66df6cf47213720b637c2cbbac2d5edbef65e888c5128bbe976160ce0658cd0d76a3cdec51e76b89c955b2177bb2504fcc7b37e2236b541122885d278d841453e4b4074de26ebb939491074a0b4691a0a041104f50439b6f975a9a644cd82f751d6413b4a6f169505e8eda3eaad8438faa5a6db79a765c41038a1a8be1ae61ca785a7d812c8ea600729d9376c7ee00ff88327ff5fa02f9973c558e8d8c6b0725b30a71f23a9262faab3b314f57e32e568cb9b6e464e132896889245d3c231bf10026ee52e313f6dc38b81798c06cb47578410d265d244c7c01242d396eef2301d3a05f7150558f0447cd44a0bf854420fbe604fffbd5c789fe85dedcc7e193be275061f8d2a2ad29afd6dfc483858a71df024f5688f8311c160a0c881c8afcc2d927a5f9209241968d5fc7e3d44583abcd33b60e2f69a20f9668d9436ae893afaae821d5d78dc46c77564c28f45707f8712beff28a61fae9d1a321f48ba47c420b0e5be700573c1716a00ebfe3cba4b480befc7f562c9f1a83ea11ce25908da6eb24766b7aed2c2d45b91a8f5139d753dbc82ea383ddd497edc18c57744e6d2b76693d0251cc624787fb214c3ac2ed3f7cb65047db6e2e16173fbbaf09cd061d7c3aa6de83f8eba055f6d620e399933c866ae6bb8796a3792cc028c5291a4db9c0a8a7c6266d7385b1781c2a1de0a8a9a9ca6f20148e2d3f97b6480ad28c5585bf1011a5c2b74ab7c60e62bcd45cfa5d178194a7ddffa8ccdcda298b853a210c9b7883c046173a54bda25ca72aa6de57771125c3186833b055955917617f0141e3dc6ad25bf95fc43af66ee9b2821d1c356c60b93a5aade8a263bdc5804e226ec7ee206215fc7d5e65fe6ede21ea805bb7e38710f99c15d378777e1508b0d91b585e9b4e66c1b6687046018d7075e05a121316a9c6cefe5eb592e09813658dcc17d31601023f716928f51b97ae05ff0d6c86a88d45fd2c0992125f7e146a380aa3806af73934be8ca4f17e66874d4ca067e9f23144e039ef2a6082c7df45540b86f3ec034a2da71606b046e0a33a09c5ec409ea1d92ff4afeb4005a88515165bb42bcca9c28788c87ac9059ffe00d2e24f75f47686f540b330ea6baedff04dfa73f5d477cbd4dbd174f462e9f849bfa95d98aee0e492933b78dadbcb964da8a1f7c6827618976c8b7d9a46089ca5affd37e8cc66a823735e5a19d326db4640447c9765335be7745dbf7228315b0ac001710734a95a5718835862767b592ebd59735ddcb7b33b229323305b425a9c5ca65f0e6ccab808c14cd159996c6604258b4243f8ee379b3b75a4f1cbd4ff1b5e0ef807d59072fd29530c4ae9973c1a57fa0bc87da8e4820442a9a0c24339b91ec8b9900fc123d85f4266b6bf93f704e427d4ee456d1e710d8f9834ffd3f1a6a92fd3b5976fe11ec584e79307bb3f1055802f2942e06e4b677c9b0c8c306b7254830204739807f0ad9ff836780f6cf41e4f1ce654887f62a596aa170b4f38733cd4656ab16c0e6f4df8a1adc98bf435f38042056ed54e581854b39504f9bc3ef7527c56f6a70435d70431b5a51884e23b6f0d598e8f2df2db396cbcc6a773c5a357c6014f3322f4a44127e8fdbd7b7c176b89f4c78ac084abc625b509a1222776246a9910e51fe6eb88387c47ccc16bee3072c9e0b8b417dd0c3330334bfe83206af7a2fd2338d573ddd962c74c23217a15ed2869fb8ce05b8f417b191b81bc660fed92e97744fa557cca27b5daf402d4772754ee6682da40cf9878443009d76f063aeb880c3c1ccfc31288dd03398f72c102e9b6a9af6287fe79f33ab5c12e1dc216d7a698dd9a44f98efa7a909aa37d08137d0bacccc67d4291669cff4ca9a486291f17a978a951cff72cdeda948c8ec3d8416e0b89a58554b8e89e7cb60e0bdfc0d0a737f532f80394b93d8a1ec28aab8e3900b93e8d0e51dd4755931967c47ad501d005846ea60")
prlimit64(r0, 0xe, &(0x7f0000000140)={0x8, 0x20400000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$TCFLSH(r5, 0x400455c8, 0x2)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000080))
ioctl$TIOCSTI(r4, 0x5437, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="9d0000000000000b010000000000009500000000000000008f61147b51d209d9c4c94887c86a5faf03a2d806485eb7249e43a985824070104c18fd0b22e5d014fb27d98609c999745bf2a585f42c23a56c6501e6eecb8f0072531a1912de425df7ee2edb06392bd9fec9452d5feda1dafce7712d8936c97896ef8f523a3f3126d9ad3241d5d03140181d63a1828d5df5d4066493171987889e040e33810f07444d56e7e918096116f079748064be32b2dfccfbabb1983c56f2e3e3359a18c145c9815b8b58571135bde23ebefcc5f082941cf4f92314cf1f5fa7cb6f453a3e1dc1014e"], 0x0}, 0x90)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x4)
process_vm_readv(0x0, &(0x7f0000001b00)=[{0x0}, {0x0}, {&(0x7f0000001a00)=""/208, 0xd0}], 0x3, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001400), 0xffffffffffffffff)

3.854790436s ago: executing program 0 (id=1960):
pipe(&(0x7f0000000080))
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r2, 0x0, 0xd, &(0x7f00000008c0)=';', 0x1)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x49, &(0x7f0000000000), 0x4)
sendmmsg$inet6(r2, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0x10)

3.838858386s ago: executing program 2 (id=1961):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000500), 0x4)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0x5, &(0x7f00000019c0)={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, "544e6b24af869c8bcb343306faffffffff155fadb01fcc19dccce863bc600e4d"}, 0x3c)

3.78779638s ago: executing program 4 (id=1962):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
unshare(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r2, 0x2, 0xffffffffffffffff)
fanotify_init(0x0, 0x0)
unshare(0x0)
fanotify_mark(r1, 0x1, 0x0, r3, 0x0)
vmsplice(r3, 0x0, 0x0, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f00000003c0)={'fscrypt:', @desc1}, &(0x7f0000000400)={0x0, "0af1784c4756434308e123c352fe741eb5aabe375a28c9b40be3ffc10e22cc89b3e00a725dfb89db7302d61e0d78f8a02fd4db020432f7550a8664579f66160e", 0x21}, 0x48, 0xfffffffffffffff9)
keyctl$get_persistent(0x16, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r4, &(0x7f0000000180)='G', 0x1, 0x8001, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f00000021c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000f00)='asymmetric\x00', &(0x7f0000002240)=@chain)
shutdown(r4, 0x1)

3.724761957s ago: executing program 3 (id=1963):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x8, 0x8, 0x2}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ptrace$ARCH_SHSTK_STATUS(0x1e, r0, &(0x7f0000000340), 0x5005)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, 0x0, &(0x7f0000000100)="211b2e5445253703eceb7dd5c8f4d563719678ea18fc83"}, 0x50)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ppoll(&(0x7f0000000080)=[{}, {}], 0x20000000000000e8, &(0x7f0000000140), &(0x7f00000000c0), 0x8)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
connect$ax25(r3, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)

2.604604014s ago: executing program 0 (id=1964):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x6, 0x0, 0x0, @remote}, 0x10)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)='cpuset.mem_hardwall\x00', 0x2, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000040)={0xa, 0x0, 0xffffffff, @empty}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYRESOCT=r0], 0x0)
sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x20)
fcntl$notify(r3, 0x402, 0x8000001d)
fcntl$setsig(r3, 0xa, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x40}}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x30}]}, &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0)
userfaultfd(0x801)

2.597337568s ago: executing program 2 (id=1965):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsetxattr$smack_xattr_label(r1, &(0x7f00000000c0)='security.SMACK64\x00', &(0x7f0000000100)={'+'}, 0x2, 0x1)

2.506793062s ago: executing program 4 (id=1966):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB='0\x00', @ANYRES16=r1, @ANYBLOB="0100000000", @ANYRES32=r2, @ANYBLOB="3f4d35dbd48235040000"], 0x30}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000002c00"])
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000140)={'wlan1\x00'})
pipe(&(0x7f0000000100))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x18, 0x2, 0xa1, 0x800003, 0x0, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x16, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
shutdown(0xffffffffffffffff, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x800452d2, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
epoll_create(0x0)
getpid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0)

2.505495708s ago: executing program 1 (id=1967):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203010902"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.364734521s ago: executing program 4 (id=1968):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@bloom_filter={0x1e, 0xe4540000, 0x1a, 0x7ff, 0x2000, 0xffffffffffffffff, 0x10000, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x2, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000ec0)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf590000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf664e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab69a000248e167253472dc89a57c10bb08395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb845129361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386ba3b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f44fc00b69151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cbe8d23810052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a299fa176018054e9149a1c9d20a809ce3000000000000000000000000f6fad8476470bf4bb79d2ba2c0f7147577466f4229b364d6900ad22583c0ec630ea0c6177ad88014b074d88fea473d5ef91ed786bbd3371f0dfcc5ccf4aa82927192aa94fe70a261f1899e1f2f62d50b027f7e7cac8fe3691aa323e71d5e479d466512d1df57633a9006016322978a795431c745f0502e37b8884c368a3f9d5c05a7fb5bd25d95442d09f79c5bd656dccb450cb19c6df406ffcfc414334021df3e4654f84f10070846d3b0679544"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

1.322564875s ago: executing program 3 (id=1969):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f00000001c0)={[{0x2d, 'cpu'}]}, 0x5)
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='l\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000030000005800018044000400200001000a00000400000000fe8000000000000000000000000000aafeff0000200002000a004e2200000007ff010000000000000000000000000001050000000d0001007564703a"], 0x6c}}, 0x0)

1.322303892s ago: executing program 4 (id=1970):
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
close(r0)

1.275833451s ago: executing program 2 (id=1971):
mount$binderfs(0x0, &(0x7f0000000480)='./binderfs\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB=',defcontext'])

1.106243076s ago: executing program 0 (id=1972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000280)={'vlan0\x00', 0x400})

1.05204174s ago: executing program 4 (id=1973):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r2, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

1.051807705s ago: executing program 1 (id=1974):
r0 = timerfd_create(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
unshare(0x2c060000)
unshare(0x24020400)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2021021, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa8100300086dd60000000003c0600fe8000000000000000000000000000bb00000000000000000000ffffffffffff3304010300000000fc02000000000000000000000000000100"/102, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000f41dda00"], 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r4 = creat(0x0, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000200))
timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4, <r6=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)=r4}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r6}, &(0x7f0000000340), &(0x7f0000000380)=r4}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000791210000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000})

353.71208ms ago: executing program 2 (id=1975):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xfffc, @any, 0x6, 0x2}, 0xe)

301.642274ms ago: executing program 3 (id=1976):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000001040)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 2 (id=1977):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1b, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000340)=0xfffffff9, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000440)=0x82, 0x49)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef)

kernel console output (not intermixed with test programs):

