last executing test programs:

5m58.916450114s ago: executing program 4 (id=500):
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
getpgid(0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
acct(0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$sock(r0, &(0x7f0000000380)={&(0x7f0000000200)=@llc={0x1a, 0x335, 0xf, 0x1, 0x10, 0x80}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)="3fa26d2d730c7cdc7519bf05505dabf2dc6eaa4e0dda959e2e721952efea81", 0x1f}, {&(0x7f0000000280)="24bf058a69875516a28cbc24ff5d82c908c7b651d8ed2134295e22da6df028539c5e60592b3a386efd6285fe3eb2ebbcba01fda6a62a39fdb821f8065cee120d657586a4dda6c270da1bf40340fac80ec6747ed3da9d9171ac945718a7eb68ebc977d896b66c88e341ad5cbe4ff36e5204263ed9450bcab48d7074086aaa87e60b7047d785925072aae2f7d4076100ea5c37dc481e658a5f91e880598c71a21b72aa985d1e65b0912439796f588ac23fe7eadcbc99ae1983ce165ef64f22878760372c29330a7afa310361858495e2c18a80c6", 0xd3}], 0x2, &(0x7f0000000140)=[@timestamping={{0x14}}], 0x18}, 0x800)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x270bd24, 0x25dfdbfc, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x401}, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@userxattr}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@redirect_dir_on}, {@nfs_export_on}]})

5m57.873929252s ago: executing program 4 (id=503):
r0 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000001c0)=0x2)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x40802)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0x10, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x11})
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000bcb000/0x2000)=nil, 0x2000}, 0x5})
r7 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0)
r8 = geteuid()
getgroups(0x4, &(0x7f0000002800)=[0xee00, 0x0, <r9=>0xee01, 0x0])
sendmmsg$unix(r4, &(0x7f0000002880)=[{{&(0x7f0000000240)=@abs={0x0, 0x0, 0x4e23}, 0x0, &(0x7f0000000040)=[{&(0x7f0000000400)="4556c6c07d4cea2e9d3a995ad02b8d11b7a1c3332d5e536f665bed8f61905e3df2fe0be671bb444573ed31591e0a47110b76e9075fc656d3654d456448e840e30695c7168e570a077b8cf7b3a3f04a41a084a3b0cac5cb3e03a1fc1921c921e1502d8a258d1be281367be0738db6b8f83b3a2e8145f92bd936d403c47fff3448285b91e7d0f31f0658bb2c5206aa4d1624bf9442107f77722ac87fd9e53ccde8b81f73e8045979dda18c6c2515fcc32bace7e9fb30412742e6a413ac20a9f599770dceb8bf4e37d261d28d1245891c49a8e575ab2306d5e7046159a0ebd9c424ef07c83051d7f4275ff10c23e53c99033bc3403c1e45988db04b85d6389f42265896de7a8aed99bb2d70b7f929d6692c98b60196165d14e33a74a9d95ffbcad673a2fffd8cc4cbd91e69fbe645d80d860b6afdfab91241061ab89016669939bd83c620f344739411cd6ccc28e48b3de10282a492a572604194b99715faacda8b5cda679a98bd93894e1696d2c2c09a0c42a813f4b036d8174041206879104af938c31ee20025e3b100e49df033bc7f6c8b8e45bb09647ae7de0c0a9c28c5f8eee443e66e9169c7712cf5990bcf8f202e1f37469b7a63700057f88bc9ed47dc4874971fff10e75a29c41cbda87f675656e5c2025623423b456ed7cf8d641f420984cb0277e94e4f72b6908898c50f5fbc39d2b7baddbefa911d087540c5e4a6917f5caf357be601a134f09bb13d1a2fe44c5f4ef26980323d166cdbde7353343d0a89f5e646a57796b89f5a720ffe3ad86e6e3806dd9d17f7cdacbe4e00ad44b91d8d57a6d259133f1270a5630695b8a97f5dbb5628a70121c7668bb48d02258338c84322de8fa1fd7b2d14684188bd912c200d94f8eb2dfae43ba5f86220fd8d0a4e8e85aff47c4c04719b3e73c021556f21cb7da956f849ff4549e6d973a0860253a5d312146cf673d5bfae8d7306997287f3b0335da8ca12290fbad5f071715baa5cd3b65de4a77c376c187fa6401883a31964f93cc191fec7e03da7b4af7fb276aad24a424894019a29d537b23567c9190e12f661c0793a35696ed592f818dcadbabc14569c9b1d8a2e8b3c880f53796858df76a329e745489dbc5a33b4a7f11b180e41a0529410a37e2068909cdc22803518ec1c8c7cf7113f454bd3232ae0379e89ded2c476e8d9cfa38b9ab1807d5ec976eb6be7c48a9746dd0349bc10405dd84643c1622e917e60b48af72fbd3a3a5e5a7ff373db72240673630b5f30332c1d9a59c4c44b63df22ebd170a709f708494897f1fb9604948701d7ad7da41c901410f03d67c6b5cb6d2e711755a309a6e54b46725500af0bebba5a67fe6373d9228c6ec7e6f6e0a9fbd17a70fdb41a6f9e0d098e7425e99c9fe528c99f78dca186198addeec1769cb813fa27203b0ef732b437c52a27a00c37529a30a01aabaf88a07cbdd2ed6fd44139fdf6c017502248351f8557f394a8541bd319d184eb986868c6d1ccee0303f01d23b1899969f4723b507de6c16bdf30e33fab9a21a824f81e663b8e420c80aa0455ab905cfc98f27b48d863e27f5d199588322b30dd2c93455dec0c1bb5264984f8332d096f8e5041c676ff789b6c5dd407be343a472f20a5fff6892b7acc9615729ee4cd9e6c32fb3870bb92f7212e2299162ac5964eae1ba2ab300d07a9f88e979056fd02d7e73cb7f25e2e2c407ffb30979a8e6b4cc9c4dbe770d12ec3732c4217f82b84816e1a789bc1cb3286a25ef278fd0702a9f44e0286da799684db13a64a1f0f9aa81f2f708226ed06c08292879bae228eb3cb45c8a3bb9efd5fbac4c6a1c912a19f60bbfd2587e4167e8e162a6e671bc1adf6ff93042cd42b00c1d3c21331542704fd61a48863cab6e44198d1d3303b1013c6bd7e9911e75c95b568967512643ab636ef8027b5c97876ee80974dc46c0ab75406d2e573816dade9561e9885a498350c0ae886d4526352e3a3b7acda1f25879d92e2190a0f1c1a8dc564a49b56ba7d470cc28b73813dba12e2e995c8c5043df610cefce7a36bc7c5babd4a96a7235fc599878970bba54d86fbd753a0975bdb1e2bfe1920f0ad8df50af26054d4c8caa648b74ec2e3f53437d738a1482c57a21bc7de3de625ab547273ce9a81f40f4cf18c3ffe1cde0d1e85b3c024ef3ba0aeb8106cd748dbb874eef3aadc3eb7c973fe11b71ea36aa9e81a152cc4053decc32bce83e41b688e115009862722828b60ba008d07291570cbe6e99d628c0ef6ad1e873e9349d9676ef83bc0f10f3e3343c7fd82a8c1b2f494e84f99368fbe13c257b3ac5214249db9afeb765765148f52ec738b29d9072ac1c9bc6fef1c703d009dd3dcb475d856547006544046431398c3ee0fc9db76ef4cfdcd70ffc5437ab29bae4850ce8001e7be678e7af2c55df7b93ee831df6601855d4dece97b73d4b7a4228694a425e2eed17e2e055d1026ab1de5a1fe91bc5d0a61fdc9279a9c04e970a63f417a3db08c4aa9761d6fe698899e53389acfde46da770b89f9601743be6793386f0c238805ad1d431722f21387eb7002cb06751b386f1f8a446aaa049238d9f828efd12e1d145c2d24ef8abe5bdea46a44b04dee306f4381832f252b80aebd866881c0994cde8d34bd7126b615dd8e0a64805099e9017fd66e149df2fe8890a13d46be12ae59aef16249315d737e54d834372aa32ccfda5ade7326c186517f78b8fd0408eb958bd0a14444743b61425b3f7f2bbc98ec41da857c5757da55418721b1370ba4b593428363fffab1a11cd5fd1a46f7ef6756b452e7fc7cb1fd8b235bb34c13eadc7be5718d13a8e1c18da95ae70878c592892b08248398c33e00feac0dadd6ead0c6a1647d54194cf63231b2c2b7f7c26e343e3ee274248e996c501f3d3ba60c94345620a183770858ef1ca82bb1710e018471e3ae7dce31b2e98a23bbb4021142627fdf193374abdaef28bb0be50665f54dfe7550462cda22bde2516a5ba161a43edd03783e711c0cedbba3478edf1fff9fb124f812d56f254966533f38c488ddab5c1525dd11f00f40af45a8f0a62cc48572f7a036f589420138f49dc63cf33556017d60fe877c86df87a2cd6ed0eed532ed5caf3bf293c3a0d5a419e699b4d3ac33e9c4af9a1ed8d7e949d3a5cbf3f44ecad24177c251644e6fea22b8ffa7dbdead1967774e692489b5fd63dd0edda64b6b02e2cb1446b49d411e323e5ce8cce7ca714c381b5bb14dc9d923fdfad4b740c567a8f807b5fa3e83ff33c49fb629fcaf31043f6bddcd829e30853fc1035a811dd193753b1c2bde84c1ce0da0438c2f89cef4d429eb1654e71cdf19be640e0c89197c1d1ce4511a30a2f8bb71510f6b6a6d5ce9d0ca2e5b57b22fb136196c2e373d1bbcfcd9b0455dc7c7cf948c3c42b6d3160c99c0df28146dc95b7134a767f0c6bf2a6f49ca08689f17d70ebb88f1a961815f91d42dac46e8428cf6ac36b7da30a38b7e35390d47096367baaf7c09f05f836550cf21ce0456f5b3d09b34aa1a4787b6ae23af79153007e55424a1e5b113049eeb40a53d83a715c5e4cf8136bc214028fda0e99d41b3016bc9a36876ecaf46570776890fdcc149efd6492aa76c46c9a312709d396e7a112ea1b068fac42966a2a9a9d2d03c9d462ab3070cde4e962d80f06869f1de517d99299d7e40f3abe53c57fca9d4396bca47d332ccb838ae518c9767eb1500f5cab5038e2ab070076d966a131682ccf35af07edf864eaa4ce180786a367f7a95edd5bdcb4dc34ed9c193c455c9ccee897938dd9511ad266451e43e4baa6a4bd021cc6cb496264709fa34d54a39f2c474841d3d04098767faa8ae39b49110feb044e4ed9bea14ba526f15a78b23f5b08f974287ba4e2d2ee87159d576188721438eb93bad4690bf402498a7be635ebebe21ae1118aa14dd5249fa282d41de32216d51b91a2682b31c20c8a5847f713f0f22d25a9ed656d39ceb39eaca165fb4f5a8e3a4a9f55d9031f663c2ea4886824120dd2295ff32cd05a029f40ef841bb5f5645d18fe5baf8b50d7cea15f21eee412f8b76d0e8e942d577fa830b99ebf26ca92630a019962985e66ce849b4b5ef23f2c489bbcfef1718ff754b6452998200b7f9a7a7dc357fae8b4c5d45ecd5afffd4aed8174c6b94e24ffcb0f0334d8ebd97197c6ac59a7c1a397ad054a092862ae9df307bc0203fc427161826646a94bc30f56f4c7073f4c3e47878680fe9c22d617afd5ac92251d50f6cef57d081bc775e2ccec4fc050144f40b1ab49e2df5eb9e00eee21536577f6b94e271c6ccfed5962f6a9a0a53765fb1dbce56da87c774ad64feefd100b257a89efddf92c77aa277dc82d6a8c6b657023c080c981bb5a9a8787ed85410a418e8a48672645eb789267401c47bb146d1a48b699a4c7ce8d0253a1553c5a2db39de0b1cd3b234d1f0adf92ede47d599892d7e700c1a76ad3c5b7f6f5b4786ddf229f9dd8582233000529475f1b693187ebba91f1d358e37c92b6b01b3862bcbad2f7cb5c737ca272c98fe4c57583f16791fa6f859c46db858046a4c4822fe49cea7d1e1bc6aa18850e0ed6e5a2b3027ad5a91292fa9315eefadaed5f59b1abfd6435ce2afe7897faf031f454a1d18fc1369d4c1b824bf0a36b03cc1e072236953293357c41feafe16b70bb484095c4051b340de1c648a4082f3d3347321714e1e0deb8f6066d8370b589affe8048b53226c502a21d4435612e5fe96d004d6ae27b0d7b22193ba5e4463e425c4691451c8b08f62ead1221dd838388dabd858038fccccb9ab787e9d5622de553bd579bffb0184909c45f243f4c3079704351b7284c21748876bce6c551fff2965b8d7b7d356ebe4250b046450dd752974238399b9a7afb8175ff0ee8d0efdfae76e7ee1d9291a91a8e5260c56b80ecf35419a158e73a2b19245b7d9627f350a65df4c83303b8f1a95725ac57a1569a83d4a42492723a5f67cc82c3115e95456b12a1ac94b23a1a2cf859689545edc3791b5b1fb4b0f19c4f506b37ca14f2ca7877aee3ea3cdfa87f757a515e7f6e88674a548206868cb674386f94770786220a4e61635339785539e492806998655f5c90b5561628e5ba8fba291bab53eb4c393d5061ba332ca8c514e89a5fd4451c63afbc093bc5d930129b6cff8b308a2d397ff4eb7b46b9a22933240f24aba20ce263c88d0679aff642263bf95bbd045de40cbeb7274c0ca23e1a2217815cd9ed87d755cef9f78dd5e4884c38e8bc5df39a4266a553d441149059447c114c82450bf8949b7c0e446ed44dcb716b94fe6ed160bdb24420ce4afcc09f2f335e2ef9051ebbc3fad2918149cb9a25a170e8a5b5fd163c005d142c32c0b00f55d80ea08dcdcf6c8f9c8d968d99aacc32152ab338fd1cc2b1bf108738862bf0c800c9b75ca86c4bde574aeb6f298dff5f5d46442b1a4ccf67bfa92fb1174e5e8f41e4d58bbbfa6ec788f7a353a28c9d809b9cca012e20769ca364f14cdbaadc76bf1009435b73f5945d68a8fab3c4c9f5d09f8d6cf973c1246fc3baf65b3f751eb873c15f4094e6dc4a0fafa886c6a4c4be5ba09d2b28faa3cb8c5203865bad17aba6716e2177a12234b73ebb79c0165dbf9f2624292c725a02fdbc82f6aa19cc6c4528b12fd29fa210afdbcc284319de3f21d5f26384945b94474e2333720abd9c1e7eb22317d5fe759556c1b9b754813350b544829a39096980e3e20a11df3388d38ff7fe36a1c68b5895a231df98d045a7bd2765bbecff11359814effa7037b3022e0752ae65b9fbda3"}], 0x0, &(0x7f0000000300)=[@rights={{0x0, 0x1, 0x1, [r4, r5, r0, r1, r4, r0, r4]}}, @rights={{0x0, 0x1, 0x1, [r6, r7]}}, @rights={{0x0, 0x1, 0x1, [r4, r1, r3]}}, @rights={{0x0, 0x1, 0x1, [r1, r1, r0]}}, @rights={{0x0, 0x1, 0x1, [r3, 0xffffffffffffffff, r3, r3, r3]}}], 0x0, 0x40}}, {{&(0x7f0000001400)=@abs={0x0, 0x0, 0x4e21}, 0x0, &(0x7f0000002780)=[{&(0x7f0000001480)="5240f47110c7a9ac2308947c34e492b2640d331d82789fe8ce0c2a8b20f95977f69964f42478e7d6"}, {&(0x7f00000014c0)="d99ed356fd258ad8088cd4e24c762a4bd67e0827c3629ca2e22d55525203f81f6c79bf539ab83c6be52aafc5e4948445cac7f261efa7a4c74dcb2232a0619f151434d6d8df358999ae9273bc86b6577beb8d1f469a57e3e4eac7fe2d16ed4d7e4b7d5a12d0ba9b42feb32d2755eccb3c36b1b2227940e8af8f3bdfcbaa2fb66a8e5a9e1631db6acde9ac94045d73c29c70e448b28cfc4281a430908bd63e5d5aa9f8fc57f3104f2303c00c107f509729122bda23ea5a929ee62cff34edd6e3de34afb4a98f59707f8054557faae76f3d55b8020d90c42b8a15a172a3013c5e19631869910d67f722e9993edd87e10d0ab215475defb43b4e89e4cb4cebca8bdf50c7902114c53db382afa08ab25cb69491f2592283e1990ed52ccf954b9cf9c5ce8b9dc85dff2e2f4beebfeb10ccd7cc8d6cfb420ee9be026855dab71a6654d4a4ed15840724c99f964183dd9c5caf6983f624c9f5863be7eccc6ac91118c6d39779a8dbf6f859943cd75ed995399f1ec431f06e8158fa8a596dfadb84a71233f7c4264098bce6ed9815f866d67af3ea9993e27fcb844a49ffc59711dda6fbaaa86579ecb8157f5886eb4b51e8eba5f0c2899ca4b2efa5818e95e152e19d97f77186e04eb3b522fcdf2f56f3a4e6c4744477c2505b1c4309f0c038355aad13193f9012daa23db3d49a24b2c5ceea9ac054d164fca7910deabeaad96bd4512779d82891f3e954750d5e16aeec6f0758e620fc9ae69eabbaf16103433afd76a1fb51f19663783fa15183a5a59ae839649f6e4a3cc51b9df39f4012986c0f1961540171feada71b1cdc84e1f4c2852790e0f49e478c7ba089bdc30f29594c662b8908574d22ef7f5e4373c0aeb6403c639c51a0a06c3d929b3cc29129b0dd8e590c9784858b26bec3dfb40833df7008edddfbea2615e73d8334b9ba4899c7758f071e706cc1b5541df8db73811ec83521e638c7ac13449bf969208519623f3569f16d1c9b6c5e4e31a334bbbc373fadd9cea824a9598f9b65b137befb00225b5053cfe28df32cc5ea2cb685c596a81d4a84fd87429ed6e5bf57052aaf88042c4444b95029580cf6b510aacaba58bb6b7a39a4b24b7c4e7bf25c3a5d4b9bc353e58d96d4a52a3f0e2b3b45b783ee226db3f6b354fe2628a4c9b7f3f649a6d74753c7b7d7db4a2d13bfdd397ef01f4d1c23136948ceee62e36aa5c0502de08c1006e1a884c05c52b8530c6d649adbb602fabd7b617ad104898d33704256fa5339013127ef68fd6b6bc2e62b827d3a7db45ae67893c79374e5c02c358fbf4e46c5dd92ca106e2d3ab0dc1a763c98e5f677df13fe433a6147f03b09c5463d93368e08b85fe0a3a30c9d2f35417e5eae9bdf542e225e8b1dc559d88a112f9741de52e1d193ce6541167589fdc73025d27b1645eae7b1615877760feaf24d97a33ca4c8f2ea7774fab3563e4643507c9873a91c07cd55f5dc47b27843a58c1d9cf65262ecc08501ff317077d18c9051f08288c829045925014683181bfc7decdd9c3586f287c62ea164dc7864dca5bb17917108a7991cd383dc3afd7e8712eac5717595fb3cfb3cb742d7f1c8bc6f3c9de8e5f726dd436b5e070caab50fb19e975157fe4baf11c4f210a5da11d915dd3f33b8d96f7c64b5839a5e0b02f9c3ee8c53df085b5777416eaf90c1450d2a514475d7a5d131119de9cdc46e9f299f95e44b2100e76b4c6529e1a634afc973fd7dcf9a2b5a58004de035a7d9f2c76b2f3b3df5ebebb2a7e9b1db89398d93450f084acc2fdcbbb9e44c7e99aa42b810caed480a1e645a537317ac956feb5d736c5fd85d8b00ba968bb895adbf5ecb5cb2bbcedc9a892468c2532a7956acff62c35c49cf200b1069de909a9621af908791744bd3db970c914d52c731b0cea1c21495fbe7ba847ac964058723337d8e8c2dbf43d6b5c1f8c375e079914ba748426ba530ecae3aae87778a3335332b26080bfff1ce738dfb836dab6d3248ef6d929fc104054eb2a0ae38ed96da5ccd0723bbb4868780904757afe2965a3b4481e9e33ca877f272a42565a351193682953b0ade557bb84d56f16defa221d0dc04c37a4be746df7b48e51e69b26edaa4f2206d51b7d0cb534ac1fdb94cf88d047445a5acf097db637f793b5d979cb56e1c529355cd275ef9ed2ae61ffd5bb3207e50f5c064271e1da795b5ba07e89e34319b06a2eee116ebe15d399755c5e301dc2a0b4e9b220bbde7af8587ac030468dc97a3a1ae2ba1b3da75abf5062394e9e0b5590c8a90bdc2496eeac5c8d61ca21c3865503ac3d9a4fbeec3175bc56a77ce0b24a16960de8316ee9fbd93f1d5f13366de61f893d96fbfb087a9fbaa06bfbc78f88e88b9f777e72185b32e854e446d5a703cf68af7d578cf4f9cc90f3e3973c33b4d268e2e1aad1bda8b1d94d8c3566bae55b13e732e6ee1dda77b42e2f3f1d2d9f2c44ca29690c14f75fc4cd7e08da35bcca3e6928e8d0dd72e0f8d80b4b9cf5fa10a904047b8ff45981757fa87c863d1f98bf9f332dac0e8ebed58e1c3986d97092d73f88f0b8a14b4e36cfbddbf143441e2640f89690dbe96603c9768a82e18d63d1a3c6feb2e3e6f3e2fb7ab6c0b664844860ebd65d0616110e59097adeb9fed6edd075c6dbfc22a8eb0664cf9aaa2a117a8f41816bc85975a38c17a1689983eaec5c3943b86a659c51b2336d481c6f27e04e902ebd941ca36e99ed553f7c22831199fe9d89e4021401c5a97474ded43616351040934734ce5df54ef0781ef6b23b10f719fddd4d7c0fd8dcdc5a0827f23dc5027dd22fc541d683b2105c110df41607821b6e66c10dcaf6d09fbfdd2cac037da9d1afd6cbca8453c44732c645fd2f198323cc6fa6e096c5b87d77584e6288a21889f67e2dcf3539c7c70aba07a707e6c97584064390424da77ffa34cec84e5c14e81797ab7d6b448ffa13a601c87c2e0576e877771053ae189881680d0a7086d8631e9e78b67cc342cf011b856e01fea8d37a02ef8fdc654adea41416d14ccd7f48753dfc08542d0e59cee6b07c935c59cadcb778d7ff86df3151d2c8620c5b0a5f1751dfb1ea81c0060dfd0621589c1d1b17161eece3b517a6cf7987153d2cd7a5f84934745d4053a4da15a78d31f259a72f3f93c23018271276cd2292ffc550a5f62f5309c2b745bd8e942ecdf015f67157ddf8f46f35a6f87e42309731ad037d23e8f67bbe36f2a82f38b5a83b8aec1be9fb19b42f68aaa9fe3685beac9c711018c62c47d47a5ce4b12c2ab7457a5cea47af3ff70cb17f2e71f0151b8e3adda7836e7df7ce717cc4ad8961039277c520fd0ee7604ae94d5a2fc07030219506e6546b687fe86ef9b59e8b88a61e75025857681ffe36253fc90c10a444fd352c54d208b1c50de8aec1b814a6ee10d5ce27f9c08c32c802090f9d12f4e6bd8be2fa96c62d7c9176115222df369a05c349bd330e55c2bd653880cc62814e9234726a213d271d35fd3ff660ce5074f5b2f3a3922ae21f7ab21ffe5f0437120c8373b57f88a5374e47b98fac0ab81eef390919006bcba4bc06148dd9fdcc0f0c9044b4057481578e4c8ad664a0d54221204a9d6135fcf84167ab6776f36ecbed5bdb8f532ec977a96e5912b8e4f8b0cf93b66efd56323c10a156a6fce91e687c47f82f0a0cf1168aced1db4f8fe42b2310564c0e447c38eeaf012c91da2574714c597507c8d97bb40f30702065bd9f59b4b8d345fb4bff3590ec610decfe0158270f08d685374537fdec4a8303c7bc3bb6bab05b15a90402b568990676ecf54a25bdd5cf953df77757fc1ca59edb7104b302db721dd6812aaa1ea2ca2fe9a710ee36584babb4c295f03439ac51d0933d4b17fc6d00bcf38270cbd40a779f9d32750b68e19e23464c890bded50f70ca7e664e507ce850a4ce1d790b62646cb469f988206ae02da6368c0c128ad01f149b19bb5bca1451651ca5f34a4ffbc6126ef8d642d695aa5a48950c858d2e70a0be37030abee6e0f99fd070dfdfeb87f8862049bc9e406ff4e3566ed54b1ba71e8e72b9500cf2f1504c21c7502d701725d8269d7a24f4c02a7fe14730654772610f6d584360217d08d46ea92eb6b6146a3bcad4d1997243207982859d9d3894338ba50146b8167c4406a71c6e3a982f55e7196e4e1ed91d67858f7a0612778a8f6d1f56bae4a70578d0c4a22bed25df0d061ba95736da8dbee0146fbd2e42d5f82c23469dc06ba9eaf7d5c9305a50a6cdd869aff9f52ec5caec214283f8b165b073009d05396dc0fb485588a8f1d9f63e566160e516aa64e21adf7f9bea98fe7287b3a6bb3eb0b2db1b7f1cc8850c2ea1590d73dc98f13197524c9c5418a060cbc562ac787dc8b5251c58836b89b4408d3431fc7283642e2f4159602cda980a77219f395a1859e51bfaf7e438c3072aa3aec336ced49e5a8f9cc7083c00f2b2485622b3fea021fd01821b48ce23d4035fbcdafcbb62399926673d716203bf66d40de239c237dbae63d1c0397276bba1108b83d41b43a93d0712e8826bfe2ec342663d556c928b120c1696bc0bd037ec0bcbb6845e73ce12c9880144c2819ab538b1ceeeef5282d9c35fcc857d9a2c442e1f2b3c2d1307b0d1d8e4104c34120cd284831a0b1f9e32d87044ba58fae5a6afd620e66caa6755484344623e47cd4afae1594cd302fd3b9f9c298239cbc4401f60ce1bf266e38358cb4fb8b92a65af5bfc60f9e0ed45e4c4182e10a6dba83da330d0db8e06a10ef1ae2827687afa8ebee37292796ad408ec4cba64c281474c6460a9cfa43a36002ba8071a6f18e22bb5cd5a2ef0e325f3673590115827d70521412c759a845a7c35a69e90d5ec9474c196bfe5ab92432338f6e80d415d9ba7fd04479ec80297d081ba30a5749e1dca2f9344d3e11e44f97938da38afdc1544ab7903a78a6152b581ed5dc711435298eb7913f9f47ff0c6f72831200b88a604e0f386a0885195a35345e56a12b63e5fdfc32071e4339f4bb788f5525ae45377e3fbe2c138d42d05b857fa5adcc0856513cf2cebdb13afe0360cf5604f5426da51069aa073ad90bc1bb40bd6b07c91cc6c42a75bdc5e10de8b2e84700319c13377c59c5aff1fb310d0e56aa219584168b0b3ddd604fbc7ac574736c129326138d5204467a923dfc623cbcc565f6b8fc9d4181764fe64fd112b9ab4dfaf7b379384c34136b7e214cd55b3d1f429f89892da83ed94e353497f988e29fa2a8a2d11a9039332690fc07274825704e7d95802c99c3d91b721f7b3db89ae79788bc8c178f2ca13b87f68d49640310649929e5d9ace3d0257ac5e5447ad362beae556b245c665df6c2e19173e2499a333baff8a02d33d48d853fff975137f67d0de575eeb63a74bb58d60966ea01b614079a7a5de11415f53c3e6291c4f03f63b04ac8130da438b5f993679683741c7f1ea095f8c1fe579f30687540be8497970dcc0bfdb977ec47ee40ef2a76f3ed0b42516a3b7faef976a8d428b9125afb3acfefef14ee19a3a706c510fef9bb97508f68d5c2a3e6d277a965f6f625d4df61223ab9f2a922409dbd1e845ec6b437dfa051a938fe5cd22140dd6d8d573c478dfd2364bc3bb6f6b9b94523b2db0b592652508ec052b960c9d3d18bcbf3ef729962f25cc73735be1cbfd32135bd2940d925aa77e9ed311caf6de72d00a2661993e10a7cf9ec733d796a22893fad63e0c088f6a284905ac0171af51421e1631eaf0df62ec8e4a72055b602481b3b5c8f405fe9886e23037885a0a76e9df38d8bb3d65ce532ee1c8cbb"}, {&(0x7f00000024c0)="8066a0625498dad97fa54d437fb40602da1a9675d4097fefa5312c07ddb98a9da99f1426c2faf3ca0830c0953081e3fc67bacc199b5079d0a9faacc186b9782fae38b807c74226412b07bcd654e205c871ce50c08c92fc0de62b4dee0d50b426b236e33fe72a3e017d1c1fe0067eca0736460eb5687bb3882691c40bc41c71eb7ce3025edc1113ae6ff918164576330a9826481ded4d65"}, {&(0x7f0000002580)="9934f306cf33c887b85468515e909e48ae84a46c90e5dae00a23378d9fe3c41d009d9bd1b9bc883dc2a9b81d6a382538c5c272ad011b12224d0688635a1132bec3805113211c5d4652b19c458d23c78cbdc29274313f00b523f317fcec01179bc43fff7b2df1d3a004f225ddbb359115be410781f1ab1153c85e11aa04ff36e5024305614679e524b4c9b083021f1cd805b98c1db822efe1959233a86fe18042a47ced078a49e66870e02036cad7b2bd0fa2fdc51b09f39f781bb8120a394ecf3f72d0e749"}, {&(0x7f0000002680)="ead0df2d28f4cfe582ed1e75c5f5e536cd7a4cb3363cbaf40967cf476df57e2a341af7bae5ef08d48b3bb498452afdd6de3c2dcc00279c899dbf1c0b87310454bd98ad55232781c79710de58fdc5589c671a76a30b5039c1894b42c3f0eeac8f18eac48836d8e121f022dd783e4714c5854fa6dc812773db2e7f7bb8d1b4f71d7c7458d9f11b64eb1f8d54239eed0f4db9ec148fa2555bfd4ada82659667fd2af6fc19c273d5ee49b774ace7a92e9439b998d33059b522055237ab290a3059753489e7084c898f91a6195dfa76675b484364d7a7b2ca04c3f85b708e65d45d4b71d5f21d30"}], 0x0, &(0x7f0000002840)=[@cred={{0x0, 0x1, 0x2, {r2, r8, r9}}}], 0x0, 0x4000}}], 0x4f, 0x20008000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r11=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', r11, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f0000002900), 0x404080, 0x0)

