last executing test programs:

2m8.217760626s ago: executing program 4 (id=1979):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/udplite6\x00')
r1 = fanotify_init(0x0, 0x400)
fanotify_mark(r1, 0x1, 0x40001019, r0, 0x0)
read$FUSE(r0, &(0x7f0000006000)={0x2020}, 0x2020)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, 0x3, 0x2, 0x101, 0x0, 0x0, {0x1, 0x0, 0x3}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40804}, 0x40000d5)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d320987f70e06d038e7ff7fc6e5539b3247298b089b070d356e090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="010700000000000000002000000008", @ANYRES32], 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
truncate(&(0x7f0000000a40)='./file0\x00', 0xb34)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x58, r6, 0x1, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x6e}}}}, [@NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x28, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x7f}}, {0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x7ff}}, {0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8}}]}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x4040000)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_usb_control_io$uac1(r2, 0x0, &(0x7f00000006c0)={0x24, &(0x7f0000000080)={0x0, 0x0, 0x4, "a7212277"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYRES64], 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x3, 0x20, 0x0, 0x5, 0x3, 0x6, 0xfffffffe, 0x3bc, 0x38, 0x23b, 0xe, 0x6, 0x20, 0x1, 0x80, 0xf, 0x8}, [{0x3, 0x4, 0x9, 0x5, 0x907, 0x9734, 0x401, 0xfff}], "291f03a061bb0b5bab03dccdc40d5ffcc9b070d834917ec3e5ef3bdbda0a0e78265e00c1bf7b3a8e54976399acd7209cdb8f8c35a2b0b30da6f61aef08c750d8f6326682aa6a25a0ce80f90c095bb33887b20071ff2eef2faf222ab33449ca3862d27de38514516d9e0ddd9ed555e3adf976ff151be48847f858fa397840d0dcc7195d74d63b4c0a76b2146a18c92baa5b4324cd5e448fdb023fef2ce0e2beb1af52cb0efb8b4cf4a8d9a5506ace42fcca801be412a9cc6b01fd739429311a498eaf5baabd3f2d56916a073b7be017feaa03ad3b260d587db71619dfdd2525b43dab698ba98808843886ce565bf1b12546a31f4b23ac6ff941ed5c411855911bc2fbfce2e0081015f2525f9350f80e4f6e12b53d027f22bd1a64925e6d5f6f8dc841be5b5fa7707b6d6a63c3b23907dae742ef9291631a549c7ccffce0dd4ea91687343ebaa072cb9c74147ad5ef89c5041f16d5624236c0fb6c410238b93323b06d4f3c5a6f53e537c9a2029a01a51bfad0b171ee971c9b78828656a9be82eb6722cca5bd259d674d48f40d3d5b4c0a1ebb882e9dec4756f10cdd22630f2750d594f6f950b87d89c5857cc47015bd9492069903fe54b2986b346035a701d9dc97b80f394db47525940faff528ff41e39a9519f5258a57a5e3c0e2ec378d3d6a1d5a7152f93541c9708d806b3d266e4aa6f69fb2ccecb398c6e6a0580a668fc87f654713fb2e4a0a505c8146bd1b87830ee3e4c1d8a6b07c925e9e27b3cd72ca7788d2faaa03fc37ae55ec0dad056a2a90eb5b24f2277043b6a6d21591862321c4cbb478b2deb97091397517cd8bde2e547823ad6b813c0d127ecdf9bfaa5fb3e408bf77906e9de2c3"}, 0x2c1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f0000000640), 0x0)
syz_usb_control_io$hid(r7, &(0x7f00000001c0)={0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="00020c0000000c0002", @ANYBLOB="8d212271"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r7, &(0x7f0000000240)={0x2c, &(0x7f00000000c0)={0x20, 0x9, 0xb7, {0xb7, 0xd, "3bf41cff7d6686d981de1fb23fdf2084ea95b0f1679d60ac37e041d2e851cd9924842571a8e51cafb5cc2dfb91224e270d87375f0ae44757639b1d057a96f4dfacf504001d9afeda06973f3270ae0bd804417e5af9d3fe9c28dccb37cdd8a5ae7e396b95b44e00169f8567a1192d64f9c3673a42bde16661c002b2293990d7d7b9988007b892227704f308d826652e1953119487fafff86c937ac79eedbf8d105fce2934a6e4a23c86d94595d38b00000000000000"}}, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44d}}, &(0x7f0000000180)={0x0, 0xf, 0x12, {0x5, 0xf, 0x12, 0x2, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x1, 0xf, 0xe83}, @ptm_cap={0x3}]}}, &(0x7f00000001c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0xf3, 0x10, 0x8, 0x3, "c7cedce6", "8a92db33"}}, &(0x7f0000000200)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x3, 0x80, 0xf, 0x1, 0x4, 0x400, 0x9}}}, &(0x7f0000000740)={0x84, &(0x7f0000000280)={0x40, 0x17, 0x43, "26d3b743338bc070a4145841f369ea22a922b6dfb780541bb055553518890b19ca6a8cf1f5d3a6e1b6dd78eb3bbbca33724f874776537dd9c35a4c348341d422e5dd0a"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x6}, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000380)={0x20, 0x0, 0x4, {0x1}}, &(0x7f00000003c0)={0x20, 0x0, 0x4, {0x100, 0x1}}, &(0x7f0000000400)={0x40, 0x7, 0x2, 0x8}, &(0x7f0000000800)={0x40, 0x9, 0x0, 0x1}, &(0x7f0000000480)={0x40, 0xb, 0x2, "0674"}, &(0x7f00000004c0)={0x40, 0xf, 0x2, 0x35}, &(0x7f0000000500)={0x40, 0x13, 0x6, @random="c8ddb7eb7ef3"}, &(0x7f0000000540)={0x40, 0x17, 0x6}, &(0x7f0000000580)={0x40, 0x19, 0x2, "f200"}, &(0x7f00000005c0)={0x40, 0x1a, 0x2, 0x7}, &(0x7f0000000600)={0x40, 0x1c, 0x1, 0x6}, &(0x7f0000000640)={0x40, 0x1e, 0x1, 0x3}, &(0x7f0000000680)={0x40, 0x21, 0x1, 0x8}})

2m6.182792473s ago: executing program 4 (id=1985):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[], 0x20000408}}, 0x0)

2m5.838840148s ago: executing program 4 (id=1986):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000300)='\x00\x15\x00\b\xe6T\x89z\x01\xcfs\xb1V\xb08\xf8\x1b\\\xe2\xb2\xbbm\xcc\x9a\xe9\xa4$A\xe2Y{\x1d\xe9\xfbTL\x06lm\xc18\x83@\xf0z\x12\xa7\xe3Y\x00g\xad\xda\xc2S\xd0\x86\xd6\x93\xbe^\x1c\x05\x94(\xb6Dq\x93n\xe2\x80\xa5<\x96z\xfdp\x9e\xf1\x03\x84\a\x1a\x90\xd0\\.\xdcoC\x11O\xdbK\xcc\xef\x94<X m\xdeP\xb0eSbz\xe8\xe7\x05\xba\xa9\x8e\xb1')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef36"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
dup3(0xffffffffffffffff, r4, 0x80000)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000880)={'filter\x00', 0x7, 0x4, 0x3f0, 0x308, 0x110, 0x110, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@private, @rand_addr, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge_slave_0\x00', 'bridge0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev, @dev}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@arp={@remote, @dev={0xac, 0x14, 0x14, 0x21}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 'ip6_vti0\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x440)

2m2.574043539s ago: executing program 4 (id=1991):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = syz_open_dev$media(&(0x7f0000000ac0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './bus/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000400000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850002000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket(0x11, 0xa, 0x0)
ptrace$setregset(0x4205, 0x0, 0x2, &(0x7f00000000c0)={&(0x7f0000000100)="014f768e9a09", 0x6})
sendmsg$can_bcm(r7, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={0x0}, 0x8}, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
ptrace$getregset(0x21, r8, 0x202, &(0x7f0000000000)={0x0})
ptrace$cont(0x9, r8, 0x4, 0x6)
ioctl$MEDIA_IOC_SETUP_LINK(r2, 0xc0347c03, &(0x7f0000001240))
socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10e)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)

2m1.060815144s ago: executing program 4 (id=1995):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000900)="029993440c7a0c95d3bb8cf253fd63c588ff06000ff0fced840da0b08cb6e72082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c06045346588e2620d36a3ed8e8f2aa891268a9b33d2d55cb92f17bc9e8aaf62f94fb1143a79e72dcd910f5f45125df1bb3dc406cadfaa693beb85c9bf8daf45ad0d332b59be2550079eff7ac51dbfd801482dc1eb8e6f36990dc6e78940d2a3d0c16c023569ec2303690b40379bea72128dc680a09963beb9733c72cf749fd9409998b8c34349408deff7bca6bb7eddba08fee894b588291054aba8b41ef633e6a284d3827b8299736f5a204982f78fcd45ecf5d0188eb4151ea8056e3aa5197f809d7dfd7691cda00a9c7a6bf9cdce8eea4963a082d1d2fce8ab2fb6953b6cada8d103eee8bc10ca67b74498b67d701e1daccb2fd5c262e3ddffa65e0bf0a82bd76b41c0531cbefcb132bf6dfb6c0f3cbaec42bc0a566159441dc5717a1912d24f1199bdcf2a53d2f57526f69c3fc00407824ac6b888092105e6c26189186f16bd79c3c45725b64adc9fbbe3a36bad0defec7d0c5e89e00874a93eed41a4d4550d7bd5dae1a6ef99860568427b941991851427ecce64e07", 0x1b9}, {&(0x7f0000000e00)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f6", 0x6b}], 0x2}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="6bd95c2d0855656d402d726be38e213a566e8ceed462f9439f83102df9c5a39c82362d1f0ff3f2ae611187a592c712156d5abf604572e23c7af3c1704bb806c3df9f185bf7904f258d6ee5dabbcce929151e36cd739ef9fcd46af42715397007dd6e86", 0x63}], 0x1}}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000c00)="a45ea7ecf9a8d6a6dbcbf2f17ef46f78f244639ce94c6b53a6d704396588dc9cc53e2141ae41c4d559ca956b8fbd06eff8d19472d58903ebde2ba0d98a45277e0528c0a8ef0ad1f16686c497b608ec2118075ba79ef62af69c4309a5259badd320aea0ebfa1eb5991de58bd246deae894634d866c659b3223fe3f489aa675f80be6754b524c3f89184e7e1148c7ad551876678f9c7fb89fd150b2e8e82eb384a1fc1962d9c7b323345237badff7ede15b8c3896c01abdbf298f0e9c9c4c0b73c17a25699a678494554ef83f92a3a0ef0126087c3b96d3f7df3ebda728bcdab7d2b89a6a1f4db9f89509058e6c4a114be0e202d01396d932649914304b06c6c602bc67eae306281d4147aa088ada82fc65ae2dbdc33fe77523d9b037e87e65771ea98625ae3c943", 0x127}], 0x1}}], 0x3, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000001480)="047b6783e59847bd4e37cf01617a3a519c8631fcfe5928088bff070a64aa8bfc61b507c22f5583d6d8ca6d9598a6bf9bba0c497051438565074af673edfe8b9be4108457a2b01e066fba9aa2fbfc5fe3c333e257d143506684378efe", 0x5c, 0x98076b246f72a741, 0x0, 0x0)

1m59.743894145s ago: executing program 4 (id=1997):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200080d0}, 0x4)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x80182)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
listen(0xffffffffffffffff, 0x74)
timer_settime(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
write$sndseq(r1, 0x0, 0x0)
r3 = syz_io_uring_setup(0x17546, &(0x7f0000000080)={0x0, 0x8837, 0x4, 0x5}, &(0x7f0000000000), &(0x7f0000000140))
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ip_vs_stats_percpu\x00')
read$FUSE(r4, &(0x7f00000003c0)={0x2020}, 0x2020)
capset(0x0, &(0x7f0000000140))
chmod(&(0x7f0000000140)='./file0\x00', 0xfeff)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
io_uring_enter(r3, 0x565, 0x0, 0x0, 0x0, 0x0)

1m43.473294372s ago: executing program 32 (id=1997):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200080d0}, 0x4)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x80182)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
listen(0xffffffffffffffff, 0x74)
timer_settime(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
write$sndseq(r1, 0x0, 0x0)
r3 = syz_io_uring_setup(0x17546, &(0x7f0000000080)={0x0, 0x8837, 0x4, 0x5}, &(0x7f0000000000), &(0x7f0000000140))
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ip_vs_stats_percpu\x00')
read$FUSE(r4, &(0x7f00000003c0)={0x2020}, 0x2020)
capset(0x0, &(0x7f0000000140))
chmod(&(0x7f0000000140)='./file0\x00', 0xfeff)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
io_uring_enter(r3, 0x565, 0x0, 0x0, 0x0, 0x0)

9.6199665s ago: executing program 2 (id=2301):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000300)='\x00\x15\x00\b\xe6T\x89z\x01\xcfs\xb1V\xb08\xf8\x1b\\\xe2\xb2\xbbm\xcc\x9a\xe9\xa4$A\xe2Y{\x1d\xe9\xfbTL\x06lm\xc18\x83@\xf0z\x12\xa7\xe3Y\x00g\xad\xda\xc2S\xd0\x86\xd6\x93\xbe^\x1c\x05\x94(\xb6Dq\x93n\xe2\x80\xa5<\x96z\xfdp\x9e\xf1\x03\x84\a\x1a\x90\xd0\\.\xdcoC\x11O\xdbK\xcc\xef\x94<X m\xdeP\xb0eSbz\xe8\xe7\x05\xba\xa9\x8e\xb1')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
dup3(0xffffffffffffffff, r4, 0x80000)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000880)={'filter\x00', 0x7, 0x4, 0x3f0, 0x308, 0x110, 0x110, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@private, @rand_addr, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge_slave_0\x00', 'bridge0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev, @dev}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@arp={@remote, @dev={0xac, 0x14, 0x14, 0x21}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 'ip6_vti0\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x440)

8.336406203s ago: executing program 1 (id=2304):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00')
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000080)='y', 0x1}], 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRESDEC=r0, @ANYBLOB="0adba6ae78b78418b093c7ed773da452716c594d7ef26f37ff9c30e64cb31215a86ecc2458f2921b919a21aec7dbb8640982010792c9dc8ce8514ecb7e36a03a23ca8d0f7075789a544915128adbb6103e2bc4897ff0d27831513fe8ee5589c32add717435a5ade37ed27303bb8090e458b0e276ecca4099b0c92012eec7539544ea6b987764e193d551", @ANYRES16=r0], &(0x7f0000000100)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
listen(r2, 0x8)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r3, 0x10c, 0x1, &(0x7f00000000c0), &(0x7f0000000240)=0x4)
accept4$inet(r2, &(0x7f0000000100), 0x0, 0x80800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00')
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r5, r5, r5)
stat(&(0x7f0000000180)='./cgroup/../file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
chown(&(0x7f0000000140)='./cgroup/../file0\x00', r5, r6)

8.237142342s ago: executing program 2 (id=2305):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOGET_VSCREENINFO(r0, 0x4600, &(0x7f0000000000))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0xc4}}, 0x0)
ioctl$FBIO_WAITFORVSYNC(r0, 0x4601, 0x20000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getdents(0xffffffffffffffff, &(0x7f0000000440)=""/96, 0x60)
syz_usb_connect(0x0, 0x26, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000000c0)=<r1=>0x0)
sched_rr_get_interval(r1, &(0x7f0000000100))
r2 = getpid()
prctl$PR_SCHED_CORE(0x36, 0x0, r2, 0x0, 0x0)

7.889053065s ago: executing program 5 (id=2307):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000140)={0x67, 0xfff, 0x8, "37d7544dadb6537302ba1d949d38bf33d65a2502c8fb23b5ace7ee90914a5300edabb71300db032eb02b7921adb1124221ae2c662a37eca3731dc56dd4bc01f12c3a135252e1974dc2d31a192c2b5becc56dfaa3b8b313f939d6349cae88cd5f6810bb7ec8e2f3"})

7.737874967s ago: executing program 1 (id=2308):
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fanotify_init(0x202, 0x0)
r0 = syz_io_uring_setup(0x22c, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0xaa}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x6, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="9930b90f", 0x4}], 0x1})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

6.935357657s ago: executing program 2 (id=2309):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01172cbd70080003", @ANYRES32=0x0, @ANYBLOB="0c005080040005003efe06"], 0x28}, 0x1, 0x0, 0x0, 0x24048000}, 0x0)
ptrace(0x10, r0)
r1 = syz_usb_connect$uac1(0x0, 0xdc, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005000c240206656b9bbe356aa331"], 0x0)
syz_usb_control_io(r1, &(0x7f0000001bc0)={0x2c, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0003040005f6f24d64"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r1, &(0x7f00000000c0)={0x14, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000100000004032f040dce970609351b145f4b01c77ef69f418f2731988dd87a95712b5233470aa64ef17d6226ab382973ae924e8e0ed4a874e6a5fcf7e7128ef7792b48aa07fccc6dfe4576d82e767d0ec6a54b68dcceec9a8811398f81c60e6b2f4274d73d9bd97ce38bc27d943eac80dfa9a22621c6bab18837"]}, 0x0)
syz_usb_control_io(r1, &(0x7f0000001080)={0x2c, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0, 0x0}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000540)={0x80e, 0x3132564e, 0x1, @discrete={0x89d, 0xffffffff}})
ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000740)={0x0, 0x15})
r3 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000400)={0xa00965, 0x2})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xd, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffc, 0xffffffe4, 0x0, 0x0, 0x7f, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x38c000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x20002, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c80, 0xffffffffffffffb6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_io_uring_setup(0x4809, &(0x7f0000000500)={0x0, 0x3032, 0x2, 0x1, 0x151}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000004c0))
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$mice(0xffffff9c, &(0x7f00000004c0), 0xc0900)
syz_usb_connect(0x0, 0x34, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201001b94ba78084e08011daeed010202010902220001000004000904000001437b6a0009150000587738262b36970000000000070594ef6333ef"], 0x0)
ioctl$VHOST_VDPA_SET_STATUS(r7, 0x4001af72, &(0x7f0000000040)=0x2)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x3)
dup(r8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