1-1: new high-speed USB device number 42 using dummy_hcd
[  579.516686][ T5323] usb 1-1: device descriptor read/64, error -71
[  579.653601][ T5323] usb usb1-port1: attempt power cycle
[  579.664975][T11008] delete_channel: no stack
[  581.146678][ T5323] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  581.209403][ T5323] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  581.256707][ T5323] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[  581.279165][T11049] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  581.307137][ T5323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.355827][ T5323] usb 1-1: config 0 descriptor??
[  581.383468][T11049] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1324'.
[  582.206175][T11049] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1324'.
[  582.506758][ T5323] usb 1-1: USB disconnect, device number 43
[  582.816613][    T8] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  583.016586][    T8] usb 3-1: Using ep0 maxpacket: 32
[  583.032365][    T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  583.053772][    T8] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  583.092796][    T8] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  583.115442][    T8] usb 3-1: Product: syz
[  583.130902][    T8] usb 3-1: Manufacturer: syz
[  583.140928][    T8] usb 3-1: SerialNumber: syz
[  583.151067][T11077] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1332'.
[  583.210352][    T8] usb 3-1: config 0 descriptor??
[  583.286454][T11067] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  585.030304][T11086] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  585.355829][T11101] FAULT_INJECTION: forcing a failure.
[  585.355829][T11101] name failslab, interval 1, probability 0, space 0, times 0
[  585.379913][T11101] CPU: 0 UID: 0 PID: 11101 Comm: syz.1.1338 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  585.390724][T11101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  585.400810][T11101] Call Trace:
[  585.404089][T11101]  <TASK>
[  585.407018][T11101]  dump_stack_lvl+0x241/0x360
[  585.411698][T11101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  585.416894][T11101]  ? __pfx__printk+0x10/0x10
[  585.421497][T11101]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  585.427061][T11101]  ? __pfx___might_resched+0x10/0x10
[  585.432370][T11101]  should_fail_ex+0x3b0/0x4e0
[  585.437145][T11101]  ? __break_lease+0x10f/0x1820
[  585.441998][T11101]  should_failslab+0xac/0x100
[  585.446863][T11101]  ? __break_lease+0x10f/0x1820
[  585.451729][T11101]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  585.457191][T11101]  __break_lease+0x10f/0x1820
[  585.461916][T11101]  ? __pfx___might_resched+0x10/0x10
[  585.467212][T11101]  ? __pfx___break_lease+0x10/0x10
[  585.472323][T11101]  ? down_write+0x18c/0x220
[  585.476836][T11101]  ? __pfx_down_write+0x10/0x10
[  585.481966][T11101]  ? rcu_read_lock_any_held+0xb7/0x160
[  585.487444][T11101]  ? make_vfsgid+0x46/0x90
[  585.491860][T11101]  ? security_inode_set_acl+0x111/0x140
[  585.497408][T11101]  vfs_set_acl+0x43d/0xa60
[  585.501834][T11101]  __se_sys_fsetxattr+0x3b5/0x480
[  585.506878][T11101]  ? __pfx_vfs_write+0x10/0x10
[  585.511639][T11101]  ? __pfx___se_sys_fsetxattr+0x10/0x10
[  585.517300][T11101]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  585.523809][T11101]  ? do_syscall_64+0x100/0x230
[  585.528668][T11101]  ? __x64_sys_fsetxattr+0x20/0xc0
[  585.533775][T11101]  do_syscall_64+0xf3/0x230
[  585.538277][T11101]  ? clear_bhb_loop+0x35/0x90
[  585.542955][T11101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.548846][T11101] RIP: 0033:0x7f1bf4f799b9
[  585.553258][T11101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.572861][T11101] RSP: 002b:00007f1bf5ccc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  585.581272][T11101] RAX: ffffffffffffffda RBX: 00007f1bf5115f80 RCX: 00007f1bf4f799b9
[  585.589234][T11101] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  585.597200][T11101] RBP: 00007f1bf5ccc090 R08: 0000000000000000 R09: 0000000000000000
[  585.605164][T11101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  585.613125][T11101] R13: 0000000000000000 R14: 00007f1bf5115f80 R15: 00007fff7be348c8
[  585.621122][T11101]  </TASK>
[  585.652386][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  585.927019][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  586.028932][T11111] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1341'.
[  586.840515][ T5227] usb 3-1: USB disconnect, device number 38
[  587.840838][T11131] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  588.366604][ T5272] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  588.395349][T11151] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1350'.
[  589.606593][ T5272] usb 2-1: Using ep0 maxpacket: 16
[  589.614366][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  589.626182][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  589.645958][ T5272] usb 2-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  589.676556][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.708414][ T5272] usb 2-1: config 0 descriptor??
[  590.136063][ T5272] megaworld 0003:07B5:0312.0009: item fetching failed at offset 2/5
[  590.160194][ T5272] megaworld 0003:07B5:0312.0009: parse failed
[  590.177154][ T5272] megaworld 0003:07B5:0312.0009: probe with driver megaworld failed with error -22
[  590.346336][T11141] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1349'.
[  591.752004][T11182] vlan2: entered promiscuous mode
[  591.770923][T11182] vlan2: entered allmulticast mode
[  592.550980][T11199] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  592.845146][T11209] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1367'.
[  593.885339][ T5323] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  594.102356][ T5323] usb 4-1: Using ep0 maxpacket: 8
[  594.140705][ T5323] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  594.164494][ T5323] usb 4-1: New USB device found, idVendor=0421, idProduct=008f, bcdDevice=ba.de
[  594.180396][ T5323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.208935][ T5323] usb 4-1: config 0 descriptor??
[  594.847598][T11230] vlan2: entered promiscuous mode
[  594.871510][T11230] vlan2: entered allmulticast mode
[  594.951210][ T5323] rndis_host 4-1:0.0: invalid descriptor buffer length
[  594.967499][ T5323] usb 4-1: bad CDC descriptors
[  594.973219][ T5323] cdc_acm 4-1:0.0: invalid descriptor buffer length
[  595.165300][T11212] random: crng reseeded on system resumption
[  595.589391][T11250] mkiss: ax0: crc mode is auto.
[  596.185842][T11212] Sensor A: =================  START STATUS  =================
[  596.196616][T11212] Sensor A: Test Pattern: 75% Colorbar
[  596.219388][T11212] Sensor A: Show Information: All
[  596.230115][T11212] Sensor A: Vertical Flip: false
[  596.239225][T11212] Sensor A: Horizontal Flip: false
[  596.244388][T11212] Sensor A: Brightness: 128
[  596.247758][T11247] Sensor A: =================  START STATUS  =================
[  596.256951][T11212] Sensor A: Contrast: 128
[  596.266668][T11212] Sensor A: Hue: 0
[  596.270845][T11212] Sensor A: Saturation: 128
[  596.275427][T11212] Sensor A: ==================  END STATUS  ==================
[  596.275811][T11247] Sensor A: Test Pattern: 75% Colorbar
[  596.292315][T11247] Sensor A: Show Information: All
[  596.305256][T11247] Sensor A: Vertical Flip: false
[  596.313398][T11247] Sensor A: Horizontal Flip: false
[  596.319752][T11247] Sensor A: Brightness: 128
[  596.329914][T11247] Sensor A: Contrast: 128
[  596.351140][T11247] Sensor A: Hue: 0
[  596.368732][T11247] Sensor A: Saturation: 128
[  596.387999][T11247] Sensor A: ==================  END STATUS  ==================
[  596.422606][ T1171] usb 4-1: USB disconnect, device number 45
[  597.652492][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.691394][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.702315][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.733868][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.764939][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.781351][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.810927][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.834848][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  597.855916][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.017916][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.027028][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.035136][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.045586][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.055580][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.846557][ T8683] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  598.864017][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.871650][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  598.898000][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.627788][ T8683] usb 3-1: config 0 has no interfaces?
[  599.655526][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.664368][ T8683] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  599.684229][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.695176][ T8683] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.709766][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.722363][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.737339][ T8683] usb 3-1: config 0 descriptor??
[  599.765264][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.818827][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.839103][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.848437][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.856171][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.870468][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.882171][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  599.895677][T11292] sd 0:0:1:0: device reset
[  599.903198][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  600.601761][T11301] mkiss: ax0: crc mode is auto.
[  600.931203][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  601.042584][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  601.234482][T11303] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  601.250127][T11303] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  601.300031][ T1171] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  601.308723][T11303] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  601.326326][T11303] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  601.335893][ T1171] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.09 Device [syz0] on syz0
[  601.352301][T11303] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  601.360860][T11303] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  602.194055][ T5314] usb 3-1: USB disconnect, device number 39
[  603.447119][T11303] Bluetooth: hci5: command tx timeout
[  603.753527][T11299] chnl_net:caif_netlink_parms(): no params data found
[  603.895308][T11299] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.902769][ T5272] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  603.911027][T11299] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.919511][T11299] bridge_slave_0: entered allmulticast mode
[  603.928097][T11299] bridge_slave_0: entered promiscuous mode
[  603.938576][T11299] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.946079][T11299] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.958616][T11299] bridge_slave_1: entered allmulticast mode
[  603.972814][T11299] bridge_slave_1: entered promiscuous mode
[  604.073878][T11299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  604.093980][T11299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  604.108850][ T5272] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  604.152900][ T5272] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[  604.167121][ T5272] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.216613][ T5272] usb 1-1: config 0 descriptor??
[  604.238202][ T5272] go7007 1-1:0.0: probe with driver go7007 failed with error -12
[  604.242846][T11299] team0: Port device team_slave_0 added
[  604.292651][T11299] team0: Port device team_slave_1 added
[  604.338453][T11299] batman_adv: batadv0: Adding interface: batadv_slave_0
[  604.354813][T11299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  604.382710][T11299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  604.399019][T11299] batman_adv: batadv0: Adding interface: batadv_slave_1
[  604.406326][T11299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  604.433086][T11299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  604.718812][T11299] hsr_slave_0: entered promiscuous mode
[  604.763566][T11299] hsr_slave_1: entered promiscuous mode
[  604.794605][T11299] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  604.817876][T11299] Cannot create hsr debugfs directory
[  604.847030][ T5314] libceph: connect (1)[c::]:6789 error -101
[  604.865455][ T5314] libceph: mon0 (1)[c::]:6789 connect error
[  604.900581][T11327] ceph: No mds server is up or the cluster is laggy
[  604.903684][ T5314] libceph: connect (1)[c::]:6789 error -101
[  604.938270][ T5314] libceph: mon0 (1)[c::]:6789 connect error
[  605.167606][ T5323] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  605.196597][ T5227] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  605.210308][T11299] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.340052][T11299] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.356625][ T5323] usb 3-1: Using ep0 maxpacket: 16
[  605.376047][ T5323] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  605.390539][ T5227] usb 5-1: Using ep0 maxpacket: 32
[  605.407942][ T5227] usb 5-1: config index 0 descriptor too short (expected 164, got 36)
[  605.420683][ T5323] usb 3-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae
[  605.433661][ T5227] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  605.446268][ T5323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.458432][ T5227] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  605.468810][ T5323] usb 3-1: Product: syz
[  605.473265][ T5323] usb 3-1: Manufacturer: syz
[  605.480041][ T5227] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  605.489400][ T5323] usb 3-1: SerialNumber: syz
[  605.499163][ T5227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.508176][ T5323] usb 3-1: config 0 descriptor??
[  605.520125][ T5323] gspca_main: etoms-2.14.0 probing 102c:6151
[  605.526930][T11303] Bluetooth: hci5: command tx timeout
[  605.537316][ T5227] usb 5-1: config 0 descriptor??
[  605.645332][T11299] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.725862][   T29] audit: type=1326 audit(1723788217.435:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11360 comm="syz.2.1405" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x0
[  605.810573][T11299] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.000167][ T5227] logitech 0003:046D:C29C.000B: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.4-1/input0
[  606.175534][T11299] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  606.209406][T11299] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  606.249680][T11299] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  606.280219][T11299] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  606.408794][ T5227] logitech 0003:046D:C29C.000B: no inputs found
[  606.459417][ T1171] usb 1-1: USB disconnect, device number 44
[  606.481461][ T5227] usb 5-1: USB disconnect, device number 36
[  606.743768][T11376] netlink: 'syz.0.1409': attribute type 11 has an invalid length.
[  606.794723][T11299] 8021q: adding VLAN 0 to HW filter on device bond0
[  606.826042][T11375] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  606.882571][T11299] 8021q: adding VLAN 0 to HW filter on device team0
[  606.910993][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.918177][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.940692][ T6627] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.947893][ T6627] bridge0: port 2(bridge_slave_1) entered forwarding state
[  607.606785][T11303] Bluetooth: hci5: command tx timeout
[  608.024485][   T52] usb 3-1: USB disconnect, device number 40
[  608.191541][T11396] FAULT_INJECTION: forcing a failure.
[  608.191541][T11396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  608.221212][T11396] CPU: 0 UID: 0 PID: 11396 Comm: syz.2.1415 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  608.232028][T11396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  608.242103][T11396] Call Trace:
[  608.245498][T11396]  <TASK>
[  608.248447][T11396]  dump_stack_lvl+0x241/0x360
[  608.253151][T11396]  ? __pfx_dump_stack_lvl+0x10/0x10
[  608.258369][T11396]  ? __pfx__printk+0x10/0x10
[  608.259015][T11299] 8021q: adding VLAN 0 to HW filter on device batadv0
[  608.262966][T11396]  ? smack_log+0x123/0x540
[  608.262987][T11396]  ? __pfx_lock_release+0x10/0x10
[  608.263018][T11396]  should_fail_ex+0x3b0/0x4e0
[  608.263042][T11396]  _copy_from_user+0x2f/0xe0
[  608.263067][T11396]  __tun_chr_ioctl+0x291/0x2400
[  608.263102][T11396]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  608.263129][T11396]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  608.263159][T11396]  ? bpf_lsm_file_ioctl+0x9/0x10
[  608.263182][T11396]  ? security_file_ioctl+0x87/0xb0
[  608.263204][T11396]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  608.263228][T11396]  __se_sys_ioctl+0xfc/0x170
[  608.263257][T11396]  do_syscall_64+0xf3/0x230
[  608.263277][T11396]  ? clear_bhb_loop+0x35/0x90
[  608.263301][T11396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.263321][T11396] RIP: 0033:0x7f342d9799b9
[  608.263340][T11396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.263356][T11396] RSP: 002b:00007f342e689038 EFLAGS: 00000246
[  608.308810][T11399] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1414'.
[  608.309860][T11396]  ORIG_RAX: 0000000000000010
[  608.355250][T11299] veth0_vlan: entered promiscuous mode
[  608.363914][T11396] RAX: ffffffffffffffda RBX: 00007f342db15f80 RCX: 00007f342d9799b9
[  608.363934][T11396] RDX: 0000000000000000 RSI: 00000000400454ca RDI: 0000000000000003
[  608.363945][T11396] RBP: 00007f342e689090 R08: 0000000000000000 R09: 0000000000000000
[  608.363956][T11396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  608.363967][T11396] R13: 0000000000000000 R14: 00007f342db15f80 R15: 00007ffe86066d18
[  608.363993][T11396]  </TASK>
[  608.441525][T11400] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1414'.
[  608.457030][ T8683] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  608.514240][T11406] pimreg: entered allmulticast mode
[  608.596035][T11299] veth1_vlan: entered promiscuous mode
[  608.657362][ T8683] usb 4-1: Using ep0 maxpacket: 32