5m56.635395283s ago: executing program 4 (id=507):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x30a, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab", 0x3a, 0x0, 0x0, 0x0)

5m55.639783057s ago: executing program 4 (id=510):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x48001)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYRES32=r3, @ANYBLOB="000000000000000028001200090001"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, 0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r1)
r7 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r8 = syz_open_dev$vcsu(&(0x7f0000000100), 0x8, 0x400)
ioctl$TUNGETSNDBUF(r8, 0x800454d3, &(0x7f0000000180))
bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

5m53.727651516s ago: executing program 4 (id=512):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000002300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0xfffe, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="6800000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32, @ANYBLOB="14000600fe800000000000000000000000000015140007"], 0x68}}, 0x0)

5m53.399883101s ago: executing program 4 (id=514):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket(0x1, 0x5, 0x6)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r1, 0x0, 0x0, 0x40000000, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000240))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000040))
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="00b9547ed387dbe9ab6f5bec0000", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$SIOCGSTAMPNS(r4, 0x8907, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3, &(0x7f0000000140)=0x10001, 0x4)
recvmmsg(r4, &(0x7f0000004bc0), 0x0, 0x12061, 0x0)
ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f00000000c0))

5m38.252013936s ago: executing program 32 (id=514):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket(0x1, 0x5, 0x6)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r1, 0x0, 0x0, 0x40000000, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000240))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000040))
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="00b9547ed387dbe9ab6f5bec0000", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$SIOCGSTAMPNS(r4, 0x8907, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3, &(0x7f0000000140)=0x10001, 0x4)
recvmmsg(r4, &(0x7f0000004bc0), 0x0, 0x12061, 0x0)
ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f00000000c0))

2m36.602662163s ago: executing program 2 (id=1056):
r0 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, 0x0, &(0x7f0000000280))
unshare(0x20000400)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000640)={0x4c, r5, 0x10, 0x70bd2d, 0x0, {{}, {@void, @val={0xc, 0x99, {0x4, 0x3d}}}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x262}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x363}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x204, r3, 0x0, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x706}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FRAME={0x1ca, 0x33, @assoc_resp={{{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x5}, @device_b, @broadcast, @random="1cedbd96f636", {0x5, 0x85c}, @value=@ver_80211n={0x0, 0x9, 0x2, 0x3, 0x0, 0x1, 0x1}}, 0x1000, 0x61, @random=0x9, @void, @val={0x2d, 0x1a, {0x1000, 0x2, 0x5, 0x0, {0x8, 0x24c, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x400, 0x2, 0x4d}}, [{0xdd, 0xa1, "9a3591fbc1b0dd1d9db6e177685042b165c41c240b83c73e50b4a2c124e03ccaa291ab85a066e3cfde6d54d93acff5fbf59b09ec5ebb04e4fc901e7324cf6224b0d651a884f44285a366e427d25de672ec632c3bece0cd1eb03f62f226e6d5e33f9bde50de868db708a8496119c9dacccc1deb5723cb0f9e094d22985fb08c888d450ca541d47f95346668da44b96a6cb9ee5bc544d73b185cab791ce9e34d52a4"}, {0xdd, 0xe3, "6943fbe885b05a400f0824f06716b743d297c126ea2502fa6244690b288d7f7f696c284a9b9f51abd03fa073a3a7d85c3d8e5a501a08201b3ac8dbc2b76ebac5478b181b97643d9a415866ea1b9c9a8ed9bd57483c1e945bd95a41f809dcd5a826108cd25e26523526ca75ceabf20b87824bde5f14d2f347a4b95eececc590e3afd6dc9d68dfb38e982e64553f24991a07d47d0901d0d578aa08746edad76e85b85e4d45855038c40de6c2528bba121a2d1537f6e0b46dbbe4feb4eb5454cc9d9152bafa7c17d3ef86e8df5e2bf01d9c47fd171a0cf0775d2aed4babc71505057caae6"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x10, 0xcd, [0x9, 0xc, 0x7f, 0x7, 0x1, 0x200]}]}, 0x204}, 0x1, 0x0, 0x0, 0x40}, 0x1)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x200001, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000500)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd67df040e00442ffffc000000000000000000000000000000fc000000c97ff111c48e00000000000000000420880b0000000000000800090086dd080088be000000011605"], 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
writev(r9, &(0x7f0000000580)=[{&(0x7f0000000080)="268292", 0xfff6}], 0x1)
ioctl$TCSBRKP(r8, 0x5425, 0x0)
r10 = io_uring_setup(0x805, &(0x7f00000001c0)={0x0, 0x0, 0x2, 0x0, 0x34e})
r11 = syz_open_dev$dri(&(0x7f0000000480), 0xf2ef, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r11, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000100)="41c2b1af4b9e2afb08fbfa8795ae198eb98603501824b278e7af60824251a6b1334031aac5f7421d7ea02310f3f6dad9592da8773525688000a5f6a49c37b23832cc040c84e783080c453e1088ece52fc69e24c3e1ae2c1037d5ce4993609bee3f15bec55d55dc9e7628af08d52ef57f853e1e37981fbde83dcef7e62652a8134c50c7228bd9dd014e8fb12da0beba609df04014981d5b909c40d62f8520adf12fa8d1214304592069042f66a842d82d7d1066eb523222ddd454ffabbf8f42ff0ac2f20598b329547ab02665210da6927ec3b6dc80802b2349e5c1059214af03419fb04bbc4a0f147f8f170c960fd3cdae0e9ff5d5c8f431543fade614db2ed4297d74b4ccbe9a8cb22105ce48dbf2c00f8ad06f13416476", 0xfd29})
openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x246000, 0x0)
dup2(0xffffffffffffffff, r11)
ioctl$TCXONC(r8, 0x540a, 0x3)
close(r10)
ioctl$TCSETSW2(r8, 0x5425, 0x0)
ioctl$IOMMU_VFIO_SET_IOMMU(r7, 0x3b66, 0x3)

2m35.203503192s ago: executing program 2 (id=1061):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400003903000100000000000000000001"], 0x8c}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
bind$llc(r1, &(0x7f0000000100)={0x1a, 0x103, 0xe, 0xde, 0x6, 0x7, @local}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x803, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1390200}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x28, 0x7, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}]}, 0x28}}, 0x400c04c)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x14, r5, 0xff7bc437091e83af, 0x0, 0x0, {0x33}}, 0x14}}, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000049"])

2m31.682122772s ago: executing program 2 (id=1068):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x600, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)
ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(0xffffffffffffffff, 0x3ba0, &(0x7f0000000000)={0x48, 0x9, 0x0, 0x0, 0x7ff})
ustat(0x801, &(0x7f0000000300))

2m30.667384362s ago: executing program 2 (id=1070):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
fcntl$addseals(r0, 0x409, 0x3f)
ftruncate(r0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4094}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x3}}}}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x40854)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={0x0, 0x30}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000200)={0x40000004})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
ioctl$USBDEVFS_REAPURB(r7, 0x4004550c, &(0x7f0000000180))
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0})
sendmsg$NL80211_CMD_CONNECT(r1, 0x0, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)

2m26.536887351s ago: executing program 2 (id=1088):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f00000002c0)={0x3f}) (async)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_misc(r1, &(0x7f0000000000)="fd6673a285a26c47c1bef7d0b7d0174ddd7e92bada9c6b349ebeff4d4679a614058a4f8d28f2dc0d39f28436d0b3a14decfe", 0x32) (async)
write$uinput_user_dev(r0, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000]}, 0x45c) (async)
ioctl$UI_DEV_CREATE(r0, 0x5501)

2m25.268389588s ago: executing program 2 (id=1091):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000200)={0x1, 0xc, "725c408b9a5c4fbb54731c27"})
io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x30, r5, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}, [@IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2b}]}]}, 0x30}}, 0x0)
mremap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000d5a000/0x2000)=nil)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x31, 0x9, 0x1000000, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x5}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
io_setup(0x3, &(0x7f00000003c0))
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

2m9.769832682s ago: executing program 33 (id=1091):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000200)={0x1, 0xc, "725c408b9a5c4fbb54731c27"})
io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x30, r5, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}, [@IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2b}]}]}, 0x30}}, 0x0)
mremap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000d5a000/0x2000)=nil)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x31, 0x9, 0x1000000, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x5}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
io_setup(0x3, &(0x7f00000003c0))
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

1m55.886817851s ago: executing program 0 (id=1208):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203d409025c0002010000000904000001000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010102020d0000090582020002000000090503020002000000"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004980)=[{{&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20004000)
setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0xc, &(0x7f00000000c0)=@gcm_256={{0x304}, "c3938faf7cdd2d03", "537c12fe1ddb7305a264cf57a622f877cf2971f0820c44a8b6bb86f1cd4169aa", "962f5c8b", "dbe710253c97ddbd"}, 0x38)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0x3, 0x2)
r7 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f00000001c0), 0x80800)
ioctl$sock_inet_SIOCRTMSG(r7, 0x890d, &(0x7f0000000240)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e23, @empty}, {0x2, 0x4e20, @local}, 0x60, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0xffffffffffffff10, 0x6})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r5, &(0x7f00000000c0)={@val={0x8, 0x8847}, @val={0x7, 0x0, 0x0, 0x0, 0x20}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0xe1, 0x66, 0x0, 0x40, 0x11, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x38, 0x0, 0x6}]}}, {0x4e20, 0x4e22, 0xc9, 0x0, @wg=@data={0x4, 0x81, 0x7, "5f379d2ce5eded85563379962785c1218a222e7de8486ee269394ce86a55ac96667cb089b978cc1f427420fa4c451b90521a0e0f0cf40b58dfc1810aa02c3e7f589844ff983f1466ff09260b1b2bd378a041ee7bde6b45f23e59db612cda93fe11e1a5df69793178c13b5df4df4a47fe620ed8b13c739292491870b1004261fee78cc40aa6d0903ede16f096ea141b09e446df1b52520d3783dc2542949f42d8eb3f9905731961209cdea5ef918952b44e"}}}}, 0xef)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

1m52.628068118s ago: executing program 0 (id=1218):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x6}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x44)
r2 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x2}})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})

1m51.065189438s ago: executing program 0 (id=1220):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb00000c0004"], 0x68}}, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000007c0)={<r2=>0x0, 0x3, 0x1, [0x8001, 0xffffffffffffffff, 0x4, 0x7, 0xc9b], [0xecf, 0x8000, 0x91cc, 0x452, 0x3ff, 0x7fffffffffffffff, 0x402, 0xd5, 0x2, 0x0, 0x4, 0x8001, 0x480000, 0x6, 0x9, 0x4, 0x6, 0x101, 0x1ff, 0x5, 0x3, 0xfffffffffffffff7, 0x6, 0x0, 0x100000001, 0x1, 0x7fff, 0xfff, 0x2, 0x101, 0x10000, 0x9, 0xc, 0x4, 0x7, 0x8000000000000001, 0x3033, 0x3, 0x4, 0xa4, 0x5, 0x3ff, 0x7, 0x4, 0x5, 0xabab, 0x7ec9, 0xffff, 0xbfe1, 0x3, 0x5, 0x90fb, 0xc, 0x1, 0x8, 0x1, 0x7, 0x7, 0xfffffffffffffffa, 0x400, 0x9, 0x1, 0x7, 0x7c0, 0x6, 0x6, 0x3, 0x1, 0x2f, 0x9, 0xfed4, 0x25f, 0xa2, 0x80, 0x7f, 0x9, 0xffffffffffffffff, 0xfff, 0x101, 0x5, 0x5, 0x399, 0x7, 0x3, 0x401000000000, 0x8001, 0x8, 0x7f, 0x2, 0xffffffffffffffff, 0x0, 0x9, 0x6, 0x1, 0x6, 0x4, 0xfffffffffffffff8, 0x5, 0xffffffff, 0x14a, 0x7, 0x4, 0x80000000, 0x7ff, 0x6, 0xfffffffffffffff9, 0x9, 0x8, 0x80000001, 0x5, 0x7, 0x7ff, 0x3, 0xffffffff, 0x8, 0x3, 0xe8f0, 0x40, 0x10000, 0x10001, 0x7]})
ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f0000000c00)={r2, 0xdc, 0x1, [0x5, 0xc1, 0x9, 0x4, 0x9], [0x8, 0x3ec, 0x8001, 0x5f455be9, 0x6, 0x95a, 0x8, 0x9cb, 0x6, 0x10001, 0x7, 0x101, 0x4, 0xb1, 0x8, 0x0, 0x8, 0xf7, 0x3, 0x7, 0x5, 0xffffffffffffffff, 0x7f, 0xffff, 0x9, 0x80000001, 0x2, 0x4, 0xf5, 0x1, 0xfffffffffffffff7, 0x6, 0x3, 0x0, 0x140, 0x8, 0x80000001, 0x9, 0x4, 0x6, 0x8, 0x9, 0x6, 0x9, 0x9, 0x49c, 0x0, 0x8000000000000001, 0x2, 0x5, 0x2, 0x5, 0x3ff, 0xbb, 0xfffffffffffffff9, 0x9, 0x8000000000000000, 0x5, 0xb, 0x8001, 0x7, 0x6ec, 0x10000, 0x7, 0x7b, 0x5, 0x20000000000, 0x7, 0x9, 0x7, 0x40, 0x3, 0x3, 0x6f0, 0xd0e, 0x9b, 0x9, 0x9, 0x9, 0x2, 0x10001, 0xc80, 0x2, 0x0, 0x100000000, 0x7, 0x7f907b74, 0x7, 0x0, 0x4, 0x805, 0x10001, 0x2, 0x0, 0x4, 0xfffffffffffffffb, 0x3, 0x1, 0x7, 0xff, 0x4, 0x8, 0x6, 0x4, 0xe7, 0x80000000, 0x8, 0x7, 0x80000000, 0x503, 0x4, 0xbd, 0x0, 0x6, 0x200, 0x2, 0x8, 0x3, 0x4, 0x5, 0x3]})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000280)=ANY=[@ANYBLOB="00000108000021"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff})
r7 = gettid()
sendmsg$unix(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{0x0}, {&(0x7f0000000140)="bd", 0x1}], 0x2, &(0x7f0000000780)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r4, @ANYRES32=r6, @ANYRES32=r4, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="7dd3dae4"], 0x60}, 0x0)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000140)=<r8=>0x0)
ioctl$BTRFS_IOC_RM_DEV_V2(r6, 0x5000943a, &(0x7f0000001180)={{r3}, r8, 0x30, @inherit={0x50, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x8, {0x3a, 0xffff, 0x7ff, 0x9, 0x3}, [0x3]}}, @subvolid=0x1})
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="201104"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)

1m49.843908374s ago: executing program 5 (id=1225):
socket(0x10, 0x803, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
socket$igmp6(0xa, 0x3, 0x2)
syz_usb_connect$hid(0x4, 0x36, &(0x7f00000001c0)=ANY=[], 0x0)
socket(0x2, 0x80805, 0x0)
socket(0x10, 0x80002, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r4], 0x90}}, 0x0)

1m49.052186676s ago: executing program 5 (id=1227):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x0, 0x0, 0x0, 0x1f00, 0x0, 0x0}) (fail_nth: 2)

1m48.677305011s ago: executing program 5 (id=1229):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x6}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x44)
r2 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x2}})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})

1m47.486193635s ago: executing program 0 (id=1230):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4004)
socket$xdp(0x2c, 0x3, 0x0)
syz_emit_ethernet(0x2e, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
fanotify_init(0x8, 0x800)
sched_setaffinity(r2, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(r1, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/crypto\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r5, 0x0, 0x0)
sendto$ax25(r5, 0x0, 0x50, 0x3400c851, 0x0, 0x0)

1m47.478846419s ago: executing program 5 (id=1231):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x8000000000000003)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000100)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYRES8, @ANYRES64=r0], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="a422e1e50000000000000c9000005216639932b0f8bec53274c9adc2bd6e0400a01b7c935be8cbab7927ccba51abbe1142456cf7ff766d23f7ef4c2a8484c7698ed6b5e7910405df773c8d2f79e7dfeb57165912af3b29c075ef3c5614418a3b768e732941"], 0x0}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000021c0)={'wlan0\x00'})

1m46.115482056s ago: executing program 0 (id=1233):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="120100000000000843554700000000000001090224000100000000090400000103000000092100230001220b00090581030000008103e37da19e3c3002be72ed61c37c5170815969b2585ec150f3e3d9bf0e04c7cc7c1773dea1fdbd5426b2081e6d9327ab7ac7e6f5e59197f69c39b289a935fc3a"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
socket(0x10, 0x803, 0x0)
r0 = syz_io_uring_setup(0x4d99, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="2eec0a0009000070e2", 0x9}], 0x1}, 0x20000000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000480)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x2c02)
syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x2c02)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r4, 0xc0305710, &(0x7f0000000040))
r5 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000000000/0x3000)=nil, 0x1000, 0x1, 0x11, r5, 0x82000000)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r5, 0x40044103, &(0x7f0000000000))
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r6, 0x40505330, &(0x7f0000000400)={0x2000000})
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x2, &(0x7f00000004c0)=ANY=[@ANYBLOB="18630000030000b8a10a1d4bac7b57281ba365000000000009000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x8, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x6, 0xa, 0x80, 0x3}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x9, &(0x7f0000000200), &(0x7f0000000240)=[{0x1, 0x5, 0xf, 0x4}, {0x3, 0x2, 0x1, 0x2}, {0x4, 0x1, 0x0, 0x7}, {0x0, 0x4, 0xe}, {0x4, 0x5, 0x4, 0x7}, {0x0, 0x1, 0xd, 0x1}, {0x4, 0x5, 0xd, 0x1}, {0xcb19, 0x3, 0x0, 0xa}, {0x4, 0x4, 0xd, 0x4}], 0x10, 0x6, @void, @value}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000001c0)={0x9}, 0xfffffffffffffe50)
r7 = gettid()
timer_create(0x0, &(0x7f0000000140)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
listen(0xffffffffffffffff, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

1m45.528094705s ago: executing program 1 (id=1236):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
socket$igmp6(0xa, 0x3, 0x2)
syz_usb_connect$hid(0x4, 0x36, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRESDEC=r0], 0x0)
socket(0x2, 0x80805, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r5], 0x90}}, 0x0)

1m44.79691563s ago: executing program 1 (id=1238):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TCSETSW2(r3, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, 0x0, "2cf155f1d8b4d0441f0246e09537aa82dc1ecf"})
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r4, 0x29, 0x4b, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)

1m43.704161273s ago: executing program 5 (id=1241):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x94, 0x14, 0xfd, 0x1000000}]})