6.638290008s ago: executing program 5 (id=2310):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x92, 0xdd, 0xee, 0x10, 0x403, 0x6010, 0x6639, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x6e, 0x0, 0x0, 0x53, 0xd0, 0xdc}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, &(0x7f0000000140)={0x0, 0xf, 0x4, "844750cd"}, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x40)
r2 = accept(0xffffffffffffffff, &(0x7f0000000040)=@sco, &(0x7f00000000c0)=0x80)
bind$can_raw(r2, &(0x7f0000000100), 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000940)={{}, {0x0, 0xfd}, 0x800, 0x0, 0x40})

6.633732113s ago: executing program 1 (id=2312):
r0 = syz_open_dev$vcsn(&(0x7f00000002c0), 0xc, 0x800)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000300)) (async)
socket(0xa, 0x3, 0x3a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r2, 0x8, 0x0, 0x25dfdbfe}, 0x14}}, 0x0) (async)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="acfd640305133929db150645ef3c180000000000000000000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) (async)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
epoll_create(0x1) (async)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10, 0x0}}], 0x1, 0x20000080) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r8, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) (async)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x87, &(0x7f0000000100)=[{}], 0x8, 0x10, &(0x7f0000000140), &(0x7f00000001c0), 0x8, 0xf9, 0x8, 0x8, &(0x7f0000000200)}}, 0x10) (async)
r10 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r10, 0xc028564e, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.522573057s ago: executing program 0 (id=2313):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x1e8, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000480))
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000002c0)={0xc})
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x301880, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000540)={@remote, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, 0x0, 0x0, 0x9, 0x0, 0x3, 0x6})

5.704792507s ago: executing program 0 (id=2314):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, 0x0, 0x0)
sendmsg$rds(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
syz_open_dev$dri(0x0, 0x1, 0x41)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x800000000004, @tid=r5}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0x40045542, &(0x7f0000000b00))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)

4.702531345s ago: executing program 0 (id=2316):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="88010000170a01010000000000000000"], 0x188}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, 0x0)
set_mempolicy(0x2, &(0x7f00000001c0)=0x2, 0x6)
socket(0x10, 0x803, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r4, 0x104, 0x3, &(0x7f0000000000)=0x4, 0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x23, &(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00'}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}, 0x1}, r5}}, 0x48)

4.60356795s ago: executing program 2 (id=2318):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x44}}, 0x0)

3.624024505s ago: executing program 2 (id=2319):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r0, 0x0, 0xc1000004, &(0x7f00000000c0))

3.13424292s ago: executing program 3 (id=2320):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x8000000)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000002100)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data}}}}}, 0x0)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x6, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
recvmsg(r2, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000080)=""/151, 0x97}, {&(0x7f0000000140)=""/133, 0x85}, {&(0x7f0000000200)=""/237, 0xed}, {&(0x7f0000000300)=""/244, 0xf4}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/204, 0xcc}], 0x6, &(0x7f0000001580)=""/43, 0x2b}, 0x40000101)

3.072624158s ago: executing program 3 (id=2321):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x19, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
add_key(&(0x7f0000000140)='dns_resolver\x00', 0x0, &(0x7f00000001c0)="bcfdc195f8b8fff0d7d38cebc3ab0a281077b472f633f263e6cec7a46ae5a30d3b4a34df3f57560217ec82ad86f90bcdc0538fb8d3974e4345d3653747b5e8e4effd9e38b7d65a6e70ead21cf7dfda1f078866875d57cfd0e398fea002ae", 0x5e, 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[], 0xf8}}, 0x4004811)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8844)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000a3c000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
r6 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_opts(r6, 0x0, 0x16, &(0x7f0000000380), 0x0)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)

3.043651182s ago: executing program 5 (id=2322):
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fanotify_init(0x202, 0x0)
r0 = syz_io_uring_setup(0x22c, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0xaa}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x6, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="9930b90f", 0x4}], 0x1})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.946286986s ago: executing program 1 (id=2323):
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={'veth0_macvtap\x00', {0x2, 0x4e20, @multicast2}})
r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000040)={0x2c, &(0x7f00000001c0)=ANY=[@ANYBLOB="000008000000080482", @ANYBLOB="e3"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = open(&(0x7f0000000380)='./bus\x00', 0x0, 0x0)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
sendfile(r3, r2, 0x0, 0x4000000053d2)
write$6lowpan_control(r2, &(0x7f00000000c0)='connect aa:aa:aa:aa:aa:10 1', 0x1b)
syz_usb_ep_write(r1, 0x81, 0x1, &(0x7f0000000080)='Q')

2.383480583s ago: executing program 3 (id=2324):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x1e8, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000480))
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000002c0)={0xc})
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x301880, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000540)={@remote, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, 0x0, 0x0, 0x9, 0x0, 0x3, 0x6})

2.382720105s ago: executing program 5 (id=2325):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x64}, @initr0, @exit]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000002dc0)=[{}], 0x8, 0x10, &(0x7f0000002e00), &(0x7f0000000400), 0x8, 0x10, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r4, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0x9}}, './file0\x00'})
ioctl$VIDIOC_QUERY_EXT_CTRL(r5, 0xc0e85667, &(0x7f0000000180)={0x80000000, 0x5, "80e96f3d64096d1e48bf65009441823317d797810c0c4f86e4f92d854fd0fb2b", 0x0, 0x1, 0x7, 0x400, 0xe, 0xd05, 0xa4d, 0x800, [0x9, 0xffff195f, 0x8001000, 0xe]})
syz_clone(0x6897b900, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a00000002100390d0000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="bd6b6e00000000005000"], 0xa0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r6, 0x5607, 0x2c)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000000))
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000180)={0x74, r1, 0x1, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x56, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @device_a, @initial, {0xb}}, 0x0, @random=0x3d, 0x100, @void, @val, @val={0x3, 0x1, 0xc}, @void, @val={0x6, 0x2, 0x7}, @val={0x2d, 0x1a, {0x8, 0x3, 0x2, 0x0, {0x6, 0xf, 0x0, 0xe, 0x0, 0x0, 0x0, 0x2}, 0x1, 0x3, 0x2}}, @void, @val={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0, 0xf3, 0x60}}}}]}, 0x74}, 0x1, 0x0, 0x0, 0xba4820d6f685561f}, 0x0)

2.304956951s ago: executing program 0 (id=2326):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, 0x0, 0x0)
sendmsg$rds(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
syz_open_dev$dri(0x0, 0x1, 0x41)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x800000000004, @tid=r5}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0x40045542, &(0x7f0000000b00))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)

1.578656834s ago: executing program 2 (id=2327):
socket$inet_udp(0x2, 0x2, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x10, &(0x7f00000006c0)="170000000200020000ffbe8c5ee17688a20034000303000afdff0230040000d90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff01", 0xb9)
r4 = syz_io_uring_setup(0x702, &(0x7f0000000480)={0x0, 0x0, 0x800, 0x802}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{&(0x7f0000001800)=""/224, 0xe0}], 0x1})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.578276712s ago: executing program 1 (id=2328):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000350000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4318123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e997ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000000), &(0x7f0000000140)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg(r1, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20080}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x11}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x4c}, 0x1, 0x0, 0x0, 0xb971ff42f316a399}, 0x0)

1.560306843s ago: executing program 3 (id=2329):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x44}}, 0x0)

1.48514354s ago: executing program 3 (id=2330):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @none={0x0, 0xffff}}, 0x14)
r1 = socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000600))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000000)={0x60, 0x0, &(0x7f000007c000/0x4000)=nil, &(0x7f0000839000/0x1000)=nil, 0x0, &(0x7f00000000c0)=[{0x0, 0x0, 0xfffffffffffffffc}], 0x1, 0x1})
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000007c0)=""/221, 0xdd}, {&(0x7f00000022c0)=""/249, 0xf9}, {&(0x7f0000002400)=""/4089, 0xff9}, {&(0x7f0000000f00)=""/178, 0xb2}, {&(0x7f00000009c0)=""/173, 0xad}, {&(0x7f00000006c0)=""/210, 0xd2}, {&(0x7f0000000580)=""/204, 0xcc}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f0000000500)=""/62, 0x3e}, {&(0x7f0000000a80)=""/126, 0x7e}, {&(0x7f00000002c0)=""/243, 0xf3}], 0xb}, 0x10000)
recvmsg$kcm(r1, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)

1.244163927s ago: executing program 1 (id=2331):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
alarm(0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', 0x0)

1.243409874s ago: executing program 0 (id=2332):
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000160001f47efde4be701161000a000000040000800400", @ANYRES32=r0], 0x1c}}, 0x0)

1.223181549s ago: executing program 5 (id=2333):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = dup2(r2, r2)
r4 = dup(r3)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x40000104)
sendmsg$tipc(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
shutdown(r6, 0x2)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000020000008e04"])
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000440)={0xc0, r7, 0x200, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x10000, 0x38}}}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0xf4, 0x40b281a}}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x80}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xe, 0xbd, [0x40, 0x3, 0x7, 0x1d, 0x101]}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x2}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x12, 0xbd, [0x7, 0xc6e6, 0x5, 0x3, 0x2, 0x2, 0x2b7]}, @NL80211_ATTR_STA_WME={0x3c, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xfc}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x7f}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x3}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0xfe}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x40}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x10b0}, 0x20000)
recvmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r0)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

158.807577ms ago: executing program 3 (id=2334):
r0 = gettid()
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8)
timer_create(0x0, &(0x7f0000001080)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r1 = gettid()
tkill(r1, 0x14)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
gettid() (async)
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8) (async)
timer_create(0x0, &(0x7f0000001080)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000044000)) (async)
timer_settime(0x0, 0x0, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) (async)
gettid() (async)
tkill(r1, 0x14) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) (async)

15.793612ms ago: executing program 0 (id=2335):
fsopen(0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fanotify_init(0x202, 0x0)
r0 = syz_io_uring_setup(0x22c, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0xaa}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x6, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="9930b90f", 0x4}], 0x1})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=2336):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="88010000170a01010000000000000000"], 0x188}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, 0x0)
set_mempolicy(0x2, &(0x7f00000001c0)=0x2, 0x6)
socket(0x10, 0x803, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r4, 0x104, 0x3, &(0x7f0000000000)=0x4, 0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x23, &(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00'}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}, 0x1}, r5}}, 0x48)

kernel console output (not intermixed with test programs):