[  608.673475][ T8683] usb 4-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=93.a8
[  608.690711][ T8683] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.913492][ T8683] usb 4-1: Product: syz
[  608.945411][ T8683] usb 4-1: Manufacturer: syz
[  608.954175][T11299] veth0_macvtap: entered promiscuous mode
[  608.979791][ T8683] usb 4-1: SerialNumber: syz
[  609.009854][ T8683] usb 4-1: config 0 descriptor??
[  609.205439][T11299] veth1_macvtap: entered promiscuous mode
[  609.268928][T11390] netlink: 'syz.3.1412': attribute type 21 has an invalid length.
[  609.284501][T11390] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1412'.
[  609.330472][ T8683] ath6kl: Failed to submit usb control message: -71
[  609.339947][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  609.360157][ T8683] ath6kl: unable to send the bmi data to the device: -71
[  609.383206][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.393334][ T8683] ath6kl: Unable to send get target info: -71
[  609.399801][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  609.421455][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.439221][ T8683] ath6kl: Failed to init ath6kl core: -71
[  609.445732][ T8683] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  609.459485][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  609.480087][ T8683] usb 4-1: USB disconnect, device number 46
[  609.492139][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.522939][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  609.544422][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.560767][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  609.572793][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.587891][T11299] batman_adv: batadv0: Interface activated: batadv_slave_0
[  609.625219][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  609.651291][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.664775][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  609.677412][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.692602][T11303] Bluetooth: hci5: command tx timeout
[  609.704241][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  609.777085][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.796031][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  609.810812][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.823152][T11299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  609.836092][T11299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  609.868258][T11299] batman_adv: batadv0: Interface activated: batadv_slave_1
[  609.902343][T11299] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  609.912474][T11299] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  609.924081][T11299] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  609.937338][T11299] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  610.326656][T11423] mkiss: ax0: crc mode is auto.
[  611.045856][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  611.146105][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  611.690364][ T6634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  611.727486][ T6634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.246722][T11303] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  612.255707][T11303] Bluetooth: hci3: Injecting HCI hardware error event
[  612.265161][ T5237] Bluetooth: hci3: hardware error 0x00
[  612.387143][T11447] FAULT_INJECTION: forcing a failure.
[  612.387143][T11447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  612.400510][T11447] CPU: 0 UID: 0 PID: 11447 Comm: syz.2.1424 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  612.411297][T11447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  612.421377][T11447] Call Trace:
[  612.424664][T11447]  <TASK>
[  612.427602][T11447]  dump_stack_lvl+0x241/0x360
[  612.432319][T11447]  ? __pfx_dump_stack_lvl+0x10/0x10
[  612.437555][T11447]  ? __pfx__printk+0x10/0x10
[  612.442179][T11447]  ? __pfx_lock_release+0x10/0x10
[  612.447321][T11447]  should_fail_ex+0x3b0/0x4e0
[  612.452025][T11447]  _copy_from_iter+0x1f6/0x1960
[  612.456890][T11447]  ? __virt_addr_valid+0x183/0x530
[  612.462017][T11447]  ? __pfx_lock_release+0x10/0x10
[  612.467066][T11447]  ? __alloc_skb+0x28f/0x440
[  612.471672][T11447]  ? __pfx__copy_from_iter+0x10/0x10
[  612.477080][T11447]  ? __virt_addr_valid+0x183/0x530
[  612.482210][T11447]  ? __virt_addr_valid+0x183/0x530
[  612.487334][T11447]  ? __virt_addr_valid+0x45f/0x530
[  612.492465][T11447]  ? __check_object_size+0x49c/0x900
[  612.497771][T11447]  pfkey_sendmsg+0x235/0x1050
[  612.502471][T11447]  ? smack_socket_sendmsg+0x172/0x540
[  612.507861][T11447]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  612.512985][T11447]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  612.519425][T11447]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  612.526210][T11447]  ? __pfx___might_resched+0x10/0x10
[  612.531607][T11447]  ? __might_fault+0xaa/0x120
[  612.536298][T11447]  ? __pfx_lock_release+0x10/0x10
[  612.541342][T11447]  ? __import_iovec+0x536/0x820
[  612.546206][T11447]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  612.551506][T11447]  ? security_socket_sendmsg+0x87/0xb0
[  612.556995][T11447]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  612.562222][T11447]  __sock_sendmsg+0x221/0x270
[  612.566932][T11447]  ____sys_sendmsg+0x525/0x7d0
[  612.571733][T11447]  ? __pfx_____sys_sendmsg+0x10/0x10
[  612.577051][T11447]  __sys_sendmsg+0x2b0/0x3a0
[  612.581662][T11447]  ? __pfx___sys_sendmsg+0x10/0x10
[  612.586791][T11447]  ? vfs_write+0x7c4/0xc90
[  612.591291][T11447]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  612.597645][T11447]  ? do_syscall_64+0x100/0x230
[  612.602428][T11447]  ? do_syscall_64+0xb6/0x230
[  612.607125][T11447]  do_syscall_64+0xf3/0x230
[  612.611641][T11447]  ? clear_bhb_loop+0x35/0x90
[  612.616338][T11447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.622260][T11447] RIP: 0033:0x7f342d9799b9
[  612.626696][T11447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  612.646325][T11447] RSP: 002b:00007f342d3de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  612.654758][T11447] RAX: ffffffffffffffda RBX: 00007f342db16130 RCX: 00007f342d9799b9
[  612.662749][T11447] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000008
[  612.670743][T11447] RBP: 00007f342d3de090 R08: 0000000000000000 R09: 0000000000000000
[  612.678731][T11447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  612.686720][T11447] R13: 0000000000000000 R14: 00007f342db16130 R15: 00007ffe86066d18
[  612.694851][T11447]  </TASK>
[  613.511905][T11462] mkiss: ax0: crc mode is auto.
[  615.126665][ T5237] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  615.410928][T11484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  615.494737][T11484] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  615.646429][   T29] audit: type=1400 audit(1723788227.355:19): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=11482 comm="syz.1.1436" dest=20000 netif=wpan0
[  616.727697][T11495] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  617.957564][T11515] IPv6: NLM_F_REPLACE set, but no existing node found!
[  617.985377][T11515] netlink: 'syz.4.1442': attribute type 4 has an invalid length.
[  618.076594][T11516] netlink: 'syz.4.1442': attribute type 4 has an invalid length.
[  618.855699][T11527] IPv6: NLM_F_REPLACE set, but no existing node found!
[  618.901640][T11527] netlink: 'syz.0.1443': attribute type 4 has an invalid length.
[  619.008155][T11536] netlink: 'syz.0.1443': attribute type 4 has an invalid length.
[  619.624650][T11554] FAULT_INJECTION: forcing a failure.
[  619.624650][T11554] name failslab, interval 1, probability 0, space 0, times 0
[  619.709476][T11554] CPU: 1 UID: 0 PID: 11554 Comm: syz.1.1451 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  619.720305][T11554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  619.730462][T11554] Call Trace:
[  619.733754][T11554]  <TASK>
[  619.736869][T11554]  dump_stack_lvl+0x241/0x360
[  619.741550][T11554]  ? __pfx_dump_stack_lvl+0x10/0x10
[  619.746737][T11554]  ? __pfx__printk+0x10/0x10
[  619.751318][T11554]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  619.756788][T11554]  ? __pfx___might_resched+0x10/0x10
[  619.762088][T11554]  ? netlink_sendmsg+0x8e4/0xcb0
[  619.767037][T11554]  should_fail_ex+0x3b0/0x4e0
[  619.771706][T11554]  should_failslab+0xac/0x100
[  619.776370][T11554]  ? rtnl_newlink+0xf2/0x20a0
[  619.781036][T11554]  __kmalloc_cache_noprof+0x6c/0x2c0
[  619.786317][T11554]  rtnl_newlink+0xf2/0x20a0
[  619.790827][T11554]  ? __mutex_trylock_common+0x183/0x2e0
[  619.796366][T11554]  ? __pfx___might_resched+0x10/0x10
[  619.801656][T11554]  ? __pfx_rtnl_newlink+0x10/0x10
[  619.806679][T11554]  ? __pfx___mutex_trylock_common+0x10/0x10
[  619.812597][T11554]  ? rcu_is_watching+0x15/0xb0
[  619.817384][T11554]  ? trace_contention_end+0x3c/0x120
[  619.822679][T11554]  ? __mutex_lock+0x2ef/0xd70
[  619.827356][T11554]  ? rcu_read_unlock+0x87/0xa0
[  619.832119][T11554]  ? __dev_queue_xmit+0x1763/0x3e90
[  619.837358][T11554]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  619.842465][T11554]  ? __pfx_lock_release+0x10/0x10
[  619.847485][T11554]  ? __pfx___mutex_lock+0x10/0x10
[  619.852515][T11554]  ? __pfx_rtnl_newlink+0x10/0x10
[  619.857544][T11554]  rtnetlink_rcv_msg+0x73f/0xcf0
[  619.862485][T11554]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  619.867596][T11554]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  619.873056][T11554]  ? ref_tracker_free+0x643/0x7e0
[  619.878083][T11554]  netlink_rcv_skb+0x1e3/0x430
[  619.882840][T11554]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  619.888294][T11554]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  619.893590][T11554]  ? netlink_deliver_tap+0x2e/0x1b0
[  619.898779][T11554]  netlink_unicast+0x7f6/0x990
[  619.903546][T11554]  ? __pfx_netlink_unicast+0x10/0x10
[  619.908825][T11554]  ? __virt_addr_valid+0x183/0x530
[  619.913930][T11554]  ? __check_object_size+0x49c/0x900
[  619.919210][T11554]  ? bpf_lsm_netlink_send+0x9/0x10
[  619.924405][T11554]  netlink_sendmsg+0x8e4/0xcb0
[  619.929168][T11554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  619.934446][T11554]  ? __import_iovec+0x536/0x820
[  619.939303][T11554]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  619.944586][T11554]  ? security_socket_sendmsg+0x87/0xb0
[  619.950042][T11554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  619.955320][T11554]  __sock_sendmsg+0x221/0x270
[  619.960002][T11554]  ____sys_sendmsg+0x525/0x7d0
[  619.964771][T11554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  619.970062][T11554]  __sys_sendmsg+0x2b0/0x3a0
[  619.974648][T11554]  ? __pfx___sys_sendmsg+0x10/0x10
[  619.979750][T11554]  ? vfs_write+0x7c4/0xc90
[  619.984189][T11554]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  619.990522][T11554]  ? do_syscall_64+0x100/0x230
[  619.995279][T11554]  ? do_syscall_64+0xb6/0x230
[  619.999949][T11554]  do_syscall_64+0xf3/0x230
[  620.004445][T11554]  ? clear_bhb_loop+0x35/0x90
[  620.009134][T11554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  620.015037][T11554] RIP: 0033:0x7f66ad3799b9
[  620.019458][T11554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  620.039061][T11554] RSP: 002b:00007f66acdff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  620.047471][T11554] RAX: ffffffffffffffda RBX: 00007f66ad515f80 RCX: 00007f66ad3799b9
[  620.055432][T11554] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  620.063396][T11554] RBP: 00007f66acdff090 R08: 0000000000000000 R09: 0000000000000000
[  620.071364][T11554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  620.079331][T11554] R13: 0000000000000000 R14: 00007f66ad515f80 R15: 00007fff3ee5e4c8
[  620.087312][T11554]  </TASK>
[  620.993570][T11563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  621.022649][T11563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  621.205352][T11563] random: crng reseeded on system resumption
[  623.571904][T11576] IPv6: NLM_F_REPLACE set, but no existing node found!
[  623.614020][T11576] netlink: 'syz.0.1456': attribute type 4 has an invalid length.
[  623.670679][T11579] netlink: 'syz.0.1456': attribute type 4 has an invalid length.
[  624.071456][T11563] Sensor A: =================  START STATUS  =================
[  624.087548][T11563] Sensor A: Test Pattern: 75% Colorbar
[  624.105267][T11563] Sensor A: Show Information: All
[  624.115563][T11563] Sensor A: Vertical Flip: false
[  624.158661][T11570] Sensor A: =================  START STATUS  =================
[  624.160044][T11563] 
[  624.973558][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  624.980130][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  625.003186][T11563] Sensor A: Horizontal Flip: false
[  625.008729][T11563] Sensor A: Brightness: 128
[  625.013720][T11563] Sensor A: Contrast: 128
[  625.018797][T11563] Sensor A: Hue: 0
[  625.022576][T11563] Sensor A: Saturation: 128
[  625.069807][T11563] Sensor A: ==================  END STATUS  ==================
[  625.070741][T11570] Sensor A: Test Pattern: 75% Colorbar
[  625.206397][T11570] Sensor A: Show Information: All
[  625.221897][T11570] Sensor A: Vertical Flip: false
[  625.232351][T11570] Sensor A: Horizontal Flip: false
[  625.242319][T11570] Sensor A: Brightness: 128
[  625.250211][T11570] Sensor A: Contrast: 128
[  625.258871][T11570] Sensor A: Hue: 0
[  625.264933][T11570] Sensor A: Saturation: 128
[  625.423353][T11595] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1462'.
[  625.426728][T11570] Sensor A: ==================  END STATUS  ==================
[  625.455537][T11595] vlan1: entered allmulticast mode
[  628.318485][    T8] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  628.778800][    T8] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  628.809503][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.943277][    T8] usb 3-1: config 0 descriptor??
[  629.159486][T11632] IPv6: NLM_F_REPLACE set, but no existing node found!
[  629.177071][T11632] netlink: 'syz.1.1470': attribute type 4 has an invalid length.
[  630.014123][    T8] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  630.027805][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  630.029656][T11634] Falling back ldisc for ttyS3.
[  630.113440][    T8] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  630.140597][    T8] [drm] Initialized udl on minor 2
[  630.311922][    T8] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[  630.462405][    T8] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  632.095766][T11637] netlink: 'syz.1.1470': attribute type 4 has an invalid length.
[  632.138996][T11618] netlink: 280 bytes leftover after parsing attributes in process `syz.2.1467'.
[  632.250829][ T1171] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  632.303274][ T1171] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  632.311891][    T8] usb 3-1: USB disconnect, device number 41
[  632.338104][ T1171] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  634.579869][T11691] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1479'.
[  634.594661][T11691] openvswitch: netlink: Tunnel attr 0 has unexpected len 3060 expected 8
[  634.666036][T11689] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer.
[  635.351214][T11701] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1481'.
[  637.792029][T11711] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1485'.
[  637.846816][T11711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1485'.
[  638.058286][T11711] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1485'.
[  638.850029][T11718] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1485'.
[  640.086283][T11718] hub 9-0:1.0: USB hub found
[  640.127570][T11718] hub 9-0:1.0: 8 ports detected
[  640.182325][T11734] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  640.298947][T11734] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1490'.
[  640.327387][T11734] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  640.435661][T11741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  640.484932][T11746] vlan2: entered promiscuous mode
[  640.490555][T11746] vlan2: entered allmulticast mode
[  640.497729][T11741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  646.345456][T11799] mmap: syz.0.1507 (11799) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  646.776584][ T5272] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[  646.971087][ T5272] usb 5-1: New USB device found, idVendor=13d3, idProduct=3333, bcdDevice=84.ed
[  646.989177][ T5272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.003149][ T5272] usb 5-1: Product: syz
[  647.007767][ T5272] usb 5-1: Manufacturer: syz
[  647.012654][ T5272] usb 5-1: SerialNumber: syz
[  647.024696][ T5272] usb 5-1: config 0 descriptor??
[  647.035394][ T5272] r8712u: register rtl8712_netdev_ops to netdev_ops
[  647.057952][ T5272] usb 5-1: r8712u: USB_SPEED_LOW with 0 endpoints
[  647.197464][    T8] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  647.246345][T11811] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1513'.
[  647.386920][    T8] usb 1-1: Using ep0 maxpacket: 8
[  647.394731][    T8] usb 1-1: config 150 has an invalid interface number: 204 but max is 1
[  647.404008][    T8] usb 1-1: config 150 has no interface number 0
[  647.462339][ T5272] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[  647.485575][    T8] usb 1-1: config 150 interface 204 has no altsetting 0
[  647.504191][ T5272] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  647.513532][    T8] usb 1-1: config 150 interface 1 has no altsetting 0
[  647.526970][ T5272] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  647.554836][    T8] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  647.576629][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.596018][    T8] usb 1-1: Product: syz
[  647.618658][    T8] usb 1-1: Manufacturer: syz
[  647.623305][    T8] usb 1-1: SerialNumber: syz
[  647.665939][ T5272] usb 5-1: USB disconnect, device number 37
[  647.727266][   T52] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  647.929560][   T52] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  647.960728][   T52] usb 4-1: New USB device found, idVendor=28bd, idProduct=0905, bcdDevice= 0.00
[  647.985866][   T52] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.045365][   T52] usb 4-1: config 0 descriptor??
[  648.291743][T11820] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1514'.
[  648.306649][T11820] openvswitch: netlink: IP tunnel attribute has 3036 unknown bytes.
[  648.371863][T11820] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  648.587019][   T52] input: HID 28bd:0905 Mouse as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28BD:0905.000C/input/input15