1m43.435997174s ago: executing program 5 (id=1242):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r2=>0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r2, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x30, r5, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}, [@IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2b}]}]}, 0x30}}, 0x0)
mremap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000d5a000/0x2000)=nil)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x31, 0x9, 0x1000000, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x5}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
io_setup(0x3, &(0x7f00000003c0)=<r8=>0x0)
io_submit(r8, 0x2, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x0, r7, 0x0, 0x0, 0xa38, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r7, &(0x7f0000000400)="8f1a17eceebe109a39e60506a5d85878a3a4911aeb4ec15b633b161299074b2c1775458c786c15b6c701c20a9a56cacc3a4fdbd7f77691c494ef483184d3760340dd4a52090ca5bd8adf327d7bbc4b76516fe175b99c72e2ee306ec43d0d040c07cb876168565743c40cd2c2b5206f7fa8d0331372a13606046a91864926a3061487c70d5a6adc9163562e8dfddb6287e49b43af29e28a9f92d9b65d4e10ee4b188d9b161871a23711df2dd044a60f577e27f0bbc6f9b567c310be70c865a694d6b1232cddd0a44beec277fc8248fda6a8ff0a41bd3cfa3923fd9b4d24666f4b6ad6cfff6f486fcb83db4d4eacdd1c2a0f0f367ddb9b8cd8e3ae8309dd3d6822f3a08f7977aded72f92efb3b14d15d094575c72c3e7c260055d04e6d0aaab26c2492000ad71ea3bf3daa187b5b55eca2fc9d3317135dab57c95712660a297891de0717e82ff036b7a70cfef82d3673fd201f60d7d9cb23f63989f68f6beb2882a284b2f2a071202697b2f67ba5f80878edeb19c76cf819a963166e35a39c6445ad58037a56f862f894b24bf55d58b78b733932f5ca163680185252d8f896336e057609964363c795ee6048395b9a5b79667e729eb7b229bfc2c0763435c3188b3a7cacb045971776ae720014ff9f3db196a4a15d0a988cd774cef45fcbb505048306781af5ba92ec7844dc7f7b30fe51c5e086ca944f8b8aa18779f5a3031004e415f4d0045c10faa7a7057b8fd8e62bd0897f766b2b7d2f0a3160c5f219b52100dbfc88229add91beea4d654387a539181a3263c40151b27b41a78fd575dd318735389ffec0c5ecff64f9ca3e7c7022cd1dd819f76e4c1f540e5fa826848b0218380c4e95ea655cdc3e909b68c463cc27339e9e4161cc8461adc49083f1241fed3278923381aee0aa2520098b6e699e958830faf1e7bdf7e7dce4cfc8d45cf868be8b3c026fd4c0604bcfcd94430d85dde6ecc333b645b6c55d2486465fa76345eee0dbf40ff5eecc94822b55a443c05c6d8f1f517c9d1ce040f84a3ba2a651385eb1fbc8e72af02ea35bf13b2d3cea9fc6b6a1fc7f5a24c52fa12a906a7c16df60f79e3b36879c6acf58be9bb25a8f2cd5d1bbc9b9c4d40b6618cee0366cbcdcf3b55c4610766cf2822ee30defc05e210b1db9c41dd4018e5a3771ccb2d2100fe819a2ac33ccd58dc990546cf1a0ed40bdb2133a8b98a89a826ed707a79e63c35d9750c7e4e0454e50497379838ed077df654bcabbeabb2d2aac9a461a31885e273e75bce5200a2e7a2920e56f9320bd20498cefded87838bd8c2a3304ff48a5ad7160eb279e6503e5d511063bd17d18c995640725650d4a56da3bb9bcc6af0990d98c3453dcdc68bcd9ca7e4fd8944f5fb54cd40eb859043aca26c7b9eaf0195fe7e518b37431cf2c3556a2f22e1a8b6b547b11fe674242817b54886e9b4161a95dfa04c41549850e68fdc4ece4e29552feaf5165f54a5ce0038d81b43e940bd9861752e13073470c7b176e1ee703617e50c0f4d3e8eb3ae6e1f99813f443659a26137456094d456bdab3a2ca0497f096b2adf137be6d5d07be33577df68402358db7704b864050a0fdfdafedd26fec42d3037b4513eb77ae153c8d2fa58fac746787e6a84da9a67a8ff022ec5449a2908b02770e979c4cd509ff96c3a11a56f6bf484cb5cbd7dd3287caa7a326cc657dc768ce3747f373628dfb96913ee9b524182a4e6d82414cdaf243ff1c89ede3a82e1bee01d73e8a2d4c5cbba36ec5c7c7f2e8cd83ef637e2444559431577f784a5ad8cdd5aa5b0eb3fcfd2affeb96d816a757ebe5bfc88d114f109895f379284d6c90b04a7bdba7aa94af5d6b5029d0752ef3be4753c2dfdf0b5831c4749a019af9d793effe11b33f56b6b914702061127919a81ec3168e96d81c27d5fd940a1c3b2293ce7bcf7ce7956b1d1ee1e4f7e835eee379d4283cb5c55ae6b20c235ad3f05771352091a6686ede331caaaf62a29f1a13f2b1066da691232b4d8dc69ac92d2ca5baaadb03ddec5ba3f4fc6431bb32373543e42566dc2a75f036b0e1d70809fad3e55d66594b0a8f714607ea29fccd8f4daf7d9543bcd6077f2462b6c91a6fe3e63928af6bf875385d30a4e714211eeb000f0c05b8b44e32cc4fc42ce61053e1c7a5fc27210a4f775a9379fd2de9aa45006c3aae41e4c50239fb7c03606e7baf7d50f3091e684c08cd5e45fd0a02d9a1e48d27e397807413fe35009f8985c1020176a057fda905d3121cb58ef9e980118b0721ce3de895f9a9e72efb8bb68e8b180f6106980aea608bc3175e3d671640e7a81801dde5e45a5702007636f6978653d9c330094043470e244717fce0eb4339a1a8679d227fdcfd1b1f0b2db36394eefcddecec4fa02a362091f260c0dda183ae07ef47de918f26a88cedfae368246ff4b1412d250f82f2e7bbb31665bf7a455a26ad065749ba7d44b5f42dfd0049d4619bf44459f9633624b30e2a31a2558b33e2ce2afbe99725b1794678a02395f998ac58dbc1b3e5f66d6a1a22a658a096927dd95aa8d5f71a8160df7bf452797c475fae10cfdf5b9377e531277898ca1cff923fe411ab4b25564b28a6381dc8a2bbccb111e4dc30b66dfbc7667b6e8e85f1da1f7c41fe9a056a9c2dd853c24de735632f8139e6c0f8947e0712330d7971d7d7ef17e71a82f67e3d40abaaf7c78a6283bfab719542c6a72bd1eb64ea55cda69ba2101599750c83be49b1f5b77e3237b25ba6f4d839f16d3b811ea7cd0bb3b2136c82c46bc7ff33b49b0e9ce37070fe7d84d7dc49afad088c84d52fd24c9e431ceef7f37ff534fe0a168707bd31af65ebcd1675367dd627f31897cc18133b8567099bd67d24b1c3eb4dd8575d4710350fe6ac17578c8c2115aa02abd859d9ddbe12340637a41ca74f42232ca02c86f4f9d6256438463d226b8adc49839f29f9dca26be7d65f7ff52daf4c975b7f0344aefd38594a097cc93d5f49c4231ed8aec184656017a87f7a99e1d7ba5d36348119fb29ccb8592d7e67c9168398c3b922e4a513473c1fbc7497df758de28aca65e1f65864f0e7e03b7c4742854bdc54b1461b3f20849377c646b556ad67eccc6efe994b16e9ab91c111b833310742865406f0443ced82211f69c737ad33e51b14b8ab766d24f78a1692f20225dcca1888ff5a6abc36a0b1ae7fc37b6db525266274262e3b3a8d197b1507f6724af6d258cc89ef96523398f63321cbfa61060f187253583b00b34542b64c0eb5f9e0f6182556c43ea67d34180f108e6ad0474d8a1feb3843882a8bd75a66a7e3a6e586aca2ff2e6f1fb58bf3169888dc925800c4ee20fc644a0c84320457e0efede7b2e613d9f921f16fbbf510b6006d5a1db684069d4618450e16e995bb88305af4c9b15b73a4fec3d3da8e5ee3be68fd150a18d0f574f3a2cf97a1a6bf570e57ff895ca4c60804b0153d2c63227f604ded97216357ff1c503b00738dad30c53beddda78d7ada4ab0ee162deeea0cf57fee78e983882a2afce5169f277bfb4527a5bdf303cf9391ef1b76c8563d9cfaec672d9c48abccfffefc48dd7f6a2865c283ccc204853bc8b04611d7c5c7fcaef07d2e85b3737dc8cf44a1d37751c8980614b82385f518c40300e7f9ddc5e9f22669de739cfd320ded5386c09de43f61b76e8b6a7917deb738bd2895eee16d6414564a727ab87565ecf5dd7e0bae65a0f0cdde68ce89f67989fbd07080dcaf3d37fd1dc1ccc0f050ad7d91d1a01261d8c633fb74973ba47ebc61b5652bb8e8285de1e8c28881d8dc4501f545193a2c4208260ee7bb3bdc4b5322c5c450f357b38d5b43385add20520d2cdf7b8bade7a37e269c59a6c9b717c5d0b69a5465678efb6f6ff6a2b74693a3de6d7df7056ea5b838105d8f97cf664ab95aae7e9c08ddcff10a9fea5b348378d056f20f99c3e7d6411973b787cb519276c38f92d5178f518ff2ca5b509b257442072290f8f904f176d13475f8af6b4bf0640a9aaffffb7e222870cefb623dbb8e177aece0eac6bd3ef2dece07b969ae9f0105831851f586ded0ff90a752184552393e9de454b75be6ae17fc6a4ec89884ec119fd6a8c6a700e650bc26c5f72dce3e86bd8f92a81d2d16431791fe97cee195a0e12e7d311f14be1a5fcf7e2da848390fcbd39b8f0de48e8ac2b7f0f792d0f40cdea116be9a09ebfc07b79f2658d755ca1c30e3449a3f41571253fe11c2c821ef318c1a41c134aaa3f7ede1fd25dbba4b56dc96c282c421cb6a47b60a667e6ccb61b56e6bbac351e052048b7236e15a006ed6aa5fdc594eaf65f25fe498b6fcba158ff911d46e627ccbb7a41c8c93ea503cc39a537c2f368045359b4b138a70f60d9cee79f26a6055bc9f22ac5061908b8596f426a03b152c40618c515831566eb788dbd72deada3b899a06b866f67c8070ab7d147953a0d585cc70025f562afe0699934435896c628a7a321e0c39586463686fafda5f236b45d4ebc8f714c81c4ca681b812fca1b3404a9eecea54a23385218f35a0ab7e37313d87b7ead1de27f13938afe658560843371cdced704fffba4442068c7871ba86fe3028222847d6a7cc6e1a42b8010d1702a4ac8e549ac1029364e174bca841de9b6b9e5eda41e6033e05f4a36a87a94c4324fc0b5cc385058df87692c9aa0c1c2e4fde95fba6abf4c58937bb2092a98c85456d1077318868fc33783771c8084683ce69ec422e3eb6a45196c3ec26d9378cc93f29810867fb7c42a7b102c7efed8c056d65ab100f278d74c418aadaff8874e40522af2465077a6fb218475d92c355eb992f29860f56873bcfa36b1efc2620f1e4456679baf6009d85bb06bde15a3ae57d0f7044f3136264edd103d0f167a811a7560f8eb4fc366c3ef705db6fbafab34d8bec59264bd716161371ab0fdf8456cc0924107b0c46f093969470527292ffb561da81efd6630ae90773c92de14bf65df760af046539748c4858fb199f1699728e24f57bf080c584f533d708105cc913e698ea0cb99fce13d832f549603c3bb6ccff69a2261c4c927f7ec6b2c4bc54a7b6eac6c3dcd70a2477fc78a4fc8b96083631676314823df4ade114c0f52780f445a78e841b4d67d35be4b79020ee962fbd964c691d69e8fc6a03e319f478fe3b4fc0ac7ee6d1ed511d665a3ff2e8587dbb1e6a39f4018c44217bc429496771772d197ac2d3f1dbb8fedaeb6332c16b056eb55d8757e47990f01c5c7a817de736dfa0fbc98908880428e72f1153f4fa69d9ac7d463dd80e9a28d2406509c1b21a44086dcad2c8ec906ab44730dc4f87b523342216159f8b261c02f7facda5b10befb93ee4574513e5492adf0f01cc13ee72c07cfbabe7f28789e90b3b633e0284c731577b9c7fb5652f736a09469714b3e5c5bfdc45f14fb46c2f3b39807c1929261cff24e66923d90bf0384cb0f5e577d0fdc06d8f4bf24cdd780a8fa7a038255cd0f26af67963b2b05523f25c61c6dfcf868d92c321410a3ee28d03d344eaa28c811b52f616df7ac61410004843579337f56ca0447009a871af10e6c5385569f4eca7d235277ac3b5ea840aac18d05eba5b58306724889ea424b423effb019586761d5803998b2b93b70c490687eb4ce1f0af2256fdcca1af03e7b78638f91c19fd1285c1ac8b27e2866403bbf45ae243ca18c4520d9890fb88b16d50cd33cc1c9dee1916b325462cdae45235b223c07c33ac5246bc33e4e81a1c46b712736afd017479321726e98c6558c636178b8e712157a252b396c9d7da83498d9d641dd7f540cb2236", 0x1000, 0x3}])
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

1m43.267859845s ago: executing program 1 (id=1243):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000010000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x24}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x14, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x7, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)

1m42.799336312s ago: executing program 0 (id=1245):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010000fff0000000000000000003e0000ac5d29f0085779ddfe155434745c0d0f7f6c500aa8567c023222a89991377684117a643707e851", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800a001400aaaaaaaaaabb0000"], 0x40}}, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
dup2(r0, r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

1m42.629774958s ago: executing program 1 (id=1246):
socket$isdn(0x22, 0x2, 0x2)
r0 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
socket$inet_dccp(0x2, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fanotify_init(0xf00, 0x0)
mkdirat(r3, &(0x7f0000000200)='./bus/file0\x00', 0x111)
renameat2(r3, &(0x7f0000000240)='./bus/file0\x00', r3, &(0x7f00000001c0)='./file0\x00', 0x2)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)

1m42.504504418s ago: executing program 1 (id=1248):
syz_emit_ethernet(0x1ce, &(0x7f0000000840)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000021001983a00fe8000000000000000000000000000bbff0200000000000000000000000000010400907800000000608bb91d00001100fec000000000000000000000000000aa000000000000000000000000000000000000000000000000002b000000000000050200000103000000009da17e9ab13f6e142b20582c8d220c698a74dbf13dfc0ad1f526dfc43313759300929090dd4792ce67ea9f8769d3246f94412c56e0247939ed4b318e4b6066b72d91d9aff97fcf30977dfd4028dea535a8e9d1682c4794d255d62089716f83e82758b77cdceef90c52cd6d2f97577f9bef264da3cfd3e5511fb253122f61808a73cc2e760f93ceb68a0db2613cfcaa6b23235f057c2f980a19266a6bb4a33a17f550a571c5b4211c6fa37105020000008c65fd1a52737fa1ec91495f4d25a766a5dd36bcffb376f4b35d4a5bc51b0f8fb9a273282a9c8ef192a4de26c8732765dbeb6ce083e81cebf0612d1cc7956b78fb34ce0e03007c8b4094bab04b23680ba97ad5c624055e8504a7a121cf38a402a7aa80e05dbe56fecab8b014420231c0e997cbfda9bdc7f29e3a8b13dcfc396cf6ff1fcd8a7f43a107871fdd7e00"], 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
mount$tmpfs(0x0, &(0x7f0000000e80)='./file0/file0\x00', 0x0, 0x3080008, &(0x7f0000000400)=ANY=[@ANYBLOB="67728a71756f74615d626c6f636b5f686172646c69ca67f49038342c00"])
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x1, 0x0, 0x3})
get_robust_list(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x16, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'wg0\x00'})
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000040)=0xf3f, 0x4)
r7 = syz_open_dev$sndctrl(&(0x7f00000001c0), 0x3, 0x88800)
r8 = getpid()
sched_getattr(r8, &(0x7f0000000040)={0x38}, 0x38, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r7, 0xc1105511, &(0x7f0000000240)={{0x3, 0x1, 0xb, 0x80, 'syz0\x00', 0x2}, 0x0, 0x4, 0x3, r8, 0xa, 0x9, 'syz1\x00', &(0x7f0000000200)=['\x00', '\xbb\xbb\xbb\xbb\xbb\xbb', '\x00', '\xbb\xbb\xbb\xbb\xbb\xbb', 'hsr0\x00', '^-,/\x00', '+$-:\\\x00', '\xbb\xbb\xbb\xbb\xbb\xbb', '*/.{]+\\/:-\x00', '\xbb\xbb\xbb\xbb\xbb\xbb'], 0x35})

1m41.154243641s ago: executing program 1 (id=1251):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbd, 0x16, 0xf, 0x40, 0x8086, 0x110, 0xbfad, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x12, 0x24}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f00000005c0), 0x0, 0x0})

1m28.290159775s ago: executing program 34 (id=1242):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r2=>0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r2, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x30, r5, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}, [@IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2b}]}]}, 0x30}}, 0x0)
mremap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000d5a000/0x2000)=nil)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x31, 0x9, 0x1000000, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x5}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
io_setup(0x3, &(0x7f00000003c0)=<r8=>0x0)
io_submit(r8, 0x2, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x0, r7, 0x0, 0x0, 0xa38, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r7, &(0x7f0000000400)="8f1a17eceebe109a39e60506a5d85878a3a4911aeb4ec15b633b161299074b2c1775458c786c15b6c701c20a9a56cacc3a4fdbd7f77691c494ef483184d3760340dd4a52090ca5bd8adf327d7bbc4b76516fe175b99c72e2ee306ec43d0d040c07cb876168565743c40cd2c2b5206f7fa8d0331372a13606046a91864926a3061487c70d5a6adc9163562e8dfddb6287e49b43af29e28a9f92d9b65d4e10ee4b188d9b161871a23711df2dd044a60f577e27f0bbc6f9b567c310be70c865a694d6b1232cddd0a44beec277fc8248fda6a8ff0a41bd3cfa3923fd9b4d24666f4b6ad6cfff6f486fcb83db4d4eacdd1c2a0f0f367ddb9b8cd8e3ae8309dd3d6822f3a08f7977aded72f92efb3b14d15d094575c72c3e7c260055d04e6d0aaab26c2492000ad71ea3bf3daa187b5b55eca2fc9d3317135dab57c95712660a297891de0717e82ff036b7a70cfef82d3673fd201f60d7d9cb23f63989f68f6beb2882a284b2f2a071202697b2f67ba5f80878edeb19c76cf819a963166e35a39c6445ad58037a56f862f894b24bf55d58b78b733932f5ca163680185252d8f896336e057609964363c795ee6048395b9a5b79667e729eb7b229bfc2c0763435c3188b3a7cacb045971776ae720014ff9f3db196a4a15d0a988cd774cef45fcbb505048306781af5ba92ec7844dc7f7b30fe51c5e086ca944f8b8aa18779f5a3031004e415f4d0045c10faa7a7057b8fd8e62bd0897f766b2b7d2f0a3160c5f219b52100dbfc88229add91beea4d654387a539181a3263c40151b27b41a78fd575dd318735389ffec0c5ecff64f9ca3e7c7022cd1dd819f76e4c1f540e5fa826848b0218380c4e95ea655cdc3e909b68c463cc27339e9e4161cc8461adc49083f1241fed3278923381aee0aa2520098b6e699e958830faf1e7bdf7e7dce4cfc8d45cf868be8b3c026fd4c0604bcfcd94430d85dde6ecc333b645b6c55d2486465fa76345eee0dbf40ff5eecc94822b55a443c05c6d8f1f517c9d1ce040f84a3ba2a651385eb1fbc8e72af02ea35bf13b2d3cea9fc6b6a1fc7f5a24c52fa12a906a7c16df60f79e3b36879c6acf58be9bb25a8f2cd5d1bbc9b9c4d40b6618cee0366cbcdcf3b55c4610766cf2822ee30defc05e210b1db9c41dd4018e5a3771ccb2d2100fe819a2ac33ccd58dc990546cf1a0ed40bdb2133a8b98a89a826ed707a79e63c35d9750c7e4e0454e50497379838ed077df654bcabbeabb2d2aac9a461a31885e273e75bce5200a2e7a2920e56f9320bd20498cefded87838bd8c2a3304ff48a5ad7160eb279e6503e5d511063bd17d18c995640725650d4a56da3bb9bcc6af0990d98c3453dcdc68bcd9ca7e4fd8944f5fb54cd40eb859043aca26c7b9eaf0195fe7e518b37431cf2c3556a2f22e1a8b6b547b11fe674242817b54886e9b4161a95dfa04c41549850e68fdc4ece4e29552feaf5165f54a5ce0038d81b43e940bd9861752e13073470c7b176e1ee703617e50c0f4d3e8eb3ae6e1f99813f443659a26137456094d456bdab3a2ca0497f096b2adf137be6d5d07be33577df68402358db7704b864050a0fdfdafedd26fec42d3037b4513eb77ae153c8d2fa58fac746787e6a84da9a67a8ff022ec5449a2908b02770e979c4cd509ff96c3a11a56f6bf484cb5cbd7dd3287caa7a326cc657dc768ce3747f373628dfb96913ee9b524182a4e6d82414cdaf243ff1c89ede3a82e1bee01d73e8a2d4c5cbba36ec5c7c7f2e8cd83ef637e2444559431577f784a5ad8cdd5aa5b0eb3fcfd2affeb96d816a757ebe5bfc88d114f109895f379284d6c90b04a7bdba7aa94af5d6b5029d0752ef3be4753c2dfdf0b5831c4749a019af9d793effe11b33f56b6b914702061127919a81ec3168e96d81c27d5fd940a1c3b2293ce7bcf7ce7956b1d1ee1e4f7e835eee379d4283cb5c55ae6b20c235ad3f05771352091a6686ede331caaaf62a29f1a13f2b1066da691232b4d8dc69ac92d2ca5baaadb03ddec5ba3f4fc6431bb32373543e42566dc2a75f036b0e1d70809fad3e55d66594b0a8f714607ea29fccd8f4daf7d9543bcd6077f2462b6c91a6fe3e63928af6bf875385d30a4e714211eeb000f0c05b8b44e32cc4fc42ce61053e1c7a5fc27210a4f775a9379fd2de9aa45006c3aae41e4c50239fb7c03606e7baf7d50f3091e684c08cd5e45fd0a02d9a1e48d27e397807413fe35009f8985c1020176a057fda905d3121cb58ef9e980118b0721ce3de895f9a9e72efb8bb68e8b180f6106980aea608bc3175e3d671640e7a81801dde5e45a5702007636f6978653d9c330094043470e244717fce0eb4339a1a8679d227fdcfd1b1f0b2db36394eefcddecec4fa02a362091f260c0dda183ae07ef47de918f26a88cedfae368246ff4b1412d250f82f2e7bbb31665bf7a455a26ad065749ba7d44b5f42dfd0049d4619bf44459f9633624b30e2a31a2558b33e2ce2afbe99725b1794678a02395f998ac58dbc1b3e5f66d6a1a22a658a096927dd95aa8d5f71a8160df7bf452797c475fae10cfdf5b9377e531277898ca1cff923fe411ab4b25564b28a6381dc8a2bbccb111e4dc30b66dfbc7667b6e8e85f1da1f7c41fe9a056a9c2dd853c24de735632f8139e6c0f8947e0712330d7971d7d7ef17e71a82f67e3d40abaaf7c78a6283bfab719542c6a72bd1eb64ea55cda69ba2101599750c83be49b1f5b77e3237b25ba6f4d839f16d3b811ea7cd0bb3b2136c82c46bc7ff33b49b0e9ce37070fe7d84d7dc49afad088c84d52fd24c9e431ceef7f37ff534fe0a168707bd31af65ebcd1675367dd627f31897cc18133b8567099bd67d24b1c3eb4dd8575d4710350fe6ac17578c8c2115aa02abd859d9ddbe12340637a41ca74f42232ca02c86f4f9d6256438463d226b8adc49839f29f9dca26be7d65f7ff52daf4c975b7f0344aefd38594a097cc93d5f49c4231ed8aec184656017a87f7a99e1d7ba5d36348119fb29ccb8592d7e67c9168398c3b922e4a513473c1fbc7497df758de28aca65e1f65864f0e7e03b7c4742854bdc54b1461b3f20849377c646b556ad67eccc6efe994b16e9ab91c111b833310742865406f0443ced82211f69c737ad33e51b14b8ab766d24f78a1692f20225dcca1888ff5a6abc36a0b1ae7fc37b6db525266274262e3b3a8d197b1507f6724af6d258cc89ef96523398f63321cbfa61060f187253583b00b34542b64c0eb5f9e0f6182556c43ea67d34180f108e6ad0474d8a1feb3843882a8bd75a66a7e3a6e586aca2ff2e6f1fb58bf3169888dc925800c4ee20fc644a0c84320457e0efede7b2e613d9f921f16fbbf510b6006d5a1db684069d4618450e16e995bb88305af4c9b15b73a4fec3d3da8e5ee3be68fd150a18d0f574f3a2cf97a1a6bf570e57ff895ca4c60804b0153d2c63227f604ded97216357ff1c503b00738dad30c53beddda78d7ada4ab0ee162deeea0cf57fee78e983882a2afce5169f277bfb4527a5bdf303cf9391ef1b76c8563d9cfaec672d9c48abccfffefc48dd7f6a2865c283ccc204853bc8b04611d7c5c7fcaef07d2e85b3737dc8cf44a1d37751c8980614b82385f518c40300e7f9ddc5e9f22669de739cfd320ded5386c09de43f61b76e8b6a7917deb738bd2895eee16d6414564a727ab87565ecf5dd7e0bae65a0f0cdde68ce89f67989fbd07080dcaf3d37fd1dc1ccc0f050ad7d91d1a01261d8c633fb74973ba47ebc61b5652bb8e8285de1e8c28881d8dc4501f545193a2c4208260ee7bb3bdc4b5322c5c450f357b38d5b43385add20520d2cdf7b8bade7a37e269c59a6c9b717c5d0b69a5465678efb6f6ff6a2b74693a3de6d7df7056ea5b838105d8f97cf664ab95aae7e9c08ddcff10a9fea5b348378d056f20f99c3e7d6411973b787cb519276c38f92d5178f518ff2ca5b509b257442072290f8f904f176d13475f8af6b4bf0640a9aaffffb7e222870cefb623dbb8e177aece0eac6bd3ef2dece07b969ae9f0105831851f586ded0ff90a752184552393e9de454b75be6ae17fc6a4ec89884ec119fd6a8c6a700e650bc26c5f72dce3e86bd8f92a81d2d16431791fe97cee195a0e12e7d311f14be1a5fcf7e2da848390fcbd39b8f0de48e8ac2b7f0f792d0f40cdea116be9a09ebfc07b79f2658d755ca1c30e3449a3f41571253fe11c2c821ef318c1a41c134aaa3f7ede1fd25dbba4b56dc96c282c421cb6a47b60a667e6ccb61b56e6bbac351e052048b7236e15a006ed6aa5fdc594eaf65f25fe498b6fcba158ff911d46e627ccbb7a41c8c93ea503cc39a537c2f368045359b4b138a70f60d9cee79f26a6055bc9f22ac5061908b8596f426a03b152c40618c515831566eb788dbd72deada3b899a06b866f67c8070ab7d147953a0d585cc70025f562afe0699934435896c628a7a321e0c39586463686fafda5f236b45d4ebc8f714c81c4ca681b812fca1b3404a9eecea54a23385218f35a0ab7e37313d87b7ead1de27f13938afe658560843371cdced704fffba4442068c7871ba86fe3028222847d6a7cc6e1a42b8010d1702a4ac8e549ac1029364e174bca841de9b6b9e5eda41e6033e05f4a36a87a94c4324fc0b5cc385058df87692c9aa0c1c2e4fde95fba6abf4c58937bb2092a98c85456d1077318868fc33783771c8084683ce69ec422e3eb6a45196c3ec26d9378cc93f29810867fb7c42a7b102c7efed8c056d65ab100f278d74c418aadaff8874e40522af2465077a6fb218475d92c355eb992f29860f56873bcfa36b1efc2620f1e4456679baf6009d85bb06bde15a3ae57d0f7044f3136264edd103d0f167a811a7560f8eb4fc366c3ef705db6fbafab34d8bec59264bd716161371ab0fdf8456cc0924107b0c46f093969470527292ffb561da81efd6630ae90773c92de14bf65df760af046539748c4858fb199f1699728e24f57bf080c584f533d708105cc913e698ea0cb99fce13d832f549603c3bb6ccff69a2261c4c927f7ec6b2c4bc54a7b6eac6c3dcd70a2477fc78a4fc8b96083631676314823df4ade114c0f52780f445a78e841b4d67d35be4b79020ee962fbd964c691d69e8fc6a03e319f478fe3b4fc0ac7ee6d1ed511d665a3ff2e8587dbb1e6a39f4018c44217bc429496771772d197ac2d3f1dbb8fedaeb6332c16b056eb55d8757e47990f01c5c7a817de736dfa0fbc98908880428e72f1153f4fa69d9ac7d463dd80e9a28d2406509c1b21a44086dcad2c8ec906ab44730dc4f87b523342216159f8b261c02f7facda5b10befb93ee4574513e5492adf0f01cc13ee72c07cfbabe7f28789e90b3b633e0284c731577b9c7fb5652f736a09469714b3e5c5bfdc45f14fb46c2f3b39807c1929261cff24e66923d90bf0384cb0f5e577d0fdc06d8f4bf24cdd780a8fa7a038255cd0f26af67963b2b05523f25c61c6dfcf868d92c321410a3ee28d03d344eaa28c811b52f616df7ac61410004843579337f56ca0447009a871af10e6c5385569f4eca7d235277ac3b5ea840aac18d05eba5b58306724889ea424b423effb019586761d5803998b2b93b70c490687eb4ce1f0af2256fdcca1af03e7b78638f91c19fd1285c1ac8b27e2866403bbf45ae243ca18c4520d9890fb88b16d50cd33cc1c9dee1916b325462cdae45235b223c07c33ac5246bc33e4e81a1c46b712736afd017479321726e98c6558c636178b8e712157a252b396c9d7da83498d9d641dd7f540cb2236", 0x1000, 0x3}])
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

