last executing test programs:

1m14.027760072s ago: executing program 1 (id=2957):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)='/dev/audio#\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000040)='/dev/full\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b402000000000000620a02000000000006000000000000009500000000000000f1939ed848f21df93f91b07adcad0a4b07f1ef908460d383447042ac86f654d37a9196871a82232bcdd6c0cdb90c62232e3f55133e8becfa1042258afc2d2e4c35c0c97a5930a78d68e9a73c1d2cb8ed1a61862f5634920ac85cc7d837d761c55f480169cfbb5b3b35ea849847b6259e4be756ac4d24ac6106533c6974921551274f6931592eefc4a38297ffaa95800d13"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2f60e7da}, 0x90)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100013070000000000000000ac1414bb000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000ffffe000000200000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001c000100000000000000"], 0x154}, 0x1, 0x0, 0x0, 0x2004d890}, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x1a)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x14}}, 0x0)
renameat2(r1, &(0x7f0000000540)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r1, &(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000300)="a0", 0x1}], 0x1}], 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x7800, 0x10, 0xf8dd, 0x0, {{0x5, 0x4, 0x2, 0xf, 0x14, 0x0, 0x0, 0x1, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x32}, @loopback}}}})
pipe2$watch_queue(0x0, 0x80)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000006c0)='cgroup.procs\x00', 0x2, 0x0)
r5 = openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
write$cgroup_subtree(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="00726c696d697448ae2358da32a24120"], 0x8)
syz_usb_connect(0x0, 0x24, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0xff, 0x0, 0x0, 0x40, 0x572, 0xcb01, 0x2665, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xaa, 0x75, 0xb7}}]}}]}}, 0x0)

40.137280204s ago: executing program 1 (id=2963):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=r2, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)={@ifindex, 0xffffffffffffffff, 0x3, 0x0, 0x0, @prog_id, r3}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @private0, 0x200}, @ib={0x1b, 0x0, 0x10, {"0e000000000000000000000004000001"}, 0x1000}}}, 0x118)
socket$kcm(0xa, 0x2, 0x73)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x4, 0x8}, 0x48)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000280), 0x4)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000044882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r7=>0x0)
io_submit(r7, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0xf, 0x0, 0x0, r6, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])

16.020121229s ago: executing program 3 (id=3079):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x60, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0x5}, {0x16, 0xff, 0x0, 0x6}]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000c80)=ANY=[@ANYRES64=r1, @ANYRES32=r0], &(0x7f0000000f40)=""/4089, 0x82, 0xff9, 0x5}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1c94a6fb08bb1fb4, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x9, 0x33, 0x0, 0x1}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0xf, 0x3f, 0x2}]})
r3 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x5452, &(0x7f0000000000))
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x400c885)
sendmsg$inet(r3, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r4})
io_submit(0x0, 0x1, &(0x7f0000002340)=[0x0])
r5 = memfd_create(&(0x7f0000000440)='\x107m\xadJ\xdc:F\xa0\x06\xe6\xbb\xb8\xb0\xe8\xc3\x87\x12+\x8fY\xee\xc7\xd0,\xc6\x01*\x88\x14U\xde\xfa:\xee\xe8\x1d\x91F\x86)', 0x0)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x58)
finit_module(r5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="ffb65ddfd537ee6b48c1256ad987142e78fdc947edd63e42214113f25e4b8acf00cd5cfeb2315f8e55eb4606c26a467ba6303d7ef128a2facb2715f87a1932d2cf71721bf9bd2bcade57ccf5a3a325aa2c92ed13c062cc0139dd0805788dd33c8b1b9e9caaa97d07060de19be84d8c1ac66ac10c0642822b0c4c40140b12f9f40b7fd8d00fe00c84e3c0fe460b52851d41707b141972ec4101f8848d30896ed532bc5104c07d6bb37083337f6dd998cb7f1b821484ab2ca18d9348188ad55d894f6922bac75bad21d34b960a9b447ea354b65f620a5aff91d02ee031f8a2fb90"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16}, 0x90)
ftruncate(0xffffffffffffffff, 0xc17a)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r6, 0x3, r2, 0x5})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000740)={'#! ', '', [{}, {0x20, 'GPL\x00'}], 0xa, "7eca06d6"}, 0xe)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

14.029639281s ago: executing program 3 (id=3083):
syz_open_dev$MSR(0x0, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r1=>0x0)
io_submit(r1, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0xf, 0x0, 0x0, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])

13.761077896s ago: executing program 3 (id=3086):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x10)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)

13.714408257s ago: executing program 2 (id=3087):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000680)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
write(r2, &(0x7f0000001100)="94", 0x1)
tee(r1, r5, 0xaf5, 0x0)
write$binfmt_script(r5, &(0x7f0000000540)={'#! ', './file0'}, 0xb)
write(r3, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r6, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x0, r6, 0x0, &(0x7f00009c0000/0x4000)=nil, 0x4000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000300)={0x48, 0x8, r7, 0x0, 0x2fff, 0x2, &(0x7f0000000240)="6ef7"})

12.762587416s ago: executing program 3 (id=3089):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x1, 0x8)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000180)='./control\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000020000082505a5a4400000000101090244000101000000090400000302060000052406000005240000000d240f0100000000000000000009058103200000000009058202080000000009050302"], 0x0)
setsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000000)="89070404", 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a0900000000000000000000080000000000ffffff9e000000000000000000000000ffff"], 0x4c}}, 0x0)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180070001006374"], 0x68}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x1f}, @l2cap_cid_signaling={{0x1b}, [@l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0x7, 0xe, 0x8, 0x4}}, @l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x723}}, @l2cap_move_chan_req={{0xe, 0x4, 0x3}, {0x9, 0xa}}]}}, 0x24)
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x121301, 0x0)
write$dsp(r6, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00c90001"], 0x22)
mbind(&(0x7f0000068000/0x1000)=nil, 0x1000, 0x4000, 0x0, 0x0, 0x3)
r7 = semget$private(0x0, 0x4, 0x424)
semctl$SEM_STAT_ANY(r7, 0x1, 0x14, &(0x7f0000000380)=""/276)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0xc})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

12.287685721s ago: executing program 2 (id=3091):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x60, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0x5}, {0x16, 0xff, 0x0, 0x6}]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000c80)=ANY=[@ANYRES64=r1, @ANYRES32=r0], &(0x7f0000000f40)=""/4089, 0x82, 0xff9, 0x5}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1c94a6fb08bb1fb4, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x9, 0x33, 0x0, 0x1}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0xf, 0x3f, 0x2}]})
r3 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x5452, &(0x7f0000000000))
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x400c885)
sendmsg$inet(r3, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180))
io_submit(0x0, 0x1, &(0x7f0000002340)=[0x0])
r4 = memfd_create(&(0x7f0000000440)='\x107m\xadJ\xdc:F\xa0\x06\xe6\xbb\xb8\xb0\xe8\xc3\x87\x12+\x8fY\xee\xc7\xd0,\xc6\x01*\x88\x14U\xde\xfa:\xee\xe8\x1d\x91F\x86)', 0x0)
write$binfmt_elf32(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000001003e0000000012000000003800000000000000a163000000000000000000000000007f8049e30c1e0440"], 0x58)
finit_module(r4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="ffb65ddfd537ee6b48c1256ad987142e78fdc947edd63e42214113f25e4b8acf00cd5cfeb2315f8e55eb4606c26a467ba6303d7ef128a2facb2715f87a1932d2cf71721bf9bd2bcade57ccf5a3a325aa2c92ed13c062cc0139dd0805788dd33c8b1b9e9caaa97d07060de19be84d8c1ac66ac10c0642822b0c4c40140b12f9f40b7fd8d00fe00c84e3c0fe460b52851d41707b141972ec4101f8848d30896ed532bc5104c07d6bb37083337f6dd998cb7f1b821484ab2ca18d9348188ad55d894f6922bac75bad21d34b960a9b447ea354b65f620a5aff91d02ee031f8a2fb90"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16}, 0x90)
ftruncate(0xffffffffffffffff, 0xc17a)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r5, 0x3, r2, 0x5})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000740)={'#! ', '', [{}, {0x20, 'GPL\x00'}], 0xa, "7eca06d6"}, 0xe)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

11.336928886s ago: executing program 2 (id=3094):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f00000000c0)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040))
r1 = socket(0x1e, 0x1, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a000000000000000006000018001680140001000000000000000000000004000000000008001e"], 0x3c}}, 0x0)
syz_emit_ethernet(0xb7, &(0x7f00000003c0)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x81, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0xe, 0xe, "0f15ce5cd4be0d7d7e3c4779a73d4014d7ce8887ee33a53b7a634ccd818a9bdc628f457023c44a142f448bae4319c2eebb5e30a594a1dbf905cc33e393227113597ff9e3979c283e6498f5e1bc00899a2d64c405d13ab61e9a2b13e7eed86d006b50a87dd650e2524ffb79b55b1052"}]}}}}}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
syz_genetlink_get_family_id$team(&(0x7f00000001c0), r2)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000340)={'syztnl0\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x2f, 0xce, 0x3, 0x1, 0x0, @remote, @mcast2, 0x1, 0x80, 0x6, 0x3}})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x20041020}, 0x20001040)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
pread64(r0, &(0x7f0000000280)=""/60, 0x3c, 0x3)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6f94f90524fc601000020010000000053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x79)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)

10.244064271s ago: executing program 2 (id=3097):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x60, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0x5}, {0x16, 0xff, 0x0, 0x6}]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000c80)=ANY=[@ANYRES64=r1, @ANYRES32=r0], &(0x7f0000000f40)=""/4089, 0x82, 0xff9, 0x5}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1c94a6fb08bb1fb4, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x9, 0x33, 0x0, 0x1}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0xf, 0x3f, 0x2}]})
r3 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x5452, &(0x7f0000000000))
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x400c885)
sendmsg$inet(r3, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r4})
io_submit(0x0, 0x1, &(0x7f0000002340)=[0x0])
r5 = memfd_create(&(0x7f0000000440)='\x107m\xadJ\xdc:F\xa0\x06\xe6\xbb\xb8\xb0\xe8\xc3\x87\x12+\x8fY\xee\xc7\xd0,\xc6\x01*\x88\x14U\xde\xfa:\xee\xe8\x1d\x91F\x86)', 0x0)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000001003e0000000012000000003800000000000000a163000000000000000000000000007f8049e30c1e0440"], 0x58)
finit_module(r5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="ffb65ddfd537ee6b48c1256ad987142e78fdc947edd63e42214113f25e4b8acf00cd5cfeb2315f8e55eb4606c26a467ba6303d7ef128a2facb2715f87a1932d2cf71721bf9bd2bcade57ccf5a3a325aa2c92ed13c062cc0139dd0805788dd33c8b1b9e9caaa97d07060de19be84d8c1ac66ac10c0642822b0c4c40140b12f9f40b7fd8d00fe00c84e3c0fe460b52851d41707b141972ec4101f8848d30896ed532bc5104c07d6bb37083337f6dd998cb7f1b821484ab2ca18d9348188ad55d894f6922bac75bad21d34b960a9b447ea354b65f620a5aff91d02ee031f8a2fb90"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16}, 0x90)
ftruncate(0xffffffffffffffff, 0xc17a)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r6, 0x3, r2, 0x5})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000740)={'#! ', '', [{}, {0x20, 'GPL\x00'}]}, 0xa)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDFONTOP_SET(r7, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