[  648.749410][   T52] uclogic 0003:28BD:0905.000C: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0905] on usb-dummy_hcd.3-1/input0
[  648.863190][   T52] usb 4-1: USB disconnect, device number 47
[  648.963873][    T8] xr_serial 1-1:150.204: xr_serial converter detected
[  649.229962][    T8] xr_serial ttyUSB0: Failed to set reg 0x0c: -71
[  649.258959][    T8] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  649.305134][    T8] usb 1-1: USB disconnect, device number 45
[  649.339366][    T8] xr_serial 1-1:150.204: device disconnected
[  651.456771][T11862] vlan2: entered promiscuous mode
[  651.489708][T11862] vlan2: entered allmulticast mode
[  653.403593][T11892] sctp: [Deprecated]: syz.2.1525 (pid 11892) Use of struct sctp_assoc_value in delayed_ack socket option.
[  653.403593][T11892] Use struct sctp_sack_info instead
[  655.560120][ T5314] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  659.186762][ T5314] usb 5-1: device descriptor read/64, error -71
[  659.476614][ T5314] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  659.696703][ T5314] usb 5-1: Using ep0 maxpacket: 8
[  659.735027][ T5314] usb 5-1: config 150 has an invalid interface number: 204 but max is 1
[  659.765515][ T5314] usb 5-1: config 150 has no interface number 0
[  659.808902][ T5314] usb 5-1: config 150 interface 204 has no altsetting 0
[  659.836102][ T5314] usb 5-1: config 150 interface 1 has no altsetting 0
[  659.855321][ T5314] usb 5-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  659.868749][ T5314] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.880342][ T5314] usb 5-1: Product: syz
[  659.884740][ T5314] usb 5-1: Manufacturer: syz
[  659.908208][ T5314] usb 5-1: SerialNumber: syz
[  660.246706][   T52] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  660.286947][T11938] sctp: [Deprecated]: syz.3.1537 (pid 11938) Use of struct sctp_assoc_value in delayed_ack socket option.
[  660.286947][T11938] Use struct sctp_sack_info instead
[  660.799089][   T52] usb 3-1: Using ep0 maxpacket: 16
[  660.915885][   T52] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  660.971757][   T52] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  660.986625][   T52] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.011826][   T52] usb 3-1: Product: syz
[  661.037977][   T52] usb 3-1: Manufacturer: syz
[  661.042657][   T52] usb 3-1: SerialNumber: syz
[  661.097841][   T52] usb 3-1: config 0 descriptor??
[  661.132916][   T52] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  661.184481][   T52] usb 3-1: Detected FT232R
[  661.355995][ T5314] xr_serial 5-1:150.204: xr_serial converter detected
[  661.385009][T11955] FAULT_INJECTION: forcing a failure.
[  661.385009][T11955] name failslab, interval 1, probability 0, space 0, times 0
[  661.397914][T11955] CPU: 1 UID: 0 PID: 11955 Comm: syz.3.1541 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  661.408676][T11955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  661.418734][T11955] Call Trace:
[  661.422022][T11955]  <TASK>
[  661.424946][T11955]  dump_stack_lvl+0x241/0x360
[  661.429632][T11955]  ? __pfx_dump_stack_lvl+0x10/0x10
[  661.434820][T11955]  ? __pfx__printk+0x10/0x10
[  661.439404][T11955]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  661.444940][T11955]  ? __pfx___might_resched+0x10/0x10
[  661.450236][T11955]  should_fail_ex+0x3b0/0x4e0
[  661.454921][T11955]  ? getname_flags+0xb7/0x540
[  661.459594][T11955]  should_failslab+0xac/0x100
[  661.464268][T11955]  ? getname_flags+0xb7/0x540
[  661.468939][T11955]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  661.474308][T11955]  getname_flags+0xb7/0x540
[  661.478805][T11955]  ? __might_fault+0xc6/0x120
[  661.483474][T11955]  user_path_at+0x24/0x60
[  661.487794][T11955]  __se_sys_mount+0x297/0x3c0
[  661.492467][T11955]  ? __pfx___se_sys_mount+0x10/0x10
[  661.497689][T11955]  ? do_syscall_64+0x100/0x230
[  661.502702][T11955]  ? __x64_sys_mount+0x20/0xc0
[  661.507474][T11955]  do_syscall_64+0xf3/0x230
[  661.512082][T11955]  ? clear_bhb_loop+0x35/0x90
[  661.516785][T11955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.522674][T11955] RIP: 0033:0x7f8871f799b9
[  661.527081][T11955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.546686][T11955] RSP: 002b:00007f8872cd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  661.555213][T11955] RAX: ffffffffffffffda RBX: 00007f8872116130 RCX: 00007f8871f799b9
[  661.563181][T11955] RDX: 0000000020000000 RSI: 00000000200002c0 RDI: 0000000020000100
[  661.571143][T11955] RBP: 00007f8872cd0090 R08: 0000000020000340 R09: 0000000000000000
[  661.579108][T11955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  661.587082][T11955] R13: 0000000000000000 R14: 00007f8872116130 R15: 00007ffd5e773748
[  661.595116][T11955]  </TASK>
[  661.615887][T11956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  661.641216][T11956] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  661.668804][T11933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  661.719772][ T5314] xr_serial ttyUSB1: Failed to set reg 0x60: -71
[  661.727637][T11933] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  661.767666][ T5314] xr_serial ttyUSB1: probe with driver xr_serial failed with error -71
[  661.813038][   T52] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  661.885223][ T5314] usb 5-1: USB disconnect, device number 39
[  661.930610][   T52] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  661.951167][ T5314] xr_serial 5-1:150.204: device disconnected
[  662.022812][   T52] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  662.053817][   T52] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  662.122236][   T52] usb 3-1: USB disconnect, device number 42
[  662.166688][   T52] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  662.204728][   T52] ftdi_sio 3-1:0.0: device disconnected
[  670.138916][ T5237] Bluetooth: hci5: unexpected event for opcode 0x0000
[  670.459075][ T5314] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  670.467030][   T52] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  670.666599][ T5314] usb 3-1: Using ep0 maxpacket: 8
[  670.682208][ T5314] usb 3-1: config 150 has an invalid interface number: 204 but max is 1
[  670.691260][   T52] usb 1-1: Using ep0 maxpacket: 16
[  670.697007][ T5314] usb 3-1: config 150 has no interface number 0
[  670.704941][ T5314] usb 3-1: config 150 interface 204 has no altsetting 0
[  670.715409][   T52] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  670.730914][ T5314] usb 3-1: config 150 interface 1 has no altsetting 0
[  670.739952][   T52] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  670.752685][   T52] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.763256][   T52] usb 1-1: Product: syz
[  670.763752][ T5314] usb 3-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  670.777626][   T52] usb 1-1: Manufacturer: syz
[  670.783274][ T5314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.792035][   T52] usb 1-1: SerialNumber: syz
[  670.797054][ T5314] usb 3-1: Product: syz
[  670.808059][ T5314] usb 3-1: Manufacturer: syz
[  670.813064][ T5314] usb 3-1: SerialNumber: syz
[  670.825514][   T52] usb 1-1: config 0 descriptor??
[  670.845568][   T52] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  670.873807][   T52] usb 1-1: Detected FT232R
[  670.948379][T12004] kexec: Could not allocate control_code_buffer
[  671.111111][T12011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  671.259906][T12011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  671.294145][   T52] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  671.337767][   T52] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  671.355133][   T52] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[  671.394201][   T52] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  671.444297][   T52] usb 1-1: USB disconnect, device number 46
[  671.512925][   T52] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  671.552029][   T52] ftdi_sio 1-1:0.0: device disconnected
[  672.619574][ T5314] xr_serial 3-1:150.204: xr_serial converter detected
[  672.630221][T12039] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1563'.
[  672.795082][   T29] audit: type=1804 audit(1723788284.505:20): pid=12044 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1564" name="/newroot/197/bus/bus" dev="overlay" ino=1074 res=1 errno=0
[  672.860698][ T5272] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  674.168079][ T5237] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  674.177514][ T5237] Bluetooth: hci5: Injecting HCI hardware error event
[  674.187164][T11303] Bluetooth: hci5: hardware error 0x00
[  674.267772][ T5314] xr_serial ttyUSB0: Failed to set reg 0x0c: -71
[  674.283999][ T5314] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  674.356256][ T5314] usb 3-1: USB disconnect, device number 43
[  674.386678][ T5272] usb 4-1: Using ep0 maxpacket: 16
[  674.396402][ T5272] usb 4-1: New USB device found, idVendor=2770, idProduct=9050, bcdDevice=11.97
[  674.410841][ T5272] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.436395][ T5314] xr_serial 3-1:150.204: device disconnected
[  674.444121][ T5272] usb 4-1: config 0 descriptor??
[  674.473854][ T5272] gspca_main: sq905c-2.14.0 probing 2770:9050
[  674.531341][T12051] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  674.773153][T12058] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  674.799316][T12058] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1566'.
[  675.295511][ T5272] gspca_sq905c: sq905c_read: usb_control_msg failed (-110)
[  675.304413][T12058] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1566'.
[  675.322852][ T5272] sq905c 4-1:0.0: Reading version command failed
[  675.335366][ T5272] sq905c 4-1:0.0: probe with driver sq905c failed with error -110
[  676.493700][T11303] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  676.572684][ T5272] usb 4-1: USB disconnect, device number 48
[  676.876933][ T5314] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  677.086552][ T5314] usb 5-1: Using ep0 maxpacket: 16
[  677.107323][ T5314] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  677.133925][ T5314] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  677.152081][ T5314] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.165784][ T5314] usb 5-1: Product: syz
[  677.180156][ T5314] usb 5-1: Manufacturer: syz
[  677.185223][ T5314] usb 5-1: SerialNumber: syz
[  677.262341][ T5314] usb 5-1: config 0 descriptor??
[  677.300437][ T5314] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  677.318533][ T5314] usb 5-1: Detected FT232R
[  677.520576][T12082] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  677.606624][ T5273] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  677.707000][   T29] audit: type=1804 audit(1723788289.395:21): pid=12101 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1579" name="/newroot/331/bus/bus" dev="overlay" ino=1806 res=1 errno=0
[  677.723099][T12082] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  677.886891][ T5273] usb 3-1: Using ep0 maxpacket: 16
[  678.108599][ T5273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  678.230561][ T5273] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  678.240560][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.356859][ T5314] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  678.359323][ T5273] usb 3-1: config 0 descriptor??
[  678.372712][ T5314] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  678.399807][ T5314] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  678.437063][ T5314] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  678.470081][ T5314] usb 5-1: USB disconnect, device number 40
[  678.509154][ T5314] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  678.526973][ T5314] ftdi_sio 5-1:0.0: device disconnected
[  678.617495][ T5272] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  678.826581][ T5272] usb 1-1: Using ep0 maxpacket: 8
[  678.835277][ T5272] usb 1-1: config 150 has an invalid interface number: 204 but max is 1
[  678.848616][ T5272] usb 1-1: config 150 has no interface number 0
[  678.858275][ T5272] usb 1-1: config 150 interface 204 has no altsetting 0
[  678.871827][ T5272] usb 1-1: config 150 interface 1 has no altsetting 0
[  678.892996][ T5272] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  678.902566][T12092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  678.920569][ T5272] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  678.929301][ T5272] usb 1-1: Product: syz
[  678.933526][ T5272] usb 1-1: Manufacturer: syz
[  678.941998][ T5272] usb 1-1: SerialNumber: syz
[  678.967630][T12092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  678.994708][ T5273] hid (null): unknown global tag 0xc
[  679.017063][ T5273] hid (null): report_id 60507 is invalid
[  679.045217][ T5273] hid-generic 0003:0158:0100.000D: unknown main item tag 0x1
[  679.067665][ T5273] hid-generic 0003:0158:0100.000D: unexpected long global item
[  679.103729][ T5273] hid-generic 0003:0158:0100.000D: probe with driver hid-generic failed with error -22
[  679.296613][T12092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  679.377321][T12092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  679.712467][ T5323] usb 3-1: USB disconnect, device number 44
[  680.392296][ T5272] xr_serial 1-1:150.204: xr_serial converter detected
[  680.937917][ T5272] xr_serial ttyUSB0: Failed to set reg 0x0c: -71
[  680.976391][ T5272] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  681.030021][ T5272] usb 1-1: USB disconnect, device number 47
[  681.058228][ T5272] xr_serial 1-1:150.204: device disconnected
[  681.333717][T12143] ax25_connect(): syz.2.1591 uses autobind, please contact jreuter@yaina.de
[  682.168386][T12149] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1595'.
[  682.730795][ T5274] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  682.959176][ T5274] usb 3-1: Using ep0 maxpacket: 16
[  683.147716][ T5274] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  683.213285][T12162] FAULT_INJECTION: forcing a failure.
[  683.213285][T12162] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  683.244398][ T5274] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  683.257573][T12162] CPU: 1 UID: 0 PID: 12162 Comm: syz.0.1597 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  683.268408][T12162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  683.278482][T12162] Call Trace:
[  683.281774][T12162]  <TASK>
[  683.284801][T12162]  dump_stack_lvl+0x241/0x360
[  683.289507][T12162]  ? __pfx_dump_stack_lvl+0x10/0x10
[  683.294999][T12162]  ? __pfx__printk+0x10/0x10
[  683.299626][T12162]  ? unwind_next_frame+0x7be/0x2a00
[  683.304850][T12162]  should_fail_ex+0x3b0/0x4e0
[  683.309558][T12162]  prepare_alloc_pages+0x1da/0x5d0
[  683.314698][T12162]  __alloc_pages_noprof+0x166/0x6c0
[  683.319922][T12162]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  683.325668][T12162]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.331763][T12162]  ? irqentry_exit+0x63/0x90
[  683.336381][T12162]  alloc_pages_mpol_noprof+0x3e8/0x680
[  683.341871][T12162]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  683.347887][T12162]  vma_alloc_folio_noprof+0x12e/0x230
[  683.353301][T12162]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  683.359311][T12162]  ? do_raw_spin_unlock+0x13c/0x8b0
[  683.364536][T12162]  folio_prealloc+0x31/0x170
[  683.369150][T12162]  do_wp_page+0x11cc/0x52f0
[  683.373695][T12162]  ? __pfx_do_wp_page+0x10/0x10
[  683.378571][T12162]  ? __pfx_lock_acquire+0x10/0x10
[  683.383618][T12162]  ? validate_chain+0x11e/0x5900
[  683.388580][T12162]  ? do_raw_spin_lock+0x14f/0x370
[  683.393644][T12162]  handle_pte_fault+0x1147/0x6eb0
[  683.398698][T12162]  ? __pfx_validate_chain+0x10/0x10
[  683.403935][T12162]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  683.409950][T12162]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  683.416322][T12162]  ? mark_lock+0x9a/0x350
[  683.420683][T12162]  ? __pfx_handle_pte_fault+0x10/0x10
[  683.426113][T12162]  ? mt_find+0x226/0x850
[  683.430377][T12162]  ? __pfx_lock_release+0x10/0x10
[  683.435426][T12162]  handle_mm_fault+0xf70/0x1880
[  683.440285][T12162]  ? __pfx_handle_mm_fault+0x10/0x10
[  683.445567][T12162]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  683.451896][T12162]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  683.457180][T12162]  exc_page_fault+0x2b9/0x8c0
[  683.461876][T12162]  asm_exc_page_fault+0x26/0x30
[  683.466748][T12162] RIP: 0010:__put_user_4+0x11/0x20
[  683.471888][T12162] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  683.476261][T12146] FAULT_INJECTION: forcing a failure.
[  683.476261][T12146] name failslab, interval 1, probability 0, space 0, times 0
[  683.491492][T12162] RSP: 0018:ffffc900031e79d8 EFLAGS: 00050202
[  683.491646][T12162] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020001df8
[  683.491660][T12162] RDX: 0000000020001dc0 RSI: ffffffff8beae6e0 RDI: ffffffff8c3f9540
[  683.491673][T12162] RBP: ffffc900031e7ed0 R08: ffffffff8ff6a72f R09: 1ffffffff1fed4e5
[  683.491686][T12162] R10: dffffc0000000000 R11: fffffbfff1fed4e6 R12: 1ffff9200063cf48
[  683.491701][T12162] R13: dffffc0000000000 R14: 0000000000000213 R15: ffffc900031e7d20
[  683.491742][T12162]  __sys_sendmmsg+0x515/0x740
[  683.491782][T12162]  ? __pfx___sys_sendmmsg+0x10/0x10
[  683.491838][T12162]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  683.491864][T12162]  ? ksys_write+0x23e/0x2c0
[  683.570617][T12162]  ? __pfx_lock_release+0x10/0x10
[  683.575673][T12162]  ? vfs_write+0x7c4/0xc90
[  683.580114][T12162]  ? __mutex_unlock_slowpath+0x21d/0x750
[  683.585769][T12162]  ? __pfx_vfs_write+0x10/0x10
[  683.590580][T12162]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  683.596592][T12162]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  683.602945][T12162]  ? do_syscall_64+0x100/0x230
[  683.607728][T12162]  __x64_sys_sendmmsg+0xa0/0xb0
[  683.612608][T12162]  do_syscall_64+0xf3/0x230
[  683.617126][T12162]  ? clear_bhb_loop+0x35/0x90
[  683.621828][T12162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.627826][T12162] RIP: 0033:0x7f79319799b9
[  683.632262][T12162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.651890][T12162] RSP: 002b:00007f79313de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  683.660334][T12162] RAX: ffffffffffffffda RBX: 00007f7931b16058 RCX: 00007f79319799b9
[  683.668322][T12162] RDX: 0000000000000213 RSI: 0000000020001dc0 RDI: 0000000000000006
[  683.676311][T12162] RBP: 00007f79313de090 R08: 0000000000000000 R09: 0000000000000000