1m27.339264058s ago: executing program 35 (id=1245):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010000fff0000000000000000003e0000ac5d29f0085779ddfe155434745c0d0f7f6c500aa8567c023222a89991377684117a643707e851", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800a001400aaaaaaaaaabb0000"], 0x40}}, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
dup2(r0, r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

1m26.045476394s ago: executing program 36 (id=1251):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbd, 0x16, 0xf, 0x40, 0x8086, 0x110, 0xbfad, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x12, 0x24}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f00000005c0), 0x0, 0x0})

1.235885939s ago: executing program 3 (id=1453):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TCSETSW2(r3, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, 0x0, "2cf155f1d8b4d0441f0246e09537aa82dc1ecf"})
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r4, 0x29, 0x4b, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)

244.58331ms ago: executing program 3 (id=1454):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000440)=@security={'security\x00', 0xe, 0x2, 0x2b0, 0xffffffff, 0x1c8, 0xf8, 0xf8, 0xffffffff, 0xffffffff, 0x278, 0x278, 0x278, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@AUDIT={0x28}}, {{@ip={@multicast1, @private, 0x0, 0x0, 'dummy0\x00', 'veth0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@ip={@remote, @private, 0x0, 0x0, 'team0\x00', 'wlan0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "90617ae6e2ad43980c3bec242f9040a700efba1f7ef6f77096db813f042b"}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x310)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x440, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r2, 0x107, 0x13, 0x0, &(0x7f00000000c0))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000002a00dbdf"], 0x1c}, 0x1, 0x3000000, 0x0, 0x800}, 0x8080)
read(r3, &(0x7f0000000000)=""/170, 0xaa)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11e, 0x11e, 0x9, [@struct={0x3, 0x5, 0x0, 0x4, 0x0, 0x3, [{0x7, 0x5, 0x5}, {0xd, 0x5, 0x80000000}, {0x4, 0x1, 0x6}, {0x9, 0x5, 0x400}, {0x8, 0x3, 0x4}]}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0xb, 0x2}, {0x2, 0x1}, {0xd, 0x1}, {0xd, 0x2}, {0xa, 0x2}, {0x8, 0x2}, {0xf, 0x3}, {0x10, 0x4}]}, @datasec={0x5, 0x1, 0x0, 0xf, 0x2, [{0x5, 0x6, 0xc}], "ac02"}, @restrict={0x2, 0x0, 0x0, 0xb, 0x4}, @func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x7, 0x5}, {0x10, 0x2}, {0xf, 0x3}]}, @typedef={0xb, 0x0, 0x0, 0x8, 0x3}, @ptr={0x5, 0x0, 0x0, 0x2, 0x3}, @decl_tag={0xa, 0x0, 0x0, 0x11, 0x3, 0xffffffffffffffff}, @typedef={0xb, 0x0, 0x0, 0x8, 0x4}, @typedef={0x4, 0x0, 0x0, 0x8, 0x1}]}, {0x0, [0x61, 0x2e, 0x0, 0x30, 0x30, 0x5f, 0x30]}}, &(0x7f0000000400)=""/29, 0x141, 0x1d, 0x1, 0x10, 0x10000, @value=r1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x8, 0x7, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x498}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1000}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000000140)='GPL\x00', 0x6, 0xe5, &(0x7f0000000180)=""/229, 0x41000, 0x54, '\x00', 0x0, @cgroup_skb=0x1, r4, 0x8, &(0x7f00000007c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x5, 0x0, 0xf}, 0x10, 0x0, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000840)=[{0x3, 0x5}, {0x4, 0x5, 0x4, 0xc}], 0x10, 0x6, @void, @value}, 0x94)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r6, 0x104, 0x3, &(0x7f0000000040)=0x5, 0x4)
unshare(0x22020400)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r7, 0x8004e500, &(0x7f0000000040)=r5)

199.749625ms ago: executing program 3 (id=1455):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x275a, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000000)={0x0, 0x2, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c00"})
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x1000)=nil)
socket(0x11, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90324fc60100003000a000200053582c137153e37000c06800500020003", 0x2d}], 0x1}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
io_setup(0x8, &(0x7f0000000000)=<r5=>0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
setsockopt$sock_int(r6, 0x1, 0x20, &(0x7f0000000480), 0x4)
io_uring_setup(0x175c, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_procfs(0x0, 0x0)
r7 = socket$inet6(0xa, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)

107.942341ms ago: executing program 3 (id=1456):
r0 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r0)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x2c, 0x2, [@TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x9}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x7}, @TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x2}, @TCA_FQ_CODEL_INTERVAL={0x8}]}}]}, 0x60}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@delchain={0x44, 0x65, 0x300, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0xa, 0xfff2}, {0x9, 0x5}, {0xf, 0xfff2}}, [@TCA_RATE={0x6, 0x5, {0xfa, 0x4}}, @filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_IPV4_SRC_MASK={0x8, 0xb, 0xffffff00}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4008000)
write$uinput_user_dev(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r2, 0x89f9, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000240)={@private2, @remote, 0x1a, 0x3}})
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_int(r6, 0x1, 0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'geneve1\x00', <r7=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1c, 0xfffffff7, 0x4, 0x1000, 0x80, r2, 0x6, '\x00', r7, r2, 0x0, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
eventfd(0x8)

71.195335ms ago: executing program 3 (id=1457):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0xa00800)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r0, 0x1e, &(0x7f00000000c0), 0x1)
setsockopt$inet6_buf(r0, 0x29, 0x23, &(0x7f0000000100)="8be356a4e69f6f8403950d727a52b53c214504a7d0e871ba08e91fd44985b593e9acf9d92c85a89e47213fea18c8fe35d0d2e80e8d61902b5ba5c98d7c41e228b7249bfc7947d0e83394c231bbf5cd1258e49140f8e735d93b044b39d1e6d0e295f7c96743552e781a6fdd22ca66b3fd4d3079372d974c3ca59d6d24b59a3462e1986ac35261a4fa204994f713c10784c850ad64fdc8ccfdeef078509b32dd2cd54cfb7f56198cebdf0987779b9de048135c1db58c77f2151578f50e149924634f68040c8184d19d7dcfff940bed52eb4cd1ef84503d8e6a47d8994797", 0xdd)

0s ago: executing program 3 (id=1458):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x2, 0xa}, 'syz1\x00', 0x2f})
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x15)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
write$dsp(r2, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
chown(0x0, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000100)=0x1, 0x29)
setsockopt$inet_int(r7, 0x0, 0x13, &(0x7f0000000000)=0x800, 0x4)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c0005000400000000000000080001000300000005000200000000000500020008000000240003"], 0x12c}, 0x1, 0x0, 0x0, 0x20000020}, 0x0)

kernel console output (not intermixed with test programs):