es+0x2a/0x410
[  851.379858][T12486]  __se_sys_sendfile64+0x17c/0x1e0
[  851.384987][T12486]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  851.390631][T12486]  ? do_syscall_64+0x100/0x230
[  851.395397][T12486]  ? do_syscall_64+0xb6/0x230
[  851.400073][T12486]  do_syscall_64+0xf3/0x230
[  851.404573][T12486]  ? clear_bhb_loop+0x35/0x90
[  851.409276][T12486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.415176][T12486] RIP: 0033:0x7f2042f85d29
[  851.419588][T12486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  851.439190][T12486] RSP: 002b:00007f2043da0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  851.447638][T12486] RAX: ffffffffffffffda RBX: 00007f2043175fa0 RCX: 00007f2042f85d29
[  851.455610][T12486] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  851.463582][T12486] RBP: 00007f2043da0090 R08: 0000000000000000 R09: 0000000000000000
[  851.471641][T12486] R10: 000000000000067f R11: 0000000000000246 R12: 0000000000000001
[  851.479610][T12486] R13: 0000000000000000 R14: 00007f2043175fa0 R15: 00007ffc3f722c18
[  851.487636][T12486]  </TASK>
[  851.490768][    C1] vkms_vblank_simulate: vblank timer overrun
[  851.561668][T12488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  851.597839][T12488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  851.618084][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  851.618104][   T29] audit: type=1326 audit(1737090876.337:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  851.666688][   T29] audit: type=1326 audit(1737090876.337:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  851.675132][T12496] syz1: rxe_newlink: already configured on wg0
[  851.726450][   T29] audit: type=1326 audit(1737090876.387:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  851.759797][   T29] audit: type=1326 audit(1737090876.387:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  851.770255][T12488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  851.788048][   T29] audit: type=1326 audit(1737090876.387:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  851.812653][T12488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  851.892901][T12505] 9pnet_fd: Insufficient options for proto=fd
[  851.908705][   T29] audit: type=1326 audit(1737090876.407:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  852.003450][   T29] audit: type=1326 audit(1737090876.407:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  852.061483][   T29] audit: type=1326 audit(1737090876.417:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  852.107924][   T29] audit: type=1326 audit(1737090876.447:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  852.132442][   T29] audit: type=1326 audit(1737090876.447:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.2.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  852.293532][T12521] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  852.293860][T12519] netlink: 'syz.1.1838': attribute type 1 has an invalid length.
[  852.302396][T12521] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  852.444503][T12521] openvswitch: netlink: Flow actions attr not present in new flow.
[  852.478840][ T5874] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  852.636624][ T5874] usb 1-1: Using ep0 maxpacket: 32
[  852.636744][T12521] netlink: 'syz.4.1837': attribute type 29 has an invalid length.
[  852.643976][ T5874] usb 1-1: unable to get BOS descriptor or descriptor too short
[  852.673451][ T5874] usb 1-1: config 7 has an invalid interface number: 187 but max is 0
[  852.759984][ T5874] usb 1-1: config 7 has no interface number 0
[  852.876684][ T5874] usb 1-1: config 7 interface 187 altsetting 6 bulk endpoint 0x4 has invalid maxpacket 947
[  852.897966][ T5874] usb 1-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 16
[  852.908549][ T5874] usb 1-1: config 7 interface 187 has no altsetting 0
[  852.975475][ T5874] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  852.989944][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  852.998172][ T5874] usb 1-1: Product: syz
[  853.002391][ T5874] usb 1-1: Manufacturer: syz
[  853.007335][ T5874] usb 1-1: SerialNumber: syz
[  853.222544][T12517] raw-gadget.10 gadget.0: fail, usb_ep_enable returned -22
[  853.267968][T12517] raw-gadget.10 gadget.0: fail, usb_ep_enable returned -22
[  853.885745][T12527] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  853.912449][ T5874] usb 1-1: Cannot retrieve CPort count: -110
[  854.413905][ T5874] usb 1-1: Cannot retrieve CPort count: -110
[  854.420293][ T5874] es2_ap_driver 1-1:7.187: probe with driver es2_ap_driver failed with error -110
[  856.707504][T12542] rdma_rxe: rxe_newlink: failed to add wg0
[  857.488328][ T5874] usb 1-1: USB disconnect, device number 49
[  857.781936][T12554] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1848'.
[  857.999069][T12560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  858.007849][T12560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  858.016395][ T5874] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  858.034374][T12563] netlink: 'syz.2.1851': attribute type 1 has an invalid length.
[  858.062121][T12563] 8021q: adding VLAN 0 to HW filter on device bond0
[  858.105356][T12563] bond0: (slave bridge1): making interface the new active one
[  858.114468][T12563] bond0: (slave bridge1): Enslaving as an active interface with an up link
[  858.136080][T12563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1851'.
[  858.145785][T12563] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1851'.
[  858.146993][ T5874] usb 1-1: device descriptor read/64, error -71
[  858.169471][T12560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  858.209497][T12560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  858.406446][ T5874] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  858.556486][ T5874] usb 1-1: device descriptor read/64, error -71
[  858.666804][ T5874] usb usb1-port1: attempt power cycle
[  859.016620][ T5874] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  859.084883][ T5874] usb 1-1: device descriptor read/8, error -71
[  859.382672][ T5874] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  859.539712][ T5874] usb 1-1: device descriptor read/8, error -71
[  859.650381][ T5874] usb usb1-port1: unable to enumerate USB device
[  860.144793][T12587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1857'.
[  860.154508][T12587] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1857'.
[  860.706395][T12593] netlink: 372 bytes leftover after parsing attributes in process `syz.2.1859'.
[  861.179299][T12595] rdma_rxe: rxe_newlink: failed to add wg0
[  861.247103][T12597] tmpfs: Unknown parameter 'g‚d'
[  861.674073][T12604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1863'.
[  861.683345][T12604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1863'.
[  862.166443][  T976] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  862.336346][  T976] usb 1-1: Using ep0 maxpacket: 16
[  862.354405][  T976] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  862.384094][  T976] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  862.422036][  T976] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  862.532058][  T976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  862.566470][  T976] usb 1-1: Product: syz
[  862.607260][  T976] usb 1-1: Manufacturer: syz
[  862.626889][  T976] usb 1-1: SerialNumber: syz
[  863.287949][T12631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  863.307589][T12631] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  863.335172][T12631] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  863.437546][T12634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1871'.
[  863.449385][T12634] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1871'.
[  863.450487][T12610] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  863.546708][T12610] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  863.691432][  T976] usb 1-1: 0:2 : does not exist
[  863.778533][  T976] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  864.109319][  T976] usb 1-1: USB disconnect, device number 54
[  864.299585][T12647] rdma_rxe: rxe_newlink: failed to add wg0
[  864.726448][  T976] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  864.907317][  T976] usb 1-1: Using ep0 maxpacket: 8
[  864.935458][  T976] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  864.951415][  T976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  865.048634][  T976] usb 1-1: Product: syz
[  865.052873][  T976] usb 1-1: Manufacturer: syz
[  865.062194][  T976] usb 1-1: SerialNumber: syz
[  865.069961][  T976] usb 1-1: config 0 descriptor??
[  865.077412][T12665] FAULT_INJECTION: forcing a failure.
[  865.077412][T12665] name failslab, interval 1, probability 0, space 0, times 0
[  865.090867][T12665] CPU: 0 UID: 0 PID: 12665 Comm: syz.1.1881 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  865.101679][T12665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  865.111764][T12665] Call Trace:
[  865.115053][T12665]  <TASK>
[  865.117995][T12665]  dump_stack_lvl+0x241/0x360
[  865.122699][T12665]  ? __pfx_dump_stack_lvl+0x10/0x10
[  865.127921][T12665]  ? __pfx__printk+0x10/0x10
[  865.132539][T12665]  should_fail_ex+0x3b0/0x4e0
[  865.137236][T12665]  should_failslab+0xac/0x100
[  865.141938][T12665]  ? skb_clone+0x20c/0x390
[  865.146381][T12665]  kmem_cache_alloc_noprof+0x70/0x380
[  865.151806][T12665]  skb_clone+0x20c/0x390
[  865.156062][T12665]  ? dev_queue_xmit_nit+0x3fe/0xca0
[  865.161276][T12665]  dev_queue_xmit_nit+0x249/0xca0
[  865.166322][T12665]  ? dev_queue_xmit_nit+0x2b/0xca0
[  865.171476][T12665]  ? validate_xmit_skb+0x9b8/0xff0
[  865.176610][T12665]  dev_hard_start_xmit+0x15f/0x7d0
[  865.181734][T12665]  ? __pfx_validate_xmit_skb+0x10/0x10
[  865.187217][T12665]  __dev_queue_xmit+0x1b73/0x3f50
[  865.192252][T12665]  ? kasan_save_track+0x51/0x80
[  865.197131][T12665]  ? ____sys_sendmsg+0x52a/0x7e0
[  865.202089][T12665]  ? __dev_queue_xmit+0x2f4/0x3f50
[  865.207222][T12665]  ? __pfx___dev_queue_xmit+0x10/0x10
[  865.212643][T12665]  ? __copy_skb_header+0x437/0x5b0
[  865.217789][T12665]  ? __asan_memcpy+0x40/0x70
[  865.222413][T12665]  ? __copy_skb_header+0x437/0x5b0
[  865.227547][T12665]  ? __skb_clone+0x454/0x6c0
[  865.232161][T12665]  ? skb_clone+0x240/0x390
[  865.236620][T12665]  __netlink_deliver_tap+0x56b/0x7f0
[  865.242019][T12665]  ? netlink_deliver_tap+0x2e/0x1b0
[  865.247231][T12665]  netlink_deliver_tap+0x19d/0x1b0
[  865.252369][T12665]  netlink_unicast+0x7c4/0x990
[  865.257162][T12665]  ? __pfx_netlink_unicast+0x10/0x10
[  865.262455][T12665]  ? __virt_addr_valid+0x45f/0x530
[  865.267581][T12665]  ? __phys_addr_symbol+0x2f/0x70
[  865.272617][T12665]  ? __check_object_size+0x47a/0x730
[  865.277931][T12665]  netlink_sendmsg+0x8e4/0xcb0
[  865.282733][T12665]  ? __pfx_netlink_sendmsg+0x10/0x10
[  865.288046][T12665]  ? __pfx_netlink_sendmsg+0x10/0x10
[  865.293352][T12665]  __sock_sendmsg+0x221/0x270
[  865.298059][T12665]  ____sys_sendmsg+0x52a/0x7e0
[  865.302853][T12665]  ? __pfx_____sys_sendmsg+0x10/0x10
[  865.308242][T12665]  ? __fget_files+0x2a/0x410
[  865.312855][T12665]  ? __fget_files+0x2a/0x410
[  865.317509][T12665]  __sys_sendmsg+0x269/0x350
[  865.322121][T12665]  ? __pfx_lock_release+0x10/0x10
[  865.327168][T12665]  ? __pfx___sys_sendmsg+0x10/0x10
[  865.332307][T12665]  ? __pfx_vfs_write+0x10/0x10
[  865.337126][T12665]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  865.343469][T12665]  ? do_syscall_64+0x100/0x230
[  865.348247][T12665]  ? do_syscall_64+0xb6/0x230
[  865.352944][T12665]  do_syscall_64+0xf3/0x230
[  865.357464][T12665]  ? clear_bhb_loop+0x35/0x90
[  865.362155][T12665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.368072][T12665] RIP: 0033:0x7fc1c7585d29
[  865.372587][T12665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.392204][T12665] RSP: 002b:00007fc1c8306038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  865.400635][T12665] RAX: ffffffffffffffda RBX: 00007fc1c7775fa0 RCX: 00007fc1c7585d29
[  865.408625][T12665] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  865.416607][T12665] RBP: 00007fc1c8306090 R08: 0000000000000000 R09: 0000000000000000
[  865.424673][T12665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  865.432650][T12665] R13: 0000000000000000 R14: 00007fc1c7775fa0 R15: 00007fff0eb60158
[  865.440649][T12665]  </TASK>
[  865.479444][  T976] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  865.489474][  T976] usb 1-1: setting power ON
[  865.494409][  T976] dvb-usb: bulk message failed: -22 (2/0)
[  865.508427][T12665] netlink: 'syz.1.1881': attribute type 8 has an invalid length.
[  865.556937][  T976] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  865.587201][  T976] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  865.595720][  T976] usb 1-1: media controller created
[  865.652471][  T976] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  865.731045][  T976] usb 1-1: selecting invalid altsetting 6
[  865.739954][  T976] usb 1-1: digital interface selection failed (-22)
[  865.748014][  T976] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  865.759580][  T976] usb 1-1: setting power OFF
[  865.777743][  T976] dvb-usb: bulk message failed: -22 (2/0)
[  865.794913][  T976] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  865.837828][  T976] (NULL device *): no alternate interface
[  865.846471][T12673] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1884'.
[  865.876530][T12673] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1884'.
[  865.907528][  T976] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  865.936160][T12673] 9pnet_fd: Insufficient options for proto=fd
[  865.955341][T12673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  865.996215][T12673] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  867.067245][T12688] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  867.076145][T12688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  867.097504][T12692] overlayfs: overlapping lowerdir path
[  867.403807][ T5874] usb 1-1: USB disconnect, device number 55
[  867.766865][T12704] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1893'.
[  869.167617][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  869.167642][   T29] audit: type=1326 audit(1737090893.137:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12711 comm="syz.3.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7fc00000
[  869.195398][    C0] vkms_vblank_simulate: vblank timer overrun
[  869.211033][   T29] audit: type=1326 audit(1737090893.207:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12716 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6135d85d29 code=0x7fc00000
[  869.232633][    C0] vkms_vblank_simulate: vblank timer overrun
[  869.351728][   T29] audit: type=1326 audit(1737090894.057:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12716 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6135d84690 code=0x7fc00000
[  869.373801][   T29] audit: type=1326 audit(1737090894.087:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12711 comm="syz.3.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2b92b84690 code=0x7fc00000
[  869.394024][T12714] netlink: 'syz.2.1897': attribute type 10 has an invalid length.
[  869.395528][    C0] vkms_vblank_simulate: vblank timer overrun
[  869.528341][   T29] audit: type=1326 audit(1737090894.177:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12711 comm="syz.3.1899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7fc00000
[  869.549957][    C0] vkms_vblank_simulate: vblank timer overrun
[  869.578851][T12710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  869.645908][T12714] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1897'.
[  869.746505][   T29] audit: type=1326 audit(1737090894.187:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12716 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6135d85d29 code=0x7fc00000
[  869.937555][T12710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  869.949878][T12714] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  870.482593][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  870.493318][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  870.926081][   T29] audit: type=1326 audit(1737090895.637:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12737 comm="syz.4.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6135d85d29 code=0x7ffc0000
[  870.947876][    C0] vkms_vblank_simulate: vblank timer overrun
[  870.954719][   T29] audit: type=1326 audit(1737090895.637:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12737 comm="syz.4.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6135d85d29 code=0x7ffc0000
[  870.977869][   T29] audit: type=1326 audit(1737090895.637:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12737 comm="syz.4.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f6135d85d29 code=0x7ffc0000
[  870.999437][    C0] vkms_vblank_simulate: vblank timer overrun
[  871.045721][T12739] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1904'.
[  871.062459][   T29] audit: type=1326 audit(1737090895.777:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12741 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[  871.310400][T12754] overlayfs: overlapping lowerdir path
[  875.320225][T12743] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1904'.
[  875.401966][T12778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  875.433615][T12778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  875.965036][T12792] xt_bpf: check failed: parse error
[  876.621583][T12791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  876.630372][T12791] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  876.737341][T12791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  876.748616][T12791] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  876.786082][T12799] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1922'.
[  876.806244][T12801] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1923'.
[  876.988611][T12808] FAULT_INJECTION: forcing a failure.
[  876.988611][T12808] name failslab, interval 1, probability 0, space 0, times 0
[  877.013138][T12808] CPU: 0 UID: 0 PID: 12808 Comm: syz.4.1926 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  877.024412][T12808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  877.034525][T12808] Call Trace:
[  877.037848][T12808]  <TASK>
[  877.040821][T12808]  dump_stack_lvl+0x241/0x360
[  877.045562][T12808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  877.050834][T12808]  ? __pfx__printk+0x10/0x10
[  877.055477][T12808]  ? __kmalloc_cache_noprof+0x48/0x390
[  877.060986][T12808]  ? __pfx___might_resched+0x10/0x10
[  877.066386][T12808]  should_fail_ex+0x3b0/0x4e0
[  877.071130][T12808]  should_failslab+0xac/0x100
[  877.075868][T12808]  __kmalloc_cache_noprof+0x70/0x390
[  877.081288][T12808]  ? alloc_pipe_info+0xeb/0x4d0
[  877.086200][T12808]  alloc_pipe_info+0xeb/0x4d0
[  877.090933][T12808]  splice_direct_to_actor+0xa9e/0xc80
[  877.096378][T12808]  ? __pfx_direct_splice_actor+0x10/0x10
[  877.102070][T12808]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  877.108036][T12808]  ? __fget_files+0x2a/0x410
[  877.112677][T12808]  ? __pfx_lock_release+0x10/0x10
[  877.117894][T12808]  do_splice_direct+0x289/0x3e0
[  877.122904][T12808]  ? __pfx_do_splice_direct+0x10/0x10
[  877.128326][T12808]  ? __fget_files+0x2a/0x410
[  877.132942][T12808]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  877.138874][T12808]  ? bpf_lsm_file_permission+0x9/0x10
[  877.144274][T12808]  ? security_file_permission+0x74/0x280
[  877.149927][T12808]  ? rw_verify_area+0x1c3/0x6f0
[  877.154802][T12808]  do_sendfile+0x564/0x8a0
[  877.159316][T12808]  ? __pfx_do_sendfile+0x10/0x10
[  877.164279][T12808]  ? __fget_files+0x2a/0x410
[  877.168986][T12808]  __se_sys_sendfile64+0x17c/0x1e0