[  683.684291][T12162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  683.692279][T12162] R13: 0000000000000000 R14: 00007f7931b16058 R15: 00007ffeb2df4888
[  683.700282][T12162]  </TASK>
[  683.703397][T12146] CPU: 0 UID: 0 PID: 12146 Comm: syz.3.1593 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  683.705288][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  683.714164][T12146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  683.714184][T12146] Call Trace:
[  683.714193][T12146]  <TASK>
[  683.714203][T12146]  dump_stack_lvl+0x241/0x360
[  683.714230][T12146]  ? __pfx_dump_stack_lvl+0x10/0x10
[  683.714248][T12146]  ? __pfx__printk+0x10/0x10
[  683.714273][T12146]  ? fs_reclaim_acquire+0x93/0x140
[  683.714294][T12146]  ? __pfx___might_resched+0x10/0x10
[  683.714320][T12146]  should_fail_ex+0x3b0/0x4e0
[  683.714346][T12146]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  683.714369][T12146]  should_failslab+0xac/0x100
[  683.714393][T12146]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  683.714418][T12146]  __kmalloc_noprof+0xd8/0x400
[  683.714441][T12146]  ? kfree+0x4e/0x360
[  683.714465][T12146]  tomoyo_realpath_from_path+0xcf/0x5e0
[  683.714500][T12146]  tomoyo_path_number_perm+0x23a/0x880
[  683.714530][T12146]  ? tomoyo_path_number_perm+0x208/0x880
[  683.714551][T12146]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  683.714605][T12146]  ? __fget_files+0x29/0x470
[  683.714627][T12146]  ? __fget_files+0x3f6/0x470
[  683.714643][T12146]  ? __fget_files+0x29/0x470
[  683.714669][T12146]  security_file_ioctl+0x75/0xb0
[  683.714698][T12146]  __se_sys_ioctl+0x47/0x170
[  683.714725][T12146]  do_syscall_64+0xf3/0x230
[  683.714743][T12146]  ? clear_bhb_loop+0x35/0x90
[  683.714764][T12146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.714783][T12146] RIP: 0033:0x7f8871f799b9
[  683.714802][T12146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.714819][T12146] RSP: 002b:00007f8872d12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  683.714842][T12146] RAX: ffffffffffffffda RBX: 00007f8872115f80 RCX: 00007f8871f799b9
[  683.714856][T12146] RDX: 0000000020002080 RSI: 00000000c020660b RDI: 0000000000000006
[  683.714869][T12146] RBP: 00007f8872d12090 R08: 0000000000000000 R09: 0000000000000000
[  683.714879][T12146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  683.714892][T12146] R13: 0000000000000000 R14: 00007f8872115f80 R15: 00007ffd5e773748
[  683.714923][T12146]  </TASK>
[  683.792873][T12146] ERROR: Out of memory at tomoyo_realpath_from_path.
[  683.794822][ T5274] usb 3-1: Product: syz
[  683.794844][ T5274] usb 3-1: Manufacturer: syz
[  683.794860][ T5274] usb 3-1: SerialNumber: syz
[  684.044091][T12173] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1602'.
[  684.066283][T12173] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1602'.
[  684.095018][ T5274] usb 3-1: config 0 descriptor??
[  684.102319][T12173] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1602'.
[  684.153518][T12180] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1602'.
[  684.164963][T12179] ax25_connect(): syz.3.1605 uses autobind, please contact jreuter@yaina.de
[  684.180765][ T5274] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  684.197814][ T5274] usb 3-1: Detected FT232R
[  684.249417][T12173] hub 9-0:1.0: USB hub found
[  684.292188][T12173] hub 9-0:1.0: 8 ports detected
[  684.389001][T12149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  684.418146][T12149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  684.472742][ T5274] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  684.496100][ T5274] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  684.505890][ T5274] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  684.525372][ T5274] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  684.571504][ T5274] usb 3-1: USB disconnect, device number 45
[  684.586602][ T5323] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  684.604855][ T5274] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  684.631802][ T5274] ftdi_sio 3-1:0.0: device disconnected
[  684.818404][ T5323] usb 1-1: Using ep0 maxpacket: 8
[  684.972095][ T5323] usb 1-1: config 150 has an invalid interface number: 204 but max is 1
[  684.987110][ T5323] usb 1-1: config 150 has no interface number 0
[  685.077926][ T5323] usb 1-1: config 150 interface 204 has no altsetting 0
[  685.094784][ T5323] usb 1-1: config 150 interface 1 has no altsetting 0
[  685.125247][ T5323] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  685.155254][ T5323] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  685.193354][ T5323] usb 1-1: Product: syz
[  685.208474][ T5323] usb 1-1: Manufacturer: syz
[  685.230137][ T5323] usb 1-1: SerialNumber: syz
[  686.227032][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  686.233398][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  687.895899][ T5323] xr_serial 1-1:150.204: xr_serial converter detected
[  687.939102][ T5323] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[  687.950919][ T5323] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  687.968064][ T5323] usb 1-1: USB disconnect, device number 48
[  687.976311][ T5323] xr_serial 1-1:150.204: device disconnected
[  688.364934][T12227] ax25_connect(): syz.0.1618 uses autobind, please contact jreuter@yaina.de
[  691.416592][   T29] audit: type=1804 audit(1723788302.355:22): pid=12238 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1620" name="/newroot/345/bus/bus" dev="overlay" ino=1885 res=1 errno=0
[  692.428886][T12250] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  692.613995][T12255] sctp: [Deprecated]: syz.3.1625 (pid 12255) Use of int in max_burst socket option.
[  692.613995][T12255] Use struct sctp_assoc_value instead
[  692.684755][ T5272] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  692.896649][ T5272] usb 3-1: Using ep0 maxpacket: 8
[  692.918835][ T5272] usb 3-1: config 150 has an invalid interface number: 204 but max is 1
[  692.942164][ T5272] usb 3-1: config 150 has no interface number 0
[  692.966126][ T5272] usb 3-1: config 150 interface 204 has no altsetting 0
[  692.992553][ T5272] usb 3-1: config 150 interface 1 has no altsetting 0
[  693.006743][ T5274] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  693.008457][ T5272] usb 3-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  693.044218][ T5272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  693.066556][ T5272] usb 3-1: Product: syz
[  693.080656][ T5272] usb 3-1: Manufacturer: syz
[  693.109801][ T5272] usb 3-1: SerialNumber: syz
[  693.496554][ T5274] usb 4-1: Using ep0 maxpacket: 32
[  693.524378][ T5274] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  693.572932][ T5274] usb 4-1: New USB device found, idVendor=05ac, idProduct=0243, bcdDevice=db.ca
[  693.648940][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.709011][ T5274] usb 4-1: config 0 descriptor??
[  693.757027][ T5274] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input16
[  693.957321][    C0] hrtimer: interrupt took 50715 ns
[  695.968340][ T4655] bcm5974 4-1:0.0: could not read from device
[  696.120205][ T5274] usb 4-1: USB disconnect, device number 49
[  696.128744][ T4655] bcm5974 4-1:0.0: could not read from device
[  696.155944][ T5272] xr_serial 3-1:150.204: xr_serial converter detected
[  696.212626][ T5272] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[  696.251246][ T5272] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  696.322823][ T5272] usb 3-1: USB disconnect, device number 46
[  696.358892][ T5272] xr_serial 3-1:150.204: device disconnected
[  696.866526][ T5272] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  697.006610][ T5273] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  697.026534][ T5272] usb 3-1: device descriptor read/64, error -71
[  697.199247][ T5273] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  697.217067][ T5273] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.237659][ T5273] usb 4-1: config 0 descriptor??
[  697.257458][T12302] IPv6: NLM_F_CREATE should be specified when creating new route
[  697.265579][T12302] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1638'.
[  697.316712][ T5272] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  697.457535][ T5273] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  697.487010][ T5272] usb 3-1: device descriptor read/64, error -71
[  697.493477][ T5273] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  697.879083][ T5272] usb usb3-port1: attempt power cycle
[  697.885103][ T5273] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  697.892627][ T5273] [drm] Initialized udl on minor 2
[  697.900433][ T5273] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  698.541436][ T5273] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  698.550818][ T8683] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  698.568049][ T5273] usb 4-1: USB disconnect, device number 50
[  698.574908][ T8683] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  698.585238][ T8683] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  698.917274][ T5272] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  698.969377][ T5274] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  698.970320][ T5272] usb 3-1: device descriptor read/8, error -71
[  699.236544][ T5274] usb 1-1: Using ep0 maxpacket: 8
[  699.249906][ T5274] usb 1-1: config 150 has an invalid interface number: 204 but max is 1
[  699.287799][ T5272] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  699.287914][ T5274] usb 1-1: config 150 has no interface number 0
[  699.360397][ T5272] usb 3-1: device descriptor read/8, error -71
[  699.386774][ T5274] usb 1-1: config 150 interface 204 has no altsetting 0
[  699.401507][ T5274] usb 1-1: config 150 interface 1 has no altsetting 0
[  699.421726][ T5274] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  699.441429][ T5274] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  699.486026][ T5274] usb 1-1: Product: syz
[  699.507561][ T5274] usb 1-1: Manufacturer: syz
[  699.520644][ T5274] usb 1-1: SerialNumber: syz
[  699.535788][ T5272] usb usb3-port1: unable to enumerate USB device
[  700.846585][T12361] IPv6: NLM_F_REPLACE set, but no existing node found!
[  700.933731][T12361] netlink: 'syz.1.1656': attribute type 4 has an invalid length.
[  701.173509][   T29] audit: type=1326 audit(1723788312.885:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  701.240643][   T29] audit: type=1326 audit(1723788312.925:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  701.327988][T12362] netlink: 'syz.1.1656': attribute type 4 has an invalid length.
[  701.411421][   T29] audit: type=1326 audit(1723788312.925:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  701.522323][ T5274] xr_serial 1-1:150.204: xr_serial converter detected
[  701.575489][ T5274] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[  701.592360][   T29] audit: type=1326 audit(1723788312.925:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  701.605302][ T5274] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  701.716782][ T5274] usb 1-1: USB disconnect, device number 49
[  701.748935][ T5274] xr_serial 1-1:150.204: device disconnected
[  701.799841][   T29] audit: type=1326 audit(1723788312.925:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  701.918585][   T29] audit: type=1326 audit(1723788312.935:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  702.015390][   T29] audit: type=1326 audit(1723788313.035:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  702.064438][   T29] audit: type=1326 audit(1723788313.035:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  702.366349][T12377] netlink: 'syz.1.1658': attribute type 16 has an invalid length.
[  702.376178][T12377] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.1658'.
[  703.851212][   T29] audit: type=1326 audit(1723788313.115:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  703.889563][   T29] audit: type=1326 audit(1723788313.115:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12348 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x7ffc0000
[  704.517286][ T5274] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  704.739423][ T5274] usb 1-1: device descriptor read/64, error -71
[  704.919785][T12380] usb 4-1: new full-speed USB device number 51 using dummy_hcd
[  705.167383][ T5274] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  705.346703][ T5274] usb 1-1: device descriptor read/64, error -71
[  705.827584][T12380] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  705.879176][T12380] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  705.928029][ T5274] usb usb1-port1: attempt power cycle
[  705.934471][T12380] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  705.970779][T12380] usb 4-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  705.985830][T12380] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.996081][T12380] usb 4-1: Product: syz
[  706.007388][T12380] usb 4-1: Manufacturer: syz
[  706.012631][T12380] usb 4-1: SerialNumber: syz
[  706.032452][T12380] usb 4-1: config 0 descriptor??
[  706.196572][ T5273] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  706.290340][T12397] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1663'.
[  707.179147][ T5274] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  707.311719][T12412] ipip0: entered promiscuous mode
[  707.400220][ T5274] usb 1-1: device descriptor read/8, error -71
[  707.401087][T12412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  707.426791][T12412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  707.492247][ T5273] usb 3-1: unable to get BOS descriptor or descriptor too short
[  707.513809][ T5273] usb 3-1: unable to read config index 0 descriptor/start: -71
[  707.548807][T12380] usb 4-1: USB disconnect, device number 51
[  707.568836][ T5273] usb 3-1: can't read configurations, error -71
[  708.279844][T12427] 8021q: adding VLAN 0 to HW filter on device bond0
[  708.291150][T12380] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  708.492301][T12427] bond0: (slave rose0): Enslaving as an active interface with an up link
[  708.598321][T12438] sctp: [Deprecated]: syz.0.1675 (pid 12438) Use of struct sctp_assoc_value in delayed_ack socket option.
[  708.598321][T12438] Use struct sctp_sack_info instead
[  708.926917][ T1171] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  709.240645][T12380] usb 4-1: Using ep0 maxpacket: 8
[  709.262996][T12380] usb 4-1: config 150 has an invalid interface number: 204 but max is 1
[  709.271809][T12380] usb 4-1: config 150 has no interface number 0
[  709.278253][T12380] usb 4-1: config 150 interface 204 has no altsetting 0
[  709.285384][T12380] usb 4-1: config 150 interface 1 has no altsetting 0
[  709.296139][T12380] usb 4-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  709.322445][T12380] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.331227][T12380] usb 4-1: Product: syz
[  709.335417][T12380] usb 4-1: Manufacturer: syz
[  709.340197][T12380] usb 4-1: SerialNumber: syz
[  712.139937][T12380] xr_serial 4-1:150.204: xr_serial converter detected
[  712.160348][T12380] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[  712.190002][T12380] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  712.243355][T12487] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  712.255773][T12380] usb 4-1: USB disconnect, device number 52
[  712.304970][T12380] xr_serial 4-1:150.204: device disconnected
[  712.400754][T12451] usb 1-1: new full-speed USB device number 54 using dummy_hcd
[  712.810541][T12451] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  712.888220][T12499] sctp: [Deprecated]: syz.3.1686 (pid 12499) Use of struct sctp_assoc_value in delayed_ack socket option.
[  712.888220][T12499] Use struct sctp_sack_info instead
[  713.485358][T12451] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  713.507924][T12451] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  713.548347][T12451] usb 1-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  713.588877][T12451] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.630413][T12451] usb 1-1: Product: syz
[  713.652241][T12451] usb 1-1: Manufacturer: syz
[  713.700992][T12451] usb 1-1: SerialNumber: syz
[  713.794295][T12451] usb 1-1: config 0 descriptor??
[  714.938087][T12483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1682'.
[  716.401773][T12533] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  716.775836][T12451] usb 1-1: USB disconnect, device number 54
[  717.048324][T12550] overlayfs: failed to resolve './file0': -2
[  718.103757][T12555] fuse: Unknown parameter 'grou00000000000000000000'
[  722.048059][T12613] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  722.335037][T12451] usb 3-1: new full-speed USB device number 53 using dummy_hcd
[  722.454089][T12617] fuse: Unknown parameter 'group_i00000000000000000000'
[  723.310159][T12451] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  723.336845][T12451] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  723.374492][T12451] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  723.550008][T12451] usb 3-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  723.569303][T12451] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.578995][T12451] usb 3-1: Product: syz
[  723.583405][T12451] usb 3-1: Manufacturer: syz
[  723.589443][T12451] usb 3-1: SerialNumber: syz
[  723.597776][T12451] usb 3-1: config 0 descriptor??
[  723.648267][T12631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.663142][T12631] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  723.835294][T12611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1707'.
[  723.869131][T12638] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1715'.
[  726.336548][ T8683] usb 3-1: USB disconnect, device number 53
[  726.533930][T12668] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  729.384541][T12700] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1735'.
[  729.401891][T12700] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1735'.
[  729.436797][ T8683] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  729.464897][T12700] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1735'.
[  729.489296][T12700] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1735'.
[  729.536677][ T5272] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  729.636508][ T8683] usb 3-1: Using ep0 maxpacket: 8
[  729.643876][ T8683] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  729.653736][ T8683] usb 3-1: New USB device found, idVendor=0421, idProduct=008f, bcdDevice=ba.de
[  729.663158][ T8683] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.691692][ T8683] usb 3-1: config 0 descriptor??
[  729.700685][ T8683] rndis_host 3-1:0.0: invalid descriptor buffer length
[  729.710002][ T8683] usb 3-1: bad CDC descriptors