8.189384488s ago: executing program 0 (id=3101):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x0, 0x0, @value})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x61}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000240)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x202}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r4, &(0x7f0000004200)="ee43a8f8855298a8290b47b6eb9ecbe3b5cc7d6c5531c6b9218388565017628705c4c32fd55292c0c3f883dbf2e8034edf548838c491174fa9ac73e1c9cc70bf5a3522661ea6daeb623ad80d7d2c07b34a3c60821044fcdef7787b6571dfdf4179e6fe0b1d1a55e1804b1c64f153b46f3ea2ddeb087377540bd71dd01663b7fcb827815c7f8a0045e3e851ccf0c6e73fee19fedd3098a97fbef63ff5eb7c1c1f2facda43aba1f2cdf493a3539ab05e525711238ea2b5e70c7bf56091e3fdd7de8cc3ff7b43e649b5c7378c1f9538f8cd9adc78d0093204f65f7d3b0c7d4d5dd1441cf6d19035e5382545c8c91521551b6347bf4d2356b015b77d05a492e1f8a5a356afeec8b308d8f2c838bd0c9b28dde9239783312362e311e727d23d8545f171dfad77a54fc618378a8088c4627b29643e40ddabc200ae14284084d327e439fa1901f9bf6c52e9a2b7176cd308b3c0d82f6ac370a95055c37b56478f8f33648164250f2c4ec4ff44ff22fc62308909ac5f6b3ee783169933dd421a77bdc238b6e54ed292d033fc80b2f4f6e9200589ef32be4de445d981ed0df390fa2691cf5a22eb7dd1277eed9f79cc489fcbd424f9e42683b4891d54d93d1d12eb6076af805bd5ab5a6007da7daa9eaa4763c5ff36b4d6547145e90e5b74041e24bd3c4b996412637757dcc343784511f09bce6e91908b1a3d4f2bc8310105bef2474b2a7e3204a475a1aa5b6189ca02892342e4ce48e4e7a34eac5f5a973ad1fdeb2404e8899bfa9e40f411c84f75d76a4c680ca107e8cc134527f942d15a17011ffed9f11947a2054d8875d6a562a10685e73c92b78ed8b8c05ac12bdc7b627f0f00a2048027ef15085179610b3142e65b73e931ffd17a40f207e682cd567213c4b88ece6f8e41917944da92b7b834027b0ca18d3f1d1264a920dda9f494bdc359e060be1298dcf3be313cbbc61a70bc02dadc0bbaa4fcc2ce0575651adf3d277f0d4e0bf7ef449e0a6a9d9ff5a20f659fd0b5515d46dd1ed1b412b19a7ab40eff607d26b71056de718acdf6ac40f5e50bfd2a65984242fc20d69bba826d308e0cbafe1b6bd336bc2f1c205bd454a06e5199a23ca1c0a7595cae2550c21aae006001cfa7cdc428cded037397e6b6d009f6b9bee1615aa52da336538e045bf324c71dad2997d87801f87d4d3e0a9a7038573b6220b0676af9b56240f3db4af583ff2a8b9242a6568bc0994d89639a88fea8ede9c59b04591378ec636088dd6ec82c4de4c9de7776ca070a3e7103551ad58eee1ccc0e4d3a0392285802d23b8b5be7b407bb8e38dd7fb793c295c16167c6761ab88f28d509854314f5b7120eaa00f0665c4131cad14a86cd4a758716426eb189b9ad7736d7c7b4a49e7be11019cd28d8869a9f30d8ae52ce35c5a69163d514884fb0e404f59bb7f378dae93d3b1c77db574c5115136a7a0d751486cb0dfc6231b3e242ef88c0d983f65e78e74001e50019fd124d1a0761362cd0ee6d6212c55f37837e21356db7fb5fe79c05db8e45425222f3c4d1fc09667accd4164b8ef336ae3db5b215c82dc0ae4e44c98db78481b9942555dc0ca311c4cabdddd318c5e4f8d477294aa43820f3e4c334987423acd6736196a2990789b4b2d65f48ba3039eeecb2ab8abbf1004c10cc1b563ad368df3513b152878c08fefe65744210432347bf4a67f09dda78be9f1024e077c7191f39b718eb12d7bc7500e855f40673d9975c12ac0bc3526d5017cbfa2a07263f58293bb8c7500b8e365533161295d9ca65c6b8b29482ce3078295a6454bdb574476249c0f7b4cdf3ae3ef55afa3ef653e712f14dd7e270ef728ff4c4f38d09b03daad2868e922a7723ec00884ddfd19a527744ef6cecbc74e8c74aa37b62734286ef94d400a7f884f20c2891ebe78b70a7ea6535c1f1d2a421fd3a05a45749f1511a10eb6f45e54e1b83a2e437df5127be5b54cdaf39bbc96187e46cde341a948bc6999ff738a8abb8da9b943e8e2de28d37cd07c346d05b18b90dc98310d8de6286c42bad83393f3f57ab3c54ad753588909c7eaa08eaccfbda485af7423bcfb58966a0f2b1362801223a99228865b1dfba3d102b63fe3a1dfedd561d205358a276d3887612ce91de546ce6d0b9f5420b667675bc597964910891bf71f949e186f4fe96324b1690c53a8ac12bcbd86e046f3752453bc8c3abc04ca05aeaa4539419dcc2985eb0ba64faa63733a417c25eb4e0a94d4237c9f305fc1a5575b85835f2a71d9dbebbf13a8f58ae798feac3f36af38970b89a705fdb4964ad62c2e3bcf80078a03bff48b9a7c948010789fcd4930999ab49c8dbac946ae3e51ce06b24d0a96fd51070e79950f4477fa39452180ae8cf0dae34079354e0772283d07f0580fc9e03cdac4b27edcf59587746871b1739daf3db43e78d832039f3d82f2fc9aee5798b4d19ae96b9b81c73bc2633a32db2b0452bd22a0cc557d20d46343b244051e0aa33edb3edf35d26114e59424454225e4468131ba1ab70c320a321d5771f18c8fc48617763f77cd3d0b51d90a0d05bef340cc4d52fd65e6b39f2e4f7a7bb8722641df73ec3931541a6cdc43cafa6c5e885ebcc00d230f5d03e59e46feb996da8fa59d16d1e271b0faf2f3f1e1eeda53b9f6bee341b94f4ac6c2f0431253c2beb3d3dac49ae543643a2a4b6aaf5ae46d85a102b71d7ae6cbcd50ab8c6a7a61a972cd6c0ecc8ac1cb7c2b7b732e268c0155b918559afe4f470a9f3e61a41acdee97605332613bce6cb5eadf3786a6ab6bd90d672cd4861f273b1a16998a22c03a81fd8295f6a3068581844ffee8b1e7b95b246167b367b2696508d51b2fa3ccdaae9edd68a04a85a95603b28c273f24715267b8e066cfbbce136ea2cbcc9087fcfe17da753734ce7c47195d9aa65149dc2d0e6155d52ac5173160b84d21906704ea06b34c6f7696f81f39ea3c3b2e5ccb3866357143da1ea3362fa2567b3822f3cfa547cab553f16c589339cefd6620f290273be6375afe68d09f910c6121c84d787b6fbb46ea6561f78459d08a15d8e712606015709fbf5902e46f84ac3d270df370acb8f6c7ee59f61eccd167a885068da639fb3f1c4c7722d7a0fed2489855dd31783bfe807926dff94b6d98535364ea1117592025d20942d2090b0706ae357f98f1e2b7511a9f37b3a9d3d2bacc5aff1e8b3d5f3d5134e75f8af24bf348d50a5222eb0cb2ac2a53ae4e069bce30cda581df56adfe41f7c1831bb2e4370914be2d3c6b5f33c5414597c7248d402e373aa246535d69385da9da1c4a3584b8d280fea95ab160ac8c4303c3f2800ccb7b5797395418b4f3c7dc728dac80404c576e6731644089bc7fc82bc3c6abbd5e174a40e6f1d56c5023669aa08130eee2a0b7263eb215af283b7422689b1966d0bb8e34b8b2b8acd118f125c3d45c4297ff38e1e45c5eb1f3d9b5ef283a7f188baf6ca030b9dbf624e23f8455bb8afe8314bc1acd0beda0cd477a16d982ddbc9c525c8c24b9e53ddb4ff9d03c6db15b121738c4d5a24e638a0c238e3cb865eb7433d672401f6dae1ce7ffe330045e44644f185b2d47c82108dd6052d2a928d7f49e9e22b7cdd94c09a6c9820ff22169acc82e08b430926c5af7d290ca92598fa2d212154a10e17e5af05b5c2141475d7ab034bd384cf663fec9e1f9d8f50c1d3e0406f2665cb273ca0185281ee3a65cd76a1a350fe9aeae6e49cb8f0eb4dba4c19ecf27479833fc47dfee6ae7806723ba5c2f24c62e26a3d8a74cb43546d28acb0fbf287c03dcdac6699c3c7f9a3b806bcac2318118395fa4e052eb620f02a90dc0556e6338266d5529f968359372a21c5b54a46ae61dcd528d7569435311abf1133be800f466dc19ade70b233ab4a5fa04ddcc476ba44aafd2c443a0c6738a422477a8da46420dbc8cf09302e8e59ce967a4832b46e74bf81306ccb497bcd35ae1e552566c5414982ba51151a4f1b13dc1d0065ea65e5272d9a004ffa84574ce96d94561d46664659dd9ebabd1a907b5127b140801720c1d92a40530040c03a869debffa977a57a8d6196cfc24e844f2486639ed630f5eae1dafd32ebaa1d71a7cfbe98badd7f0962fdce731e2ebd4b97fbbfb82a6cbf94d9d67a58f74d0856ae50e757823976f018281590e6adb9b6d5c0e58833d747957196d502f0f96f70bc351fb9599dd3d177162d087f25f4ef07c2796d2b3b1d2ed1d45bd3ee150d0b9569c4ba640526df0c91825fa8442045ca8397aaa16a39f179dd04fa63c9195617849868f0018756391089827fd090b898b165c0528f835d7726c18cd81f1613c5607d54d074d0c3e37a76c884f963ff8070cb25e441d215c02328ea43f518e139a5df4c033e429a27ca9ec62b103578c075baee7a047e070892c169401bd1d3b9b94bb3375af9ef41d75e4199e486042c0c50bf7b2b883251938ec16150cdcd3806b1df7c6bf190567afbfc540145e9f4885a02a2e0a32f878c097799b728eb6db95061c741526f9a8f988f6c6c24b459fa236b27e978628e38c6a4e0a88199f645e64a535a13e8aec318c43c55c7e61160851d534383b76e300718553a710ddbf937f2f16bff9a2cb883d4d96151b2ce87b6269dce42b153d8d4d7cdd1f1d041bd0a58e76f169f8a3ca5fe9d1cd0d5023b9caaec86fbd65b67c7a972a9616cbeee989942b965d6fc0eaa1ac40240dbc910a72cb5ac4af89b390eabfa9fb874323ff0db6c52036df330d65b958d54b92e156a560648e83fc66c05aa2e64b558c03a035f539ae047d611c3eff899ea684e02eb0021ab1a7a20ada3a7bc671935238232b785bc740aeda2a9a8107d63aaea386b9b4462921f2a57c9f681ac4d2e5688de78480826fd0c2646c6922a337a121efad078e8032b9adae398d02da7ab5144f9cde3cc6306c4250788f365f7a51f59e4bd7b4944f5c3acf6046e5ac66fb5d0f83ffbd24de6b43ca32547138609099bb2615fb1ffd971a7117b21e2b70002b5de395f14bf5bd96869bb858687c69026453e2f2f058736603f95f80d8c8d0a22f4f547bf5873ec896f46ce6699682f375cc3d460e836ab58e19830d10dd6458eca0b31dc8b568a1d99b7f01ae483f8c9e99245a5437d4af82b3925aee36b3dc77d5b588d9e225050ee847bbf1c4d0a26fa55eed6f8586d979e9b0e0fadafc8cb56bb74f16efdf4967627a11f669aa5eea716f957d2352e158dec9d295f9d50ca846fda87fcbaeac91df406b7250da41177587dc7102f8fcd9086e263feec335ed1312b71d74403f81c7c7d5731d4b8a10475f86bfeb59a52e769d8c1322facd03960286cda9b6fbea84b06b443baf710d29a209e01d572beb43ddd6ffef3c35afd79a3b12099680a377ee7469610fa26210522d8764d93a00d4a63061f7d0c777199984217b34b4f247ceabff49eed8f404739cb76c6a3f3a1c5804074756266294e2ed4fb15ef2f2cbbf98183dc5dfcb568da748ddf2e5ff56688e1ea25410321d0015c45ceb9eff7c855f683e6a7da716ae15363f98a17fa602edc2cda3ba3bf3d0f53adf56618b2629d4feb77bf70f80c68beea0a37034270c6599498d995c91468fcc4c6650471227af2e38eb3ba208bb7c3c7c326ef744c58bb10e548a770caf35e0ee64053bd8820cdcb4cee1f5ef3dc45ecf8f2a6a0d8e3978c5456ea5989316d75ec5743faf8e63c6b1d68186c7dc2bb8b04f239b42af853e39a43d5891ba3479c0efcb885466710ea1112bd2a7561a6ddbb744ba207ab8ff1e755f3f304d286de3a739b2801af5bab3fd7f034ede2dd38da60415393d6b12ea96ee6cf3b1a87b12b034719e9d907497e1114c888ff2ead6cbc00aa4e9db18186913c35147c9ad06748971a7aed0fa87b4c864150ff06e37b2ef984f0d6e2838e099bcfb92939c75082fa5dc9c7c8455b119866939ef78a594d48b1e233ab2530058a7c2ae8f4147528d0ba328aabdd8d61c2270fb9ab790fbf913e97d15d5e20553016791855e617131474ef0b75081a0c43fc5fa1ecb67c7edeeecc97cd7d941845dad2e54b42e18e68ce41f849313143fe0152e104a2a401e42f982145d9bce7ed874705bf7576ce102ebbe11d6187acba2d06e2b3762cdc8c3f67aa66fd1d70e4ee55e739ebe0b390c8205edc63a9895969ec6fd13b798d5a0401c2e18a580f10505d5abc79a799088d59481a6c26b94180efda1c5c23e9b884f658d8fb0cd80e8e6b3a20c81676f47e929433c27bacb24257edf3e8630755e17d800d8db4f2be1fda9317ba2ecb53756fb0ca80701e49e209859f006a4324c0de093b3da7c23be79567990c79887a03ab64b787832dbaf2579e76d343d41d37431475d11e918393296bff7a33feb659948d554405fac79bf7cc7c4f702e0d74a3cc384f44bdcb800cb24ee11c9531418c1c82453c0410514391cf5679e4d0d9949a8ce20ac70c12694ea6ca08a87307a98a05d48c7608783e0acc829c65425d8677f103a92e1c852164f09ab67f9a155f3575b2ec3ccfd7cb9ad431dd875369abb7ea31b994e2e39a59e5bd93bc8852ea3e2efff3707c8e1319e6c16be14e3386ad2bb5affb435c2436762b58dc6ffeec0743ea0dca0384ef1217db3d6219fb2921861b176fa0b714decb2e5bfe305691d92c4c65a427ab02b8cbf11a701fe74c20de74ef56ed85fd9136ca03b15d0d99e553ba4ebc8ac4e6c41506c97a33c9a05ce53d19bf62cf6ff16ede1bdbee982553bcf11ea5d2d4922f4e7ba82c83a6307610e34da0ca81c43193cdd16a8bd73b6b119461dd245e1f033da72e644614743741b34bc7813a3937a6447e499f036440781a43ccef1bcc15c8b58999e60ad807e82529bd8c819194f0e396b0d93168fc800c0fec2b7b260d1b6c18956d66ad2db20acb3117a2bd17ddb5c046559461f5e91c74b89535c49efb89bf78ec20743017eae6e1f7c393d28f5c8f7c0f0914a30eb2626a294a3ed7ada207e51bd7a95204605af2b8586c29fdf88ece2a3a5a068430a571d98c26e51a45bbb50231197363845c76f58506bf31738a23fe792f678c042e30d7dd5f19ed5ab4bb36536671e160925d4af6ff078c2b7dbdf9c55ed31e61eacc01babc62d9d2e671bc6c1932e170e3dcc5ad67a9ea7d46fca2f256fbf781019782d4066331fe10f62a6ae077a8b9569dc4bac6b90fb730a968f1782cbfc5e005bad8d9b00ae9199c81e317d91196abc75f1887cb8ffcb440f37a972d4ced20f158844e0ee36111a4247dfda14cc5cada6d372e75ee370149d7fa822f73ef0edc835a338c6d5699911fea2fedd7f3e381caff836a690331327f96ab7904a461ef5a36ce5f552bc1d1d9968106a7b8e07eef4aae2e716422a2fb7b0c1e05f09c29ca83f3405adb80e237d6f145383ec4885573e50ca2ad014308ed70477257f4d904089eec809c55d85684265a1d3b00718cfb14d644463623ba225aa95bee2a95e13a0817e2c98d96b822e6e4ef36d18a831699889034d116c84e45467f46140b88c765339b04ee65e3ef12356fe6d7ef1c80653d2e34af6e03c4503431f775e161ab7edbbfd9316372084e5e69d98443d529c9488e26c40734a636d3cb2f3b7e9bf248d647382937e623f1a7119a8deb731db5e2dbb5cc9d7b60e80f35ada2ee398d3a6c1d1d9c485d4c31c4e3beb69017bc92d9d1eba03994832aa7081bc0d29d97154c20f29d183c589e939f2e62ee71ebcbbf42ecdc9b0342920112b6a50bfa1558ca9b8af99008a8a9be29d121b4cb879ad0f61a21d57698cbda61acf65abd1912e1956226ee647d1e87315939ec9d98db2e49101964e26b28350c7fa529bbcad3c1794c2c52fa63755f09b6e1e2ee4d63050f7197b8d013296b1594a8aa16aafbb3cd4cead348e1c1a9cbdcbc09908e8696a72528ecdf12579e3a9d16afcc7b995398e3f0e6c169363195c454c0d761b20a073c962b29d0dc6dc053a586fe928ca31a759781744ed81844ae0c002b039c32538d35cc293d1fe828123110c07a81e6e0ecabf7075cd890c88c4b67a900464a234dc7043ad678f189c4c47068f16d9cc2ea87211cac5d3c3db3e220eb2463a548d4329093d486ea81c020bb72bffaaf205490011900e3dec6dc911343298a47019dd4d18a8bd71cad38ada40ffe14072790ab40c0a586a3ce452dc15940847ce5c794a6840ff6222c934893226bf8315a0be2f2fb6371cfeeedfe94736af945259bee27ce07827b4fa6dfab66e28ebde09053cf8ec25861aad91cfd1efcb69e60cf8ff3c1b8283301c0b5c1122f7b0733fcfe7f71066d74da3a0fa3abe052de9acf07aa091c139120bf5a35fadf7894d494d34f4e10b5cba392de299c971b1cd8eb8c5fcfba94585f58b995c89136383742f318bb3c738ecf00014d9025b7b01b905aafbb58910a873e6dad1227dc062455b1390d8835e1ca0e0799993239fcc387f2bcc85380286c79317e1233faaade720b19b4847c97840fab93d928a2d664edf10c610110188c69cbcba07e95a7659ee5311dbb4fbbdb63c8c561a1d8e6f3c8c940c4ea4d8ebf8e18ca586f8da46e82dfd1fe22a396518f81b97fed2a3b1d36a7e5348e64838594f9f9aacc3494d01f2bf7cf78c5ab4d715aaa3300b384d80265c9675a9db90ea034d91731dd4c0186bdf370df405a8c3aac525aee5dc5174d61e0ea993b79f47f63ca6d7fa2cb2ac622020e7f7b1c4701a248835de588056c4ca462777cca604c3df4d4984ae969c3bfd440906360341b624a234f28de5e5f2fd22b13daae2ce5afcec92a7950930b771c18f18926cedbfe440ec532e343ba80da0ae9f5f5357094052c26d554715a08670aa16bc4d7787a5d81af654e37133e3557d36ca5a9b6206b0d5a0e82c210e4f9693a91d8a5d7d074cce6c9b9f52ca31f0895add87f9fd430b6cf3e9ad17aeae6ed22278b41a2ae03eebb14d679a11372a5850d2456714bf379799d4b8fae37c0e6176c2b6017a73c2234133632a4f0b582a79573e3fb1669a94708da158443266feefe6cfe3b618d1a9cadc213952c420267016deed5cdcfbd521fb8d0f93f5d445b682a67f214d73467c4c76719eef00990fbcbc327ad082a111bc618593bdb67bad926a47c4a5bf18a37abb8f8b6808d69c36520e9dd74799f565cdb5cdea0d89888b4e83b885aaf1c08131f9bb680392b83aae52911f824865a0678160aceebbfb599871399319c4743ae40fdb9d8219ff9ca1c910e42eeb8e79c902b2bfa71ca623ca5ab04b191c50a2a131dbfa051fa4419161285e39ba8eced0fa666b0a83d7677e786396e63efcb0122c437b2396d4b93047320c136e965f24884bbc7f7211c92330205241b1b50013881ba99c1f630f9942be247bbb8db79d517d60d71d16270d7abc0780b812efba3dec50711bd7cbdfa1606bafca8401c44f3672b64a5fd53fd6f8f4dbde88e3dee77df73eba8deeebe60ebbea469fc95e69210be69cf3c483c1ed1e109dd96f4c87e23a2350574e7c6d856628dced7383176ec275fcec450a0cd3c3762d7646ea93c3dc83914127c344c05f6d951e733da419dc5ffb448cbac887194560a0e6072c4bb6c46678a15e6c4086dcae730ac7100d2fa6885002ee67fdb3191179646fcbffd570d4c788e21557acddb0a169e358b3ad891db2013f5155793a8cd8b30a89081709a9d32abe87b8c659439443c5b2a2b4154a531220c7ed0a1719b379d0586ba129b64c6c648546e127e2a9e12121d7a23d453ced5d1659fae2e8472d0a57837dea21faae210abdc7647491cff768dc4b22a3848be5fa919f475117eb9be58660db072ca53c4496308c75a341deb2637c58b58d33e06659d0ef2b89f2e39d7489365ff42204353887b2911b8ab780ca4939033717223286671fe3a91eace5eb8ef8e613cb2256e9cf98a828f3568e89a8124a23f796f49243a5d9e194f4dc832a756fa800cf25a919ca672d027b9aea023261f8d2e923020f9f80292e9a5288160632ceb2017c3f355d1e87371a2db60d6ef950161c9aab029e9e41d3539ec0b73041586063d060e7c1a03d40347b25f6c304f37babf81ad29acd7e7843a15024de14d6f4eb41ac1bf595938c8c831802bddfda06c714c05ffd88954b230d1bdcc1e186ce5e856483b571b7181770c29df1b1997916949194066134a3ec3ad3ffe2075cc4c327f6a50dedb03c63e791f5d2ecc04fe56c96d7e24175c6d9fa6c0f9bbbc51686ae9ad58c7ce31744610e4ba65c86f19cb03cb93fc570d5b8a3e14b5500df16c8929e263193f57d6dd358a1d958bb43a21b5bb59e218bf7eac475c852a0291fdda5a07c8a35a34ffe25d869c769242bc2ac43b9a7a3c6699a5dc51d5289a075406e893adc7cf3bc460914fe02f287c8bed53fb562c36561caee0a49aeb021235aecfa1897bd118f876d7b10b274ce0328eae9b6586296347c8021ea5d3bb651d7fc7ef7810dd8358850c0f6bd2e17b56cd904c52d6f09f3488c6888e78558cc2c1ec1ae10aee278a3d6aa94ea83e2c62fb3fe9f109e34b1911f87cc37d4ec57f0df5aeae79aa4fa669efef94a35298d9cb0221dceb1579094df98bbbc2f5934c52c4dceca9c3296e8a19ca944c8a9222cd0a98dcdc399fd7ed7eee87d90faa80c5a87a13dd195683e94ff03eed98cc5015a31e587497f9152e43423b8f60df798384be82b41736aba5e40ce8ddfd4197637769fa8143886dd72af1ec9bb9b2860fb23f64ac33e8dfa5496fe2099a0d2a7d6c5991e858b909221981dd426bdaa2f98a4d85d8bc6bbe054861c83c2a7c817ed30aff28942165c0a97e0705a759d38c204b41d757501cf5692645c561e9f74e9fc0e77aa2c72880066d7397be02931ac1e51e3a4a624110e89d782479b7566d711504c62724617648ddae642e45696909bc03f4dee792cb7065ad13b4098400bb1f5b85602f8abb6c3cd0e113a04df48cc27b3524de423bcd2468b96262059958c3b576fd755a3f47e6e8adb9707b781545eff74eba17e3165e0aa070a113c9dfe8e02628581a31284d10b4bae5fed080f3fc34785e388e4ea17107945e3542f103e2991084d55165ddc8a42e66ab8011d030c9b2b8ce7dbbe556b40bd37e8adb463cbcb98f721dbafec0effa06975360cf73d1402f973fad361769f7a6fc58b4e4309e973b180662ce8bcbcd2856dc869cad595c9403c34745f59a48648397c8bac67e3df1f5f9463f4ee0cdb6f0e0e14d88b7b56627bad0e79c9b1449efe71517125591671122b482887b36af65250efb90d6de209b38285305fb4460d418046e422c5726b095ea16396878d2884bf0342f3909b9b497cad70fb25d6a6edd41df986bd4586608c45c9dbe452424f1b339cea49d88b2c4e9968e27da1b6bbb62074fd24368cc0f60dadb5965efaf09788d618a76cec20920bcf1634c93b101f15cdf12ad81ab311a0963679be0b1fa1fddada5c37e0fee1cf92952375133b518edac696889a54c6c42bf655f8b982704ee2356133d78c20ef8ec58bc4b1b3b71b8440aca555ddb82e8c6774970298116369847d443e0fc134aab890c658bce45801df1e1ca6b2eb433e0af4ccf7436d7", 0x2000, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x28}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000800), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f0000000300)={0x28, 0x0, r7, 0x0, &(0x7f0000000500)="b2", 0x1})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
fcntl$lock(r8, 0x5, &(0x7f0000000200))
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x6c, r9}, 0x38)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