[  877.174129][T12808]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  877.179813][T12808]  ? do_syscall_64+0x100/0x230
[  877.184628][T12808]  ? do_syscall_64+0xb6/0x230
[  877.189344][T12808]  do_syscall_64+0xf3/0x230
[  877.193893][T12808]  ? clear_bhb_loop+0x35/0x90
[  877.198604][T12808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.204540][T12808] RIP: 0033:0x7f6135d85d29
[  877.208980][T12808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.228610][T12808] RSP: 002b:00007f6136acf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  877.237067][T12808] RAX: ffffffffffffffda RBX: 00007f6135f75fa0 RCX: 00007f6135d85d29
[  877.245329][T12808] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000009
[  877.253341][T12808] RBP: 00007f6136acf090 R08: 0000000000000000 R09: 0000000000000000
[  877.261424][T12808] R10: 00004000000053d2 R11: 0000000000000246 R12: 0000000000000001
[  877.269435][T12808] R13: 0000000000000000 R14: 00007f6135f75fa0 R15: 00007ffc26334e88
[  877.277487][T12808]  </TASK>
[  877.329883][T12811] batman_adv: batadv0: Adding interface: dummy0
[  877.336211][T12811] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  877.365533][T12811] batman_adv: batadv0: Interface activated: dummy0
[  877.375280][T12813] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  877.391109][T12813] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  877.394162][T12811] batadv0: mtu less than device minimum
[  877.407200][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.420901][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.433680][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.448368][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.461158][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.473886][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.486505][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.500204][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.512969][T12811] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  877.868042][T12827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  877.877277][T12827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  877.976459][    T8] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  878.137797][    T8] usb 1-1: Using ep0 maxpacket: 32
[  878.815875][    T8] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  878.852440][T12838] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1934'.
[  878.861447][T12838] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1934'.
[  878.880417][    T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  878.889678][    T8] usb 1-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  878.899128][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  878.911146][    T8] usb 1-1: config 0 descriptor??
[  878.919673][    T8] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  878.945826][    T8] input: xirlink-cit as /devices/platform/dummy_hcd.0/usb1/1-1/input/input24
[  879.274696][ T5901] usb 1-1: USB disconnect, device number 56
[  879.374826][   T29] kauditd_printk_skb: 32 callbacks suppressed
[  879.374847][   T29] audit: type=1326 audit(1737090904.087:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.436433][   T29] audit: type=1326 audit(1737090904.147:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.503317][   T29] audit: type=1326 audit(1737090904.147:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.534682][   T29] audit: type=1326 audit(1737090904.147:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.576484][   T29] audit: type=1326 audit(1737090904.147:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.639567][   T29] audit: type=1326 audit(1737090904.157:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.708457][T12864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  879.728861][T12864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  879.753779][   T29] audit: type=1326 audit(1737090904.157:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.779695][   T29] audit: type=1326 audit(1737090904.157:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.802227][   T29] audit: type=1326 audit(1737090904.157:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12849 comm="syz.2.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  879.880141][T12864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  880.141275][T12864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  880.893528][T12874] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1944'.
[  880.909907][T12874] veth0_macvtap: left promiscuous mode
[  881.115924][T12882] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  881.209395][T12882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  883.921690][T12901] block nbd3: shutting down sockets
[  884.021080][T12897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1950'.
[  884.030184][T12897] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1950'.
[  887.108316][   T29] audit: type=1400 audit(1737090911.677:948): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=12913 comm="syz.4.1956" daddr=::ffff:0.0.0.24
[  887.412483][   T29] audit: type=1400 audit(1737090911.677:949): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=12913 comm="syz.4.1956" daddr=::ffff:0.0.0.0
[  888.257548][T12936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  888.284560][T12936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  888.333929][T12940] FAULT_INJECTION: forcing a failure.
[  888.333929][T12940] name failslab, interval 1, probability 0, space 0, times 0
[  888.348612][T12940] CPU: 1 UID: 0 PID: 12940 Comm: syz.4.1963 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  888.348648][T12940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  888.348663][T12940] Call Trace:
[  888.348673][T12940]  <TASK>
[  888.348684][T12940]  dump_stack_lvl+0x241/0x360
[  888.348724][T12940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  888.348757][T12940]  ? __pfx__printk+0x10/0x10
[  888.348789][T12940]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  888.348817][T12940]  ? __pfx___might_resched+0x10/0x10
[  888.348859][T12940]  should_fail_ex+0x3b0/0x4e0
[  888.348889][T12940]  should_failslab+0xac/0x100
[  888.348927][T12940]  kmem_cache_alloc_node_noprof+0x77/0x380
[  888.348953][T12940]  ? __alloc_skb+0x1c3/0x440
[  888.348984][T12940]  __alloc_skb+0x1c3/0x440
[  888.349026][T12940]  ? __pfx___alloc_skb+0x10/0x10
[  888.349057][T12940]  ? netlink_ack_tlv_len+0x6e/0x200
[  888.349087][T12940]  netlink_ack+0x145/0xa50
[  888.349112][T12940]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  888.349140][T12940]  ? __pfx_nl80211_post_doit+0x10/0x10
[  888.349168][T12940]  ? __pfx___might_resched+0x10/0x10
[  888.349215][T12940]  netlink_rcv_skb+0x262/0x430
[  888.349243][T12940]  ? __pfx_genl_rcv_msg+0x10/0x10
[  888.349279][T12940]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  888.349340][T12940]  genl_rcv+0x28/0x40
[  888.349370][T12940]  netlink_unicast+0x7f6/0x990
[  888.349404][T12940]  ? __pfx_netlink_unicast+0x10/0x10
[  888.349426][T12940]  ? __virt_addr_valid+0x45f/0x530
[  888.349463][T12940]  ? __phys_addr_symbol+0x2f/0x70
[  888.349490][T12940]  ? __check_object_size+0x47a/0x730
[  888.349531][T12940]  netlink_sendmsg+0x8e4/0xcb0
[  888.349572][T12940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  888.349615][T12940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  888.349652][T12940]  __sock_sendmsg+0x221/0x270
[  888.349690][T12940]  ____sys_sendmsg+0x52a/0x7e0
[  888.349747][T12940]  ? __pfx_____sys_sendmsg+0x10/0x10
[  888.349774][T12940]  ? __fget_files+0x2a/0x410
[  888.349803][T12940]  ? __fget_files+0x2a/0x410
[  888.349837][T12940]  __sys_sendmsg+0x269/0x350
[  888.349866][T12940]  ? __pfx_lock_release+0x10/0x10
[  888.349898][T12940]  ? __pfx___sys_sendmsg+0x10/0x10
[  888.349943][T12940]  ? __pfx_vfs_write+0x10/0x10
[  888.350000][T12940]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  888.350035][T12940]  ? do_syscall_64+0x100/0x230
[  888.350061][T12940]  ? do_syscall_64+0xb6/0x230
[  888.350088][T12940]  do_syscall_64+0xf3/0x230
[  888.350110][T12940]  ? clear_bhb_loop+0x35/0x90
[  888.350139][T12940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  888.350175][T12940] RIP: 0033:0x7f6135d85d29
[  888.350197][T12940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  888.350217][T12940] RSP: 002b:00007f6136acf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  888.350246][T12940] RAX: ffffffffffffffda RBX: 00007f6135f75fa0 RCX: 00007f6135d85d29
[  888.350265][T12940] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000004
[  888.350282][T12940] RBP: 00007f6136acf090 R08: 0000000000000000 R09: 0000000000000000
[  888.350298][T12940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  888.350315][T12940] R13: 0000000000000000 R14: 00007f6135f75fa0 R15: 00007ffc26334e88
[  888.350351][T12940]  </TASK>
[  888.409345][T12944] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1964'.
[  888.473438][T12945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  889.324394][T12945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  889.808416][T12953] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1966'.
[  890.399001][T12953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  890.419570][T12953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  890.479373][T12953] dummy0: entered promiscuous mode
[  890.508372][T12953] macsec1: entered allmulticast mode
[  890.513739][T12953] dummy0: entered allmulticast mode
[  890.593311][T12969] FAULT_INJECTION: forcing a failure.
[  890.593311][T12969] name failslab, interval 1, probability 0, space 0, times 0
[  890.666444][T12969] CPU: 0 UID: 0 PID: 12969 Comm: syz.1.1969 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  890.677301][T12969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  890.687411][T12969] Call Trace:
[  890.690743][T12969]  <TASK>
[  890.693716][T12969]  dump_stack_lvl+0x241/0x360
[  890.698443][T12969]  ? __pfx_dump_stack_lvl+0x10/0x10
[  890.703665][T12969]  ? __pfx__printk+0x10/0x10
[  890.708281][T12969]  ? __kmalloc_cache_noprof+0x48/0x390
[  890.713755][T12969]  ? __pfx___might_resched+0x10/0x10
[  890.719066][T12969]  should_fail_ex+0x3b0/0x4e0
[  890.723815][T12969]  should_failslab+0xac/0x100
[  890.728528][T12969]  __kmalloc_cache_noprof+0x70/0x390
[  890.733839][T12969]  ? ctnetlink_alloc_filter+0xb0/0xbf0
[  890.739323][T12969]  ? __mutex_trylock_common+0x183/0x2e0
[  890.744899][T12969]  ctnetlink_alloc_filter+0xb0/0xbf0
[  890.750204][T12969]  ? __pfx___mutex_trylock_common+0x10/0x10
[  890.756116][T12969]  ? __pfx_ctnetlink_alloc_filter+0x10/0x10
[  890.762030][T12969]  ? rcu_is_watching+0x15/0xb0
[  890.766822][T12969]  ? trace_contention_end+0x3c/0x120
[  890.772130][T12969]  ctnetlink_del_conntrack+0x716/0x9b0
[  890.777605][T12969]  ? __pfx_ctnetlink_del_conntrack+0x10/0x10
[  890.783599][T12969]  ? __pfx_lock_release+0x10/0x10
[  890.788647][T12969]  ? nfnetlink_rcv_msg+0x225/0x1180
[  890.793862][T12969]  nfnetlink_rcv_msg+0xbec/0x1180
[  890.798931][T12969]  ? nfnetlink_rcv_msg+0x225/0x1180
[  890.804162][T12969]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  890.809639][T12969]  ? stack_trace_save+0x118/0x1d0
[  890.814736][T12969]  ? dev_hard_start_xmit+0x27a/0x7d0
[  890.820043][T12969]  ? __dev_queue_xmit+0x1b73/0x3f50
[  890.825260][T12969]  ? __netlink_deliver_tap+0x56b/0x7f0
[  890.830751][T12969]  ? netlink_deliver_tap+0x19d/0x1b0
[  890.836069][T12969]  ? netlink_unicast+0x7c4/0x990
[  890.841019][T12969]  ? netlink_sendmsg+0x8e4/0xcb0
[  890.845970][T12969]  ? __sock_sendmsg+0x221/0x270
[  890.850845][T12969]  ? ____sys_sendmsg+0x52a/0x7e0
[  890.855805][T12969]  ? __sys_sendmsg+0x269/0x350
[  890.860595][T12969]  netlink_rcv_skb+0x1e3/0x430
[  890.865402][T12969]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  890.870886][T12969]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  890.876195][T12969]  ? cap_capable+0x1b4/0x250
[  890.880798][T12969]  ? safesetid_security_capable+0xb2/0x1d0
[  890.886626][T12969]  ? bpf_lsm_capable+0x9/0x10
[  890.891321][T12969]  ? security_capable+0x7e/0x2d0
[  890.896284][T12969]  nfnetlink_rcv+0x297/0x2ab0
[  890.900996][T12969]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  890.906741][T12969]  ? __dev_queue_xmit+0x2f4/0x3f50
[  890.911876][T12969]  ? __dev_queue_xmit+0x1775/0x3f50
[  890.917092][T12969]  ? kasan_save_track+0x51/0x80
[  890.921965][T12969]  ? ____sys_sendmsg+0x52a/0x7e0
[  890.926925][T12969]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  890.932051][T12969]  ? __dev_queue_xmit+0x2f4/0x3f50
[  890.937186][T12969]  ? __pfx___dev_queue_xmit+0x10/0x10
[  890.942626][T12969]  ? ref_tracker_free+0x643/0x7e0
[  890.947680][T12969]  ? __asan_memcpy+0x40/0x70
[  890.952298][T12969]  ? __pfx_ref_tracker_free+0x10/0x10
[  890.957723][T12969]  ? netlink_deliver_tap+0x2e/0x1b0
[  890.962945][T12969]  ? skb_clone+0x240/0x390
[  890.967394][T12969]  ? __pfx_lock_release+0x10/0x10
[  890.972440][T12969]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  890.977942][T12969]  ? netlink_deliver_tap+0x2e/0x1b0
[  890.983179][T12969]  netlink_unicast+0x7f6/0x990
[  890.987978][T12969]  ? __pfx_netlink_unicast+0x10/0x10
[  890.993281][T12969]  ? __virt_addr_valid+0x45f/0x530
[  890.998410][T12969]  ? __phys_addr_symbol+0x2f/0x70
[  891.003450][T12969]  ? __check_object_size+0x47a/0x730
[  891.008770][T12969]  netlink_sendmsg+0x8e4/0xcb0
[  891.013563][T12969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  891.018883][T12969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  891.024185][T12969]  __sock_sendmsg+0x221/0x270
[  891.028908][T12969]  ____sys_sendmsg+0x52a/0x7e0
[  891.033712][T12969]  ? __pfx_____sys_sendmsg+0x10/0x10
[  891.039031][T12969]  ? __fget_files+0x2a/0x410
[  891.043646][T12969]  ? __fget_files+0x2a/0x410
[  891.048263][T12969]  __sys_sendmsg+0x269/0x350
[  891.052872][T12969]  ? __pfx_lock_release+0x10/0x10
[  891.057913][T12969]  ? __pfx___sys_sendmsg+0x10/0x10
[  891.063050][T12969]  ? __pfx_vfs_write+0x10/0x10
[  891.067852][T12969]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  891.074193][T12969]  ? do_syscall_64+0x100/0x230
[  891.078972][T12969]  ? do_syscall_64+0xb6/0x230
[  891.083663][T12969]  do_syscall_64+0xf3/0x230
[  891.088194][T12969]  ? clear_bhb_loop+0x35/0x90
[  891.092886][T12969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.098800][T12969] RIP: 0033:0x7fc1c7585d29
[  891.103226][T12969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  891.122852][T12969] RSP: 002b:00007fc1c8306038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  891.131304][T12969] RAX: ffffffffffffffda RBX: 00007fc1c7775fa0 RCX: 00007fc1c7585d29
[  891.139303][T12969] RDX: 000000000400c800 RSI: 00000000200001c0 RDI: 0000000000000003
[  891.147308][T12969] RBP: 00007fc1c8306090 R08: 0000000000000000 R09: 0000000000000000
[  891.155303][T12969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  891.163291][T12969] R13: 0000000000000000 R14: 00007fc1c7775fa0 R15: 00007fff0eb60158
[  891.171295][T12969]  </TASK>
[  891.320750][T10289] Bluetooth: hci4: unexpected event for opcode 0x0000
[  891.468272][T12982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  891.822000][T12982] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  892.431025][T12996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  892.439857][T12996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  892.554967][T13001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  892.562706][T13001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  894.436188][T13016] securityfs: Unknown parameter 'trans'
[  895.616737][T10289] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  895.626681][T10289] Bluetooth: hci4: Injecting HCI hardware error event
[  895.636625][T10289] Bluetooth: hci4: hardware error 0x00
[  897.039201][T13035] 9pnet_fd: Insufficient options for proto=fd
[  897.697820][T13035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  897.708548][T13035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  897.828565][T10289] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  898.293551][T13037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  898.307726][T13037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  900.811526][T13044] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1992'.
[  900.820537][T13044] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1992'.
[  901.817413][T13076] xt_TCPMSS: Only works on TCP SYN packets
[  906.265211][T13120] x_tables: unsorted underflow at hook 3
[  906.822894][T13123] x_tables: unsorted underflow at hook 3
[  908.721797][T13132] vlan2: entered allmulticast mode
[  910.303907][T13138] net_ratelimit: 10 callbacks suppressed
[  910.303925][T13138] openvswitch: netlink: IP tunnel dst address not specified
[  910.496740][T13148] syz.1.2019: attempt to access beyond end of device
[  910.496740][T13148] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  910.510282][T13148] (syz.1.2019,13148,1):ocfs2_get_sector:1769 ERROR: status = -5
[  910.518130][T13148] (syz.1.2019,13148,1):ocfs2_sb_probe:749 ERROR: status = -5
[  910.525618][T13148] (syz.1.2019,13148,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  910.534455][T13148] (syz.1.2019,13148,1):ocfs2_fill_super:1178 ERROR: status = -5
[  910.959337][T13145] wg0 speed is unknown, defaulting to 1000
[  911.272028][T13157] 9pnet_fd: Insufficient options for proto=fd
[  911.861316][   T29] audit: type=1326 audit(1737090936.567:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  912.793201][   T29] audit: type=1326 audit(1737090936.567:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  912.867188][T13166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2023'.
[  913.296653][   T29] audit: type=1326 audit(1737090936.567:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.337232][   T29] audit: type=1326 audit(1737090936.567:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.359047][   T29] audit: type=1326 audit(1737090936.567:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.380843][   T29] audit: type=1326 audit(1737090936.567:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.402575][   T29] audit: type=1326 audit(1737090936.567:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.424317][   T29] audit: type=1326 audit(1737090936.567:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.446479][   T29] audit: type=1326 audit(1737090936.577:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.468649][   T29] audit: type=1326 audit(1737090936.577:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ffc0000
[  913.494591][T13166] geneve1: entered promiscuous mode
[  913.539908][T13166] geneve1: left promiscuous mode
[  913.699111][T13172] x_tables: unsorted underflow at hook 3
[  916.653779][T13182] overlayfs: failed to resolve './file1': -2
[  918.268824][ T5836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  918.290484][ T5836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  918.310994][ T5836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  918.345551][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  918.376385][ T5836] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  918.402825][ T5836] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  918.603175][T13195] wg0 speed is unknown, defaulting to 1000
[  918.977175][  T909] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  919.379339][  T909] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  919.387835][  T909] usb 1-1: config 0 has no interface number 0
[  919.393957][  T909] usb 1-1: config 0 interface 137 has no altsetting 0
[  919.401435][  T909] usb 1-1: New USB device found, idVendor=10b8, idProduct=1f9c, bcdDevice=90.83
[  919.410870][  T909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  919.420618][  T909] usb 1-1: config 0 descriptor??
[  919.843349][ T9470] usb 5-1: USB disconnect, device number 34