[  729.717146][ T5272] usb 4-1: Using ep0 maxpacket: 16
[  729.724573][ T8683] cdc_acm 3-1:0.0: invalid descriptor buffer length
[  729.746324][ T5272] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  729.769194][ T5272] usb 4-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae
[  729.781918][ T5272] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.790498][ T5272] usb 4-1: Product: syz
[  729.795193][ T5272] usb 4-1: Manufacturer: syz
[  729.800108][ T5272] usb 4-1: SerialNumber: syz
[  729.815966][ T5272] usb 4-1: config 0 descriptor??
[  729.844494][ T5272] gspca_main: etoms-2.14.0 probing 102c:6151
[  729.906214][T12693] random: crng reseeded on system resumption
[  730.073651][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  730.073670][   T29] audit: type=1326 audit(1723788341.785:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12684 comm="syz.3.1729" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8871f799b9 code=0x0
[  730.487846][T12693] Sensor A: =================  START STATUS  =================
[  730.501067][T12693] Sensor A: Test Pattern: 75% Colorbar
[  730.528124][T12693] Sensor A: Show Information: All
[  730.533286][T12693] Sensor A: Vertical Flip: false
[  730.553691][T12704] Sensor A: =================  START STATUS  =================
[  730.565694][T12693] Sensor A: Horizontal Flip: false
[  730.593398][T12693] Sensor A: Brightness: 128
[  730.601507][T12693] Sensor A: Contrast: 128
[  730.606759][T12693] Sensor A: Hue: 0
[  730.614608][T12693] Sensor A: Saturation: 128
[  730.624702][T12693] Sensor A: ==================  END STATUS  ==================
[  730.624828][T12704] Sensor A: Test Pattern: 
[  730.654623][T12704] 75% Colorbar
[  730.665315][ T5274] usb 3-1: USB disconnect, device number 54
[  730.677237][T12704] Sensor A: Show Information: All
[  730.932652][T12704] Sensor A: Vertical Flip: false
[  730.953290][T12704] Sensor A: Horizontal Flip: false
[  730.979500][ T5272] usb 1-1: new full-speed USB device number 55 using dummy_hcd
[  730.989430][T12704] Sensor A: Brightness: 128
[  730.994102][T12704] Sensor A: Contrast: 128
[  731.016760][T12704] Sensor A: Hue: 0
[  731.020596][T12704] Sensor A: Saturation: 128
[  731.025100][T12704] Sensor A: ==================  END STATUS  ==================
[  731.057480][T12380] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  731.200709][ T5272] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  731.220142][ T5272] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  731.236532][ T5272] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  731.246530][T12380] usb 5-1: Using ep0 maxpacket: 16
[  731.258444][T12380] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  731.272114][ T5272] usb 1-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  731.273452][T12380] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  731.286105][ T5272] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.290833][T12380] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.301796][ T5272] usb 1-1: Product: syz
[  731.307315][T12380] usb 5-1: Product: syz
[  731.315610][T12380] usb 5-1: Manufacturer: syz
[  731.315680][ T5272] usb 1-1: Manufacturer: syz
[  731.320536][T12380] usb 5-1: SerialNumber: syz
[  731.327695][ T5272] usb 1-1: SerialNumber: syz
[  731.332381][T12380] usb 5-1: config 0 descriptor??
[  731.342602][T12380] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  731.354552][T12380] usb 5-1: Detected FT232R
[  731.355349][ T5272] usb 1-1: config 0 descriptor??
[  731.562937][T12720] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  731.572144][T12720] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  731.599038][T12707] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1736'.
[  731.618366][ T5272] usb 1-1: USB disconnect, device number 55
[  731.649169][T12380] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  731.684981][T12727] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  731.695839][T12380] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  731.711112][T12380] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  731.722109][T12380] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  731.746718][T12380] usb 5-1: USB disconnect, device number 42
[  731.798189][T12380] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  731.828720][T12380] ftdi_sio 5-1:0.0: device disconnected
[  732.129412][ T8683] usb 4-1: USB disconnect, device number 53
[  734.009151][T12380] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  734.277002][T12380] usb 3-1: Using ep0 maxpacket: 32
[  734.286239][T12380] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  734.318715][T12380] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  734.426879][T12380] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  734.435202][T12380] usb 3-1: Product: syz
[  734.443047][T12380] usb 3-1: Manufacturer: syz
[  734.449877][T12380] usb 3-1: SerialNumber: syz
[  734.523931][T12380] usb 3-1: config 0 descriptor??
[  735.126627][ T8683] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  735.530456][ T8683] usb 4-1: Using ep0 maxpacket: 8
[  735.647322][ T8683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  735.761289][ T8683] usb 4-1: New USB device found, idVendor=0421, idProduct=008f, bcdDevice=ba.de
[  735.776628][ T8683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.785500][T12795] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  735.804832][ T8683] usb 4-1: config 0 descriptor??
[  735.811877][ T8683] rndis_host 4-1:0.0: invalid descriptor buffer length
[  735.821011][ T8683] usb 4-1: bad CDC descriptors
[  735.826384][ T8683] cdc_acm 4-1:0.0: invalid descriptor buffer length
[  736.025426][ T5272] usb 3-1: USB disconnect, device number 55
[  736.039779][T12755] delete_channel: no stack
[  736.107832][T12804] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  736.133506][T12804] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  736.148364][T12776] random: crng reseeded on system resumption
[  736.171701][T12804] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1761'.
[  736.465938][T12776] Sensor A: =================  START STATUS  =================
[  736.487015][T12776] Sensor A: Test Pattern: 75% Colorbar
[  736.511103][T12776] Sensor A: Show Information: All
[  736.526757][T12807] Sensor A: =================  START STATUS  =================
[  736.527131][T12776] Sensor A: Vertical Flip: false
[  736.569585][T12776] Sensor A: Horizontal Flip: false
[  736.600449][T12776] Sensor A: Brightness: 128
[  736.618294][ T5273] usb 4-1: USB disconnect, device number 54
[  736.639928][T12776] Sensor A: Contrast: 128
[  736.663770][T12776] Sensor A: Hue: 0
[  736.678284][T12776] Sensor A: Saturation: 128
[  736.687800][T12776] Sensor A: ==================  END STATUS  ==================
[  736.711004][T12807] Sensor A: Test Pattern: 75% Colorbar
[  736.727157][T12807] Sensor A: Show Information: All
[  736.754985][T12807] Sensor A: Vertical Flip: false
[  736.784601][T12807] Sensor A: Horizontal Flip: false
[  736.809260][T12807] Sensor A: Brightness: 128
[  736.833576][T12825] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1766'.
[  736.843377][T12807] Sensor A: Contrast: 128
[  736.859977][T12807] Sensor A: Hue: 0
[  736.872281][T12807] Sensor A: Saturation: 128
[  736.891109][T12807] Sensor A: ==================  END STATUS  ==================
[  738.683173][T12848] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  738.899288][T12855] mkiss: ax0: crc mode is auto.
[  739.884915][T12860] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1779'.
[  740.709042][T12380] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  740.916839][T12380] usb 1-1: Using ep0 maxpacket: 8
[  740.955437][T12380] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  740.965407][T12380] usb 1-1: New USB device found, idVendor=0421, idProduct=008f, bcdDevice=ba.de
[  740.992306][T12380] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.136841][T12380] usb 1-1: config 0 descriptor??
[  741.157893][T12380] rndis_host 1-1:0.0: invalid descriptor buffer length
[  741.164940][T12380] usb 1-1: bad CDC descriptors
[  741.173218][T12380] cdc_acm 1-1:0.0: invalid descriptor buffer length
[  741.854437][T12873] random: crng reseeded on system resumption
[  741.894959][T12892] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  741.980924][T12898] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1790'.
[  742.732085][T12873] Sensor A: =================  START STATUS  =================
[  742.757860][T12873] Sensor A: Test Pattern: 75% Colorbar
[  742.763570][T12873] Sensor A: Show Information: All
[  742.769253][T12873] Sensor A: Vertical Flip: false
[  742.779393][T12873] Sensor A: Horizontal Flip: false
[  742.922632][T12873] Sensor A: Brightness: 128
[  742.928062][T12873] Sensor A: Contrast: 128
[  742.932676][T12873] Sensor A: Hue: 0
[  742.936509][T12873] Sensor A: Saturation: 128
[  743.012056][T12895] Sensor A: =================  START STATUS  =================
[  743.064631][T12873] Sensor A: ==================  END STATUS  ==================
[  743.064665][T12895] Sensor A: Test Pattern: 75% Colorbar
[  743.090764][ T8683] usb 1-1: USB disconnect, device number 56
[  743.094906][T12895] Sensor A: Show Information: All
[  743.102739][T12895] Sensor A: Vertical Flip: false
[  743.139679][T12895] Sensor A: Horizontal Flip: false
[  743.145457][T12895] Sensor A: Brightness: 128
[  743.155699][T12895] Sensor A: Contrast: 128
[  743.160662][T12895] Sensor A: Hue: 0
[  743.164570][T12895] Sensor A: Saturation: 128
[  743.171237][T12895] Sensor A: ==================  END STATUS  ==================
[  744.043993][ T5227] usb 4-1: new full-speed USB device number 55 using dummy_hcd
[  747.324628][ T5227] usb 4-1: device descriptor read/all, error -71
[  747.610740][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  747.658274][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  750.076655][ T5273] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  750.911034][ T5273] usb 5-1: Using ep0 maxpacket: 8
[  754.384498][T12976] IPv6: NLM_F_REPLACE set, but no existing node found!
[  754.459684][ T5273] usb 5-1: unable to read config index 0 descriptor/all
[  754.485640][ T5273] usb 5-1: can't read configurations, error -71
[  754.488673][T12985] netlink: 'syz.1.1810': attribute type 4 has an invalid length.
[  755.636560][T12976] netlink: 'syz.1.1810': attribute type 4 has an invalid length.
[  755.770554][T13002] FAULT_INJECTION: forcing a failure.
[  755.770554][T13002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  755.844838][T13002] CPU: 0 UID: 0 PID: 13002 Comm: syz.0.1816 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  755.855669][T13002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  755.865743][T13002] Call Trace:
[  755.869040][T13002]  <TASK>
[  755.871982][T13002]  dump_stack_lvl+0x241/0x360
[  755.876680][T13002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  755.881903][T13002]  ? __pfx__printk+0x10/0x10
[  755.886518][T13002]  ? __pfx_lock_release+0x10/0x10
[  755.891580][T13002]  should_fail_ex+0x3b0/0x4e0
[  755.896277][T13002]  _copy_from_iter+0x1f6/0x1960
[  755.901145][T13002]  ? __virt_addr_valid+0x183/0x530
[  755.906268][T13002]  ? __pfx_lock_release+0x10/0x10
[  755.911316][T13002]  ? __alloc_skb+0x28f/0x440
[  755.915920][T13002]  ? __pfx__copy_from_iter+0x10/0x10
[  755.921226][T13002]  ? __virt_addr_valid+0x183/0x530
[  755.926352][T13002]  ? __virt_addr_valid+0x183/0x530
[  755.931511][T13002]  ? __virt_addr_valid+0x45f/0x530
[  755.936642][T13002]  ? __check_object_size+0x49c/0x900
[  755.941947][T13002]  netlink_sendmsg+0x73d/0xcb0
[  755.946734][T13002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  755.952055][T13002]  ? __import_iovec+0x536/0x820
[  755.956931][T13002]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  755.962232][T13002]  ? security_socket_sendmsg+0x87/0xb0
[  755.967710][T13002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  755.973002][T13002]  __sock_sendmsg+0x221/0x270
[  755.977715][T13002]  ____sys_sendmsg+0x525/0x7d0
[  755.982475][T13002]  ? __pfx_____sys_sendmsg+0x10/0x10
[  755.987756][T13002]  __sys_sendmsg+0x2b0/0x3a0
[  755.992338][T13002]  ? __pfx___sys_sendmsg+0x10/0x10
[  755.997438][T13002]  ? vfs_write+0x7c4/0xc90
[  756.001862][T13002]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  756.008177][T13002]  ? do_syscall_64+0x100/0x230
[  756.012934][T13002]  ? do_syscall_64+0xb6/0x230
[  756.017597][T13002]  do_syscall_64+0xf3/0x230
[  756.022087][T13002]  ? clear_bhb_loop+0x35/0x90
[  756.026758][T13002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.032642][T13002] RIP: 0033:0x7f79319799b9
[  756.037058][T13002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.056685][T13002] RSP: 002b:00007f79313ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  756.065132][T13002] RAX: ffffffffffffffda RBX: 00007f7931b15f80 RCX: 00007f79319799b9
[  756.073134][T13002] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  756.081128][T13002] RBP: 00007f79313ff090 R08: 0000000000000000 R09: 0000000000000000
[  756.089121][T13002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.097114][T13002] R13: 0000000000000000 R14: 00007f7931b15f80 R15: 00007ffeb2df4888
[  756.105128][T13002]  </TASK>
[  757.287126][ T5273] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  757.593089][ T5273] usb 5-1: Using ep0 maxpacket: 32
[  757.604423][ T5273] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  757.622826][ T5273] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  757.643022][ T5273] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  758.074177][ T5273] usb 5-1: Product: syz
[  758.094114][ T5273] usb 5-1: Manufacturer: syz
[  758.128122][ T5273] usb 5-1: SerialNumber: syz
[  758.151372][ T5273] usb 5-1: config 0 descriptor??
[  758.158526][T13001] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  758.798733][T12983] usb 5-1: USB disconnect, device number 44
[  758.836817][ T5273] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  759.435628][ T5273] usb 1-1: Using ep0 maxpacket: 8
[  759.476941][ T5273] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  759.498102][ T5273] usb 1-1: New USB device found, idVendor=0421, idProduct=008f, bcdDevice=ba.de
[  759.516606][ T5273] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.533698][ T5273] usb 1-1: config 0 descriptor??
[  759.558391][ T5273] rndis_host 1-1:0.0: invalid descriptor buffer length
[  759.575799][ T5273] usb 1-1: bad CDC descriptors
[  759.585979][ T5273] cdc_acm 1-1:0.0: invalid descriptor buffer length
[  759.861352][T13030] random: crng reseeded on system resumption
[  760.022956][T13051] IPv6: NLM_F_REPLACE set, but no existing node found!
[  760.248453][T13051] netlink: 'syz.4.1826': attribute type 4 has an invalid length.
[  760.310117][T13052] netlink: 'syz.4.1826': attribute type 4 has an invalid length.
[  760.502165][T13058] netlink: 'syz.1.1828': attribute type 3 has an invalid length.
[  760.700721][T13030] Sensor A: =================  START STATUS  =================
[  760.882131][ T2560] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.895037][T13049] Sensor A: =================  START STATUS  =================
[  760.966595][T13030] Sensor A: Test Pattern: 75% Colorbar
[  760.972243][T13030] Sensor A: Show Information: All
[  761.216837][T13030] Sensor A: Vertical Flip: false
[  761.223601][T13030] Sensor A: Horizontal Flip: false
[  761.232291][T13030] Sensor A: Brightness: 128
[  761.238167][T13030] Sensor A: Contrast: 128
[  761.243637][T13030] Sensor A: Hue: 0
[  761.902095][ T5237] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  761.912554][ T5237] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  761.914282][T13030] Sensor A: Saturation: 
[  761.922250][ T5237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  761.934953][ T5237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  761.942856][ T5237] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  761.951571][ T5237] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  761.959026][T13030] 128
[  761.977852][T13049] Sensor A: Test Pattern: 75% Colorbar
[  761.997480][T13058] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1828'.
[  762.023672][T13030] Sensor A: ==================  END STATUS  ==================
[  762.025854][T13049] Sensor A: Show Information: All
[  762.036815][T13049] Sensor A: Vertical Flip: false
[  762.041857][T13049] Sensor A: Horizontal Flip: false
[  762.048732][T13049] Sensor A: Brightness: 128
[  762.053844][T13049] Sensor A: Contrast: 128
[  762.058502][T13049] Sensor A: Hue: 0
[  762.062435][T13049] Sensor A: Saturation: 128
[  762.067881][T13049] Sensor A: ==================  END STATUS  ==================
[  762.101400][T12983] usb 1-1: USB disconnect, device number 57
[  762.985685][ T2560] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.349180][ T2560] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.086977][ T5237] Bluetooth: hci4: command tx timeout
[  764.224899][ T2560] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.480732][ T8683] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  764.625752][   T29] audit: type=1804 audit(1723788376.295:39): pid=13102 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1838" name="/newroot/151/bus/bus" dev="overlay" ino=821 res=1 errno=0
[  765.186521][ T8683] usb 3-1: Using ep0 maxpacket: 16
[  765.193631][ T8683] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[  765.202086][ T8683] usb 3-1: config 0 has no interface number 0
[  765.555791][ T8683] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  765.631220][ T2560] bridge_slave_1: left allmulticast mode
[  765.639954][ T2560] bridge_slave_1: left promiscuous mode
[  765.648692][ T2560] bridge0: port 2(bridge_slave_1) entered disabled state
[  765.651088][ T8683] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  765.695165][T13112] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  765.705763][ T2560] bridge_slave_0: left allmulticast mode
[  765.713636][ T2560] bridge_slave_0: left promiscuous mode
[  765.719836][T13112] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  765.729547][ T8683] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.734353][T13112] random: crng reseeded on system resumption
[  765.750203][ T2560] bridge0: port 1(bridge_slave_0) entered disabled state
[  765.770542][ T8683] usb 3-1: Product: syz
[  765.789614][ T8683] usb 3-1: Manufacturer: syz
[  765.840128][ T8683] usb 3-1: SerialNumber: syz
[  765.862492][ T8683] usb 3-1: config 0 descriptor??
[  766.168327][ T5237] Bluetooth: hci4: command tx timeout
[  766.503043][ T8683] usbtouchscreen 3-1:0.214: probe with driver usbtouchscreen failed with error -71
[  766.542483][T13115] Sensor A: =================  START STATUS  =================