8.076649321s ago: executing program 4 (id=3102):
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$l2tp6(0xa, 0x2, 0x73)
write(0xffffffffffffffff, &(0x7f0000000f40)="b410a1e8252ce0a1a3be3d593e8bf96f9615aea940ed08d314cbc50631fb02a0647a3c", 0x23)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
msgget$private(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000007c0)=ANY=[])
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[], 0x14}}, 0x0)
pipe(0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x0)
syz_emit_ethernet(0x376, &(0x7f0000000740)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0300", 0x340, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfb23b48, 0x0, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x19, 0x7, "b8a3e10000a3e1030000000900fff5ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0x11, "3f14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e2eeb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05"}]}}}}}}, 0x0)

7.965247413s ago: executing program 2 (id=3103):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x60, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0x5}, {0x16, 0xff, 0x0, 0x6}]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000c80)=ANY=[@ANYRES64=r1, @ANYRES32=r0], &(0x7f0000000f40)=""/4089, 0x82, 0xff9, 0x5}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1c94a6fb08bb1fb4, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x9, 0x33, 0x0, 0x1}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0xf, 0x3f, 0x2}]})
r3 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x5452, &(0x7f0000000000))
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x400c885)
sendmsg$inet(r3, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180))
io_submit(0x0, 0x1, &(0x7f0000002340)=[0x0])
r4 = memfd_create(&(0x7f0000000440)='\x107m\xadJ\xdc:F\xa0\x06\xe6\xbb\xb8\xb0\xe8\xc3\x87\x12+\x8fY\xee\xc7\xd0,\xc6\x01*\x88\x14U\xde\xfa:\xee\xe8\x1d\x91F\x86)', 0x0)
write$binfmt_elf32(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000001003e0000000012000000003800000000000000a163000000000000000000000000007f8049e30c1e0440"], 0x58)
finit_module(r4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="ffb65ddfd537ee6b48c1256ad987142e78fdc947edd63e42214113f25e4b8acf00cd5cfeb2315f8e55eb4606c26a467ba6303d7ef128a2facb2715f87a1932d2cf71721bf9bd2bcade57ccf5a3a325aa2c92ed13c062cc0139dd0805788dd33c8b1b9e9caaa97d07060de19be84d8c1ac66ac10c0642822b0c4c40140b12f9f40b7fd8d00fe00c84e3c0fe460b52851d41707b141972ec4101f8848d30896ed532bc5104c07d6bb37083337f6dd998cb7f1b821484ab2ca18d9348188ad55d894f6922bac75bad21d34b960a9b447ea354b65f620a5aff91d02ee031f8a2fb90"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16}, 0x90)
ftruncate(0xffffffffffffffff, 0xc17a)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r5, 0x3, r2, 0x5})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000740)={'#! ', '', [{}, {0x20, 'GPL\x00'}], 0xa, "7eca06d6"}, 0xe)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

6.915633208s ago: executing program 1 (id=3032):
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$l2tp6(0xa, 0x2, 0x73)
write(0xffffffffffffffff, &(0x7f0000000f40)="b410a1e8252ce0a1a3be3d593e8bf96f9615aea940ed08d314cbc50631fb02a0647a3c", 0x23)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
msgget$private(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000007c0)=ANY=[])
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
pipe(0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x0)
syz_emit_ethernet(0x376, &(0x7f0000000740)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0300", 0x340, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfb23b48, 0x0, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x19, 0x7, "b8a3e10000a3e1030000000900fff5ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0x11, "3f14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e2eeb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05"}]}}}}}}, 0x0)

6.773607344s ago: executing program 4 (id=3104):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f0000000180)=@generic)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

6.586086351s ago: executing program 1 (id=3105):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x2d2c5f7ff52ba616, &(0x7f00000000c0)=0x5)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
syz_open_dev$I2C(&(0x7f0000000300), 0x4, 0x44c200)
ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x8000)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioperm(0x0, 0x6, 0x1f)
getpeername$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "c42e03373ea9b7bff836bfb1c95c39a59cedb5"})
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0xff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400210000000000000048000200656362286369706865725f6e756c6c2900"/232], 0x154}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r4 = io_uring_setup(0x7dfc, &(0x7f0000000100))
close(r4)
clock_nanosleep(0x2, 0x1, &(0x7f0000000080)={0x77359400}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000002c0)={0x35})

6.564770295s ago: executing program 4 (id=3106):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='highspeed\x00', 0xa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x130, r4, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_FWMARK={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_PEERS={0xd4, 0x8, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @remote}}]}, {0x70, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5d75c94e190c846a92efb742a93e9cb73a0d971146d295095c7d05cba4baf434"}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "a68ba5d6b57c1fb2a0d2cdf6934483df383eecfdc7582bd28418b68d48ab2752"}]}]}, @WGDEVICE_A_FLAGS={0x8}]}, 0x130}}, 0x0)
ioctl$RTC_AIE_OFF(r2, 0x40187014)

6.538811921s ago: executing program 3 (id=3107):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
shmget(0x0, 0x1000, 0xb00, &(0x7f0000ffc000/0x1000)=nil)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000002c0))
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in=@broadcast, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in=@private}}, &(0x7f0000000440)=0xe8)
getresgid(&(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580))
socket$packet(0x11, 0x0, 0x300)
socket$packet(0x11, 0x3, 0x300)

3.515040844s ago: executing program 3 (id=3108):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
shmget(0x0, 0x1000, 0xb00, &(0x7f0000ffc000/0x1000)=nil)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000002c0))
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in=@broadcast, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in=@private}}, &(0x7f0000000440)=0xe8)
getresgid(&(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580))
socket$packet(0x11, 0x0, 0x300)
socket$packet(0x11, 0x3, 0x300)

3.507584139s ago: executing program 2 (id=3109):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x1, 0x8)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000180)='./control\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000020000082505a5a4400000000101090244000101000000090400000302060000052406000005240000000d240f0100000000000000000009058103200000000009058202080000000009050302"], 0x0)
setsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000000)="89070404", 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a0900000000000000000000080000000000ffffff9e000000000000000000000000ffff"], 0x4c}}, 0x0)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180070001006374"], 0x68}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x1f}, @l2cap_cid_signaling={{0x1b}, [@l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0x7, 0xe, 0x8, 0x4}}, @l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x723}}, @l2cap_move_chan_req={{0xe, 0x4, 0x3}, {0x9, 0xa}}]}}, 0x24)
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x121301, 0x0)
write$dsp(r6, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00c90001"], 0x22)
mbind(&(0x7f0000068000/0x1000)=nil, 0x1000, 0x4000, 0x0, 0x0, 0x3)
r7 = semget$private(0x0, 0x4, 0x424)
semctl$SEM_STAT_ANY(r7, 0x1, 0x14, &(0x7f0000000380)=""/276)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0xc})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3.346193003s ago: executing program 0 (id=3110):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000730000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
recvmsg(r4, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x40010000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB], &(0x7f00002bf000)='GPL\x00', 0x3, 0xb7, &(0x7f0000000040)=""/183, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r6 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, &(0x7f0000000180)={r0, r5})
sendmmsg$inet(r6, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x0)
close(r6)
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3e, &(0x7f00000000c0)=0x103, 0x4)
bind$llc(r8, &(0x7f0000000040), 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r7, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f0000000180)={0x92, @time={0x7665642f, 0xfdfdffff}})

3.271651397s ago: executing program 4 (id=3111):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0xefc1}, &(0x7f0000000380), &(0x7f00000001c0))
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0))
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000340)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={<r5=>0x0}, &(0x7f0000000580)=0xc)
r6 = syz_open_procfs(r5, &(0x7f00000000c0)='task\x00')
fchdir(r6)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'team0\x00', @link_local})
r7 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
fcntl$setown(r8, 0x8, 0xffffffffffffffff)

3.195493144s ago: executing program 1 (id=3112):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)='/dev/audio#\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000040)='/dev/full\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b402000000000000620a02000000000006000000000000009500000000000000f1939ed848f21df93f91b07adcad0a4b07f1ef908460d383447042ac86f654d37a9196871a82232bcdd6c0cdb90c62232e3f55133e8becfa1042258afc2d2e4c35c0c97a5930a78d68e9a73c1d2cb8ed1a61862f5634920ac85cc7d837d761c55f480169cfbb5b3b35ea849847b6259e4be756ac4d24ac6106533c6974921551274f6931592eefc4a38297ffaa95800d13"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2f60e7da}, 0x90)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100013070000000000000000ac1414bb000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000ffffe000000200000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001c000100000000000000"], 0x154}, 0x1, 0x0, 0x0, 0x2004d890}, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x1a)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x14}}, 0x0)
renameat2(r0, &(0x7f0000000540)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r0, &(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000300)="a0", 0x1}], 0x1}], 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x7800, 0x10, 0xf8dd, 0x0, {{0x5, 0x4, 0x2, 0xf, 0x14, 0x0, 0x0, 0x1, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x32}, @loopback}}}})
pipe2$watch_queue(0x0, 0x80)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000006c0)='cgroup.procs\x00', 0x2, 0x0)
r4 = openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
write$cgroup_subtree(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="00726c696d697448ae2358da32a24120"], 0x8)
syz_usb_connect(0x0, 0x24, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0xff, 0x0, 0x0, 0x40, 0x572, 0xcb01, 0x2665, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xaa, 0x75, 0xb7}}]}}]}}, 0x0)

1.984481516s ago: executing program 0 (id=3113):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_OFF(r1, 0x40187014)

1.760447093s ago: executing program 0 (id=3114):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'virt_wifi0\x00', <r1=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB="4400000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000013000100"/20, @ANYRES32=r3, @ANYBLOB="000000de"], 0x28}}, 0x0) (fail_nth: 4)

742.463197ms ago: executing program 0 (id=3115):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB="60000000100039042cbd7000eaffffff000003e4", @ANYRES32=r2, @ANYBLOB="00000000ca5507004000128008000100736974003400028008000100", @ANYRES32=0x0, @ANYBLOB="080003000a01010105000a000000000006000e001f00000008000c"], 0x60}}, 0x0) (fail_nth: 4)

714.703656ms ago: executing program 4 (id=3116):
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$l2tp6(0xa, 0x2, 0x73)
write(0xffffffffffffffff, &(0x7f0000000f40)="b410a1e8252ce0a1a3be3d593e8bf96f9615aea940ed08d314cbc50631fb02a0647a3c", 0x23)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
msgget$private(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000007c0)=ANY=[])
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
pipe(0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x0)
syz_emit_ethernet(0x376, &(0x7f0000000740)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0300", 0x340, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfb23b48, 0x0, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x19, 0x7, "b8a3e10000a3e1030000000900fff5ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0x11, "3f14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e2eeb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05"}]}}}}}}, 0x0)

58.989448ms ago: executing program 4 (id=3117):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f0000000180)=@generic)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

8.055901ms ago: executing program 0 (id=3118):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
shmget(0x0, 0x1000, 0xb00, &(0x7f0000ffc000/0x1000)=nil)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000002c0))
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in=@broadcast, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in=@private}}, &(0x7f0000000440)=0xe8)
getresgid(&(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580))
socket$packet(0x11, 0x0, 0x300)
socket$packet(0x11, 0x3, 0x300)

0s ago: executing program 1 (id=3119):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x40187014, &(0x7f0000000040)={0x0, 0xe})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r5, 0x6, 0x1, &(0x7f0000000100), 0x4)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000300)=[{&(0x7f0000000200)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
fcntl$lock(r0, 0x25, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$kcm(0x2, 0xa, 0x2)
r9 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r9, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

kernel console output (not intermixed with test programs):