[  919.997991][  T909] dvb-usb: found a 'DiBcom TFE8096P reference design' in cold state, will try to load a firmware
[  920.064836][  T909] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  920.116344][  T909] dib0700: firmware download failed at 7 with -22
[  920.247266][T13216] PM: Enabling pm_trace changes system date and time during resume.
[  920.247266][T13216] PM: Correct system time has to be restored manually after resume.
[  920.372565][T13195] chnl_net:caif_netlink_parms(): no params data found
[  920.477481][T10289] Bluetooth: hci5: command tx timeout
[  920.616567][T13221] xt_bpf: check failed: parse error
[  921.509290][  T909] usb 1-1: USB disconnect, device number 57
[  922.651707][T10289] Bluetooth: hci5: command tx timeout
[  923.167473][T13235] overlayfs: failed to resolve './file1': -2
[  924.165337][T13195] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.172905][T13195] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.206796][T13195] bridge_slave_0: entered allmulticast mode
[  924.223160][T13195] bridge_slave_0: entered promiscuous mode
[  924.274993][T13247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  924.283921][T13247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  924.485724][ T9227] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.630506][T13195] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.638135][T13195] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.645736][T13195] bridge_slave_1: entered allmulticast mode
[  924.716487][ T5836] Bluetooth: hci5: command tx timeout
[  924.799285][T13195] bridge_slave_1: entered promiscuous mode
[  924.870367][T13260] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  925.126826][T13260] overlayfs: failed to set xattr on upper
[  925.142930][T13260] overlayfs: ...falling back to redirect_dir=nofollow.
[  925.160290][T13260] overlayfs: ...falling back to index=off.
[  925.174038][T13260] overlayfs: ...falling back to uuid=null.
[  925.185429][T13258] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  925.194430][T13260] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  925.236727][T13258] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  925.278240][ T9227] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.404024][T13264] PM: Enabling pm_trace changes system date and time during resume.
[  925.404024][T13264] PM: Correct system time has to be restored manually after resume.
[  925.660705][ T9227] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.681959][T13195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  925.756305][T13270] xt_bpf: check failed: parse error
[  926.003058][T13195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  926.497570][ T9227] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  926.799258][T13195] team0: Port device team_slave_0 added
[  926.817379][ T5836] Bluetooth: hci5: command tx timeout
[  926.845517][T13195] team0: Port device team_slave_1 added
[  927.626380][T13255] syz.3.2048: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  927.727202][T13255] CPU: 1 UID: 0 PID: 13255 Comm: syz.3.2048 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  927.738049][T13255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  927.748151][T13255] Call Trace:
[  927.751464][T13255]  <TASK>
[  927.754426][T13255]  dump_stack_lvl+0x241/0x360
[  927.759160][T13255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  927.764403][T13255]  ? __pfx__printk+0x10/0x10
[  927.769037][T13255]  ? __rcu_read_unlock+0xa1/0x110
[  927.774106][T13255]  warn_alloc+0x278/0x410
[  927.778492][T13255]  ? __pfx_warn_alloc+0x10/0x10
[  927.783405][T13255]  ? vb2_vmalloc_alloc+0xf2/0x340
[  927.788495][T13255]  ? __get_vm_area_node+0x1c8/0x2d0
[  927.793744][T13255]  ? __get_vm_area_node+0x25c/0x2d0
[  927.799091][T13255]  __vmalloc_node_range_noprof+0x62f/0x1380
[  927.805164][T13255]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  927.811563][T13255]  ? __kasan_kmalloc+0x98/0xb0
[  927.816391][T13255]  vmalloc_user_noprof+0x74/0x80
[  927.821384][T13255]  ? vb2_vmalloc_alloc+0xf2/0x340
[  927.826453][T13255]  vb2_vmalloc_alloc+0xf2/0x340
[  927.831390][T13255]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  927.836897][T13255]  __vb2_queue_alloc+0xa0b/0x16f0
[  927.842015][T13255]  vb2_core_reqbufs+0xd2e/0x17c0
[  927.847046][T13255]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  927.852473][T13255]  ? __video_do_ioctl+0x4ea/0xdd0
[  927.857580][T13255]  v4l2_m2m_ioctl_reqbufs+0x14b/0x230
[  927.863005][T13255]  __video_do_ioctl+0xc23/0xdd0
[  927.867983][T13255]  ? __pfx___video_do_ioctl+0x10/0x10
[  927.873410][T13255]  ? smack_log+0x123/0x540
[  927.877885][T13255]  ? __might_fault+0xc6/0x120
[  927.882639][T13255]  video_usercopy+0x89b/0x1180
[  927.887494][T13255]  ? __pfx___video_do_ioctl+0x10/0x10
[  927.892928][T13255]  ? __pfx_video_usercopy+0x10/0x10
[  927.898177][T13255]  ? smack_file_ioctl+0x2f7/0x3a0
[  927.903265][T13255]  ? __fget_files+0x2a/0x410
[  927.907921][T13255]  ? __fget_files+0x2a/0x410
[  927.912560][T13255]  v4l2_ioctl+0x189/0x1e0
[  927.916950][T13255]  ? __pfx_v4l2_ioctl+0x10/0x10
[  927.921862][T13255]  __se_sys_ioctl+0xf5/0x170
[  927.926535][T13255]  do_syscall_64+0xf3/0x230
[  927.931090][T13255]  ? clear_bhb_loop+0x35/0x90
[  927.935818][T13255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.941780][T13255] RIP: 0033:0x7f2b92b85d29
[  927.946239][T13255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.965895][T13255] RSP: 002b:00007f2b93956038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  927.974382][T13255] RAX: ffffffffffffffda RBX: 00007f2b92d75fa0 RCX: 00007f2b92b85d29
[  927.982479][T13255] RDX: 00000000200000c0 RSI: 00000000c0145608 RDI: 0000000000000005
[  927.990506][T13255] RBP: 00007f2b92c01b08 R08: 0000000000000000 R09: 0000000000000000
[  927.998517][T13255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  928.006517][T13255] R13: 0000000000000000 R14: 00007f2b92d75fa0 R15: 00007ffd9aa5d4c8
[  928.014535][T13255]  </TASK>
[  928.018704][T13255] Mem-Info:
[  928.021880][T13255] active_anon:40479 inactive_anon:8175 isolated_anon:0
[  928.021880][T13255]  active_file:15702 inactive_file:44393 isolated_file:0
[  928.021880][T13255]  unevictable:768 dirty:319 writeback:0
[  928.021880][T13255]  slab_reclaimable:10955 slab_unreclaimable:104505
[  928.021880][T13255]  mapped:31414 shmem:41606 pagetables:1770
[  928.021880][T13255]  sec_pagetables:0 bounce:0
[  928.021880][T13255]  kernel_misc_reclaimable:0
[  928.021880][T13255]  free:1233679 free_pcp:2616 free_cma:0
[  928.067679][    C0] vkms_vblank_simulate: vblank timer overrun
[  928.084054][T13255] Node 0 active_anon:161916kB inactive_anon:32900kB active_file:62736kB inactive_file:177572kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125956kB dirty:1276kB writeback:0kB shmem:165188kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12108kB pagetables:6980kB sec_pagetables:0kB all_unreclaimable? no
[  928.117088][    C0] vkms_vblank_simulate: vblank timer overrun
[  928.157493][T13255] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  928.187652][    C0] vkms_vblank_simulate: vblank timer overrun
[  928.208286][    T8] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  928.229472][T13195] batman_adv: batadv0: Adding interface: batadv_slave_0
[  928.249749][T13195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  928.275775][    C0] vkms_vblank_simulate: vblank timer overrun
[  928.291564][T13255] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  928.337822][T13195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  928.357957][T13195] batman_adv: batadv0: Adding interface: batadv_slave_1
[  928.365461][T13195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  928.391449][    C0] vkms_vblank_simulate: vblank timer overrun
[  928.418849][T13255] lowmem_reserve[]: 0 2465 2466 0 0
[  928.424475][T13255] Node 0 DMA32 free:1004876kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:162000kB inactive_anon:50392kB active_file:62008kB inactive_file:177456kB unevictable:1536kB writepending:1296kB present:3129332kB managed:2552772kB mlocked:0kB bounce:0kB free_pcp:7596kB local_pcp:696kB free_cma:0kB
[  928.455306][    C0] vkms_vblank_simulate: vblank timer overrun
[  928.533191][    T8] usb 1-1: Using ep0 maxpacket: 8
[  928.540900][T13195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  928.553009][T13255] lowmem_reserve[]: 0 0 0 0 0
[  928.560464][T13285] syz.2.2055: attempt to access beyond end of device
[  928.560464][T13285] loop5: rw=0, sector=0, nr_sectors = 1 limit=0
[  928.565359][    T8] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  928.575440][T13285] FAT-fs (loop5): unable to read boot sector
[  928.604699][T13255] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:792kB inactive_file:52kB unevictable:0kB writepending:4kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  928.632435][T13255] lowmem_reserve[]: 0 0 0 0 0
[  928.647909][T13292] FAULT_INJECTION: forcing a failure.
[  928.647909][T13292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  928.661157][T13292] CPU: 1 UID: 0 PID: 13292 Comm: syz.1.2056 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  928.671952][T13292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  928.682035][T13292] Call Trace:
[  928.685347][T13292]  <TASK>
[  928.688310][T13292]  dump_stack_lvl+0x241/0x360
[  928.693033][T13292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.698276][T13292]  ? __pfx__printk+0x10/0x10
[  928.702910][T13292]  ? __pfx_lock_release+0x10/0x10
[  928.707981][T13292]  should_fail_ex+0x3b0/0x4e0
[  928.712698][T13292]  _copy_from_user+0x2f/0xc0
[  928.717337][T13292]  copy_msghdr_from_user+0xae/0x680
[  928.722577][T13292]  ? irqentry_exit+0x63/0x90
[  928.727217][T13292]  ? lockdep_hardirqs_on+0x99/0x150
[  928.732457][T13292]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  928.738299][T13292]  ? __fget_files+0x2a/0x410
[  928.742931][T13292]  ? __fget_files+0x2a/0x410
[  928.747610][T13292]  __sys_sendmsg+0x209/0x350
[  928.752235][T13292]  ? __pfx_lock_release+0x10/0x10
[  928.757311][T13292]  ? __pfx___sys_sendmsg+0x10/0x10
[  928.762511][T13292]  ? __pfx_vfs_write+0x10/0x10
[  928.767798][T13292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  928.774173][T13292]  ? do_syscall_64+0x100/0x230
[  928.778980][T13292]  ? do_syscall_64+0xb6/0x230
[  928.783689][T13292]  do_syscall_64+0xf3/0x230
[  928.788229][T13292]  ? clear_bhb_loop+0x35/0x90
[  928.793027][T13292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.798968][T13292] RIP: 0033:0x7fc1c7585d29
[  928.803425][T13292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.823165][T13292] RSP: 002b:00007fc1c53f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  928.831624][T13292] RAX: ffffffffffffffda RBX: 00007fc1c7776160 RCX: 00007fc1c7585d29
[  928.839634][T13292] RDX: 0000000000000810 RSI: 0000000020000000 RDI: 0000000000000005
[  928.847635][T13292] RBP: 00007fc1c53f6090 R08: 0000000000000000 R09: 0000000000000000
[  928.855643][T13292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  928.863643][T13292] R13: 0000000000000000 R14: 00007fc1c7776160 R15: 00007fff0eb60158
[  928.871671][T13292]  </TASK>
[  928.936554][T13292] syz.1.2056: attempt to access beyond end of device
[  928.936554][T13292] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  928.950132][T13292] FAT-fs (loop3): unable to read boot sector
[  929.193914][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  929.237358][T13255] Node 1 Normal free:3899828kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB
[  929.267621][T13255] lowmem_reserve[]: 0 0 0 0 0
[  929.272420][T13255] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  929.285376][T13255] Node 0 DMA32: 135*4kB (UME) 215*8kB (ME) 443*16kB (UME) 360*32kB (UME) 282*64kB (UME) 141*128kB (UME) 43*256kB (UME) 15*512kB (UME) 12*1024kB (UM) 8*2048kB (M) 225*4096kB (UM) = 1025924kB
[  929.288953][    T8] usb 1-1: config 0 descriptor??
[  929.304803][T13255] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  929.321682][T13255] Node 1 Normal: 5*4kB (UME) 6*8kB (UME) 7*16kB (UME) 10*32kB (UME) 79*64kB (UME) 34*128kB (UME) 15*256kB (UME) 10*512kB (UME) 4*1024kB (UME) 5*2048kB (U) 944*4096kB (M) = 3899828kB
[  929.340709][T13255] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  929.350619][T13255] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  929.360387][T13255] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  929.370335][T13255] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  929.379961][T13255] 101704 total pagecache pages
[  929.384765][T13255] 0 pages in swap cache
[  929.389226][T13255] Free swap  = 124328kB
[  929.393662][T13255] Total swap = 124996kB
[  929.398107][T13255] 2097051 pages RAM
[  929.401951][T13255] 0 pages HighMem/MovableOnly
[  929.407016][T13255] 427006 pages reserved
[  929.411203][T13255] 0 pages cma reserved
[  929.421644][T13195] hsr_slave_0: entered promiscuous mode
[  929.458826][T13195] hsr_slave_1: entered promiscuous mode
[  929.467568][T13195] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  929.492625][T13195] Cannot create hsr debugfs directory
[  929.528362][T13297] PM: Enabling pm_trace changes system date and time during resume.
[  929.528362][T13297] PM: Correct system time has to be restored manually after resume.
[  930.225116][T13297] xt_bpf: check failed: parse error
[  930.965239][ T9227] bridge_slave_1: left allmulticast mode
[  930.991744][ T9227] bridge_slave_1: left promiscuous mode
[  931.397353][ T9227] bridge0: port 2(bridge_slave_1) entered disabled state
[  931.500898][ T9227] bridge_slave_0: left allmulticast mode
[  931.521913][ T9227] bridge_slave_0: left promiscuous mode
[  931.540141][T13306] netlink: 372 bytes leftover after parsing attributes in process `syz.1.2060'.
[  931.550423][ T9227] bridge0: port 1(bridge_slave_0) entered disabled state
[  931.926983][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  931.934813][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  932.770089][    T8] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  932.780213][    T8] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  932.790697][    T8] asix 1-1:0.0: probe with driver asix failed with error -71
[  932.803673][    T8] usb 1-1: USB disconnect, device number 58
[  933.716545][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  933.716567][   T29] audit: type=1400 audit(1737090958.427:967): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=13310 comm="syz.3.2062" saddr=172.30.0.4 daddr=172.20.20.170 netif=wpan0
[  933.819785][   T29] audit: type=1400 audit(1737090958.427:968): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=13310 comm="syz.3.2062" saddr=172.30.0.4 daddr=172.20.20.170 netif=wpan0
[  933.932705][T13330] syz.0.2066: attempt to access beyond end of device
[  933.932705][T13330] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  933.946934][T13330] (syz.0.2066,13330,1):ocfs2_get_sector:1769 ERROR: status = -5
[  933.954863][T13330] (syz.0.2066,13330,1):ocfs2_sb_probe:749 ERROR: status = -5
[  933.964867][T13330] (syz.0.2066,13330,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  933.991544][T13330] (syz.0.2066,13330,1):ocfs2_fill_super:1178 ERROR: status = -5
[  935.073906][ T9227] 
 (unregistering): (slave bond_slave_0): Releasing backup interface
[  935.112226][ T9227] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[  935.158669][ T9227] 
 (unregistering): Released all slaves
[  935.201507][T13324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2065'.
[  935.653635][T13195] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  936.300395][T13349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  936.336988][T13195] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  936.379497][T13349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  936.388588][T13195] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  936.578705][T13195] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  936.677120][T13360] syz.3.2074: attempt to access beyond end of device
[  936.677120][T13360] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  936.690245][T13360] (syz.3.2074,13360,1):ocfs2_get_sector:1769 ERROR: status = -5
[  936.698266][T13360] (syz.3.2074,13360,1):ocfs2_sb_probe:749 ERROR: status = -5
[  936.705738][T13360] (syz.3.2074,13360,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  936.714534][T13360] (syz.3.2074,13360,1):ocfs2_fill_super:1178 ERROR: status = -5
[  938.265539][T13195] 8021q: adding VLAN 0 to HW filter on device bond0
[  938.481022][ T9227] hsr_slave_0: left promiscuous mode
[  938.497090][ T9227] hsr_slave_1: left promiscuous mode
[  938.503403][ T9227] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  938.527650][ T9227] batman_adv: batadv0: Removing interface: batadv_slave_0
[  938.574800][ T9227] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  938.603550][ T9227] batman_adv: batadv0: Removing interface: batadv_slave_1
[  938.726352][ T9227] dummy0: left allmulticast mode
[  938.732592][ T9227] dummy0: left promiscuous mode
[  938.749114][ T9227] veth1_macvtap: left promiscuous mode
[  938.755850][ T9227] veth0_macvtap: left promiscuous mode
[  938.776455][ T9227] veth1_vlan: left promiscuous mode
[  938.786557][ T9227] veth0_vlan: left promiscuous mode
[  938.868001][T13380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  938.906774][T13380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  939.559070][T13385] overlayfs: missing 'workdir'
[  939.777314][T13380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  939.785892][T13380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  941.941068][T13406] x_tables: unsorted underflow at hook 3
[  942.595004][ T9227] team0 (unregistering): Port device team_slave_1 removed
[  942.658532][ T9227] team0 (unregistering): Port device team_slave_0 removed
[  943.503558][T13390] bond0: entered promiscuous mode
[  943.516390][T13390] bond0: entered allmulticast mode
[  943.523160][T13390] 8021q: adding VLAN 0 to HW filter on device bond0
[  943.662878][T13390] bond0 (unregistering): Released all slaves
[  943.747909][T13195] 8021q: adding VLAN 0 to HW filter on device team0
[  943.861439][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  943.868654][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  943.919987][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  943.927572][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  943.997207][T13412] netlink: 372 bytes leftover after parsing attributes in process `syz.0.2088'.
[  945.707908][T13195] 8021q: adding VLAN 0 to HW filter on device batadv0
[  946.101161][T13195] veth0_vlan: entered promiscuous mode
[  946.122470][T13195] veth1_vlan: entered promiscuous mode
[  946.198995][T13195] veth0_macvtap: entered promiscuous mode
[  946.228679][T13195] veth1_macvtap: entered promiscuous mode
[  946.275928][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  946.303906][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.329666][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  946.347896][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.363061][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  946.378314][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.414473][T13445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  946.432305][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  946.436646][T13445] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  946.449467][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.466849][T13449] FAULT_INJECTION: forcing a failure.
[  946.466849][T13449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  946.511197][T13195] batman_adv: batadv0: Interface activated: batadv_slave_0
[  946.525975][T13449] CPU: 1 UID: 0 PID: 13449 Comm: syz.3.2096 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  946.536815][T13449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  946.546914][T13449] Call Trace:
[  946.550226][T13449]  <TASK>
[  946.553185][T13449]  dump_stack_lvl+0x241/0x360
[  946.557919][T13449]  ? __pfx_dump_stack_lvl+0x10/0x10
[  946.563169][T13449]  ? __pfx__printk+0x10/0x10
[  946.567803][T13449]  ? __pfx_lock_release+0x10/0x10
[  946.572877][T13449]  should_fail_ex+0x3b0/0x4e0
[  946.577608][T13449]  _copy_from_iter+0x1e9/0x1c20
[  946.582499][T13449]  ? __virt_addr_valid+0x183/0x530
[  946.587659][T13449]  ? __alloc_skb+0x28f/0x440
[  946.592291][T13449]  ? __pfx__copy_from_iter+0x10/0x10
[  946.597626][T13449]  ? __virt_addr_valid+0x183/0x530
[  946.598586][T13446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  946.602769][T13449]  ? __virt_addr_valid+0x183/0x530
[  946.616271][T13449]  ? __virt_addr_valid+0x45f/0x530
[  946.621447][T13449]  ? __phys_addr_symbol+0x2f/0x70
[  946.626524][T13449]  ? __check_object_size+0x47a/0x730
[  946.631863][T13449]  netlink_sendmsg+0x73d/0xcb0
[  946.636687][T13449]  ? __pfx_netlink_sendmsg+0x10/0x10
[  946.641007][T13446] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  946.642019][T13449]  ? __pfx_netlink_sendmsg+0x10/0x10
[  946.655049][T13449]  __sock_sendmsg+0x221/0x270
[  946.659781][T13449]  ____sys_sendmsg+0x52a/0x7e0
[  946.664609][T13449]  ? __pfx_____sys_sendmsg+0x10/0x10
[  946.669955][T13449]  ? __fget_files+0x2a/0x410
[  946.674602][T13449]  ? __fget_files+0x2a/0x410
[  946.679243][T13449]  __sys_sendmsg+0x269/0x350
[  946.683879][T13449]  ? __pfx_lock_release+0x10/0x10
[  946.688948][T13449]  ? __pfx___sys_sendmsg+0x10/0x10
[  946.694122][T13449]  ? __pfx_vfs_write+0x10/0x10
[  946.698959][T13449]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  946.705333][T13449]  ? do_syscall_64+0x100/0x230
[  946.710132][T13449]  ? do_syscall_64+0xb6/0x230
[  946.714843][T13449]  do_syscall_64+0xf3/0x230
[  946.719386][T13449]  ? clear_bhb_loop+0x35/0x90
[  946.724101][T13449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.730037][T13449] RIP: 0033:0x7f2b92b85d29
[  946.734480][T13449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  946.754212][T13449] RSP: 002b:00007f2b93956038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  946.762676][T13449] RAX: ffffffffffffffda RBX: 00007f2b92d75fa0 RCX: 00007f2b92b85d29
[  946.770688][T13449] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  946.778697][T13449] RBP: 00007f2b93956090 R08: 0000000000000000 R09: 0000000000000000
[  946.786702][T13449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  946.794711][T13449] R13: 0000000000000000 R14: 00007f2b92d75fa0 R15: 00007ffd9aa5d4c8
[  946.802744][T13449]  </TASK>
[  946.810041][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  946.815401][T13452] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2097'.
[  946.820972][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.821002][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  946.821022][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.821037][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  946.821054][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.821070][T13195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  946.821087][T13195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.823212][T13195] batman_adv: batadv0: Interface activated: batadv_slave_1
[  946.907300][T13453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  946.918524][T13453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  946.953667][T13195] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  946.966343][T13195] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  946.975122][T13195] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  947.012267][T13195] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  947.664758][ T2988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  947.686363][ T2988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  947.762030][T13458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  947.806163][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  947.814187][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  947.826585][T13458] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  949.110853][   T29] audit: type=1326 audit(1737090973.807:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.145933][   T29] audit: type=1326 audit(1737090973.807:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.217155][T13471] tipc: Started in network mode
[  949.222110][T13471] tipc: Node identity da9c18de1641, cluster identity 4711
[  949.229438][   T29] audit: type=1326 audit(1737090973.807:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.277008][T13471] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  949.285067][   T29] audit: type=1326 audit(1737090973.807:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.310242][   T29] audit: type=1326 audit(1737090973.807:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.332854][   T29] audit: type=1326 audit(1737090973.807:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.354974][   T29] audit: type=1326 audit(1737090973.807:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.384060][   T29] audit: type=1326 audit(1737090973.807:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.447256][   T29] audit: type=1326 audit(1737090973.807:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.478357][T13473] syzkaller0: entered promiscuous mode
[  949.495268][   T29] audit: type=1326 audit(1737090973.807:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13468 comm="syz.2.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20b85d29 code=0x7ffc0000
[  949.519303][T13473] syzkaller0: entered allmulticast mode
[  949.549929][T13473] tipc: Resetting bearer <eth:syzkaller0>
[  949.627893][T13470] tipc: Resetting bearer <eth:syzkaller0>
[  949.977267][T13484] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  950.338118][    T8] tipc: Node number set to 3437041886
[  950.785451][T13487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  950.794349][T13487] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  951.522371][T13491] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  951.547408][T13491] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  951.950717][  T909] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  952.134635][  T909] usb 1-1: Using ep0 maxpacket: 16
[  952.153134][  T909] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  952.163607][  T909] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  952.193741][  T909] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  952.212083][  T909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  952.257665][  T909] usb 1-1: Product: syz
[  952.276496][  T909] usb 1-1: Manufacturer: syz
[  952.282496][  T909] usb 1-1: SerialNumber: syz
[  953.045221][T13497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  953.054067][T13497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  953.065026][  T909] usb 1-1: 0:2 : does not exist
[  953.075057][  T909] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  953.093547][  T909] usb 1-1: USB disconnect, device number 59
[  953.510727][T13470] tipc: Disabling bearer <eth:syzkaller0>
[  953.656382][T13513] FAULT_INJECTION: forcing a failure.
[  953.656382][T13513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  953.678300][T13513] CPU: 1 UID: 0 PID: 13513 Comm: syz.3.2114 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  953.689139][T13513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  953.699242][T13513] Call Trace:
[  953.702555][T13513]  <TASK>
[  953.705516][T13513]  dump_stack_lvl+0x241/0x360
[  953.710331][T13513]  ? __pfx_dump_stack_lvl+0x10/0x10
[  953.715576][T13513]  ? __pfx__printk+0x10/0x10
[  953.720211][T13513]  ? __pfx_lock_release+0x10/0x10
[  953.725285][T13513]  should_fail_ex+0x3b0/0x4e0
[  953.730005][T13513]  _copy_from_user+0x2f/0xc0
[  953.734652][T13513]  copy_msghdr_from_user+0xae/0x680
[  953.739903][T13513]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  953.745764][T13513]  ? __fget_files+0x2a/0x410
[  953.750396][T13513]  ? __fget_files+0x2a/0x410
[  953.755064][T13513]  __sys_sendmsg+0x209/0x350
[  953.759727][T13513]  ? __pfx_lock_release+0x10/0x10
[  953.764794][T13513]  ? __pfx___sys_sendmsg+0x10/0x10
[  953.770000][T13513]  ? __pfx_vfs_write+0x10/0x10
[  953.774840][T13513]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  953.781211][T13513]  ? do_syscall_64+0x100/0x230
[  953.786019][T13513]  ? do_syscall_64+0xb6/0x230
[  953.790777][T13513]  do_syscall_64+0xf3/0x230
[  953.795324][T13513]  ? clear_bhb_loop+0x35/0x90
[  953.800047][T13513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  953.806006][T13513] RIP: 0033:0x7f2b92b85d29
[  953.810462][T13513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  953.830119][T13513] RSP: 002b:00007f2b93956038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  953.838585][T13513] RAX: ffffffffffffffda RBX: 00007f2b92d75fa0 RCX: 00007f2b92b85d29
[  953.846604][T13513] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  953.854625][T13513] RBP: 00007f2b93956090 R08: 0000000000000000 R09: 0000000000000000
[  953.862642][T13513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  953.870656][T13513] R13: 0000000000000000 R14: 00007f2b92d75fa0 R15: 00007ffd9aa5d4c8
[  953.878684][T13513]  </TASK>
[  954.548134][T13520] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2115'.
[  955.085124][T13529] PM: Enabling pm_trace changes system date and time during resume.
[  955.085124][T13529] PM: Correct system time has to be restored manually after resume.
[  955.420780][T13533] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  955.554762][T13534] xt_bpf: check failed: parse error
[  955.917352][T13536] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2122'.
[  956.194330][T13538] x_tables: unsorted underflow at hook 3
[  956.630813][T13559] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  956.639525][T13559] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  956.957388][T13560] netlink: 'syz.5.2128': attribute type 2 has an invalid length.
[  957.166819][T13560] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2128'.
[  957.841740][T13567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  957.874131][T13567] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  958.451529][T13567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  958.478413][T13567] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  960.721978][T13601] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  961.033097][T13608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  961.263756][T13608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  962.917209][T13638] 9pnet_fd: Insufficient options for proto=fd
[  963.520059][ T5901] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  963.696503][ T5901] usb 6-1: Using ep0 maxpacket: 16
[  963.967770][ T5901] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  963.978592][ T5901] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  964.002430][ T5901] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  964.799856][ T5901] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  964.809120][ T5901] usb 6-1: Product: syz
[  964.813495][ T5901] usb 6-1: Manufacturer: syz
[  964.818340][ T5901] usb 6-1: SerialNumber: syz
[  966.081595][T13672] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  966.240996][T13673] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  966.272210][T13673] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  966.337062][T13673] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  966.409021][T13673] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  966.559076][T13673] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  966.602353][T13673] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  967.466642][T13673] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  967.512459][T13680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  967.532833][T13680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  967.977164][ T5901] usb 6-1: 0:2 : does not exist
[  968.031721][ T5901] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  968.240250][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  968.396947][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  968.556483][ T5836] Bluetooth: hci5: command 0x0c1a tx timeout
[  969.091454][T13698] 9pnet_fd: Insufficient options for proto=fd
[  969.426403][ T5901] usb 6-1: USB disconnect, device number 2
[  969.505198][T13705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  969.535988][T13705] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  969.651983][T13712] syz.5.2169: attempt to access beyond end of device
[  969.651983][T13712] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[  969.668084][T13712] (syz.5.2169,13712,0):ocfs2_get_sector:1769 ERROR: status = -5
[  969.675841][T13712] (syz.5.2169,13712,0):ocfs2_sb_probe:749 ERROR: status = -5
[  969.683601][T13712] (syz.5.2169,13712,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  969.693820][T13712] (syz.5.2169,13712,0):ocfs2_fill_super:1178 ERROR: status = -5
[  970.316579][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  970.476791][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  970.500916][T13724] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  970.641717][ T5836] Bluetooth: hci5: command 0x0c1a tx timeout
[  971.252901][T13730] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  971.438314][T13733] program syz.1.2176 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  973.456321][ T5836] Bluetooth: hci5: command 0x0c1a tx timeout
[  973.550957][T13739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  973.573101][T13739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  973.587388][T13743] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2179'.
[  973.622986][T13743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  973.641246][T13743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  973.658892][T13739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  973.685648][T13739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  974.636375][T13750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  974.707359][T13750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  974.723873][T13750] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  975.206371][    T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  976.087579][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  976.176376][    T8] usb 6-1: Using ep0 maxpacket: 16
[  976.183344][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  976.194913][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  976.206320][    T8] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  976.224781][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.244949][ T5901] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  976.335999][    T8] usb 6-1: config 0 descriptor??
[  976.717372][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  976.794283][    T8] elan 0003:04F3:0755.0002: unbalanced collection at end of report description
[  976.806333][ T5836] Bluetooth: hci5: command 0x0c1a tx timeout
[  976.888143][    T8] elan 0003:04F3:0755.0002: Hid Parse failed
[  976.988186][    T8] elan 0003:04F3:0755.0002: probe with driver elan failed with error -22
[  977.096477][ T5901] usb 1-1: Using ep0 maxpacket: 8
[  977.103423][ T5901] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  977.113520][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.124306][ T5901] usb 1-1: config 0 descriptor??
[  977.371978][ T5901] usb 1-1: can't set config #0, error -71
[  977.412455][ T5901] usb 1-1: USB disconnect, device number 60
[  977.464661][T13785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2191'.
[  977.474312][T13785] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2191'.
[  977.777426][T13798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  977.786456][T13798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  977.873926][T13802] FAULT_INJECTION: forcing a failure.
[  977.873926][T13802] name failslab, interval 1, probability 0, space 0, times 0
[  977.893282][T13802] CPU: 1 UID: 0 PID: 13802 Comm: syz.2.2196 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  977.904125][T13802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  977.914246][T13802] Call Trace:
[  977.917567][T13802]  <TASK>
[  977.920546][T13802]  dump_stack_lvl+0x241/0x360
[  977.921524][T13798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  977.925254][T13802]  ? __pfx_dump_stack_lvl+0x10/0x10
[  977.938813][T13802]  ? __pfx__printk+0x10/0x10
[  977.942814][T13798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  977.943446][T13802]  should_fail_ex+0x3b0/0x4e0
[  977.955866][T13802]  should_failslab+0xac/0x100
[  977.961007][T13802]  ? skb_clone+0x20c/0x390
[  977.961042][T13802]  kmem_cache_alloc_noprof+0x70/0x380
[  977.961086][T13802]  skb_clone+0x20c/0x390
[  977.975153][T13802]  __netlink_deliver_tap+0x3cc/0x7f0
[  977.975203][T13802]  ? netlink_deliver_tap+0x2e/0x1b0
[  977.975231][T13802]  netlink_deliver_tap+0x19d/0x1b0
[  977.975261][T13802]  netlink_unicast+0x7c4/0x990
[  977.995641][T13802]  ? __pfx_netlink_unicast+0x10/0x10
[  978.000973][T13802]  ? __virt_addr_valid+0x45f/0x530
[  978.006114][T13802]  ? __phys_addr_symbol+0x2f/0x70
[  978.011154][T13802]  ? __check_object_size+0x47a/0x730
[  978.016475][T13802]  netlink_sendmsg+0x8e4/0xcb0
[  978.021263][T13802]  ? __pfx_netlink_sendmsg+0x10/0x10
[  978.026577][T13802]  ? __pfx_netlink_sendmsg+0x10/0x10
[  978.031876][T13802]  __sock_sendmsg+0x221/0x270
[  978.036597][T13802]  ____sys_sendmsg+0x52a/0x7e0
[  978.041469][T13802]  ? __pfx_____sys_sendmsg+0x10/0x10
[  978.046765][T13802]  ? __fget_files+0x2a/0x410
[  978.051367][T13802]  ? __fget_files+0x2a/0x410
[  978.055974][T13802]  __sys_sendmsg+0x269/0x350
[  978.060599][T13802]  ? __pfx_lock_release+0x10/0x10
[  978.065633][T13802]  ? __pfx___sys_sendmsg+0x10/0x10
[  978.070762][T13802]  ? __pfx_vfs_write+0x10/0x10
[  978.075565][T13802]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  978.081901][T13802]  ? do_syscall_64+0x100/0x230
[  978.086671][T13802]  ? do_syscall_64+0xb6/0x230
[  978.091374][T13802]  do_syscall_64+0xf3/0x230
[  978.095882][T13802]  ? clear_bhb_loop+0x35/0x90
[  978.100594][T13802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.106520][T13802] RIP: 0033:0x7fbd20b85d29
[  978.110940][T13802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  978.130561][T13802] RSP: 002b:00007fbd1e9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  978.138992][T13802] RAX: ffffffffffffffda RBX: 00007fbd20d75fa0 RCX: 00007fbd20b85d29
[  978.146975][T13802] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005
[  978.154974][T13802] RBP: 00007fbd1e9f6090 R08: 0000000000000000 R09: 0000000000000000
[  978.163009][T13802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  978.170997][T13802] R13: 0000000000000000 R14: 00007fbd20d75fa0 R15: 00007ffd68c5a798
[  978.179011][T13802]  </TASK>
[  978.182211][    C1] vkms_vblank_simulate: vblank timer overrun
[  978.216352][ T9470] usb 6-1: USB disconnect, device number 3
[  978.247283][T13802] tipc: Started in network mode
[  978.252371][T13802] tipc: Node identity dea9d7376589, cluster identity 4711
[  978.264144][ T5901] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  978.300556][T13802] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  978.339398][T13801] tipc: Disabling bearer <eth:syzkaller0>
[  978.995658][T13817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  979.386277][ T5901] usb 1-1: Using ep0 maxpacket: 16
[  979.401083][ T5901] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=9a.1d
[  979.406671][T13817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  979.412557][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  979.426132][ T5901] usb 1-1: Product: syz
[  979.430436][ T5901] usb 1-1: Manufacturer: syz
[  979.435073][ T5901] usb 1-1: SerialNumber: syz