05]  dump_stack_lvl+0x241/0x360
[  296.379577][ T8005]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.379591][ T8005]  ? __pfx__printk+0x10/0x10
[  296.379607][ T8005]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  296.379622][ T8005]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  296.379638][ T8005]  warn_alloc+0x278/0x410
[  296.379656][ T8005]  ? __pfx_warn_alloc+0x10/0x10
[  296.379668][ T8005]  ? __kasan_kmalloc+0x23/0xb0
[  296.379679][ T8005]  ? __kmalloc_cache_node_noprof+0x25d/0x3a0
[  296.379695][ T8005]  ? __get_vm_area_node+0x280/0x2d0
[  296.379712][ T8005]  __vmalloc_node_range_noprof+0x369/0x1380
[  296.379733][ T8005]  ? __pfx_lock_acquire+0x10/0x10
[  296.379751][ T8005]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  296.379769][ T8005]  ? htable_create+0x102/0x880
[  296.379779][ T8005]  vmalloc_noprof+0x79/0x90
[  296.379792][ T8005]  ? htable_create+0x102/0x880
[  296.379801][ T8005]  htable_create+0x102/0x880
[  296.379814][ T8005]  hashlimit_mt_check_common+0x710/0xa40
[  296.379827][ T8005]  hashlimit_mt_check_v1+0x2ea/0x540
[  296.379838][ T8005]  ? __pfx_hashlimit_mt_check_v1+0x10/0x10
[  296.379852][ T8005]  ? __mutex_unlock_slowpath+0x227/0x800
[  296.379868][ T8005]  xt_check_match+0x368/0xa40
[  296.379884][ T8005]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  296.379896][ T8005]  ? __pfx_xt_check_match+0x10/0x10
[  296.379910][ T8005]  ? xt_find_match+0xc1/0x210
[  296.379930][ T8005]  ? strcmp+0x37/0xa0
[  296.379946][ T8005]  ? xt_find_match+0x1d3/0x210
[  296.379963][ T8005]  translate_table+0x1671/0x2330
[  296.379991][ T8005]  ? __pfx_translate_table+0x10/0x10
[  296.380007][ T8005]  ? __might_fault+0xaa/0x120
[  296.380029][ T8005]  ? __pfx_lock_release+0x10/0x10
[  296.380052][ T8005]  ? __virt_addr_valid+0x183/0x530
[  296.380076][ T8005]  ? __might_fault+0xc6/0x120
[  296.380100][ T8005]  ? copy_from_sockptr_offset+0x6b/0xb0
[  296.380112][ T8005]  do_ip6t_set_ctl+0xe4c/0x1270
[  296.380125][ T8005]  ? nf_setsockopt+0x240/0x2c0
[  296.380135][ T8005]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  296.380153][ T8005]  ? __mutex_unlock_slowpath+0x227/0x800
[  296.380171][ T8005]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  296.380189][ T8005]  ? __mutex_unlock_slowpath+0xc/0x800
[  296.380203][ T8005]  nf_setsockopt+0x295/0x2c0
[  296.380216][ T8005]  rawv6_setsockopt+0x327/0x740
[  296.380230][ T8005]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  296.380242][ T8005]  ? __pfx_lock_acquire+0x10/0x10
[  296.380253][ T8005]  ? sock_common_setsockopt+0x37/0xc0
[  296.380266][ T8005]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  296.380278][ T8005]  do_sock_setsockopt+0x3af/0x720
[  296.380297][ T8005]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  296.380313][ T8005]  ? __fget_files+0x395/0x410
[  296.380324][ T8005]  ? __fget_files+0x2a/0x410
[  296.380340][ T8005]  __x64_sys_setsockopt+0x1ee/0x280
[  296.380357][ T8005]  do_syscall_64+0xf3/0x230
[  296.380370][ T8005]  ? clear_bhb_loop+0x35/0x90
[  296.380385][ T8005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.380397][ T8005] RIP: 0033:0x7fdaf9b8cde9
[  296.380406][ T8005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.380414][ T8005] RSP: 002b:00007fdafa9f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  296.380425][ T8005] RAX: ffffffffffffffda RBX: 00007fdaf9da6160 RCX: 00007fdaf9b8cde9
[  296.380431][ T8005] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
[  296.380437][ T8005] RBP: 00007fdafa9f8090 R08: 0000000000000488 R09: 0000000000000000
[  296.380442][ T8005] R10: 0000400000000b00 R11: 0000000000000246 R12: 0000000000000001
[  296.380448][ T8005] R13: 0000000000000000 R14: 00007fdaf9da6160 R15: 00007ffd11956e58
[  296.380461][ T8005]  </TASK>
[  296.380465][ T8005] Mem-Info:
[  296.770653][ T8005] active_anon:6047 inactive_anon:8588 isolated_anon:0
[  296.770653][ T8005]  active_file:4621 inactive_file:35813 isolated_file:0
[  296.770653][ T8005]  unevictable:2816 dirty:287 writeback:0
[  296.770653][ T8005]  slab_reclaimable:10129 slab_unreclaimable:98563
[  296.770653][ T8005]  mapped:32704 shmem:10048 pagetables:1063
[  296.770653][ T8005]  sec_pagetables:0 bounce:0
[  296.770653][ T8005]  kernel_misc_reclaimable:0
[  296.770653][ T8005]  free:1331098 free_pcp:325 free_cma:0
[  296.816349][ T8005] Node 0 active_anon:24188kB inactive_anon:34352kB active_file:18220kB inactive_file:143252kB unevictable:9728kB isolated(anon):0kB isolated(file):0kB mapped:130772kB dirty:1144kB writeback:0kB shmem:38656kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11644kB pagetables:4252kB sec_pagetables:0kB all_unreclaimable? no
[  296.849737][ T8005] Node 1 active_anon:0kB inactive_anon:0kB active_file:264kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  296.887495][ T8005] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  296.914897][ T8005] lowmem_reserve[]: 0 2493 2494 0 0
[  296.920295][ T8005] Node 0 DMA32 free:1404372kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:24192kB inactive_anon:34236kB active_file:17436kB inactive_file:143200kB unevictable:9728kB writepending:1148kB present:3129332kB managed:2553644kB mlocked:8192kB bounce:0kB free_pcp:1072kB local_pcp:976kB free_cma:0kB
[  296.951879][ T8005] lowmem_reserve[]: 0 0 0 0 0
[  296.956593][ T8005] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:784kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  296.983416][ T8005] lowmem_reserve[]: 0 0 0 0 0
[  296.988480][ T8005] Node 1 Normal free:3904852kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:264kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  297.017409][ T8005] lowmem_reserve[]: 0 0 0 0 0
[  297.022160][ T8005] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  297.035399][ T8005] Node 0 DMA32: 33*4kB (UME) 46*8kB (UME) 6*16kB (UME) 107*32kB (UME) 49*64kB (UME) 50*128kB (UME) 24*256kB (UME) 30*512kB (UM) 23*1024kB (UME) 13*2048kB (UME) 322*4096kB (UM) = 1404148kB
[  297.054013][ T8005] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  297.065489][ T8005] Node 1 Normal: 229*4kB (UME) 64*8kB (UME) 44*16kB (UME) 252*32kB (UME) 98*64kB (UME) 34*128kB (UME) 14*256kB (U) 11*512kB (UME) 6*1024kB (UME) 3*2048kB (UE) 943*4096kB (UM) = 3904852kB
[  297.084086][ T8005] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  297.093702][ T8005] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  297.103473][ T8005] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  297.113118][ T8005] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  297.122432][ T8005] 50482 total pagecache pages
[  297.127097][ T8005] 0 pages in swap cache
[  297.131840][ T8005] Free swap  = 124740kB
[  297.135987][ T8005] Total swap = 124996kB
[  297.140187][ T8005] 2097051 pages RAM
[  297.144024][ T8005] 0 pages HighMem/MovableOnly
[  297.148714][ T8005] 426788 pages reserved
[  297.152851][ T8005] 0 pages cma reserved
[  298.297968][ T7509] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  298.477952][ T7509] usb 2-1: Using ep0 maxpacket: 8
[  298.490693][ T7509] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  298.510451][ T7509] usb 2-1: config 179 has no interface number 0
[  298.516867][ T7509] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  298.539150][ T8021] FAULT_INJECTION: forcing a failure.
[  298.539150][ T8021] name failslab, interval 1, probability 0, space 0, times 0
[  298.551478][ T7509] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  298.579352][ T7509] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  298.596775][ T7509] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  298.610429][ T8021] CPU: 0 UID: 0 PID: 8021 Comm: syz.0.543 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  298.610453][ T8021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  298.610464][ T8021] Call Trace:
[  298.610470][ T8021]  <TASK>
[  298.610482][ T8021]  dump_stack_lvl+0x241/0x360
[  298.610514][ T8021]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.610538][ T8021]  ? __pfx__printk+0x10/0x10
[  298.610562][ T8021]  ? fs_reclaim_acquire+0x93/0x130
[  298.610579][ T8021]  ? __pfx___might_resched+0x10/0x10
[  298.610595][ T8021]  ? dynamic_dname+0x141/0x1b0
[  298.610620][ T8021]  should_fail_ex+0x40a/0x550
[  298.610643][ T8021]  should_failslab+0xac/0x100
[  298.610665][ T8021]  __kmalloc_noprof+0xdd/0x4c0
[  298.610684][ T8021]  ? tomoyo_encode+0x26f/0x540
[  298.610704][ T8021]  tomoyo_encode+0x26f/0x540
[  298.610720][ T8021]  ? __pfx_anon_inodefs_dname+0x10/0x10
[  298.610740][ T8021]  tomoyo_realpath_from_path+0x59e/0x5e0
[  298.610768][ T8021]  tomoyo_path_number_perm+0x236/0x860
[  298.610788][ T8021]  ? __lock_acquire+0x1397/0x2100
[  298.610810][ T8021]  ? tomoyo_path_number_perm+0x206/0x860
[  298.610832][ T8021]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  298.610892][ T8021]  ? __fget_files+0x2a/0x410
[  298.610914][ T8021]  ? __fget_files+0x2a/0x410
[  298.610939][ T8021]  security_file_ioctl+0xc6/0x2a0
[  298.610963][ T8021]  __se_sys_ioctl+0x46/0x170
[  298.610987][ T8021]  do_syscall_64+0xf3/0x230
[  298.611008][ T8021]  ? clear_bhb_loop+0x35/0x90
[  298.611032][ T8021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.611052][ T8021] RIP: 0033:0x7fe62898cde9
[  298.611067][ T8021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.611080][ T8021] RSP: 002b:00007fe62972b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  298.611099][ T8021] RAX: ffffffffffffffda RBX: 00007fe628ba5fa0 RCX: 00007fe62898cde9
[  298.611111][ T8021] RDX: 0000400000000100 RSI: 000000004048ae9b RDI: 0000000000000005
[  298.611121][ T8021] RBP: 00007fe62972b090 R08: 0000000000000000 R09: 0000000000000000
[  298.611131][ T8021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.611141][ T8021] R13: 0000000000000000 R14: 00007fe628ba5fa0 R15: 00007ffe98b27e68
[  298.611167][ T8021]  </TASK>
[  298.611184][ T8021] ERROR: Out of memory at tomoyo_realpath_from_path.
[  298.614246][ T7509] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  299.009199][ T5821] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  299.062244][ T7509] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  299.093442][ T7509] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.276712][ T8012] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  299.495045][ T5828] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  299.508218][ T5828] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  299.519844][ T5828] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  299.533352][ T5828] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  299.542612][ T5828] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  299.552832][ T5828] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  299.686242][ T7509] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input8
[  300.063373][ T8039] netlink: 'syz.2.547': attribute type 1 has an invalid length.
[  300.065209][ T5975] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.082700][ T8039] netlink: 224 bytes leftover after parsing attributes in process `syz.2.547'.
[  300.736382][ T5975] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.885035][    T8] usb 2-1: USB disconnect, device number 8
[  300.885106][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  300.900497][    T8] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  300.902681][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  300.948297][ T5975] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.128703][ T5975] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.279351][ T8032] chnl_net:caif_netlink_parms(): no params data found
[  301.435230][ T5975] bridge_slave_1: left allmulticast mode
[  301.449124][ T5975] bridge_slave_1: left promiscuous mode
[  301.463657][ T5975] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.493097][ T5975] bridge_slave_0: left allmulticast mode
[  301.503401][ T5975] bridge_slave_0: left promiscuous mode
[  301.510772][ T5975] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.520448][ T7509] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  301.637908][ T5821] Bluetooth: hci3: command tx timeout
[  301.658003][ T7509] usb 3-1: device descriptor read/64, error -71
[  301.790955][ T5975] erspan0 (unregistering): left allmulticast mode
[  302.088487][ T7509] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  302.218714][ T5975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  302.237958][ T7509] usb 3-1: device descriptor read/64, error -71
[  302.245427][ T5975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  302.270137][ T5975] bond0 (unregistering): Released all slaves
[  302.319117][ T8032] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.326325][ T8032] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.351057][ T8032] bridge_slave_0: entered allmulticast mode
[  302.357321][ T7509] usb usb3-port1: attempt power cycle
[  302.365734][ T8032] bridge_slave_0: entered promiscuous mode
[  302.383929][ T8032] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.394688][ T8032] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.403847][ T8032] bridge_slave_1: entered allmulticast mode
[  302.416705][ T8032] bridge_slave_1: entered promiscuous mode
[  302.546600][ T8032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  302.622311][ T8032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  302.699082][ T7509] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  302.747355][ T7509] usb 3-1: device descriptor read/8, error -71
[  302.752502][ T8032] team0: Port device team_slave_0 added
[  302.809001][ T8032] team0: Port device team_slave_1 added
[  302.902553][ T5975] hsr_slave_0: left promiscuous mode
[  302.928099][ T5975] hsr_slave_1: left promiscuous mode
[  302.944439][ T5975] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.961429][ T5975] batman_adv: batadv0: Removing interface: batadv_slave_0
[  303.003425][ T5975] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.014925][ T5975] batman_adv: batadv0: Removing interface: batadv_slave_1
[  303.061421][ T5975] veth1_macvtap: left promiscuous mode
[  303.067712][ T5975] veth0_macvtap: left promiscuous mode
[  303.101334][ T5975] veth1_vlan: left promiscuous mode
[  303.135904][ T7509] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  303.153271][ T5975] veth0_vlan: left promiscuous mode
[  303.254676][ T7509] usb 3-1: device descriptor read/8, error -71
[  303.440044][ T7509] usb usb3-port1: unable to enumerate USB device
[  303.726716][ T5821] Bluetooth: hci3: command tx timeout
[  303.958480][ T5821] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  304.526443][ T8090] netlink: 260 bytes leftover after parsing attributes in process `syz.1.557'.
[  305.807852][ T5821] Bluetooth: hci3: command tx timeout
[  307.619040][ T5975] team0 (unregistering): Port device team_slave_1 removed
[  307.737131][ T5975] team0 (unregistering): Port device team_slave_0 removed
[  307.883976][ T5821] Bluetooth: hci3: command tx timeout
[  308.745982][ T8032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.774437][ T8032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.882254][ T8032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.942197][ T8032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.121848][ T8032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.447159][ T8194] netlink: 'syz.0.566': attribute type 1 has an invalid length.
[  309.464783][ T8194] netlink: 224 bytes leftover after parsing attributes in process `syz.0.566'.
[  309.490833][ T8032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.067941][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  310.268904][ T8032] hsr_slave_0: entered promiscuous mode
[  310.472368][ T8032] hsr_slave_1: entered promiscuous mode
[  310.618612][ T8214] trusted_key: encrypted_key: insufficient parameters specified
[  311.328104][ T8187] syz.2.564 (8187): drop_caches: 2
[  311.373229][ T8216] netlink: 8 bytes leftover after parsing attributes in process `syz.1.570'.
[  311.442091][ T8216] netlink: 'syz.1.570': attribute type 12 has an invalid length.
[  311.488353][ T8216] netlink: 243 bytes leftover after parsing attributes in process `syz.1.570'.
[  311.497420][ T8216] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  311.535460][ T8221] netlink: 28 bytes leftover after parsing attributes in process `syz.3.571'.
[  311.544589][ T8221] netlink: 28 bytes leftover after parsing attributes in process `syz.3.571'.
[  311.928719][ T5873] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  311.934622][ T8032] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  311.963052][ T8032] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  311.980176][ T8032] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  312.003509][ T8032] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  312.089111][ T5873] usb 2-1: device descriptor read/64, error -71
[  312.094109][ T8032] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.131970][ T8032] 8021q: adding VLAN 0 to HW filter on device team0
[  312.155308][ T8139] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.162546][ T8139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.174241][ T8139] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.181535][ T8139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.265137][ T8032] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  312.288180][ T8032] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  312.353652][ T5873] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  312.518498][ T5873] usb 2-1: device descriptor read/64, error -71
[  312.545253][ T8032] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.620168][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  312.729288][ T5873] usb usb2-port1: attempt power cycle
[  312.784070][ T8266] syz_tun: entered allmulticast mode
[  312.953662][ T8276] syz_tun: left allmulticast mode
[  312.969375][ T8032] veth0_vlan: entered promiscuous mode
[  312.991569][ T8032] veth1_vlan: entered promiscuous mode
[  313.030824][ T8032] veth0_macvtap: entered promiscuous mode
[  313.089793][ T8032] veth1_macvtap: entered promiscuous mode
[  313.098130][ T5873] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  313.120750][ T5873] usb 2-1: device descriptor read/8, error -71
[  313.124916][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.289643][ T8280] xt_CT: You must specify a L4 protocol and not use inversions on it
[  313.377972][ T5873] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  313.480785][ T5873] usb 2-1: device descriptor read/8, error -71
[  313.903065][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.913118][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.924560][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.934577][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.950656][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.979096][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.986016][ T5873] usb usb2-port1: unable to enumerate USB device
[  314.053215][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.097560][ T8032] batman_adv: batadv0: Interface activated: batadv_slave_0
[  314.142783][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.357671][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.381704][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.481244][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.410886][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.422423][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.675920][ T8032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.686439][ T8032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.706213][ T8032] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.804117][ T8032] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.816590][ T8032] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.826044][ T8032] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.843365][ T8032] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.413554][ T8305] xt_TPROXY: Can be used only with -p tcp or -p udp
[  316.632039][ T8139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.699762][ T8139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.069224][ T8311] netlink: 'syz.2.587': attribute type 1 has an invalid length.
[  317.077157][ T8311] netlink: 224 bytes leftover after parsing attributes in process `syz.2.587'.
[  317.223986][ T6859] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.240050][ T6859] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.579944][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  317.580111][ T5821] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  317.586353][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  318.392531][ T8329] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  319.981106][ T8325] program syz.2.590 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  320.188100][   T25] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  320.378440][   T25] usb 6-1: Using ep0 maxpacket: 32
[  320.406647][   T25] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  320.439597][   T25] usb 6-1: config 0 has no interface number 0
[  320.462672][   T25] usb 6-1: config 0 interface 12 has no altsetting 0
[  320.504678][   T25] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  320.554485][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.591236][   T25] usb 6-1: Product: syz
[  320.595577][   T25] usb 6-1: Manufacturer: syz
[  320.614059][   T25] usb 6-1: SerialNumber: syz
[  320.654731][   T25] usb 6-1: config 0 descriptor??
[  321.184267][ T8356] netlink: 68 bytes leftover after parsing attributes in process `syz.3.594'.
[  321.280953][ T8356] netlink: 12 bytes leftover after parsing attributes in process `syz.3.594'.
[  321.348897][ T8356] netlink: 20 bytes leftover after parsing attributes in process `syz.3.594'.
[  322.021429][   T25] f81534 6-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71
[  322.054539][   T25] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  322.087793][   T25] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  322.112403][   T25] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[  322.744675][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  322.744693][   T29] audit: type=1326 audit(1739273899.727:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  322.761940][   T25] usb 6-1: USB disconnect, device number 2
[  322.846448][   T29] audit: type=1326 audit(1739273899.727:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  322.967949][   T29] audit: type=1326 audit(1739273899.727:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  323.181847][ T8388] netlink: 'syz.1.600': attribute type 1 has an invalid length.
[  323.189909][ T8388] netlink: 224 bytes leftover after parsing attributes in process `syz.1.600'.
[  323.239410][   T29] audit: type=1326 audit(1739273899.727:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  323.589932][   T29] audit: type=1326 audit(1739273899.727:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  323.796978][ T8396] fuse: Unknown parameter 'fd0x000000000000000700000000000000000000'
[  324.161442][   T29] audit: type=1326 audit(1739273899.727:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  324.310477][   T29] audit: type=1326 audit(1739273899.727:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  324.433172][   T29] audit: type=1326 audit(1739273899.727:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  324.517545][   T29] audit: type=1326 audit(1739273899.727:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  324.590423][   T29] audit: type=1326 audit(1739273899.727:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8359 comm="syz.0.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  324.703424][ T8410] xt_TPROXY: Can be used only with -p tcp or -p udp
[  325.369831][ T8418] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  326.516718][ T8430] FAULT_INJECTION: forcing a failure.
[  326.516718][ T8430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.530723][ T8430] CPU: 0 UID: 0 PID: 8430 Comm: syz.1.609 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  326.530746][ T8430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  326.530769][ T8430] Call Trace:
[  326.530776][ T8430]  <TASK>
[  326.530783][ T8430]  dump_stack_lvl+0x241/0x360
[  326.530814][ T8430]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.530838][ T8430]  ? __pfx__printk+0x10/0x10
[  326.530863][ T8430]  ? __pfx_lock_release+0x10/0x10
[  326.530884][ T8430]  ? vfs_write+0x7fa/0xd10
[  326.530903][ T8430]  should_fail_ex+0x40a/0x550
[  326.530926][ T8430]  _copy_from_user+0x2d/0xb0
[  326.530944][ T8430]  move_addr_to_kernel+0x82/0x150
[  326.530966][ T8430]  __sys_bind+0x124/0x290
[  326.530986][ T8430]  ? __pfx___sys_bind+0x10/0x10
[  326.531010][ T8430]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  326.531026][ T8430]  ? do_syscall_64+0x100/0x230
[  326.531046][ T8430]  __x64_sys_bind+0x7a/0x90
[  326.531063][ T8430]  do_syscall_64+0xf3/0x230
[  326.531079][ T8430]  ? clear_bhb_loop+0x35/0x90
[  326.531098][ T8430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.531118][ T8430] RIP: 0033:0x7f2013b8cde9
[  326.531131][ T8430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.531142][ T8430] RSP: 002b:00007f2014a6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  326.531157][ T8430] RAX: ffffffffffffffda RBX: 00007f2013da6160 RCX: 00007f2013b8cde9
[  326.531166][ T8430] RDX: 0000000000000010 RSI: 0000400000000000 RDI: 000000000000000b
[  326.531175][ T8430] RBP: 00007f2014a6c090 R08: 0000000000000000 R09: 0000000000000000
[  326.531183][ T8430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.531190][ T8430] R13: 0000000000000000 R14: 00007f2013da6160 R15: 00007fff7483a518
[  326.531209][ T8430]  </TASK>
[  329.256361][ T8470] netlink: 28 bytes leftover after parsing attributes in process `syz.2.615'.
[  329.327046][ T8470] netlink: 28 bytes leftover after parsing attributes in process `syz.2.615'.
[  330.319425][ T8489] xt_TPROXY: Can be used only with -p tcp or -p udp
[  332.647130][ T8507] syz.2.622 uses obsolete (PF_INET,SOCK_PACKET)
[  334.468152][ T8521] futex_wake_op: syz.5.626 tries to shift op by 32; fix this program
[  335.825705][ T5826] kernel read not supported for file bpf-prog (pid: 5826 comm: kworker/0:3)
[  339.536951][ T8576] netlink: 28 bytes leftover after parsing attributes in process `syz.0.639'.
[  339.592943][ T8576] netlink: 28 bytes leftover after parsing attributes in process `syz.0.639'.
[  339.607928][ T8577] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  339.717418][ T8576] bond0: entered promiscuous mode
[  339.846142][ T8576] bond_slave_0: entered promiscuous mode
[  340.047005][ T8576] bond_slave_1: entered promiscuous mode
[  340.378100][ T8576] bridge0: entered promiscuous mode
[  340.388441][ T8576] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  340.426818][ T8576] Cannot create hsr debugfs directory
[  340.514849][ T8589] netlink: 'syz.5.643': attribute type 16 has an invalid length.
[  340.576313][ T8589] netlink: 'syz.5.643': attribute type 17 has an invalid length.
[  341.635003][ T8589] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.643852][ T8589] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.792323][ T8602] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  342.599648][ T5828] Bluetooth: hci3: command 0x0405 tx timeout
[  342.735705][ T8596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  342.958243][ T8589] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.002855][ T8589] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.920439][ T8619] xt_TPROXY: Can be used only with -p tcp or -p udp
[  344.148948][ T8589] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.208568][ T8589] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.217497][ T8589] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.387053][ T8589] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.455689][ T8630] trusted_key: encrypted_key: insufficient parameters specified
[  346.197914][ T8643] program syz.1.658 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  346.208447][ T8643] program syz.1.658 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  346.219724][ T8643] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  346.303737][ T8643] netlink: 14 bytes leftover after parsing attributes in process `syz.1.658'.
[  346.659726][ T8632] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  347.519432][ T8657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  347.913624][ T8678] xt_TPROXY: Can be used only with -p tcp or -p udp
[  348.372904][ T8643] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  348.407907][    T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  348.421885][ T8643] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  348.449330][ T8643] bond0 (unregistering): Released all slaves
[  348.661258][ T8672] syzkaller0: tun_chr_ioctl cmd 1074025677
[  348.667217][ T8672] syzkaller0: linktype set to 65535
[  348.787080][    T8] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  348.796738][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.014260][    T8] usb 6-1: config 0 descriptor??
[  349.038033][    T8] cp210x 6-1:0.0: cp210x converter detected
[  350.230561][ T8676] netlink: 8 bytes leftover after parsing attributes in process `syz.5.667'.
[  350.277223][ T8676] netlink: 8 bytes leftover after parsing attributes in process `syz.5.667'.
[  350.341650][ T8698] FAULT_INJECTION: forcing a failure.
[  350.341650][ T8698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.478044][ T8698] CPU: 0 UID: 0 PID: 8698 Comm: syz.1.672 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  350.478071][ T8698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  350.478085][ T8698] Call Trace:
[  350.478091][ T8698]  <TASK>
[  350.478099][ T8698]  dump_stack_lvl+0x241/0x360
[  350.478131][ T8698]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.478155][ T8698]  ? __pfx__printk+0x10/0x10
[  350.478189][ T8698]  should_fail_ex+0x40a/0x550
[  350.478212][ T8698]  _copy_to_user+0x31/0xb0
[  350.478232][ T8698]  bpf_test_finish+0x212/0x890
[  350.478263][ T8698]  ? __pfx_bpf_test_finish+0x10/0x10
[  350.478292][ T8698]  ? convert___skb_to_skb+0x41/0x620
[  350.478313][ T8698]  ? convert_skb_to___skb+0x2d3/0x510
[  350.478339][ T8698]  bpf_prog_test_run_skb+0xff8/0x1830
[  350.478381][ T8698]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  350.478403][ T8698]  ? __fget_files+0x2a/0x410
[  350.478427][ T8698]  ? fput+0x21b/0x290
[  350.478446][ T8698]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  350.478470][ T8698]  bpf_prog_test_run+0x2e4/0x360
[  350.478493][ T8698]  __sys_bpf+0x48d/0x810
[  350.478513][ T8698]  ? __pfx___sys_bpf+0x10/0x10
[  350.478542][ T8698]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  350.478565][ T8698]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  350.478586][ T8698]  ? do_syscall_64+0x100/0x230
[  350.478611][ T8698]  __x64_sys_bpf+0x7c/0x90
[  350.478628][ T8698]  do_syscall_64+0xf3/0x230
[  350.478648][ T8698]  ? clear_bhb_loop+0x35/0x90
[  350.478672][ T8698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.478692][ T8698] RIP: 0033:0x7f2013b8cde9
[  350.478706][ T8698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.478720][ T8698] RSP: 002b:00007f2014aae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  350.478739][ T8698] RAX: ffffffffffffffda RBX: 00007f2013da5fa0 RCX: 00007f2013b8cde9
[  350.478752][ T8698] RDX: 0000000000000050 RSI: 00004000000002c0 RDI: 000000000000000a
[  350.478762][ T8698] RBP: 00007f2014aae090 R08: 0000000000000000 R09: 0000000000000000
[  350.478772][ T8698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.478781][ T8698] R13: 0000000000000000 R14: 00007f2013da5fa0 R15: 00007fff7483a518
[  350.478807][ T8698]  </TASK>
[  350.724270][ T8136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.741347][ T8136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.798486][ T8704] netlink: 8 bytes leftover after parsing attributes in process `syz.0.673'.
[  351.046397][ T8676] netlink: 'syz.5.667': attribute type 12 has an invalid length.
[  351.083336][ T8704] FAULT_INJECTION: forcing a failure.
[  351.083336][ T8704] name failslab, interval 1, probability 0, space 0, times 0
[  351.417266][ T8699] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  351.698469][ T8704] CPU: 0 UID: 0 PID: 8704 Comm: syz.0.673 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  351.698500][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  351.698510][ T8704] Call Trace:
[  351.698516][ T8704]  <TASK>
[  351.698522][ T8704]  dump_stack_lvl+0x241/0x360
[  351.698553][ T8704]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.698577][ T8704]  ? __pfx__printk+0x10/0x10
[  351.698611][ T8704]  should_fail_ex+0x40a/0x550
[  351.698635][ T8704]  should_failslab+0xac/0x100
[  351.698656][ T8704]  kmem_cache_alloc_node_noprof+0x77/0x380
[  351.698678][ T8704]  ? __alloc_skb+0x1c3/0x440
[  351.698704][ T8704]  __alloc_skb+0x1c3/0x440
[  351.698731][ T8704]  ? __pfx___alloc_skb+0x10/0x10
[  351.698756][ T8704]  ? netlink_ack_tlv_len+0x6e/0x200
[  351.698783][ T8704]  netlink_ack+0x145/0xa50
[  351.698802][ T8704]  ? preempt_schedule+0xe1/0xf0
[  351.698837][ T8704]  netlink_rcv_skb+0x262/0x430