14389] usb 1-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[ 1303.951678][T14389] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1303.984620][T14389] usb 1-1: Product: syz
[ 1304.004485][T14389] usb 1-1: Manufacturer: syz
[ 1304.013188][T14389] usb 1-1: SerialNumber: syz
[ 1304.046840][T14389] usb 1-1: config 0 descriptor??
[ 1304.100633][T14389] radio-usb-si4713 1-1:0.0: Si4713 development board discovered: (10C4:8244)
[ 1304.336950][T14389] radio-usb-si4713 1-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[ 1304.354929][T14389] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1304.375829][T14389] usb 1-1: USB disconnect, device number 55
[ 1304.882385][T15723] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1304.918056][T15723] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1305.002797][T15723] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1305.207763][T15730] can0: slcan on ttyS3.
[ 1305.298439][T15729] can0 (unregistered): slcan off ttyS3.
[ 1305.337795][ T1849] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 1305.665580][ T1849] usb 1-1: Using ep0 maxpacket: 8
[ 1305.680925][ T1849] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1305.821245][ T1849] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1307.483974][ T1849] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1309.489187][ T1849] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1310.707941][T15743] No such timeout policy "syz1"
[ 1310.778023][ T1849] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1310.787105][ T1849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1310.845817][ T1849] usb 1-1: can't set config #16, error -71
[ 1310.863525][ T1849] usb 1-1: USB disconnect, device number 56
[ 1310.969905][T15750] syz.2.2738 uses old SIOCAX25GETINFO
[ 1311.251039][T15762] syz.3.2744 (15762) used obsolete PPPIOCDETACH ioctl
[ 1311.265348][T15757] netlink: 160 bytes leftover after parsing attributes in process `syz.0.2739'.
[ 1311.356711][T15765] 9pnet_fd: Insufficient options for proto=fd
[ 1311.367535][T15765] vivid-000: disconnect
[ 1312.027619][T15759] vivid-000: reconnect
[ 1312.297467][T15772] can0: slcan on ttyS3.
[ 1312.393039][T15778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1312.409962][T15771] can0 (unregistered): slcan off ttyS3.
[ 1312.452471][T15778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1312.470024][T14390] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1312.520094][T15778] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1312.712003][T14390] usb 5-1: New USB device found, idVendor=1f71, idProduct=3301, bcdDevice=ce.1a
[ 1312.723692][T14390] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1312.733934][ T5282] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1312.749889][T14390] usb 5-1: Product: syz
[ 1312.766759][T14390] usb 5-1: Manufacturer: syz
[ 1312.777482][T14390] usb 5-1: SerialNumber: syz
[ 1312.791721][T14390] usb 5-1: config 0 descriptor??
[ 1312.847564][ T5322] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1312.937442][ T5282] usb 1-1: Using ep0 maxpacket: 8
[ 1312.953194][ T5282] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1312.967440][ T5282] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1312.983180][ T5282] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1313.013040][ T5282] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1313.028395][ T5322] usb 3-1: device descriptor read/64, error -71
[ 1313.029417][ T5282] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1313.047947][ T5282] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1313.094780][  T941] usb 5-1: USB disconnect, device number 56
[ 1313.289473][ T5282] usb 1-1: usb_control_msg returned -32
[ 1313.299643][ T5282] usbtmc 1-1:16.0: can't read capabilities
[ 1313.358164][ T5322] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1313.656206][ T5322] usb 3-1: device descriptor read/64, error -71
[ 1318.732989][ T5322] usb usb3-port1: attempt power cycle
[ 1318.762704][T14389] usb 1-1: USB disconnect, device number 57
[ 1319.477498][T14389] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1319.730189][T14389] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 384
[ 1319.767215][T14389] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1319.834915][T14389] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1319.883368][T14389] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1319.916166][T14389] usb 5-1: SerialNumber: syz
[ 1319.964211][T15805] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1320.434842][T15803] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1320.748753][T14389] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[ 1320.789176][T14389] usb 5-1: USB disconnect, device number 57
[ 1320.977524][   T25] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[ 1321.127551][T14390] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1321.387531][T14390] usb 4-1: Using ep0 maxpacket: 16
[ 1321.477677][T14390] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1321.638797][T14390] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1321.672538][T14390] usb 4-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[ 1321.714816][T14390] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1321.788980][T14390] usb 4-1: config 0 descriptor??
[ 1321.869246][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1321.888351][   T25] usb 2-1: config 0 interface 0 altsetting 1 has an invalid endpoint descriptor of length 4, skipping
[ 1321.909709][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1321.931871][   T25] usb 2-1: New USB device found, idVendor=0eef, idProduct=72aa, bcdDevice= 0.00
[ 1321.957695][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1321.979040][   T25] usb 2-1: config 0 descriptor??
[ 1321.984710][T15839] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1322.210718][T14390] chicony 0003:04F2:1421.002D: unbalanced collection at end of report description
[ 1322.255598][T14390] chicony 0003:04F2:1421.002D: Chicony hid parse failed: -22
[ 1322.277710][T14389] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1322.292962][T14390] chicony 0003:04F2:1421.002D: probe with driver chicony failed with error -22
[ 1322.419355][ T5322] usb 4-1: USB disconnect, device number 62
[ 1322.450031][T15839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1322.460829][T15839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1322.472192][T15855] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1322.485836][   T25] usb 2-1: string descriptor 0 read error: -71
[ 1322.493975][T14389] usb 5-1: Using ep0 maxpacket: 8
[ 1322.502414][T15855] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1322.511195][T14389] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1322.525388][   T25] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1322.544317][T14389] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1322.556999][   T25] usb 2-1: USB disconnect, device number 72
[ 1322.564899][T15855] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1322.571016][T14389] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1322.586186][T14389] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1322.601548][T14389] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1322.611061][T14389] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1322.883131][T14389] usb 5-1: usb_control_msg returned -32
[ 1322.888783][T14389] usbtmc 5-1:16.0: can't read capabilities
[ 1324.657989][T15887] No such timeout policy "syz1"
[ 1324.790719][T15890] can0: slcan on ttyS3.
[ 1324.828645][T15889] can0 (unregistered): slcan off ttyS3.
[ 1324.837583][T14390] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[ 1324.924857][ T5322] usb 5-1: USB disconnect, device number 58
[ 1325.259733][T15906] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2781'.
[ 1326.568048][ T5322] usb 5-1: new full-speed USB device number 59 using dummy_hcd
[ 1326.698750][T14390] usb 1-1: not running at top speed; connect to a high speed hub
[ 1326.711763][T14390] usb 1-1: config 123 has an invalid interface number: 222 but max is 1
[ 1326.721446][T14390] usb 1-1: config 123 has an invalid interface number: 61 but max is 1
[ 1326.730037][T14390] usb 1-1: config 123 has no interface number 0
[ 1326.736326][T14390] usb 1-1: config 123 has no interface number 1
[ 1326.742752][T14390] usb 1-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1326.776612][T14390] usb 1-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[ 1326.797552][T14390] usb 1-1: config 123 interface 222 has no altsetting 0
[ 1326.804523][T14390] usb 1-1: config 123 interface 61 has no altsetting 0
[ 1326.826321][T14390] usb 1-1: string descriptor 0 read error: -22
[ 1326.833843][T14390] usb 1-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c
[ 1326.854105][T14390] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1326.884651][ T5322] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1326.884682][ T5322] usb 5-1: config 0 interface 0 altsetting 1 has an invalid endpoint descriptor of length 4, skipping
[ 1326.884698][ T5322] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1326.884721][ T5322] usb 5-1: New USB device found, idVendor=0eef, idProduct=72aa, bcdDevice= 0.00
[ 1326.884737][ T5322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.886428][ T5322] usb 5-1: config 0 descriptor??
[ 1326.887007][T15900] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1326.907201][T14390] usb 1-1: bad CDC descriptors
[ 1326.977189][T15918] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1327.026354][T15918] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1327.046798][T15918] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1327.356420][T15900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1327.389485][T15900] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1327.421304][ T5322] usb 5-1: string descriptor 0 read error: -71
[ 1327.434098][ T5322] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1327.478841][ T5322] usb 5-1: USB disconnect, device number 59
[ 1328.240947][T15930] No such timeout policy "syz1"
[ 1329.529523][T15939] can0: slcan on ttyS3.
[ 1329.629475][T15935] can0 (unregistered): slcan off ttyS3.
[ 1329.760210][    T9] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1330.835810][   T25] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1330.879946][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1330.900736][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1330.926734][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1330.943480][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1330.954375][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1330.991525][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1331.004428][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1331.042585][   T25] usb 5-1: Using ep0 maxpacket: 8
[ 1331.056342][   T25] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1331.105288][   T25] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1331.120602][   T25] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1331.146194][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1331.173328][   T25] usbtmc 5-1:16.0: bulk endpoints not found
[ 1331.242231][    T9] usb 4-1: usb_control_msg returned -71
[ 1331.267578][    T9] usbtmc 4-1:16.0: can't read capabilities
[ 1331.348804][    T9] usb 4-1: USB disconnect, device number 63
[ 1331.387675][ T5349] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1331.503124][T15962] openvswitch: ɶƣ0GC¦: Dropping previously announced user features
[ 1332.279215][   T25] usb 1-1: USB disconnect, device number 58
[ 1332.727811][ T5349] usb 2-1: Using ep0 maxpacket: 8
[ 1333.026460][ T5349] usb 2-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[ 1333.082170][ T5349] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1333.118109][ T5349] usb 2-1: config 0 descriptor??
[ 1333.194544][ T5349] usb 2-1: bad CDC descriptors
[ 1333.212599][ T5349] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[ 1333.224085][ T5349] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[ 1333.235314][ T5349] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[ 1333.365623][T15978] FAULT_INJECTION: forcing a failure.
[ 1333.365623][T15978] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1333.386558][T15978] CPU: 0 UID: 0 PID: 15978 Comm: syz.0.2802 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1333.397368][T15978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1333.407438][T15978] Call Trace:
[ 1333.410713][T15978]  <TASK>
[ 1333.413638][T15978]  dump_stack_lvl+0x241/0x360
[ 1333.418320][T15978]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1333.423522][T15978]  ? __pfx__printk+0x10/0x10
[ 1333.428110][T15978]  ? validate_chain+0x11e/0x5900
[ 1333.433046][T15978]  should_fail_ex+0x3b0/0x4e0
[ 1333.437728][T15978]  prepare_alloc_pages+0x1da/0x5d0
[ 1333.442942][T15978]  __alloc_pages_noprof+0x166/0x6c0
[ 1333.448150][T15978]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1333.453882][T15978]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1333.459362][T15978]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1333.465385][T15978]  ? alloc_pages_noprof+0xef/0x170
[ 1333.470499][T15978]  __pmd_alloc+0x91/0x630
[ 1333.474825][T15978]  ? mt_find+0x226/0x850
[ 1333.479069][T15978]  ? __pfx___pmd_alloc+0x10/0x10
[ 1333.484039][T15978]  handle_mm_fault+0xde3/0x1880
[ 1333.488915][T15978]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1333.494211][T15978]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1333.500547][T15978]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1333.505838][T15978]  exc_page_fault+0x2b9/0x8c0
[ 1333.510523][T15978]  asm_exc_page_fault+0x26/0x30
[ 1333.515402][T15978] RIP: 0010:rep_movs_alternative+0x15/0x70
[ 1333.521214][T15978] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84
[ 1333.540833][T15978] RSP: 0018:ffffc900045dfc90 EFLAGS: 00050202
[ 1333.546905][T15978] RAX: ffffffff84a7a500 RBX: 0000000020000044 RCX: 0000000000000004
[ 1333.554899][T15978] RDX: 0000000000000000 RSI: ffffc900045dfd80 RDI: 0000000020000040
[ 1333.562871][T15978] RBP: ffffc900045dfdf0 R08: 0000000000000003 R09: fffff520008bbfb0
[ 1333.570843][T15978] R10: dffffc0000000000 R11: fffff520008bbfb0 R12: 0000000000000004
[ 1333.578816][T15978] R13: dffffc0000000000 R14: 0000000020000040 R15: ffffc900045dfd80
[ 1333.586800][T15978]  ? _copy_to_user+0x30/0xb0
[ 1333.591407][T15978]  _copy_to_user+0x86/0xb0
[ 1333.595840][T15978]  do_timer_create+0xd93/0x1420
[ 1333.600717][T15978]  ? __pfx_do_timer_create+0x10/0x10
[ 1333.606024][T15978]  ? __fget_files+0x3f6/0x470
[ 1333.610722][T15978]  __x64_sys_timer_create+0x144/0x190
[ 1333.616100][T15978]  ? __pfx___x64_sys_timer_create+0x10/0x10
[ 1333.622005][T15978]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1333.628005][T15978]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1333.634388][T15978]  ? do_syscall_64+0x100/0x230
[ 1333.639160][T15978]  ? do_syscall_64+0xb6/0x230
[ 1333.643854][T15978]  do_syscall_64+0xf3/0x230
[ 1333.648383][T15978]  ? clear_bhb_loop+0x35/0x90
[ 1333.653063][T15978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1333.658967][T15978] RIP: 0033:0x7f66d03773b9
[ 1333.663392][T15978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1333.683007][T15978] RSP: 002b:00007f66d1097048 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[ 1333.691415][T15978] RAX: ffffffffffffffda RBX: 00007f66d0505f80 RCX: 00007f66d03773b9
[ 1333.699384][T15978] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 4b63af839bf988da
[ 1333.707362][T15978] RBP: 00007f66d10970a0 R08: 0000000000000000 R09: 0000000000000000
[ 1333.715340][T15978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1333.723309][T15978] R13: 000000000000000b R14: 00007f66d0505f80 R15: 00007ffe05027668
[ 1333.731300][T15978]  </TASK>
[ 1334.385787][   T25] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1335.552826][ T1849] usb 5-1: USB disconnect, device number 60
[ 1335.656066][T15990] No such timeout policy "syz1"
[ 1335.667947][    T9] usb 2-1: USB disconnect, device number 73
[ 1335.744079][   T25] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 384
[ 1335.761823][   T25] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1335.792405][   T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1335.803341][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1335.814364][   T25] usb 4-1: SerialNumber: syz
[ 1335.822846][T15979] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1336.046930][   T25] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[ 1336.064972][   T25] usb 4-1: USB disconnect, device number 64
[ 1336.387672][    T9] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 1336.677574][    T9] usb 2-1: Using ep0 maxpacket: 8
[ 1336.699270][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1336.741179][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1336.773353][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1336.802226][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1336.842619][ T1849] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1336.873777][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1336.910215][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.067524][ T1849] usb 5-1: Using ep0 maxpacket: 16
[ 1337.349772][ T1849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1337.438709][ T1849] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1337.547905][ T1849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.822897][ T1849] usb 5-1: config 0 descriptor??
[ 1337.890466][T16014] ɶƣ0GC¦: entered promiscuous mode
[ 1338.155158][T16018] can0: slcan on ttyS3.
[ 1338.238426][    T9] usb 2-1: usb_control_msg returned -32
[ 1338.257526][    T9] usbtmc 2-1:16.0: can't read capabilities
[ 1338.267852][T16016] can0 (unregistered): slcan off ttyS3.
[ 1338.299199][T16020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1338.329991][T16020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1338.355483][T15989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1338.363408][T16020] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1338.387794][T15989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1339.639814][T15991] xt_connbytes: Forcing CT accounting to be enabled
[ 1339.646491][T15991] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1339.684929][    T9] usb 2-1: USB disconnect, device number 74
[ 1339.685313][ T1849] usbhid 5-1:0.0: can't add hid device: -71
[ 1339.715582][ T1849] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1339.735506][ T1849] usb 5-1: USB disconnect, device number 61
[ 1342.874166][T16049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1342.896516][T16049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1342.918490][T16049] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1345.758925][T16067] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2824'.
[ 1346.288926][T16070] 9pnet_fd: Insufficient options for proto=fd
[ 1346.297693][T16070] vivid-002: disconnect
[ 1346.555134][T16060] vivid-002: reconnect
[ 1347.367601][    T9] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1347.410667][T16079] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1347.443355][T16079] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1347.476351][T16079] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1347.488571][T14390] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[ 1347.567709][    T9] usb 5-1: Using ep0 maxpacket: 8
[ 1347.587776][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1347.635305][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1347.669615][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1347.691738][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1347.707521][T14390] usb 2-1: Using ep0 maxpacket: 32
[ 1347.732054][T14390] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1347.756453][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1347.773193][T14390] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1347.785846][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1347.797537][T14390] usb 2-1: New USB device found, idVendor=1e71, idProduct=200f, bcdDevice= 0.00
[ 1347.833078][T14390] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1347.856338][T14390] usb 2-1: config 0 descriptor??
[ 1348.028684][    T9] usb 5-1: usb_control_msg returned -32
[ 1348.037660][    T9] usbtmc 5-1:16.0: can't read capabilities
[ 1348.144228][T14390] nzxt-smart2 0003:1E71:200F.002E: unknown main item tag 0x0
[ 1348.155798][T14390] nzxt-smart2 0003:1E71:200F.002E: item fetching failed at offset 2/5
[ 1348.166369][T14390] nzxt-smart2 0003:1E71:200F.002E: probe with driver nzxt-smart2 failed with error -22
[ 1348.334073][    T9] usb 2-1: USB disconnect, device number 75
[ 1350.643863][ T1849] usb 5-1: USB disconnect, device number 62
[ 1350.657801][T14390] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1350.845480][T16101] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2836'.
[ 1351.587543][T14390] usb 1-1: Using ep0 maxpacket: 8
[ 1351.918062][T14390] usb 1-1: device descriptor read/all, error -71
[ 1352.907706][T16109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1352.929074][T16109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1352.945901][T16109] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1354.721287][T16122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1354.765365][T16125] FAULT_INJECTION: forcing a failure.
[ 1354.765365][T16125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1354.789677][T16122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1354.814916][T16125] CPU: 1 UID: 0 PID: 16125 Comm: syz.2.2841 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1354.825802][T16125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1354.835850][T16125] Call Trace:
[ 1354.839121][T16125]  <TASK>
[ 1354.842044][T16125]  dump_stack_lvl+0x241/0x360
[ 1354.846720][T16125]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1354.851932][T16125]  ? __pfx__printk+0x10/0x10
[ 1354.856519][T16125]  ? __pfx_lock_release+0x10/0x10
[ 1354.861544][T16125]  should_fail_ex+0x3b0/0x4e0
[ 1354.866237][T16125]  _copy_to_user+0x2f/0xb0
[ 1354.870670][T16125]  bpf_test_finish+0x22c/0x8b0
[ 1354.875461][T16125]  ? __pfx_bpf_test_finish+0x10/0x10
[ 1354.880774][T16125]  ? _copy_from_user+0xa6/0xe0
[ 1354.885640][T16125]  ? bpf_test_init+0x15a/0x180
[ 1354.890425][T16125]  bpf_prog_test_run_xdp+0x905/0x11b0
[ 1354.895816][T16125]  ? __pfx_lock_release+0x10/0x10
[ 1354.900866][T16125]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1354.906688][T16125]  ? __fget_files+0x29/0x470
[ 1354.911296][T16125]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1354.917107][T16125]  bpf_prog_test_run+0x33a/0x3b0
[ 1354.922054][T16125]  __sys_bpf+0x48d/0x810
[ 1354.926299][T16125]  ? __pfx___sys_bpf+0x10/0x10
[ 1354.931075][T16125]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1354.937061][T16125]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1354.943403][T16125]  ? do_syscall_64+0x100/0x230
[ 1354.948174][T16125]  __x64_sys_bpf+0x7c/0x90
[ 1354.952595][T16125]  do_syscall_64+0xf3/0x230
[ 1354.957100][T16125]  ? clear_bhb_loop+0x35/0x90
[ 1354.961789][T16125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1354.967685][T16125] RIP: 0033:0x7f15ce7773b9
[ 1354.972096][T16125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1354.991697][T16125] RSP: 002b:00007f15cf5ce048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1355.000109][T16125] RAX: ffffffffffffffda RBX: 00007f15ce905f80 RCX: 00007f15ce7773b9
[ 1355.008077][T16125] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a
[ 1355.016042][T16125] RBP: 00007f15cf5ce0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1355.024024][T16125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1355.031995][T16125] R13: 000000000000000b R14: 00007f15ce905f80 R15: 00007ffcf8131698