[  979.442415][ T5901] usb 1-1: config 0 descriptor??
[  979.450977][ T5901] ims_pcu 1-1:0.0: Missing CDC union descriptor
[  979.565171][ T5901] ims_pcu 1-1:0.0: probe with driver ims_pcu failed with error -22
[  979.670702][T13824] pimreg: entered allmulticast mode
[  979.679028][T13824] pimreg: left allmulticast mode
[  979.685729][  T976] usb 1-1: USB disconnect, device number 61
[  979.834005][T13831] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2201'.
[  979.857822][T13824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  979.872810][T13824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  979.956549][ T5901] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  980.828414][T13839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  980.855190][T13839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  980.984151][ T5901] usb 6-1: device descriptor read/64, error -71
[  981.130066][T13844] overlay: ./file0 is not a directory
[  981.266617][ T5901] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  981.486663][ T5901] usb 6-1: device descriptor read/64, error -71
[  981.729499][ T5901] usb usb6-port1: attempt power cycle
[  982.067705][T13849] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  982.096593][T13849] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  982.356354][ T5901] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  982.370680][T13856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  982.380559][T13856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  982.387617][ T5901] usb 6-1: device descriptor read/8, error -71
[  982.666681][ T5901] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  982.690871][ T5901] usb 6-1: device descriptor read/8, error -71
[  983.426810][T13859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  983.447713][T13859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  983.507379][ T5901] usb usb6-port1: unable to enumerate USB device
[  983.993753][T13875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  984.014957][T13875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  984.036774][ T5901] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  984.906315][ T5901] usb 6-1: Using ep0 maxpacket: 8
[  984.915046][ T5901] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7
[  984.929551][ T5901] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  984.938775][ T5901] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  984.947096][ T5901] usb 6-1: Product: syz
[  984.951290][ T5901] usb 6-1: Manufacturer: syz
[  984.955917][ T5901] usb 6-1: SerialNumber: syz
[  985.280236][ T5901] usb 6-1: Invalid connection information received from device
[  986.864755][T13882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2220'.
[  986.873729][T13882] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2220'.
[  986.966818][T13892] bridge0: port 2(bridge_slave_1) entered disabled state
[  986.975080][T13892] bridge0: port 1(bridge_slave_0) entered disabled state
[  987.422532][T13892] bridge0: entered allmulticast mode
[  987.526322][ T9470] usb 6-1: USB disconnect, device number 8
[  987.681205][T13902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  987.711682][T13902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  988.378349][T13902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  988.386870][T13902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  988.427267][T13909] rdma_rxe: rxe_newlink: failed to add wg0
[  988.598940][T13916] netlink: 'syz.5.2229': attribute type 10 has an invalid length.
[  988.636713][T13916] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2229'.
[  988.687474][T13918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  988.712324][T13916] team0: Failed to send port change of device geneve0 via netlink (err -105)
[  988.726360][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  988.726381][   T29] audit: type=1400 audit(1737091013.417:1037): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=13915 comm="syz.5.2229" dest=2
[  988.756411][T13918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  988.767318][T13916] team0: Failed to send options change via netlink (err -105)
[  988.774845][T13916] team0: Port device geneve0 added
[  988.860474][T13922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  988.934175][T13922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  988.953637][T13924] FAULT_INJECTION: forcing a failure.
[  988.953637][T13924] name failslab, interval 1, probability 0, space 0, times 0
[  988.966545][T13924] CPU: 1 UID: 0 PID: 13924 Comm: syz.0.2224 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  988.977355][T13924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  988.987560][T13924] Call Trace:
[  988.990871][T13924]  <TASK>
[  988.993840][T13924]  dump_stack_lvl+0x241/0x360
[  988.998574][T13924]  ? __pfx_dump_stack_lvl+0x10/0x10
[  989.003825][T13924]  ? __pfx__printk+0x10/0x10
[  989.008466][T13924]  ? fs_reclaim_acquire+0x93/0x130
[  989.013617][T13924]  ? __pfx___might_resched+0x10/0x10
[  989.018932][T13924]  should_fail_ex+0x3b0/0x4e0
[  989.023624][T13924]  should_failslab+0xac/0x100
[  989.028323][T13924]  __kmalloc_noprof+0xdd/0x4c0
[  989.033100][T13924]  ? tomoyo_encode+0x26f/0x540
[  989.037889][T13924]  tomoyo_encode+0x26f/0x540
[  989.042507][T13924]  tomoyo_realpath_from_path+0x59e/0x5e0
[  989.048184][T13924]  tomoyo_path_number_perm+0x236/0x860
[  989.053653][T13924]  ? __lock_acquire+0x1397/0x2100
[  989.058703][T13924]  ? tomoyo_path_number_perm+0x206/0x860
[  989.064354][T13924]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  989.070412][T13924]  ? __fget_files+0x2a/0x410
[  989.075043][T13924]  ? __fget_files+0x2a/0x410
[  989.079650][T13924]  security_file_ioctl+0xc6/0x2a0
[  989.084691][T13924]  __se_sys_ioctl+0x46/0x170
[  989.089302][T13924]  do_syscall_64+0xf3/0x230
[  989.093817][T13924]  ? clear_bhb_loop+0x35/0x90
[  989.098520][T13924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.104453][T13924] RIP: 0033:0x7f2042f85d29
[  989.108983][T13924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  989.128617][T13924] RSP: 002b:00007f2043da0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  989.137057][T13924] RAX: ffffffffffffffda RBX: 00007f2043175fa0 RCX: 00007f2042f85d29
[  989.145047][T13924] RDX: 0000000000000002 RSI: 0000000000005437 RDI: 0000000000000004
[  989.153032][T13924] RBP: 00007f2043da0090 R08: 0000000000000000 R09: 0000000000000000
[  989.161027][T13924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  989.169011][T13924] R13: 0000000000000000 R14: 00007f2043175fa0 R15: 00007ffc3f722c18
[  989.177009][T13924]  </TASK>
[  989.221266][T13921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  989.230095][T13921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  989.240051][T13924] ERROR: Out of memory at tomoyo_realpath_from_path.
[  989.326658][T13916] ip6t_srh: unknown srh invflags 7863
[  990.213095][T13938] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  990.393116][T13941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  990.429153][T13941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  990.992548][T13947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  991.033812][T13947] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  993.079464][T13956] rdma_rxe: rxe_newlink: failed to add wg0
[  993.361780][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  993.373560][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  993.669392][T13962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  993.721294][T13962] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  993.774282][T13966] binder: BINDER_SET_CONTEXT_MGR already set
[  993.786515][T13966] binder: 13965:13966 ioctl 4018620d 20000100 returned -16
[  993.810479][T13973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  993.831778][T13973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  993.931272][T13974] netlink: 372 bytes leftover after parsing attributes in process `syz.0.2242'.
[  994.026627][ T9470] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  994.216502][ T9470] usb 6-1: Using ep0 maxpacket: 16
[  994.286976][ T9470] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  994.313811][ T9470] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  994.358582][ T9470] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  994.522676][ T9470] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  994.540298][ T9470] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  994.549805][T13976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  994.569180][T13976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  994.575382][ T9470] usb 6-1: Product: syz
[  994.581247][ T9470] usb 6-1: Manufacturer: syz
[  994.593541][ T9470] usb 6-1: SerialNumber: syz
[  994.683260][T13976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  994.708687][T13976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  994.833916][T13979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2247'.
[  994.926331][ T5874] psmouse serio2: Failed to reset mouse on : -5
[  994.969493][ T5870] kernel write not supported for file /1601/projid_map (pid: 5870 comm: kworker/1:3)
[  995.416041][T13987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  995.425260][T13987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  995.811272][T13994] netlink: 372 bytes leftover after parsing attributes in process `syz.0.2250'.
[  995.871802][ T9470] usb 6-1: 0:2 : does not exist
[  996.290971][ T9470] usb 6-1: 1:0: cannot get min/max values for control 4 (id 1)
[  996.313412][ T9470] usb 6-1: USB disconnect, device number 9
[  996.408291][T13999] PM: Enabling pm_trace changes system date and time during resume.
[  996.408291][T13999] PM: Correct system time has to be restored manually after resume.
[  996.606663][    T8] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  996.643953][T14002] FAULT_INJECTION: forcing a failure.
[  996.643953][T14002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  996.725742][T14003] xt_bpf: check failed: parse error
[  996.786961][T14002] CPU: 1 UID: 0 PID: 14002 Comm: syz.5.2253 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  996.797804][T14002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  996.807989][T14002] Call Trace:
[  996.811297][T14002]  <TASK>
[  996.814271][T14002]  dump_stack_lvl+0x241/0x360
[  996.818996][T14002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  996.824234][T14002]  ? __pfx__printk+0x10/0x10
[  996.828955][T14002]  ? __pfx_lock_release+0x10/0x10
[  996.834028][T14002]  should_fail_ex+0x3b0/0x4e0
[  996.838741][T14002]  _copy_from_iter+0x1e9/0x1c20
[  996.843634][T14002]  ? __virt_addr_valid+0x183/0x530
[  996.848879][T14002]  ? __alloc_skb+0x28f/0x440
[  996.853501][T14002]  ? __pfx__copy_from_iter+0x10/0x10
[  996.858830][T14002]  ? __virt_addr_valid+0x183/0x530
[  996.863975][T14002]  ? __virt_addr_valid+0x183/0x530
[  996.869122][T14002]  ? __virt_addr_valid+0x45f/0x530
[  996.874266][T14002]  ? __phys_addr_symbol+0x2f/0x70
[  996.879353][T14002]  ? __check_object_size+0x47a/0x730
[  996.884690][T14002]  netlink_sendmsg+0x73d/0xcb0
[  996.889503][T14002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  996.894840][T14002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  996.900164][T14002]  __sock_sendmsg+0x221/0x270
[  996.904888][T14002]  ____sys_sendmsg+0x52a/0x7e0
[  996.909698][T14002]  ? __pfx_____sys_sendmsg+0x10/0x10
[  996.915033][T14002]  ? __fget_files+0x2a/0x410
[  996.919685][T14002]  ? __fget_files+0x2a/0x410
[  996.924334][T14002]  __sys_sendmsg+0x269/0x350
[  996.928967][T14002]  ? __pfx_lock_release+0x10/0x10
[  996.934040][T14002]  ? __pfx___sys_sendmsg+0x10/0x10
[  996.939212][T14002]  ? __pfx_vfs_write+0x10/0x10
[  996.944048][T14002]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  996.950413][T14002]  ? do_syscall_64+0x100/0x230
[  996.955211][T14002]  ? do_syscall_64+0xb6/0x230
[  996.959925][T14002]  do_syscall_64+0xf3/0x230
[  996.964461][T14002]  ? clear_bhb_loop+0x35/0x90
[  996.969175][T14002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  996.975117][T14002] RIP: 0033:0x7f03c2385d29
[  996.979624][T14002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  996.999370][T14002] RSP: 002b:00007f03c3115038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  997.007843][T14002] RAX: ffffffffffffffda RBX: 00007f03c2575fa0 RCX: 00007f03c2385d29
[  997.016030][T14002] RDX: 0000000000000000 RSI: 0000000020004340 RDI: 0000000000000003
[  997.024040][T14002] RBP: 00007f03c3115090 R08: 0000000000000000 R09: 0000000000000000
[  997.032130][T14002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  997.040133][T14002] R13: 0000000000000000 R14: 00007f03c2575fa0 R15: 00007ffc07036858
[  997.048157][T14002]  </TASK>
[  997.266351][    T8] usb 1-1: Using ep0 maxpacket: 8
[  997.295641][    T8] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[  997.379657][    T8] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  997.416380][    T8] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  997.440528][    T8] usb 1-1: Product: syz
[  997.444724][    T8] usb 1-1: Manufacturer: syz
[  997.458075][    T8] usb 1-1: SerialNumber: syz
[  997.504892][T14005] rdma_rxe: rxe_newlink: failed to add wg0
[  997.688611][    T8] usb 1-1: Invalid connection information received from device
[  997.758458][T14012] tipc: Failed to obtain node identity
[  997.764002][T14012] tipc: Enabling of bearer <ib:caif0> rejected, failed to enable media
[  998.657034][   T29] audit: type=1326 audit(1737091023.377:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.718574][   T29] audit: type=1326 audit(1737091023.377:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.740676][   T29] audit: type=1326 audit(1737091023.377:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.762896][   T29] audit: type=1326 audit(1737091023.377:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.784838][   T29] audit: type=1326 audit(1737091023.377:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.806959][   T29] audit: type=1326 audit(1737091023.377:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.828880][   T29] audit: type=1326 audit(1737091023.377:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.850952][   T29] audit: type=1326 audit(1737091023.377:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.873130][   T29] audit: type=1326 audit(1737091023.377:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  998.894980][   T29] audit: type=1326 audit(1737091023.377:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b92b85d29 code=0x7ff00000
[  999.086438][  T909] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  999.255419][  T909] usb 6-1: Using ep0 maxpacket: 16
[  999.285236][  T909] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  999.309633][  T909] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  999.333758][  T909] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  999.344401][  T909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  999.356570][ T5874] misc userio: Buffer overflowed, userio client isn't keeping up
[  999.359375][  T909] usb 6-1: Product: syz
[  999.373913][  T909] usb 6-1: Manufacturer: syz
[  999.380636][  T909] usb 6-1: SerialNumber: syz
[  999.685734][T14039] FAULT_INJECTION: forcing a failure.
[  999.685734][T14039] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  999.699444][T14039] CPU: 0 UID: 0 PID: 14039 Comm: syz.0.2265 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  999.710358][T14039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  999.720456][T14039] Call Trace:
[  999.723787][T14039]  <TASK>
[  999.726795][T14039]  dump_stack_lvl+0x241/0x360
[  999.731563][T14039]  ? __pfx_dump_stack_lvl+0x10/0x10
[  999.736813][T14039]  ? __pfx__printk+0x10/0x10
[  999.741466][T14039]  ? __pfx_lock_release+0x10/0x10
[  999.746547][T14039]  should_fail_ex+0x3b0/0x4e0
[  999.751277][T14039]  _copy_from_user+0x2f/0xc0
[  999.755906][T14039]  do_sock_getsockopt+0x1d1/0x7e0
[  999.760978][T14039]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  999.766572][T14039]  ? __fget_files+0x2a/0x410
[  999.771303][T14039]  ? __fget_files+0x395/0x410
[  999.776042][T14039]  ? __fget_files+0x2a/0x410
[  999.780911][T14039]  __x64_sys_getsockopt+0x2a1/0x370
[  999.786181][T14039]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  999.791992][T14039]  ? do_syscall_64+0x100/0x230
[  999.796807][T14039]  ? do_syscall_64+0xb6/0x230
[  999.801557][T14039]  do_syscall_64+0xf3/0x230
[  999.806121][T14039]  ? clear_bhb_loop+0x35/0x90
[  999.811389][T14039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.817700][T14039] RIP: 0033:0x7f2042f85d29
[  999.822165][T14039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  999.841824][T14039] RSP: 002b:00007f2043da0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  999.850297][T14039] RAX: ffffffffffffffda RBX: 00007f2043175fa0 RCX: 00007f2042f85d29
[  999.858352][T14039] RDX: 000000000000001d RSI: 0000000000000084 RDI: 0000000000000003
[  999.866377][T14039] RBP: 00007f2043da0090 R08: 0000000020007e00 R09: 0000000000000000
[  999.874401][T14039] R10: 00000000200021c0 R11: 0000000000000246 R12: 0000000000000001
[  999.882439][T14039] R13: 0000000000000000 R14: 00007f2043175fa0 R15: 00007ffc3f722c18
[  999.890471][T14039]  </TASK>
[ 1000.111887][T14041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1000.129086][T14041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1000.197113][T14026] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1000.211716][T14026] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1000.214470][T14041] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1000.234341][  T909] usb 6-1: 0:2 : does not exist
[ 1000.248255][  T909] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[ 1000.252159][T14044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1000.270358][  T909] usb 6-1: USB disconnect, device number 10
[ 1000.278593][T14041] netlink: 'syz.0.2266': attribute type 29 has an invalid length.
[ 1000.288301][T14044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1000.307813][T14044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1000.325940][T14044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1000.437503][ T5874] input: PS/2 Generic Mouse as /devices/serio2/input/input27
[ 1000.676328][ T5874] psmouse serio2: Failed to enable mouse on 
[ 1001.088940][T14053] FAULT_INJECTION: forcing a failure.
[ 1001.088940][T14053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1001.122961][T14053] CPU: 0 UID: 0 PID: 14053 Comm: syz.1.2271 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[ 1001.133807][T14053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1001.144003][T14053] Call Trace:
[ 1001.147330][T14053]  <TASK>
[ 1001.150305][T14053]  dump_stack_lvl+0x241/0x360
[ 1001.155039][T14053]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1001.160292][T14053]  ? __pfx__printk+0x10/0x10
[ 1001.164934][T14053]  ? __pfx_lock_release+0x10/0x10
[ 1001.170017][T14053]  should_fail_ex+0x3b0/0x4e0
[ 1001.174731][T14053]  set_fd_set+0x3a/0xa0
[ 1001.178933][T14053]  core_sys_select+0x72c/0x910
[ 1001.183758][T14053]  ? __pfx_core_sys_select+0x10/0x10
[ 1001.189115][T14053]  ? ktime_get_ts64+0x9f/0x430
[ 1001.193925][T14053]  ? seqcount_lockdep_reader_access+0x157/0x220
[ 1001.200246][T14053]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1001.205666][T14053]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1001.211687][T14053]  ? __fget_files+0x2a/0x410
[ 1001.216320][T14053]  __se_sys_pselect6+0x323/0x3f0
[ 1001.221314][T14053]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1001.226823][T14053]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1001.233191][T14053]  ? do_syscall_64+0x100/0x230
[ 1001.237993][T14053]  ? __x64_sys_pselect6+0x21/0xf0
[ 1001.243063][T14053]  do_syscall_64+0xf3/0x230
[ 1001.247605][T14053]  ? clear_bhb_loop+0x35/0x90