[  351.698860][ T8704]  ? __pfx_genl_rcv_msg+0x10/0x10
[  351.698882][ T8704]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  351.698917][ T8704]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  351.698947][ T8704]  genl_rcv+0x28/0x40
[  351.698964][ T8704]  netlink_unicast+0x7f6/0x990
[  351.699002][ T8704]  ? __pfx_netlink_unicast+0x10/0x10
[  351.699021][ T8704]  ? __virt_addr_valid+0x45f/0x530
[  351.699043][ T8704]  ? __phys_addr_symbol+0x2f/0x70
[  351.699063][ T8704]  ? __check_object_size+0x47a/0x730
[  351.699087][ T8704]  netlink_sendmsg+0x8e4/0xcb0
[  351.699115][ T8704]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.699143][ T8704]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.699156][ T8704]  __sock_sendmsg+0x221/0x270
[  351.699176][ T8704]  ____sys_sendmsg+0x52a/0x7e0
[  351.699199][ T8704]  ? __pfx_____sys_sendmsg+0x10/0x10
[  351.699212][ T8704]  ? __fget_files+0x2a/0x410
[  351.699235][ T8704]  ? __fget_files+0x2a/0x410
[  351.699254][ T8704]  __sys_sendmsg+0x269/0x350
[  351.699274][ T8704]  ? __pfx___sys_sendmsg+0x10/0x10
[  351.699299][ T8704]  ? do_sys_openat2+0x17a/0x1d0
[  351.699336][ T8704]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  351.699357][ T8704]  ? do_syscall_64+0x100/0x230
[  351.699380][ T8704]  ? do_syscall_64+0xb6/0x230
[  351.699402][ T8704]  do_syscall_64+0xf3/0x230
[  351.699421][ T8704]  ? clear_bhb_loop+0x35/0x90
[  351.699445][ T8704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.699464][ T8704] RIP: 0033:0x7fe62898cde9
[  351.699478][ T8704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.699491][ T8704] RSP: 002b:00007fe62972b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  351.699509][ T8704] RAX: ffffffffffffffda RBX: 00007fe628ba5fa0 RCX: 00007fe62898cde9
[  351.699521][ T8704] RDX: 0000000000004004 RSI: 0000400000000540 RDI: 0000000000000003
[  351.699531][ T8704] RBP: 00007fe62972b090 R08: 0000000000000000 R09: 0000000000000000
[  351.699540][ T8704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.699549][ T8704] R13: 0000000000000000 R14: 00007fe628ba5fa0 R15: 00007ffe98b27e68
[  351.699572][ T8704]  </TASK>
[  352.675669][    T8] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -71
[  352.842090][    T8] cp210x 6-1:0.0: failed to get vendor val 0x000e size 678: -71
[  352.946652][    T8] cp210x 6-1:0.0: GPIO initialisation failed: -71
[  353.812731][    T8] usb 6-1: cp210x converter now attached to ttyUSB0
[  353.860427][ T8727] xt_TPROXY: Can be used only with -p tcp or -p udp
[  354.332844][    T8] usb 6-1: USB disconnect, device number 3
[  354.361796][    T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  354.415420][    T8] cp210x 6-1:0.0: device disconnected
[  354.502703][ T8738] netlink: 28 bytes leftover after parsing attributes in process `syz.3.680'.
[  354.531973][ T8738] netlink: 28 bytes leftover after parsing attributes in process `syz.3.680'.
[  357.233422][ T8792] openvswitch: netlink: IP tunnel dst address not specified
[  357.422173][ T8793] xt_TPROXY: Can be used only with -p tcp or -p udp
[  357.839577][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  359.032852][ T8810] program syz.1.701 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  359.094043][ T8810] program syz.1.701 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  359.105088][ T8810] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  359.164455][ T8810] netlink: 14 bytes leftover after parsing attributes in process `syz.1.701'.
[  360.808214][ T8836] netlink: 'syz.1.706': attribute type 8 has an invalid length.
[  361.763972][ T8849] netlink: 188 bytes leftover after parsing attributes in process `syz.0.709'.
[  361.773138][ T8849] netlink: 'syz.0.709': attribute type 1 has an invalid length.
[  361.808898][ T8849] netlink: 8 bytes leftover after parsing attributes in process `syz.0.709'.
[  362.253594][ T8848] netlink: 'syz.1.708': attribute type 4 has an invalid length.
[  364.462656][ T5870] hid-generic 0000:0003:0000.0003: item fetching failed at offset 0/2
[  364.515868][ T5870] hid-generic 0000:0003:0000.0003: probe with driver hid-generic failed with error -22
[  364.926928][ T8899] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  365.638760][ T8928] xt_TPROXY: Can be used only with -p tcp or -p udp
[  365.842762][ T8928] loop2: detected capacity change from 0 to 7
[  366.009195][ T8928] Dev loop2: unable to read RDB block 7
[  366.016573][ T8928]  loop2: unable to read partition table
[  366.023961][ T8928] loop2: partition table beyond EOD, truncated
[  366.030485][ T8928] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  367.618319][ T5870] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  367.718529][ T8948] netlink: 8 bytes leftover after parsing attributes in process `syz.3.730'.
[  367.773968][ T8948] netlink: 'syz.3.730': attribute type 1 has an invalid length.
[  367.803075][ T8948] netlink: 'syz.3.730': attribute type 2 has an invalid length.
[  367.815256][ T5870] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  367.826651][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.858547][ T5870] usb 2-1: config 0 descriptor??
[  367.870640][ T5870] cp210x 2-1:0.0: cp210x converter detected
[  368.056437][ T8957] program syz.2.732 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  368.105498][ T8957] program syz.2.732 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  368.116158][ T8957] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  368.225961][ T8957] netlink: 14 bytes leftover after parsing attributes in process `syz.2.732'.
[  368.463449][ T8942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.729'.
[  368.477868][ T8942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.729'.
[  368.763245][ T8964] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  369.033416][ T8973] netlink: 24 bytes leftover after parsing attributes in process `syz.3.736'.
[  369.073331][ T8957] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  369.113072][ T8957] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  369.180843][ T8957] bond0 (unregistering): Released all slaves
[  369.770820][ T8964] netlink: 'syz.1.729': attribute type 12 has an invalid length.
[  370.195538][ T5870] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  370.207824][ T5870] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  370.225994][ T5870] usb 2-1: cp210x converter now attached to ttyUSB0
[  370.251700][ T5870] usb 2-1: USB disconnect, device number 13
[  370.970746][ T5870] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  370.988208][ T5870] cp210x 2-1:0.0: device disconnected
[  371.791032][ T9009] netlink: 12 bytes leftover after parsing attributes in process `syz.3.744'.
[  371.853534][ T9014] netlink: 12 bytes leftover after parsing attributes in process `syz.1.745'.
[  371.876926][ T9017] FAULT_INJECTION: forcing a failure.
[  371.876926][ T9017] name failslab, interval 1, probability 0, space 0, times 0
[  371.910136][ T9017] CPU: 0 UID: 0 PID: 9017 Comm: syz.0.747 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  371.910161][ T9017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  371.910172][ T9017] Call Trace:
[  371.910178][ T9017]  <TASK>
[  371.910192][ T9017]  dump_stack_lvl+0x241/0x360
[  371.910223][ T9017]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.910245][ T9017]  ? __pfx__printk+0x10/0x10
[  371.910267][ T9017]  ? __kmalloc_cache_noprof+0x48/0x390
[  371.910287][ T9017]  ? __pfx___might_resched+0x10/0x10
[  371.910301][ T9017]  ? arch_stack_walk+0xfd/0x150
[  371.910325][ T9017]  should_fail_ex+0x40a/0x550
[  371.910345][ T9017]  should_failslab+0xac/0x100
[  371.910378][ T9017]  __kmalloc_cache_noprof+0x70/0x390
[  371.910396][ T9017]  ? rtnl_newlink+0x12e/0x2210
[  371.910424][ T9017]  rtnl_newlink+0x12e/0x2210
[  371.910448][ T9017]  ? kasan_save_track+0x51/0x80
[  371.910464][ T9017]  ? kasan_save_free_info+0x40/0x50
[  371.910483][ T9017]  ? __kasan_slab_free+0x59/0x70
[  371.910498][ T9017]  ? kmem_cache_free+0x195/0x410
[  371.910522][ T9017]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.910543][ T9017]  ? __netlink_deliver_tap+0x56b/0x7f0
[  371.910559][ T9017]  ? __pfx_validate_chain+0x10/0x10
[  371.910580][ T9017]  ? __sock_sendmsg+0x221/0x270
[  371.910598][ T9017]  ? ____sys_sendmsg+0x52a/0x7e0
[  371.910612][ T9017]  ? __sys_sendmsg+0x269/0x350
[  371.910625][ T9017]  ? do_syscall_64+0xf3/0x230
[  371.910646][ T9017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.910684][ T9017]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  371.910706][ T9017]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  371.910740][ T9017]  ? mark_lock+0x9a/0x360
[  371.910764][ T9017]  ? __lock_acquire+0x1397/0x2100
[  371.910808][ T9017]  ? rcu_read_unlock+0x87/0xa0
[  371.910825][ T9017]  ? __pfx_lock_release+0x10/0x10
[  371.910845][ T9017]  ? cap_capable+0x139/0x450
[  371.910875][ T9017]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.910895][ T9017]  rtnetlink_rcv_msg+0x791/0xcf0
[  371.910912][ T9017]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  371.910934][ T9017]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  371.910959][ T9017]  ? ref_tracker_free+0x643/0x7e0
[  371.910985][ T9017]  netlink_rcv_skb+0x1e3/0x430
[  371.911009][ T9017]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  371.911029][ T9017]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  371.911076][ T9017]  ? netlink_deliver_tap+0x2e/0x1b0
[  371.911094][ T9017]  netlink_unicast+0x7f6/0x990
[  371.911123][ T9017]  ? __pfx_netlink_unicast+0x10/0x10
[  371.911140][ T9017]  ? __virt_addr_valid+0x45f/0x530
[  371.911162][ T9017]  ? __phys_addr_symbol+0x2f/0x70
[  371.911181][ T9017]  ? __check_object_size+0x47a/0x730
[  371.911205][ T9017]  netlink_sendmsg+0x8e4/0xcb0
[  371.911231][ T9017]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.911258][ T9017]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.911273][ T9017]  __sock_sendmsg+0x221/0x270
[  371.911295][ T9017]  ____sys_sendmsg+0x52a/0x7e0
[  371.911319][ T9017]  ? __pfx_____sys_sendmsg+0x10/0x10
[  371.911333][ T9017]  ? __fget_files+0x2a/0x410
[  371.911362][ T9017]  ? __fget_files+0x2a/0x410
[  371.911389][ T9017]  __sys_sendmsg+0x269/0x350
[  371.911410][ T9017]  ? __pfx___sys_sendmsg+0x10/0x10
[  371.911435][ T9017]  ? do_sys_openat2+0x17a/0x1d0
[  371.911479][ T9017]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  371.911500][ T9017]  ? do_syscall_64+0x100/0x230
[  371.911522][ T9017]  ? do_syscall_64+0xb6/0x230
[  371.911545][ T9017]  do_syscall_64+0xf3/0x230
[  371.911565][ T9017]  ? clear_bhb_loop+0x35/0x90
[  371.911588][ T9017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.911608][ T9017] RIP: 0033:0x7fe62898cde9
[  371.911624][ T9017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.911637][ T9017] RSP: 002b:00007fe62972b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.911656][ T9017] RAX: ffffffffffffffda RBX: 00007fe628ba5fa0 RCX: 00007fe62898cde9
[  371.911668][ T9017] RDX: 0000000004000000 RSI: 0000400000000280 RDI: 0000000000000003
[  371.911678][ T9017] RBP: 00007fe62972b090 R08: 0000000000000000 R09: 0000000000000000
[  371.911689][ T9017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.911698][ T9017] R13: 0000000000000000 R14: 00007fe628ba5fa0 R15: 00007ffe98b27e68
[  371.911723][ T9017]  </TASK>
[  372.973204][ T9039] tipc: Started in network mode
[  373.038808][ T9039] tipc: Node identity 7f000001, cluster identity 4711
[  373.104156][ T9039] tipc: Enabled bearer <udp:syz2>, priority 10
[  373.357934][ T9039] netlink: 16 bytes leftover after parsing attributes in process `syz.5.746'.
[  374.100500][ T7509] tipc: Node number set to 2130706433
[  375.457681][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.755'.
[  375.490973][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.755'.
[  375.548450][ T9068] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  375.658116][ T9073] netlink: 'syz.3.755': attribute type 12 has an invalid length.
[  376.800708][ T9087] sock: sock_timestamping_bind_phc: sock not bind to device
[  378.027661][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  378.116728][ T9097] fuse: Unknown parameter 'f��BN���������X'
[  379.456560][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  379.479091][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  379.829213][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  379.881357][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  379.918731][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  380.143257][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  380.208237][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  380.341059][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  381.266816][ T9131] uprobe: syz.1.768:9131 failed to unregister, leaking uprobe
[  381.313888][ T9130] tty tty22: ldisc open failed (-12), clearing slot 21
[  382.333443][ T9153] netlink: 28 bytes leftover after parsing attributes in process `syz.3.771'.
[  382.395039][ T9153] netlink: 28 bytes leftover after parsing attributes in process `syz.3.771'.
[  382.407989][   T58] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  382.716240][ T9162] sock: sock_timestamping_bind_phc: sock not bind to device
[  383.068872][   T58] usb 3-1: Using ep0 maxpacket: 32
[  383.492877][   T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  383.648404][   T58] usb 3-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[  383.673964][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.755776][   T58] usb 3-1: config 0 descriptor??
[  386.355259][   T58] logitech 0003:046D:C626.0004: unknown main item tag 0x0
[  386.378866][   T58] logitech 0003:046D:C626.0004: unknown main item tag 0x0
[  386.396998][   T58] logitech 0003:046D:C626.0004: unknown main item tag 0x0
[  386.407120][   T58] logitech 0003:046D:C626.0004: unknown main item tag 0x0
[  386.429280][   T58] logitech 0003:046D:C626.0004: unknown main item tag 0x0
[  386.440078][   T58] logitech 0003:046D:C626.0004: unknown main item tag 0x0
[  386.451665][   T58] logitech 0003:046D:C626.0004: hidraw0: USB HID v0.03 Device [HID 046d:c626] on usb-dummy_hcd.2-1/input0
[  387.348105][ T5873] usb 3-1: USB disconnect, device number 17
[  388.775179][ T5821] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  388.862457][    T8] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  389.339445][    T8] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  389.367913][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.534548][    T8] usb 2-1: config 0 descriptor??
[  389.570074][    T8] cp210x 2-1:0.0: cp210x converter detected
[  389.783600][ T9186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.779'.
[  389.828063][ T9186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.779'.
[  389.923091][ T9210] sock: sock_timestamping_bind_phc: sock not bind to device
[  390.448164][ T9186] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  390.531982][ T9186] netlink: 'syz.1.779': attribute type 12 has an invalid length.
[  390.800399][    T8] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  390.870856][    T8] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  390.972109][    T8] usb 2-1: cp210x converter now attached to ttyUSB0
[  391.762856][    T8] usb 2-1: USB disconnect, device number 14
[  391.963783][    T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  392.908496][    T8] cp210x 2-1:0.0: device disconnected
[  394.057078][ T9233] CIFS: iocharset name too long
[  394.465905][ T9246] sock: sock_timestamping_bind_phc: sock not bind to device
[  395.147788][ T5870] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  395.645176][ T5870] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  395.722853][ T5870] usb 3-1: config 0 interface 0 has no altsetting 0
[  395.767902][ T5870] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  395.787854][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.796824][ T5870] usb 3-1: Product: syz
[  395.832800][ T9254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.802'.
[  395.847736][ T5870] usb 3-1: Manufacturer: syz
[  395.852706][ T5870] usb 3-1: SerialNumber: syz
[  395.876987][ T5870] usb 3-1: config 0 descriptor??
[  395.882321][ T9254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.802'.
[  395.907287][ T5870] usb 3-1: selecting invalid altsetting 0
[  395.965467][ T9254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  396.032777][ T9254] netlink: 'syz.3.802': attribute type 12 has an invalid length.
[  396.181295][ T9264] netlink: 188 bytes leftover after parsing attributes in process `syz.0.804'.
[  396.190804][ T9264] netlink: 'syz.0.804': attribute type 1 has an invalid length.
[  396.217074][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.0.804'.
[  396.627178][ T5870] usb 3-1: USB disconnect, device number 18
[  397.263031][ T9271] netlink: 232 bytes leftover after parsing attributes in process `syz.2.806'.
[  397.848532][ T5953] udevd[5953]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  397.881178][ T9271] macvtap1: entered promiscuous mode
[  397.912089][ T9271] vlan0: entered promiscuous mode
[  397.970373][ T9271] team0: Device macvtap1 failed to register rx_handler
[  398.023305][ T9271] vlan0: left promiscuous mode
[  398.277488][ T9290] netlink: 'syz.3.813': attribute type 10 has an invalid length.
[  398.350339][ T9293] tls_set_device_offload_rx: netdev not found
[  401.947609][ T9334] netlink: 56 bytes leftover after parsing attributes in process `syz.0.827'.
[  401.962505][ T9334] sctp: [Deprecated]: syz.0.827 (pid 9334) Use of int in max_burst socket option.
[  401.962505][ T9334] Use struct sctp_assoc_value instead
[  403.245452][ T9342] netlink: 16 bytes leftover after parsing attributes in process `syz.0.828'.
[  404.381796][ T9360] SET target dimension over the limit!
[  404.392226][ T9360] fuse: Bad value for 'group_id'
[  404.397395][ T9360] fuse: Bad value for 'group_id'
[  406.081377][ T9380] x_tables: duplicate underflow at hook 1
[  407.833885][ T9391] netlink: 'syz.0.847': attribute type 3 has an invalid length.
[  407.927796][ T9391] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.847'.
[  411.337530][ T9416] x_tables: duplicate underflow at hook 1
[  412.272637][ T9423] xt_TPROXY: Can be used only with -p tcp or -p udp
[  414.408460][ T9438] netlink: 'syz.1.861': attribute type 3 has an invalid length.
[  414.417075][ T9438] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.861'.
[  414.683042][ T9444] netlink: 72 bytes leftover after parsing attributes in process `syz.2.863'.
[  415.776480][ T9450] syz.1.865: attempt to access beyond end of device
[  415.776480][ T9450] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  415.829790][ T9450] syz.1.865: attempt to access beyond end of device
[  415.829790][ T9450] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  416.053910][ T9450] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  416.588286][ T9450] syz.1.865: attempt to access beyond end of device
[  416.588286][ T9450] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  416.673957][ T9450] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  416.719852][ T9450] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  416.754059][ T9450] UDF-fs: Scanning with blocksize 1024 failed
[  416.777354][ T9450] syz.1.865: attempt to access beyond end of device
[  416.777354][ T9450] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[  416.792348][ T9450] syz.1.865: attempt to access beyond end of device
[  416.792348][ T9450] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  416.812421][ T9450] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  416.833008][ T9450] syz.1.865: attempt to access beyond end of device
[  416.833008][ T9450] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  416.859872][ T9450] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  416.869680][ T9450] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  416.877452][ T9450] UDF-fs: Scanning with blocksize 2048 failed
[  416.885773][ T9450] syz.1.865: attempt to access beyond end of device
[  416.885773][ T9450] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  416.900433][ T9450] syz.1.865: attempt to access beyond end of device
[  416.900433][ T9450] nbd1: rw=0, sector=2048, nr_sectors = 8 limit=0
[  416.915521][ T9450] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  416.925957][ T9450] syz.1.865: attempt to access beyond end of device
[  416.925957][ T9450] nbd1: rw=0, sector=4096, nr_sectors = 8 limit=0
[  416.947401][ T9450] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  416.957831][ T9450] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  416.965426][ T9450] UDF-fs: Scanning with blocksize 4096 failed
[  416.973490][ T9450] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  417.235634][ T5869] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  418.091241][ T5869] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  418.100777][ T5869] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.128840][ T5869] usb 6-1: Product: syz
[  418.133278][ T5869] usb 6-1: Manufacturer: syz
[  418.154226][ T5869] usb 6-1: SerialNumber: syz
[  418.186702][ T5869] usb 6-1: config 0 descriptor??
[  418.219457][ T5869] ch341 6-1:0.0: ch341-uart converter detected
[  418.422709][ T5869] usb 6-1: failed to receive control message: -32
[  418.459701][ T5869] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -32
[  418.472722][ T9464] overlayfs: missing 'workdir'
[  418.540450][ T9484] netlink: 20 bytes leftover after parsing attributes in process `syz.5.869'.
[  418.639419][ T5869] usb 6-1: USB disconnect, device number 4
[  418.666187][ T9488] netlink: 24 bytes leftover after parsing attributes in process `syz.3.878'.
[  418.676096][ T5869] ch341 6-1:0.0: device disconnected
[  418.847544][ T9490] netlink: 'syz.2.876': attribute type 3 has an invalid length.
[  418.855323][ T9490] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.876'.
[  420.124256][ T9507] netlink: 28 bytes leftover after parsing attributes in process `syz.2.883'.
[  420.134597][ T9507] netlink: 28 bytes leftover after parsing attributes in process `syz.2.883'.
[  420.377977][ T5924] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  420.537880][ T5924] usb 2-1: Using ep0 maxpacket: 8
[  420.673586][ T5924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[  420.686652][ T5924] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  420.768945][ T9525] trusted_key: encrypted_key: insufficient parameters specified
[  421.537407][ T5924] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=a0.85
[  421.567153][ T5924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.605251][ T5924] usb 2-1: Product: syz
[  421.621243][ T5924] usb 2-1: Manufacturer: syz
[  421.626019][ T5924] usb 2-1: SerialNumber: syz
[  421.659005][ T9529] netlink: 'syz.3.892': attribute type 21 has an invalid length.
[  421.659780][ T5924] usb 2-1: config 0 descriptor??
[  421.666922][ T9529] netlink: 128 bytes leftover after parsing attributes in process `syz.3.892'.
[  421.667031][ T9529] netlink: 'syz.3.892': attribute type 5 has an invalid length.
[  421.690248][ T5924] usbtest 2-1:0.0: Linux gadget zero
[  421.690273][ T5924] usbtest 2-1:0.0: high-speed {control in/out iso-out} tests (+alt)
[  421.718221][ T9529] netlink: 'syz.3.892': attribute type 6 has an invalid length.
[  421.734958][ T9529] netlink: 3 bytes leftover after parsing attributes in process `syz.3.892'.
[  421.747632][ T9532] netlink: 'syz.2.893': attribute type 3 has an invalid length.
[  421.755945][ T9532] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.893'.
[  421.902079][ T5924] usb 2-1: USB disconnect, device number 15
[  422.043626][ T5828] Bluetooth: hci3: command 0x0405 tx timeout
[  422.257915][ T9539] overlayfs: failed to clone upperpath
[  422.351200][ T9540] overlayfs: failed to clone upperpath
[  423.740835][ T9557] netlink: 28 bytes leftover after parsing attributes in process `syz.1.903'.
[  423.750950][ T9557] netlink: 28 bytes leftover after parsing attributes in process `syz.1.903'.
[  423.908026][ T5826] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  424.123891][ T5826] usb 3-1: config 253 has an invalid interface number: 71 but max is 1
[  424.136641][ T5826] usb 3-1: config 253 has an invalid interface number: 176 but max is 1
[  424.148297][ T5826] usb 3-1: config 253 has no interface number 0
[  424.154612][ T5826] usb 3-1: config 253 has no interface number 1
[  424.161720][ T5826] usb 3-1: config 253 interface 71 has no altsetting 0
[  424.172195][ T5826] usb 3-1: config 253 interface 176 has no altsetting 0
[  424.182613][ T5826] usb 3-1: New USB device found, idVendor=0b62, idProduct=0059, bcdDevice=fb.79
[  424.202512][ T5826] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.235803][ T9563] netlink: 'syz.5.905': attribute type 3 has an invalid length.
[  424.243588][ T9563] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.905'.
[  424.467545][ T9555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.485512][ T9555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.752842][ T9574] program syz.5.908 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  424.853257][ T9574] program syz.5.908 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  424.868356][ T9574] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  425.198816][ T9569] netlink: 14 bytes leftover after parsing attributes in process `syz.5.908'.
[  425.417936][ T5826] usb 3-1: string descriptor 0 read error: -71
[  425.536650][ T5826] usb 3-1: USB disconnect, device number 19
[  425.576302][ T9569] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  425.599132][ T9569] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  425.608993][ T9569] bond0 (unregistering): Released all slaves
[  426.744075][ T9599] FAULT_INJECTION: forcing a failure.
[  426.744075][ T9599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.757496][ T9599] CPU: 1 UID: 0 PID: 9599 Comm: syz.5.915 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  426.757519][ T9599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  426.757530][ T9599] Call Trace:
[  426.757536][ T9599]  <TASK>
[  426.757543][ T9599]  dump_stack_lvl+0x241/0x360
[  426.757575][ T9599]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.757599][ T9599]  ? __pfx__printk+0x10/0x10
[  426.757624][ T9599]  ? __pfx_lock_release+0x10/0x10
[  426.757651][ T9599]  should_fail_ex+0x40a/0x550
[  426.757677][ T9599]  _copy_from_user+0x2d/0xb0
[  426.757694][ T9599]  move_addr_to_kernel+0x82/0x150
[  426.757713][ T9599]  __sys_sendto+0x268/0x4c0
[  426.757737][ T9599]  ? __pfx___sys_sendto+0x10/0x10
[  426.757765][ T9599]  ? __fget_files+0x2a/0x410
[  426.757796][ T9599]  ? __secure_computing+0x125/0x370
[  426.757820][ T9599]  __x64_sys_sendto+0xde/0x100
[  426.757842][ T9599]  do_syscall_64+0xf3/0x230
[  426.757862][ T9599]  ? clear_bhb_loop+0x35/0x90
[  426.757885][ T9599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.757903][ T9599] RIP: 0033:0x7f7c3918cde9
[  426.757918][ T9599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.757930][ T9599] RSP: 002b:00007f7c39f96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  426.757949][ T9599] RAX: ffffffffffffffda RBX: 00007f7c393a6160 RCX: 00007f7c3918cde9
[  426.757968][ T9599] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: 000000000000000c
[  426.757979][ T9599] RBP: 00007f7c39f96090 R08: 0000400000000000 R09: 000000000000001c
[  426.757990][ T9599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  426.758000][ T9599] R13: 0000000000000000 R14: 00007f7c393a6160 R15: 00007ffdf444fe38
[  426.758026][ T9599]  </TASK>
[  427.218141][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  427.218328][   T29] audit: type=1326 audit(1739274004.197:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9588 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf518cde9 code=0x7fc00000
[  428.344116][ T9611] netlink: 'syz.5.919': attribute type 3 has an invalid length.
[  428.352100][ T9611] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.919'.
[  428.881030][ T9627] program syz.2.924 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  428.891395][   T58] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  428.957904][ T9626] program syz.2.924 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  428.980001][ T9626] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  429.135419][   T58] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  429.142896][ T9626] netlink: 14 bytes leftover after parsing attributes in process `syz.2.924'.
[  429.183910][   T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.288386][   T58] usb 6-1: config 0 descriptor??
[  429.358105][   T58] cp210x 6-1:0.0: cp210x converter detected
[  429.582419][ T9621] netlink: 8 bytes leftover after parsing attributes in process `syz.5.922'.
[  429.809104][ T9621] netlink: 8 bytes leftover after parsing attributes in process `syz.5.922'.
[  431.184868][ T9621] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  431.417505][ T9621] netlink: 'syz.5.922': attribute type 12 has an invalid length.
[  431.666831][   T58] cp210x 6-1:0.0: failed to get vendor val 0x000e size 678: -71
[  431.674858][   T58] cp210x 6-1:0.0: GPIO initialisation failed: -71
[  431.704851][   T58] usb 6-1: cp210x converter now attached to ttyUSB0
[  431.739785][   T58] usb 6-1: USB disconnect, device number 5
[  431.756631][   T58] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  431.765104][ T9647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.931'.
[  431.775729][   T58] cp210x 6-1:0.0: device disconnected
[  432.601780][ T9650] netlink: 'syz.2.932': attribute type 3 has an invalid length.
[  432.610311][ T9650] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.932'.
[  433.074433][ T9658] x_tables: duplicate underflow at hook 1
[  434.055736][ T9670] FAULT_INJECTION: forcing a failure.
[  434.055736][ T9670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.069166][ T9670] CPU: 1 UID: 0 PID: 9670 Comm: syz.2.939 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  434.069189][ T9670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  434.069199][ T9670] Call Trace:
[  434.069205][ T9670]  <TASK>
[  434.069212][ T9670]  dump_stack_lvl+0x241/0x360
[  434.069244][ T9670]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.069267][ T9670]  ? __pfx__printk+0x10/0x10
[  434.069296][ T9670]  ? snprintf+0xda/0x120
[  434.069316][ T9670]  should_fail_ex+0x40a/0x550
[  434.069340][ T9670]  _copy_to_user+0x31/0xb0
[  434.069359][ T9670]  simple_read_from_buffer+0xca/0x150
[  434.069382][ T9670]  proc_fail_nth_read+0x1e9/0x250
[  434.069412][ T9670]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  434.069434][ T9670]  ? rw_verify_area+0x243/0x630
[  434.069457][ T9670]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  434.069477][ T9670]  vfs_read+0x1f8/0xb40
[  434.069501][ T9670]  ? fdget_pos+0x254/0x320
[  434.069522][ T9670]  ? __pfx___mutex_lock+0x10/0x10
[  434.069544][ T9670]  ? __pfx_vfs_read+0x10/0x10
[  434.069570][ T9670]  ? __fget_files+0x2a/0x410
[  434.069592][ T9670]  ? __fget_files+0x395/0x410
[  434.069610][ T9670]  ? __fget_files+0x2a/0x410
[  434.069638][ T9670]  ksys_read+0x18f/0x2b0
[  434.069655][ T9670]  ? __pfx_ksys_read+0x10/0x10
[  434.069671][ T9670]  ? do_syscall_64+0x100/0x230
[  434.069693][ T9670]  ? do_syscall_64+0xb6/0x230
[  434.069716][ T9670]  do_syscall_64+0xf3/0x230
[  434.069736][ T9670]  ? clear_bhb_loop+0x35/0x90
[  434.069760][ T9670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.069780][ T9670] RIP: 0033:0x7fddf518b7fc
[  434.069795][ T9670] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  434.069808][ T9670] RSP: 002b:00007fddf6017030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  434.069827][ T9670] RAX: ffffffffffffffda RBX: 00007fddf53a6080 RCX: 00007fddf518b7fc
[  434.069839][ T9670] RDX: 000000000000000f RSI: 00007fddf60170a0 RDI: 000000000000000a
[  434.069849][ T9670] RBP: 00007fddf6017090 R08: 0000000000000000 R09: 0000000000000000
[  434.069860][ T9670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.069869][ T9670] R13: 0000000000000000 R14: 00007fddf53a6080 R15: 00007ffc290a8fc8
[  434.069895][ T9670]  </TASK>
[  434.307064][ T5870] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  434.547857][ T5870] usb 6-1: device descriptor read/64, error -71
[  434.947965][ T9647] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  435.907037][ T5870] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  435.926661][ T9647] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  436.047817][ T5870] usb 6-1: device descriptor read/64, error -71
[  436.572338][ T5870] usb usb6-port1: attempt power cycle
[  436.643707][ T9677] netlink: 20 bytes leftover after parsing attributes in process `syz.3.940'.
[  436.657537][ T9677] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.667423][ T9677] bridge0: port 1(bridge_slave_0) entered disabled state
[  436.694837][ T9677] lo speed is unknown, defaulting to 1000
[  436.701897][ T9677] lo speed is unknown, defaulting to 1000
[  436.712022][ T9677] lo speed is unknown, defaulting to 1000
[  436.728753][ T9677] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  436.745046][ T9677] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  436.802691][ T9647] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  436.804257][ T9677] lo speed is unknown, defaulting to 1000