[ 1355.039981][T16125]  </TASK>
[ 1355.059025][T16122] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1356.123083][T16131] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1356.146442][T16131] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1356.175782][T16131] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1359.583708][T16144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1359.621805][T16144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1359.722071][T16148] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2847'.
[ 1360.287135][T16144] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1364.594986][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 1365.582675][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[ 1365.803619][    C0] eth0: bad gso: type: 1, size: 1408
[ 1365.898375][T16168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2851'.
[ 1366.133385][T16169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2855'.
[ 1366.154931][T16169] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1366.745357][ T5234] Bluetooth: hci5: command 0x0406 tx timeout
[ 1367.597635][T13242] Bluetooth: hci4: command 0x0406 tx timeout
[ 1368.222895][T16194] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1368.246983][T16192] overlayfs: failed to resolve './file0': -2
[ 1368.269696][T16193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1368.287061][T16187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1368.327446][T14389] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1368.340940][T16187] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1368.351089][T13242] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1368.365805][T13242] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1368.373924][T13242] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1368.385266][T16193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1368.397650][T13242] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1368.422848][T14554] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1368.442830][T13242] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1368.458615][T13242] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1368.517566][T14389] usb 4-1: Using ep0 maxpacket: 8
[ 1368.524436][T14389] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1368.536952][T14389] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1368.547767][T14389] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1368.551746][T16193] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1368.559166][T14389] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1368.586827][T14554] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1368.597732][T14389] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1368.606813][T14389] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1368.732303][T14554] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1368.826247][T14389] usb 4-1: usb_control_msg returned -32
[ 1368.833104][T14389] usbtmc 4-1:16.0: can't read capabilities
[ 1368.843778][T14554] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1368.902793][T16202] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1368.932912][T16202] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1368.989648][T16202] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1369.188778][T14554] bridge_slave_1: left allmulticast mode
[ 1369.195124][T14554] bridge_slave_1: left promiscuous mode
[ 1369.202452][T14554] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1369.218350][T14554] bridge_slave_0: left allmulticast mode
[ 1369.225315][T14554] bridge_slave_0: left promiscuous mode
[ 1369.233209][T14554] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1369.430976][T16207] 9pnet: Could not find request transport: nd
[ 1369.746778][T16214] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2865'.
[ 1370.508766][ T5282] usb 4-1: USB disconnect, device number 65
[ 1370.557806][T13245] Bluetooth: hci1: command tx timeout
[ 1370.846940][T14554] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1370.873797][T14554] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1370.894956][T14554] bond0 (unregistering): Released all slaves
[ 1370.915280][T16195] chnl_net:caif_netlink_parms(): no params data found
[ 1371.628600][T16220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2867'.
[ 1371.637704][T16220] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1371.991001][T16235] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2869'.
[ 1372.039776][T16228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2868'.
[ 1372.143582][    C0] eth0: bad gso: type: 1, size: 1408
[ 1372.295365][T16245] overlayfs: failed to resolve './file0': -2
[ 1372.388187][T16195] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1372.400891][T16195] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1372.411989][T16195] bridge_slave_0: entered allmulticast mode
[ 1372.440189][T16195] bridge_slave_0: entered promiscuous mode
[ 1372.584903][T16251] FAULT_INJECTION: forcing a failure.
[ 1372.584903][T16251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1372.598202][T16251] CPU: 1 UID: 0 PID: 16251 Comm: syz.0.2873 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1372.608993][T16251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1372.619061][T16251] Call Trace:
[ 1372.622349][T16251]  <TASK>
[ 1372.625283][T16251]  dump_stack_lvl+0x241/0x360
[ 1372.629992][T16251]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1372.635237][T16251]  ? __pfx__printk+0x10/0x10
[ 1372.639935][T16251]  ? __pfx_lock_release+0x10/0x10
[ 1372.644979][T16251]  should_fail_ex+0x3b0/0x4e0
[ 1372.649671][T16251]  _copy_to_user+0x2f/0xb0
[ 1372.654104][T16251]  cec_ioctl+0x990/0x3380
[ 1372.658463][T16251]  ? __pfx_cec_ioctl+0x10/0x10
[ 1372.663231][T16251]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1372.669577][T16251]  ? tomoyo_path_number_perm+0x208/0x880
[ 1372.675227][T16251]  ? __pfx_lock_release+0x10/0x10
[ 1372.680265][T16251]  ? kfree+0x149/0x360
[ 1372.684365][T16251]  ? tomoyo_path_number_perm+0x71a/0x880
[ 1372.690100][T16251]  ? tomoyo_path_number_perm+0x208/0x880
[ 1372.695742][T16251]  ? smack_log+0x123/0x540
[ 1372.700167][T16251]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1372.706159][T16251]  ? __pfx_smack_log+0x10/0x10
[ 1372.710938][T16251]  ? smk_access+0x4ab/0x4e0
[ 1372.715480][T16251]  ? smack_file_ioctl+0x2fa/0x3a0
[ 1372.720515][T16251]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1372.725913][T16251]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1372.730881][T16251]  ? security_file_ioctl+0x87/0xb0
[ 1372.735997][T16251]  ? __pfx_cec_ioctl+0x10/0x10
[ 1372.740763][T16251]  __se_sys_ioctl+0xfc/0x170
[ 1372.745359][T16251]  do_syscall_64+0xf3/0x230
[ 1372.749866][T16251]  ? clear_bhb_loop+0x35/0x90
[ 1372.754547][T16251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.760451][T16251] RIP: 0033:0x7f66d03773b9
[ 1372.764867][T16251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1372.784469][T16251] RSP: 002b:00007f66cfdff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1372.792884][T16251] RAX: ffffffffffffffda RBX: 00007f66d0506130 RCX: 00007f66d03773b9
[ 1372.800854][T16251] RDX: 0000000020000340 RSI: 00000000c05c6104 RDI: 0000000000000008
[ 1372.808822][T16251] RBP: 00007f66cfdff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1372.816785][T16251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1372.824749][T16251] R13: 000000000000006e R14: 00007f66d0506130 R15: 00007ffe05027668
[ 1372.832730][T16251]  </TASK>
[ 1372.889120][T13245] Bluetooth: hci1: command tx timeout
[ 1373.531263][T16195] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1373.567873][T16195] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1373.577753][T16195] bridge_slave_1: entered allmulticast mode
[ 1373.600409][T16195] bridge_slave_1: entered promiscuous mode
[ 1373.714146][T16195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1373.732628][T16258] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1373.762187][T16258] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1373.775394][T14554] hsr_slave_0: left promiscuous mode
[ 1373.778634][T16258] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1373.795250][T14554] hsr_slave_1: left promiscuous mode
[ 1373.805370][T14554] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1373.817496][T14554] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1373.829046][T14554] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1373.839038][T14554] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1373.848752][ T1849] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1373.878390][T14554] veth1_macvtap: left promiscuous mode
[ 1373.891315][T14554] veth0_macvtap: left promiscuous mode
[ 1373.897847][T14554] veth1_vlan: left promiscuous mode
[ 1373.903279][T14554] veth0_vlan: left promiscuous mode
[ 1373.940063][T16267] netlink: 160 bytes leftover after parsing attributes in process `syz.0.2878'.
[ 1374.037440][ T5282] usb 2-1: new full-speed USB device number 76 using dummy_hcd
[ 1374.039038][ T1849] usb 4-1: Using ep0 maxpacket: 8
[ 1374.070849][ T1849] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1374.119542][ T1849] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1374.133740][ T1849] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1374.156436][ T1849] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1374.177292][ T1849] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1374.191924][ T1849] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1374.315501][ T5282] usb 2-1: not running at top speed; connect to a high speed hub
[ 1374.348383][ T5282] usb 2-1: config 123 has an invalid interface number: 222 but max is 1
[ 1374.358068][ T5282] usb 2-1: config 123 has an invalid interface number: 61 but max is 1
[ 1374.378206][ T5282] usb 2-1: config 123 has no interface number 0
[ 1374.392068][ T5282] usb 2-1: config 123 has no interface number 1
[ 1374.423062][ T5282] usb 2-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1374.438744][ T1849] usb 4-1: usb_control_msg returned -32
[ 1374.456823][ T5282] usb 2-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[ 1374.460145][ T1849] usbtmc 4-1:16.0: can't read capabilities
[ 1374.495477][ T5282] usb 2-1: config 123 interface 222 has no altsetting 0
[ 1374.538818][ T5282] usb 2-1: config 123 interface 61 has no altsetting 0
[ 1374.557500][ T5282] usb 2-1: string descriptor 0 read error: -22
[ 1374.564361][ T5282] usb 2-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c
[ 1374.574312][ T5282] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1374.616949][ T5282] usb 2-1: bad CDC descriptors
[ 1375.028953][T13245] Bluetooth: hci1: command tx timeout
[ 1375.678781][  T941] usb 2-1: USB disconnect, device number 76
[ 1375.996503][T14554] team0 (unregistering): Port device team_slave_1 removed
[ 1376.061721][T16281] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1376.076199][T14554] team0 (unregistering): Port device team_slave_0 removed
[ 1376.564881][T16287] overlayfs: failed to resolve './file0': -2
[ 1376.594341][ T5274] usb 4-1: USB disconnect, device number 66
[ 1377.041290][T16300] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2887'.
[ 1377.118930][T13245] Bluetooth: hci1: command tx timeout
[ 1377.463495][T16306] netlink: 160 bytes leftover after parsing attributes in process `syz.1.2888'.
[ 1377.611175][T16195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1377.826176][T16195] team0: Port device team_slave_0 added
[ 1377.875075][T16195] team0: Port device team_slave_1 added
[ 1377.949375][T16195] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1377.982303][T16195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1378.008320][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1378.027632][T16195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1378.943842][T16195] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1378.953559][T16195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1378.983134][T16195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1379.045523][  T941] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1379.279212][  T941] usb 3-1: Using ep0 maxpacket: 8
[ 1379.282016][T16195] hsr_slave_0: entered promiscuous mode
[ 1385.178138][  T941] usb 3-1: device descriptor read/all, error -110
[ 1385.279775][T16195] hsr_slave_1: entered promiscuous mode
[ 1385.454027][T16328] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2894'.
[ 1386.457547][  T941] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1386.573945][T16342] overlayfs: failed to resolve './file0': -2
[ 1386.660032][  T941] usb 3-1: Using ep0 maxpacket: 8
[ 1386.691337][  T941] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1386.704263][  T941] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1386.726527][  T941] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1386.741710][  T941] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1386.770594][  T941] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1386.784771][  T941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1386.977442][ T5321] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1386.987275][T16195] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1387.001287][  T941] usb 3-1: usb_control_msg returned -32
[ 1387.013288][  T941] usbtmc 3-1:16.0: can't read capabilities
[ 1387.025442][T16195] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1387.039596][T16195] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1387.068156][T16195] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1387.177519][ T5321] usb 4-1: Using ep0 maxpacket: 16
[ 1387.195007][ T5321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1387.228731][ T5321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1387.264842][ T5321] usb 4-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[ 1387.281433][T13242] Bluetooth: hci0: command 0x0406 tx timeout
[ 1387.307554][ T5321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1387.325227][ T5321] usb 4-1: config 0 descriptor??
[ 1387.334411][T16195] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1387.453914][T16195] 8021q: adding VLAN 0 to HW filter on device team0
[ 1387.485124][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1387.492383][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1387.534489][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1387.541683][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1388.129781][T16344] netlink: 'syz.3.2898': attribute type 11 has an invalid length.
[ 1388.413535][ T5321] razer 0003:1532:010D.002F: unknown main item tag 0x0
[ 1388.446939][ T5321] razer 0003:1532:010D.002F: unknown main item tag 0x0
[ 1388.461774][T13220] usb 3-1: USB disconnect, device number 53
[ 1388.467953][ T5321] razer 0003:1532:010D.002F: unknown main item tag 0x0
[ 1388.489590][ T5321] razer 0003:1532:010D.002F: unknown main item tag 0x0
[ 1388.537722][ T5321] razer 0003:1532:010D.002F: unknown main item tag 0x0
[ 1388.544668][ T5321] razer 0003:1532:010D.002F: unknown main item tag 0x0
[ 1388.580021][ T5321] razer 0003:1532:010D.002F: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.3-1/input0
[ 1388.611442][T16357] netlink: 160 bytes leftover after parsing attributes in process `syz.0.2901'.
[ 1388.637589][ T5321] usb 4-1: USB disconnect, device number 67
[ 1388.672575][T16195] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1389.098181][T16374] vivid-003: disconnect
[ 1389.718736][T16369] vivid-003: reconnect
[ 1389.830132][T16373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2904'.
[ 1393.985755][T16390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1395.457981][T16390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1395.605360][T16390] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1397.048331][T16195] veth0_vlan: entered promiscuous mode
[ 1397.070396][T16195] veth1_vlan: entered promiscuous mode
[ 1397.136800][T16195] veth0_macvtap: entered promiscuous mode
[ 1397.221116][T16195] veth1_macvtap: entered promiscuous mode
[ 1397.300436][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1397.336230][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.366201][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1397.413718][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.439779][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1397.463204][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.473282][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1397.484395][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.506476][T16195] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1397.553446][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1397.588474][T13220] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1397.594908][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.632311][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1397.643326][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.682071][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1397.694315][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.698128][ T5274] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[ 1397.707783][T16195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1397.732044][T16195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1397.785004][T16195] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1397.813323][T13220] usb 4-1: Using ep0 maxpacket: 8
[ 1397.816522][T16195] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1397.831403][T16195] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1397.840768][T13220] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1397.841613][T16195] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1397.862173][T16195] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1397.900937][T13220] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1397.915737][T13220] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1397.932012][T13220] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1397.946481][ T5274] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1397.962225][ T5274] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1397.994989][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1398.005489][T13220] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1398.016729][T13220] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1398.029803][ T5274] usb 2-1: config 0 descriptor??
[ 1398.051046][ T5274] pwc: Askey VC010 type 2 USB webcam detected.
[ 1398.137052][T14554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1398.164720][T14554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1398.212954][T14554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1398.221587][T14554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1398.434186][T13220] usb 4-1: usb_control_msg returned -32
[ 1398.440410][ T5274] pwc: send_video_command error -71
[ 1398.445646][ T5274] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1398.456225][T13220] usbtmc 4-1:16.0: can't read capabilities
[ 1398.466665][ T5274] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[ 1398.488353][ T5274] usb 2-1: USB disconnect, device number 77
[ 1398.763504][T16428] vivid-001: disconnect
[ 1399.025059][T16417] vivid-001: reconnect
[ 1399.112795][T16421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2915'.
[ 1399.122383][T16421] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1399.433019][T16433] netlink: 160 bytes leftover after parsing attributes in process `syz.0.2917'.
[ 1399.518076][ T5274] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 1400.528905][ T5274] usb 2-1: device descriptor read/all, error -71
[ 1400.702121][T13220] usb 4-1: USB disconnect, device number 68
[ 1401.125497][T16454] 9pnet_fd: Insufficient options for proto=fd
[ 1401.136240][T16454] vivid-001: disconnect
[ 1401.633475][T16447] vivid-001: reconnect
[ 1401.845336][T16446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1402.546231][T16458] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2924'.
[ 1402.888844][T16446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1402.910256][T16446] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1404.108155][T16470] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2928'.
[ 1404.142835][T16470] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1404.407471][    T9] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1404.481205][T16478] vivid-000: disconnect
[ 1404.865305][T16471] vivid-000: reconnect
[ 1405.197590][    T9] usb 1-1: Using ep0 maxpacket: 16
[ 1405.209298][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1405.247510][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1405.256619][    T9] usb 1-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[ 1405.382566][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1405.399034][    T9] usb 1-1: config 0 descriptor??
[ 1406.256956][T14390] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 1406.457488][T14390] usb 2-1: Using ep0 maxpacket: 8
[ 1406.470357][T14390] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1406.497459][T14390] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1406.525511][T14390] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1406.586454][T14390] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1406.659586][T14390] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1406.669882][T14390] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1406.711922][T16501] openvswitch: ɶƣ0GC¦: Dropping previously announced user features
[ 1406.873194][T16503] FAULT_INJECTION: forcing a failure.
[ 1406.873194][T16503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1407.107808][T16506] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2936'.
[ 1407.375414][T14390] usb 2-1: usb_control_msg returned -32
[ 1407.391571][T14390] usbtmc 2-1:16.0: can't read capabilities
[ 1407.409417][T16508] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2934'.
[ 1407.424043][T16503] CPU: 0 UID: 0 PID: 16503 Comm: syz.0.2927 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1407.434846][T16503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1407.444925][T16503] Call Trace:
[ 1407.448227][T16503]  <TASK>
[ 1407.451188][T16503]  dump_stack_lvl+0x241/0x360
[ 1407.455901][T16503]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1407.461142][T16503]  ? __pfx__printk+0x10/0x10
[ 1407.465772][T16503]  ? __pfx_lock_release+0x10/0x10
[ 1407.470840][T16503]  should_fail_ex+0x3b0/0x4e0
[ 1407.475566][T16503]  _copy_from_user+0x2f/0xe0
[ 1407.480192][T16503]  memdup_user+0x64/0xc0
[ 1407.484464][T16503]  strndup_user+0x68/0xc0
[ 1407.488821][T16503]  __se_sys_mount+0x9f/0x3c0
[ 1407.493449][T16503]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1407.499472][T16503]  ? __pfx___se_sys_mount+0x10/0x10
[ 1407.504699][T16503]  ? do_syscall_64+0x100/0x230
[ 1407.509500][T16503]  ? __x64_sys_mount+0x20/0xc0
[ 1407.514303][T16503]  do_syscall_64+0xf3/0x230
[ 1407.518817][T16503]  ? clear_bhb_loop+0x35/0x90
[ 1407.523524][T16503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.529423][T16503] RIP: 0033:0x7f66d03773b9
[ 1407.533837][T16503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1407.553449][T16503] RSP: 002b:00007f66d1076048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1407.561877][T16503] RAX: ffffffffffffffda RBX: 00007f66d0506058 RCX: 00007f66d03773b9
[ 1407.569863][T16503] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040
[ 1407.577840][T16503] RBP: 00007f66d10760a0 R08: 0000000020000200 R09: 0000000000000000
[ 1407.585821][T16503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1407.593806][T16503] R13: 000000000000006e R14: 00007f66d0506058 R15: 00007ffe05027668
[ 1407.601800][T16503]  </TASK>
[ 1408.220513][T16519] ɶƣ0GC¦: entered promiscuous mode