[  766.551334][T13115] Sensor A: Test Pattern: 75% Colorbar
[  766.557165][T13115] Sensor A: Show Information: All
[  766.562426][T13115] Sensor A: Vertical Flip: false
[  766.567479][ T8683] usb 3-1: USB disconnect, device number 56
[  766.576742][T13115] Sensor A: Horizontal Flip: false
[  766.600693][T13115] Sensor A: Brightness: 128
[  766.605283][T13115] Sensor A: Contrast: 128
[  766.610146][T13112] Sensor A: =================  START STATUS  =================
[  766.642984][T13115] Sensor A: Hue: 0
[  766.648626][T13115] Sensor A: Saturation: 128
[  766.666487][T13115] Sensor A: ==================  END STATUS  ==================
[  766.684304][T13112] Sensor A: Test Pattern: 75% Colorbar
[  766.698207][T13112] Sensor A: Show Information: All
[  766.703395][T13112] Sensor A: Vertical Flip: false
[  766.716582][T13112] Sensor A: Horizontal Flip: false
[  766.726873][T13112] Sensor A: Brightness: 128
[  766.731450][T13112] Sensor A: Contrast: 128
[  766.826035][T13134] ax25_connect(): syz.0.1843 uses autobind, please contact jreuter@yaina.de
[  767.374080][T13112] Sensor A: Hue: 0
[  767.506853][T13112] Sensor A: Saturation: 128
[  767.511464][T13112] Sensor A: ==================  END STATUS  ==================
[  768.246547][ T5237] Bluetooth: hci4: command tx timeout
[  769.900237][T13156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1849'.
[  769.915987][ T2560] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  769.931293][T13156] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1849'.
[  769.961559][ T2560] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  769.983548][T13156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1849'.
[  769.992916][ T2560] bond0 (unregistering): Released all slaves
[  770.017672][ T2560] bond1 (unregistering): Released all slaves
[  770.033577][ T2560] bond2 (unregistering): Released all slaves
[  770.182857][T13156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1849'.
[  770.331749][ T5237] Bluetooth: hci4: command tx timeout
[  770.357266][T13170] hub 9-0:1.0: USB hub found
[  770.396156][T13170] hub 9-0:1.0: 8 ports detected
[  770.621484][T13067] chnl_net:caif_netlink_parms(): no params data found
[  771.885010][T13197] ax25_connect(): syz.4.1854 uses autobind, please contact jreuter@yaina.de
[  773.333121][ T5227] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  773.766872][ T5227] usb 5-1: Using ep0 maxpacket: 8
[  774.071702][ T5227] usb 5-1: config 150 has an invalid interface number: 204 but max is 1
[  774.087970][ T5227] usb 5-1: config 150 has no interface number 0
[  774.094587][ T5227] usb 5-1: config 150 interface 204 has no altsetting 0
[  774.166646][T13067] bridge0: port 1(bridge_slave_0) entered blocking state
[  774.174334][T13067] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.182768][ T5227] usb 5-1: config 150 interface 1 has no altsetting 0
[  774.196780][T13067] bridge_slave_0: entered allmulticast mode
[  774.204116][ T5227] usb 5-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  774.216051][T13067] bridge_slave_0: entered promiscuous mode
[  774.222308][ T5227] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.243851][ T5227] usb 5-1: Product: syz
[  774.252060][ T5227] usb 5-1: Manufacturer: syz
[  774.262878][ T5227] usb 5-1: SerialNumber: syz
[  775.178650][ T2560] hsr_slave_0: left promiscuous mode
[  775.468264][ T2560] hsr_slave_1: left promiscuous mode
[  775.608728][ T2560] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  775.650413][ T2560] batman_adv: batadv0: Removing interface: batadv_slave_0
[  775.671199][ T2560] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  775.690819][ T2560] batman_adv: batadv0: Removing interface: batadv_slave_1
[  775.806561][ T2560] veth1_macvtap: left promiscuous mode
[  775.825212][ T2560] veth0_macvtap: left promiscuous mode
[  775.842917][ T2560] veth1_vlan: left promiscuous mode
[  775.858544][ T2560] veth0_vlan: left promiscuous mode
[  775.962902][ T5227] xr_serial 5-1:150.204: xr_serial converter detected
[  775.988431][ T5227] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[  776.022571][ T5227] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  776.037451][T12380] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[  776.060760][ T5227] usb 5-1: USB disconnect, device number 45
[  776.095834][ T5227] xr_serial 5-1:150.204: device disconnected
[  776.183125][T13241] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1866'.
[  776.195426][T13241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1866'.
[  776.248787][T12380] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  776.259281][T12380] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  776.279328][T12380] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  776.324726][T13241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1866'.
[  776.354804][T12380] usb 1-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  776.390324][T12380] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  776.412918][T12380] usb 1-1: Product: syz
[  776.423283][T12380] usb 1-1: Manufacturer: syz
[  776.432565][T12380] usb 1-1: SerialNumber: syz
[  776.455799][T12380] usb 1-1: config 0 descriptor??
[  776.548010][T13246] hub 9-0:1.0: USB hub found
[  776.571680][T13246] hub 9-0:1.0: 8 ports detected
[  776.712987][T13233] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1862'.
[  778.244898][ T2560] team0 (unregistering): Port device team_slave_1 removed
[  778.305201][ T2560] team0 (unregistering): Port device team_slave_0 removed
[  778.805344][T13067] bridge0: port 2(bridge_slave_1) entered blocking state
[  778.822181][T13067] bridge0: port 2(bridge_slave_1) entered disabled state
[  778.836196][T13067] bridge_slave_1: entered allmulticast mode
[  778.860712][T13067] bridge_slave_1: entered promiscuous mode
[  778.882451][T13241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1866'.
[  779.033544][ T5227] usb 1-1: USB disconnect, device number 58
[  779.124947][   T29] audit: type=1804 audit(1723788390.835:40): pid=13260 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.1870" name="/newroot/411/bus/bus" dev="overlay" ino=2187 res=1 errno=0
[  780.921499][T13269] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  780.997183][T13267] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1872'.
[  781.022383][T13267] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[  781.059639][T13067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  781.122594][T13067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  781.423159][   T29] audit: type=1804 audit(1723788393.085:41): pid=13287 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1876" name="/newroot/162/bus/bus" dev="overlay" ino=888 res=1 errno=0
[  782.119820][T13067] team0: Port device team_slave_0 added
[  782.407616][T13067] team0: Port device team_slave_1 added
[  782.573693][T13067] batman_adv: batadv0: Adding interface: batadv_slave_0
[  782.607223][T13067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  782.823350][T13067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  783.599941][ T5273] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  783.626524][T13067] batman_adv: batadv0: Adding interface: batadv_slave_1
[  783.633559][T13067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  783.660114][T13067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  783.866234][ T5273] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  783.875858][ T5273] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  783.903625][ T5273] usb 1-1: config 0 descriptor??
[  783.956842][ T5273] gspca_main: cpia1-2.14.0 probing 0813:0001
[  784.060050][T13067] hsr_slave_0: entered promiscuous mode
[  784.068914][T13067] hsr_slave_1: entered promiscuous mode
[  784.075518][T13067] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  784.084232][T13067] Cannot create hsr debugfs directory
[  784.246766][ T5227] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  784.447569][ T5227] usb 5-1: Using ep0 maxpacket: 16
[  784.455084][ T5227] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  784.457113][T13328] Cannot find set identified by id 0 to match
[  784.492354][ T5227] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  784.516947][ T5227] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  784.540490][ T5227] usb 5-1: Product: syz
[  784.545085][ T5227] usb 5-1: Manufacturer: syz
[  784.567148][ T5227] usb 5-1: SerialNumber: syz
[  784.598318][ T5227] usb 5-1: config 0 descriptor??
[  784.616656][ T5227] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  784.628262][ T5227] usb 5-1: Detected FT232R
[  784.860221][ T5227] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  784.884845][ T5227] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  785.105311][ T5227] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  785.116781][ T5227] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  785.127924][ T5227] usb 5-1: USB disconnect, device number 46
[  785.144798][ T5227] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  785.157286][ T5227] ftdi_sio 5-1:0.0: device disconnected
[  785.206842][ T5273] gspca_cpia1: usb_control_msg 01, error -71
[  785.231947][ T5273] cpia1 1-1:0.0: only firmware version 1 is supported (got: 0)
[  785.249585][ T5273] usb 1-1: USB disconnect, device number 59
[  785.402332][T13349] binder: 13341:13349 ioctl c0306201 20001a80 returned -14
[  787.270515][T13067] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  787.604849][T13067] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  788.102520][T13067] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  788.141003][T13067] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  788.194484][T13377] netlink: 'syz.2.1897': attribute type 1 has an invalid length.
[  788.209727][T13381] nfs: Unknown parameter 'Köl
'
[  788.231169][T13377] netlink: 'syz.2.1897': attribute type 2 has an invalid length.
[  788.345535][T13380] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  788.867832][T13067] 8021q: adding VLAN 0 to HW filter on device bond0
[  789.038074][T13067] 8021q: adding VLAN 0 to HW filter on device team0
[  789.180168][   T29] audit: type=1804 audit(1723788400.895:42): pid=13398 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1901" name="/newroot/166/bus/bus" dev="overlay" ino=918 res=1 errno=0
[  789.959837][T13397] netlink: 'syz.2.1900': attribute type 10 has an invalid length.
[  790.023979][T13401] netlink: 'syz.0.1902': attribute type 11 has an invalid length.
[  790.066251][T13397] 8021q: adding VLAN 0 to HW filter on device team0
[  790.127633][T13397] bond0: (slave team0): Enslaving as an active interface with an up link
[  790.557453][   T29] audit: type=1804 audit(1723788401.955:43): pid=13408 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1903" name="/newroot/167/bus/bus" dev="overlay" ino=932 res=1 errno=0
[  791.324367][ T6634] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.331643][ T6634] bridge0: port 1(bridge_slave_0) entered forwarding state
[  791.354777][ T6634] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.362066][ T6634] bridge0: port 2(bridge_slave_1) entered forwarding state
[  791.423081][T13067] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  791.435232][T13067] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  793.394430][T13067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  793.483024][T13067] veth0_vlan: entered promiscuous mode
[  793.507630][T13067] veth1_vlan: entered promiscuous mode
[  793.563266][T13067] veth0_macvtap: entered promiscuous mode
[  793.584338][T13067] veth1_macvtap: entered promiscuous mode
[  793.609571][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  793.620669][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.633907][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  793.646482][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.656320][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  793.667248][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.685016][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  793.704320][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.714737][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  793.731325][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.745835][T13067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  793.796593][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  793.813724][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.824112][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  793.842756][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.854188][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  793.869373][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.879466][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  793.890774][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.901112][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  793.915316][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  793.928334][T13067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  793.950809][T13067] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  793.960217][T13067] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  793.971365][T13067] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  793.981331][T13067] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  794.141679][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  794.157082][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  794.175685][ T6614] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  794.192521][ T6614] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  802.546670][T12983] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  804.464035][T13517] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  804.837133][T13521] smc: net device vxcan1 applied user defined pnetid SYZ1
[  805.166287][T12983] usb 1-1: device not accepting address 60, error -71
[  805.190908][T13533] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  805.936231][T13540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1912'.
[  805.945511][T13540] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1912'.
[  806.386517][    T9] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  806.444098][T13554] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  806.586558][    T9] usb 3-1: Using ep0 maxpacket: 16
[  806.601793][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  806.615789][    T9] usb 3-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae
[  806.626833][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.646467][    T9] usb 3-1: Product: syz
[  806.655742][    T9] usb 3-1: Manufacturer: syz
[  806.664357][    T9] usb 3-1: SerialNumber: syz
[  806.673007][    T9] usb 3-1: config 0 descriptor??
[  806.691951][    T9] gspca_main: etoms-2.14.0 probing 102c:6151
[  806.896527][   T29] audit: type=1326 audit(1723788418.605:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13538 comm="syz.2.1917" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f342d9799b9 code=0x0
[  807.936035][T13570] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  807.968522][T13570] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  808.077740][T13575] netlink: 'syz.3.1923': attribute type 4 has an invalid length.
[  808.096588][    T9] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  808.163309][T13575] netlink: 'syz.3.1923': attribute type 4 has an invalid length.
[  808.276484][    T9] usb 5-1: Using ep0 maxpacket: 16
[  808.292009][    T9] usb 5-1: config 0 has an invalid interface number: 214 but max is 0
[  808.326835][    T9] usb 5-1: config 0 has no interface number 0
[  808.352775][    T9] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  808.383202][    T9] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  808.393608][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  808.403161][    T9] usb 5-1: Product: syz
[  808.423769][    T9] usb 5-1: Manufacturer: syz
[  808.431959][    T9] usb 5-1: SerialNumber: syz
[  808.452047][    T9] usb 5-1: config 0 descriptor??
[  809.163977][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  809.176489][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  809.536941][ T8683] usb 3-1: USB disconnect, device number 57
[  809.648732][    T9] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71
[  809.885774][    T9] usb 5-1: USB disconnect, device number 47
[  810.006614][T12380] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  810.322892][T12380] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  810.413304][T12380] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  810.566600][T12380] usb 4-1: New USB device found, idVendor=046d, idProduct=c101, bcdDevice= 0.00
[  810.602932][T12380] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.618434][T12380] usb 4-1: config 0 descriptor??
[  812.032370][T13615] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  812.932182][T12380] usbhid 4-1:0.0: can't add hid device: -71
[  812.948271][T12380] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  812.966598][T12451] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  812.993211][T12380] usb 4-1: USB disconnect, device number 57
[  813.290540][T12451] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  813.323175][T12451] usb 3-1: config 0 has no interface number 0
[  813.360437][T12451] usb 3-1: config 0 interface 1 has no altsetting 0
[  813.376545][T12451] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  813.406455][T12451] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  813.427454][T12451] usb 3-1: config 0 descriptor??
[  813.435226][T12451] cp210x 3-1:0.1: cp210x converter detected
[  814.222804][T12451] cp210x 3-1:0.1: failed to get vendor val 0x000e size 3: -32
[  814.296943][T12380] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  814.536627][T12380] usb 4-1: Using ep0 maxpacket: 16
[  814.580307][T12380] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  814.890551][T12451] usb 3-1: cp210x converter now attached to ttyUSB0
[  814.899038][T12380] usb 4-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae
[  814.922818][T12380] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  814.947603][ T5273] usb 3-1: USB disconnect, device number 58
[  814.958073][T12380] usb 4-1: Product: syz
[  814.962361][T12380] usb 4-1: Manufacturer: syz
[  814.967368][ T5273] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  814.990776][ T5273] cp210x 3-1:0.1: device disconnected
[  815.005910][T12380] usb 4-1: SerialNumber: syz
[  815.027579][T12380] usb 4-1: config 0 descriptor??
[  815.079002][T12380] gspca_main: etoms-2.14.0 probing 102c:6151
[  816.380000][T12380] usb 4-1: USB disconnect, device number 58
[  819.052228][T13690] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  819.557563][    T9] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  819.572205][    C0] raw-gadget.1 gadget.4: ignoring, device is not running