[  436.823241][ T9677] lo speed is unknown, defaulting to 1000
[  436.830416][ T9677] lo speed is unknown, defaulting to 1000
[  436.838513][ T9677] lo speed is unknown, defaulting to 1000
[  436.849675][ T9677] lo speed is unknown, defaulting to 1000
[  436.858996][ T5826] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  437.031868][ T5826] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  437.075776][ T5826] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  437.110362][ T5826] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.153497][ T5826] usb 3-1: Product: syz
[  437.174100][ T5826] usb 3-1: Manufacturer: syz
[  437.406285][ T5870] usb usb6-port1: Cannot enable. Maybe the USB cable is bad?
[  437.427804][ T5826] usb 3-1: SerialNumber: syz
[  437.529750][ T9692] x_tables: duplicate underflow at hook 1
[  437.558002][ T5870] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  437.684227][ T5870] usb 6-1: Using ep0 maxpacket: 16
[  437.829547][ T5870] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.197953][ T5870] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.215537][ T5870] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  438.231763][ T5870] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  438.242808][ T5870] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.358444][ T5826] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  438.366246][ T5870] usb 6-1: config 0 descriptor??
[  438.375620][ T5826] cdc_ncm 3-1:1.0: bind() failure
[  438.390860][ T5826] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  438.398467][ T5826] cdc_ncm 3-1:1.1: bind() failure
[  439.312583][ T5870] microsoft 0003:045E:07DA.0005: report is too long
[  439.340149][ T9698] netlink: 'syz.3.947': attribute type 3 has an invalid length.
[  439.348323][ T9698] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.947'.
[  439.403936][ T5870] microsoft 0003:045E:07DA.0005: item 0 4 0 8 parsing failed
[  439.423999][ T5870] microsoft 0003:045E:07DA.0005: parse failed
[  439.441276][ T5870] microsoft 0003:045E:07DA.0005: probe with driver microsoft failed with error -22
[  439.535436][ T5870] usb 6-1: USB disconnect, device number 9
[  440.441145][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  440.467297][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  440.876640][ T5870] usb 3-1: USB disconnect, device number 20
[  441.860460][ T9723] netlink: 1 bytes leftover after parsing attributes in process `syz.5.952'.
[  442.784539][ T9722] netlink: 268 bytes leftover after parsing attributes in process `syz.5.952'.
[  443.168003][ T9727] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  443.568201][ T9711] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  444.434802][ T9743] x_tables: duplicate underflow at hook 1
[  445.084689][ T9741] netlink: 8 bytes leftover after parsing attributes in process `syz.3.958'.
[  446.541827][ T9754] netlink: 'syz.5.960': attribute type 3 has an invalid length.
[  446.550252][ T9754] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.960'.
[  448.088320][ T9752] netlink: 20 bytes leftover after parsing attributes in process `syz.1.962'.
[  448.416624][ T9766] netlink: 20 bytes leftover after parsing attributes in process `syz.2.965'.
[  449.106672][ T9776] tmpfs: Unknown parameter 'usrquotaJ�f���1Ms����p��r
'
[  449.115978][ T9776] overlayfs: failed to clone upperpath
[  449.367740][ T9783] netlink: 16 bytes leftover after parsing attributes in process `syz.0.970'.
[  449.507481][ T9788] netlink: 16 bytes leftover after parsing attributes in process `syz.0.970'.
[  449.815968][ T9791] x_tables: duplicate underflow at hook 1
[  450.924354][ T9796] FAULT_INJECTION: forcing a failure.
[  450.924354][ T9796] name failslab, interval 1, probability 0, space 0, times 0
[  450.985335][ T9796] CPU: 0 UID: 0 PID: 9796 Comm: syz.0.974 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  450.985360][ T9796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  450.985370][ T9796] Call Trace:
[  450.985376][ T9796]  <TASK>
[  450.985383][ T9796]  dump_stack_lvl+0x241/0x360
[  450.985415][ T9796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.985439][ T9796]  ? __pfx__printk+0x10/0x10
[  450.985467][ T9796]  ? ref_tracker_alloc+0x332/0x490
[  450.985490][ T9796]  should_fail_ex+0x40a/0x550
[  450.985512][ T9796]  should_failslab+0xac/0x100
[  450.985534][ T9796]  ? skb_clone+0x20c/0x390
[  450.985550][ T9796]  kmem_cache_alloc_noprof+0x70/0x380
[  450.985575][ T9796]  skb_clone+0x20c/0x390
[  450.985595][ T9796]  __netlink_deliver_tap+0x3cc/0x7f0
[  450.985623][ T9796]  ? netlink_deliver_tap+0x2e/0x1b0
[  450.985638][ T9796]  netlink_deliver_tap+0x19d/0x1b0
[  450.985655][ T9796]  netlink_sendskb+0x68/0x140
[  450.985679][ T9796]  netlink_unicast+0x39d/0x990
[  450.985708][ T9796]  ? __pfx_netlink_unicast+0x10/0x10
[  450.985739][ T9796]  netlink_rcv_skb+0x262/0x430
[  450.985764][ T9796]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  450.985785][ T9796]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  450.985822][ T9796]  ? safesetid_security_capable+0xb2/0x1d0
[  450.985845][ T9796]  ? bpf_lsm_capable+0x9/0x10
[  450.985862][ T9796]  ? security_capable+0x7e/0x2d0
[  450.985884][ T9796]  nfnetlink_rcv+0x297/0x2ab0
[  450.985908][ T9796]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  450.985938][ T9796]  ? __dev_queue_xmit+0x2f4/0x3f50
[  450.985957][ T9796]  ? __dev_queue_xmit+0x1775/0x3f50
[  450.985973][ T9796]  ? kasan_save_track+0x51/0x80
[  450.985994][ T9796]  ? ____sys_sendmsg+0x52a/0x7e0
[  450.986013][ T9796]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  450.986032][ T9796]  ? __dev_queue_xmit+0x2f4/0x3f50
[  450.986053][ T9796]  ? __pfx___dev_queue_xmit+0x10/0x10
[  450.986092][ T9796]  ? ref_tracker_free+0x643/0x7e0
[  450.986113][ T9796]  ? __asan_memcpy+0x40/0x70
[  450.986135][ T9796]  ? __pfx_ref_tracker_free+0x10/0x10
[  450.986168][ T9796]  ? netlink_deliver_tap+0x2e/0x1b0
[  450.986183][ T9796]  ? skb_clone+0x240/0x390
[  450.986199][ T9796]  ? __pfx_lock_release+0x10/0x10
[  450.986219][ T9796]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  450.986245][ T9796]  ? netlink_deliver_tap+0x2e/0x1b0
[  450.986264][ T9796]  netlink_unicast+0x7f6/0x990
[  450.986294][ T9796]  ? __pfx_netlink_unicast+0x10/0x10
[  450.986314][ T9796]  ? __virt_addr_valid+0x45f/0x530
[  450.986335][ T9796]  ? __phys_addr_symbol+0x2f/0x70
[  450.986355][ T9796]  ? __check_object_size+0x47a/0x730
[  450.986379][ T9796]  netlink_sendmsg+0x8e4/0xcb0
[  450.986407][ T9796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  450.986434][ T9796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  450.986449][ T9796]  __sock_sendmsg+0x221/0x270
[  450.986472][ T9796]  ____sys_sendmsg+0x52a/0x7e0
[  450.986496][ T9796]  ? __pfx_____sys_sendmsg+0x10/0x10
[  450.986511][ T9796]  ? __fget_files+0x2a/0x410
[  450.986534][ T9796]  ? __fget_files+0x2a/0x410
[  450.986562][ T9796]  __sys_sendmsg+0x269/0x350
[  450.986583][ T9796]  ? __pfx___sys_sendmsg+0x10/0x10
[  450.986609][ T9796]  ? do_sys_openat2+0x17a/0x1d0
[  450.986653][ T9796]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  450.986675][ T9796]  ? do_syscall_64+0x100/0x230
[  450.986699][ T9796]  ? do_syscall_64+0xb6/0x230
[  450.986722][ T9796]  do_syscall_64+0xf3/0x230
[  450.986743][ T9796]  ? clear_bhb_loop+0x35/0x90
[  450.986767][ T9796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.986787][ T9796] RIP: 0033:0x7fe62898cde9
[  450.986803][ T9796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.986816][ T9796] RSP: 002b:00007fe62972b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  450.986835][ T9796] RAX: ffffffffffffffda RBX: 00007fe628ba5fa0 RCX: 00007fe62898cde9
[  450.986847][ T9796] RDX: 0000000000004800 RSI: 0000400000000300 RDI: 0000000000000003
[  450.986857][ T9796] RBP: 00007fe62972b090 R08: 0000000000000000 R09: 0000000000000000
[  450.986867][ T9796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.986877][ T9796] R13: 0000000000000000 R14: 00007fe628ba5fa0 R15: 00007ffe98b27e68
[  450.986902][ T9796]  </TASK>
[  452.693996][ T9797] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  452.764863][ T9794] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  454.257450][ T9823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[  454.308831][ T9823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[  455.298611][ T5821] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  455.977570][ T9853] x_tables: duplicate underflow at hook 1
[  456.609648][ T9851] ax25_connect(): syz.2.986 uses autobind, please contact jreuter@yaina.de
[  456.904793][ T9864] netlink: 10 bytes leftover after parsing attributes in process `syz.1.989'.
[  459.949634][ T5869] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  461.079170][ T9882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.995'.
[  461.144230][ T9886] netlink: 'syz.5.994': attribute type 3 has an invalid length.
[  461.152317][ T9886] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.994'.
[  461.394080][ T9888] bridge2: entered promiscuous mode
[  462.069117][ T9895] sp0: Synchronizing with TNC
[  462.149410][ T9901] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  462.161613][ T5821] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  462.323099][ T9908] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1000'.
[  464.966072][ T9928] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1006'.
[  465.126798][ T9928] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1006'.
[  465.348945][ T9938] netlink: 'syz.3.1010': attribute type 3 has an invalid length.
[  465.356731][ T9938] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1010'.
[  466.037309][ T9949] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1012'.
[  467.839317][ T9972] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1020'.
[  468.866722][ T9983] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1021'.
[  468.900400][ T9983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1021'.
[  468.962742][ T9986] sock: sock_timestamping_bind_phc: sock not bind to device
[  469.787741][ T9992] netlink: 'syz.0.1025': attribute type 3 has an invalid length.
[  469.796538][ T9992] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1025'.
[  470.201739][ T9989] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1024'.
[  470.353048][ T9998] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1028'.
[  470.390153][ T9998] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1028'.
[  471.531230][ T5924] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  471.901015][ T5924] usb 3-1: Using ep0 maxpacket: 8
[  471.923047][ T5924] usb 3-1: config 0 has an invalid interface number: 150 but max is 0
[  471.995991][ T5924] usb 3-1: config 0 has an invalid interface number: 112 but max is 0
[  472.034806][ T5924] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  472.045169][ T5924] usb 3-1: config 0 has 3 interfaces, different from the descriptor's value: 1
[  472.054958][ T5924] usb 3-1: config 0 has no interface number 0
[  472.062930][ T5924] usb 3-1: config 0 has no interface number 1
[  472.070853][ T5924] usb 3-1: config 0 has no interface number 2
[  472.078583][ T5924] usb 3-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  472.152652][ T5924] usb 3-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30
[  472.211943][ T5924] usb 3-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104
[  472.246570][ T5924] usb 3-1: config 0 interface 150 has no altsetting 0
[  472.253721][ T5924] usb 3-1: config 0 interface 112 has no altsetting 0
[  472.261050][ T5924] usb 3-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  472.433465][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.449933][ T5924] usb 3-1: config 0 descriptor??
[  472.538809][T10031] sock: sock_timestamping_bind_phc: sock not bind to device
[  474.432280][ T5924] usb 3-1: string descriptor 0 read error: -71
[  474.517361][ T5924] usb 3-1: USB disconnect, device number 21
[  475.442010][T10057] trusted_key: encrypted_key: insufficient parameters specified
[  475.642896][ T5838] udevd[5838]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.150/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  477.004812][ T5821] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  477.706784][T10075] sock: sock_timestamping_bind_phc: sock not bind to device
[  478.482393][T10079] 9pnet_fd: Insufficient options for proto=fd
[  479.018329][T10084] 9pnet_fd: Insufficient options for proto=fd
[  480.419451][T10104] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1057'.
[  480.732310][T10109] trusted_key: encrypted_key: insufficient parameters specified
[  482.151625][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  482.527773][    T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  482.549253][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.577341][    T9] usb 2-1: config 0 descriptor??
[  482.691381][    T9] cp210x 2-1:0.0: cp210x converter detected
[  483.563377][T10120] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1062'.
[  483.599720][T10120] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1062'.
[  483.655831][T10135] mmap: syz.3.1064 (10135) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  484.250896][T10120] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  484.264314][T10120] netlink: 'syz.1.1062': attribute type 12 has an invalid length.
[  484.518951][    T9] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  484.529938][    T9] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  484.542579][    T9] usb 2-1: cp210x converter now attached to ttyUSB0
[  484.556969][T10146] xt_TPROXY: Can be used only with -p tcp or -p udp
[  485.304557][    T9] usb 2-1: USB disconnect, device number 17
[  485.377297][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  485.408376][    T9] cp210x 2-1:0.0: device disconnected
[  485.665789][T10155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1071'.
[  485.685835][T10155] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1071'.
[  485.703228][T10156] gre1: entered promiscuous mode
[  485.708751][T10156] gre1: entered allmulticast mode
[  485.772244][T10165] xt_CT: You must specify a L4 protocol and not use inversions on it
[  485.993341][T10171] FAULT_INJECTION: forcing a failure.
[  485.993341][T10171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.009206][T10172] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  486.021381][T10171] CPU: 0 UID: 0 PID: 10171 Comm: syz.0.1074 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  486.021408][T10171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  486.021419][T10171] Call Trace:
[  486.021425][T10171]  <TASK>
[  486.021432][T10171]  dump_stack_lvl+0x241/0x360
[  486.021466][T10171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.021489][T10171]  ? __pfx__printk+0x10/0x10
[  486.021513][T10171]  ? __pfx_lock_release+0x10/0x10
[  486.021531][T10171]  should_fail_ex+0x40a/0x550
[  486.021544][T10171]  _copy_from_user+0x2d/0xb0
[  486.021559][T10171]  copy_msghdr_from_user+0xae/0x680
[  486.021584][T10171]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  486.021602][T10171]  ? __fget_files+0x2a/0x410
[  486.021622][T10171]  ? __fget_files+0x2a/0x410
[  486.021647][T10171]  __sys_sendmsg+0x209/0x350
[  486.021669][T10171]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.021692][T10171]  ? do_sys_openat2+0x17a/0x1d0
[  486.021717][T10171]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  486.021730][T10171]  ? do_syscall_64+0x100/0x230
[  486.021745][T10171]  ? do_syscall_64+0xb6/0x230
[  486.021758][T10171]  do_syscall_64+0xf3/0x230
[  486.021770][T10171]  ? clear_bhb_loop+0x35/0x90
[  486.021786][T10171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.021798][T10171] RIP: 0033:0x7fe62898cde9
[  486.021808][T10171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.021816][T10171] RSP: 002b:00007fe62972b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.021828][T10171] RAX: ffffffffffffffda RBX: 00007fe628ba5fa0 RCX: 00007fe62898cde9
[  486.021835][T10171] RDX: 0000000000000800 RSI: 00004000000001c0 RDI: 0000000000000005
[  486.021841][T10171] RBP: 00007fe62972b090 R08: 0000000000000000 R09: 0000000000000000
[  486.021847][T10171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.021852][T10171] R13: 0000000000000000 R14: 00007fe628ba5fa0 R15: 00007ffe98b27e68
[  486.021866][T10171]  </TASK>
[  486.436649][T10151] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.909112][   T29] audit: type=1326 audit(1739274064.877:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  487.973627][   T29] audit: type=1326 audit(1739274064.877:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.027800][   T29] audit: type=1326 audit(1739274064.877:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.050608][   T29] audit: type=1326 audit(1739274064.877:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.073969][   T29] audit: type=1326 audit(1739274064.877:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.126057][T10188] xt_TPROXY: Can be used only with -p tcp or -p udp
[  488.625701][   T29] audit: type=1326 audit(1739274064.877:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.648849][   T29] audit: type=1326 audit(1739274064.877:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.692044][   T29] audit: type=1326 audit(1739274064.877:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.771916][T10195] vxcan1: tx drop: invalid da for name 0x0000000000000002
[  488.824255][   T29] audit: type=1326 audit(1739274064.877:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  488.849947][   T29] audit: type=1326 audit(1739274064.877:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10168 comm="syz.1.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7fc00000
[  489.142273][    T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  489.360845][    T9] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  489.534233][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.587271][    T9] usb 6-1: config 0 descriptor??
[  489.592078][T10209] netlink: 696 bytes leftover after parsing attributes in process `syz.1.1086'.
[  489.634942][    T9] cp210x 6-1:0.0: cp210x converter detected
[  489.906324][T10213] program syz.0.1087 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  489.956968][T10213] program syz.0.1087 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  489.973613][T10213] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  490.002874][T10199] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1083'.
[  490.062466][T10199] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1083'.
[  490.065036][T10213] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1087'.
[  490.196426][T10216] input: syz1 as /devices/virtual/input/input9
[  490.342908][T10218] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  491.148546][T10213] bond0 (unregistering): left promiscuous mode
[  491.163230][T10213] bond_slave_0: left promiscuous mode
[  491.225838][T10213] bond_slave_1: left promiscuous mode
[  491.253478][T10213] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.293462][T10213] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  491.306605][T10213] bond0 (unregistering): Released all slaves
[  491.395279][T10227] netlink: 'syz.5.1083': attribute type 12 has an invalid length.
[  491.644346][    T9] cp210x 6-1:0.0: failed to get vendor val 0x000e size 678: -71
[  491.652264][    T9] cp210x 6-1:0.0: GPIO initialisation failed: -71
[  491.675170][    T9] usb 6-1: cp210x converter now attached to ttyUSB0
[  492.298389][    T9] usb 6-1: USB disconnect, device number 10
[  492.342883][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  492.412623][    T9] cp210x 6-1:0.0: device disconnected
[  492.569079][T10248] vxcan1: tx drop: invalid da for name 0x0000000000000002
[  493.241172][T10255] FAULT_INJECTION: forcing a failure.
[  493.241172][T10255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  493.255087][T10255] CPU: 0 UID: 0 PID: 10255 Comm: syz.1.1097 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  493.255101][T10255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  493.255108][T10255] Call Trace:
[  493.255111][T10255]  <TASK>
[  493.255115][T10255]  dump_stack_lvl+0x241/0x360
[  493.255136][T10255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.255151][T10255]  ? __pfx__printk+0x10/0x10
[  493.255165][T10255]  ? __pfx_lock_release+0x10/0x10
[  493.255177][T10255]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  493.255190][T10255]  ? get_synthdev+0x114/0x2c0
[  493.255206][T10255]  should_fail_ex+0x40a/0x550
[  493.255219][T10255]  _copy_from_user+0x2d/0xb0
[  493.255229][T10255]  snd_seq_oss_write+0x5a9/0xbb0
[  493.255242][T10255]  ? mark_lock+0x9a/0x360
[  493.255261][T10255]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  493.255277][T10255]  ? bpf_lsm_file_permission+0x9/0x10
[  493.255289][T10255]  odev_write+0x5b/0x80
[  493.255299][T10255]  ? __pfx_odev_write+0x10/0x10
[  493.255310][T10255]  vfs_write+0x29f/0xd10
[  493.255321][T10255]  ? __mutex_unlock_slowpath+0x227/0x800
[  493.255335][T10255]  ? __pfx_vfs_write+0x10/0x10
[  493.255348][T10255]  ? do_sys_openat2+0x17a/0x1d0
[  493.255361][T10255]  ? __fget_files+0x2a/0x410
[  493.255374][T10255]  ? __fget_files+0x395/0x410
[  493.255385][T10255]  ? __fget_files+0x2a/0x410
[  493.255400][T10255]  ksys_write+0x18f/0x2b0
[  493.255410][T10255]  ? __pfx_ksys_write+0x10/0x10
[  493.255419][T10255]  ? do_syscall_64+0x100/0x230
[  493.255433][T10255]  ? do_syscall_64+0xb6/0x230
[  493.255446][T10255]  do_syscall_64+0xf3/0x230
[  493.255458][T10255]  ? clear_bhb_loop+0x35/0x90
[  493.255472][T10255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.255485][T10255] RIP: 0033:0x7f2013b8cde9
[  493.255494][T10255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.255502][T10255] RSP: 002b:00007f2014aae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  493.255513][T10255] RAX: ffffffffffffffda RBX: 00007f2013da5fa0 RCX: 00007f2013b8cde9
[  493.255520][T10255] RDX: 0000000000000232 RSI: 00004000000001c0 RDI: 0000000000000004
[  493.255526][T10255] RBP: 00007f2014aae090 R08: 0000000000000000 R09: 0000000000000000
[  493.255531][T10255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.255536][T10255] R13: 0000000000000000 R14: 00007f2013da5fa0 R15: 00007fff7483a518
[  493.255549][T10255]  </TASK>
[  493.555090][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  493.555103][   T29] audit: type=1326 audit(1739274070.517:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.583467][   T29] audit: type=1326 audit(1739274070.517:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.605420][   T29] audit: type=1326 audit(1739274070.517:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.627482][   T29] audit: type=1326 audit(1739274070.517:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.649519][   T29] audit: type=1326 audit(1739274070.517:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.671206][   T29] audit: type=1326 audit(1739274070.517:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.693057][   T29] audit: type=1326 audit(1739274070.517:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.714792][   T29] audit: type=1326 audit(1739274070.517:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.736607][   T29] audit: type=1326 audit(1739274070.517:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  493.766207][   T29] audit: type=1326 audit(1739274070.517:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2013b8cde9 code=0x7ffc0000
[  494.096695][T10269] sp0: Synchronizing with TNC
[  494.109787][T10269] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1101'.
[  494.156148][T10268] [U] �`
[  494.522673][T10277] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1103'.
[  494.662572][T10279] overlayfs: missing 'lowerdir'
[  494.737814][ T5872] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  494.903134][ T5872] usb 6-1: config 0 has an invalid interface number: 74 but max is 1
[  494.914204][ T5872] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  494.930800][ T5872] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  494.942572][ T5872] usb 6-1: config 0 has no interface number 0
[  494.953181][ T5872] usb 6-1: config 0 interface 74 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  494.966630][ T5872] usb 6-1: config 0 interface 74 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  495.847258][ T5872] usb 6-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=de.66
[  495.856624][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  495.864759][ T5872] usb 6-1: Product: syz
[  495.868989][ T5872] usb 6-1: Manufacturer: syz
[  495.873610][ T5872] usb 6-1: SerialNumber: syz
[  495.881282][ T5872] usb 6-1: config 0 descriptor??
[  495.955823][T10291] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1109'.
[  495.973497][T10291] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1109'.
[  496.000952][T10291] A link change request failed with some changes committed already. Interface veth1_to_hsr may have been left with an inconsistent configuration, please check.
[  496.181824][T10308] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1102'.
[  496.435673][T10315] netlink: 'syz.3.1116': attribute type 1 has an invalid length.
[  498.216270][ T5872] cypress_m8 6-1:0.74: HID->COM RS232 Adapter converter detected
[  498.234623][ T5872] cyphidcom ttyUSB0: required endpoint is missing
[  498.249001][ T5872] usb 6-1: USB disconnect, device number 11
[  498.261781][ T5872] cypress_m8 6-1:0.74: device disconnected
[  499.253980][   T29] kauditd_printk_skb: 43 callbacks suppressed
[  499.253998][   T29] audit: type=1326 audit(1739274076.227:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.421007][   T29] audit: type=1326 audit(1739274076.227:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.448012][   T29] audit: type=1326 audit(1739274076.227:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.471018][   T29] audit: type=1326 audit(1739274076.227:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.493769][   T29] audit: type=1326 audit(1739274076.227:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.516172][   T29] audit: type=1326 audit(1739274076.227:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.543975][   T29] audit: type=1326 audit(1739274076.227:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.583174][   T29] audit: type=1326 audit(1739274076.227:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.611991][   T29] audit: type=1326 audit(1739274076.227:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.641774][   T29] audit: type=1326 audit(1739274076.227:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10342 comm="syz.5.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c3918cde9 code=0x7fc00000
[  499.816988][T10364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1134'.
[  501.343650][T10391] FAULT_INJECTION: forcing a failure.
[  501.343650][T10391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.364123][T10391] CPU: 1 UID: 0 PID: 10391 Comm: syz.5.1142 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  501.364149][T10391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  501.364159][T10391] Call Trace:
[  501.364166][T10391]  <TASK>
[  501.364173][T10391]  dump_stack_lvl+0x241/0x360
[  501.364212][T10391]  ? __pfx_dump_stack_lvl+0x10/0x10
[  501.364239][T10391]  ? __pfx__printk+0x10/0x10
[  501.364264][T10391]  ? __pfx_lock_release+0x10/0x10
[  501.364291][T10391]  should_fail_ex+0x40a/0x550
[  501.364314][T10391]  _copy_from_iter+0x1e9/0x1c20
[  501.364337][T10391]  ? __virt_addr_valid+0x183/0x530
[  501.364367][T10391]  ? __alloc_skb+0x28f/0x440
[  501.364389][T10391]  ? __pfx__copy_from_iter+0x10/0x10
[  501.364413][T10391]  ? __virt_addr_valid+0x183/0x530
[  501.364432][T10391]  ? __virt_addr_valid+0x183/0x530
[  501.364450][T10391]  ? __virt_addr_valid+0x45f/0x530
[  501.364469][T10391]  ? __phys_addr_symbol+0x2f/0x70
[  501.364489][T10391]  ? __check_object_size+0x47a/0x730
[  501.364513][T10391]  netlink_sendmsg+0x73d/0xcb0
[  501.364540][T10391]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.364567][T10391]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.364581][T10391]  __sock_sendmsg+0x221/0x270
[  501.364604][T10391]  ____sys_sendmsg+0x52a/0x7e0
[  501.364628][T10391]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.364658][T10391]  __sys_sendmsg+0x269/0x350
[  501.364679][T10391]  ? __pfx___sys_sendmsg+0x10/0x10
[  501.364705][T10391]  ? __pfx_vfs_write+0x10/0x10
[  501.364726][T10391]  ? do_sys_openat2+0x17a/0x1d0
[  501.364769][T10391]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  501.364789][T10391]  ? do_syscall_64+0x100/0x230
[  501.364813][T10391]  ? do_syscall_64+0xb6/0x230
[  501.364836][T10391]  do_syscall_64+0xf3/0x230
[  501.364856][T10391]  ? clear_bhb_loop+0x35/0x90
[  501.364880][T10391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.364900][T10391] RIP: 0033:0x7f7c3918cde9
[  501.364915][T10391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.364929][T10391] RSP: 002b:00007f7c39fd8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.364948][T10391] RAX: ffffffffffffffda RBX: 00007f7c393a5fa0 RCX: 00007f7c3918cde9
[  501.364960][T10391] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000003
[  501.364970][T10391] RBP: 00007f7c39fd8090 R08: 0000000000000000 R09: 0000000000000000
[  501.364980][T10391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.364989][T10391] R13: 0000000000000000 R14: 00007f7c393a5fa0 R15: 00007ffdf444fe38
[  501.365014][T10391]  </TASK>
[  501.881267][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.887760][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  501.956755][T10402] smc: net device bond0 applied user defined pnetid SYZ0
[  501.966280][T10402] smc: net device bond0 erased user defined pnetid SYZ0
[  504.833304][T10436] program syz.0.1154 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  504.852585][T10436] program syz.0.1154 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  504.863454][T10436] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  505.141416][T10436] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1154'.
[  505.334809][T10438] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1155'.
[  507.470120][T10470] sock: sock_timestamping_bind_phc: sock not bind to device
[  508.005820][T10471] veth0_vlan: entered allmulticast mode
[  508.685843][T10472] vxcan1: tx drop: invalid da for name 0x0000000000000002
[  513.123888][T10511] can: request_module (can-proto-4) failed.
[  513.586926][ T5821] Bluetooth: hci3: unexpected event for opcode 0x0411
[  513.783918][T10516] lo speed is unknown, defaulting to 1000
[  514.223052][T10538] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1185'.
[  514.232968][T10538] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1185'.
[  517.006978][ T5924] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  517.616116][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  517.616134][   T29] audit: type=1326 audit(1739274094.597:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.647204][ T5821] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  517.656106][ T5821] Bluetooth: hci3: Injecting HCI hardware error event
[  517.668503][ T5821] Bluetooth: hci3: hardware error 0x00
[  517.687142][ T5924] usb 6-1: device descriptor read/64, error -71
[  517.700619][   T29] audit: type=1326 audit(1739274094.597:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.722711][   T29] audit: type=1326 audit(1739274094.597:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.744554][   T29] audit: type=1326 audit(1739274094.597:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.766400][   T29] audit: type=1326 audit(1739274094.597:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.806867][   T29] audit: type=1326 audit(1739274094.597:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.843014][   T29] audit: type=1326 audit(1739274094.597:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.872768][   T29] audit: type=1326 audit(1739274094.597:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.925490][T10580] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1199'.
[  517.937886][ T5924] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  517.938847][T10580] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1199'.
[  517.952482][   T29] audit: type=1326 audit(1739274094.597:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  517.990641][   T29] audit: type=1326 audit(1739274094.597:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10566 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62898cde9 code=0x7fc00000
[  518.077878][ T5924] usb 6-1: device descriptor read/64, error -71
[  518.170324][T10587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1202'.
[  518.198725][ T5924] usb usb6-port1: attempt power cycle
[  518.394404][T10589] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  518.558247][ T5924] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  518.578640][ T5924] usb 6-1: device descriptor read/8, error -71