[ 1409.041152][T13220] usb 2-1: USB disconnect, device number 80
[ 1409.109572][ T5274] usb 1-1: USB disconnect, device number 62
[ 1410.188429][T16544] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2945'.
[ 1411.088999][T16549] openvswitch: ɶƣ0GC¦: Dropping previously announced user features
[ 1412.085920][T16558] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1412.188583][T16563] openvswitch: ɶƣ0GC¦: Dropping previously announced user features
[ 1412.331494][T14389] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1413.117555][T14389] usb 4-1: Using ep0 maxpacket: 16
[ 1413.142824][T14389] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1413.163300][T16573] netlink: 160 bytes leftover after parsing attributes in process `syz.0.2948'.
[ 1413.174261][T14389] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1413.213559][T14389] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[ 1413.238895][ T5274] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1413.288444][T16576] overlayfs: failed to resolve './file0': -2
[ 1413.292795][T14389] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1413.341236][T14389] usb 4-1: config 0 descriptor??
[ 1413.467472][ T5274] usb 3-1: Using ep0 maxpacket: 8
[ 1413.517798][ T5274] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1413.558097][ T5274] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1413.595156][ T5274] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1413.705703][ T5274] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1414.007924][ T5274] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1414.057545][ T5274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.756174][ T5274] usb 3-1: usb_control_msg returned -32
[ 1414.770801][T16598] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2956'.
[ 1414.810920][ T5274] usbtmc 3-1:16.0: can't read capabilities
[ 1415.257496][ T5274] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1415.504024][ T5274] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[ 1415.559775][ T5274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1415.608782][ T5274] usb 2-1: Product: syz
[ 1415.628710][ T5274] usb 2-1: Manufacturer: syz
[ 1415.647526][ T5274] usb 2-1: SerialNumber: syz
[ 1415.676149][ T5274] usb 2-1: config 0 descriptor??
[ 1416.216819][T14389] usb 3-1: USB disconnect, device number 54
[ 1416.449962][T13220] usb 4-1: USB disconnect, device number 69
[ 1424.138092][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 1424.144445][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[ 1424.191799][ T5274] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[ 1424.205293][ T5274] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1424.449983][  T941] usb 2-1: USB disconnect, device number 81
[ 1425.308592][T16628] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2966'.
[ 1425.479009][ T5234] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1425.491405][ T5234] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1425.499776][ T5234] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1425.517569][ T5234] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1425.537637][ T5234] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1425.567246][ T5234] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1425.735019][T13242] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1425.745426][T13242] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1425.754936][T13242] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1425.764935][T13242] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1425.774117][T13242] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1425.781787][T13242] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1426.055503][T13376] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1426.278768][T13376] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1426.799154][ T5234] Bluetooth: hci4: command 0x1003 tx timeout
[ 1426.852550][T13245] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1426.935532][T16643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2968'.
[ 1426.945187][T16643] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1427.252101][T13376] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1427.254922][T16649] xt_connbytes: Forcing CT accounting to be enabled
[ 1427.378179][T13376] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1427.607707][ T1849] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1427.682436][T13245] Bluetooth: hci3: command tx timeout
[ 1427.711256][T13376] bridge_slave_1: left allmulticast mode
[ 1427.719473][T13376] bridge_slave_1: left promiscuous mode
[ 1427.728653][T13376] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1427.739523][T13376] bridge_slave_0: left allmulticast mode
[ 1427.745193][T13376] bridge_slave_0: left promiscuous mode
[ 1427.752340][T13376] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1427.799359][ T1849] usb 5-1: Using ep0 maxpacket: 8
[ 1427.812080][ T1849] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1427.834966][ T1849] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1427.845160][T13245] Bluetooth: hci6: command tx timeout
[ 1427.858444][ T1849] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1427.873526][ T1849] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1427.892926][ T1849] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1427.902322][ T1849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1427.997615][ T5274] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1428.133246][ T1849] usb 5-1: usb_control_msg returned -32
[ 1428.138988][ T1849] usbtmc 5-1:16.0: can't read capabilities
[ 1428.177446][ T5274] usb 3-1: Using ep0 maxpacket: 8
[ 1428.185652][ T5274] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1428.203434][ T5274] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1428.214247][ T5274] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1428.225688][ T5274] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1428.250123][ T5274] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1428.265542][ T5274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1428.386893][T13376] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1428.403116][T13376] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1428.416500][T13376] bond0 (unregistering): Released all slaves
[ 1428.442350][T16629] chnl_net:caif_netlink_parms(): no params data found
[ 1428.495735][ T5274] usb 3-1: usb_control_msg returned -32
[ 1428.517951][ T5274] usbtmc 3-1:16.0: can't read capabilities
[ 1428.545112][ T5274] usb 3-1: USB disconnect, device number 55
[ 1428.571605][T13376] ɶƣ0GC¦: left promiscuous mode
[ 1428.710658][T16633] chnl_net:caif_netlink_parms(): no params data found
[ 1428.732888][T16629] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1428.742691][T16629] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1428.754872][T16629] bridge_slave_0: entered allmulticast mode
[ 1428.767551][T16629] bridge_slave_0: entered promiscuous mode
[ 1428.815753][T16629] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1428.824196][T16629] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1428.831844][T16629] bridge_slave_1: entered allmulticast mode
[ 1428.858567][T16629] bridge_slave_1: entered promiscuous mode
[ 1428.867428][ T1849] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1429.022114][T16629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1429.063664][ T1849] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[ 1429.078348][ T1849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1429.089932][ T1849] usb 4-1: Product: syz
[ 1429.103009][T16629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1429.115422][ T1849] usb 4-1: Manufacturer: syz
[ 1429.121428][ T1849] usb 4-1: SerialNumber: syz
[ 1429.138406][ T1849] usb 4-1: config 0 descriptor??
[ 1429.393358][T16629] team0: Port device team_slave_0 added
[ 1429.480971][T13376] hsr_slave_0: left promiscuous mode
[ 1429.489487][T13376] hsr_slave_1: left promiscuous mode
[ 1429.497573][T13376] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1429.505831][T13376] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1429.515190][T13376] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1429.523052][T13376] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1429.537626][T16678] netlink: 160 bytes leftover after parsing attributes in process `syz.2.2975'.
[ 1429.621235][T13376] veth1_macvtap: left promiscuous mode
[ 1429.629504][T13376] veth0_macvtap: left promiscuous mode
[ 1429.645734][T13376] veth1_vlan: left promiscuous mode
[ 1429.651980][T13376] veth0_vlan: left promiscuous mode
[ 1429.767552][T13245] Bluetooth: hci3: command tx timeout
[ 1429.917731][T13245] Bluetooth: hci6: command tx timeout
[ 1430.276965][    T9] usb 5-1: USB disconnect, device number 63
[ 1430.416925][T16682] netlink: 988 bytes leftover after parsing attributes in process `syz.2.2976'.
[ 1430.872100][T13376] team0 (unregistering): Port device team_slave_1 removed
[ 1430.939671][T13376] team0 (unregistering): Port device team_slave_0 removed
[ 1431.482941][ T1849] cx82310_eth 4-1:0.0: probe with driver cx82310_eth failed with error -22
[ 1431.505062][ T1849] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1431.521047][ T1849] usb 4-1: USB disconnect, device number 70
[ 1431.651723][T16629] team0: Port device team_slave_1 added
[ 1431.798182][T16633] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1431.837547][T13245] Bluetooth: hci3: command tx timeout
[ 1431.850199][T16633] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1431.891870][T16633] bridge_slave_0: entered allmulticast mode
[ 1431.946712][T16633] bridge_slave_0: entered promiscuous mode
[ 1431.998999][T13245] Bluetooth: hci6: command tx timeout
[ 1432.062082][T16684] tipc: Started in network mode
[ 1432.085306][T16684] tipc: Node identity ffffffff, cluster identity 4711
[ 1432.149808][T16684] tipc: Node number set to 4294967295
[ 1432.204488][T16692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2978'.
[ 1432.214604][T16692] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1432.498261][T16629] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1432.514138][T16629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1432.542075][T16629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1432.555843][T16633] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1432.565526][T16633] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1432.573113][T16633] bridge_slave_1: entered allmulticast mode
[ 1432.580837][T16633] bridge_slave_1: entered promiscuous mode
[ 1432.784141][T16629] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1433.115253][T16629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1433.328089][T16629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1434.007498][T13245] Bluetooth: hci3: command tx timeout
[ 1434.077468][T13245] Bluetooth: hci6: command tx timeout
[ 1434.485809][T16633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1434.530905][T16633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1434.648312][T16633] team0: Port device team_slave_0 added
[ 1434.659772][T16633] team0: Port device team_slave_1 added
[ 1434.688785][ T1849] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1434.877628][ T1849] usb 5-1: Using ep0 maxpacket: 8
[ 1434.891074][ T1849] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1435.455505][ T1849] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1435.467029][ T1849] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1435.479260][ T1849] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1435.492325][ T1849] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1435.501419][ T1849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1435.525629][    C0] eth0: bad gso: type: 1, size: 1408
[ 1435.554150][T16714] netlink: 160 bytes leftover after parsing attributes in process `syz.2.2984'.
[ 1435.566327][T16633] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1435.576560][T16633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1435.611552][T16633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1435.638964][T16629] hsr_slave_0: entered promiscuous mode
[ 1435.655212][T16629] hsr_slave_1: entered promiscuous mode
[ 1435.669946][T16629] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1435.681730][T16629] Cannot create hsr debugfs directory
[ 1435.710367][T16633] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1435.720885][ T1849] usb 5-1: usb_control_msg returned -32
[ 1435.726516][ T1849] usbtmc 5-1:16.0: can't read capabilities
[ 1435.727214][T16633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1435.778342][ T1849] usb 5-1: USB disconnect, device number 64
[ 1435.786329][T16633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1435.960073][T16633] hsr_slave_0: entered promiscuous mode
[ 1435.967129][T16633] hsr_slave_1: entered promiscuous mode
[ 1435.973914][T16633] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1435.981904][T16633] Cannot create hsr debugfs directory
[ 1436.088183][T13376] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1436.217925][T13220] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1436.221524][T13376] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1436.402904][T13376] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1436.443948][T13220] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[ 1436.508254][T13220] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1436.529335][T13220] usb 3-1: Product: syz
[ 1436.558361][T13220] usb 3-1: Manufacturer: syz
[ 1436.572473][T13220] usb 3-1: SerialNumber: syz
[ 1436.586596][T13220] usb 3-1: config 0 descriptor??
[ 1436.609743][T13376] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1436.818509][T16729] netlink: 988 bytes leftover after parsing attributes in process `syz.3.2988'.
[ 1437.388010][T16735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2989'.
[ 1437.398452][T16735] (unnamed net_device) (uninitialized): option lacp_active: invalid value (139)
[ 1437.823724][T13376] bridge_slave_1: left allmulticast mode
[ 1437.845710][T13376] bridge_slave_1: left promiscuous mode
[ 1437.866680][T13376] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1437.903567][T13376] bridge_slave_0: left allmulticast mode
[ 1437.909666][T13376] bridge_slave_0: left promiscuous mode
[ 1437.915441][T13376] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1438.630488][T13376] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1438.649837][T13376] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1438.673248][T13376] bond0 (unregistering): Released all slaves
[ 1438.894237][T13220] cx82310_eth 3-1:0.0: probe with driver cx82310_eth failed with error -22
[ 1438.914597][T13220] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1438.926346][T13220] usb 3-1: USB disconnect, device number 56
[ 1439.191306][T16752] netlink: 160 bytes leftover after parsing attributes in process `syz.2.2994'.
[ 1439.202576][T16753] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1439.566701][T13376] hsr_slave_0: left promiscuous mode
[ 1439.574196][T13376] hsr_slave_1: left promiscuous mode
[ 1439.581098][T13376] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1439.589984][T13376] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1439.605474][T13376] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1439.614599][T13376] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1439.637259][T13376] veth1_macvtap: left promiscuous mode
[ 1439.643050][T13376] veth0_macvtap: left promiscuous mode
[ 1439.648859][T13376] veth1_vlan: left promiscuous mode
[ 1439.654217][T13376] veth0_vlan: left promiscuous mode
[ 1439.697475][ T5282] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 1439.907444][ T5282] usb 5-1: Using ep0 maxpacket: 8
[ 1439.929104][ T5282] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1439.943119][ T5282] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1439.962603][ T5282] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1439.972781][ T5282] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1439.986379][ T5282] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1439.998135][ T5282] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1440.224496][ T5282] usb 5-1: usb_control_msg returned -32
[ 1440.234874][ T5282] usbtmc 5-1:16.0: can't read capabilities
[ 1440.249518][ T5282] usb 5-1: USB disconnect, device number 65
[ 1441.008073][T16770] netlink: 988 bytes leftover after parsing attributes in process `syz.2.2998'.
[ 1441.171683][T13376] team0 (unregistering): Port device team_slave_1 removed
[ 1441.229914][T13376] team0 (unregistering): Port device team_slave_0 removed
[ 1441.388867][T16774] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2999'.
[ 1441.819013][T16629] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1441.867134][T16629] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1441.914924][T16629] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1442.038945][T16629] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1442.244996][T16633] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1442.269130][T16633] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1442.291601][T16633] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1442.359677][T16633] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1442.486844][T16782] FAULT_INJECTION: forcing a failure.
[ 1442.486844][T16782] name failslab, interval 1, probability 0, space 0, times 0
[ 1442.536407][T16782] CPU: 1 UID: 0 PID: 16782 Comm: syz.3.3001 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1442.547277][T16782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1442.557336][T16782] Call Trace:
[ 1442.560610][T16782]  <TASK>
[ 1442.563529][T16782]  dump_stack_lvl+0x241/0x360
[ 1442.568207][T16782]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1442.573396][T16782]  ? __pfx__printk+0x10/0x10
[ 1442.578003][T16782]  ? __kmalloc_noprof+0xb0/0x400
[ 1442.582956][T16782]  ? __pfx___might_resched+0x10/0x10
[ 1442.588252][T16782]  should_fail_ex+0x3b0/0x4e0
[ 1442.592924][T16782]  ? security_task_alloc+0x43/0x130
[ 1442.598114][T16782]  should_failslab+0xac/0x100
[ 1442.602782][T16782]  ? security_task_alloc+0x43/0x130
[ 1442.607969][T16782]  __kmalloc_noprof+0xd8/0x400
[ 1442.612732][T16782]  security_task_alloc+0x43/0x130
[ 1442.617837][T16782]  copy_process+0x169e/0x3dc0
[ 1442.622507][T16782]  ? __pfx_lock_acquire+0x10/0x10
[ 1442.627542][T16782]  ? copy_process+0xa03/0x3dc0
[ 1442.632326][T16782]  ? __pfx_copy_process+0x10/0x10
[ 1442.637358][T16782]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1442.643253][T16782]  ? ksys_write+0x23e/0x2c0
[ 1442.647753][T16782]  kernel_clone+0x223/0x870
[ 1442.652253][T16782]  ? vfs_write+0x7c4/0xc90
[ 1442.656659][T16782]  ? __pfx_kernel_clone+0x10/0x10
[ 1442.661678][T16782]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1442.667657][T16782]  __x64_sys_clone+0x258/0x2a0
[ 1442.672419][T16782]  ? __pfx___x64_sys_clone+0x10/0x10
[ 1442.677726][T16782]  ? do_syscall_64+0x100/0x230
[ 1442.682526][T16782]  ? do_syscall_64+0xb6/0x230
[ 1442.687220][T16782]  do_syscall_64+0xf3/0x230
[ 1442.691729][T16782]  ? clear_bhb_loop+0x35/0x90
[ 1442.696421][T16782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.702320][T16782] RIP: 0033:0x7f50ce1773b9
[ 1442.706733][T16782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1442.726334][T16782] RSP: 002b:00007f50ceefcff8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1442.734750][T16782] RAX: ffffffffffffffda RBX: 00007f50ce305f80 RCX: 00007f50ce1773b9
[ 1442.742732][T16782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 1442.750697][T16782] RBP: 00007f50ceefd0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1442.758667][T16782] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1442.766628][T16782] R13: 000000000000000b R14: 00007f50ce305f80 R15: 00007ffcfb6d74d8
[ 1442.774606][T16782]  </TASK>
[ 1442.823730][T16629] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1442.935116][T16629] 8021q: adding VLAN 0 to HW filter on device team0
[ 1442.972038][ T1849] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1442.979294][ T1849] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1443.015620][ T1849] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1443.022918][ T1849] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1443.396738][T16797] 9pnet_fd: Insufficient options for proto=fd
[ 1443.407177][T16797] vivid-004: disconnect
[ 1443.759381][T16633] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1443.980482][T16788] vivid-004: reconnect
[ 1444.020053][T16633] 8021q: adding VLAN 0 to HW filter on device team0
[ 1444.126767][ T5282] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1444.133968][ T5282] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1444.162586][ T5282] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1444.169812][ T5282] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1444.192602][T16800] netlink: 160 bytes leftover after parsing attributes in process `syz.3.3005'.
[ 1444.486433][T16629] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1444.493555][ T1849] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 1444.580922][T16629] veth0_vlan: entered promiscuous mode
[ 1444.594348][T16629] veth1_vlan: entered promiscuous mode
[ 1444.647843][T16629] veth0_macvtap: entered promiscuous mode
[ 1444.662552][T16629] veth1_macvtap: entered promiscuous mode
[ 1444.698011][ T1849] usb 3-1: Using ep0 maxpacket: 8
[ 1444.707824][T16633] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1444.719386][ T1849] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1444.746057][ T1849] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1444.782409][ T1849] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1444.788543][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1444.805820][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1444.825854][ T1849] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1444.826367][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1444.857405][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1444.873075][ T1849] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1444.874698][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1444.882700][ T1849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.902539][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1444.925169][T16629] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1445.031553][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1445.069735][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1445.085236][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1445.100963][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1445.112128][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1445.117783][ T1849] usb 3-1: usb_control_msg returned -32
[ 1445.147252][ T1849] usbtmc 3-1:16.0: can't read capabilities
[ 1445.155861][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1445.179892][ T1849] usb 3-1: USB disconnect, device number 57
[ 1445.181320][T16629] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1445.284627][T16629] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.314759][T16629] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.324092][T16629] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.337429][T16629] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.458746][T16633] veth0_vlan: entered promiscuous mode
[ 1445.532912][T16633] veth1_vlan: entered promiscuous mode
[ 1445.637722][T14552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1445.645891][T14552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1445.751382][T14557] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1445.763314][T14557] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1445.781757][T16633] veth0_macvtap: entered promiscuous mode