[  819.783528][    T9] usb 5-1: device descriptor read/64, error -32
[  820.497886][    T9] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  820.762167][    C0] raw-gadget.1 gadget.4: ignoring, device is not running
[  821.169952][    T9] usb 5-1: device descriptor read/64, error -32
[  821.324503][    T9] usb usb5-port1: attempt power cycle
[  821.934788][    T9] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  824.893095][    T9] usb 5-1: Using ep0 maxpacket: 16
[  825.332408][    T9] usb 5-1: device descriptor read/all, error -71
[  825.422955][T13702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  826.193760][T13702] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  826.409601][T13702] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1957'.
[  827.518299][T13725] ax25_connect(): syz.3.1963 uses autobind, please contact jreuter@yaina.de
[  827.590128][T13728] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  827.617594][T13728] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  829.001672][T13743] binder: Unknown parameter 'defcontext'
[  830.032043][T13754] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  830.059112][T13754] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  935.546328][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  935.553322][    C0] rcu: 	1-...!: (1 GPs behind) idle=c4ac/1/0x4000000000000000 softirq=43341/43342 fqs=0
[  935.564577][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P13746/1:b..l
[  935.572594][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=58261, q=160 ncpus=2)
[  935.580317][    C0] Sending NMI from CPU 0 to CPUs 1:
[  935.585540][    C1] NMI backtrace for cpu 1
[  935.585553][    C1] CPU: 1 UID: 0 PID: 13750 Comm: syz.1.1974 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  935.585572][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  935.585583][    C1] RIP: 0010:__lock_acquire+0x129f/0x2040
[  935.585613][    C1] Code: 10 8b 18 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 40 28 4f 93 be 08 00 00 00 e8 e9 c6 87 00 48 0f a3 1d a1 41 df 11 <73> 1d 48 69 c3 c8 00 00 00 48 8d 98 40 87 1d 93 48 ba 00 00 00 00
[  935.585627][    C1] RSP: 0018:ffffc90000a18a30 EFLAGS: 00000057
[  935.585641][    C1] RAX: 0000000000000001 RBX: 0000000000000021 RCX: ffffffff816fe697
[  935.585652][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff934f2840
[  935.585663][    C1] RBP: 58cce5e7c8d5ebdc R08: ffffffff934f2847 R09: 1ffffffff269e508
[  935.585676][    C1] R10: dffffc0000000000 R11: fffffbfff269e509 R12: 0000000000000001
[  935.585687][    C1] R13: ffff8880221ca8d8 R14: 1ffff11004439520 R15: ffff8880221ca900
[  935.585700][    C1] FS:  00007f66acdff6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  935.585714][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  935.585725][    C1] CR2: 000000110c30f572 CR3: 000000006914c000 CR4: 00000000003526f0
[  935.585739][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  935.585749][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  935.585759][    C1] Call Trace:
[  935.585768][    C1]  <NMI>
[  935.585781][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  935.585802][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  935.585824][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  935.585851][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  935.585871][    C1]  ? nmi_handle+0x14f/0x5a0
[  935.585886][    C1]  ? nmi_handle+0x2a/0x5a0
[  935.585902][    C1]  ? __lock_acquire+0x129f/0x2040
[  935.585923][    C1]  ? default_do_nmi+0x63/0x160
[  935.585942][    C1]  ? exc_nmi+0x123/0x1f0
[  935.585961][    C1]  ? end_repeat_nmi+0xf/0x53
[  935.585983][    C1]  ? __lock_acquire+0x1297/0x2040
[  935.586005][    C1]  ? __lock_acquire+0x129f/0x2040
[  935.586025][    C1]  ? __lock_acquire+0x129f/0x2040
[  935.586047][    C1]  ? __lock_acquire+0x129f/0x2040
[  935.586068][    C1]  </NMI>
[  935.586073][    C1]  <IRQ>
[  935.586087][    C1]  lock_acquire+0x1ed/0x550
[  935.586108][    C1]  ? advance_sched+0xa02/0xca0
[  935.586129][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  935.586150][    C1]  ? advance_sched+0x9b4/0xca0
[  935.586165][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  935.586183][    C1]  ? __pfx_lock_release+0x10/0x10
[  935.586207][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  935.586224][    C1]  ? taprio_set_budgets+0x32c/0x370
[  935.586242][    C1]  ? advance_sched+0xa02/0xca0
[  935.586260][    C1]  advance_sched+0xa1e/0xca0
[  935.586277][    C1]  ? advance_sched+0xa02/0xca0
[  935.586300][    C1]  ? __pfx_advance_sched+0x10/0x10
[  935.586317][    C1]  __hrtimer_run_queues+0x59b/0xd50
[  935.586335][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  935.586365][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  935.586382][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  935.586406][    C1]  hrtimer_interrupt+0x396/0x990
[  935.586434][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  935.586460][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  935.586484][    C1]  </IRQ>
[  935.586489][    C1]  <TASK>
[  935.586495][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  935.586514][    C1] RIP: 0010:lock_release+0x658/0xa30
[  935.586535][    C1] Code: 3c 3b 00 74 08 4c 89 f7 e8 85 b0 87 00 f6 84 24 91 00 00 00 02 75 77 41 f7 c5 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 27 00 00 00 00 4b c7 44 27 08 00 00 00 00 65 48 8b 04 25
[  935.586548][    C1] RSP: 0018:ffffc90009a2f420 EFLAGS: 00000206
[  935.586562][    C1] RAX: 0000000000000001 RBX: 1ffff92001345e96 RCX: ffffc90009a2f403
[  935.586573][    C1] RDX: 0000000000000000 RSI: ffffffff8beae6e0 RDI: ffffffff8c3f9540
[  935.586585][    C1] RBP: ffffc90009a2f550 R08: ffffffff8ff6a72f R09: 1ffffffff1fed4e5
[  935.586597][    C1] R10: dffffc0000000000 R11: fffffbfff1fed4e6 R12: 1ffff92001345e90
[  935.586610][    C1] R13: 0000000000000246 R14: ffffc90009a2f4b0 R15: dffffc0000000000
[  935.586631][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  935.586652][    C1]  ? sk_filter_trim_cap+0x1b3/0xa80
[  935.586670][    C1]  ? schedule_timeout+0xb0/0x310
[  935.586689][    C1]  ? __pfx_lock_release+0x10/0x10
[  935.586717][    C1]  ? sk_filter_trim_cap+0x1b3/0xa80
[  935.586733][    C1]  sk_filter_trim_cap+0x5ba/0xa80
[  935.586753][    C1]  ? __pfx_unix_wait_for_peer+0x10/0x10
[  935.586782][    C1]  ? __pfx_sk_filter_trim_cap+0x10/0x10
[  935.586800][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  935.586818][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  935.586840][    C1]  unix_dgram_sendmsg+0xb15/0x1f80
[  935.586868][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  935.586883][    C1]  ? iovec_from_user+0x61/0x240
[  935.586910][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  935.586931][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  935.586952][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  935.586967][    C1]  __sock_sendmsg+0x221/0x270
[  935.586992][    C1]  ____sys_sendmsg+0x525/0x7d0
[  935.587017][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  935.587040][    C1]  ? __might_fault+0xaa/0x120
[  935.587060][    C1]  __sys_sendmmsg+0x3b2/0x740
[  935.587084][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[  935.587119][    C1]  ? wake_up_q+0xdc/0x120
[  935.587140][    C1]  ? futex_wait+0x285/0x360
[  935.587163][    C1]  ? __pfx_futex_wait+0x10/0x10
[  935.587189][    C1]  ? unix_dgram_connect+0xaec/0xd80
[  935.587204][    C1]  ? __pfx_current_check_access_socket+0x10/0x10
[  935.587225][    C1]  ? do_futex+0x33b/0x560
[  935.587248][    C1]  ? __sys_connect+0x16b/0x310
[  935.587270][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  935.587293][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  935.587314][    C1]  ? do_syscall_64+0x100/0x230
[  935.587331][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  935.587352][    C1]  do_syscall_64+0xf3/0x230
[  935.587368][    C1]  ? clear_bhb_loop+0x35/0x90
[  935.587387][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.587404][    C1] RIP: 0033:0x7f66ad3799b9
[  935.587419][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  935.587432][    C1] RSP: 002b:00007f66acdff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  935.587447][    C1] RAX: ffffffffffffffda RBX: 00007f66ad515f80 RCX: 00007f66ad3799b9
[  935.587459][    C1] RDX: 0000000000000651 RSI: 0000000020000000 RDI: 0000000000000005
[  935.587470][    C1] RBP: 00007f66ad3e78d8 R08: 0000000000000000 R09: 0000000000000000
[  935.587480][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  935.587490][    C1] R13: 0000000000000000 R14: 00007f66ad515f80 R15: 00007fff3ee5e4c8
[  935.587508][    C1]  </TASK>
[  935.587528][    C0] task:syz.4.1973      state:R  running task     stack:24016 pid:13746 tgid:13745 ppid:9587   flags:0x00004002
[  936.255028][    C0] Call Trace:
[  936.258313][    C0]  <TASK>
[  936.261252][    C0]  __schedule+0x17ae/0x4a10
[  936.265799][    C0]  ? __pfx___schedule+0x10/0x10
[  936.270661][    C0]  ? irqentry_exit+0x63/0x90
[  936.275256][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  936.280484][    C0]  ? preempt_schedule+0xe1/0xf0
[  936.285345][    C0]  preempt_schedule_common+0x84/0xd0
[  936.290644][    C0]  preempt_schedule+0xe1/0xf0
[  936.295333][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  936.300720][    C0]  ? count_memcg_event_mm+0x3c2/0x420
[  936.306114][    C0]  preempt_schedule_thunk+0x1a/0x30
[  936.311324][    C0]  _raw_spin_unlock+0x3e/0x50
[  936.316012][    C0]  follow_page_pte+0x29a/0x1ee0
[  936.320884][    C0]  ? __pfx_follow_page_pte+0x10/0x10
[  936.326194][    C0]  follow_page_mask+0x739/0x2f90
[  936.331156][    C0]  ? __pfx_follow_page_mask+0x10/0x10
[  936.336544][    C0]  ? __get_user_pages+0x692/0x16a0
[  936.341662][    C0]  ? __get_user_pages+0xd5f/0x16a0
[  936.346779][    C0]  ? __get_user_pages+0xe35/0x16a0
[  936.351906][    C0]  __get_user_pages+0x67b/0x16a0
[  936.356876][    C0]  ? __pfx___get_user_pages+0x10/0x10
[  936.362298][    C0]  populate_vma_page_range+0x264/0x330
[  936.367817][    C0]  ? __pfx_populate_vma_page_range+0x10/0x10
[  936.373816][    C0]  ? userfaultfd_unmap_complete+0x30c/0x360
[  936.379724][    C0]  ? do_mmap+0x961/0x1010
[  936.384079][    C0]  __mm_populate+0x27a/0x460
[  936.388686][    C0]  ? __pfx___mm_populate+0x10/0x10
[  936.393817][    C0]  vm_mmap_pgoff+0x2c3/0x3d0
[  936.398908][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  936.404026][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  936.410372][    C0]  ? exc_page_fault+0x590/0x8c0
[  936.415235][    C0]  ? ksys_mmap_pgoff+0xdf/0x720
[  936.420096][    C0]  ? __x64_sys_mmap+0x7f/0x140
[  936.424879][    C0]  do_syscall_64+0xf3/0x230
[  936.429412][    C0]  ? clear_bhb_loop+0x35/0x90
[  936.434115][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.440029][    C0] RIP: 0033:0x7fbfd79799b9
[  936.444454][    C0] RSP: 002b:00007fbfd73ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  936.452878][    C0] RAX: ffffffffffffffda RBX: 00007fbfd7b15f80 RCX: 00007fbfd79799b9
[  936.460858][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  936.468834][    C0] RBP: 00007fbfd79e78d8 R08: ffffffffffffffff R09: 0000000000000000
[  936.476809][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  936.484780][    C0] R13: 0000000000000001 R14: 00007fbfd7b15f80 R15: 00007fff0e01e048
[  936.492775][    C0]  </TASK>
[  936.495798][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g58261 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  936.506995][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  936.516966][    C0] rcu: RCU grace-period kthread stack dump:
[  936.522851][    C0] task:rcu_preempt     state:R  running task     stack:25560 pid:17    tgid:17    ppid:2      flags:0x00004000
[  936.534598][    C0] Call Trace:
[  936.537884][    C0]  <TASK>
[  936.540825][    C0]  __schedule+0x17ae/0x4a10
[  936.545368][    C0]  ? __pfx___schedule+0x10/0x10
[  936.550233][    C0]  ? __pfx_lock_release+0x10/0x10
[  936.555285][    C0]  ? __asan_memset+0x23/0x50
[  936.559908][    C0]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  936.565742][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  936.572091][    C0]  ? schedule+0x90/0x320
[  936.576346][    C0]  schedule+0x14b/0x320
[  936.580520][    C0]  schedule_timeout+0x1be/0x310
[  936.585382][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  936.590767][    C0]  ? __pfx_process_timeout+0x10/0x10
[  936.596088][    C0]  ? prepare_to_swait_event+0x32e/0x350
[  936.601669][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  936.606551][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  936.611799][    C0]  ? rcu_gp_init+0x1256/0x1630
[  936.616593][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  936.621571][    C0]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[  936.627674][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  936.632978][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  936.638895][    C0]  ? finish_swait+0xd4/0x1e0
[  936.643503][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  936.648110][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  936.653320][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  936.659228][    C0]  ? __kthread_parkme+0x169/0x1d0
[  936.664267][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  936.669477][    C0]  kthread+0x2f0/0x390
[  936.673561][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  936.678767][    C0]  ? __pfx_kthread+0x10/0x10
[  936.683372][    C0]  ret_from_fork+0x4b/0x80
[  936.687800][    C0]  ? __pfx_kthread+0x10/0x10
[  936.692407][    C0]  ret_from_fork_asm+0x1a/0x30
[  936.697195][    C0]  </TASK>
[  936.700219][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  936.706540][    C0] CPU: 0 UID: 0 PID: 6625 Comm: kworker/u8:17 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[  936.717475][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  936.727534][    C0] Workqueue: events_unbound toggle_allocation_gate
[  936.734053][    C0] RIP: 0010:smp_call_function_many_cond+0x1865/0x29d0
[  936.740819][    C0] Code: 89 e6 83 e6 01 31 ff e8 19 15 0c 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 c4 10 0c 00 eb 38 f3 90 42 0f b6 04 23 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 a8 10 0c 00 eb e4 44
[  936.760428][    C0] RSP: 0018:ffffc90016747700 EFLAGS: 00000293
[  936.766506][    C0] RAX: 0000000000000000 RBX: 1ffff110172688f1 RCX: ffff88802fbf3c00
[  936.774479][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  936.782453][    C0] RBP: ffffc900167478e0 R08: ffffffff81877987 R09: 1ffffffff269e508
[  936.790428][    C0] R10: dffffc0000000000 R11: fffffbfff269e509 R12: dffffc0000000000
[  936.798401][    C0] R13: ffff8880b9344788 R14: ffff8880b923fb40 R15: 0000000000000001
[  936.806378][    C0] FS:  0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
[  936.815309][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  936.821895][    C0] CR2: 00007f66acdbcf98 CR3: 000000000e534000 CR4: 00000000003526f0
[  936.829872][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  936.837842][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  936.845815][    C0] Call Trace:
[  936.849100][    C0]  <IRQ>
[  936.851946][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  936.858292][    C0]  ? print_other_cpu_stall+0x1470/0x15a0
[  936.863947][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  936.869764][    C0]  ? seqcount_lockdep_reader_access+0x1c6/0x220
[  936.876025][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  936.882273][    C0]  ? rcu_sched_clock_irq+0xa2c/0x10d0
[  936.887668][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  936.893313][    C0]  ? hrtimer_run_queues+0x16c/0x460
[  936.898516][    C0]  ? acct_account_cputime+0x207/0x210
[  936.903904][    C0]  ? update_process_times+0x1ce/0x230
[  936.909289][    C0]  ? tick_nohz_handler+0x37c/0x500
[  936.914410][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  936.919875][    C0]  ? __hrtimer_run_queues+0x551/0xd50
[  936.925254][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  936.931261][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  936.936988][    C0]  ? ktime_get_update_offsets_now+0x22d/0x250
[  936.943071][    C0]  ? hrtimer_interrupt+0x396/0x990
[  936.948211][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x3f0
[  936.954383][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  936.960203][    C0]  </IRQ>
[  936.963142][    C0]  <TASK>
[  936.966077][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  936.972246][    C0]  ? smp_call_function_many_cond+0x1847/0x29d0
[  936.978407][    C0]  ? smp_call_function_many_cond+0x1865/0x29d0
[  936.984573][    C0]  ? kmem_cache_alloc_bulk_noprof+0x146/0x790
[  936.990747][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  936.995782][    C0]  ? kmem_cache_alloc_bulk_noprof+0x146/0x790
[  937.001879][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  937.008216][    C0]  ? __pfx___might_resched+0x10/0x10
[  937.013507][    C0]  ? __mutex_trylock_common+0x183/0x2e0
[  937.019060][    C0]  ? __pfx___might_resched+0x10/0x10
[  937.024357][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  937.029393][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[  937.034512][    C0]  text_poke_bp_batch+0x352/0xb30
[  937.039558][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  937.045115][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  937.050150][    C0]  ? arch_jump_label_transform_queue+0x9b/0x100
[  937.056412][    C0]  text_poke_finish+0x30/0x50
[  937.061098][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  937.067086][    C0]  static_key_disable_cpuslocked+0xd2/0x1c0
[  937.072995][    C0]  static_key_disable+0x1a/0x20
[  937.077854][    C0]  toggle_allocation_gate+0x1b8/0x250
[  937.083237][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  937.089139][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  937.095228][    C0]  ? process_scheduled_works+0x945/0x1830
[  937.100956][    C0]  process_scheduled_works+0xa2c/0x1830
[  937.106539][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  937.112537][    C0]  ? assign_work+0x364/0x3d0
[  937.117229][    C0]  worker_thread+0x86d/0xd40
[  937.121846][    C0]  ? __kthread_parkme+0x169/0x1d0
[  937.126883][    C0]  ? __pfx_worker_thread+0x10/0x10
[  937.132004][    C0]  kthread+0x2f0/0x390
[  937.136087][    C0]  ? __pfx_worker_thread+0x10/0x10
[  937.141207][    C0]  ? __pfx_kthread+0x10/0x10
[  937.145808][    C0]  ret_from_fork+0x4b/0x80
[  937.150234][    C0]  ? __pfx_kthread+0x10/0x10
[  937.154834][    C0]  ret_from_fork_asm+0x1a/0x30
[  937.159632][    C0]  </TASK>