[  519.877946][ T5821] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  519.889810][T10597] openvswitch: netlink: Flow key attr not present in new flow.
[  522.090919][T10623] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1213'.
[  522.100195][T10623] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1213'.
[  525.884977][T10652] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1221'.
[  526.345093][T10665] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1225'.
[  526.356516][T10665] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1225'.
[  526.905092][   T29] kauditd_printk_skb: 313 callbacks suppressed
[  526.905112][   T29] audit: type=1326 audit(1739274103.877:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10658 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf9b8cde9 code=0x7fc00000
[  527.074947][T10670] FAULT_INJECTION: forcing a failure.
[  527.074947][T10670] name failslab, interval 1, probability 0, space 0, times 0
[  527.097050][T10670] CPU: 0 UID: 0 PID: 10670 Comm: syz.5.1227 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  527.097078][T10670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  527.097088][T10670] Call Trace:
[  527.097095][T10670]  <TASK>
[  527.097102][T10670]  dump_stack_lvl+0x241/0x360
[  527.097135][T10670]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.097171][T10670]  ? __pfx__printk+0x10/0x10
[  527.097197][T10670]  ? fs_reclaim_acquire+0x93/0x130
[  527.097214][T10670]  ? __pfx___might_resched+0x10/0x10
[  527.097235][T10670]  should_fail_ex+0x40a/0x550
[  527.097259][T10670]  should_failslab+0xac/0x100
[  527.097281][T10670]  __kmalloc_noprof+0xdd/0x4c0
[  527.097301][T10670]  ? tomoyo_encode+0x26f/0x540
[  527.097320][T10670]  tomoyo_encode+0x26f/0x540
[  527.097342][T10670]  tomoyo_realpath_from_path+0x59e/0x5e0
[  527.097369][T10670]  tomoyo_path_number_perm+0x236/0x860
[  527.097390][T10670]  ? __lock_acquire+0x1397/0x2100
[  527.097411][T10670]  ? tomoyo_path_number_perm+0x206/0x860
[  527.097434][T10670]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  527.097493][T10670]  ? __fget_files+0x2a/0x410
[  527.097517][T10670]  ? __fget_files+0x2a/0x410
[  527.097542][T10670]  security_file_ioctl+0xc6/0x2a0
[  527.097566][T10670]  __se_sys_ioctl+0x46/0x170
[  527.097585][T10670]  do_syscall_64+0xf3/0x230
[  527.097607][T10670]  ? clear_bhb_loop+0x35/0x90
[  527.097633][T10670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.097651][T10670] RIP: 0033:0x7f7c3918cde9
[  527.097664][T10670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.097677][T10670] RSP: 002b:00007f7c39fd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  527.097694][T10670] RAX: ffffffffffffffda RBX: 00007f7c393a5fa0 RCX: 00007f7c3918cde9
[  527.097705][T10670] RDX: 00004000000001c0 RSI: 00000000c0185500 RDI: 0000000000000003
[  527.097714][T10670] RBP: 00007f7c39fd8090 R08: 0000000000000000 R09: 0000000000000000
[  527.097722][T10670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.097731][T10670] R13: 0000000000000000 R14: 00007f7c393a5fa0 R15: 00007ffdf444fe38
[  527.097756][T10670]  </TASK>
[  527.361664][T10670] ERROR: Out of memory at tomoyo_realpath_from_path.
[  527.368690][T10670] usb usb1: usbfs: process 10670 (syz.5.1227) did not claim interface 0 before use
[  529.973421][T10691] serio: Serial port ptm0
[  530.589633][T10701] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1236'.
[  530.599264][T10701] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1236'.
[  530.637867][    T8] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  530.767883][    T8] usb 6-1: device descriptor read/64, error -71
[  531.021096][    T8] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  531.407772][    T8] usb 6-1: device descriptor read/64, error -71
[  531.559796][    T8] usb usb6-port1: attempt power cycle
[  532.431277][T10714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1240'.
[  532.442399][T10714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1240'.
[  532.463840][T10714] netlink: 'syz.3.1240': attribute type 12 has an invalid length.
[  533.752407][T10732] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  541.012771][T10783] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1265'.
[  541.021914][T10783] netlink: 'syz.3.1265': attribute type 21 has an invalid length.
[  545.472771][T10818] netlink: 288 bytes leftover after parsing attributes in process `syz.3.1275'.
[  545.956525][   T29] audit: type=1326 audit(1739274122.937:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10823 comm="syz.3.1278" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdaf9b8cde9 code=0x0
[  548.801420][T10837] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1283'.
[  548.810950][T10837] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1283'.
[  549.409096][T10840] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1284'.
[  549.418201][T10840] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  549.428964][T10840] netlink: 'syz.3.1284': attribute type 10 has an invalid length.
[  549.437345][T10840] syz_tun: entered promiscuous mode
[  550.099564][T10847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  552.166459][T10861] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1292'.
[  552.175782][T10861] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1292'.
[  553.882472][T10869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  560.639136][T10892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  562.187117][T10901] overlayfs: failed to clone upperpath
[  563.060310][   T29] audit: type=1326 audit(1739274140.047:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10902 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf9b8cde9 code=0x7fc00000
[  563.321611][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  563.328159][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  571.425509][T10929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  580.351143][T10952] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1322'.
[  580.370381][T10952] erspan0: entered promiscuous mode
[  580.375752][T10952] macvtap1: entered promiscuous mode
[  580.381462][T10952] macvtap1: entered allmulticast mode
[  580.387336][T10952] erspan0: entered allmulticast mode
[  580.408721][T10952] erspan0: left allmulticast mode
[  580.415219][T10952] erspan0: left promiscuous mode
[  584.591224][T10960] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1324'.
[  587.641933][T10978] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1330'.
[  587.882901][T10981] x_tables: duplicate underflow at hook 1
[  591.192898][ T5821] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  601.507470][T11054] 9pnet_fd: Insufficient options for proto=fd
[  603.618441][T11066] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 54990 - 0
[  603.627992][T11066] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 54990 - 0
[  603.636968][T11066] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 54990 - 0
[  603.646129][T11066] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 54990 - 0
[  603.657034][T11066] netdevsim netdevsim3 netdevsim0: set [1, 2] type 2 family 0 port 38647 - 0
[  603.666092][T11066] netdevsim netdevsim3 netdevsim1: set [1, 2] type 2 family 0 port 38647 - 0
[  603.674916][T11066] netdevsim netdevsim3 netdevsim2: set [1, 2] type 2 family 0 port 38647 - 0
[  603.683776][T11066] netdevsim netdevsim3 netdevsim3: set [1, 2] type 2 family 0 port 38647 - 0
[  603.693322][T11066] geneve2: entered promiscuous mode
[  603.699263][T11066] geneve2: entered allmulticast mode
[  604.103320][   T29] audit: type=1326 audit(1739274181.087:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11074 comm="syz.3.1362" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdaf9b8cde9 code=0x0
[  604.965045][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  605.087146][T11084] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  606.105157][T11092] sock: sock_timestamping_bind_phc: sock not bind to device
[  607.005625][T11109] overlayfs: failed to clone lowerpath
[  609.098160][T11125] 9pnet_fd: Insufficient options for proto=fd
[  609.290662][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  610.170114][T11135] syz_tun: left promiscuous mode
[  610.187424][T11135] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.194680][T11135] bridge0: port 2(bridge_slave_1) entered listening state
[  610.203603][T11135] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.210841][T11135] bridge0: port 1(bridge_slave_0) entered listening state
[  610.231807][T11135] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  610.296472][   T58] lo speed is unknown, defaulting to 1000
[  611.163221][T11140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1384'.
[  612.204325][T11149] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  613.886863][T11156] dvmrp5: entered allmulticast mode
[  614.035148][   T35] tipc: Subscription rejected, illegal request
[  614.050247][T11155] dvmrp5: left allmulticast mode
[  615.507096][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888029c13400: rx timeout, send abort
[  615.517883][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff888029c13400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  617.265484][T11173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1394'.
[  617.275034][T11173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1394'.
[  617.326898][T11175] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1395'.
[  617.371742][   T29] audit: type=1326 audit(1739274194.357:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11176 comm="syz.3.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf9b8cde9 code=0x7ffc0000
[  617.393872][   T29] audit: type=1326 audit(1739274194.357:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11176 comm="syz.3.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf9b8cde9 code=0x7ffc0000
[  617.486431][T11182] netlink: 'syz.3.1398': attribute type 3 has an invalid length.
[  617.494477][T11182] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1398'.
[  618.565143][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  619.724050][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  621.549322][T11216] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  621.707205][T11224] overlayfs: failed to clone upperpath
[  624.761965][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  624.768417][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  624.854314][T11230] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1417'.
[  626.823054][T11250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1425'.
[  626.951931][T11257] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  627.953022][T11260] process 'syz.3.1427' launched './file1' with NULL argv: empty string added
[  627.971384][T11260] tmpfs: Bad value for 'gid'
[  627.975999][T11260] tmpfs: Bad value for 'gid'
[  627.981971][T11260] overlayfs: failed to clone lowerpath
[  628.113834][T11266] lo speed is unknown, defaulting to 1000
[  628.284278][T11266] 9pnet_fd: Insufficient options for proto=fd
[  630.818740][T11277] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1433'.
[  633.223748][ T5821] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  633.269582][T11297] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1441'.
[  634.693235][T11315] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1448'.
[  636.917954][   T30] INFO: task kworker/0:3:5826 blocked for more than 143 seconds.
[  636.925740][   T30]       Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  636.938605][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  636.947409][   T30] task:kworker/0:3     state:D stack:19472 pid:5826  tgid:5826  ppid:2      task_flags:0x4208060 flags:0x00004000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  636.965540][   T30] Workqueue: events rfkill_sync_work
[  636.975681][   T30] Call Trace:
[  636.985825][   T30]  <TASK>
[  636.996863][   T30]  __schedule+0x18bc/0x4c40
[  637.012187][   T30]  ? __pfx___schedule+0x10/0x10
[  637.057782][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  637.063837][   T30]  ? __pfx_lock_release+0x10/0x10
[  637.117728][   T30]  ? kick_pool+0x1bd/0x620
[  637.122224][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  637.127450][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  637.132802][   T30]  ? schedule+0x90/0x320
[  637.137067][   T30]  schedule+0x14b/0x320
[  637.141286][   T30]  schedule_preempt_disabled+0x13/0x30
[  637.146740][   T30]  __mutex_lock+0x817/0x1010
[  637.151435][   T30]  ? __mutex_lock+0x602/0x1010
[  637.156207][   T30]  ? nfc_rfkill_set_block+0x50/0x310
[  637.161772][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  637.166813][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  637.172743][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  637.179386][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  637.184422][   T30]  nfc_rfkill_set_block+0x50/0x310
[  637.189585][   T30]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  637.195400][   T30]  rfkill_set_block+0x1f1/0x440
[  637.200974][   T30]  rfkill_sync_work+0x12a/0x220
[  637.205867][   T30]  ? process_scheduled_works+0x976/0x1840
[  637.211658][   T30]  process_scheduled_works+0xa66/0x1840
[  637.217222][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  637.223338][   T30]  ? assign_work+0x364/0x3d0
[  637.228013][   T30]  worker_thread+0x870/0xd30
[  637.232620][   T30]  ? __kthread_parkme+0x169/0x1d0
[  637.238189][   T30]  ? __pfx_worker_thread+0x10/0x10
[  637.243340][   T30]  kthread+0x7a9/0x920
[  637.247413][   T30]  ? __pfx_kthread+0x10/0x10
[  637.252026][   T30]  ? __pfx_worker_thread+0x10/0x10
[  637.257125][   T30]  ? __pfx_kthread+0x10/0x10
[  637.261791][   T30]  ? __pfx_kthread+0x10/0x10
[  637.266381][   T30]  ? __pfx_kthread+0x10/0x10
[  637.271013][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  637.276209][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  637.281485][   T30]  ? __pfx_kthread+0x10/0x10
[  637.286068][   T30]  ret_from_fork+0x4b/0x80
[  637.290709][   T30]  ? __pfx_kthread+0x10/0x10
[  637.295323][   T30]  ret_from_fork_asm+0x1a/0x30
[  637.300209][   T30]  </TASK>
[  637.383443][   T30] INFO: task kworker/0:4:5870 blocked for more than 143 seconds.
[  637.391744][   T30]       Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  637.404717][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  637.413744][   T30] task:kworker/0:4     state:D stack:19768 pid:5870  tgid:5870  ppid:2      task_flags:0x4208060 flags:0x00004000
[  637.426018][   T30] Workqueue: events rfkill_global_led_trigger_worker
[  637.432859][   T30] Call Trace:
[  637.436132][   T30]  <TASK>
[  637.439151][   T30]  __schedule+0x18bc/0x4c40
[  637.443678][   T30]  ? __pfx___schedule+0x10/0x10
[  637.448645][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  637.454644][   T30]  ? __pfx_lock_release+0x10/0x10
[  637.459758][   T30]  ? kick_pool+0x1bd/0x620
[  637.464186][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  637.469406][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  637.474592][   T30]  ? schedule+0x90/0x320
[  637.478867][   T30]  schedule+0x14b/0x320
[  637.483029][   T30]  schedule_preempt_disabled+0x13/0x30
[  637.488645][   T30]  __mutex_lock+0x817/0x1010
[  637.493289][   T30]  ? __mutex_lock+0x602/0x1010
[  637.498389][   T30]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  637.504679][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  637.510745][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  637.516771][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  637.523198][   T30]  ? process_scheduled_works+0x976/0x1840
[  637.528993][   T30]  rfkill_global_led_trigger_worker+0x27/0xd0
[  637.535075][   T30]  process_scheduled_works+0xa66/0x1840
[  637.540669][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  637.546671][   T30]  ? assign_work+0x364/0x3d0
[  637.551325][   T30]  worker_thread+0x870/0xd30
[  637.555908][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  637.561864][   T30]  ? __kthread_parkme+0x169/0x1d0
[  637.566922][   T30]  ? __pfx_worker_thread+0x10/0x10
[  637.572186][   T30]  kthread+0x7a9/0x920
[  637.576379][   T30]  ? __pfx_kthread+0x10/0x10
[  637.581135][   T30]  ? __pfx_worker_thread+0x10/0x10
[  637.586412][   T30]  ? __pfx_kthread+0x10/0x10
[  637.591049][   T30]  ? __pfx_kthread+0x10/0x10
[  637.595653][   T30]  ? __pfx_kthread+0x10/0x10
[  637.600285][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  637.605527][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  637.611305][   T30]  ? __pfx_kthread+0x10/0x10
[  637.615986][   T30]  ret_from_fork+0x4b/0x80
[  637.620523][   T30]  ? __pfx_kthread+0x10/0x10
[  637.625124][   T30]  ret_from_fork_asm+0x1a/0x30
[  637.629967][   T30]  </TASK>
[  637.633058][   T30] INFO: task syz.2.1091:10228 blocked for more than 144 seconds.
[  637.643905][   T30]       Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  637.651724][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  637.660564][   T30] task:syz.2.1091      state:D stack:22208 pid:10228 tgid:10228 ppid:5818   task_flags:0x400040 flags:0x00000004
[  637.672554][   T30] Call Trace:
[  637.675825][   T30]  <TASK>
[  637.678809][   T30]  __schedule+0x18bc/0x4c40
[  637.683334][   T30]  ? __pfx___schedule+0x10/0x10
[  637.688251][   T30]  ? __pfx_lock_release+0x10/0x10
[  637.693286][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  637.699246][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  637.705143][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  637.711504][   T30]  ? schedule+0x90/0x320
[  637.716169][   T30]  schedule+0x14b/0x320
[  637.720465][   T30]  schedule_preempt_disabled+0x13/0x30
[  637.725942][   T30]  __mutex_lock+0x817/0x1010
[  637.730621][   T30]  ? __mutex_lock+0x602/0x1010
[  637.735406][   T30]  ? rfkill_fop_release+0x4a/0x230
[  637.740541][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  637.745565][   T30]  rfkill_fop_release+0x4a/0x230
[  637.750567][   T30]  ? __pfx_rfkill_fop_release+0x10/0x10
[  637.756130][   T30]  __fput+0x3e9/0x9f0
[  637.760138][   T30]  task_work_run+0x24f/0x310
[  637.764720][   T30]  ? _raw_spin_unlock+0x28/0x50
[  637.769655][   T30]  ? __pfx_task_work_run+0x10/0x10
[  637.774805][   T30]  ? syscall_exit_to_user_mode+0xa3/0x340
[  637.780613][   T30]  syscall_exit_to_user_mode+0x13f/0x340
[  637.786262][   T30]  do_syscall_64+0x100/0x230
[  637.790897][   T30]  ? clear_bhb_loop+0x35/0x90
[  637.795565][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.801527][   T30] RIP: 0033:0x7fddf518cde9
[  637.805948][   T30] RSP: 002b:00007ffc290a9128 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  637.814385][   T30] RAX: 0000000000000000 RBX: 00007fddf53a7ba0 RCX: 00007fddf518cde9
[  637.822981][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  637.831059][   T30] RBP: 00007fddf53a7ba0 R08: 0000000000003e1c R09: 00000019290a941f
[  637.839118][   T30] R10: 00007fddf53a7ac0 R11: 0000000000000246 R12: 0000000000078081
[  637.847108][   T30] R13: 00007ffc290a9220 R14: ffffffffffffffff R15: 00007ffc290a9240
[  637.855144][   T30]  </TASK>
[  637.858237][   T30] INFO: task syz.2.1091:10230 blocked for more than 144 seconds.
[  637.865957][   T30]       Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  637.873661][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  637.882368][   T30] task:syz.2.1091      state:D stack:22496 pid:10230 tgid:10228 ppid:5818   task_flags:0x400140 flags:0x00004004
[  637.894327][   T30] Call Trace:
[  637.897662][   T30]  <TASK>
[  637.900613][   T30]  __schedule+0x18bc/0x4c40
[  637.905144][   T30]  ? __pfx___schedule+0x10/0x10
[  637.910037][   T30]  ? __pfx_lock_release+0x10/0x10
[  637.915067][   T30]  ? schedule+0x90/0x320
[  637.919733][   T30]  schedule+0x14b/0x320
[  637.923925][   T30]  schedule_timeout+0xb0/0x290
[  637.928746][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  637.934149][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  637.940210][   T30]  ? wait_for_completion+0x2fe/0x620
[  637.945495][   T30]  ? wait_for_completion+0x2fe/0x620
[  637.950829][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  637.956024][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  637.961289][   T30]  ? wait_for_completion+0x2fe/0x620
[  637.966610][   T30]  wait_for_completion+0x355/0x620
[  637.971825][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  637.977505][   T30]  __flush_work+0xa47/0xc60
[  637.982041][   T30]  ? __flush_work+0xe9/0xc60
[  637.986627][   T30]  ? __pfx___flush_work+0x10/0x10
[  637.991702][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  637.997017][   T30]  ? __pfx___cancel_work+0x10/0x10
[  638.002178][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  638.007196][   T30]  ? nfc_genl_device_removed+0x25c/0x380
[  638.012877][   T30]  __cancel_work_sync+0xbc/0x110
[  638.017877][   T30]  rfkill_unregister+0x96/0x230
[  638.023156][   T30]  nfc_unregister_device+0x96/0x2a0
[  638.028494][   T30]  virtual_ncidev_close+0x56/0x90
[  638.033525][   T30]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  638.039499][   T30]  __fput+0x3e9/0x9f0
[  638.043481][   T30]  task_work_run+0x24f/0x310
[  638.048292][   T30]  ? __pfx_task_work_run+0x10/0x10
[  638.053429][   T30]  ? syscall_exit_to_user_mode+0xa3/0x340
[  638.059237][   T30]  syscall_exit_to_user_mode+0x13f/0x340
[  638.064890][   T30]  do_syscall_64+0x100/0x230
[  638.069559][   T30]  ? clear_bhb_loop+0x35/0x90
[  638.074250][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.080211][   T30] RIP: 0033:0x7fddf518cde9
[  638.084633][   T30] RSP: 002b:00007fddf6017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  638.093147][   T30] RAX: ffffffffffffffea RBX: 00007fddf53a6080 RCX: 00007fddf518cde9
[  638.101216][   T30] RDX: 0000000000005400 RSI: 0000400000000080 RDI: ffffffffffffff9c
[  638.109285][   T30] RBP: 00007fddf520e2a0 R08: 0000000000000000 R09: 0000000000000000
[  638.117274][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  638.125881][   T30] R13: 0000000000000000 R14: 00007fddf53a6080 R15: 00007ffc290a8fc8
[  638.133946][   T30]  </TASK>
[  638.136983][   T30] 
[  638.136983][   T30] Showing all locks held in the system:
[  638.144776][   T30] 1 lock held by khungtaskd/30:
[  638.149653][   T30]  #0: ffffffff8e9387e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  638.159594][   T30] 2 locks held by getty/5581:
[  638.164274][   T30]  #0: ffff88814e0050a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  638.174054][   T30]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  638.184200][   T30] 4 locks held by kworker/0:3/5826:
[  638.189480][   T30]  #0: ffff88801ac80d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  638.200590][   T30]  #1: ffffc90003f87c60 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  638.213073][   T30]  #2: ffffffff8ff84448 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x23/0x220
[  638.223117][   T30]  #3: ffff88807f7ad100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x310
[  638.233390][   T30] 3 locks held by kworker/0:4/5870:
[  638.238661][   T30]  #0: ffff88801ac80d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  638.249701][   T30]  #1: ffffc900044e7c60 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  638.263235][   T30]  #2: ffffffff8ff84448 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  638.274605][   T30] 1 lock held by syz.3.173/6569:
[  638.279714][   T30]  #0: ffffffff8ff84448 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xd0/0x230
[  638.289979][   T30] 2 locks held by kworker/u8:22/8149:
[  638.295357][   T30]  #0: ffff8880b863e7d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  638.305504][   T30]  #1: ffff8880b8728948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x41d/0x7a0
[  638.316980][   T30] 1 lock held by syz.2.1091/10228:
[  638.322144][   T30]  #0: ffffffff8ff84448 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_release+0x4a/0x230
[  638.332796][   T30] 1 lock held by syz.2.1091/10230:
[  638.337987][   T30]  #0: ffff88807f7ad100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  638.347872][   T30] 2 locks held by syz-executor/10478:
[  638.353254][   T30]  #0: ffff8880638ba118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6b0
[  638.363349][   T30]  #1: ffffffff8ff84448 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x34/0x8c0
[  638.373330][   T30] 2 locks held by syz.5.1242/10720:
[  638.378591][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.387068][   T30]  #1: ffffffff8ff84448 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x131/0x850
[  638.397139][   T30] 1 lock held by syz.5.1242/10723:
[  638.402278][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.410815][   T30] 1 lock held by syz.0.1245/10727:
[  638.415930][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.424422][   T30] 1 lock held by syz.1.1251/10745:
[  638.430028][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.438642][   T30] 1 lock held by syz-executor/10834:
[  638.443929][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.452435][   T30] 1 lock held by syz-executor/10838:
[  638.457750][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.466184][   T30] 1 lock held by syz-executor/10849:
[  638.471500][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.480022][   T30] 1 lock held by syz-executor/10916:
[  638.485288][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.493808][   T30] 1 lock held by syz-executor/11117:
[  638.499155][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.507693][   T30] 1 lock held by syz-executor/11128:
[  638.512987][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.521541][   T30] 1 lock held by syz-executor/11138:
[  638.526823][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.535706][   T30] 1 lock held by syz-executor/11256:
[  638.541041][   T30]  #0: ffffffff8f1802a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  638.549644][   T30] 
[  638.551970][   T30] =============================================
[  638.551970][   T30] 
[  638.560458][   T30] NMI backtrace for cpu 0
[  638.560471][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  638.560489][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  638.560499][   T30] Call Trace:
[  638.560505][   T30]  <TASK>
[  638.560512][   T30]  dump_stack_lvl+0x241/0x360
[  638.560542][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  638.560566][   T30]  ? __pfx__printk+0x10/0x10
[  638.560598][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  638.560627][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  638.560643][   T30]  ? _printk+0xd5/0x120
[  638.560662][   T30]  ? __pfx__printk+0x10/0x10
[  638.560683][   T30]  ? __wake_up_klogd+0xcc/0x110
[  638.560701][   T30]  ? __pfx__printk+0x10/0x10
[  638.560723][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  638.560743][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  638.560762][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  638.560782][   T30]  watchdog+0x1058/0x10a0
[  638.560802][   T30]  ? watchdog+0x1ea/0x10a0
[  638.560825][   T30]  ? __pfx_watchdog+0x10/0x10
[  638.560844][   T30]  kthread+0x7a9/0x920
[  638.560862][   T30]  ? __pfx_kthread+0x10/0x10
[  638.560882][   T30]  ? __pfx_watchdog+0x10/0x10
[  638.560900][   T30]  ? __pfx_kthread+0x10/0x10
[  638.560918][   T30]  ? __pfx_kthread+0x10/0x10
[  638.560939][   T30]  ? __pfx_kthread+0x10/0x10
[  638.560957][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  638.560975][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  638.560994][   T30]  ? __pfx_kthread+0x10/0x10
[  638.561014][   T30]  ret_from_fork+0x4b/0x80
[  638.561032][   T30]  ? __pfx_kthread+0x10/0x10
[  638.561051][   T30]  ret_from_fork_asm+0x1a/0x30
[  638.561080][   T30]  </TASK>
[  638.561086][   T30] Sending NMI from CPU 0 to CPUs 1:
[  638.730417][    C1] NMI backtrace for cpu 1
[  638.730432][    C1] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  638.730451][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  638.730461][    C1] Workqueue: bat_events batadv_nc_worker
[  638.730484][    C1] RIP: 0010:batadv_nc_worker+0xa7/0x610
[  638.730500][    C1] Code: 31 ff 89 ee e8 ca e8 05 f6 85 ed 0f 84 58 02 00 00 45 31 ed 4c 89 f0 48 c1 e8 03 48 89 44 24 18 48 8b 44 24 18 42 80 3c 38 00 <74> 08 4c 89 f7 e8 3f f6 69 f6 4a 8d 2c ed 00 00 00 00 4c 89 f3 49
[  638.730513][    C1] RSP: 0018:ffffc90000ab7ab8 EFLAGS: 00000246
[  638.730526][    C1] RAX: 1ffff1100bbcef10 RBX: ffffffff8bb96afb RCX: ffff888144281e00
[  638.730538][    C1] RDX: 0000000000000000 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c5fb780
[  638.730549][    C1] RBP: 0000000000000000 R08: ffffffff901a3377 R09: 1ffffffff203466e
[  638.730559][    C1] R10: dffffc0000000000 R11: fffffbfff203466f R12: ffff88805dfa0d80
[  638.730571][    C1] R13: 00000000000002dc R14: ffff88805de77880 R15: dffffc0000000000
[  638.730582][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  638.730594][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  638.730605][    C1] CR2: 000055c31e01a788 CR3: 000000000e738000 CR4: 00000000003526f0
[  638.730618][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  638.730627][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  638.730636][    C1] Call Trace:
[  638.730643][    C1]  <NMI>
[  638.730649][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  638.730667][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  638.730688][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  638.730704][    C1]  ? nmi_handle+0x2a/0x5a0
[  638.730731][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  638.730748][    C1]  ? nmi_handle+0x14f/0x5a0
[  638.730768][    C1]  ? nmi_handle+0x2a/0x5a0
[  638.730788][    C1]  ? batadv_nc_worker+0xa7/0x610
[  638.730802][    C1]  ? default_do_nmi+0x63/0x160
[  638.730818][    C1]  ? exc_nmi+0x123/0x1f0
[  638.730832][    C1]  ? end_repeat_nmi+0xf/0x53
[  638.730854][    C1]  ? batadv_nc_worker+0xcb/0x610
[  638.730877][    C1]  ? batadv_nc_worker+0xa7/0x610
[  638.730892][    C1]  ? batadv_nc_worker+0xa7/0x610
[  638.730906][    C1]  ? batadv_nc_worker+0xa7/0x610
[  638.730920][    C1]  </NMI>
[  638.730926][    C1]  <TASK>
[  638.730931][    C1]  ? batadv_nc_worker+0xcb/0x610
[  638.730946][    C1]  ? process_scheduled_works+0x976/0x1840
[  638.730963][    C1]  process_scheduled_works+0xa66/0x1840
[  638.730992][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  638.731012][    C1]  ? assign_work+0x364/0x3d0
[  638.731029][    C1]  worker_thread+0x870/0xd30
[  638.731052][    C1]  ? __kthread_parkme+0x169/0x1d0
[  638.731070][    C1]  ? __pfx_worker_thread+0x10/0x10
[  638.731086][    C1]  kthread+0x7a9/0x920
[  638.731104][    C1]  ? __pfx_kthread+0x10/0x10
[  638.731123][    C1]  ? __pfx_worker_thread+0x10/0x10
[  638.731140][    C1]  ? __pfx_kthread+0x10/0x10
[  638.731157][    C1]  ? __pfx_kthread+0x10/0x10
[  638.731178][    C1]  ? __pfx_kthread+0x10/0x10
[  638.731195][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  638.731212][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  638.731231][    C1]  ? __pfx_kthread+0x10/0x10
[  638.731250][    C1]  ret_from_fork+0x4b/0x80
[  638.731267][    C1]  ? __pfx_kthread+0x10/0x10
[  638.731286][    C1]  ret_from_fork_asm+0x1a/0x30
[  638.731310][    C1]  </TASK>
[  638.731519][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  639.063988][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  639.074570][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  639.084618][   T30] Call Trace:
[  639.087894][   T30]  <TASK>
[  639.090821][   T30]  dump_stack_lvl+0x241/0x360
[  639.095502][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  639.100719][   T30]  ? __pfx__printk+0x10/0x10
[  639.105303][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  639.111281][   T30]  ? vscnprintf+0x5d/0x90
[  639.115602][   T30]  panic+0x349/0x880
[  639.119492][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  639.125641][   T30]  ? __pfx_panic+0x10/0x10
[  639.130047][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  639.135414][   T30]  ? __irq_work_queue_local+0x137/0x410
[  639.141041][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  639.146419][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  639.152576][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  639.158726][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  639.164873][   T30]  watchdog+0x1097/0x10a0
[  639.169202][   T30]  ? watchdog+0x1ea/0x10a0
[  639.173617][   T30]  ? __pfx_watchdog+0x10/0x10
[  639.178285][   T30]  kthread+0x7a9/0x920
[  639.182344][   T30]  ? __pfx_kthread+0x10/0x10
[  639.186926][   T30]  ? __pfx_watchdog+0x10/0x10
[  639.191599][   T30]  ? __pfx_kthread+0x10/0x10
[  639.196182][   T30]  ? __pfx_kthread+0x10/0x10
[  639.200767][   T30]  ? __pfx_kthread+0x10/0x10
[  639.205350][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  639.210540][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  639.215730][   T30]  ? __pfx_kthread+0x10/0x10
[  639.220314][   T30]  ret_from_fork+0x4b/0x80
[  639.224722][   T30]  ? __pfx_kthread+0x10/0x10
[  639.229305][   T30]  ret_from_fork_asm+0x1a/0x30
[  639.234068][   T30]  </TASK>
[  639.237228][   T30] Kernel Offset: disabled
[  639.241542][   T30] Rebooting in 86400 seconds..