[ 1445.801915][T16633] veth1_macvtap: entered promiscuous mode
[ 1445.868773][T16833] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3013'.
[ 1445.914247][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1445.938300][T16834] overlay: filesystem on ./file1 not supported
[ 1445.944631][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1445.962971][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1445.992412][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1446.003659][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1446.021517][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1446.035159][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1446.054095][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1446.186251][T16633] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1446.965149][T16842] ɶƣ0GC¦: entered promiscuous mode
[ 1447.020633][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1447.054900][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.074098][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1447.088516][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.120022][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.135728][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1447.138174][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.187129][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1447.217398][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.224833][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.229431][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1447.263273][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1447.267404][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.279661][T16633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1447.295045][T16633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1447.322638][T16633] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1447.327789][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.347412][ T1849] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 1447.362578][T16633] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1447.372052][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.390283][T16633] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1447.397608][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.416613][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.427532][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.436848][T16633] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1447.447158][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.454684][T16633] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1447.467201][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.507516][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.538309][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.545755][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.562365][ T1849] usb 3-1: config 0 has no interfaces?
[ 1447.577564][ T1849] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1447.590677][T14389] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1447.604294][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.618462][ T1849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1447.633695][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.648078][ T1849] usb 3-1: config 0 descriptor??
[ 1447.657482][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.688279][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.717523][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.735383][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.763372][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.772073][T13376] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1447.783675][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.791228][T13376] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1447.806365][T14389] usb 1-1: Using ep0 maxpacket: 32
[ 1447.811783][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.836749][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.860269][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.871290][T14389] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1447.881632][T14389] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1447.882805][T14557] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1447.897440][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.910717][T14389] usb 1-1: Product: syz
[ 1447.930957][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.945286][T14557] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1447.947624][T14389] usb 1-1: Manufacturer: syz
[ 1447.970922][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1447.987612][T14389] usb 1-1: SerialNumber: syz
[ 1447.992251][T13220] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[ 1448.009078][T14389] usb 1-1: config 0 descriptor??
[ 1448.022466][T14389] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1448.037578][T13220] hid-generic 0000:0000:0000.0030: hidraw0: <UNKNOWN> HID v0.09 Device [syz0] on syz0
[ 1448.065681][ T5282] usb 3-1: USB disconnect, device number 58
[ 1448.422036][T14389] gspca_stk1135: reg_w 0x0 err -71
[ 1448.430434][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.463937][T14389] gspca_stk1135: Sensor write failed
[ 1448.488521][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.514564][T14389] gspca_stk1135: Sensor write failed
[ 1448.536673][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.547440][T14389] gspca_stk1135: Sensor read failed
[ 1448.572275][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.597552][T14389] gspca_stk1135: Sensor read failed
[ 1448.616165][T14389] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1448.638801][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.651237][T14389] gspca_stk1135: Sensor read failed
[ 1448.657644][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.664703][T14389] gspca_stk1135: Sensor read failed
[ 1448.670557][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.678160][T14389] gspca_stk1135: Sensor write failed
[ 1448.685946][T14389] gspca_stk1135: serial bus timeout: status=0x00
[ 1448.693806][T14389] gspca_stk1135: Sensor write failed
[ 1448.702871][T14389] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71
[ 1448.770793][T14389] usb 1-1: USB disconnect, device number 63
[ 1448.856682][T16865] netlink: 988 bytes leftover after parsing attributes in process `syz.2.3021'.
[ 1449.070085][    C0] eth0: bad gso: type: 1, size: 1408
[ 1449.119100][T16873] FAULT_INJECTION: forcing a failure.
[ 1449.119100][T16873] name failslab, interval 1, probability 0, space 0, times 0
[ 1449.181130][  T941] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 1449.195802][T16873] CPU: 1 UID: 0 PID: 16873 Comm: syz.3.3023 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1449.206602][T16873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1449.216680][T16873] Call Trace:
[ 1449.219980][T16873]  <TASK>
[ 1449.222934][T16873]  dump_stack_lvl+0x241/0x360
[ 1449.227653][T16873]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1449.232887][T16873]  ? __pfx__printk+0x10/0x10
[ 1449.237513][T16873]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[ 1449.243098][T16873]  ? __pfx___might_resched+0x10/0x10
[ 1449.248421][T16873]  should_fail_ex+0x3b0/0x4e0
[ 1449.253125][T16873]  ? __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[ 1449.259211][T16873]  should_failslab+0xac/0x100
[ 1449.263913][T16873]  ? __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[ 1449.270001][T16873]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 1449.275421][T16873]  __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[ 1449.281348][T16873]  kvm_mmu_load+0x115/0x26e0
[ 1449.285978][T16873]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1449.291652][T16873]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1449.297673][T16873]  ? __pfx_kvm_mmu_load+0x10/0x10
[ 1449.302726][T16873]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1449.308727][T16873]  ? __asan_memset+0x23/0x50
[ 1449.313313][T16873]  ? vmx_flush_tlb_guest+0x1e5/0x310
[ 1449.318610][T16873]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[ 1449.324292][T16873]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1449.330285][T16873]  ? kvm_apic_has_interrupt+0x9d4/0xa70
[ 1449.335844][T16873]  vcpu_run+0x6c3d/0x88b0
[ 1449.340189][T16873]  ? __lock_acquire+0x137a/0x2040
[ 1449.345310][T16873]  ? __pfx_vcpu_run+0x10/0x10
[ 1449.350005][T16873]  ? __local_bh_enable_ip+0x168/0x200
[ 1449.355484][T16873]  ? lockdep_hardirqs_on+0x99/0x150
[ 1449.360696][T16873]  ? __pfx_lock_acquire+0x10/0x10
[ 1449.365735][T16873]  ? fpu_swap_kvm_fpstate+0x82/0x460
[ 1449.371040][T16873]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1449.376765][T16873]  ? xfd_validate_state+0x6e/0x150
[ 1449.381885][T16873]  ? rcu_is_watching+0x15/0xb0
[ 1449.386667][T16873]  ? rcu_is_watching+0x15/0xb0
[ 1449.391460][T16873]  kvm_arch_vcpu_ioctl_run+0xa73/0x19d0
[ 1449.397049][T16873]  ? mark_lock+0x9a/0x350
[ 1449.401405][T16873]  ? kvm_arch_vcpu_ioctl_run+0x1c9/0x19d0
[ 1449.407165][T16873]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 1449.413168][T16873]  ? __pfx_lock_acquire+0x10/0x10
[ 1449.418199][T16873]  ? get_task_pid+0x23/0x310
[ 1449.422787][T16873]  ? __pfx_lock_release+0x10/0x10
[ 1449.427815][T16873]  ? kvm_vcpu_ioctl+0x1dd/0xea0
[ 1449.432675][T16873]  ? get_task_pid+0x23/0x310
[ 1449.437263][T16873]  kvm_vcpu_ioctl+0x91d/0xea0
[ 1449.438305][  T941] usb 5-1: Using ep0 maxpacket: 8
[ 1449.441945][T16873]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1449.452172][T16873]  ? smack_file_ioctl+0x356/0x3a0
[ 1449.457198][T16873]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1449.462575][T16873]  ? __fget_files+0x29/0x470
[ 1449.467160][T16873]  ? __fget_files+0x3f6/0x470
[ 1449.471827][T16873]  ? __fget_files+0x29/0x470
[ 1449.476421][T16873]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1449.481363][T16873]  ? security_file_ioctl+0x87/0xb0
[ 1449.486474][T16873]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1449.491676][T16873]  __se_sys_ioctl+0xfc/0x170
[ 1449.496264][T16873]  do_syscall_64+0xf3/0x230
[ 1449.500766][T16873]  ? clear_bhb_loop+0x35/0x90
[ 1449.505446][T16873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1449.511350][T16873] RIP: 0033:0x7f50ce1773b9
[ 1449.515757][T16873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1449.535356][T16873] RSP: 002b:00007f50ceedc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1449.543775][T16873] RAX: ffffffffffffffda RBX: 00007f50ce306058 RCX: 00007f50ce1773b9
[ 1449.551750][T16873] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1449.559717][T16873] RBP: 00007f50ceedc0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1449.567682][T16873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1449.575647][T16873] R13: 000000000000006e R14: 00007f50ce306058 R15: 00007ffcfb6d74d8
[ 1449.583626][T16873]  </TASK>
[ 1449.632008][  T941] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1449.687589][  T941] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1449.716091][  T941] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1449.754607][  T941] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1449.806914][  T941] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1449.836702][  T941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1450.087783][  T941] usb 5-1: usb_control_msg returned -32
[ 1450.106695][  T941] usbtmc 5-1:16.0: can't read capabilities
[ 1450.805265][T16891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3031'.
[ 1451.839886][T16903] netlink: 100 bytes leftover after parsing attributes in process `syz.3.3034'.
[ 1451.984966][ T5321] usb 5-1: USB disconnect, device number 66
[ 1452.228595][T16912] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1457.527215][ T5234] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1457.617569][ T5234] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1457.627162][ T5234] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1457.636131][ T5234] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1457.645280][ T5234] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1457.652822][ T5234] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1458.697390][T16929] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3041'.
[ 1459.081718][T14557] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.182296][   T47] kworker/1:1 (47) used greatest stack depth: 18360 bytes left
[ 1459.679827][ T5234] Bluetooth: hci4: command tx timeout
[ 1460.034266][T14557] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.213749][T14557] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.384733][T14557] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.435413][T16919] chnl_net:caif_netlink_parms(): no params data found
[ 1461.476406][T16968] netlink: 100 bytes leftover after parsing attributes in process `syz.0.3050'.
[ 1461.489504][T16958] Invalid ELF header magic: != ELF
[ 1461.643280][    C0] eth0: bad gso: type: 1, size: 1408
[ 1461.752219][T16919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1461.759707][ T5234] Bluetooth: hci4: command tx timeout
[ 1461.795081][T16919] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1461.837740][T16919] bridge_slave_0: entered allmulticast mode
[ 1461.844765][T16919] bridge_slave_0: entered promiscuous mode
[ 1461.852810][T16919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1461.867553][T16919] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1461.902327][T16919] bridge_slave_1: entered allmulticast mode
[ 1461.918816][T16919] bridge_slave_1: entered promiscuous mode
[ 1462.899983][T14557] bridge_slave_1: left allmulticast mode
[ 1462.927077][T14557] bridge_slave_1: left promiscuous mode
[ 1462.946679][T14557] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1462.968427][T14557] bridge_slave_0: left allmulticast mode
[ 1462.976196][T14557] bridge_slave_0: left promiscuous mode
[ 1462.987608][T14557] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1463.178877][T16994] netlink: 188 bytes leftover after parsing attributes in process `syz.0.3055'.
[ 1463.873434][ T5234] Bluetooth: hci4: command tx timeout
[ 1464.651133][T14557] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1464.680577][T14557] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1464.713295][T14557] bond0 (unregistering): Released all slaves
[ 1464.748308][T16919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1464.834049][T16919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1464.897687][T17027] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1465.058103][T16919] team0: Port device team_slave_0 added
[ 1465.072526][T16919] team0: Port device team_slave_1 added
[ 1465.918642][ T5234] Bluetooth: hci4: command tx timeout
[ 1465.957084][T17048] Invalid ELF header magic: != ELF
[ 1466.028124][T16919] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1466.055380][T16919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1466.103497][T16919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1466.131823][    C0] eth0: bad gso: type: 1, size: 1408
[ 1466.134987][T16919] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1466.144902][T16919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1466.172025][T16919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1466.210825][T14557] hsr_slave_0: left promiscuous mode
[ 1466.225815][T14557] hsr_slave_1: left promiscuous mode
[ 1466.234015][T14557] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1466.243788][T14557] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1466.248104][ T5274] usb 3-1: new full-speed USB device number 59 using dummy_hcd
[ 1466.261216][T14557] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1466.269681][T14557] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1466.279665][T17055] netlink: 160 bytes leftover after parsing attributes in process `syz.0.3068'.
[ 1466.306434][T14557] veth1_macvtap: left promiscuous mode
[ 1466.312344][T14557] veth0_macvtap: left promiscuous mode
[ 1466.324066][T14557] veth1_vlan: left promiscuous mode
[ 1466.329776][T14557] veth0_vlan: left promiscuous mode
[ 1466.437767][T14390] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 1466.442500][ T5274] usb 3-1: not running at top speed; connect to a high speed hub
[ 1466.464978][ T5274] usb 3-1: config 123 has an invalid interface number: 222 but max is 1
[ 1466.476263][ T5274] usb 3-1: config 123 has an invalid interface number: 61 but max is 1
[ 1466.478664][T17059] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1466.485229][ T5274] usb 3-1: config 123 has no interface number 0
[ 1466.500898][ T5274] usb 3-1: config 123 has no interface number 1
[ 1466.507921][ T5274] usb 3-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1466.520658][ T5274] usb 3-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[ 1466.532006][ T5274] usb 3-1: config 123 interface 222 has no altsetting 0
[ 1466.539806][ T5274] usb 3-1: config 123 interface 61 has no altsetting 0
[ 1466.560678][ T5274] usb 3-1: string descriptor 0 read error: -22
[ 1466.567057][ T5274] usb 3-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c
[ 1466.576834][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1466.600430][ T5274] usb 3-1: bad CDC descriptors
[ 1466.667717][T14390] usb 5-1: Using ep0 maxpacket: 8
[ 1466.692920][T14390] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[ 1466.711548][T14390] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1466.720973][T14390] usb 5-1: Product: syz
[ 1466.725189][T14390] usb 5-1: Manufacturer: syz
[ 1466.730149][T14390] usb 5-1: SerialNumber: syz
[ 1466.739634][T14390] usb 5-1: config 0 descriptor??
[ 1466.753610][T14390] gspca_main: sq905-2.14.0 probing 2770:9120
[ 1466.805794][ T5274] usb 3-1: USB disconnect, device number 59
[ 1467.209509][T14557] team0 (unregistering): Port device team_slave_1 removed
[ 1467.310632][T14557] team0 (unregistering): Port device team_slave_0 removed
[ 1471.884104][T14390] gspca_sq905: sq905_read_data: usb_control_msg failed (-110)
[ 1471.968291][T14390] sq905 5-1:0.0: probe with driver sq905 failed with error -110
[ 1472.190932][T14390] usb 5-1: USB disconnect, device number 67
[ 1473.482764][T17099] netlink: 'syz.4.3080': attribute type 2 has an invalid length.
[ 1473.490734][T17099] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.3080'.
[ 1473.683818][T17094] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1473.863909][T17092] Invalid ELF header magic: != ELF
[ 1473.981713][    C0] eth0: bad gso: type: 1, size: 1408
[ 1474.020379][T17106] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1474.214479][T16919] hsr_slave_0: entered promiscuous mode
[ 1474.247821][T16919] hsr_slave_1: entered promiscuous mode
[ 1474.271431][T16919] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1474.281719][T16919] Cannot create hsr debugfs directory
[ 1475.204961][T14389] usb 1-1: new full-speed USB device number 64 using dummy_hcd
[ 1475.990484][T14389] usb 1-1: not running at top speed; connect to a high speed hub
[ 1476.002815][T14389] usb 1-1: config 123 has an invalid interface number: 222 but max is 1
[ 1476.013794][T14389] usb 1-1: config 123 has an invalid interface number: 61 but max is 1
[ 1476.023270][T14389] usb 1-1: config 123 has no interface number 0
[ 1476.032119][T14389] usb 1-1: config 123 has no interface number 1
[ 1476.052292][T14389] usb 1-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1476.087524][T14389] usb 1-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[ 1476.107357][T14389] usb 1-1: config 123 interface 222 has no altsetting 0
[ 1476.114437][T14389] usb 1-1: config 123 interface 61 has no altsetting 0
[ 1476.164534][T14389] usb 1-1: string descriptor 0 read error: -22
[ 1476.171178][ T5274] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1476.183316][T14389] usb 1-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c
[ 1476.197083][T14389] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1476.225302][T14389] usb 1-1: bad CDC descriptors
[ 1476.261625][T16919] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1476.273362][T16919] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1476.291875][T16919] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1476.344639][T16919] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1476.363598][T17144] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1476.372583][ T5274] usb 4-1: Using ep0 maxpacket: 8
[ 1476.405968][ T5274] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1476.429476][ T5274] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1476.455769][T13220] usb 1-1: USB disconnect, device number 64
[ 1476.462646][ T5274] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1476.492188][ T5274] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1476.513028][ T5274] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[ 1476.527051][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1476.541942][ T5274] usb 4-1: SerialNumber: syz
[ 1476.551508][T16919] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1476.566626][T17138] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1476.584768][ T5274] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[ 1476.603123][ T5274] usb-storage 4-1:1.0: USB Mass Storage device detected
[ 1476.610328][T16919] 8021q: adding VLAN 0 to HW filter on device team0
[ 1476.631312][ T5274] usb-storage 4-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[ 1476.648352][T10867] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1476.655618][T10867] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1476.664411][ T5274] scsi host1: usb-storage 4-1:1.0
[ 1476.665450][T10867] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1476.676604][T10867] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1476.735473][T16919] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1476.745293][T17153] Invalid ELF header magic: != ELF
[ 1476.836971][T17133] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3089'.
[ 1476.850266][T17133] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3089'.
[ 1476.862177][    C0] eth0: bad gso: type: 1, size: 1408
[ 1476.881609][ T5234] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1476.893434][ T5234] CPU: 1 UID: 0 PID: 5234 Comm: kworker/u9:5 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1476.904321][ T5234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1476.914415][ T5234] Workqueue: hci2 hci_rx_work
[ 1476.919125][ T5234] Call Trace:
[ 1476.922413][ T5234]  <TASK>
[ 1476.925342][ T5234]  dump_stack_lvl+0x241/0x360
[ 1476.930046][ T5234]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1476.935262][ T5234]  ? __pfx__printk+0x10/0x10
[ 1476.939856][ T5234]  ? sysfs_create_dir_ns+0x28a/0x3a0
[ 1476.945149][ T5234]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1476.950725][ T5234]  sysfs_create_dir_ns+0x2ce/0x3a0
[ 1476.955878][ T5234]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1476.961541][ T5234]  kobject_add_internal+0x435/0x8d0
[ 1476.966765][ T5234]  kobject_add+0x152/0x220
[ 1476.971183][ T5234]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1476.976383][ T5234]  ? device_add+0x3e7/0xbf0
[ 1476.980887][ T5234]  ? __pfx_kobject_add+0x10/0x10
[ 1476.985823][ T5234]  ? _raw_spin_unlock+0x28/0x50
[ 1476.990677][ T5234]  ? get_device_parent+0x165/0x410
[ 1476.995799][ T5234]  device_add+0x4e5/0xbf0
[ 1477.000178][ T5234]  hci_conn_add_sysfs+0xe8/0x200
[ 1477.005148][ T5234]  le_conn_complete_evt+0xc9f/0x12e0
[ 1477.010450][ T5234]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1477.016171][ T5234]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1477.021801][ T5234]  ? __copy_skb_header+0x437/0x5b0
[ 1477.026911][ T5234]  ? skb_pull_data+0x112/0x230
[ 1477.031716][ T5234]  hci_le_enh_conn_complete_evt+0x185/0x420
[ 1477.037706][ T5234]  hci_event_packet+0xa55/0x1540