[ 1001.252327][T14053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.258271][T14053] RIP: 0033:0x7fc1c7585d29
[ 1001.262727][T14053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1001.282381][T14053] RSP: 002b:00007fc1c8306038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1001.290854][T14053] RAX: ffffffffffffffda RBX: 00007fc1c7775fa0 RCX: 00007fc1c7585d29
[ 1001.298873][T14053] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000040
[ 1001.306887][T14053] RBP: 00007fc1c8306090 R08: 00000000200002c0 R09: 0000000000000000
[ 1001.314887][T14053] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1001.322886][T14053] R13: 0000000000000000 R14: 00007fc1c7775fa0 R15: 00007fff0eb60158
[ 1001.330915][T14053]  </TASK>
[ 1001.914374][T14068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1001.937971][T14068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1002.435914][T14076] netlink: 372 bytes leftover after parsing attributes in process `syz.5.2277'.
[ 1003.008069][T14080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1003.027677][T14083] FAULT_INJECTION: forcing a failure.
[ 1003.027677][T14083] name failslab, interval 1, probability 0, space 0, times 0
[ 1003.056667][T14080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1003.086484][T14083] CPU: 1 UID: 0 PID: 14083 Comm: syz.3.2280 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[ 1003.097435][T14083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1003.107536][T14083] Call Trace:
[ 1003.110845][T14083]  <TASK>
[ 1003.113813][T14083]  dump_stack_lvl+0x241/0x360
[ 1003.118576][T14083]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1003.123849][T14083]  ? __pfx__printk+0x10/0x10
[ 1003.128498][T14083]  ? __kmalloc_node_noprof+0xb9/0x4d0
[ 1003.133938][T14083]  ? __pfx___might_resched+0x10/0x10
[ 1003.139291][T14083]  should_fail_ex+0x3b0/0x4e0
[ 1003.144017][T14083]  should_failslab+0xac/0x100
[ 1003.148754][T14083]  __kmalloc_node_noprof+0xe1/0x4d0
[ 1003.153997][T14083]  ? __kvmalloc_node_noprof+0x72/0x190
[ 1003.159503][T14083]  ? _copy_from_user+0x99/0xc0
[ 1003.164325][T14083]  __kvmalloc_node_noprof+0x72/0x190
[ 1003.169753][T14083]  __se_sys_add_key+0x270/0x490
[ 1003.174650][T14083]  ? __pfx___se_sys_add_key+0x10/0x10
[ 1003.180086][T14083]  ? do_syscall_64+0x100/0x230
[ 1003.184903][T14083]  ? __x64_sys_add_key+0x20/0xc0
[ 1003.190056][T14083]  do_syscall_64+0xf3/0x230
[ 1003.194580][T14083]  ? clear_bhb_loop+0x35/0x90
[ 1003.199273][T14083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.205191][T14083] RIP: 0033:0x7f2b92b85d29
[ 1003.209631][T14083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1003.229278][T14083] RSP: 002b:00007f2b93956038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[ 1003.237714][T14083] RAX: ffffffffffffffda RBX: 00007f2b92d75fa0 RCX: 00007f2b92b85d29
[ 1003.245698][T14083] RDX: 0000000020000100 RSI: 0000000020000180 RDI: 0000000020000140
[ 1003.253723][T14083] RBP: 00007f2b93956090 R08: fffffffffffffffe R09: 0000000000000000
[ 1003.261706][T14083] R10: 00000000000000ca R11: 0000000000000246 R12: 0000000000000001
[ 1003.269708][T14083] R13: 0000000000000000 R14: 00007f2b92d75fa0 R15: 00007ffd9aa5d4c8
[ 1003.277706][T14083]  </TASK>
[ 1003.349149][T14079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1003.520671][T14079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1003.556402][  T909] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1003.706524][  T909] usb 6-1: Using ep0 maxpacket: 32
[ 1003.720552][  T909] usb 6-1: too many endpoints for config 1 interface 0 altsetting 2: 82, using maximum allowed: 30
[ 1003.742972][  T909] usb 6-1: config 1 interface 0 altsetting 2 bulk endpoint 0x3 has invalid maxpacket 8
[ 1003.770940][  T909] usb 6-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 82
[ 1003.834360][  T909] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1003.881230][  T909] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1003.908820][  T909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1003.929163][T14092] netlink: 372 bytes leftover after parsing attributes in process `syz.3.2282'.
[ 1003.968751][  T909] usb 6-1: Product: syz
[ 1003.976310][  T909] usb 6-1: Manufacturer: syz
[ 1003.991186][  T909] usb 6-1: SerialNumber: syz
[ 1004.009202][T14085] raw-gadget.15 gadget.5: fail, usb_ep_enable returned -22
[ 1005.088608][  T909] usb 6-1: bad CDC descriptors
[ 1005.097372][  T909] usb 6-1: USB disconnect, device number 11
[ 1005.927753][T14108] overlay: Unknown parameter 'uid'
[ 1005.993439][T14109] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1006.002521][T14109] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1006.011647][T14109] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1006.882825][T14115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1006.891844][T14115] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1006.926649][T14118] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1007.006406][    T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1007.169973][    T8] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[ 1007.179562][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1007.191428][    T8] usb 6-1: Product: syz
[ 1007.195641][    T8] usb 6-1: Manufacturer: syz
[ 1007.200453][    T8] usb 6-1: SerialNumber: syz
[ 1007.207227][    T8] usb 6-1: config 0 descriptor??
[ 1007.973111][T14124] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2292'.
[ 1008.035831][    T8] hso 6-1:0.0: Failed to find BULK IN ep
[ 1008.044929][    T8] usb-storage 6-1:0.0: USB Mass Storage device detected
[ 1008.506585][T14111] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1008.631341][T14111] netlink: 'syz.5.2287': attribute type 29 has an invalid length.
[ 1008.782771][T14134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1008.814809][T14134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1008.867766][T14134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1008.893750][T14134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1009.036983][T14140] netlink: 372 bytes leftover after parsing attributes in process `syz.1.2297'.
[ 1009.627159][T14143] netlink: 372 bytes leftover after parsing attributes in process `syz.3.2296'.
[ 1010.202777][ T5874] usb 6-1: USB disconnect, device number 12
[ 1012.481514][T14159] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1012.498003][   T29] kauditd_printk_skb: 5474 callbacks suppressed
[ 1012.498024][   T29] audit: type=1326 audit(1737091037.217:6522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1012.546848][T14159] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1012.606925][   T29] audit: type=1326 audit(1737091037.217:6523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1012.629676][   T29] audit: type=1326 audit(1737091037.217:6524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1012.651921][   T29] audit: type=1326 audit(1737091037.247:6525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1012.743730][T14168] program syz.5.2307 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1012.898073][   T29] audit: type=1326 audit(1737091037.247:6526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1013.323408][   T29] audit: type=1326 audit(1737091037.247:6527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1013.436541][T14173] nfs: Unknown parameter 'ntext'
[ 1013.656484][   T29] audit: type=1326 audit(1737091037.247:6528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1013.916552][   T29] audit: type=1326 audit(1737091037.247:6529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1013.975682][T14176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1013.984288][   T29] audit: type=1326 audit(1737091037.247:6530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1014.018005][   T29] audit: type=1326 audit(1737091037.257:6531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=14160 comm="syz.1.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc1c7585d29 code=0x7ffc0000
[ 1014.040152][T14176] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1014.178366][T14186] netlink: 372 bytes leftover after parsing attributes in process `syz.3.2311'.
[ 1014.719473][  T909] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1014.780164][T14176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1014.804770][T14176] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1014.906448][  T909] usb 6-1: Using ep0 maxpacket: 16
[ 1014.930461][  T909] usb 6-1: config 0 has an invalid interface number: 110 but max is 0
[ 1014.956832][  T909] usb 6-1: config 0 has no interface number 0
[ 1014.965887][  T909] usb 6-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=66.39
[ 1014.981775][  T909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1014.990072][  T909] usb 6-1: Product: syz
[ 1014.994429][  T909] usb 6-1: Manufacturer: syz
[ 1015.004564][  T909] usb 6-1: SerialNumber: syz
[ 1015.012366][  T909] usb 6-1: config 0 descriptor??
[ 1015.049173][  T909] ftdi_sio 6-1:0.110: FTDI USB Serial Device converter detected
[ 1015.103985][T14200] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2315'.
[ 1015.188599][  T909] ftdi_sio ttyUSB0: unknown device type: 0x6639
[ 1015.823922][T10289] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1016.900920][T14211] netlink: 372 bytes leftover after parsing attributes in process `syz.0.2316'.
[ 1017.530176][ T5901] usb 6-1: USB disconnect, device number 13
[ 1017.550252][ T5901] ftdi_sio 6-1:0.110: device disconnected
[ 1017.841909][T13197] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1018.217283][T14221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1018.227424][T14221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1019.093046][T14241] Unsupported ieee802154 address type: 0
[ 1019.105664][T14241] netlink: 'syz.3.2330': attribute type 29 has an invalid length.
[ 1019.135811][T14241] netlink: 'syz.3.2330': attribute type 29 has an invalid length.
[ 1019.190731][T14243] netlink: 'syz.3.2330': attribute type 29 has an invalid length.
[ 1020.548481][    C0] ------------[ cut here ]------------
[ 1020.554937][    C0] WARNING: CPU: 0 PID: 14253 at kernel/signal.c:2050 posixtimer_send_sigqueue+0xa08/0xce0
[ 1020.564907][    C0] Modules linked in:
[ 1020.568842][    C0] CPU: 0 UID: 0 PID: 14253 Comm: syz.3.2334 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[ 1020.579635][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1020.589729][    C0] RIP: 0010:posixtimer_send_sigqueue+0xa08/0xce0
[ 1020.596107][    C0] Code: 00 0f 85 f4 02 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 23 1e 3b 00 4c 8b 64 24 08 e9 28 ff ff ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 f7
[ 1020.615756][    C0] RSP: 0018:ffffc90000007c00 EFLAGS: 00010082
[ 1020.621877][    C0] RAX: dffffc0000000000 RBX: 1ffff1100fcc1f4b RCX: ffff888025c18000
[ 1020.629888][    C0] RDX: 0000000000010000 RSI: 0000000000020000 RDI: 0000000000000000
[ 1020.637906][    C0] RBP: ffffc90000007cf8 R08: ffffffff81646100 R09: 1ffffffff1e1252a
[ 1020.645925][    C0] R10: dffffc0000000000 R11: fffffbfff1e1252b R12: ffff88807e60fa40
[ 1020.653944][    C0] R13: 1ffff1100fcc1f58 R14: ffff88807e60fa58 R15: ffff88807e60fb00
[ 1020.662308][    C0] FS:  00007f2b939566c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1020.671273][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1020.677898][    C0] CR2: 0000000000000000 CR3: 000000007d9ea000 CR4: 00000000003526f0
[ 1020.685911][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1020.693927][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1020.702372][    C0] Call Trace:
[ 1020.705685][    C0]  <IRQ>
[ 1020.708581][    C0]  ? __warn+0x165/0x4d0
[ 1020.712775][    C0]  ? posixtimer_send_sigqueue+0xa08/0xce0
[ 1020.718646][    C0]  ? report_bug+0x2b3/0x500
[ 1020.723208][    C0]  ? posixtimer_send_sigqueue+0xa08/0xce0
[ 1020.728985][    C0]  ? handle_bug+0x60/0x90
[ 1020.733355][    C0]  ? exc_invalid_op+0x1a/0x50
[ 1020.738047][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[ 1020.743102][    C0]  ? prepare_signal+0x6c0/0xc90
[ 1020.747983][    C0]  ? posixtimer_send_sigqueue+0xa08/0xce0
[ 1020.753721][    C0]  ? posixtimer_send_sigqueue+0xd3/0xce0
[ 1020.759465][    C0]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[ 1020.765561][    C0]  posix_timer_fn+0xe2/0x160
[ 1020.770167][    C0]  ? __pfx_posix_timer_fn+0x10/0x10
[ 1020.775386][    C0]  __hrtimer_run_queues+0x59b/0xd30
[ 1020.780614][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1020.786355][    C0]  ? sched_clock+0x4a/0x70
[ 1020.790799][    C0]  ? read_tsc+0x9/0x20
[ 1020.794897][    C0]  ? ktime_get_update_offsets_now+0x393/0x3b0
[ 1020.800983][    C0]  hrtimer_interrupt+0x403/0xa40
[ 1020.806052][    C0]  __sysvec_apic_timer_interrupt+0x110/0x420
[ 1020.812048][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1020.817697][    C0]  </IRQ>
[ 1020.820632][    C0]  <TASK>
[ 1020.823568][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1020.829557][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 1020.836076][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ae 73 3f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 43 a6 a9 f5 65 8b 05 84 f7 3f 74 85 c0 74 43 48 c7 04 24 0e 36
[ 1020.855705][    C0] RSP: 0018:ffffc9000fce7c60 EFLAGS: 00000206
[ 1020.861790][    C0] RAX: 2b84dc202013da00 RBX: 1ffff92001f9cf90 RCX: ffffffff9a378903
[ 1020.869781][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0a98e0 RDI: 0000000000000001
[ 1020.877848][    C0] RBP: ffffc9000fce7cf0 R08: ffffffff90185937 R09: 1ffffffff2030b26
[ 1020.885829][    C0] R10: dffffc0000000000 R11: fffffbfff2030b27 R12: dffffc0000000000
[ 1020.893808][    C0] R13: 1ffff92001f9cf8c R14: ffffc9000fce7c80 R15: 0000000000000246
[ 1020.901808][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1020.908252][    C0]  do_timer_settime+0x37f/0x3e0
[ 1020.913145][    C0]  ? __pfx_do_timer_settime+0x10/0x10
[ 1020.918546][    C0]  ? __pfx_do_futex+0x10/0x10
[ 1020.923270][    C0]  __x64_sys_timer_settime+0x19e/0x240
[ 1020.928756][    C0]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[ 1020.934792][    C0]  ? do_syscall_64+0x100/0x230
[ 1020.939575][    C0]  ? do_syscall_64+0xb6/0x230
[ 1020.944268][    C0]  do_syscall_64+0xf3/0x230
[ 1020.948788][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1020.953480][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.959399][    C0] RIP: 0033:0x7f2b92b85d29
[ 1020.963830][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1020.983454][    C0] RSP: 002b:00007f2b93956038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[ 1020.991887][    C0] RAX: ffffffffffffffda RBX: 00007f2b92d75fa0 RCX: 00007f2b92b85d29
[ 1020.999870][    C0] RDX: 0000000020040fe0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1021.007852][    C0] RBP: 00007f2b92c01b08 R08: 0000000000000000 R09: 0000000000000000
[ 1021.015832][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1021.023810][    C0] R13: 0000000000000000 R14: 00007f2b92d75fa0 R15: 00007ffd9aa5d4c8
[ 1021.031808][    C0]  </TASK>
[ 1021.034841][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1021.042123][    C0] CPU: 0 UID: 0 PID: 14253 Comm: syz.3.2334 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[ 1021.052896][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1021.063050][    C0] Call Trace:
[ 1021.066350][    C0]  <IRQ>
[ 1021.069198][    C0]  dump_stack_lvl+0x241/0x360
[ 1021.073895][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1021.079135][    C0]  ? __pfx__printk+0x10/0x10
[ 1021.083734][    C0]  ? _printk+0xd5/0x120
[ 1021.087905][    C0]  ? __init_begin+0x41000/0x41000
[ 1021.092944][    C0]  ? vscnprintf+0x5d/0x90
[ 1021.097295][    C0]  panic+0x349/0x880
[ 1021.101286][    C0]  ? __warn+0x174/0x4d0
[ 1021.105475][    C0]  ? __pfx_panic+0x10/0x10
[ 1021.109939][    C0]  __warn+0x344/0x4d0
[ 1021.113946][    C0]  ? posixtimer_send_sigqueue+0xa08/0xce0
[ 1021.119717][    C0]  report_bug+0x2b3/0x500
[ 1021.124074][    C0]  ? posixtimer_send_sigqueue+0xa08/0xce0
[ 1021.129821][    C0]  handle_bug+0x60/0x90
[ 1021.133989][    C0]  exc_invalid_op+0x1a/0x50
[ 1021.138519][    C0]  asm_exc_invalid_op+0x1a/0x20
[ 1021.143394][    C0] RIP: 0010:posixtimer_send_sigqueue+0xa08/0xce0
[ 1021.151069][    C0] Code: 00 0f 85 f4 02 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 23 1e 3b 00 4c 8b 64 24 08 e9 28 ff ff ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 f7
[ 1021.170697][    C0] RSP: 0018:ffffc90000007c00 EFLAGS: 00010082
[ 1021.176792][    C0] RAX: dffffc0000000000 RBX: 1ffff1100fcc1f4b RCX: ffff888025c18000
[ 1021.184771][    C0] RDX: 0000000000010000 RSI: 0000000000020000 RDI: 0000000000000000
[ 1021.192779][    C0] RBP: ffffc90000007cf8 R08: ffffffff81646100 R09: 1ffffffff1e1252a
[ 1021.200764][    C0] R10: dffffc0000000000 R11: fffffbfff1e1252b R12: ffff88807e60fa40
[ 1021.208836][    C0] R13: 1ffff1100fcc1f58 R14: ffff88807e60fa58 R15: ffff88807e60fb00
[ 1021.216827][    C0]  ? prepare_signal+0x6c0/0xc90
[ 1021.221703][    C0]  ? posixtimer_send_sigqueue+0xd3/0xce0
[ 1021.227451][    C0]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[ 1021.233543][    C0]  posix_timer_fn+0xe2/0x160
[ 1021.238145][    C0]  ? __pfx_posix_timer_fn+0x10/0x10
[ 1021.243359][    C0]  __hrtimer_run_queues+0x59b/0xd30
[ 1021.248583][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1021.254314][    C0]  ? sched_clock+0x4a/0x70
[ 1021.258745][    C0]  ? read_tsc+0x9/0x20
[ 1021.262826][    C0]  ? ktime_get_update_offsets_now+0x393/0x3b0
[ 1021.268913][    C0]  hrtimer_interrupt+0x403/0xa40
[ 1021.273890][    C0]  __sysvec_apic_timer_interrupt+0x110/0x420
[ 1021.279887][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1021.285535][    C0]  </IRQ>
[ 1021.288470][    C0]  <TASK>
[ 1021.291408][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1021.297402][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 1021.303924][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ae 73 3f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 43 a6 a9 f5 65 8b 05 84 f7 3f 74 85 c0 74 43 48 c7 04 24 0e 36
[ 1021.323539][    C0] RSP: 0018:ffffc9000fce7c60 EFLAGS: 00000206
[ 1021.329621][    C0] RAX: 2b84dc202013da00 RBX: 1ffff92001f9cf90 RCX: ffffffff9a378903
[ 1021.337607][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0a98e0 RDI: 0000000000000001
[ 1021.345611][    C0] RBP: ffffc9000fce7cf0 R08: ffffffff90185937 R09: 1ffffffff2030b26
[ 1021.353674][    C0] R10: dffffc0000000000 R11: fffffbfff2030b27 R12: dffffc0000000000
[ 1021.361657][    C0] R13: 1ffff92001f9cf8c R14: ffffc9000fce7c80 R15: 0000000000000246
[ 1021.369665][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1021.376211][    C0]  do_timer_settime+0x37f/0x3e0
[ 1021.381091][    C0]  ? __pfx_do_timer_settime+0x10/0x10
[ 1021.386478][    C0]  ? __pfx_do_futex+0x10/0x10
[ 1021.391183][    C0]  __x64_sys_timer_settime+0x19e/0x240
[ 1021.396655][    C0]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[ 1021.402648][    C0]  ? do_syscall_64+0x100/0x230
[ 1021.407422][    C0]  ? do_syscall_64+0xb6/0x230
[ 1021.412108][    C0]  do_syscall_64+0xf3/0x230
[ 1021.416619][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1021.421308][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.427240][    C0] RIP: 0033:0x7f2b92b85d29
[ 1021.431670][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1021.451283][    C0] RSP: 002b:00007f2b93956038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[ 1021.459711][    C0] RAX: ffffffffffffffda RBX: 00007f2b92d75fa0 RCX: 00007f2b92b85d29
[ 1021.467692][    C0] RDX: 0000000020040fe0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1021.475674][    C0] RBP: 00007f2b92c01b08 R08: 0000000000000000 R09: 0000000000000000
[ 1021.483654][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1021.491630][    C0] R13: 0000000000000000 R14: 00007f2b92d75fa0 R15: 00007ffd9aa5d4c8
[ 1021.499625][    C0]  </TASK>
[ 1021.503963][    C0] Kernel Offset: disabled
[ 1021.508825][    C0] Rebooting in 86400 seconds..