[ 1477.042656][ T5234]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1477.047961][ T5234]  ? __pfx_hci_event_packet+0x10/0x10
[ 1477.053376][ T5234]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1477.058586][ T5234]  ? hci_send_to_monitor+0xd8/0x7f0
[ 1477.063791][ T5234]  ? kcov_remote_start+0x9e/0x7e0
[ 1477.068824][ T5234]  hci_rx_work+0x3e8/0xca0
[ 1477.073244][ T5234]  ? process_scheduled_works+0x945/0x1830
[ 1477.078966][ T5234]  process_scheduled_works+0xa2c/0x1830
[ 1477.084534][ T5234]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1477.090540][ T5234]  ? assign_work+0x364/0x3d0
[ 1477.095161][ T5234]  worker_thread+0x86d/0xd40
[ 1477.099795][ T5234]  ? __kthread_parkme+0x169/0x1d0
[ 1477.104867][ T5234]  ? __pfx_worker_thread+0x10/0x10
[ 1477.110003][ T5234]  kthread+0x2f0/0x390
[ 1477.114074][ T5234]  ? __pfx_worker_thread+0x10/0x10
[ 1477.119190][ T5234]  ? __pfx_kthread+0x10/0x10
[ 1477.123786][ T5234]  ret_from_fork+0x4b/0x80
[ 1477.128201][ T5234]  ? __pfx_kthread+0x10/0x10
[ 1477.132788][ T5234]  ret_from_fork_asm+0x1a/0x30
[ 1477.137566][ T5234]  </TASK>
[ 1477.156882][ T5234] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1477.171604][ T5234] Bluetooth: hci2: failed to register connection device
[ 1477.319165][T17167] netlink: 'syz.2.3094': attribute type 2 has an invalid length.
[ 1477.327102][T17167] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3094'.
[ 1477.885663][T16919] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1478.021259][T16919] veth0_vlan: entered promiscuous mode
[ 1478.074500][T16919] veth1_vlan: entered promiscuous mode
[ 1478.120739][T16919] veth0_macvtap: entered promiscuous mode
[ 1478.176844][T16919] veth1_macvtap: entered promiscuous mode
[ 1478.473551][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.620956][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.757214][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.942625][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.952567][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.967326][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.977183][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.992652][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1479.023982][T16919] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1479.046286][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1479.056986][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1479.088764][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1479.229628][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1479.283132][T17191] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1479.373361][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1479.558761][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1479.697932][T16919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1479.841470][T16919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1479.879408][T16919] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1479.946514][T16919] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1479.988929][T16919] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1480.028599][T16919] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1480.037560][T16919] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1480.350371][ T6103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1480.450412][ T6103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1480.483550][T14552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1480.533734][T14552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1481.534686][T17212] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[ 1481.631796][ T5274] usb 4-1: USB disconnect, device number 71
[ 1484.669215][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.675640][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.929714][    C0] eth0: bad gso: type: 1, size: 1408
[ 1485.498006][ T5349] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[ 1486.184991][T17252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1486.197751][ T5349] usb 3-1: Using ep0 maxpacket: 8
[ 1486.218668][ T5349] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1486.230086][ T5349] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1486.301880][ T5349] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1486.313207][T17240] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1486.336477][ T5349] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1486.350887][T17240] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1486.352383][ T5349] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[ 1486.382637][ T5349] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1486.396562][ T5349] usb 3-1: SerialNumber: syz
[ 1486.419428][T17242] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1486.436817][ T5349] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[ 1486.446009][ T5349] usb-storage 3-1:1.0: USB Mass Storage device detected
[ 1486.473731][ T5349] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[ 1486.484144][ T5349] scsi host1: usb-storage 3-1:1.0
[ 1486.619022][T17260] FAULT_INJECTION: forcing a failure.
[ 1486.619022][T17260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1486.634219][T17260] CPU: 1 UID: 0 PID: 17260 Comm: syz.0.3114 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1486.645014][T17260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1486.655090][T17260] Call Trace:
[ 1486.658390][T17260]  <TASK>
[ 1486.661341][T17260]  dump_stack_lvl+0x241/0x360
[ 1486.666053][T17260]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1486.671286][T17260]  ? __pfx__printk+0x10/0x10
[ 1486.675919][T17260]  ? __pfx_lock_release+0x10/0x10
[ 1486.680978][T17260]  should_fail_ex+0x3b0/0x4e0
[ 1486.685696][T17260]  _copy_from_iter+0x1f6/0x1960
[ 1486.687817][T10867] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1486.690551][T17260]  ? __virt_addr_valid+0x183/0x530
[ 1486.703221][T17260]  ? __pfx_lock_release+0x10/0x10
[ 1486.708279][T17260]  ? __alloc_skb+0x28f/0x440
[ 1486.712889][T17260]  ? __pfx__copy_from_iter+0x10/0x10
[ 1486.718179][T17260]  ? __virt_addr_valid+0x183/0x530
[ 1486.723291][T17260]  ? __virt_addr_valid+0x183/0x530
[ 1486.728400][T17260]  ? __virt_addr_valid+0x45f/0x530
[ 1486.733513][T17260]  ? __check_object_size+0x49c/0x900
[ 1486.738804][T17260]  netlink_sendmsg+0x73d/0xcb0
[ 1486.743581][T17260]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1486.748872][T17260]  ? __import_iovec+0x536/0x820
[ 1486.753728][T17260]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1486.759038][T17260]  ? security_socket_sendmsg+0x87/0xb0
[ 1486.764512][T17260]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1486.769807][T17260]  __sock_sendmsg+0x221/0x270
[ 1486.774513][T17260]  ____sys_sendmsg+0x525/0x7d0
[ 1486.779284][T17260]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1486.784579][T17260]  __sys_sendmsg+0x2b0/0x3a0
[ 1486.789172][T17260]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1486.794281][T17260]  ? vfs_write+0x7c4/0xc90
[ 1486.798728][T17260]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1486.805063][T17260]  ? do_syscall_64+0x100/0x230
[ 1486.809853][T17260]  ? do_syscall_64+0xb6/0x230
[ 1486.814540][T17260]  do_syscall_64+0xf3/0x230
[ 1486.819048][T17260]  ? clear_bhb_loop+0x35/0x90
[ 1486.823731][T17260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1486.829629][T17260] RIP: 0033:0x7f0594d773b9
[ 1486.834055][T17260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1486.853656][T17260] RSP: 002b:00007f0595b3d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1486.862069][T17260] RAX: ffffffffffffffda RBX: 00007f0594f06058 RCX: 00007f0594d773b9
[ 1486.870039][T17260] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000005
[ 1486.878004][T17260] RBP: 00007f0595b3d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1486.885966][T17260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1486.893936][T17260] R13: 000000000000006e R14: 00007f0594f06058 R15: 00007ffed3764ce8
[ 1486.901920][T17260]  </TASK>
[ 1486.979394][T17242] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3109'.
[ 1486.990094][T17242] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3109'.
[ 1487.025959][ T5234] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1487.047548][ T5234] CPU: 0 UID: 0 PID: 5234 Comm: kworker/u9:5 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1487.058445][ T5234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1487.068515][ T5234] Workqueue: hci0 hci_rx_work
[ 1487.073230][ T5234] Call Trace:
[ 1487.076512][ T5234]  <TASK>
[ 1487.079448][ T5234]  dump_stack_lvl+0x241/0x360
[ 1487.084145][ T5234]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1487.089358][ T5234]  ? __pfx__printk+0x10/0x10
[ 1487.093964][ T5234]  ? sysfs_create_dir_ns+0x28a/0x3a0
[ 1487.099260][ T5234]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1487.104843][ T5234]  sysfs_create_dir_ns+0x2ce/0x3a0
[ 1487.109986][ T5234]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1487.115644][ T5234]  kobject_add_internal+0x435/0x8d0
[ 1487.120872][ T5234]  kobject_add+0x152/0x220
[ 1487.125311][ T5234]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1487.130544][ T5234]  ? device_add+0x3e7/0xbf0
[ 1487.135086][ T5234]  ? __pfx_kobject_add+0x10/0x10
[ 1487.140043][ T5234]  ? _raw_spin_unlock+0x28/0x50
[ 1487.144912][ T5234]  ? get_device_parent+0x165/0x410
[ 1487.150047][ T5234]  device_add+0x4e5/0xbf0
[ 1487.154406][ T5234]  hci_conn_add_sysfs+0xe8/0x200
[ 1487.159382][ T5234]  le_conn_complete_evt+0xc9f/0x12e0
[ 1487.164725][ T5234]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1487.170462][ T5234]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1487.176111][ T5234]  ? __copy_skb_header+0x437/0x5b0
[ 1487.181233][ T5234]  ? skb_pull_data+0x112/0x230
[ 1487.186013][ T5234]  hci_le_enh_conn_complete_evt+0x185/0x420
[ 1487.191927][ T5234]  hci_event_packet+0xa55/0x1540
[ 1487.196885][ T5234]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1487.202184][ T5234]  ? __pfx_hci_event_packet+0x10/0x10
[ 1487.207576][ T5234]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1487.212810][ T5234]  ? hci_send_to_monitor+0xd8/0x7f0
[ 1487.218019][ T5234]  ? kcov_remote_start+0x9e/0x7e0
[ 1487.223065][ T5234]  hci_rx_work+0x3e8/0xca0
[ 1487.227509][ T5234]  ? process_scheduled_works+0x945/0x1830
[ 1487.233247][ T5234]  process_scheduled_works+0xa2c/0x1830
[ 1487.238829][ T5234]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1487.244833][ T5234]  ? assign_work+0x364/0x3d0
[ 1487.249454][ T5234]  worker_thread+0x86d/0xd40
[ 1487.254069][ T5234]  ? __kthread_parkme+0x169/0x1d0
[ 1487.259115][ T5234]  ? __pfx_worker_thread+0x10/0x10
[ 1487.264255][ T5234]  kthread+0x2f0/0x390
[ 1487.268332][ T5234]  ? __pfx_worker_thread+0x10/0x10
[ 1487.273455][ T5234]  ? __pfx_kthread+0x10/0x10
[ 1487.278053][ T5234]  ret_from_fork+0x4b/0x80
[ 1487.282482][ T5234]  ? __pfx_kthread+0x10/0x10
[ 1487.287076][ T5234]  ret_from_fork_asm+0x1a/0x30
[ 1487.291905][ T5234]  </TASK>
[ 1487.308506][ T5234] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1487.323751][ T5234] Bluetooth: hci0: failed to register connection device
[ 1487.341111][T10867] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[ 1487.350433][T10867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1487.358534][T10867] usb 2-1: Product: syz
[ 1487.362904][T10867] usb 2-1: Manufacturer: syz
[ 1487.368782][T10867] usb 2-1: SerialNumber: syz
[ 1487.379987][T10867] usb 2-1: config 0 descriptor??
[ 1487.530216][T17264] FAULT_INJECTION: forcing a failure.
[ 1487.530216][T17264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1487.583112][T17264] CPU: 1 UID: 0 PID: 17264 Comm: syz.0.3115 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[ 1487.593931][T17264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1487.595632][T10867] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[ 1487.603988][T17264] Call Trace:
[ 1487.604003][T17264]  <TASK>
[ 1487.604014][T17264]  dump_stack_lvl+0x241/0x360
[ 1487.604049][T17264]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1487.604077][T17264]  ? __pfx__printk+0x10/0x10
[ 1487.633453][T17264]  ? __pfx_lock_release+0x10/0x10
[ 1487.638529][T17264]  should_fail_ex+0x3b0/0x4e0
[ 1487.641564][T10867] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1487.643211][T17264]  _copy_from_iter+0x1f6/0x1960
[ 1487.654846][T17264]  ? __virt_addr_valid+0x183/0x530
[ 1487.659981][T17264]  ? __pfx_lock_release+0x10/0x10
[ 1487.660743][T10867] usb 2-1: USB disconnect, device number 82
[ 1487.665028][T17264]  ? __alloc_skb+0x28f/0x440
[ 1487.675555][T17264]  ? __pfx__copy_from_iter+0x10/0x10
[ 1487.680877][T17264]  ? __virt_addr_valid+0x183/0x530
[ 1487.686020][T17264]  ? __virt_addr_valid+0x183/0x530
[ 1487.691155][T17264]  ? __virt_addr_valid+0x45f/0x530
[ 1487.696307][T17264]  ? __check_object_size+0x49c/0x900
[ 1487.701628][T17264]  netlink_sendmsg+0x73d/0xcb0
[ 1487.706441][T17264]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1487.711757][T17264]  ? __import_iovec+0x536/0x820
[ 1487.716637][T17264]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1487.721944][T17264]  ? security_socket_sendmsg+0x87/0xb0
[ 1487.727486][T17264]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1487.732804][T17264]  __sock_sendmsg+0x221/0x270
[ 1487.737505][T17264]  ____sys_sendmsg+0x525/0x7d0
[ 1487.742285][T17264]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1487.747586][T17264]  __sys_sendmsg+0x2b0/0x3a0
[ 1487.752178][T17264]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1487.757291][T17264]  ? vfs_write+0x7c4/0xc90
[ 1487.761742][T17264]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1487.768085][T17264]  ? do_syscall_64+0x100/0x230
[ 1487.772863][T17264]  ? do_syscall_64+0xb6/0x230
[ 1487.777559][T17264]  do_syscall_64+0xf3/0x230
[ 1487.782078][T17264]  ? clear_bhb_loop+0x35/0x90
[ 1487.786770][T17264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1487.792677][T17264] RIP: 0033:0x7f0594d773b9
[ 1487.797096][T17264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1487.816710][T17264] RSP: 002b:00007f0595b5e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1487.825126][T17264] RAX: ffffffffffffffda RBX: 00007f0594f05f80 RCX: 00007f0594d773b9
[ 1487.833104][T17264] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[ 1487.841077][T17264] RBP: 00007f0595b5e0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1487.849056][T17264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1487.857029][T17264] R13: 000000000000000b R14: 00007f0594f05f80 R15: 00007ffed3764ce8
[ 1487.865012][T17264]  </TASK>
[ 1593.267266][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1593.274255][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P17239/1:b..l
[ 1593.282798][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=113437, q=440 ncpus=2)
[ 1593.290595][    C0] task:syz.2.3109      state:R  running task     stack:24528 pid:17239 tgid:17238 ppid:15183  flags:0x00004002
[ 1593.303347][    C0] Call Trace:
[ 1593.306622][    C0]  <TASK>
[ 1593.309550][    C0]  __schedule+0x17ae/0x4a10
[ 1593.314083][    C0]  ? __pfx___schedule+0x10/0x10
[ 1593.318945][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1593.324926][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[ 1593.330208][    C0]  preempt_schedule_irq+0xfb/0x1c0
[ 1593.335314][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1593.341033][    C0]  irqentry_exit+0x5e/0x90
[ 1593.345436][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1593.351410][    C0] RIP: 0010:lock_acquire+0x264/0x550
[ 1593.356692][    C0] Code: 2b 00 74 08 4c 89 f7 e8 6a cd 87 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1593.376285][    C0] RSP: 0018:ffffc900046b6a60 EFLAGS: 00000206
[ 1593.382352][    C0] RAX: 0000000000000001 RBX: 1ffff920008d6d58 RCX: acbf70a4ed2c0300
[ 1593.390336][    C0] RDX: dffffc0000000000 RSI: ffffffff8beae6e0 RDI: ffffffff8c3f8840
[ 1593.398302][    C0] RBP: ffffc900046b6ba8 R08: ffffffff934eb807 R09: 1ffffffff269d700
[ 1593.406264][    C0] R10: dffffc0000000000 R11: fffffbfff269d701 R12: 1ffff920008d6d54
[ 1593.414229][    C0] R13: dffffc0000000000 R14: ffffc900046b6ac0 R15: 0000000000000246
[ 1593.422212][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1593.427233][    C0]  ? deref_stack_reg+0x1c7/0x260
[ 1593.432189][    C0]  ? __read_once_word_nocheck+0x9/0x20
[ 1593.437645][    C0]  ? deref_stack_reg+0x1c7/0x260
[ 1593.442585][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1593.448729][    C0]  is_bpf_text_address+0x46/0x2a0
[ 1593.453745][    C0]  ? is_bpf_text_address+0x26/0x2a0
[ 1593.458947][    C0]  ? is_bpf_text_address+0x26/0x2a0
[ 1593.464148][    C0]  ? is_module_text_address+0x128/0x190
[ 1593.469695][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1593.475847][    C0]  kernel_text_address+0xa7/0xe0
[ 1593.480776][    C0]  __kernel_text_address+0xd/0x40
[ 1593.485788][    C0]  unwind_get_return_address+0x5d/0xc0
[ 1593.491243][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.497315][    C0]  arch_stack_walk+0x125/0x1b0
[ 1593.502077][    C0]  stack_trace_save+0x118/0x1d0
[ 1593.506916][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1593.512287][    C0]  save_stack+0xfb/0x1f0
[ 1593.516524][    C0]  ? __pfx_save_stack+0x10/0x10
[ 1593.521368][    C0]  ? post_alloc_hook+0x1f3/0x230
[ 1593.526296][    C0]  ? get_page_from_freelist+0x2e4c/0x2f10
[ 1593.532004][    C0]  ? __alloc_pages_noprof+0x256/0x6c0
[ 1593.537368][    C0]  ? alloc_pages_mpol_noprof+0x3e8/0x680
[ 1593.543001][    C0]  ? vma_alloc_folio_noprof+0x12e/0x230
[ 1593.548538][    C0]  ? folio_prealloc+0x31/0x170
[ 1593.553312][    C0]  ? handle_pte_fault+0x2530/0x6eb0
[ 1593.558498][    C0]  ? handle_mm_fault+0xf70/0x1880
[ 1593.563507][    C0]  ? __get_user_pages+0x6ec/0x16a0
[ 1593.568606][    C0]  ? populate_vma_page_range+0x264/0x330
[ 1593.574223][    C0]  ? __mm_populate+0x27a/0x460
[ 1593.578990][    C0]  ? vm_mmap_pgoff+0x2c3/0x3d0
[ 1593.583771][    C0]  ? do_syscall_64+0xf3/0x230
[ 1593.588445][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.594531][    C0]  __set_page_owner+0x92/0x800
[ 1593.599292][    C0]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 1593.605879][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1593.610900][    C0]  ? __pfx___set_page_owner+0x10/0x10
[ 1593.616267][    C0]  ? do_raw_spin_trylock+0xc8/0x1f0
[ 1593.621489][    C0]  post_alloc_hook+0x1f3/0x230
[ 1593.626260][    C0]  get_page_from_freelist+0x2e4c/0x2f10
[ 1593.631811][    C0]  ? __alloc_pages_noprof+0x166/0x6c0
[ 1593.637193][    C0]  ? prepare_alloc_pages+0x369/0x5d0
[ 1593.642653][    C0]  __alloc_pages_noprof+0x256/0x6c0
[ 1593.647861][    C0]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1593.653594][    C0]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1593.659049][    C0]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1593.665030][    C0]  vma_alloc_folio_noprof+0x12e/0x230
[ 1593.670407][    C0]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1593.676311][    C0]  folio_prealloc+0x31/0x170
[ 1593.681069][    C0]  handle_pte_fault+0x2530/0x6eb0
[ 1593.686105][    C0]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1593.691480][    C0]  ? follow_page_pte+0x29a/0x1ee0
[ 1593.696497][    C0]  ? follow_page_pte+0x83f/0x1ee0
[ 1593.701517][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1593.706535][    C0]  ? count_memcg_event_mm+0x3c2/0x420
[ 1593.711915][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1593.717106][    C0]  ? folio_mark_accessed+0x6f6/0x11b0
[ 1593.722487][    C0]  handle_mm_fault+0xf70/0x1880
[ 1593.727354][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1593.732643][    C0]  ? __get_user_pages+0x76c/0x16a0
[ 1593.737755][    C0]  __get_user_pages+0x6ec/0x16a0
[ 1593.742706][    C0]  ? __pfx___get_user_pages+0x10/0x10
[ 1593.748089][    C0]  populate_vma_page_range+0x264/0x330
[ 1593.753545][    C0]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1593.759518][    C0]  ? userfaultfd_unmap_complete+0x30c/0x360
[ 1593.765419][    C0]  ? do_mmap+0x961/0x1010
[ 1593.769748][    C0]  __mm_populate+0x27a/0x460
[ 1593.774343][    C0]  ? __pfx___mm_populate+0x10/0x10
[ 1593.779462][    C0]  vm_mmap_pgoff+0x2c3/0x3d0
[ 1593.784058][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1593.789168][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1593.795495][    C0]  ? ksys_mmap_pgoff+0xdf/0x720
[ 1593.800345][    C0]  ? syscall_user_dispatch+0x4e/0x90
[ 1593.805621][    C0]  ? __x64_sys_mmap+0x7f/0x140
[ 1593.810389][    C0]  do_syscall_64+0xf3/0x230
[ 1593.814895][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1593.819579][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.825467][    C0] RIP: 0033:0x7f15ce7773b9
[ 1593.829876][    C0] RSP: 002b:00007f15cf5ce048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1593.838285][    C0] RAX: ffffffffffffffda RBX: 00007f15ce905f80 RCX: 00007f15ce7773b9
[ 1593.846277][    C0] RDX: 000000000000000f RSI: 0000000000b36000 RDI: 0000000020000000
[ 1593.854242][    C0] RBP: 00007f15ce7e48e6 R08: ffffffffffffffff R09: 0000000000000000
[ 1593.862208][    C0] R10: 0000000004008032 R11: 0000000000000246 R12: 0000000000000000
[ 1593.870171][    C0] R13: 000000000000000b R14: 00007f15ce905f80 R15: 00007ffcf8131698
[ 1593.878147][    C0]  </TASK>
[ 1593.881182][    C0] rcu: rcu_preempt kthread starved for 10560 jiffies! g113437 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1593.892460][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1593.902419][    C0] rcu: RCU grace-period kthread stack dump:
[ 1593.908297][    C0] task:rcu_preempt     state:R  running task     stack:26448 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1593.920030][    C0] Call Trace:
[ 1593.923301][    C0]  <TASK>
[ 1593.926227][    C0]  __schedule+0x17ae/0x4a10
[ 1593.930753][    C0]  ? __pfx___schedule+0x10/0x10
[ 1593.935599][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1593.940640][    C0]  ? __asan_memset+0x23/0x50
[ 1593.945330][    C0]  ? __pfx_lockdep_init_map_type+0x10/0x10
[ 1593.951137][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1593.957463][    C0]  ? schedule+0x90/0x320
[ 1593.961701][    C0]  schedule+0x14b/0x320
[ 1593.965850][    C0]  schedule_timeout+0x1be/0x310
[ 1593.970702][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1593.976103][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1593.981404][    C0]  ? prepare_to_swait_event+0x32e/0x350
[ 1593.986955][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1593.991802][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 1593.996995][    C0]  ? rcu_gp_init+0x1256/0x1630
[ 1594.001764][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1594.006694][    C0]  ? __pfx_dyntick_save_progress_counter+0x10/0x10
[ 1594.013187][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1594.018462][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1594.024348][    C0]  ? finish_swait+0xd4/0x1e0
[ 1594.028949][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 1594.033551][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1594.038752][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1594.044640][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1594.049668][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1594.054862][    C0]  kthread+0x2f0/0x390
[ 1594.058920][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1594.064204][    C0]  ? __pfx_kthread+0x10/0x10
[ 1594.068791][    C0]  ret_from_fork+0x4b/0x80
[ 1594.073207][    C0]  ? __pfx_kthread+0x10/0x10
[ 1594.077800][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1594.082573][    C0]  </TASK>
[ 1594.085581][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1594.091909][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1594.097145][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30